https://issues.dlang.org/show_bug.cgi?id=20862
kinke <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from kinke <[email protected]> --- (In reply to moonlightsentinel from comment #0) > The following code causes a segfault in the GC (tested on 2.092.0): > > =================================================== > void main() > { > import core.memory; > > string[] arr; > > foreach (_; 0 .. 3) // first two iterations pass > { > immutable len = arr.length; > > auto bi = GC.qalloc(string.sizeof); > arr = (cast(string*) bi.base)[0 .. len]; > > arr = arr.ptr[0 .. len + 1]; > arr[] = []; > } > } Isn't that code clearly writing out of bounds? It's allocating a single slice for each iteration, but writing 1, 2, 3 empty slices into it, and probably overwrites GC-internal data. --
