Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Dangling Pointers: Pathology, Prevention and Cure

, 11 Nov 2012 CPOL
Dangling pointers were a problem in the past, but nowadays we'll find none, right? Guess again...
DanglingPointer.zip
DanglingPointer
DanglingPointer.dsp
DanglingPointer.dsw
// DanglingPointer.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"

// Interface.
struct I
{
    virtual bool IsAlive() = 0;
    virtual double foo(int i, double d) = 0;
    virtual ~I() { };
};

// Class, that implements that interface, and adds a few things. 
class X : public I
{
public:
    int a;
    double y;
    virtual bool IsAlive() { return true; } 
    virtual double foo(int i, double d) { return i * d; }
    double multiply() { return a * y; }  
    X() { a = 789; y = 3.1313; } 
    ~X() { a = 1; y = 2.0; } 
};

void test(X *pX)
{
    ////////////////////////////////////////////////////
    // NEVER, EVER DO THIS IN PRODUCTION CODE!
    ////////////////////////////////////////////////////
    I *pI = pX;
    printf("pX (a.k.a pI) is %s; the size of X is %d bytes; the int takes %d, the double %d, and the vtable pointer %d.\n", 
        pI->IsAlive() ? "alive": "dead", 
        sizeof X, sizeof (int), sizeof (double), sizeof (void *) ); 
    pX->a = 123;
    pX->y = 0.321;
#if _MSC_VER < 1300
    printf("pI->foo address is %p\n", pI->foo);
#else
    printf("I::foo address is %p\n", &I::foo);
#endif
    printf("pI->foo(%d, %f) = %f\n", 3, 5.05, pI->foo(3, 5.05));
    delete pX; 
    /**************************************************************/
    // NOW X IS DANGLING! It was deleted! If you try to use it, the program will crash, right? (Wrong).
    /**************************************************************/
    // The next line should crash, shouldn't it?
    printf("Not crashed yet: pX->a is %d (0x%X), pX->y is %e (0x%I64X)\n", pX->a, pX->a, pX->y, pX->y); 
    // Well, then this will crash the program...
    pX->y = 111.222333; 
    printf("Still not crashed; pX->y is %f\n", pX->y);
    // Still pointing to the same address.
#if _MSC_VER < 1300
    printf("pX->foo address is %p\n", pX->foo);
#else
    printf("X::foo address is %p\n", &X::foo);                     
#endif
    pX->a = 2;
    // Lookee, lookee! Calling a method on a dangling pointer!
    printf("pX->multiply() returned %f. Are we crashing yet?\n", pX->multiply());
    // Get a zombie! This syntax skips the vtable.                              
    printf("pX is %s.\n", pX->X::IsAlive() ? "UNDEAD!": "dead"); 
    
    /**************************************************************/
    // In order to make it really crash, uncomment the next printf() call. 
    // The vtable pointer is now 0xDDDDdddd in VC6, and some other invalid value in VC2008, 
    // which make the program crash when looking for IsAlive() in the vtable. 
    // printf("pI is %s.\n", pI->IsAlive() ? "alive": "dead"); 
    /**************************************************************/
}

int main(int argc, char* argv[])
{
    test(new X);
	return 0;
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Pablo Aliskevicius
Software Developer (Senior)
Israel Israel
Pablo writes code for a living, in C++, C#, and SQL.
 
To make all that work easier, he uses some C++ libraries: STL, ATL & WTL (to write Windows applications), and code generation.
 
Pablo was born in 1963, got married in 1998, and is the proud father of two wonderful girls.
 
Favorite quotes:
"Accident: An inevitable occurrence due to the action of immutable natural laws." (Ambrose Bierce, "The Devil's Dictionary", published in several newspapers between 1881 and 1906).
"You are to act in the light of experience as guided by intelligence" (Rex Stout, "In the Best Families", 1950).
Follow on   Google+   LinkedIn

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.150327.1 | Last Updated 11 Nov 2012
Article Copyright 2012 by Pablo Aliskevicius
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid