public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/14885] New: Improper delete/free of local variables undetected
@ 2004-04-08 0:39 ndeb at ece dot cmu dot edu
2004-04-08 0:41 ` [Bug c++/14885] " ndeb at ece dot cmu dot edu
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: ndeb at ece dot cmu dot edu @ 2004-04-08 0:39 UTC (permalink / raw)
To: gcc-bugs
#include <iostream>
using namespace std;
int main()
{
int u=3;
cout << "u = " << u << endl;
delete &u;
return 0;
}
This program compiles (g++ -g file.cpp) ok without any warnings. It seg faults
at runtime. The cause is very clear since the "delete" operation done by the
user is followed by the delete performed by the program itself. This leads to
a double free leading to a seg fault.
Since the program is well-formed, the compiler cannot report a compilation
error, even if it can detect the possibility of undefined behavior. One way
out is to give a warning at compile time.
Note that the same problem is there for the C compiler. Also, this problem has
been reproduced with other g++ versions (2.95.3, 3.2.1) too.
--
Summary: Improper delete/free of local variables undetected
Product: gcc
Version: 3.3.1
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: c++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: ndeb at ece dot cmu dot edu
CC: gcc-bugs at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
@ 2004-04-08 0:41 ` ndeb at ece dot cmu dot edu
2004-04-08 0:48 ` pinskia at gcc dot gnu dot org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: ndeb at ece dot cmu dot edu @ 2004-04-08 0:41 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From ndeb at ece dot cmu dot edu 2004-04-08 00:41 -------
As per suggestion from Giovanni Bajo, I am setting severity to "enhancement".
--
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
2004-04-08 0:41 ` [Bug c++/14885] " ndeb at ece dot cmu dot edu
@ 2004-04-08 0:48 ` pinskia at gcc dot gnu dot org
2004-04-08 18:43 ` bangerth at dealii dot org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2004-04-08 0:48 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2004-04-08 00:48 -------
Confirmed. Even ICC 6.0 does not warn.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Ever Confirmed| |1
Keywords| |diagnostic
Known to fail| |3.5.0
Last reconfirmed|0000-00-00 00:00:00 |2004-04-08 00:48:06
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
2004-04-08 0:41 ` [Bug c++/14885] " ndeb at ece dot cmu dot edu
2004-04-08 0:48 ` pinskia at gcc dot gnu dot org
@ 2004-04-08 18:43 ` bangerth at dealii dot org
2004-04-08 19:55 ` gdr at integrable-solutions dot net
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: bangerth at dealii dot org @ 2004-04-08 18:43 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From bangerth at dealii dot org 2004-04-08 18:43 -------
I personally think that a) this problem is so easily detected at run-time
that it does not merit much compiler hacking, and b) this is simply too
stupid a user error that we have to bother; I'm sure it doesn't happen
very often in practice.
The point being is that we could probably detect the case you present, but
then people want us to also warn for cases like
void f(char *p) {
char c;
char *x;
if (bar())
x = &c;
else
x = p;
delete x;
}
and that's something that will be much harder to detect in all variations.
I propose we close this PR.
W.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
` (2 preceding siblings ...)
2004-04-08 18:43 ` bangerth at dealii dot org
@ 2004-04-08 19:55 ` gdr at integrable-solutions dot net
2004-04-08 20:11 ` ndeb at ece dot cmu dot edu
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: gdr at integrable-solutions dot net @ 2004-04-08 19:55 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From gdr at integrable-solutions dot net 2004-04-08 19:55 -------
Subject: Re: Improper delete/free of local variables undetected
"bangerth at dealii dot org" <gcc-bugzilla@gcc.gnu.org> writes:
| I propose we close this PR.
seconded.
-- Gaby
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
` (3 preceding siblings ...)
2004-04-08 19:55 ` gdr at integrable-solutions dot net
@ 2004-04-08 20:11 ` ndeb at ece dot cmu dot edu
2004-04-09 19:03 ` bangerth at dealii dot org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: ndeb at ece dot cmu dot edu @ 2004-04-08 20:11 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From ndeb at ece dot cmu dot edu 2004-04-08 20:11 -------
(In reply to comment #3)
> I personally think that a) this problem is so easily detected at run-time
> that it does not merit much compiler hacking, and
That was one of the suggestions made by Giovanni Bajo so nothing new here.
> b) this is simply too
> stupid a user error that we have to bother; I'm sure it doesn't happen
> very often in practice.
My idea of a bug report is not to post the most complicated thousand line code
to reproduce a bug that can be reproduced with 5 lines.
> The point being is that we could probably detect the case you present, but
> then people want us to also warn for cases like
>
> void f(char *p) {
> char c;
> char *x;
> if (bar())
> x = &c;
> else
> x = p;
> delete x;
> }
> and that's something that will be much harder to detect in all variations.
Thats exactly why this bug is a real bug.
> I propose we close this PR.
Not sure what "PR" means but whats the logic behind sweeping it under the
carpet ?
>
> W.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
` (4 preceding siblings ...)
2004-04-08 20:11 ` ndeb at ece dot cmu dot edu
@ 2004-04-09 19:03 ` bangerth at dealii dot org
2004-04-10 2:36 ` ndeb at ece dot cmu dot edu
2004-04-11 12:39 ` bangerth at dealii dot org
7 siblings, 0 replies; 9+ messages in thread
From: bangerth at dealii dot org @ 2004-04-09 19:03 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From bangerth at dealii dot org 2004-04-09 19:03 -------
"PR" means "problem report", i.e. "bug report".
I don't mean to sweep it under the rug. My intention was this: we have
serious bugs where we fail to accept valid C++ code, or generate wrong code.
These bugs are way more important. If we have fixed all these, we can still
come around and invent techniques to diagnose user errors that probably
require solving the halting problem to catch all cases.
If this is of critical importance, feel free to pay one of the gcc developers
to implement this. I personally do not assign it significant importance, so
I go with Gaby's opinion to close the PR.
W.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
` (5 preceding siblings ...)
2004-04-09 19:03 ` bangerth at dealii dot org
@ 2004-04-10 2:36 ` ndeb at ece dot cmu dot edu
2004-04-11 12:39 ` bangerth at dealii dot org
7 siblings, 0 replies; 9+ messages in thread
From: ndeb at ece dot cmu dot edu @ 2004-04-10 2:36 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From ndeb at ece dot cmu dot edu 2004-04-09 23:21 -------
(In reply to comment #6)
> "PR" means "problem report", i.e. "bug report".
>
> I don't mean to sweep it under the rug.
You did exactly that by closing the bug as "won't fix". What harm does an open
bug report do ?
> My intention was this: we have
> serious bugs where we fail to accept valid C++ code, or generate wrong code.
> These bugs are way more important.
It may be less important to you but there are others who feel its important
enough to deserve a report. Closing a report because you think its unimportant
is not very helpful.
> If we have fixed all these, we can still
> come around and invent techniques to diagnose user errors that probably
> require solving the halting problem to catch all cases.
>
> If this is of critical importance, feel free to pay one of the gcc
developers
> to implement this. I personally do not assign it significant importance, so
> I go with Gaby's opinion to close the PR.
Nobody demanded that _you_ fix this within 24 hours so why this display of "I
have far more important stuff to do" ? If you do not want to fix it, please
leave it for others to look at. The purpose of the bug report is to make users
aware of the problem.
Perhaps next time, you can mark such bugs as "resolved unimportant" (assuming
bugzilla gives such an option).
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/14885] Improper delete/free of local variables undetected
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
` (6 preceding siblings ...)
2004-04-10 2:36 ` ndeb at ece dot cmu dot edu
@ 2004-04-11 12:39 ` bangerth at dealii dot org
7 siblings, 0 replies; 9+ messages in thread
From: bangerth at dealii dot org @ 2004-04-11 12:39 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From bangerth at dealii dot org 2004-04-11 02:32 -------
Open bug reports bind resources even if they just lie around -- we have
to look at them regularly to figure out which are important for the next
release, whether they have been fixed in the meantime, etc. For bugs
where we are sure that this is what is going to happen for an
undeterminate long time, we close them as "resolved unimportant", which
(since bugzilla does not have this status) is done by closing as
"won't fix".
W.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14885
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2004-04-11 2:32 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-04-08 0:39 [Bug c++/14885] New: Improper delete/free of local variables undetected ndeb at ece dot cmu dot edu
2004-04-08 0:41 ` [Bug c++/14885] " ndeb at ece dot cmu dot edu
2004-04-08 0:48 ` pinskia at gcc dot gnu dot org
2004-04-08 18:43 ` bangerth at dealii dot org
2004-04-08 19:55 ` gdr at integrable-solutions dot net
2004-04-08 20:11 ` ndeb at ece dot cmu dot edu
2004-04-09 19:03 ` bangerth at dealii dot org
2004-04-10 2:36 ` ndeb at ece dot cmu dot edu
2004-04-11 12:39 ` bangerth at dealii dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).