Is it legal to use placement new on initialised memory?

Question

I am exploring the possibility of implementing true (partially) immutable data structures in C++. As C++ does not seem to distinguish between a variable and the object that variable stores, the only way to truly replace the object (without assignment operation!) is to use placement new:

auto var = Immutable(state0);
// the following is illegal as it requires assignment to
// an immutable object
var = Immutable(state1);
// however, the following would work as it constructs a new object
// in place of the old one
new (&var) Immutable(state1);

Assuming that there is no non-trivial destructor to run, is this legal in C++ or should I expect undefined behaviour? If its standard-dependant, which is the minimal/maximal standard version where I can expect this to work?

Addendum: since it seems people still read this in 2019, a quick note — this pattern is actually legally possible in modern (post 17) C++ using std::launder().

Answer 1

What you wrote is technically legal but almost certainly useless.

Suppose

struct Immutable {
  const int x;
  Immutable(int val):x(val) {}
};

for our really simple immutable type.

auto var = Immutable(0);
::new (&var) Immutable(1);

this is perfectly legal.

And useless, because you cannot use var to refer to the state of the Immutable(1) you stored within it after the placement new. Any such access is undefined behavior.

You can do this:

auto var = Immutable(0);
auto* pvar1 = ::new (&var) Immutable(1);

and access to *pvar1 is legal. You can even do:

auto var = Immutable(0);
auto& var1 = *(::new (&var) Immutable(1));

but under no circumstance may you ever refer to var after you placement new'd over it.

Actual const data in C++ is a promise to the compiler that you'll never, ever change the value. This is in comparison to references to const or pointers to const, which is just a suggestion that you won't modify the data.

Members of structures declared const are "actually const". The compiler will presume they are never modified, and won't bother to prove it.

You creating a new instance in the spot where an old one was in effect violates this assumption.

You are permitted to do this, but you cannot use the old names or pointers to refer to it. C++ lets you shoot yourself in the foot. Go right ahead, we dare you.

This is why this technique is legal, but almost completely useless. A good optimizer with static single assignment already knows that you would stop using var at that point, and creating

auto var1 = Immutable(1);

it could very well reuse the storage.

---

Caling placement new on top of another variable is usually defined behaviour. It is usually a bad idea, and it is fragile.

Doing so ends the lifetime of the old object without calling the destructor. References and pointers to and the name of the old object refer to the new one if some specific assumptions hold (exact same type, no const problems).

Modifying data declared const, or a class containing const fields, results in undefined behaviour at the drop of a pin. This includes ending the lifetime of an automatic storage field declared const and creating a new object at that location. The old names and pointers and references are not safe to use.

[Basic.life 3.8]/8:

If, after the lifetime of an object has ended and before the storage which the object occupied is reused or released, a new object is created at the storage location which the original object occupied, a pointer that pointed to the original object, a reference that referred to the original object, or the name of the original object will automatically refer to the new object and, once the lifetime of the new object has started, can be used to manipulate the new object, if:

• (8.1) the storage for the new object exactly overlays the storage location which the original object occupied, and

• (8.2) the new object is of the same type as the original object (ignoring the top-level cv-qualifiers), and

• (8.3) the type of the original object is not const-qualified, and, if a class type, does not contain any non-static data member whose type is const-qualified or a reference type, and

• (8.4) the original object was a most derived object (1.8) of type T and the new object is a most derived object of type T (that is, they are not base class subobjects).

In short, if your immutability is encoded via const members, using the old name or pointers to the old content is undefined behavior.

You may use the return value of placement new to refer to the new object, and nothing else.

---

Exception possibilities make it extremely difficult to prevent code that exdcutes undefined behaviour or has to summarially exit.

If you want reference semantics, either use a smart pointer to a const object or an optional const object. Both handle object lifetime. The first requires heap allocation but permits move (and possibly shared references), the second permits automatic storage. Both move manual object lifetime management out of business logic. Now, both are nullable, but avoiding that robustly is difficult doing it manually anyhow.

Also consider copy on write pointers that permit logically const data with mutation for efficiency purposes.

Answer 2

From the C++ standard draft N4296:

3.8 Object lifetime
[...]
The lifetime of an object of type T ends when:
(1.3) — if T is a class type with a non-trivial destructor (12.4), the destructor call starts, or
(1.4) — the storage which the object occupies is reused or released.
[...]
4 A program may end the lifetime of any object by reusing the storage which the object occupies or by explicitly calling the destructor for an object of a class type with a non-trivial destructor. For an object of a class type with a non-trivial destructor, the program is not required to call the destructor explicitly before the storage which the object occupies is reused or released; however, if there is no explicit call to the destructor or if a delete-expression (5.3.5) is not used to release the storage, the destructor shall not be implicitly called and any program that depends on the side effects produced by the destructor has undefined behavior.

So yes, you can end the lifetime of an object by reusing its memory, even of one with non-trivial destructor, as long as you don't depend on the side effects of the destructor call.

_{This applies when you have non-const instances of objects like struct ImmutableBounds { const void* start; const void* end; }}

Answer 3

You've actually asked 3 different questions :)

1. The contract of immutability

It's just that - a contract, not a language construct.

In Java for instance, instances of String class are immutable. But that means that all methods of the class have been designed to return new instances of class rather than modifying the instance.

So if you would like to make Java's String into a mutable object, you couldn't, without having access to its source code.

Same applies to classes written in C++, or any other language. You have an option to create a wrapper (or use a Proxy pattern), but that's it.

2. Using placement constructor and allocating into an initialized are off memory.

That's actually what they were created to do in the first place. The most common use case for the placement constructor are memory pools - you preallocate a large memory buffer, and then you allocate your stuff into it.

So yes - it is legal, and nobody won't mind.

3. Overwriting class instance's contents using a placement allocator.

Don't do that.

There's a special construct that handles this type of operation, and it's called a copy constructor.