How `new’ operator works ?

这是2013年写的一篇旧文，放在gegahost.net上面 http://raison.gegahost.net/?p=15

February 15, 2013

How `new’ operator works ?

Filed under: c++ — Tags: C++ internal, c++ memory layout, c++ new, POD, virtual class — Raison @ 12:38 am

(original works by Peixu Zhu)

For single inherited classes

1.  in case of single instance of a class without virtual method (inherited or not).

• suppose the class is `theClass‘.
• at first, it calls function `malloc‘ to allocate sizeof(theClass) memory, the size is always the same to POD structures.
• if the `malloc‘ function fails, throw exception if `nothrow‘ is not specified.
• if the `malloc‘ function success, call class initializer and internal initializer to set default values of members( to be zeros)
• call the constructor on the instance as a chain, the most rooted constructor is called at first, and then the derived constructors, the latest is theClass‘s constructor.
• set return value to be the address of `malloc‘ returned.

2.  in case of single instance of a class with virtual method (inherited or not).

• at first, it calls functon `malloc‘ to allocate sizeof(theClass) sized memory, for single inherited class, sizeof(theClass) =  (sizeof(void*) )  +  sizeof(POD structure). the additional (sizeof(void*) ) sized memory is for purpose of storing virtual pointer table for the class and it’s parent classes.
• if the `malloc‘ function fails, throw exception if `nothrow‘ is not specified.
• if the `malloc‘ function success, at first, set the first (sizeof(void*)  to be the class’s virtual pointer table, and then call class initializer and  internal initializer to set default values of members( to be zeros) on subsequent memory.
• call the constructor on the instance as a chain, the most rooted constructor is called at first, and then derived classes’ constructors, the latest is the class’s constructor.
• set return value to be the address of `malloc‘ returned.

3.  in case of arrayed instances of a class without virtual method.

• suppose n instances are required.
• calculate the size of required memory:  sizeof(void*) + n * sizeof(theClass)
• call `malloc‘ to allocate memory of the size required.
• if `malloc‘ fails, throw exception if `nothrow‘ is not specified.
• if `malloc‘ success, set the first sizeof(void*) the count of instances in the array (i.e. `n’).
• for subsequent memory,  each instance is initialized and constructed as above .
• set return value to be the address of `malloc‘ returned minus sizeof(void*), i.e., the address of first instance.

4.  in case of arrayed instances of a class with virtual method.

• calculate the size of required memory:

sizeof(void*) + n * sizeof(theClass).
sizeof(theClass) = sizeof(void*) + sizeof(POD)

• call `malloc‘ to allocate the size required.
• if `malloc‘ fails, throw exception if `nothrow‘ is not specified.
• if `malloc‘ success, set the first sizeof(void*) the count of instances in the array (i.e. `n’).
• for subsequent memory, for each instance, set the first
  sizeof(void*) memory to be the address of virtual pointer table of the
  class, then initialize the members, and call constructor one  by one.
• set return value to be the address of `malloc‘ returned minus sizeof(void*), i.e., the address of first instance.

5.  about the virtual pointer table.

• the layout of virtual pointer table:

[vdes1][vdes2](vm1)(vm2)(vm3…)[typeinfo [data of typeinfo]].
square bracketing indicates optional.
each elements are pointer to functions/methods.
vdes1 and vdes2 are virtual destructor.
vm1/vm2 … are virtual methods.
typeinfo    for function `typeid‘ (std::type_info)
data of typeinfo is the data of std::type_info

• if the class is virtual, then there is typeinfo, and data of typeinfo.
• if the class has virtual desctructor, there’s vdes1 and vdes2. one is called by `delete‘ operator (free memory in function), and ther other one is called by `delete[]‘ operator (does not free memory in function).
• in runtime environment, calling virtual methods are converted into
  referencing index in the virtual pointer table, the index value of each
  virtual method is determined at compiling time. In derived classes, the
  child class instance and parent class instance share the same index
  value on same virtual method (with same mangling signature). If the
  child class does not override the parent virtual method, it will set the
  indexed pointer to the parent’s method, rather than of the child,
  however, if the child class override the virtual method, it will be  the
  indexed with pointer to the child’s method.

6.  about the alignment of  address returned by `new/new[]’ operator.
As you know, `new‘ and `new[]‘ operator both call `malloc‘ function to allocate memory required, thus, the alignment of address returned by `new‘ or `new[]‘ is determined by the address returned by `malloc‘. `malloc‘ does not guarantee the returned address is aligned well, thus, the `new‘ and `new[]‘ also do not guarantee the returned address is aligned well, though the size of the class is aligned.
But, there’s alignment version of `malloc‘, like posix_memalign, or valloc, etc., how about alignment version of `new‘ and `new[]‘ ?  The replacement new operator in C++11 may solve the problem.

For classes with multiple parent classes.
1. each parent class has an instance in the derived class instance, sequenced as the class definition.

2. the derived class’s own members are placed at the tail of the allocated memory.

3. sizeof(theClass) = sizeof(parentClass) * (count of parent classes) + sizeof(own)

4. for plain classes without virtual methods, sizeof(own) = sizeof(POD structure),  and for classes with virtual methods, sizeof(own) = sizeof(void*) + sizeof(POD structure).