Be Smart About C++11 Smart Pointers

Like this article? We recommend

C++ for the Impatient

Learn More Buy

Like this article? We recommend

Like this article? We recommend 

C++ for the Impatient

Learn More Buy

The expression smart pointer suggests a super-intelligent data type. It sounds like these pointers might write your program for you—or maybe get up and dance. Of course, they can't do that. Smart pointers are used for resource management, principally that of dynamically allocated memory. You can use them to help manage other resources such as file handles, but in this article I'll focus on memory.

Memory Leaks and the Titanic

In software, a memory leak is caused by sloppy handling of dynamically allocated memory. Unfortunately, even very smart people commit such errors, and complex software is sometimes more full of leaks than the Titanic.

C provides memory allocation through the malloc() family of library functions, and C++ supports it directly with the new keyword. Other popular languages such as C#, Java, and Visual Basic also provide some version of new.

The problem in C++ is that once you allocate a chunk of memory, you need to release it explicitly by using the delete keyword. If you fail to release the memory, as soon as the pointer to that memory goes out of scope, the memory just sits there with nothing referring to it. The memory is then lost for the duration of the program, with no way to free it. Such memory holes accumulate, and before you know it your ship is going down.

If you write simple applications that are designed to run for a short time and then exit, memory leaks are not a problem. All resources, including memory, are freed on program termination, so you're protected from memory leaks (no matter how sloppy you are otherwise).

But programming habits you develop early are likely to stay with you later, and memory leaks become one of the worst potential problems in more serious applications, particularly apps that are intended to stick around for a while.

Consider older versions of Microsoft Windows. Based on my experience with Windows 7, I would say that Microsoft has cleaned up its act and Windows is now an excellent, robust operating system. But earlier versions of Windows were notorious for memory problems. If you kept Windows running without rebooting regularly, after a day or two the system might present a mysterious "insufficient memory" message. Or, worse, it would just stop working and everything would freeze, never telling you why. Lovely. The cause frequently had to do with memory leaks. Such bugs can be hard to find. It's all too easy to write code that assumes a piece of memory was released—when in fact it never was.

Running Aground: Hazards of Releasing Memory Too Soon

The flip side of the memory-leak coin is to assume that a piece of memory can be released—without realizing that some other pointer still refers to it. The result is even worse: a bad memory reference, which can cause an application—or the whole system—to fail spectacularly.

Unfortunately, in software as complex as an operating system or a spreadsheet program, it's difficult even for very smart developers to avoid such errors altogether. You need the programming language or environment to help prevent such errors for you. There are two principal ways to do this:

• Garbage collection. (It's a dirty job, but someone has to do it.) This is the solution adopted in C#, Java, Visual Basic, and other environments. This solution protects you from memory leaks with processes that run in the background of the environment, finding and releasing memory that's no longer in use. This is a nice solution, but it exists only in strongly managed environments that lack the runtime efficiency of C++.
• Smart pointers. A smart pointer is a "wrapper" that contains a pointer within it but also performs other special actions. This data type causes an internal reference count to be kept for the associated memory object. The count is equal to the total number of pointers that refer to the object. When the count reaches zero, the object is destroyed, and the memory is released.

The advantage of C++ smart pointers is that they operate with high efficiency—requiring only a modest cost in overhead. Smart pointers can be used in ways almost identical to those of ordinary pointers, with a few critical differences I'll cover shortly.

Declaring and Using Shared Pointers

The C++11 specification introduces a new type (actually a template) called shared_ptr, which is a major improvement over the auto_ptr template that some older versions of C++ supported. C++11 also introduces the unique_ptr and weak_ptr templates, each of which has special uses. I'll cover those later.

The advantage of pointers created with the shared_ptr template is that they support sharing memory objects among multiple pointers. The internal reference count, which I mentioned earlier, can be higher than one, indicating a shared resource. An object is destroyed only when the internally maintained reference count goes to zero.

There are two important points to remember about shared_ptr:

• This is a template, so it uses template syntax.
• Raw addresses (including ordinary pointers) cannot be assigned directly to smart pointers. You also need to include the <memory> header to use this template.

Take the example of a simple pointer to an integer. To use such a pointer to allocate a new integer at runtime, you might use the following statements:

#include <iostream>
using namespace std;
. . .
int *p = new int(5);
cout << *p;  // Print "5"

Here's the equivalent operation using a shared pointer:

#include <iostream>
#include <memory>
using namespace std;
. . .
shared_ptr<int> sp(new int(5));
cout << *p;  // Print "5"

Note what's happening here:

• The code new int(5) allocates an integer initialized to 5 and then passes along the address of this new integer.
• That address is then used to initialize sp, a smart pointer, by being passed to the shared_ptr<int> constructor.

This is not a direct assignment. If you attempt direct assignment, that's an error. For example:

shared_ptr<int>   sp;
sp = new int(5);  // ERROR!

In this example, the first statement declares a shared pointer, sp, but doesn't initialize it. (Fine; it gets set to null.) But the second statement attempts to assign a raw address to sp directly, which isn't permitted.

What if you want to declare an uninitialized shared pointer, and later have it point to a dynamically allocated object? You can do that, but you must call a method:

shared_ptr<int>   sp;
. . .
sp.reset(new int(10));

The second statement in this example allocates a new memory object by using the new keyword, which produces an address. That address is then passed to the reset() method, which causes the shared pointer, sp, to point to this address.

But that's not all the reset() method does. It checks whether the shared pointer, sp, currently points to some memory object. That is, does sp have a value other than NULL? If so, the reference count of this old memory object is reduced by one. If that count goes to zero, the object is destroyed. The new memory object—in this case, an integer initialized to 10—is then assigned to sp, and its initial reference count is set to 1.

You can never assign directly between shared pointers and ordinary pointers or raw addresses, but you can assign from one shared pointer to another. For this next example, we'll use pointers of type double:

shared_ptr<double>  sp1, sp2, sp3;
sp1.reset(new double(3.14));
sp2 = sp1;  // Point to what sp1 does.
sp3 = sp1;  // Point to what sp1 does.

The result of these statements is that a new memory object is created (namely, a floating-point value set to 3.14); after all these statements are executed, there will still be one object, with a reference count of 3. Later, when all three pointers—sp1, sp2, and sp3—go out of scope, the reference count will be reduced to zero and the floating-point object will be destroyed, releasing the memory.

Because sp1, sp2, and sp3 are declared together, they'll go out of scope together. But more complex scenarios are possible, in which pointers have different levels of scope. Let's return briefly to the example employing an ordinary pointer. To avoid a memory leak, it's necessary to use the delete keyword at some point:

int *p = new int(5);
cout << *p;  // Print "5"
. . .
delete p;

If you use a shared pointer instead, release of the memory at the proper time is automatic, so you don't use delete.

Operations on Shared Pointers

Most operations that you can perform on an ordinary pointer, you can also perform on a shared pointer. Most importantly, you can dereference it:

cout << *sp;

You can also test two such pointers for equality. The test returns true if these pointers point to the same object in memory (or if both are null):

shared_ptr<int>  sp1;
shared_ptr<int>  sp2;
. . .
if (sp1 == p2) {
   cout << "sp1 and sp2 point to same thing.";
}

Finally, you can test such a pointer directly; the test returns true if the pointer doesn't contain a null value:

if (sp) {
   cout << "sp is not null";
}

A Super-Simple Example: List Node

The following example shows how you might use old-fashioned memory allocation and deallocation in a class declaration; then I'll show the shared-pointer version. To keep this article from getting too long, I've come up with a super-simple class (in a practical application, you'd write something more sophisticated):

struct LNode {
   int data;
   LNode* next;

   LNode(int n){data = n; next = NULL;}
   void add_to_end(int n) {
      if (next)
         next->add_to_end(n);
      else
         next = new LNode(n);
   }
   ~LNode() { delete next; }
};

This class creates a mind-numbingly simple linked-list structure. It enables you to create a root node and then add nodes to the end of the list. For example:

LNode root(1);
root.add_to_end(2);
root.add_to_end(3);

You can access individual nodes in the list by using the next member repeatedly:

cout << root.next->next->data;  // Print 3.

Notice the inclusion of the destructor function, ~LNode. Before any node is removed from memory, ~LNode deletes the next node in the chain. Because this action is recursive, all the nodes to the right end up being deleted. It's a pleasing effect, much like pushing over the first domino in a chain and watching the rest fall down.

This approach seems safe. You can create a list of any length, and when the root node goes out of scope, the entire list is deleted. Very neat.

But there's a problem. What if, when the root node goes out of scope and is destroyed, some other pointer exists, pointing into the list? In that case, all the nodes are removed, leaving this other pointer with an invalid memory address. Oops.

Use of shared pointers eliminates this problem, because a reference count is kept for each individual node. As long as a node's reference count is 1 or greater, it won't be deleted.

Here's the class declaration using the shared_ptr template. Notice that no destructor function is needed, because the shared_ptr template handles node deletion auto-magically—and correctly! Also note that because the next member is a shared pointer, it's initialized to null by default and doesn't need to be initialized explicitly.

#include <memory>
using std::shared_ptr;

struct LNode {
   int data;
   shared_ptr<LNode> next;

   LNode(int n){data = n;}
   void add_to_end(int n) {
      if (next)
         next->add_to_end(n);
      else
         next.reset(new LNode(n));
   }
};

This version of the class is now relatively bulletproof. The following test case creates a linked list and then assigns a pointer, spl, to point into the list. After the root node goes out of scope, normally all the nodes would be deleted; but because spl points into this list and is still in scope, the node that spl points to isn't deleted. Instead, that target node and all the nodes to its right are preserved.

shared_ptr<LNode> spl;
{
   LNode root(10);
   root.add_to_end(20);
   root.add_to_end(30);
   spl = root.next;
}  // root goes out of scope here.

// But spl is still valid.
cout << "*spl = " << spl->data << endl;

Unique Pointers and Arrays

In addition to providing shared_ptr, C++11 provides the unique_ptr and weak_ptr templates. The unique_ptr template is useful because, unlike shared_ptr, it can point to an array of values. For example:

#include <memory>
using namespace std;

int n = 10;
unique_ptr<int []> uptr(new int[n]);
uptr[9] = 100; // Set last elem to 100

The value of a unique pointer cannot be assigned to any other pointer (not even another smart pointer) through assignment. But you can return a unique-pointer value as a function return value; doing so transfers ownership of the data to the caller of the function.

Notice the (apparently) strange declaration of the pointer. If you're going to use a unique pointer to index into arrays, it's necessary to use brackets inside the template argument:

unique_ptr<int []> uptr;

You also use brackets in combination with new to allocate the array at runtime. For example:

uptr.reset(new int[n]);

Passing unique pointers as function arguments is problematic. If you need to use a unique pointer and share between functions, I recommend making it a global variable.

Weak Pointers and Circular References

C++11 also supports the weak_ptr template. Although this template is a bit obscure, it can be used to solve the problem of circular references. You can assign values between shared pointers and weak pointers, but a weak pointer doesn't affect the reference count. If the only pointers that point to an object are weak, the object is destroyed.

To see how this template can be useful, consider two classes that refer to each other. I've added destructors ~A and ~B as diagnostic aids:

struct A;
struct B;

struct A {
   shared_ptr<B> bptr;
   ~A() {cout << "A is deleted!" << endl;}
};

struct B {
   shared_ptr<A> aptr;
   ~B() {cout << "B is deleted!"<< endl;}
};

Next, consider code that does two things: 1) It creates smart pointers while instantiating objects; and 2) It makes each object contain a pointer to the other. What happens when they go out of scope?

{
   shared_ptr<A> ap(new A);
   shared_ptr<B> bp(new B);
   ap->bptr = bp;
   bp->aptr = ap;
}  // Objects should be destroyed.

Now ap and bp, which point to objects A and B, go out of scope, and that should cause these objects to be destroyed. Instead, neither object is destroyed. (You can verify this fact by running the code.) Two memory leaks result.

It's a classic chicken-and-egg problem. The A object can never be destroyed before the B object, and the B object can never be destroyed before the A object, because each holds a smart-pointer reference to the other. (When ap and bp go out of scope, the reference count for each object goes from 2 to 1, so neither is destroyed.)

What's the solution?

The answer is to make one of the pointers weak. Remember that an object is destroyed if a weak pointer is the only reference to it. To do anything with a weak pointer, however, you should first convert it to a shared pointer by calling the lock() method. The resource can then be safely manipulated if the value returned is not null. For example:

struct B {
   weak_ptr<A> aptr;
   ~B() {cout << "B being is deleted!"<< endl;}
   void do_something() {
      shared_ptr<A> strongp = aptr.lock();
      if (strongp)
         cout << "A object is alive." << endl;
      else
         cout << "A object not alive." << endl;
   }
};

Now, when the pointer ap goes out of scope, the reference count for the A object goes from 1 to 0; there's also a weak pointer pointing to the A object (from within B), but that doesn't count. So this object, *ap, is destroyed. Since the bptr pointer within the A object no longer exists, the reference count for the B object is reduced to zero as well. Both objects—poof!—go away.

Summary

I hope you now have a good idea of how to use smart pointers in C++11 (although I didn't have room to cover some fine points, such as the make_shared function). Smart pointers won't write your code for you, but maybe, if you're lucky, they'll get up and dance.