直接看反汇编,手动翻译一下
NEW
31: Person* p = new Person();
0040105D push 4
0040105F call operator new (004012b0)
00401064 add esp,4
00401067 mov dword ptr [ebp-18h],eax
0040106A mov dword ptr [ebp-4],0
00401071 cmp dword ptr [ebp-18h],0
00401075 je main+54h (00401084)
00401077 mov ecx,dword ptr [ebp-18h]
0040107A call @ILT+15(Person::Person) (00401014)
0040107F mov dword ptr [ebp-24h],eax
00401082 jmp main+5Bh (0040108b)
00401084 mov dword ptr [ebp-24h],0
0040108B mov eax,dword ptr [ebp-24h]
0040108E mov dword ptr [ebp-14h],eax
00401091 mov dword ptr [ebp-4],0FFFFFFFFh
00401098 mov ecx,dword ptr [ebp-14h]
0040109B mov dword ptr [ebp-10h],ecx
翻译后
[ebp -0x18] = new(sizeof(Person));
[ebp-0x4] = 0;
if(0 != [ebp -0x18])
{
ecx = [ebp-0x18]
Person::Person(); //传入结构体首地址(this),返回值也是this指针(结构体首地址)
[ebp-0x24] = 结构体首地址;
}else
{
[ebp-0x24] = 0;
}
[ebp-0x14] = [ebp-0x24]; //new成功则为结构体首地址,不然为0
[ebp-0x4] = 0xFFFFFFFF; //未知
[ebp-0x10] = [ebp-0x14]; //new成功则为结构体首地址,不然为0
//ebp-10 是 p
逻辑分析:
申请内存成功则调用构造函数
不然置0
再跟到new函数里 调用了_nh_malloc_dbg 该函数逻辑为:内存锁(_mlock(_HEAP_LOCK);) 申请内存(_heap_alloc_dbg) 解开锁(_munlock(_HEAP_LOCK);)
malloc 也调用了_nh_malloc_dbg
总结:new比malloc多做了一个判断,申请内存成功则调用构造函数
DELETE
004010B4 mov eax,dword ptr [ebp-14h]
004010B7 mov dword ptr [ebp-24h],eax
004010BA mov ecx,dword ptr [ebp-24h]
004010BD mov dword ptr [ebp-20h],ecx
004010C0 cmp dword ptr [ebp-20h],0
004010C4 je main+0A5h (004010d5)
004010C6 push 1
004010C8 mov ecx,dword ptr [ebp-20h]
004010CB call @ILT+10(Person::`scalar deleting destructor') (0040100f)
004010D0 mov dword ptr [ebp-2Ch],eax
004010D3 jmp main+0ACh (004010dc)
004010D5 mov dword ptr [ebp-2Ch],0
Person::`scalar deleting destructor':
00401160 push ebp
00401161 mov ebp,esp
00401163 sub esp,44h
00401166 push ebx
00401167 push esi
00401168 push edi
00401169 push ecx
0040116A lea edi,[ebp-44h]
0040116D mov ecx,11h
00401172 mov eax,0CCCCCCCCh
00401177 rep stos dword ptr [edi]
00401179 pop ecx
0040117A mov dword ptr [ebp-4],ecx
0040117D mov ecx,dword ptr [ebp-4]
00401180 call @ILT+0(Person::~Person) (00401005)
00401185 mov eax,dword ptr [ebp+8]
00401188 and eax,1
0040118B test eax,eax
0040118D je Person::`scalar deleting destructor'+3Bh (0040119b)
0040118F mov ecx,dword ptr [ebp-4]
00401192 push ecx
00401193 call operator delete (00401220)
00401198 add esp,4
0040119B mov eax,dword ptr [ebp-4]
0040119E pop edi
0040119F pop esi
004011A0 pop ebx
004011A1 add esp,44h
004011A4 cmp ebp,esp
004011A6 call __chkesp (004016b0)
004011AB mov esp,ebp
004011AD pop ebp
004011AE ret 4
if(p != NULL)
{
eax = Person::`scalar deleting destructor(1);
}else
{
[ebp-2Ch] = 0;
}
Person::`scalar deleting destructor'
Person::`scalar(int i)
{
Person::~Person();
if( i&0x1 != 0)
{
delete(&Person); //未分析,其中有_free_dbg
}
}
free
free(p)
{
_free_dbg(pUserData, _NORMAL_BLOCK);
}
所以delete比free多做了析构函数 再加一段判断函数(未分析作用,猜测是安全释放)