Can initialization `int * p = malloc(1000);` also be dealt in RAII style?

Question

What I understand from RAII is whenever you need to allocate memory manually with new etc. you need to free it too. So, instead of freeing it manually, you should create classes with constructor and destructor to do the job.

So, what are the following people talking about?

From: The meaning of the term - Resource Acquisition Is Initialization

The problem is that int * p = malloc(1000); is also initialization of an (integer) object, but it's not the kind of initialization we mean in the context of RAII. ...

@Fred: Indeed. int* is not a RAII type because it doesn't do cleanup. So it's not what RAII means, even though it is what RAII literally says.

Well, I know malloc is used in C, and new is used in C++.

Answer 1

Using malloc per se is not RAII because the resources are not freed when the variable goes out of scope, causing leaks of memory. You can make it RAII if you wrap this inside a class and free the resources in the destructor, because local class instances do die when they go out of scope. However, it should be noted what is being discussed here: the int * type is not RAII, and if you enclose it in a RAII type it still isn't. The wrapper doesn't make it RAII, so the RAII type here is the wrapper, not the pointer itself.

As requested in the comments: RAII stands for Resource Acquisition Is Initialisation and it's a design paradigm that combines the allocation of resources with the initialisation and destruction of objects. You don't seem far from understanding it: when an object is instantiated it allocates all the necessary resources (memory, file descriptors, streams, and so on) and frees them when it goes out of scope or the object is otherwise destructed. This is a common paradigm in C++ because C++ classes are RAII (that is, they die when they go out of scope) and as such it's easy to guarantee proper cleanup. The obvious upside being that you don't need to worry about manual cleanup and tracking variable lifetime.

On a related note, notice that this refers to stack allocation, not heap. What this means is that whatever the means you use for allocation (new/malloc vs delete/free) it still isn't RAII; memory that is allocated dynamically does not get magically freed, that's a given. When a variable is allocated on the stack (local variables) they are destroyed when the scope dies.

Example:

class MyObject
{
public:

   MyObject()
   {
      // At this point resources are allocated (memory, files, and so on)
      // In this case a simple allocation.
      // malloc would have been just as fine
      this->_ptr = new int;
   }

   ~MyObject()
   {
      // When the object is destructed all resources are freed
      delete this->_ptr;
   }

private:

   int * _ptr;
};

The previous sample code implements a RAII wrapper over a native pointer. Here's how to use it:

void f()
{
   MyObject obj;

   // Do stuff with obj, not including cleanup
}

In the previous example the int pointer is allocated when the variable is instantiated (at declaration time) and freed when the f call terminates, causing the variable to go out of scope and calling its destructor.

Note: As mentioned in the comments by Jarod42 the given example does not conform to the rule of 3 or the rule of 5, which are common thumb rules in C++. I would rather not add complexity to the given example, and as such I'll complete it here. These rules indicate that, if a method from a given set is implemented, then all methods of the set should be implemented, and those methods are the copy and move constructors, the assignment and move operators, and the destructor. Notice at first that this is a general rule, which means that is not mandatory. For instance, immutable objects should not implement assignment and move operators at all. In this case, if the object is to implement these operators it would probably imply reference counting, as multiple copies of the resource exist the destructor must not free the resources until all copies are destroyed. I believe that such an implementation would fall out of scope and as such I'm leaving it out.

Answer 2

By example

NOT RAII:

void foo()
{
    int* p = malloc(sizeof(int) * N);
    // do stuff
    free(p);
}

also NOT RAII:

void foo()
{
    int* p = new int[N];
    // do stuff
    delete[] p;
}

RAII:

struct MyResourceManager
{
    int* p;
    MyResourceManager(size_t n) : p(malloc(sizeof(int) * n)) { }
    ~MyResourceManager() { free(p); }
};

void foo()
{
    MyResourceManager resource(N);
    // doing stuff with resource.p
}

Also RAII (better):

struct MyResourceManager
{
    int* p;
    MyResourceManager(size_t n) : p(new int[n]) { }
    ~MyResourceManager() { delete[] p; }
};

void foo()
{
    MyResourceManager resource(N);
    // doing stuff with resource.p
}

Also RAII (best for this use case):

void foo()
{
    std::unique_ptr<int[]> p(new int[N]);
    // doing stuff with p
}

Answer 3

RAII is not use of operator new nor is it use of malloc().

It essentially means that, in the process of initialising an object, all resources that object needs to function are allocated. The counterpart requirement is that, in the process of destroying the object, that the resources it has allocated are released.

The concept applies to memory (most commonly), but also to any other resource that needs to be managed - file handles (opened in initialisation, closed when done), mutexes (grabbed in initialisation, released when done), communication ports, etc etc.

In C++, RAII is typically implemented by performing initialisation in constructors of an object, and the release of resources is done in the destructor. There are wrinkles such as other member functions possibly reallocating (e.g. resizing a dynamically allocated array) - in those cases, the member functions must ensure they do things in a way to ensure all resources allocated are appropriately released when the destructor is done. If there are multiple constructors, they need to do things consistently. You'll see this described as something like the constructor setting a class invariant (i.e. that resources are allocated correctly), member functions maintaining that invariant, and the destructor being able to clean up because the invariant is maintained.

The advantage of RAII - if done right - is that non-static variable lifetime is managed by the compiler (when an object goes out of scope, its destructor is invoked). So, the resources will be cleaned up correctly.

However, the requirement is always that the destructor does the cleanup (or that data members of the class have their own destructors that do the required cleanup). If constructor initialises an int * using malloc(), then it is not enough to assume the destructor will clean up - the destructor must pass that pointer to free(). If you don't do that, the C++ compiler will not magically find some way to release the memory for you (the pointer will no longer exist when the destructor is done, but the allocated memory it pointed to will not be released - so the result is a memory leak). C++ does not inherently use garbage collection (which is a trap for people used to garbage collected languages assuming that garbage collection will occur).

And it is undefined behaviour to use malloc() to allocate memory, and operator delete in any form to release it.

It is generally preferable to not use malloc() and free() in C++, because they do not work well with object construction and destruction (invoking constructors and destructors). Use operator new instead (and for whatever form of operator new you use, use the corresponding operator delete). Or, better yet, use standard C++ containers (std::vector, etc) as much as possible to avoid the need to worry about manually releasing memory you allocate.

Answer 4

Destruction of int* doesn't release the resources. It isn't safe to just let it go out of scope, so it isn't RAII.

The int * could be be a member of a class that deletes the int* in its destructor, which is essentially what unique_ptr of an int does. You make things like this RAII by wrapping them in code that encapsulates the deletion.

Answer 5

Yes, you can deal with int * p = malloc(1000); using the RAII paradigm. Smart pointers and std::vector use a very similar technique though they don't probably use malloc and prefer to use new instead.

Here's a very simplistic look at what one can do with malloc. MyPointer is far from being useful in a real application. Its only purpose is to demonstrate the principle of RAII.

class MyPointer
{
   public:
      MyPointer(size_t s) : p(malloc(s)) {}
      ~MyPionter() { free(p); }

      int& operator[](size_t index) { return p[index]; }

   private:

      int* p;
};

int main()
{
   // By initializing ptr you are acquiring resources.
   // When ptr gets destructed, the resource is released.
   MyPointer ptr(1000);

   ptr[0] = 10;
   std::cout << ptr[0] << std::endl;
}

The core idea behind RAII is:

1. Treat resource acquisition as though you are initializing an object.
2. Make sure the acquired resource(s) is(are) released when the object is destructed.

You can read more on RAII at Wikepedia.

Answer 6

The discussion is about code that literally does initialization upon resource acquisition, but doesn't follow the RAII design.

In the shown example with malloc, 1000 bytes of memory are allocated (resource allocation) and a variable p (pointer to int) is initialized with the result (initialization). However, this is obviously not an example of RAII, because the object (of type int *) doesn't take care of the acquired resource in its destructor.

So no, malloc itself can not be RAII in some situations, it is an example of non-RAII code that nevertheless does "Initialization on Resource Acquisition" which might be confusing for new c++ programmers on first glance.

Answer 7

In C++, unique_ptr represents a pointer that "owns" the thing it points to. You can supply the release function as second argument:

std::unique_ptr<int[], std::function<void(void*)>> 
    p( (int *)malloc(1000 * sizeof(int)), std::free );

Of course, there's not much reason to do this instead of just using new (when the default deleter delete will do the right thing).

Answer 8

So, what are the following people talking about?

What is RAII?

RAII in a nutshell is a very simple idea. It is the idea that no object may exist at all unless it is fully initialised.

Why is that good?

We now have a concrete guarantee that a 'half built' object cannot be accidentally used - because at no point in the logical flow of the program can it possibly exist.

How do we achieve it?

a) always manage resources (memory, files, mutex locks, database connections) in a class of their own which is specifically tailored to only managing that resource.

b) build complex logic out of collections of objects covered by [a]

c) Always throw if anything in the constructor fails (to guarantee that a failed object cannot exist)

d) if we are managing more than one resource in a class, we ensure that a failed construction cleans up the parts that have already been constructed (NOTE: this is hard [sometimes impossible], and why at this point you should be referred back to [a])

Sounds hard?

Initialising your objects completely in the initialiser list, while wrapping all external resources in a manager class (e.g. files, memory) achieves perfect RAII effortlessly.

What's the advantage?

Your program may now contain only logic which makes it easier to reason about and to read. The compiler will take care of all resource management perfectly.

Effortless Compound Resource Management

An example of RAII that's hard without manager classes and easy with them?

struct double_buffer
{
    double_buffer()
    : buffer1(std::nullptr)    // NOTE: redundant zero construction
    , buffer2(std::nullptr)
    {
      buffer1 = new char[100];   // new can throw!
      try {
        buffer2 = new char[100];   // if this throws we have to clean up buffer1
      }
      catch(...) {
        delete buffer1;         // clean up buffer1
        throw;                  // rethrow because failed construction must throw!
      }
    }

    // IMPORTANT! 
    // you MUST write or delete copy constructors, move constructor,
    // plus also maybe move-assignment or move-constructor
    // and you MUST write a destructor!


    char* buffer1;
    char* buffer2;
};

now the RAII version:

struct double_buffer
{
    double_buffer()
    : buffer1(new char[100])   // memory immediately transferred to manager
    , buffer2(new char[100])   // if this throws, compiler will handle the
                               // correct cleanup of buffer1
    {
      // nothing to do here
    }

    // no need to write copy constructors, move constructor,
    // move-assignment or move-constructor
    // no need to write destructor

    std::unique_ptr<char[]> buffer1;
    std::unique_ptr<char[]> buffer2;
};

How does it improve my code?

some safe code that uses RAII:

auto t = merge(Something(), SomethingElse());   // pretty clear eh?
t.performAction();

the same code that does not use RAII:

  TargetType t;         // at this point uninitialised.
  Something a;
  if(a.construct()) {
    SomethingElse b;
    if (b.construct()) {
      bool ok = merge_onto(t, a, b);   // t maybe initialised here
      b.destruct();
      a.destruct();
      if (!ok) 
        throw std::runtime_error("merge failed");
    }
    else {
      a.destruct();
      throw std::runtime_error("failed to create b");
    }
  }
  else {
    throw std::runtime_error("failed to create a");
  }

  // ... finally, we may now use t because we can (just about) prove that it's valid
  t.performAction(); 

The difference

The RAII code is written solely in terms of logic.

The non-RAII code is 40% error handling and 40% lifetime management and only 20% logic. Furthermore, the logic is hidden in amongst all the other garbage, making even these 11 lines of code very hard to reason about.