将字符串与自身连接两次会导致分段错误

Question

#include <stdio.h>

int main(void)
{
    char a[100] = "hi";

    strcat(a, a);
    strcat(a, a);

    printf("%s\n", a);

    return 0;
}

Answer 1

From the definition of strcat in the C language standard, §7.21.3.1/2

If copying takes place between objects that overlap, the behavior is undefined.

My compiler crashes even when it's done once, as strcat(a, a); copies the first character of the second argument over the '\\0' at the end of the first argument, then the second character of the second argument after it, etc until it encounters a '\\0' in the second argument.. which never happens because that '\\0' was gone when the first character was copied.

Answer 2

From strcat(3) manpage:

DESCRIPTION

The strcat() and strncat() functions append a copy of the null-terminated
string s2 to the end of the null-terminated string s1, then add a termi-
nating '\\0'. The string s1 must have sufficient space to hold the
result.

The strncat() function appends not more than n characters from s2, and
then adds a terminating \\0'.`

The source and destination strings should not overlap, as the behavior is
undefined.

Answer 3

This is undefined behavior.

If you're in a loop, reading each char from a string, until \\0 is found, but at the same time you're appending (writing) chars to the end of it, when is the loop going to end?

Answer 4

I suspect it's because the implementation is overwriting the null byte at the end:

Start: a = {h,i,\0}
         src^   vdst
next:  a = {h,i,h}
           src^   vdst
next:  a = {h,i,h,i}
             src^   vdst
next:  a = {h,i,h,i,h}
...

Because you overwrote the null terminator, your source string will never end and the method will keep copying until it tries to access memory it shouldn't and segfaults.