From: Andreas Wallner on
> What I am looking for is chapter in verse in the std that says this is
> wrong, along with something that clearly explains why this error can
> cause heap corruption.

The clearest think I can think of is 5.3.4/8 [expr.new]:
If the allocated type is an array type, the allocation function�s name
is operator new[] and the deallocation function�s name is operator
delete[].

or some points from 5.3.5 that mention that delete is for non-array
objects and delete[] is for array objects.

I don't think there is a warning for wrong usage of delete/delete[] in
the standard, since it does not specify how memory management has to
be done, therefore it can not predict possible errors.

Btw...weired colleague...


--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]

From: Nick Hounsome on
On 1 Mar, 04:50, Andrew <marlow.and...(a)googlemail.com> wrote:
> I am familiar with the need to match new[] to delete[]. It is a
> programming error to say new[] then say delet without the square
> brackets. In some environments this can lead to heap corruption, as
> Meyers warns in item 5 of Effective C++.
>
> What I am looking for is chapter in verse in the std that says this is
> wrong, along with something that clearly explains why this error can
> cause heap corruption. This is not for me - I already know not to do
> it. But there is a colleague that needs convincing. I have to use his
> code in the library of his that I need. It is trashing the heap and I
> know the code does new[] but delete without the brackets. He wont
> change the offending code without proof that its current form can
> cause heap corruption.
>
> I did try telling him that common heap mgmt code will coalesce
> adjacent free blocks when doing a delete and that such a mismatch can
> cause this to go wrong but he wont take my word for it. I dont think
> he will take Meyers word for it either.

Sometimes physical vilolence can be justified :-)

new[] will typically store the number of elements on the heap before
the returned array so that delete[] can call the right number of
dtors.

new doesn't need to do so.

So

X* xp = new X[10];
delete xp;

will (if it works at all - which is unlikely) only call X::~X() once
to delete xp[0].

Obviously an implementation COULD do the right thing in all cases but
it isn't REQUIRED to do so by the standard because it is more speed
and memory efficient not too.

In the early days of C++ you even had to specify the array size at the
point of destruction (delete[10] xp) but this was found to be too
error prone and didn't have any efficiency benefits since the number
of elements must always be stored somewhere.



--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]

From: Ric Parkin on
On 1 Mar, 04:50, Andrew <marlow.and...(a)googlemail.com> wrote:
> I am familiar with the need to match new[] to delete[]. It is a
> programming error to say new[] then say delet without the square
> brackets. In some environments this can lead to heap corruption, as
> Meyers warns in item 5 of Effective C++.
>
> What I am looking for is chapter in verse in the std that says this is
> wrong, along with something that clearly explains why this error can
> cause heap corruption.

5.3.5/2

"In the first alternative (delete object) the value of the operand of
delete shall be a pointer to a non-array object ... If not the
behaviour is undefined"

It will not explain why, as the standard is silent on the effects of
UB. The usual reason is that memory managers usualy have some sort of
book-keeping information stored just before the object, and the array
version has a different amount than the non-array version - often the
number of objects in the array so it knows how many destructors to
invoke. If it misinterprets that infomation, it could start following
invalid pointers and muck up the free/allocated block lists.

Ric





--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]

From: Juan Pedro Bolivar Puente on
>
> I did try telling him that common heap mgmt code will coalesce
> adjacent free blocks when doing a delete and that such a mismatch can
> cause this to go wrong but he wont take my word for it. I dont think
> he will take Meyers word for it either.
>

The main difference is that the heap manager should store extra
information in the [] case to account the fact that the pointer points
to several objects. This is needed, because 'delete' should call the
destructor of every of them. If you call delete on a new[]-allocated
pointer it can happen that only the first object of the array is
properly destructed --leaving dangling resources-- or even worse random
effects depending on the implementation of the heap manager. Of course
the C++ designers could have chosen to avoid the difference, but them
you would be paying an extra word for every allocation even if you don't
need it, which goes against �you pay just for what you use� C++'s
philosophy,

Sorry I can't point to a std chapter, but this explanation should be
convincing enough; they key point is that new/delete are not just syntax
sugar for malloc/free, they also call constructors/destructors.

JP


--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]

From: Francis Glassborow on
Andrew wrote:
> I am familiar with the need to match new[] to delete[]. It is a
> programming error to say new[] then say delet without the square
> brackets. In some environments this can lead to heap corruption, as
> Meyers warns in item 5 of Effective C++.
>
> What I am looking for is chapter in verse in the std that says this is
> wrong, along with something that clearly explains why this error can
> cause heap corruption. This is not for me - I already know not to do
> it. But there is a colleague that needs convincing. I have to use his
> code in the library of his that I need. It is trashing the heap and I
> know the code does new[] but delete without the brackets. He wont
> change the offending code without proof that its current form can
> cause heap corruption.
>
> I did try telling him that common heap mgmt code will coalesce
> adjacent free blocks when doing a delete and that such a mismatch can
> cause this to go wrong but he wont take my word for it. I dont think
> he will take Meyers word for it either.


My fgirst reaction is that he is too stupid to be allowed to program :)
What more evidince does he want that what he is doing is wrong in
addition to his code trashing the stack.

However tell him to study section 18.4.1 in its entirety drom which you
can deduce that the delete expression calls operator delete which must
be passed a pointer to storage allocated with operator delete and that
the delete[] expressions calls operator delete[] which must be passed a
pointer allocated with operator new[]. There is no room fgor alternatives.


--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]

First  |  Prev  | 
Pages: 1 2
Prev: Converting new [] to vectors
Next: Operator chaining