Pointer - golden stage

  One 、 Subtract between pointers

#include<iostream>
using namespace std;
#include<string>

int main() {
	string str[5] = { " Monday "," Tuesday "," Wednesday "," Thursday "," Friday " };
	string* pStr1 = str;
	string* pStr2 = &str[5];
	int res1 = pStr2 - pStr1;
	int res2 = (unsigned int)pStr2 - (unsigned int)pStr1;
	return 0;
}

string* pStr1 = str;
009148EB  lea         eax,[str]  
009148F1  mov         dword ptr [pStr1],eax  
	string* pStr2 = &str[5];
009148F7  mov         eax,1Ch  
009148FC  imul        ecx,eax,5  
009148FF  lea         edx,str[ecx]  
00914906  mov         dword ptr [pStr2],edx  
	int res1 = pStr2 - pStr1;
0091490C  mov         eax,dword ptr [pStr2]  
00914912  sub         eax,dword ptr [pStr1]  
00914918  cdq  
00914919  mov         ecx,1Ch  
0091491E  idiv        eax,ecx  
00914920  mov         dword ptr [res1],eax  
	int res2 = (unsigned int)pStr2 - (unsigned int)pStr1;
00914926  mov         eax,dword ptr [pStr2]  
0091492C  sub         eax,dword ptr [pStr1]  
00914932  mov         dword ptr [res2],eax  

among imul        ecx,eax,5 The role of the eax*5 Assign a value to ecx

adopt mov eax,1Ch It's not hard to find every string The data length of all types is 0x1C

namely ：string Type no matter how long the string is , His variables themselves account for 28 Bytes

cdq It is an instruction that confuses many people .  This instruction puts EAX Of the 31 bit Copied to the EDX Every one of bit On .  It mostly appears before division . Its actual function is only to EDX All bits of are set to EAX The highest value . in other words , When EAX <80000000, EDX by 00000000; When EAX >= 80000000, EDX Then for FFFFFFFF.

for example :
          hypothesis EAX yes FFFFFFFB (-5) , It's the first 31 bit ( Leftmost ) yes 1,
          perform CDQ after , CDQ The first 31 bit Copy to EDX all bit
         EDX become FFFFFFFF
        Now , EDX:EAX become FFFFFFFF FFFFFFFB , It's a 64 bit Large numbers , The value is still -5.

remarks ：

        EDX:EAX, It means EDX,EAX Continuous representation 64 digit

Through this assembly instruction, it is not difficult for us to find , The pointer p2-p1 The difference is the difference between their addresses / The width of the data type

and (unsigned int)p2-(unsigned int)p1 The difference is the address difference of the pointer

Use int Test the array of type again ：

int intArr[5] = { 1,2,3,4,5 };
00218868  mov         dword ptr [intArr],1  
00218872  mov         dword ptr [ebp-0E8h],2  
0021887C  mov         dword ptr [ebp-0E4h],3  
00218886  mov         dword ptr [ebp-0E0h],4  
00218890  mov         dword ptr [ebp-0DCh],5  
	int* pInt1 = intArr;
0021889A  lea         eax,[intArr]  
002188A0  mov         dword ptr [pInt1],eax  
	int* pInt2 = &intArr[5];
002188A6  mov         eax,4  
002188AB  imul        ecx,eax,5  
002188AE  lea         edx,intArr[ecx]  
002188B5  mov         dword ptr [pInt2],edx  
	res1 = pInt2 - pInt1;
002188BB  mov         eax,dword ptr [pInt2]  
002188C1  sub         eax,dword ptr [pInt1]  
002188C7  sar         eax,2  
002188CA  mov         dword ptr [res1],eax  
	res2 = (unsigned int)pInt2 - (unsigned int)pInt1;
002188D0  mov         eax,dword ptr [pInt2]  
002188D6  sub         eax,dword ptr [pInt1]  
002188DC  mov         dword ptr [res2],eax  

among sar eax,2 Move two places to the right , It's equivalent to multiplying by 4

[ Glory gold ]

NULL In essence, it is 0, yes C A macro defined in the language

The function of null pointer is once you access the null pointer , The program will collapse , It's a good thing ！

Null pointer access error cases ：

#include<iostream>
using namespace std;
#include<string>

int main() {

	string girl = " feng ";
	string* lover = &girl;
	lover = NULL;
	cout << *lover << endl;
	return 0;
}

  So it's best to set the pointer to null when defining ！

Wild pointer test 1：

#include<iostream>
using namespace std;
#include<string>

int* getAddr() {
	int x = 100;
	return &x;
}

int main() {

	int* p = getAddr();
	cout << *p << endl;
	cout << *p << endl;
	return 0;
}

Print the results ：

The root cause ：p The address pointed to has not changed , But once the function call ends , The memory in the function stack is recycled , Maybe what you get at the beginning is the correct value , Because the compiler hasn't had time to recycle

  Wild pointer test 2：

int main() {

	int* p = (int*)malloc(sizeof(int));
	*p = 888;
	cout << *p << endl;
	printf("p-%p\n", p);
	free(p);
	cout << *p << endl;
	printf("p-%p\n", p);
	return 0;
}

The position pointed by the wild pointer is always the same , But the data in that location may no longer exist

  Ways to avoid wild pointers ： After the pointer is used, it is set to NULL！

  The secondary pointer

Determine whether the following procedures have problems ：

#include<iostream>
using namespace std;
#include<string>
#pragma warning(disable:4996)

void getMem(char* p, int n) {
	p = (char*)malloc(n);
}


int main() {

	char* p = NULL;
	getMem(p, 100);
	strcpy(p, "hello");
	cout << p << endl;
	free(p);
	return 0;
}

  Running results ：

  After the modification ：

#include<iostream>
using namespace std;
#include<string>
#pragma warning(disable:4996)

void getMem(char** p, int n) {
	*p = (char*)malloc(n);
}

void add(int x, int y, int z) {
	z = x + y;
}

void add2(int x, int y, int* z) {
	*z = x + y;
}

int main() {

	int x = 100,y=200,z=200;
	add(x, y, z);
	printf("x-%d y-%d z-%d\n", x, y, z);
	add2(x, y, &z);
	printf("x-%d y-%d z-%d\n", x, y, z);

	char* p = NULL;
	getMem(&p, 100);
	strcpy(p, "hello");
	cout << p << endl;
	free(p);
	return 0;
}

Print the results ：