正确使用函数指针

时间:2013-06-18 21:42:19

标签: c function-pointers

我基于相当数量的代码的双向链表似乎有一个与我从列表中删除节点的方式有关的错误,但我无法发现它。请考虑以下代码:

typedef struct DL_LIST
{
    uint16 tag;
    struct DL_LIST *previous;
    struct DL_LIST *next;
    void *object;
    uint32 size;
} DL_LIST;

用于删除节点的功能如下:

void dl_delete(DL_LIST *node, void (*destructor)(void*))
{
    assert(destructor != NULL);

    if (node != NULL)
    {
        dl_extract(node);

        if (node->object != NULL)
        {
            destructor(node->object);
        }

        free(node);
    }
}

其中:

DL_LIST *dl_extract(DL_LIST *node)
{
    if (node != NULL)
    {
        if (node->previous != NULL)
        {
            node->previous->next = node->next;
        }

        if (node->next != NULL)
        {
            node->next->previous = node->previous;
        }

        node->previous = NULL;
        node->next = NULL;
    }

    return node;
}

是否有人能够通过删除节点的方式发现问题?我认为存在问题的原因是我使用DL_LIST作为队列结构的基础,用于从队列中删除项目的函数破坏了它,除了当我注释掉dl_delete的电话。

编辑1.根据评论中的要求,队列代码如下:

typedef struct QU_LIST
{
    DL_LIST *list;
    uint32 count;
} QU_LIST;

uint8 qu_remove(QU_LIST *queue, void *object, void (*destructor)(void*))
{
    uint8 result = QU_SUCCESS;
    uint32 size;
    DL_LIST *first_node;
    DL_LIST *next_node;
    void *marker;

    assert(queue != NULL && destructor != NULL);

    if (queue->count > 0)
    {
        first_node = dl_get_first(queue->list);
        next_node = dl_get_next(first_node);

        marker = dl_get_object(first_node, NULL, &size);

        if (marker != NULL)
        {
            if (object != NULL)
            {
                memcpy(object, marker, size);
            }
        }
        else
        {
            result = QU_NO_MEMORY;
        }

        queue->list = next_node;

        dl_delete(first_node, destructor); // this is the problem

        --queue->count;
    }
    else
    {
        result = QU_EMPTY;
    }

    return result;
}

其中:

DL_LIST *dl_get_first(DL_LIST *list)
{
    if (list != NULL)
    {
        while (list->previous != NULL)
        {
            list = list->previous;
        }
    }

    return list;
}

DL_LIST *dl_get_next(DL_LIST *node)
{
    if (node != NULL)
    {
        node = node->next;
    }

    return node;
}

void *dl_get_object(DL_LIST *node, uint16 *tag, uint32 *size)
{
    void *marker = NULL;

    if (node != NULL)
    {
        if (tag != NULL)
        {
            *tag = node->tag;
        }

        if (size != NULL)
        {
            *size = node->size;
        }

        marker = node->object;
    }

    return marker;
}

编辑2.感谢Wumpus Q. Wumbley的一个简单的答案,问题的根源已经缩小到以下代码,这是嵌入式系统的导航按钮库的一部分。

void bu_test(void)
{
    QU_LIST button_list = {0};
    BU_OBJECT *object = NULL;

    object = bu_create("O");
    // object->identifier is "O" at this point.

    bu_add(&button_list, "N");
    bu_add(&button_list, "S");
    bu_add(&button_list, "E");
    bu_add(&button_list, "W");

    qu_remove(&button_list, object, (void(*)(void*)) &_destructor);
    // object->identifier should be "N" at this point, but is not.
}

其中:

typedef struct BU_OBJECT
{
    char *identifier;
} BU_OBJECT;

uint8 bu_add(QU_LIST *queue, char *identifier)
{
    uint8 result = BU_SUCCESS;
    BU_OBJECT* object;

    assert(queue != NULL && identifier != NULL);

    object = bu_create(identifier);

    if (object != NULL)
    {
        result = qu_add(queue, _TAG, object, sizeof(*object));

        if (result == QU_NO_MEMORY)
        {
            _destructor(object);

            result = BU_NO_MEMORY;
        }
    }
    else
    {
        result = BU_NO_MEMORY;
    }

    return result;
}

BU_OBJECT *bu_create(char *identifier)
{
    BU_OBJECT *object = NULL;
    char *p;

    assert(identifier != NULL);

    object = malloc(sizeof(*object));

    if (object != NULL)
    {
        p = malloc(sizeof(*identifier));

        if (p != NULL)
        {
            strcpy(p, identifier);
            object->identifier = p;
        }
        else
        {
            free(object);
            object = NULL;
        }
    }

    return object;
}

最后:

void _destructor(BU_OBJECT *object)
{  
    free(object->identifier);
    free(object);
}

对象被添加到button_list没有错误,但似乎_destructor正在销毁传递给函数qu_remove的对象参数,这对我来说似乎很奇怪,它应该是被销毁的first_node的对象,而不是参数的对象。

2 个答案:

答案 0 :(得分:3)

这是一个完整的程序,它使用你的功能(你到目前为止发布的所有功能)完全一样。有用。错误出现在你没有显示的部分。

#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
#include <assert.h>

typedef uint8_t uint8;
typedef uint16_t uint16;
typedef uint32_t uint32;
enum { QU_SUCCESS, QU_NO_MEMORY, QU_EMPTY };

typedef struct DL_LIST
{
    uint16 tag;
    struct DL_LIST *previous;
    struct DL_LIST *next;
    void *object;
    uint32 size;
} DL_LIST;

DL_LIST *dl_extract(DL_LIST *node)
{
    if (node != NULL)
    {
        if (node->previous != NULL)
        {
            node->previous->next = node->next;
        }

        if (node->next != NULL)
        {
            node->next->previous = node->previous;
        }

        node->previous = NULL;
        node->next = NULL;
    }

    return node;
}

void dl_delete(DL_LIST *node, void (*destructor)(void*))
{
    assert(destructor != NULL);

    if (node != NULL)
    {
        dl_extract(node);

        if (node->object != NULL)
        {
            destructor(node->object);
        }

        free(node);
    }
}

DL_LIST *dl_get_first(DL_LIST *list)
{
    if (list != NULL)
    {
        while (list->previous != NULL)
        {
            list = list->previous;
        }
    }

    return list;
}

DL_LIST *dl_get_next(DL_LIST *node)
{
    if (node != NULL)
    {
        node = node->next;
    }

    return node;
}

void *dl_get_object(DL_LIST *node, uint16 *tag, uint32 *size)
{
    void *marker = NULL;

    if (node != NULL)
    {
        if (tag != NULL)
        {
            *tag = node->tag;
        }

        if (size != NULL)
        {
            *size = node->size;
        }

        marker = node->object;
    }

    return marker;
}

typedef struct QU_LIST
{
    DL_LIST *list;
    uint32 count;
} QU_LIST;

uint8 qu_remove(QU_LIST *queue, void *object, void (*destructor)(void*))
{
    uint8 result = QU_SUCCESS;
    uint32 size;
    DL_LIST *first_node;
    DL_LIST *next_node;
    void *marker;

    assert(queue != NULL && destructor != NULL);

    if (queue->count > 0)
    {
        first_node = dl_get_first(queue->list);
        next_node = dl_get_next(first_node);

        marker = dl_get_object(first_node, NULL, &size);

        if (marker != NULL)
        {
            if (object != NULL)
            {
                memcpy(object, marker, size);
            }
        }
        else
        {
            result = QU_NO_MEMORY;
        }

        queue->list = next_node;

        dl_delete(first_node, destructor); // this is the problem

        --queue->count;
    }
    else
    {
        result = QU_EMPTY;
    }

    return result;
}

DL_LIST *dl_get_last(DL_LIST *list)
{
    if (list != NULL)
    {
        while (list->next != NULL)
        {
            list = list->next;
        }
    }

    return list;
}

DL_LIST **qu_get_tail(QU_LIST *queue)
{
    DL_LIST *node = dl_get_last(queue->list);
    if(node)
        return &node->next;
    return &queue->list;
}

uint8 qu_add(QU_LIST *queue, uint16 tag, void *object, uint32 size)
{
  DL_LIST *node = malloc(sizeof *node), *prev;
  if(!node)
    return QU_NO_MEMORY;
  node->next = NULL;
  node->tag = tag;
  node->object = object;
  node->size = size;
  if(queue->list) {
      prev = dl_get_last(queue->list);
      prev->next = node;
      node->previous = prev;
  } else {
      queue->list = node;
      node->previous = NULL;
  }
  ++queue->count;
  return QU_SUCCESS;
}

void qu_init(QU_LIST *queue)
{
    queue->list = NULL;
    queue->count = 0;
}

void destroydata(void *data)
{
    memset(data, 'X', 3);
}

int main(void)
{
    char testdata[] = "ABC DEF GHI JKL!";
    char removed[4] = "";
    int i;
    QU_LIST q;

    qu_init(&q);
    if(qu_add(&q, 0, &testdata[0], 3) != QU_SUCCESS) abort();
    if(qu_add(&q, 1, &testdata[4], 3) != QU_SUCCESS) abort();
    if(qu_add(&q, 2, &testdata[8], 3) != QU_SUCCESS) abort();
    if(qu_add(&q, 3, &testdata[12], 3) != QU_SUCCESS) abort();
    puts("Done adding");
    for(i=0;i<4;++i) {
      if(qu_remove(&q, removed, destroydata) !=QU_SUCCESS) abort();
      printf("Removed: %s\n", removed);
      printf("testdata now contains: %s\n", testdata);
    }
    return 0;
}

答案 1 :(得分:1)

我发现了这个问题。它不在于代码,而在于我的理解。为了说明,请考虑函数qu_remove中的以下行:

memcpy(object, marker, &size);

在致电memcpy之前,objectmarkerqu_remove的内容如下:

Location      Content       Location Description
--------      -------       --------------------
0x1FFF8658    0x1FFF8668    Pointer to object (object)
0x1FFF8668    "O"           Pointer to identifier

0x1FFF86B0    0x1FFF8688    Pointer to object (marker)
0x1FFF8688    "N"           Pointer to identifier

致电memcpy后,object的内容如下:

Location      Content       Location Description
--------      -------       --------------------
0x1FFF8658    0x1FFF8688    Pointer to object (marker)
0x1FFF8688    "N"           Pointer to identifier

出于某种原因,我认为memcpy会将字符“N”从位置0x1FFF8688(marker中的标识符的位置)复制到0x1FFF8668({{1中的标识符的位置) }})。我现在看到这是胡说八道。字符“N”不是object的一部分,因此不会被复制 - 只复制指向“N”的指针。

知道这解释了marker功能的失败。棘手的一点是找出解决问题的方法。我需要的是为bu_test写一个替换,它跟在任何指针链之后,直到指向的对象,并复制它。