Date: Wed, 28 Jan 2009 13:10:06 +0100 From: Christoph Mallon <christoph.mallon@gmx.de> To: Channa <channa.kad@gmail.com> Cc: freebsd-current@freebsd.org Subject: Re: Jemalloc SEGV for 1MB chunk Message-ID: <49804B1E.7080603@gmx.de> In-Reply-To: <515c64960901280401w1e1d08bfx29adc124bc749c4a@mail.gmail.com> References: <515c64960901280339m17fa9309v2e1bc3f55454ab@mail.gmail.com> <49804597.6040303@gmx.de> <515c64960901280401w1e1d08bfx29adc124bc749c4a@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Channa schrieb:
> Hi,
> Thanks for your reply.
> You mean to say i should modify the test as below:
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
>
>
> int main()
> {
> int i;
> char *buf;
> size_t size = 1048576 ;
>
> buf = malloc(size);
> for (i = 0; i <= 1048575; i++)
> buf[i] = 'a';
> buf[size]='\0';
> printf("The length of buff is : %d\n",strlen(buf));
> free(buf);
> return 0;
> }
>
> I NULL terminated the string
> buf[size] = '\0' <== The last character is NULL
>
> But still i get a SEGV at strlen.
>
> Could you please tell me if my changes above are correct?
You write the '\0' one element past the end of the buffer. The buffer
has 1.048.576 elements, the indices go from 0 to 1.048.575. This is
*the* typical off-by-one error.
It most probably does not segfault at the strlen(), but when writing the
'\0'.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49804B1E.7080603>