Skip to content

Variant segfault #10697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
thewilsonator merged 2 commits into from
Mar 25, 2025
Merged

Variant segfault #10697

thewilsonator merged 2 commits into from
Mar 25, 2025

Conversation

@Inkrementator
Copy link
Contributor

@Inkrementator Inkrementator commented Mar 19, 2025

Adresses part of #10518, now adding to Variant(Variant[string]) doesn't segfault anymore, but at least throws.

The issue was calling the destructor of unitinialized memory.

How to fix the exception is harder. I think there are 3 places where this could handled, either in get(T), tryPutting inside the handler, or case OpID.indexAssign: . Of these, tryPutting probably is the most "correct", but also seems the hardest to understand to me and will have the biggest fallout in unrelated places if you get it wrong.

Whatever place is eventually chosen, you can't just memcopy the storage, as big types are often implicitly allocated on the heap and stored as a pointer.

@dlang-bot
Copy link
Contributor

dlang-bot commented Mar 19, 2025

Thanks for your pull request and interest in making D better, @Inkrementator! We are looking forward to reviewing it, and you should be hearing from a maintainer soon.
Please verify that your PR follows this checklist:

  • My PR is fully covered with tests (you can see the coverage diff by visiting the details link of the codecov check)
  • My PR is as minimal as possible (smaller, focused PRs are easier to review than big ones)
  • I have provided a detailed rationale explaining my changes
  • New or modified functions have Ddoc comments (with Params: and Returns:)

Please see CONTRIBUTING.md for more information.

If you have addressed all reviews or aren't sure how to proceed, don't hesitate to ping us with a simple comment.

Bugzilla references

Your PR doesn't reference any Bugzilla issue.

If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog.

Testing this PR locally

If you don't have a local development environment setup, you can use Digger to test this PR:

dub run digger -- build "master + phobos#10697"

@Inkrementator Inkrementator mentioned this pull request Mar 19, 2025
Merged
@thewilsonator
Copy link
Contributor

thewilsonator commented Mar 23, 2025

@Inkrementator does this build on #10690 ? Fixes for segfaults should go to stable, but if this requires code that is already in master to work then that is fine to target master.

@thewilsonator thewilsonator merged commit 0edef23 into dlang:master Mar 25, 2025
10 checks passed
@Inkrementator
Copy link
Contributor Author

Inkrementator commented Mar 26, 2025

Sorry, I "ignored" this because I had issues building the stable branch on my machine.

vpanteleev-sym pushed a commit to vpanteleev-sym/phobos that referenced this pull request Jun 5, 2025
@Inkrementator @vpanteleev-sym
Variant segfault (dlang#10697)
a3e9a60 
* Reference correct issue for test

* Variant: Fix Segfault on adding in wrapped AA
Inkrementator added a commit to Inkrementator/phobos that referenced this pull request Jan 8, 2026
@Inkrementator
variant: Support get!Variant
dec2930 
variant.get!Variant used to segfault, but after PR dlang#10697 it only threw
an exception.

The reason for that was that get!Variant called the `handler` with
OpID.get. Handler is a function pointer to a templated function
parametrized on the type currently wrapped by Variant. Because Variant
generally get flattened, so `Variant(Variant(4))` just wraps the value
`4`, instead of `Variant(4)`, the wrapped type (should generally) not
be "Variant", and thus the OpID.get operation will fail.

This couldn't be fixed in the handler, because OpID.get uses
typeinfo for the target type, but VariantN is a template, so afaik we
can't really test it against the infinite set of valid VariantN
instantiations. `get` still gets the target type as a template
parameter, so we can handle the problem there.

Supporting get!Variant incidentally also fixed dlang#10518. Adding variant
inside an associative array of variants failed:
```
Variant variant = Variant([
    "one": Variant(1),
  ]);

  variant["four"] = Variant(4);
```
This was because `opIndexAssign` wrapps the index as well as the value
you want to assign in a Variant again.
```
Variant opIndexAssign(T, N)(T value, N i)
{
    Variant[2] args = [ Variant(value), Variant(i) ];
    fptr(OpID.indexAssign, &store, &args) == 0 || assert(false);
    return args[0];
}
```
The handler of `variant` containing the AA is parametrized with
`Variant[string]`, but opIndexAssign passes a variant of type int
instead of Variant(Variant(int)) due to the aformentioned flattening.

Eventually in the handler, it ends up calling `Variant(i).get!Variant`,
which crashed.

For the github automation:

Fixes dlang#10431
Fixes dlang#10518
@Inkrementator Inkrementator mentioned this pull request Jan 8, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LightBender LightBender LightBender approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Inkrementator @dlang-bot @thewilsonator @LightBender