A classical in-depth analysis of C + + virtual function

Source: Internet
Author: User

The function of virtual function in C + + is mainly to realize the mechanism of polymorphism. In terms of polymorphism, in short, a pointer to the parent type points to an instance of its child class, and then invokes the member function of the actual subclass through a pointer to the parent class. This technique allows the parent class to have a "multiple form" pointer, which is a generic technique. The so-called generic technology, plainly, is trying to use immutable code to implement a mutable algorithm. For example: template technology, RTTI technology, virtual function technology, either try to do at compile time resolution, or try to achieve runtime resolution.

On the use of virtual functions, I do not do much elaboration here. You can take a look at the relevant C + + books. In this article, I just want to from the virtual function of the implementation mechanism above for everyone a clear analysis.

Of course, the same article appeared on the Internet some, but I always feel that these articles are not very easy to read, large sections of the code, no pictures, no detailed instructions, no comparison, no extrapolate. Not conducive to learning and reading, so this is why I want to write this article. I hope you will give me more advice.

Let's go to the world of virtual functions.

virtual function Table

Anyone who understands C + + should know that virtual functions are implemented by a virtual function table (virtual table). Referred to as v-table. In this table, the master is the Address table of the virtual function of a class, which solves the problem of inheritance, overwriting, and guarantees the actual function of the real response. Thus, in an instance of a class with virtual functions, the table is assigned to the memory of this instance, so when we manipulate a subclass with a pointer to the parent class, the virtual function table is important, and it is like a map that indicates the function that should actually be called.

Here we focus on this virtual function table. In the standard specification of C + +, the compiler must ensure that a pointer to a virtual function table exists in the first position in the object instance (this is to ensure that the offset of the virtual function is correctly taken). This means that we get this virtual function table from the address of the object instance, and then we can iterate over the function pointer and call the corresponding function.

Listen to me so much, I can feel it. You may be more disoriented than before. It doesn't matter, the following is the actual example, I believe that smart you see it.

Let's say we have a class like this:

Class Base {

Public

virtual void F () {cout << "base::f" << Endl;}

virtual void g () {cout << "base::g" << Endl;}

virtual void H () {cout << "base::h" << Endl;}

};

According to the above, we can get the virtual function table through the example of base. Here is the actual routine:

typedef void (*fun) (void);

Base b;

Fun Pfun = NULL;

cout << "virtual function table Address:" << (int*) (&b) << Endl;

cout << "virtual function table-First function address:" << (int*) * (int*) (&b) << Endl;

/* Here's a bit of a controversial personal view * *

The original View (int*) (&B) is the address of the virtual table, and many netizens say, (including I think): (int *) * (int*) (&B) is the virtual table address

and (int*) * ((int*) * (int*) (&b)); Is the address of the first virtual function of a virtual table.

Actually look at the back of the call Pfun = (fun) * ((int*) * (int*) (&b)); As can be seen, * ((int*) * (int*) (&b)), turn into a function pointer to Pfun, and then correctly call the virtual function virtual void f ().

Invoke the first virtual function

Pfun = (Fun) * ((int*) * (int*) (&b));

Pfun ();

The actual run-through results are as follows: (Windows xp+vs2003, Linux 2.6.22 + GCC 4.1.3)

virtual function table Address: 0012FED4

virtual function table-First function address: 0044f148

Base::f

With this example, we can see that we can get the address of the virtual function table by forcing the &b into int *, and then, once again, the address of the first virtual function can be obtained, that is, Base::f (), which is verified in the above program (int* Forced to turn into a function pointer). With this example, we know that if you want to invoke Base::g () and Base::h (), the code is as follows:

(Fun) * ((int*) * (int*) (&b) +0); Base::f ()

(Fun) * ((int*) * (int*) (&b) +1); Base::g ()

(Fun) * ((int*) * (int*) (&b) +2); Base::h ()

You should understand this time. What the? Still a little dizzy. Also, such code looks too messy. No problem, let me draw a diagram to explain. As shown below:

Note: In the above diagram, I added a node at the end of the virtual function table, which is the end node of the virtual function table, just like the Terminator "/0" of the string, which marks the end of the virtual function table. The value of this end flag is different under different compilers. Under Winxp+vs2003, this value is null. And in Ubuntu 7.10 + Linux 2.6.22 + GCC 4.1.3, this value is if 1, indicating there is also the next virtual function table, if the value is 0, represents the last virtual function table.

Below, I will explain the appearance of the virtual function table when there is no overwrite and overwrite. It is meaningless not to overwrite the virtual function of the parent class. I want to tell the story of the absence of coverage, the main purpose is to give a contrast. In comparison, we can know more clearly the specific implementation of its internal.

General Inheritance (no virtual function overrides)

Next, let's look at what the virtual function table looks like when inheriting. Suppose you have an inheritance relationship that looks like this:

Note that in this inheritance relationship, subclasses do not overload functions of any parent class. So, in an instance of a derived class, its virtual function table looks like this:

For example: Derive D; The virtual function table is as follows:

We can see the following points:

1) Virtual functions are placed in the table in the order in which they are declared.

2) The virtual function of the parent class precedes the virtual function of the child class.

I believe that smart you can certainly refer to the previous program, to write a program to verify.

General inheritance (with virtual function overrides)

Overriding the virtual function of the parent class is a very obvious thing, otherwise the virtual function becomes meaningless. Let's take a look at what it looks like if a virtual function in a subclass overloads the virtual function of the parent class. Let's say we have an inheritance relationship like the one below.

In order to let you see the effect after the inheritance, in the design of this class, I only covered a function of the parent class: F (). Then, for instances of derived classes, the virtual function table will look like this:

We can see the following points from the table,

1) the covered F () function is placed in the location of the original parent virtual function in the virtual table.

2) functions that are not covered are still.

In this way, we can see that for the following program,

Base *b = new Derive ();

B->f ();

The position of the F () of the virtual function table in memory referred to by B has been replaced by the Derive::f () function address, and derive::f () is called when the actual call occurs. This enables polymorphism.

Multiple inheritance (no virtual function overrides)

Next, let's look at the case in multiple inheritance, assuming that there is an inheritance relationship for one of the following classes. Note: The subclass does not have a function that overrides the parent class.

For a virtual function table in a subclass instance, the following looks like this:

We can see:

1) Each parent class has its own virtual table.

2) The member function of the subclass is placed in the table of the first parent class. (The so-called first parent class is judged in order of declaration)

This is done in order to resolve pointers to different parent class types to the same child class instance, and to invoke the actual function.

multiple inheritance (with virtual function overrides)

Let's take a look at the case where virtual function overrides occur.

, we overwrite the F () function of the parent class in the subclass.

The following is a diagram of a virtual function table in a subclass instance:

As we can see, the position of F () in the three parent virtual function table is replaced by the function pointer of the subclass. This allows us to refer to the subclass as a parent of a static type and call F () of the subclass. Such as:

Derive D;

Base1 *B1 = &d;

Base2 *b2 = &d;

Base3 *b3 = &d;

B1->f (); Derive::f ()

B2->f (); Derive::f ()

B3->f (); Derive::f ()

B1->g (); Base1::g ()

B2->g (); Base2::g ()

B3->g (); Base3::g ()

Security

Every time you write a C + + article, you always have to criticize C + +. This article is no exception. Through the above, I believe we have a more detailed understanding of the virtual function table. Water can carry boat, can also overturn it. Let's take a look at what we can do with a virtual function table.

First, access the subclass's own virtual function through a pointer to the parent type

We know that subclasses do not have to reload the virtual functions of the parent class as a meaningless thing. Because polymorphism is also based on function overloading. Although we can see in the above figure that there are derive virtual functions in the virtual table of BASE1, it is not possible to use the following statement to invoke the subclass's own virtual function:

Base1 *b1 = new Derive ();

B1->F1 (); Compilation error

Any attempt to use a parent pointer to call a member function in a subclass that does not overwrite a parent class is considered illegal by the compiler, so that such a program cannot be compiled at all. But at run time, we can access the virtual function table in a pointer way to violate C + + semantics. (Try to do this by reading the code in the appendix below, believing you can do it)

Second, the virtual function of accessing non-public

In addition, if the virtual function of the parent class is private or protected, but these non-public virtual functions also exist in the virtual function table, we can also access the virtual function table in the way of accessing these non-public virtual functions, which is very easy to do.

Such as:

Class Base {

Private

virtual void F () {cout << "base::f" << Endl;}

};

Class Derive:public base{

};

typedef void (*fun) (void);

void Main () {

Derive D;

Fun Pfun = (fun) * ((int*) * (int*) (&d) +0);

Pfun ();

}

(1) Virtual virtual function

Let's look at a simple code:

Code Segment:

LINE01: #include <stdio.h>

LINE02:

Line03:class Base {

Line04:public:

line05:virtual void __stdcall Output () {

line06:printf ("Class base\n");

LINE07:}

Line08:};

LINE09:

Line10:class Derive:p ublic Base {

Line11:public:

Line12:void __stdcall Output () {

line13:printf ("Class derive\n");

LINE14:}

LINE15:};

LINE16:

Line17:void Test (Base *p) {

Line18:p->output ();

LINE19:}

LINE20:

Line21:int __cdecl Main (INTARGC, char* argv[]) {

Line22:derive obj;

Line23:test (&obj);

Line24:return 0;

Line25:}

The "Output" function of a base class is a virtual function. Well, obviously, the result of the program's operation will be:

(2) Virtual function table


First to analyze the object of the derive class in our main function, obj, to see its memory layout, because there is no data member, its size is 4 bytes, only one vfptr, so the address of obj is vfptr address.

For a C + + class, if it is to render polymorphic (the generic compiler will use this class and whether the virtual keyword exists in its base class to be polymorphic), then the class will have a virtual function table, Each instance (object) will have a virtual function pointer (hereinafter referred to as VFPTR) that points to the starting address of the virtual function table for that class, and virtual function The content of the memory unit corresponding to the table address is the virtual function address (not really a function address, but the address of the jmp instruction that jumps to the function).

(2) Realization of virtual function







Concluding remarks

C + + This language is a magic language, for programmers, we never seem to understand the language behind what we are doing. To be familiar with this language, we need to understand what's in C + + and what's dangerous in C + +. Otherwise, it's a programming language that moves stones to their feet.

A classical in-depth analysis of C + + virtual function

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.