Use after free, double free...etc will be more like to be caught in code{ m_ptr = new T; // if all the following take m_ptr by reference inspect_maybe_free(m_ptr); transform_maybe_free(m_ptr); maybe_free(m_ptr); // i can detect if delete was called before. if(m_ptr) delete m_ptr;}With the current implementation, you cannot do this. This is in practice what I would consider an actual trivial UaF, because straight line examples you’ve presented are so easily automatically detected and presented.I don't see how my example is a trivial straight line UaF or double free.Given the current implementation of delete,If you pass the pointer by copy, when you return back to the caller, nothing can tell if the resource was freed inside the callees.If you pass by reference, you have to zero out the pointer manually in the callee scope (error prone).So, for an analyzer, it cannot tell what happens inside the callees unless it traverses all the calling tree, inside each callee...., and that is not trivial!But your suggestion of a compiler flag, would do the job I guess.