www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 13642] New: std.container.Array: change of length reallocates

https://issues.dlang.org/show_bug.cgi?id=13642

          Issue ID: 13642
           Summary: std.container.Array: change of length reallocates
                    without notifying GC
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: Phobos
          Assignee: nobody puremagic.com
          Reporter: dlang thedeemon.com

The Array.Payload.length setter calls realloc() when length increases, but
doesn't call GC.removeRange and GC.addRange. When data in the array contains
pointers to some managed objects, GC may collect those objects and now we have
dangling pointers in the array, which later causes Access Violations.

The following program crashes on 2.066:

module main;
import std.stdio, std.container.array, core.memory;

class C { void hi() { writeln("hi"); } }

void main(string[] argv) {
    Array!C arr;
    enum N = 10;
    //arr.reserve(N); // uncomment this and it will work fine
    arr.length = N;
    foreach(ref x; arr) x = new C;  // create N objects
    GC.collect();                   // do a GC
    arr[1].hi();                    // now this object is dead!
}

--
Oct 20 2014