www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 22864] New: [REG 2.067] Throwing in array literal leads to


          Issue ID: 22864
           Summary: [REG 2.067] Throwing in array literal leads to
                    destructor being called on unconstructed data
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Keywords: industry, safe, wrong-code
          Severity: regression
          Priority: P1
         Component: dmd
          Assignee: nobody puremagic.com
          Reporter: pro.mathias.lang gmail.com

The following code leads to `abort` being triggered.
This happens because the array literal causes an instance to be allocated,
which is later called by the GC, even though the instance contains garbage data
(printing the member `hash` field will give a non-zero value).

import core.stdc.stdlib;

public S* deserializeFull ()
    version (all)
        return &[ getS() ][0]; // This causes a bug
        auto val = getS();
        return &[ val ][0]; // This works because the previous line throws

S getS () { throw new Exception("socket error"); }

struct S
    ~this ()

    ubyte hash;

void foo ()
        auto v = deserializeFull();
        assert(0, "Exception not thrown?");
    catch (Exception exc)
        assert(exc.msg == "socket error");

void main ()
    import core.memory;
    GC.collect(); // Abort triggered from here

This is an old, but IMO serious, regression, that caused memory corruption in
our ` safe` code because our ` trusted` wrapper was freeing pointers which were

Up to      2.066.0: Success and no output
2.067.1 to 2.071.2: Failure with output: --- killed by signal 6
Since      2.072.2: Failure with output: Error: program killed by signal 6

Marking as `wrong-code` but it's a frontend bug (seen in LDC as well).

Mar 09 2022