Date: Fri, 22 Aug 2025 23:41:44 -0400
On Fri, Aug 22, 2025 at 11:04 PM organicoman via Std-Proposals
<std-proposals_at_[hidden]> wrote:
>
> Hello,
> One of the recurring bugs in c++ is use after free.
> I'm wondering, why the delete operator doesn't take the pointer parameter by reference and nullify it?
> So instead of
> void operator delete(void* p);
> It becomes
> void operator delete(void* &p);
> And it assigns the value nullptr to p after freeing its corresponding memory.
> Look at this example:
> ---------
> {
> int* p = new int(42);
> int* const& to_p = p; // as a guideline
> delete p; // if taken by reference an nullified
> *p; // this will be a guaranteed runtime error
> *to_p; // and all previous copies obey too
> }
> ---------
Does the standard mandate that dereferencing the null pointer is a
"guaranteed runtime error"? Because, last time I checked, it was
undefined behavior that's no different from dereferencing a pointer to
an object past its lifetime.
So from the perspective of the standard, this would do absolutely
nothing different.
> On top of that, basically we need just to add a guideline that mandate:
> -All duplication of a pointer should be by reference if modifying, or const reference if not.
If it's a reference, then it's not a duplicate (aka, a copy). So this
rule is contradictory.
> So it is guaranteed that if you free the memory using any of the references, all copies will be nullptr.
>
> So, is there any constraints to prevents this other than breaking old code?
>
> Regards
>
>
>
> Sent from my Galaxy
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
<std-proposals_at_[hidden]> wrote:
>
> Hello,
> One of the recurring bugs in c++ is use after free.
> I'm wondering, why the delete operator doesn't take the pointer parameter by reference and nullify it?
> So instead of
> void operator delete(void* p);
> It becomes
> void operator delete(void* &p);
> And it assigns the value nullptr to p after freeing its corresponding memory.
> Look at this example:
> ---------
> {
> int* p = new int(42);
> int* const& to_p = p; // as a guideline
> delete p; // if taken by reference an nullified
> *p; // this will be a guaranteed runtime error
> *to_p; // and all previous copies obey too
> }
> ---------
Does the standard mandate that dereferencing the null pointer is a
"guaranteed runtime error"? Because, last time I checked, it was
undefined behavior that's no different from dereferencing a pointer to
an object past its lifetime.
So from the perspective of the standard, this would do absolutely
nothing different.
> On top of that, basically we need just to add a guideline that mandate:
> -All duplication of a pointer should be by reference if modifying, or const reference if not.
If it's a reference, then it's not a duplicate (aka, a copy). So this
rule is contradictory.
> So it is guaranteed that if you free the memory using any of the references, all copies will be nullptr.
>
> So, is there any constraints to prevents this other than breaking old code?
>
> Regards
>
>
>
> Sent from my Galaxy
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
Received on 2025-08-23 03:41:58