[Bugfix] UIGridPoint::parent_grid is a dangling raw pointer #271

New issue

Closed

opened 2026-03-07 23:22:48 +00:00 by john · 2 comments

john commented 2026-03-07 23:22:48 +00:00

Owner

Copy link

Summary

UIGridPoint stores its parent grid as a raw UIGrid* pointer (UIGridPoint.h:44). This pointer is used for TCOD map synchronization when walkable or transparent properties are set. While the PyUIGridPointObject struct holds a shared_ptr<UIGrid> to keep the grid alive, the UIGridPoint itself stores a raw pointer that isn't covered by the same safety.

Root Cause

UIGridPoint.h:44:

class UIGridPoint {
    ...
    UIGrid* parent_grid;         // Parent grid reference for TCOD sync
    ...
};

Used in UIGridPoint.cpp:86-87:

if (self->data->parent_grid && self->data->grid_x >= 0 && self->data->grid_y >= 0) {
    self->data->parent_grid->syncTCODMapCell(self->data->grid_x, self->data->grid_y);
}

The PyUIGridPointObject wrapper (UIGridPoint.h:23-27) stores:

typedef struct {
    PyObject_HEAD
    UIGridPoint* data;
    std::shared_ptr<UIGrid> grid;    // Keeps grid alive — good!
} PyUIGridPointObject;

The shared_ptr<UIGrid> grid on the Python wrapper keeps the grid alive while the GridPoint object exists, which prevents the immediate dangling issue. However, the UIGridPoint struct itself doesn't know about the shared_ptr, and parent_grid is set during grid construction (UIGrid.cpp:115, 128) as a raw pointer.

Risk Assessment

Currently mitigated by the shared_ptr<UIGrid> on PyUIGridPointObject. The grid can't be destroyed while a Python GridPoint object references it.

Fragile because:

1. The safety depends on always wrapping UIGridPoint access in a PyUIGridPointObject with the shared_ptr set correctly
2. Any C++ code accessing UIGridPoint directly (without the Python wrapper) has no such protection
3. If someone creates a GridPoint wrapper without setting the shared_ptr, the raw pointer dangles

Fix

Consider making UIGridPoint::parent_grid a std::weak_ptr<UIGrid> or documenting the invariant that PyUIGridPointObject::grid must always be set correctly.

Severity

Low — currently protected by the Python wrapper's shared_ptr, but the pattern is fragile and error-prone for future development.

## Summary `UIGridPoint` stores its parent grid as a raw `UIGrid*` pointer (`UIGridPoint.h:44`). This pointer is used for TCOD map synchronization when `walkable` or `transparent` properties are set. While the `PyUIGridPointObject` struct holds a `shared_ptr<UIGrid>` to keep the grid alive, the `UIGridPoint` itself stores a raw pointer that isn't covered by the same safety. ## Root Cause `UIGridPoint.h:44`: ```cpp class UIGridPoint { ... UIGrid* parent_grid; // Parent grid reference for TCOD sync ... }; ``` Used in `UIGridPoint.cpp:86-87`: ```cpp if (self->data->parent_grid && self->data->grid_x >= 0 && self->data->grid_y >= 0) { self->data->parent_grid->syncTCODMapCell(self->data->grid_x, self->data->grid_y); } ``` The `PyUIGridPointObject` wrapper (UIGridPoint.h:23-27) stores: ```cpp typedef struct { PyObject_HEAD UIGridPoint* data; std::shared_ptr<UIGrid> grid; // Keeps grid alive — good! } PyUIGridPointObject; ``` The `shared_ptr<UIGrid> grid` on the Python wrapper keeps the grid alive while the GridPoint object exists, which prevents the immediate dangling issue. However, the `UIGridPoint` struct itself doesn't know about the shared_ptr, and `parent_grid` is set during grid construction (`UIGrid.cpp:115, 128`) as a raw pointer. ## Risk Assessment **Currently mitigated** by the `shared_ptr<UIGrid>` on `PyUIGridPointObject`. The grid can't be destroyed while a Python GridPoint object references it. **Fragile** because: 1. The safety depends on always wrapping UIGridPoint access in a PyUIGridPointObject with the shared_ptr set correctly 2. Any C++ code accessing UIGridPoint directly (without the Python wrapper) has no such protection 3. If someone creates a GridPoint wrapper without setting the shared_ptr, the raw pointer dangles ## Fix Consider making `UIGridPoint::parent_grid` a `std::weak_ptr<UIGrid>` or documenting the invariant that `PyUIGridPointObject::grid` must always be set correctly. ## Severity **Low** — currently protected by the Python wrapper's shared_ptr, but the pattern is fragile and error-prone for future development.

john referenced this issue 2026-03-07 23:25:45 +00:00

[Bugfix] GridChunk::parent_grid raw pointer can dangle #277

john referenced this issue 2026-03-07 23:26:21 +00:00

[Meta] Engine memory safety audit — 7DRL 2026 post-mortem #279

john added the

Bugfix

label 2026-03-08 00:01:08 +00:00

john added a new dependency 2026-03-08 21:07:33 +00:00

#252 GridView and Grid, FOVLayer and PathLayer

john commented 2026-03-08 21:07:54 +00:00

Author

Owner

Copy link

Deferred from the #258–#278 memory safety audit. In #252, UIGridPoint becomes a lightweight proxy that reads/writes named DiscreteMap slots on GridMap — the parent_grid raw pointer is eliminated entirely. The Phase 4 work (commit 115e16f) already converted PyUIGridPointObject from raw UIGridPoint* to coordinate-based (grid, x, y) access, which mitigates the Python-facing risk. The remaining C++ UIGridPoint::parent_grid field disappears with the #252 rearchitecture. Linked as dependency of #252.

Deferred from the #258–#278 memory safety audit. In #252, UIGridPoint becomes a lightweight proxy that reads/writes named DiscreteMap slots on GridMap — the `parent_grid` raw pointer is eliminated entirely. The Phase 4 work (commit 115e16f) already converted PyUIGridPointObject from raw `UIGridPoint*` to coordinate-based `(grid, x, y)` access, which mitigates the Python-facing risk. The remaining C++ `UIGridPoint::parent_grid` field disappears with the #252 rearchitecture. Linked as dependency of #252.

john referenced this issue 2026-03-15 20:17:53 +00:00

GridView and Grid, FOVLayer and PathLayer #252

john commented 2026-03-15 20:18:10 +00:00

Author

Owner

Copy link

Roadmap context

Folded into #252 (Grid/GridView split) in the Grid & Entity Overhaul Roadmap (docs/GRID_ENTITY_OVERHAUL_ROADMAP.md), Phase 4. Raw UIGrid* in UIGridPoint will become weak_ptr<Grid> during the architecture overhaul.

## Roadmap context Folded into #252 (Grid/GridView split) in the Grid & Entity Overhaul Roadmap (`docs/GRID_ENTITY_OVERHAUL_ROADMAP.md`), **Phase 4**. Raw `UIGrid*` in UIGridPoint will become `weak_ptr<Grid>` during the architecture overhaul.

john referenced this issue from a commit 2026-03-16 22:23:55 +00:00

Phase 4.1: Extract GridData base class from UIGrid (#252, #270, #271, #277)

john referenced this issue 2026-04-04 08:34:50 +00:00

GridView and Grid, FOVLayer and PathLayer #252

john referenced this issue from a commit 2026-04-10 05:09:18 +00:00

Add issue triage document for all 46 open issues

john referenced this issue 2026-04-10 05:35:16 +00:00

[Meta] Engine memory safety audit — 7DRL 2026 post-mortem #279

john referenced this issue from a commit 2026-04-10 05:46:54 +00:00

Null parent_grid pointers in GridData destructor, closes #270, closes #271, closes #277

john closed this issue 2026-04-10 05:46:54 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

threedee

emscripten-mcrogueface

rogueliketutorial25

alpha_presentable

alpha_streamline_2

alpha_streamline_1

interpreter_mode

grid_entity_integration

reprs_and_member_names

break_up_ui_h

standardize_font_handling

standardize_vector_handling

standardize_color_handling

standardize_texture_handling

raii_pyobjects

rebase-for-7DRL_Feb-2024

engjam_uicollection

engjam_ui_overhaul

0.2.3-prerelease-7drl2026-emscripten

Labels

Clear labels   

Alpha Release Requirement

This issue is a blocker to 0.1 Alpha release of McRogueFace.

  

Bugfix

  

Demo Target

Functionality to demonstrate; Depends on new features, but this issue isn't for writing them.

  

Documentation

  

Major Feature

Significant time and effort required.

  

Minor Feature

Some effort required to create or overhaul functionality.

  

priority:tier1-active

Current development focus - critical path to v1.0

  

priority:tier2-foundation

Important foundation work - not blocking v1.0

  

priority:tier3-future

Future features - deferred until after v1.0

  

priority:tier4-deferred

  

Refactoring & Cleanup

no new functionality, just improving the codebase.

  

system:animation

Animation and property interpolation

  

system:documentation

Documentation infrastructure

  

system:grid

Grid system and spatial containers

  

system:input

Input handling and events

  

system:performance

Performance optimization and profiling

  

system:procgen

Procedural Generation (Noise, BSP, Heightmap)

  

system:python-binding

Python/C++ binding layer

  

system:rendering

Rendering pipeline and visuals

  

system:ui-hierarchy

UI component hierarchy and composition

  

Tiny Feature

quick and easy - a few lines or with little interconnection around the codebase

  

workflow:blocked

Blocked by other work - waiting on dependencies

  

workflow:needs-benchmark

Needs performance testing and benchmarks

  

workflow:needs-documentation

Needs documentation before or after implementation

No labels

Alpha Release Requirement

Bugfix

Demo Target

Documentation

Major Feature

Minor Feature

priority:tier1-active

priority:tier2-foundation

priority:tier3-future

priority:tier4-deferred

Refactoring & Cleanup

system:animation

system:documentation

system:grid

system:input

system:performance

system:procgen

system:python-binding

system:rendering

system:ui-hierarchy

Tiny Feature

workflow:blocked

workflow:needs-benchmark

workflow:needs-documentation

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Depends on

#252 GridView and Grid, FOVLayer and PathLayer

john/McRogueFace

Reference

john/McRogueFace#271

No description provided.