Naive test for disallowing GC interaction after a finalizer exception
application/octet-stream
721
Comments
Comment #0 by dlang-bugzilla — 2011-02-25T19:02:00Z
Created attachment 922
Very simple patch against D1's gcx.d which throws OutofMemory when allocating during a GC run
D's current garbage collector is completely unprepared to handle an allocation
which is called by a finalizer. Such an allocation puts D's GC into an
inconsistent state, which ultimately leads to memory corruption.
The GC should either forbid allocating in destructors (by throwing an
exception), or properly support it (which may be non-trivial).
If the first solution is chosen, it should be noted that there are instances of
allocations in destructors in Phobos as well (such as std.zlib).
Comment #1 by dlang-bugzilla — 2011-05-13T04:01:57Z
Created attachment 971
Memory corruption test
Comment #2 by dlang-bugzilla — 2011-05-13T04:03:22Z
Created attachment 972
Naive test for disallowing GC interaction after a finalizer exception
Comment #3 by dlang-bugzilla — 2011-05-13T04:10:06Z
Note that this patch will cause all successive allocations by the process to generate an OOME, since gcx.running will be true forever. This may be a good stopgap fix, but ultimately the GC has to support allocations inside a finalizer. The best approach is probably to effectively disable the GC when it's running so an allocating finalizer would simply create a new Pool if no memory was available. It looks like the collect routine still needs to be rewritten with this in mind, however.
Comment #7 by dlang-bugzilla — 2011-06-18T04:39:19Z
(In reply to comment #6)
> Note that this patch will cause all successive allocations by the process to
> generate an OOME, since gcx.running will be true forever.
Yes, this is by design until someone comes up with something better.