On Wed, Sep 7, 2011 at 2:34 AM, Pedro Alves <[email protected]> wrote:
> Zeroing out would hide bugs; there's lots of code that does
>
> delete ptr;
> ...
> if (ptr)
> {
> ptr->...
> }
>
> You'd not see the bug that way. Making 'delete v' clobber the pointer
> with 0xdeadbeef or ~0 instead would be better.
Right. In practice, I don't believe I've ever seen this bug in such a
"pure" form though.
What I often see is
ptr = new Foo;
DoSomethingInAnotherThread(ptr);
...
delete ptr; // Oops. Didn't wait for another thread to finish
}
Or
ptr = new Foo;
DoSomethingThatDeletes(ptr);
ptr->x++; // Oops. Use after free
AFAICT, neither of these would be helped by delete stomping on the pointer.
--
Paul Pluzhnikov
