← Back to index | Original Bugzilla link

Bug 4147 – Failing inner expression leaves ghost-reference to outer expression on GC which is errenously finalized

Status
NEW
Severity
major
Priority
P2
Component
dmd
Product
D
Version
D2
Platform
x86
OS
Windows
Creation time
2010-05-02T11:14:25Z
Last change time
2024-12-13T17:52:10Z
Keywords
wrong-code
Assigned to
No Owner
Creator
Andreas Jung
Moved to GitHub: dmd#18224 →

Attachments

IDFilenameSummaryContent-TypeSize
620ghost_reference.dDemonstration of the bug - define "DEMO_FAILURE" during compilation to see the bug in action.application/octet-stream1588

Comments

Comment #0 by webmaster — 2010-05-02T11:14:25Z
Created attachment 620 Demonstration of the bug - define "DEMO_FAILURE" during compilation to see the bug in action. Using the latest DMD 2.043. Please refer to the attachment for a complete example. In short... Given the following expression: "auto parent = new Parent( new FailingChild() );". "FailingChild::this()" throws an exception and "Parent::this( ... )" never gets called. The problem: The GC tries to finalize "parent", despite it has never been constructed. This - compromised exception safety. - causes hard-to-find bugs in large scale frameworks, since code is executed in objects that the programmer is not even aware of. Without knowing the excact implementation details of the GC, my "guess" on the problem is: A GC-root to "parent" is added, before "FailingChild::this()" is evaluated. My "guess" on the solution: Add the GC-root to "parent" after the inner expression "FailingChild::this()" is evaluated.
Comment #1 by nfxjfg — 2010-05-02T18:47:49Z
Here is a somewhat reduced test case: >>>> class Parent { this( Object c ) { assert(false, "a"); } ~this() { assert( false, "b" ); } } Object foo() { throw new Exception( "Some error" ); } void main() { try { auto parent = new Parent( foo() ); } catch (Exception e) { } } <<<< This fails with assertion b (the dtor), even though the constructor (assertion a) was never called. Disassembly proves that a new object is allocated, before foo() and the ctor of Parent is called. Possible solutions: - allow the runtime to run the dtor/finalizer only if the ctor was called (set a flag immediately before calling the ctor or so) - allocate the object only immediately before calling the ctor I'm not sure if Walter would agree that this is a bug. The dtor gets called even if the ctor fails by throwing an exception. In general, the user has to be very careful with finalizers: using finalizers is full of synchronization issues, trouble caused by not being allowed to access references, and so on. Basically a programmer's trap.
Comment #2 by nfxjfg — 2010-05-02T21:46:06Z
Finalizers called by the GC should be consistent with scope classes and struct ctors/dtors. It seems the dtor/finalizer should only be called when the ctor has been run successfully. It is definitely a bug, and fixing it properly will probably require changes to D runtime and the compiler.
Comment #3 by safety0ff.bugz — 2014-02-07T12:01:29Z
I can confirm this bug is still present with Linux x86_64.
Comment #4 by robert.schadek — 2024-12-13T17:52:10Z
THIS ISSUE HAS BEEN MOVED TO GITHUB https://github.com/dlang/dmd/issues/18224 DO NOT COMMENT HERE ANYMORE, NOBODY WILL SEE IT, THIS ISSUE HAS BEEN MOVED TO GITHUB