So I have a couple of functions that work with a string type I have created. One of them creates a dynamically allocated sting. The other one takes said string, and extends it. And the last one frees the string. Note: The function names are changed, but all are custom-defined by me.
string new = make('Hello, '); adds(new, 'everyone'); free(new); The code above works – it compiles and runs fine. The code below does not work – it compiles, runs, and then
string new = make('Hello, '); adds(new, 'everyone!'); free(new); The difference between the code is that the adds() function is adding 1 more character (a !). The character it adds makes no difference – just the length. Just for completeness, the following code does not work:
string new = make('Hello, '); adds(new, 'everyone'); adds(new, '!'); free(new); Oddly, the following code, which uses a different function, addc() (which adds 1 character instead of a string) works:
string new = make('Hello, '); adds(new, 'everyone'); addc(new, '!'); free(new); The following, which also does the same thing, works:
string new = make('Hello, everyone!'); free(new); The error that all the ones that don’t work give is this:
test(526) malloc: *** error for object 0x100130: double free *** set a breakpoint in malloc_error_break to debug (test is the extremely descriptive name of the program I have this in.)
As far as the function internals, my make() is a call to strlen() and two calls to malloc() and a call to memcpy(), my adds() is a call to strlen(), a call to realloc(), and a call to memcpy(), and my free() is two calls to the standard library free().
So are there any ideas why I’m getting this, or do I need to break down and use a debugger? I’m only getting it with adds()es of over a certain length, and not with addc()s.
Breaking down and posting code for the functions:
typedef struct _str { int _len; char *_str; } *string; string make(char *c) { string s = malloc(sizeof(string)); if(s == NULL) return NULL; s->_len = strlen(c); s->_str = malloc(s->_len + 1); if(s->_str == NULL) { free(s); return NULL; } memcpy(s->_str, c, s->_len); return s; } int adds(string s, char *c) { int l = strlen(c); char *tmp; if(l <= 0) return -1; tmp = realloc(s->_str, s->_len + l + 1); if(!tmp) return 0; memcpy(s->_str + s->_len, c, l); s->_len += l; s->_str[s->_len] = 0; return s->_len; } void myfree(string s) { if(s->_str) free(s->_str); free(s); s = NULL; return; }
A number of potential problems I would fix:
1/ Your
make()is dangerous since it’s not copying across the null-terminator for the string.2/ It also makes little sense to set
stoNULLinmyfree()since it’s a passed parameter and will have no effect on the actual parameter passed in.3/ I’m not sure why you return -1 from
adds()if the added string length is 0 or less. First, it can’t be negative. Second, it seems quite plausible that you could add an empty string, which should result in not changing the string and returning the current string length. I would only return a length of -1 if it failed (i.e.realloc()didn’t work) and make sure the old string is preserved if that happens.4/ You’re not storing the
tmpvariable intos->_streven though it can change – it rarely re-allocates memory in-place if you’re increasing the size although it is possible if the increase is small enough to fit within any extra space allocated bymalloc(). Reduction of size would almost certainly re-allocate in-place unless your implementation ofmalloc()uses different buffer pools for different-sized memory blocks. But that’s just an aside, since you’re not ever reducing the memory usage with this code.5/ I think your specific problem here is that you’re only allocating space for string which is a pointer to the structure, not the structure itself. This means when you put the string in, you’re corrupting the memory arena.
This is the code I would have written (including more descriptive variable names, but that’s just my preference).
I’ve changed:
adds()to better reflect the length and error conditions. Now it only returns -1 if it couldn’t expand (and the original string is untouched) – any other return value is the new string length.myfree()if you want to really do want to set the string to NULL with something like ‘s = myfree (s)‘.myfree()forNULLstring since you can now never have an allocatedstringwithout an allocatedstring->strChars.Here it is, use (or don’t 🙂 as you see fit:
The only other possible improvement I could see would be to maintain a buffer of space and the end of the
strCharsto allow a level of expansion without callingmalloc().That would require both a buffer length and a string length and changing the code to only allocate more space if the combined string length and new chars length is greater than the buffer length.
This would all be encapsulated in the function so the API wouldn’t change at all. And, if you ever get around to providing functions to reduce the size of a string, they wouldn’t have to re-allocate memory either, they’d just reduce their usage of the buffer. You’d probably need a
compress()function in that case to reduce strings that have a large buffer and small string.