Accessing memory after destroy
Eugene Wissner via Digitalmars-d
digitalmars-d at puremagic.com
Sat Jul 29 13:53:01 PDT 2017
On Saturday, 29 July 2017 at 20:44:30 UTC, Johan Engelen wrote:
> I'd like to check a bit of info I need for Address Sanitizer
> checking.
>
> The spec says [1]:
> Use the destroy function to finalize an object by calling its
> destructor. The memory of the object is not immediately
> deallocated, instead the GC will collect the memory of the
> object at an undetermined point after finalization:
> ```
> class Foo { int x; this() { x = 1; } }
> Foo foo = new Foo;
> destroy(foo);
> assert(foo.x == int.init); // object is still accessible
> ```
>
> This tells me 2 things that I'd like to verify:
> 1. The destroyed memory is set to the type's `.init` value.
> (but the Ctor is not called)
> 2. It is _valid_ to access the memory after calling destroy.
>
> Point 2 is worrying: what if there is a thread switch right
> after destroy, in which a GC collect happens?
>
> Thanks,
> Johan
>
> [1] https://dlang.org/spec/class.html#deallocators
For 1) look at rt_finalize2 in rt/lifetime.d*. It is the function
called by destroy. It sets the class to its init value:
auto w = (*pc).initializer;
p[0 .. w.length] = w[];
So it will memcpy Foo.initializer into foo.
For 2) I think you're right, it seems to be unsafe to access the
object after destroying.
*
https://github.com/dlang/druntime/blob/3485ff859a29ba44e7949bc49e62d5dd3a2a9ff0/src/rt/lifetime.d#L1402
More information about the Digitalmars-d
mailing list