不评估应用sizeof的表达式是否合法,在C ++中解析sizeof中的空指针或无效指针? [英] Does not evaluating the expression to which sizeof is applied make it legal to dereference a null or invalid pointer inside sizeof in C++?
问题描述
首先,我看到了关于C99的这个问题,并且接受的答案参考操作数不是在C99标准草案中评估了字样。我不知道这个答案适用于C ++ 03。还有有关C ++的这个问题,它有一个接受的答案,引用了类似的措辞和在一些上下文中,未评估的操作数出现。未评估的操作数未评估。
我有此代码:
int * ptr = 0;
void * buffer = malloc(10 * sizeof(* ptr));
问题是 - 是否有空指针解引用(因此UB) sizeof()?
C ++ 03 5.3.3 / 1说 sizeof运算符产生字节数其操作数的对象表示。操作数是未计算的表达式,或带括号的类型ID。
链接到答案的引用或类似的措辞但是我找不到标准链接到评估的具体位置是否具有或不具有UB。
是否不评估应用sizeof的表达式是否合法,在C ++中的sizeof内引用空指针或无效指针?
我认为这在标准中目前规定不足,像许多问题一样,例如未指定时,C ++运算符的操作数的值类别是什么?我不认为这是故意的,像hvd点出来,这可能是委员会显而易见的。
在这个特定的情况下,我想我们有证据显示什么意图是。从 GB 91 Rapperswil会议的评论它说:
作为我们规范的一部分,解除引用一个空指针是温和的厌恶,因为我们在未定义的边行为。通过添加已经在这些相同表达式中使用的declat函数模板,这不再是必需的。
并建议使用替代表达式,它引用此表达式不再在标准中,但可以在 N3090 :
noexcept(*(U *)0 = declval U())
建议被拒绝,因为它没有调用未定义的行为,因为它是未评估的:
没有未定义的行为,因为表达式是未求值的操作数。
这个理由适用于 我说是underpecified,但我不知道这是否包含在 是右值结果。当在sizeof(5.3.3)的操作数中出现 它表示不包含的值,如果我们遵循 issue 232 表示没有未定义的行为: 换句话说,它只是取值,左值到右值转换的行为,触发不良形式或未定义的行为 这是有点投机,因为问题尚未解决。 First of all, I've seen this question about C99 and the accepted answer references operand is not evaluated wording in the C99 Standard draft. I'm not sure this answer applies to C++03. There's also this question about C++ that has an accepted answer citing similar wording and also In some contexts, unevaluated operands appear. An unevaluated operand is not evaluated. wording. I have this code: The question is - is there a null pointer dereference (and so UB) inside C++03 5.3.3/1 says The sizeof operator yields the number of bytes in the object representation of its operand. The operand is either an expression, which is not evaluated, or a parenthesized type-id. The linked to answers cite this or similar wording and make use of "is not evaluated" part to deduce there's no UB. However I cannot find where exactly the Standard links evaluation to having or not having UB in this case. Does "not evaluating" the expression to which sizeof is applied make it legal to dereference a null or invalid pointer inside sizeof in C++? I believe this is currently underspecified in the standard, like many issues such as What is the value category of the operands of C++ operators when unspecified?. I don't think it was intentional, like hvd points outs it is probably obvious to the committee. In this specific case I think we have the evidence to show what the intention was. From GB 91 comment from the Rapperswil meeting which says: It is mildly distasteful to dereference a null pointer as part of our specification, as we are playing on the edges of undefined behaviour. With the addition of the declval function template, already used in these same expressions, this is no longer necessary. and suggested an alternate expression, it refers to this expression which is no longer in the standard but can be found in N3090: The suggestion was rejected since this does not invoke undefined behavior since it is unevaluated: There is no undefined behavior because the expression is an unevaluated operand. It's not at all clear that the proposed change would be clearer. This rationale applies to I say underspecified but I wonder if this is covered by section The value contained in the object indicated by the lvalue is the rvalue result. When an lvalue-to-rvalue conversion occurs
within the operand of sizeof (5.3.3) the value contained in the referenced object is not accessed, since that operator
does not evaluate its operand. It says the value contained is not accessed, which if we follow the logic of issue 232 means there is no undefined behavior: In other words, it is only the act of "fetching", of lvalue-to-rvalue conversion, that triggers the ill-formed or undefined behavior This is somewhat speculative since the issue is not settled yet. 这篇关于不评估应用sizeof的表达式是否合法,在C ++中解析sizeof中的空指针或无效指针?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋! sizeof
4.1 [conv.lval] 这说明:
时,引用对象中包含的值不会被访问,因为运算符
不会计算其操作数。
int* ptr = 0;
void* buffer = malloc( 10 * sizeof( *ptr ) );
sizeof()?
noexcept(*(U*)0 = declval<U>())
sizeof as well since it's operands are unevaluated.4.1 [conv.lval] which says:
