ArrayList segfault when appending large value

[nohenry]

Zig Version

0.12.0-dev.3158+1e67f5021

Steps to Reproduce and Observed Behavior

Reproducible example:

const std = @import("std");

pub const Large = struct {
    a: u64 = 0,
    b: u64 = 1,
};

pub fn main() !void {
    var alloc = std.heap.GeneralPurposeAllocator(.{}){};

    var nodes = std.ArrayList(Large).init(alloc.allocator());
    try nodes.ensureTotalCapacityPrecise(5);
    try nodes.appendSlice(&.{ .{}, .{}, .{}, .{}, .{} });

    try nodes.append(nodes.items[2]);
}

Compiling with default optimizations:

$ zig build run

Segmentation fault at address 0x7061d50c7020
/usr/lib/zig/std/array_list.zig:263:13: 0x1036d89 in append (zigtest)
            new_item_ptr.* = item;
            ^
src/main.zig:15:21: 0x1036799 in main (zigtest)
    try nodes.append(nodes.items[2]);
                    ^
/usr/lib/zig/std/start.zig:511:37: 0x10365c5 in posixCallMainAndExit (zigtest)
            const result = root.main() catch |err| {
                                    ^
/usr/lib/zig/std/start.zig:253:5: 0x10360e1 in _start (zigtest)
    asm volatile (switch (native_arch) {
    ^
???:?:?: 0x0 in ??? (???)

Expected Behavior

The value should be copied and appended to the newly allocated memory.

Since nodes.items[2] is passed by reference internally, it points to invalidated memory when the ArrayList resizes. This causes the segfault when copying from the invalidated pointer to the new memory.

[Vexu]

Duplicate of #19011