指针投UB? [英] pointer cast UB?
问题描述
你们中的一些人可能知道桶技术。以一般方式在C中创建链接列表或
任何数据结构。我想知道是否有任何UB
涉及以下片段,特别是newsym / freesym函数和
当返回的指针用于两者之间时
typedef struct BUCKET {
struct fs_BUCKET * Next;
struct fs_BUCKET ** Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t尺寸;
BUCKET *首先;
} DATA_LIST;
void * newsym(size_t Size){
BUCKET * p = malloc(大小+ sizeof * p);
返回p? p + 1:NULL;
}
void freesym(void * p){
免费((BUCKET *)p - 1);
}
Serve Lau写道:
你们中的一些人可能知道桶技术。以一般方式创建链接列表
或C中的任何数据结构。我想知道是否有任何UB参与下面的代码片段,特别是newsym / freesym
函数以及何时使用返回的指针
typedef struct BUCKET {
struct fs_BUCKET * Next;
struct fs_BUCKET ** Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t尺寸;
BUCKET *首先;
} DATA_LIST;
void * newsym(size_t Size){
BUCKET * p = malloc(大小+ sizeof * p);
返回p? p + 1:NULL;
}
void freesym(void * p){
免费((BUCKET *)p - 1);
}
无法保证newsym的结果对于任何
结构,除了struct BUCKET本身之外,大多数都是正确对齐的。
Serve Lau写道,06/07 / 07 17:38:
你们中的一些人可能知道桶技术。以一般方式在C中创建链接列表或
任何数据结构。我想知道是否有任何UB
涉及以下片段,特别是newsym / freesym函数和
当返回的指针用于两者之间时
typedef struct BUCKET {
struct fs_BUCKET * Next;
struct fs_BUCKET ** Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t Size;
BUCKET * First;
} DATA_LIST;
void * newsym(size_t Size){
BUCKET * p = malloc(尺寸+ sizeof * p);
返回p? p + 1:NULL;
}
void freesym(void * p){
free((BUCKET *)p - 1);
如果传递空指针,则调用UB。尝试:
if(p)free((BUCKET)p - 1);
}
您提供的代码段中没有UB,但使用它的代码中可能有
UB。具体来说,不能保证p + 1是正确对齐除了BUCKET以外的任何东西。
我也假设真正的代码将初始化隐藏指针
在使用之前。
-
Flash Gordon
" Flash Gordon" < sp ** @ flash-gordon.me.ukwrote in message
news:84 ************ @ news.flash-gordon.me.uk .. 。
> void * newsym(size_t Size){
BUCKET * p = malloc(Size + sizeof * p );
返回p? p + 1:NULL;
}
void freesym(void * p){
free((BUCKET *)p - 1);
如果传递空指针,则调用UB。尝试:
if(p)free((BUCKET)p - 1);
>}
那么这将是UB吗?
typedef struct
{
int x;
} SomeStruct;
SomeStruct * s = newsym(sizeof * s);
if(s)
s-> x = 10;
freesym(s);
Some of you may be aware of the "bucket technique" to create linked lists or
any data structure in C in a general way. I was wondering if there''s any UB
involved in the following snippet, especially newsym/freesym functions and
when the returned pointer is used in between
typedef struct BUCKET {
struct fs_BUCKET *Next;
struct fs_BUCKET **Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t Size;
BUCKET *First;
} DATA_LIST;
void *newsym(size_t Size) {
BUCKET *p = malloc(Size + sizeof *p);
return p ? p + 1 : NULL;
}
void freesym(void *p) {
free((BUCKET *)p - 1);
}
Serve Lau wrote:Some of you may be aware of the "bucket technique" to create linked lists
or any data structure in C in a general way. I was wondering if there''s
any UB involved in the following snippet, especially newsym/freesym
functions and when the returned pointer is used in between
typedef struct BUCKET {
struct fs_BUCKET *Next;
struct fs_BUCKET **Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t Size;
BUCKET *First;
} DATA_LIST;
void *newsym(size_t Size) {
BUCKET *p = malloc(Size + sizeof *p);
return p ? p + 1 : NULL;
}
void freesym(void *p) {
free((BUCKET *)p - 1);
}There is no guarantee that the result of newsym is properly aligned for any
structure, and mostly any type, other than struct BUCKET itself.
Serve Lau wrote, On 06/07/07 17:38:Some of you may be aware of the "bucket technique" to create linked lists or
any data structure in C in a general way. I was wondering if there''s any UB
involved in the following snippet, especially newsym/freesym functions and
when the returned pointer is used in between
typedef struct BUCKET {
struct fs_BUCKET *Next;
struct fs_BUCKET **Prev;
} BUCKET;
typedef struct DATA_LIST {
size_t Size;
BUCKET *First;
} DATA_LIST;
void *newsym(size_t Size) {
BUCKET *p = malloc(Size + sizeof *p);
return p ? p + 1 : NULL;
}
void freesym(void *p) {
free((BUCKET *)p - 1);If passed a null pointer this invokes UB. Try:
if (p) free((BUCKET)p - 1);
}There is no UB directly in the snippet you provide, but there could be
UB in the code using it. Specifically, there is no guarantee that p+1 is
correctly aligned for anything other than a BUCKET.
I''m also assuming the real code will initialise the "hidden" pointers
before they are used.
--
Flash Gordon
"Flash Gordon" <sp**@flash-gordon.me.ukwrote in message
news:84************@news.flash-gordon.me.uk...>void *newsym(size_t Size) {
BUCKET *p = malloc(Size + sizeof *p);
return p ? p + 1 : NULL;
}
void freesym(void *p) {
free((BUCKET *)p - 1);
If passed a null pointer this invokes UB. Try:
if (p) free((BUCKET)p - 1);
>}
so this will be UB then?
typedef struct
{
int x;
} SomeStruct;
SomeStruct *s = newsym(sizeof *s);
if (s)
s->x = 10;
freesym(s);
这篇关于指针投UB?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
