

我正在阅读理查德·里斯(Richard Reese)的新书(2013年5月)在O'Reilly的书理解和使用C指针",并且对其中的某些代码有疑问,请参阅第87页.

I was reading Richard Reese's new (May 2013) O'Reilly book "Understanding and Using C Pointers", and I have a question about some code therein, on page 87.

if (++length > maximumLength) {
    char *newBuffer = realloc (buffer, maximumLength += sizeIncrement);

    if (newBuffer == NULL) {
        free (buffer);
        return NULL;

    currentPosition = newBuffer + (currentPosition - buffer);
    buffer = newBuffer;


I hope the names of the variables are self-explanatory; if context is needed, I will edit to provide the entire chunk of code and not just this excerpt.

我的问题是关于currentPosition = newBuffer + (currentPosition - buffer);行的.我对realloc()的理解是,当新分配成功时,将释放最初分配的内存.如果那是正确的,那么所讨论的行使用的是悬空指针,是吗?该表达式的RHS上的buffercurrentPosition都是指向已释放内存的指针.

My question is about the line currentPosition = newBuffer + (currentPosition - buffer);. My understanding of realloc() is that when the new allocation succeeds, the originally allocated memory is freed. If that is correct, then the line in question is using dangling pointers, innit? Both buffer and currentPosition on the RHS of that expression are pointers to memory that has been freed.


My instinct would be to rewrite this to avoid using the dangling pointers by using length, which after all is already around. I want to replace those last two lines with:

buffer = newBuffer;
currentPosition = buffer + length;


However, presumably the code as written works because the two pointers still hold addresses (albeit of garbage), and the offset between those two addresses can still be calculated as a way of reassigning currentPosition. So am I being merely persnickety in feeling uneasy about this?


To generalize the question: once a pointer is dangling, is it safe to use the address contained in the pointer for any purpose, such as calculating offsets? Thanks.


不,这不安全. free之后,指针值是一个无效地址,并且在不调用未定义行为的情况下,不能将无效地址用于指针算术.

No, it is not safe. After free the pointer value is an invalid address and an invalid address cannot be used for pointer arithmetic without invoking undefined behavior.


