在对象上使用 delete
运算符通常会导致两件事:调用对象的析构函数(及其虚拟基析构函数,如果存在)并随后释放内存。
如果重写一个类的 delete
操作符,给它一个空的实现 {}
,析构函数仍会被调用,但内存不会被释放。
假设析构函数也是空的,那么 delete
是否会有任何影响,或者继续使用“已删除”对象是否安全(即是否存在未定义的行为)?
struct Foo {
static void operator delete(void* ptr) {}
Foo() {}
~Foo() {}
void doSomething() { ... }
}
int main() {
Foo* foo = new Foo();
delete foo;
foo->doSomething(); // safe?
}
并不是说这很有意义,但我正在研究一种“延迟删除”(gc)机制,当调用 delete
时,对象不会立即被删除,但很快之后。
更新
引用一些提到内存泄漏的答案:让我们假设重载的 delete
运算符不为空,但确实将其 ptr
参数存储在一个(假设 static,为简单起见)set
:
struct Foo {
static std::unordered_set<void*> deletedFoos;
static void operator delete(void* ptr) {
deletedFoos.insert(ptr);
}
Foo() {}
~Foo() {}
}
并且这个 set
会定期清理:
for (void* ptr : Foo::deletedFoos) {
::operator delete(ptr);
}
Foo::deletedFoos.clear();
最佳答案
来自 n4296:
A destructor is invoked implicitly
(11.1) — for a constructed object with static storage duration (3.7.1) at program termination (3.6.3),
(11.2) — for a constructed object with thread storage duration (3.7.2) at thread exit,
(11.3) — for a constructed object with automatic storage duration (3.7.3) when the block in which an object is created exits (6.7),
(11.4) — for a constructed temporary object when its lifetime ends (12.2).
In each case, the context of the invocation is the context of the construction of the object. A destructor is also invoked implicitly through use of a delete-expression (5.3.5) for a constructed object allocated by a new-expression (5.3.4); the context of the invocation is the delete-expression. [ Note: An array of class type contains several subobjects for each of which the destructor is invoked. —end note ] A destructor can also be invoked explicitly.
因此,调用 delete 运算符的 delete 表达式的使用,也隐式调用了析构函数。对象的生命结束了,如果您为该对象调用方法,则会发生未定义的行为。
#include <iostream>
struct Foo {
static void operator delete(void* ptr) {}
Foo() {}
~Foo() { std::cout << "Destructor called\n"; }
void doSomething() { std::cout << __PRETTY_FUNCTION__ << " called\n"; }
};
int main() {
Foo* foo = new Foo();
delete foo;
foo->doSomething();
// safe? No, an UB. Object's life is ended by delete expression.
}
输出:
Destructor called
void Foo::doSomething() called
使用:gcc HEAD 8.0.0 20170809 with -O2
问题首先假设重新定义删除运算符和对象的行为将省略对象的破坏。重新定义对象本身的析构函数不会重新定义其字段的析构函数。 事实上,从语义的角度来看,它不再存在了。它不会释放内存,如果对象存储在内存池中,这可能是一件事情。但可以这么说,它会删除对象的抽象“灵魂”。之后调用方法或访问对象的字段是UB。 在特定情况下,根据操作系统,该内存可能永远保持分配状态。这是一种不安全的行为。假设编译器会生成合理的代码也是不安全的。它可能会完全省略操作。
让我向对象添加一些数据:
struct Foo {
int a;
static void operator delete(void* ptr) {}
Foo(): a(5) {}
~Foo() { std::cout << "Destructor called\n"; }
void doSomething() { std::cout << __PRETTY_FUNCTION__ << "a = " << a << " called\n"; }
};
int main() {
Foo* foo = new Foo();
delete foo;
foo->doSomething(); // safe?
}
输出:
Destructor called
void Foo::doSomething() a= 566406056 called
嗯?我们没有初始化内存?让我们在销毁之前添加相同的调用。
int main() {
Foo* foo = new Foo();
foo->doSomething(); // safe!
delete foo;
foo->doSomething(); // safe?
}
在这里输出:
void Foo::doSomething() a= 5 called
Destructor called
void Foo::doSomething() a= 5 called
什么?当然,编译器只是在第一种情况下省略了 a 的初始化。可能是因为类没有做任何其他事情吗?在这种情况下是可能的。但是这个:
struct Foo {
int a, b;
static void operator delete(void* ptr) {}
Foo(): a(5), b(10) {}
~Foo() { std::cout << "Destructor called\n"; }
void doSomething() { std::cout << __PRETTY_FUNCTION__ << " a= " << a << " called\n"; }
};
int main() {
Foo* foo = new Foo();
std::cout << __PRETTY_FUNCTION__ << " b= " << foo->b << "\n";
delete foo;
foo->doSomething(); // safe?
}
会产生类似的未定义值:
int main() b= 10
Destructor called
void Foo::doSomething() a= 2017741736 called
编译器认为 a
字段在 foo
死亡时未使用,因此“死亡”而不影响进一步的代码。 foo
与所有“手”一起倒下,并且它们中的任何一个都不再正式存在。更不用说在 Windows 上,使用 MS 编译器,当 Foo::doSomething()
尝试恢复死成员时,这些程序可能会崩溃。 Placement new 可以让我们扮演 Dr.Frankenstein 的角色:
#include <iostream>
#include <new>
struct Foo {
int a;
static void operator delete(void* ptr) {}
Foo() {std::cout << __PRETTY_FUNCTION__ << " a= " << a << " called\n"; }
Foo(int _a): a(_a) {std::cout << __PRETTY_FUNCTION__ << " a= " << a << " called\n"; }
~Foo() { std::cout << "Destructor called\n"; }
void doSomething() { std::cout << __PRETTY_FUNCTION__ << " a= " << a << " called\n"; }
};
int main() {
Foo* foo = new Foo(5);
foo->~Foo();
Foo *revenant = new(foo) Foo();
revenant->doSomething();
}
输出:
Foo::Foo(int) a= 5 called
Destructor called
Foo::Foo() a= 1873730472 called
void Foo::doSomething() a= 1873730472 called
不管我们是否调用析构函数,编译器都可以决定 revenant 与原始对象不同,因此我们不能重用旧数据,只能重用内存。
奇怪的是,在仍然执行 UB 的同时,如果我们从 Foo
中删除删除操作符,该操作似乎与 GCC 一样工作。在这种情况下我们不调用 delete,但是删除和添加它会改变编译器的行为,我相信这是实现的产物。
关于c++ - 用空实现覆盖删除运算符,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45628694/