Menu
Search

Forums

Forum Index

October 21, 2014
Gravatar of dlang@thedeemon.comPosted by dlang@thedeemon.comReply
dlang@thedeemon.com
Gravatar of dlang@thedeemon.com


Reply
https://issues.dlang.org/show_bug.cgi?id=13642

          Issue ID: 13642
           Summary: std.container.Array: change of length reallocates
                    without notifying GC
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: Phobos
          Assignee: nobody@puremagic.com
          Reporter: dlang@thedeemon.com

The Array.Payload.length setter calls realloc() when length increases, but doesn't call GC.removeRange and GC.addRange. When data in the array contains pointers to some managed objects, GC may collect those objects and now we have dangling pointers in the array, which later causes Access Violations.

The following program crashes on 2.066:

module main;
import std.stdio, std.container.array, core.memory;

class C { void hi() { writeln("hi"); } }

void main(string[] argv) {
    Array!C arr;
    enum N = 10;
    //arr.reserve(N); // uncomment this and it will work fine
    arr.length = N;
    foreach(ref x; arr) x = new C;  // create N objects
    GC.collect();                   // do a GC
    arr[1].hi();                    // now this object is dead!
}

--