malloc()特殊情况

malloc(）特殊情况

// void *malloc(size_t size);
unsigned char * p = (unsigned char *)malloc(0);

当传入0 的时候，返回值并不为NULL，返回的是一个随机地址。man手里里面的英文是：

size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free().
翻译：如果传入的size为0，malloc返回一个NULL或一个唯一（随机）的地址值，并且可以用free()来释放成功。并不会出现段错误或其它异常，但是你不能用来保存数据，因为即便不是NULL，这片区域也是不能确定大小（如果你写溢出），也不能确保内容不变动（你malloc的目标，就是很明确的分片一片只被你控制的确定大小的存储空间）。

代码测试

[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x2117010, content of malloc(0) is: 
[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x7db010, content of malloc(0) is: 
[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x1c92010, content of malloc(0) is: 
[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x1be3010, content of malloc(0) is: 
[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x9b6010, content of malloc(0) is: 
[root@root tmp]# ./a.out 
none null pointer
address of malloc(0) is 0x203c010, content of malloc(0) is: 
[root@root tmp]# cat tt.c 
#include <stdio.h>

int main(int argc, char **argv)
{
	unsigned  char * p = malloc(0);
	if (NULL == p) {
		printf("null pointer\r\n");
	}
	else {
		printf("none null pointer\r\n");
		printf("address of malloc(0) is %p, content of malloc(0) is: %s\r\n", p, p);
		free(p);
	}
}
[root@izwz93atpalb56zydy9bpyz tmp]#

malloc()手册里面的解释

man malloc

NAME
       malloc, free, calloc, realloc - allocate and free dynamic memory

SYNOPSIS
       #include <stdlib.h>

       void *malloc(size_t size);
       void free(void *ptr);
       void *calloc(size_t nmemb, size_t size);
       void *realloc(void *ptr, size_t size);

DESCRIPTION
       The  malloc()  function  allocates  size bytes and returns a pointer to the allocated memory.  The memory is not initialized.  If
       size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free().

       The free() function frees the memory space pointed to by ptr, which must have been returned by a previous call to malloc(),  cal?
       loc()  or  realloc().   Otherwise, or if free(ptr) has already been called before, undefined behavior occurs.  If ptr is NULL, no
       operation is performed.

       The calloc() function allocates memory for an array of nmemb elements of size bytes each and returns a pointer to  the  allocated
       memory.  The memory is set to zero.  If nmemb or size is 0, then calloc() returns either NULL, or a unique pointer value that can
       later be successfully passed to free().

       The realloc() function changes the size of the memory block pointed to by ptr to size bytes.  The contents will be  unchanged  in
       the  range from the start of the region up to the minimum of the old and new sizes.  If the new size is larger than the old size,
       the added memory will not be initialized.  If ptr is NULL, then the call is equivalent to malloc(size), for all values  of  size;
       if  size  is equal to zero, and ptr is not NULL, then the call is equivalent to free(ptr).  Unless ptr is NULL, it must have been
       returned by an earlier call to malloc(), calloc() or realloc().  If the area pointed to was moved, a free(ptr) is done.

RETURN VALUE
       The malloc() and calloc() functions return a pointer to the allocated memory that is suitably aligned for any kind  of  variable.
       On  error,  these functions return NULL.  NULL may also be returned by a successful call to malloc() with a size of zero, or by a
       successful call to calloc() with nmemb or size equal to zero.

       The free() function returns no value.

       The realloc() function returns a pointer to the newly allocated memory, which is suitably aligned for any kind  of  variable  and
       may  be different from ptr, or NULL if the request fails.  If size was equal to 0, either NULL or a pointer suitable to be passed
       to free() is returned.  If realloc() fails the original block is left untouched; it is not freed or moved.

CONFORMING TO
       C89, C99.

NOTES
       By default, Linux follows an optimistic memory allocation strategy.  This means that when malloc() returns non-NULL there  is  no
       guarantee that the memory really is available.  In case it turns out that the system is out of memory, one or more processes will
       be  killed  by  the  OOM  killer.   For  more  information,   see   the   description   of   /proc/sys/vm/overcommit_memory   and
       /proc/sys/vm/oom_adj in proc(5), and the Linux kernel source file Documentation/vm/overcommit-accounting.

       Normally,  malloc() allocates memory from the heap, and adjusts the size of the heap as required, using sbrk(2).  When allocating

从来没有试过malloc(0)