I'm currently implementing a stack data structure in C. I was testing the portion of code responsible for realloc'ing the stack's memory when it runs out of space to push more data on. Here is the code I am using to test it:
#include <stdlib.h>
#include <stdbool.h>
typedef struct
{
int* mem;
int size;
int top;
} Stack;
bool Stack_Init(Stack* stack, int size)
{
stack->mem = malloc(size * sizeof(int));
if (!stack->mem)
{
return false;
}
stack->size = size;
stack->top = -1;
return true;
}
void Stack_Push(Stack* stack, int data)
{
stack->top ;
if (stack->top >= stack->size)
{
stack->mem = realloc(stack->mem, stack->size * 2);
stack->size *= 2;
}
stack->mem[stack->top] = data;
}
int main(void)
{
Stack stack;
Stack_Init(&stack, 256);
// I set the condition to i < 257 so that the final loop triggers a realloc
for (int i = 0; i < 257; i )
{
Stack_Push(&stack, i);
}
}
When running my code through GDB, near the end I recieved a warning:
warning: HEAP[Test.exe]:
warning: HEAP: Free Heap block 0000028B44EE17B0 modified at 0000028B44EE1990 after it was freed
I know I should be checking realloc return value, but that doesn't appear to be the problem. The thing that I can't figure out is that before the realloc in Stack_Push, examining stack->mem shows nothing out of order, but after the realloc, the second half of stack->mem (after 128 bytes) is overwritten with some random garbage and a lot of 0xFEEEFEEE. You can see what I'm talking about here:
0x20eb8571590: 0x00000000 0x00000001 0x00000002 0x00000003
0x20eb85715a0: 0x00000004 0x00000005 0x00000006 0x00000007
0x20eb85715b0: 0x00000008 0x00000009 0x0000000a 0x0000000b
0x20eb85715c0: 0x0000000c 0x0000000d 0x0000000e 0x0000000f
0x20eb85715d0: 0x00000010 0x00000011 0x00000012 0x00000013
0x20eb85715e0: 0x00000014 0x00000015 0x00000016 0x00000017
0x20eb85715f0: 0x00000018 0x00000019 0x0000001a 0x0000001b
0x20eb8571600: 0x0000001c 0x0000001d 0x0000001e 0x0000001f
0x20eb8571610: 0x00000020 0x00000021 0x00000022 0x00000023
0x20eb8571620: 0x00000024 0x00000025 0x00000026 0x00000027
0x20eb8571630: 0x00000028 0x00000029 0x0000002a 0x0000002b
0x20eb8571640: 0x0000002c 0x0000002d 0x0000002e 0x0000002f
0x20eb8571650: 0x00000030 0x00000031 0x00000032 0x00000033
0x20eb8571660: 0x00000034 0x00000035 0x00000036 0x00000037
0x20eb8571670: 0x00000038 0x00000039 0x0000003a 0x0000003b
0x20eb8571680: 0x0000003c 0x0000003d 0x0000003e 0x0000003f
0x20eb8571690: 0x00000040 0x00000041 0x00000042 0x00000043
0x20eb85716a0: 0x00000044 0x00000045 0x00000046 0x00000047
0x20eb85716b0: 0x00000048 0x00000049 0x0000004a 0x0000004b
0x20eb85716c0: 0x0000004c 0x0000004d 0x0000004e 0x0000004f
0x20eb85716d0: 0x00000050 0x00000051 0x00000052 0x00000053
0x20eb85716e0: 0x00000054 0x00000055 0x00000056 0x00000057
0x20eb85716f0: 0x00000058 0x00000059 0x0000005a 0x0000005b
0x20eb8571700: 0x0000005c 0x0000005d 0x0000005e 0x0000005f
0x20eb8571710: 0x00000060 0x00000061 0x00000062 0x00000063
0x20eb8571720: 0x00000064 0x00000065 0x00000066 0x00000067
0x20eb8571730: 0x00000068 0x00000069 0x0000006a 0x0000006b
--Type <RET> for more, q to quit, c to continue without paging--c
0x20eb8571740: 0x0000006c 0x0000006d 0x0000006e 0x0000006f
0x20eb8571750: 0x00000070 0x00000071 0x00000072 0x00000073
0x20eb8571760: 0x00000074 0x00000075 0x00000076 0x00000077
0x20eb8571770: 0x00000078 0x00000079 0x0000007a 0x0000007b
0x20eb8571780: 0x0000007c 0x0000007d 0x0000007e 0x0000007f
0x20eb8571790: 0xabababab 0xabababab 0xabababab 0xabababab
0x20eb85717a0: 0x00000000 0x00000000 0x00000000 0x00000000
0x20eb85717b0: 0x00000088 0x00000089 0x741cb74f 0x0000c15d
0x20eb85717c0: 0xb8574450 0x0000020e 0xb8570150 0x0000020e
0x20eb85717d0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85717e0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85717f0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571800: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571810: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571820: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571830: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571840: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571860: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571870: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571880: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571890: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718a0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718b0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718c0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718d0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718e0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb85718f0: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571900: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571910: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571920: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571930: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571940: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571950: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571960: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571970: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571980: 0xfeeefeee 0xfeeefeee 0xfeeefeee 0xfeeefeee
0x20eb8571990: 0xfeeefeee
I'm unsure what could be causing this, as I can't seem to see anything wrong with the code and after running it with a debugger multiple times I still don't see what is causing it.
CodePudding user response:
stack->mem = realloc(stack->mem, stack->size * 2);
Here you should multiply with sizeof(int)
stack->mem = realloc(stack->mem, sizeof(int)*stack->size * 2);