Memory Corruption with AAs
Steven Schveighoffer
schveiguy at yahoo.com
Mon Apr 5 04:27:31 PDT 2010
On Sun, 04 Apr 2010 09:28:44 -0400, Michel Fortin
<michel.fortin at michelf.com> wrote:
> On 2010-04-03 23:21:48 -0400, Andrei Alexandrescu
> <SeeWebsiteForEmail at erdani.org> said:
>
>> On 04/02/2010 03:53 PM, Walter Bright wrote:
>>> dsimcha wrote:
>>>> I almost never do this with any data structure other
>>>> than an array because, even if it works for now, I consider it a
>>>> horrible
>>>> violation of encapsulation because you're relying on the details of
>>>> how the data
>>>> structure manipulates memory. This is also why, when I designed RandAA
>>>> I didn't
>>>> see this as an issue until you pointed it out to me.
>>> Andrei is working on the design of the D collection class library.
>>> After
>>> much thought and research, he finally came to the conclusion that a
>>> collection class should not allow the address of a member to be taken.
>>> I
>>> think his reasoning on the issue is pretty sound, and is consistent
>>> with
>>> your take on it.
>> I wouldn't call it research, but I agonized a fair amount over it. I
>> think Phobos containers will all use malloc, realloc, and free for
>> their own storage, while still being safe.
>
> I think this is a sound decision. And I'm not necessarily talking about
> using malloc, realloc, and free (even though a container capable of
> using realloc is certainly a plus), but the one about decoupling the
> container interface from any particular memory management implementation.
>
> Question: if the container's memory isn't garbage-collected, how do you
> implement iterators, eh, ranges so that they are still memory-safe?
Another problem is if the elements of the container have references to
GC-managed data. This means you have to addroot any memory you allocate
with malloc.
Non-reference type elements of course can use C's malloc and free. This
is how Tango works.
-Steve
More information about the Digitalmars-d
mailing list