Date: Fri, 22 Aug 2025 20:37:58 -0700
Two problems: since the passing pointer thing is only a guideline, that
diminishes the illusion of “safety” that this provides. And hand-waving
away the problem of legacy code.
I guess a third problem: since everything is taken by reference (by the
guideline) then the originating pointer has to have a longer lifetime than
any of its “copies”.
On Fri, Aug 22, 2025 at 8:04 PM organicoman via Std-Proposals <
std-proposals_at_[hidden]> wrote:
> Hello,
> One of the recurring bugs in c++ is use after free.
> I'm wondering, why the delete operator doesn't take the pointer parameter
> by reference and nullify it?
> So instead of
> void operator delete(void* p);
> It becomes
> void operator delete(void* &p);
> And it assigns the value nullptr to p after freeing its corresponding
> memory.
> Look at this example:
> ---------
> {
> int* p = new int(42);
> int* const& to_p = p; // as a guideline
> delete p; // if taken by reference an nullified
> *p; // this will be a guaranteed runtime error
> *to_p; // and all previous copies obey too
> }
> ---------
> On top of that, basically we need just to add a guideline that mandate:
> -All duplication of a pointer should be by reference if modifying, or
> const reference if not.
> So it is guaranteed that if you free the memory using any of the
> references, all copies will be nullptr.
>
> So, is there any constraints to prevents this other than breaking old code?
>
> Regards
>
>
>
> Sent from my Galaxy
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
>
diminishes the illusion of “safety” that this provides. And hand-waving
away the problem of legacy code.
I guess a third problem: since everything is taken by reference (by the
guideline) then the originating pointer has to have a longer lifetime than
any of its “copies”.
On Fri, Aug 22, 2025 at 8:04 PM organicoman via Std-Proposals <
std-proposals_at_[hidden]> wrote:
> Hello,
> One of the recurring bugs in c++ is use after free.
> I'm wondering, why the delete operator doesn't take the pointer parameter
> by reference and nullify it?
> So instead of
> void operator delete(void* p);
> It becomes
> void operator delete(void* &p);
> And it assigns the value nullptr to p after freeing its corresponding
> memory.
> Look at this example:
> ---------
> {
> int* p = new int(42);
> int* const& to_p = p; // as a guideline
> delete p; // if taken by reference an nullified
> *p; // this will be a guaranteed runtime error
> *to_p; // and all previous copies obey too
> }
> ---------
> On top of that, basically we need just to add a guideline that mandate:
> -All duplication of a pointer should be by reference if modifying, or
> const reference if not.
> So it is guaranteed that if you free the memory using any of the
> references, all copies will be nullptr.
>
> So, is there any constraints to prevents this other than breaking old code?
>
> Regards
>
>
>
> Sent from my Galaxy
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
>
Received on 2025-08-23 03:38:10