保留指向已销毁对象的指针然后使用它来访问重新创建的对象(可能指向第一个子对象)是否是 UB?
Is it UB to keep a pointer to a destroyed object and then use it to access re-created objects, possibly pointing to the first subobject?
考虑
struct full
{
struct basic
{
int a = 1;
} base;
int b = 2;
};
void example()
{
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic; // supposedly ends lifetime of *pf (right?)
// if doesn't, suppose we did pf->~full(); before this line
pb->a; // is this legal?
new (storage) full; // supposedly ends lifetime of *pb (right?)
// if doesn't, suppose we did pb->~basic(); before this line
pb->a; // is this still legal?
pf->b; // is this legal?
pf->base.a; // is this legal?
}
我想知道以上是否合法,包括了解是否需要在每一步之前调用析构函数。
按照它的编写方式,您的代码具有未定义的行为,因为 pf 和 pb 在对象被销毁后立即停止指向对象(即在 new (storage) basic;).实际上,编译器可以自由推测可通过 new (storage) basic; 表达式中的这些指针访问的值。例如,读取这些指针可能会产生编译器根据先前通过这些指针写入而推测的值,但不一定是通过指向新构造的对象的指针。
该标准具有 std::launder 功能来缓解这种情况。该函数有效地充当了编译器基于指针及其指向的对象进行推测的障碍。基本上,它“擦除”编译器可能拥有的有关指向对象的任何知识,并且 returns 一个指针好像是重新获得的。更正后的代码如下所示:
void example()
{
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic;
pb = std::launder(pb); // prevent speculation about the object pb points to
pb->a; // ok now
new (storage) full;
pf = std::launder(pf); // prevent speculation about pf and pb
pb = std::launder(pb);
// These are ok now
pb->a;
pf->b;
pf->base.a;
}
21.6.4 [ptr.launder] 州
- Note: If a new object is created in storage occupied by an existing
object of the same type, a pointer to the original object can be used
to refer to the new object unless the type contains const or reference
members; in the latter cases, this function can be used to obtain a
usable pointer to the new object.
...所以通常最好使用 launder 它以防结构包含常量或引用。但我相信在下面的例子中:
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic; // supposedly ends lifetime of *pf (right?)
pb->a; // is this legal?
pb->a; 是合法的,即它不是和 UB 提供的结构指向不包含常量成员,也不包含引用。所以在这里使用 launder 是一个很好的做法,没错。但如果满足上述条件,则不是强制性的。
考虑
struct full
{
struct basic
{
int a = 1;
} base;
int b = 2;
};
void example()
{
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic; // supposedly ends lifetime of *pf (right?)
// if doesn't, suppose we did pf->~full(); before this line
pb->a; // is this legal?
new (storage) full; // supposedly ends lifetime of *pb (right?)
// if doesn't, suppose we did pb->~basic(); before this line
pb->a; // is this still legal?
pf->b; // is this legal?
pf->base.a; // is this legal?
}
我想知道以上是否合法,包括了解是否需要在每一步之前调用析构函数。
按照它的编写方式,您的代码具有未定义的行为,因为 pf 和 pb 在对象被销毁后立即停止指向对象(即在 new (storage) basic;).实际上,编译器可以自由推测可通过 new (storage) basic; 表达式中的这些指针访问的值。例如,读取这些指针可能会产生编译器根据先前通过这些指针写入而推测的值,但不一定是通过指向新构造的对象的指针。
该标准具有 std::launder 功能来缓解这种情况。该函数有效地充当了编译器基于指针及其指向的对象进行推测的障碍。基本上,它“擦除”编译器可能拥有的有关指向对象的任何知识,并且 returns 一个指针好像是重新获得的。更正后的代码如下所示:
void example()
{
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic;
pb = std::launder(pb); // prevent speculation about the object pb points to
pb->a; // ok now
new (storage) full;
pf = std::launder(pf); // prevent speculation about pf and pb
pb = std::launder(pb);
// These are ok now
pb->a;
pf->b;
pf->base.a;
}
21.6.4 [ptr.launder] 州
- Note: If a new object is created in storage occupied by an existing object of the same type, a pointer to the original object can be used to refer to the new object unless the type contains const or reference members; in the latter cases, this function can be used to obtain a usable pointer to the new object.
...所以通常最好使用 launder 它以防结构包含常量或引用。但我相信在下面的例子中:
alignas(full) std::byte storage[/* plenty of storage */];
full * pf = new (storage) full;
basic * pb = &pf->base;
new (storage) basic; // supposedly ends lifetime of *pf (right?)
pb->a; // is this legal?
pb->a; 是合法的,即它不是和 UB 提供的结构指向不包含常量成员,也不包含引用。所以在这里使用 launder 是一个很好的做法,没错。但如果满足上述条件,则不是强制性的。