异常未被销毁
Exception not being destroyed
我正在尝试实现我的 __cxa_allocate_exception 和 __cxa_free_exception 版本以避免在 throw 上分配内存。
所以我实现了一个似乎工作正常的内存池。但是在测试嵌套异常时,并没有在所有情况下调用异常的析构函数,因此 __cxa_free_exception 也没有被调用,导致内存池随着时间的推移而被填满。
参见下面的示例代码:
class MyException {
public:
MyException() {
std::cout << "MyException constructed." << std::endl;
}
~MyException() {
std::cout << "MyException destroyed." << std::endl;
}
};
void * __cxa_allocate_exception(size_t thrown_size)
{
const auto mem = malloc(thrown_size); //Not part of the example
std::cout << "allocate: " << mem << std::endl;
return mem;
}
void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
free(thrown_object); //Not part of the example.
}
void non_rec() {
try {
throw MyException();
} catch(...) {
try {
throw MyException();
} catch(...) {
//...
}
}
}
int main() {
while(true) {
non_rec();
std::cout << "-----------" << std::endl;
}
}
这个程序的输出是:
allocate: 0x8cbc20
MyException constructed.
allocate: 0x8cc030
MyException constructed.
MyException destroyed.
free: 0x8cc030
MyException destroyed.
free: 0x8cbc20
-----------
allocate: 0x8cbc20
MyException constructed.
allocate: 0x8cc030
MyException constructed.
MyException destroyed.
free: 0x8cc030
-----------
allocate: 0x8cc030
MyException constructed.
allocate: 0x8cc440
MyException constructed.
MyException destroyed.
free: 0x8cc440
-----------
allocate: 0x8cc440
MyException constructed.
allocate: 0x8cc850
MyException constructed.
MyException destroyed.
free: 0x8cc850
它第一次正常工作。但是在那之后,在每次循环迭代中构造和分配两个异常,但只有一个被释放和销毁。
我在 Ubuntu 16.04 上使用 g++ 5.4.0。
以类似于 libstdc++ 的方式分配正确数量的内存为我解决了崩溃问题:
#include <iostream>
#include <cstdlib>
#include <exception>
#include <cstring>
class MyException {
public:
MyException() {
std::cout << "MyException constructed." << std::hex << (size_t)this << std::endl;
}
~MyException() {
std::cout << "MyException destroyed." << std::hex << (size_t)this << std::endl;
}
};
const size_t __cxa_refcounted_exception_size = 16 * sizeof(size_t); // approx sizeof(__cxa_refcounted_exception)
void * __cxa_allocate_exception(size_t thrown_size)
{
thrown_size += __cxa_refcounted_exception_size;
const auto mem = malloc(thrown_size);
std::cout << "allocate: " << mem << std::endl;
memset (mem, 0, __cxa_refcounted_exception_size);
return (void *)((char *)mem + __cxa_refcounted_exception_size);
}
void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
char *ptr = (char *) thrown_object - __cxa_refcounted_exception_size;
free(ptr);
}
void non_rec() {
try {
throw MyException();
} catch(...) {
try {
throw MyException();
} catch(...) {
//...
}
}
}
int main() {
for (int i=0;i<4;i++) {
non_rec();
std::cout << "-----------" << std::endl;
}
}
您应该通过包含 unwind-cxx.h.
来为您的平台找到 sizeof(__cxa_refcounted_exception_size) 的实际值
我认为对此的简短回答是它未指定。 C++ 标准的第 18.1.4 节是这样说的:
The memory for the exception object is allocated in an unspecified way...
MSVC,例如 allocates it on the stack。祝你好运。
但是,研究为什么编写的代码失败是很有趣的(对于其他评论员,当我尝试 运行 时 gcc 报告内存损坏)并且正如@AlanBirtles 所说,答案就在这里:
https://code.woboq.org/gcc/libstdc++-v3/libsupc++/eh_alloc.cc.html
如果您查看 __cxa_allocate_exception 的实现(第 279 行),您会发现它做了三件您没有做的事情:
- 它为(私有)类型
__cxa_refcounted_exception 的 header 分配额外的 space
- 它将 header
归零
- 它 returns 指向第一个字节的指针 在 之后 header
然后,在 __cxa_free_exception 中,它允许在释放之前调整指针。
所以让它工作很容易,只需做这样的事情(或者你可以通过隧道找到 __cxa_refcounted_exception 的声明,我想它在那个网站的某个地方):
#define EXTRA 1024
extern "C" void * __cxa_allocate_exception(size_t thrown_size)
{
void *mem = malloc (thrown_size + EXTRA);
std::cout << "allocate: " << mem << " (" << thrown_size << ") " << std::endl;
memset (mem, 0, EXTRA);
return (char *) mem + EXTRA;
}
extern "C" void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
char *mem = (char *) thrown_object;
mem -= EXTRA;
free (mem);
}
当我 run this at Wandbox 时,我得到:
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
这 doesn't work with clang 不过,所以他们必须以不同的方式做事。就像我说的,这是UB,所以要小心。
我正在尝试实现我的 __cxa_allocate_exception 和 __cxa_free_exception 版本以避免在 throw 上分配内存。
所以我实现了一个似乎工作正常的内存池。但是在测试嵌套异常时,并没有在所有情况下调用异常的析构函数,因此 __cxa_free_exception 也没有被调用,导致内存池随着时间的推移而被填满。
参见下面的示例代码:
class MyException {
public:
MyException() {
std::cout << "MyException constructed." << std::endl;
}
~MyException() {
std::cout << "MyException destroyed." << std::endl;
}
};
void * __cxa_allocate_exception(size_t thrown_size)
{
const auto mem = malloc(thrown_size); //Not part of the example
std::cout << "allocate: " << mem << std::endl;
return mem;
}
void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
free(thrown_object); //Not part of the example.
}
void non_rec() {
try {
throw MyException();
} catch(...) {
try {
throw MyException();
} catch(...) {
//...
}
}
}
int main() {
while(true) {
non_rec();
std::cout << "-----------" << std::endl;
}
}
这个程序的输出是:
allocate: 0x8cbc20
MyException constructed.
allocate: 0x8cc030
MyException constructed.
MyException destroyed.
free: 0x8cc030
MyException destroyed.
free: 0x8cbc20
-----------
allocate: 0x8cbc20
MyException constructed.
allocate: 0x8cc030
MyException constructed.
MyException destroyed.
free: 0x8cc030
-----------
allocate: 0x8cc030
MyException constructed.
allocate: 0x8cc440
MyException constructed.
MyException destroyed.
free: 0x8cc440
-----------
allocate: 0x8cc440
MyException constructed.
allocate: 0x8cc850
MyException constructed.
MyException destroyed.
free: 0x8cc850
它第一次正常工作。但是在那之后,在每次循环迭代中构造和分配两个异常,但只有一个被释放和销毁。
我在 Ubuntu 16.04 上使用 g++ 5.4.0。
以类似于 libstdc++ 的方式分配正确数量的内存为我解决了崩溃问题:
#include <iostream>
#include <cstdlib>
#include <exception>
#include <cstring>
class MyException {
public:
MyException() {
std::cout << "MyException constructed." << std::hex << (size_t)this << std::endl;
}
~MyException() {
std::cout << "MyException destroyed." << std::hex << (size_t)this << std::endl;
}
};
const size_t __cxa_refcounted_exception_size = 16 * sizeof(size_t); // approx sizeof(__cxa_refcounted_exception)
void * __cxa_allocate_exception(size_t thrown_size)
{
thrown_size += __cxa_refcounted_exception_size;
const auto mem = malloc(thrown_size);
std::cout << "allocate: " << mem << std::endl;
memset (mem, 0, __cxa_refcounted_exception_size);
return (void *)((char *)mem + __cxa_refcounted_exception_size);
}
void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
char *ptr = (char *) thrown_object - __cxa_refcounted_exception_size;
free(ptr);
}
void non_rec() {
try {
throw MyException();
} catch(...) {
try {
throw MyException();
} catch(...) {
//...
}
}
}
int main() {
for (int i=0;i<4;i++) {
non_rec();
std::cout << "-----------" << std::endl;
}
}
您应该通过包含 unwind-cxx.h.
来为您的平台找到sizeof(__cxa_refcounted_exception_size) 的实际值
我认为对此的简短回答是它未指定。 C++ 标准的第 18.1.4 节是这样说的:
The memory for the exception object is allocated in an unspecified way...
MSVC,例如 allocates it on the stack。祝你好运。
但是,研究为什么编写的代码失败是很有趣的(对于其他评论员,当我尝试 运行 时 gcc 报告内存损坏)并且正如@AlanBirtles 所说,答案就在这里:
https://code.woboq.org/gcc/libstdc++-v3/libsupc++/eh_alloc.cc.html
如果您查看 __cxa_allocate_exception 的实现(第 279 行),您会发现它做了三件您没有做的事情:
- 它为(私有)类型
__cxa_refcounted_exception 的 header 分配额外的 space
- 它将 header 归零
- 它 returns 指向第一个字节的指针 在 之后 header
然后,在 __cxa_free_exception 中,它允许在释放之前调整指针。
所以让它工作很容易,只需做这样的事情(或者你可以通过隧道找到 __cxa_refcounted_exception 的声明,我想它在那个网站的某个地方):
#define EXTRA 1024
extern "C" void * __cxa_allocate_exception(size_t thrown_size)
{
void *mem = malloc (thrown_size + EXTRA);
std::cout << "allocate: " << mem << " (" << thrown_size << ") " << std::endl;
memset (mem, 0, EXTRA);
return (char *) mem + EXTRA;
}
extern "C" void __cxa_free_exception(void *thrown_object)
{
std::cout << "free: " << thrown_object << std::endl;
char *mem = (char *) thrown_object;
mem -= EXTRA;
free (mem);
}
当我 run this at Wandbox 时,我得到:
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
allocate: 0x1e4c990 (1)
MyException constructed.
allocate: 0x1e4ddb0 (1)
MyException constructed.
MyException destroyed.
free: 0x1e4e1b0
MyException destroyed.
free: 0x1e4cd90
-----------
这 doesn't work with clang 不过,所以他们必须以不同的方式做事。就像我说的,这是UB,所以要小心。