digitalmars.D.bugs - [Issue 5370] New: Memory corruption in std.outbuffer, attrubute NO_SCAN not cleared
- d-bugmail puremagic.com (106/106) Dec 24 2010 http://d.puremagic.com/issues/show_bug.cgi?id=5370
- d-bugmail puremagic.com (6/6) Dec 24 2010 http://d.puremagic.com/issues/show_bug.cgi?id=5370
http://d.puremagic.com/issues/show_bug.cgi?id=5370 Summary: Memory corruption in std.outbuffer, attrubute NO_SCAN not cleared Product: D Version: D2 Platform: x86 OS/Version: Windows Status: NEW Severity: regression Priority: P2 Component: Phobos AssignedTo: nobody puremagic.com ReportedBy: dmitry.olsh gmail.com 09:01:12 PST --- OutBuffer class in std.outbuffer used to support storing pointers inside. Now underliying array is not scanned for roots, maybe it has something to do with array appending cache. This shows the problem: import std.outbuffer,std.stdio; import core.memory; int*[] f(){ auto outb = new OutBuffer; for(int i=0;i<1024;++i){ int* p = new int; *p = i; outb.write(cast(size_t)p); } return cast(int*[])outb.toBytes(); } void main(){ GC.disable(); auto arr = f(); assert(arr.length == 1024); assert(*arr[42] == 42); //size: 0 bits 0 - indicates that arr.ptr isn't start of block? writefln("Size %d bits %d",GC.sizeOf(arr.ptr),GC.getAttr(arr.ptr)); //GC.collect();//uncomment to get an assertion failure for(int i =0;i<1024;++i){ auto p = new int; *p = 0xdeadbeef; } assert(*arr[42] == 42); //this fails with GC.collect } Looking into outbuffer.d, the likely culprit is: line(84): GC.clrAttr(data.ptr, GC.BlkAttr.NO_SCAN); which isn't working. Patch for std.outbuffer, changes array type to void[] and removes this hack: -37,7 +37,7 class OutBuffer { - ubyte data[]; + void data[]; uint offset; invariant() -52,10 +52,10 } /********************************* - * Convert to array of bytes. + * Convert to array */ - ubyte[] toBytes() { return data[0 .. offset]; } + void[] toBytes() { return data[0 .. offset]; } /*********************************** * Preallocate nbytes more to the size of the internal buffer. -81,7 +81,6 if (data.length < offset + nbytes) { data.length = (offset + nbytes) * 2; - GC.clrAttr(data.ptr, GC.BlkAttr.NO_SCAN); } } -109,7 +108,7 void write(ubyte b) /// ditto { reserve(ubyte.sizeof); - this.data[offset] = b; + *cast(ubyte *)&data[offset] = b; offset += ubyte.sizeof; } -183,7 +182,7 void write(OutBuffer buf) /// ditto { - write(buf.toBytes()); + write(cast(ubyte[])buf.toBytes()); } /**************************************** -193,7 +192,7 void fill0(uint nbytes) { reserve(nbytes); - data[offset .. offset + nbytes] = 0; + *cast(ubyte*)&data[offset .. offset + nbytes] = 0; offset += nbytes; } -331,7 +330,7 for (uint i = offset; i > index; ) { --i; - data[i + nbytes] = data[i]; + *cast(ubyte*)&data[i + nbytes] = *cast(ubyte*)&data[i]; } offset += nbytes; } -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------
Dec 24 2010
http://d.puremagic.com/issues/show_bug.cgi?id=5370 09:03:19 PST --- Forgot to mention, that patch _indeed_ fixes the problem ;) -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------
Dec 24 2010