\nIn a previous entry<\/a> I alluded to the problems that\ncan occur if you mismatch scalar “new” with vector “delete[]”\nor vice versa.<\/p>\n \nThere is a nice description of C++ memory management\nin\n\nC++ Gotchas: Avoiding Common Problems in Coding and Design<\/a>\non\nwww.informit.com<\/a>,\nand I encourage you to read\nat least the section titled\n\nFailure to Distinguish Scalar and Array Allocation<\/a>\nbefore continuing with this entry,\nbecause I’m going to use that information as\na starting point.\n<\/p>\n \nHere’s how the Microsoft C++ compiler manages vector allocation.\nNote that this is internal implementation detail, so it’s subject\nto change at any time, but knowing this may give a better insight\ninto why mixing scalar and vector new\/delete is a bad thing.\n<\/p>\n \nThe important thing to note is that when you do a scalar\n“delete p”, you are telling the compiler, “p points to a single\nobject.” The compiler will call the destructor once, namely\nfor the object you are destructing.\n<\/p>\n \nWhen you do “delete[] p”, you are saying,\n“p points to a bunch of objects, but I’m not telling you how many.”\nIn this case, the compiler needs to generate extra code to keep\ntrack of how many it needs to destruct. This extra information\nis kept in a “secret place” when the vector is allocated with\n“new[]”.\n<\/p>\n \nLet’s watch this in action:<\/p>\n \nThe generated code for the “allocate_stuff” function\nlooks like this:\n<\/p>\n \nTranslated back into pseudo-C++, the code looks like this:\n<\/p>\n \nIn other words, the memory layout of the vector of\nMyClass objects looks like this:\n<\/p>\n\nclass MyClass {\npublic:\n MyClass(); \/\/ constructor\n ~MyClass(); \/\/ destructor\n int i;\n};\nMyClass *allocate_stuff(int howmany)\n{\n return new MyClass[howmany];\n}\n<\/pre>\n\n push esi\n mov esi, [esp+8] ; howmany\n ; eax = howmany * sizeof(MyClass) + sizeof(size_t)\n lea eax, [esi*4+4]\n push eax\n call operator new\n test eax, eax\n pop ecx\n je fail\n push edi\n push OFFSET MyClass::MyClass\n push esi\n lea edi, [eax+4] ; edi = eax + sizeof(size_t)\n push 4 ; sizeof(MyClass)\n push edi\n mov [eax], esi ; howmany\n call `vector constructor iterator'\n mov eax, edi\n pop edi\n jmp done\nfail:\n xor eax, eax\ndone:\n pop esi\n retd 4\n<\/pre>\n
\nMyClass* allocate_stuff(int howmany)\n{\n void *p = operator new(\n howmany * sizeof(MyClass) + sizeof(size_t));\n if (p) {\n size_t* a = reinterpret_cast<size_t*>(p);\n *a++ = howmany;\n vector constructor iterator(a,\n sizeof(MyClass), &MyClass::MyClass);\n return reinterpret_cast<MyClass*>(a);\n }\n return NULL;\n}\n<\/pre>\n
| howmany<\/td>\n<\/tr>\n |
| MyClass[0]<\/td>\n<\/tr>\n |
| MyClass[1]<\/td>\n<\/tr>\n |
| …<\/td>\n<\/tr>\n |
| MyClass[howmany-1]<\/td>\n<\/tr>\n<\/table>\n \nThe pointer returned by the new[] operator\nis not<\/b> the start of the\nallocated memory but rather points to MyClass[0]. The count of\nelements is hidden in front of the vector.\n<\/p>\n \nThe deletion of a vector performs this operation in reverse:<\/p>\n \nvoid free_stuff(MyClass* p)\n{\n delete[] p;\n}\n<\/pre>\n |