Memory Corruption with AAs

Steven Schveighoffer schveiguy at yahoo.com
Mon Apr 5 04:27:31 PDT 2010


On Sun, 04 Apr 2010 09:28:44 -0400, Michel Fortin  
<michel.fortin at michelf.com> wrote:

> On 2010-04-03 23:21:48 -0400, Andrei Alexandrescu  
> <SeeWebsiteForEmail at erdani.org> said:
>
>> On 04/02/2010 03:53 PM, Walter Bright wrote:
>>> dsimcha wrote:
>>>> I almost never do this with any data structure other
>>>> than an array because, even if it works for now, I consider it a  
>>>> horrible
>>>> violation of encapsulation because you're relying on the details of
>>>> how the data
>>>> structure manipulates memory. This is also why, when I designed RandAA
>>>> I didn't
>>>> see this as an issue until you pointed it out to me.
>>>  Andrei is working on the design of the D collection class library.  
>>> After
>>> much thought and research, he finally came to the conclusion that a
>>> collection class should not allow the address of a member to be taken.  
>>> I
>>> think his reasoning on the issue is pretty sound, and is consistent  
>>> with
>>> your take on it.
>>  I wouldn't call it research, but I agonized a fair amount over it. I  
>> think Phobos containers will all use malloc, realloc, and free for  
>> their own storage, while still being safe.
>
> I think this is a sound decision. And I'm not necessarily talking about  
> using malloc, realloc, and free (even though a container capable of  
> using realloc is certainly a plus), but the one about decoupling the  
> container interface from any particular memory management implementation.
>
> Question: if the container's memory isn't garbage-collected, how do you  
> implement iterators, eh, ranges so that they are still memory-safe?

Another problem is if the elements of the container have references to  
GC-managed data.  This means you have to addroot any memory you allocate  
with malloc.

Non-reference type elements of course can use C's malloc and free.  This  
is how Tango works.

-Steve



More information about the Digitalmars-d mailing list