Resizing a dynamic string causes a memory leak
-
14-06-2021 - |
Question
I start with a very simple program:
#include <TBString.h>
int main(int argv, char** argc)
{
tb::String test("");
test = "Hello World!";
return 0;
}
tb::String
is my own string class, which was designed to handle both char
strings and wchar_t
(Unicode) strings. It is heavily templated, tb::String
is a typedef of tb::StringBase<char>
.
The whole thing is compiled using the CRT debugging utilities to check for memory leaks. Here's the output:
Detected memory leaks!
Dumping objects ->
c:\users\sam\svn\dependencies\toolbox\headers\tbstring2.inl(38) : {442} normal block at 0x00D78290, 1 bytes long.
Data: < > 00
{131} normal block at 0x00C5EFA0, 52 bytes long.
Data: < > A0 EF C5 00 A0 EF C5 00 A0 EF C5 00 CD CD CD CD
Object dump complete.
Detected memory leaks!
Dumping objects ->
c:\users\sam\svn\dependencies\toolbox\headers\tbstring2.inl(38) : {442} normal block at 0x00D78290, 1 bytes long.
Data: < > 00
Object dump complete.
The program '[2888] SAM_release.exe: Native' has exited with code 0 (0x0).
So it looks like an empty tb::String (with size 0) is causing the memory leak. Confirmed with this program, which doesn't leak:
#include <TBString.h>
int main(int argv, char** argc)
{
tb::String test("Hello World!");
return 0;
}
Call stack for the original program:
- Create a
StringBase<char>
with string""
. m_Length
is set to 0.m_Maximum
is set tom_Length + 1
(1).m_Data
is created with a length ofm_Maximum
(1).m_Data
is cleared and filled with""
._AppendSingle
is set toStringBase<char>::_AppendDynSingle
.- The overloaded operator
StringBase<char>::operator =
is called with string"Hello World!"
_AppendSingle
is called.m_Length
is 0,m_Maximum
is 1.checklen
is set tom_Length + src_len + 1
(13).m_Maximum
is multiplied by 2 until it is larger thanchecklen
(16).- The
StringBase<char>::Resize
function is called with the new maximum.
Resize function:
template <typename C>
TB_INLINE StringBase<C>& StringBase<C>::Resize(int a_Maximum /*= -1*/)
{
if (!m_Data)
{
m_Maximum = (a_Maximum == -1) ? 4 : a_Maximum;
m_Data = new C[m_Maximum];
StringHelper::Clear<C>(m_Data, m_Maximum);
}
else
{
int newmax = (a_Maximum == -1) ? (m_Maximum * 2) : a_Maximum;
C* temp = new C[newmax];
StringHelper::Clear<C>(temp, newmax);
if (m_Length > 0) { StringHelper::Copy(temp, m_Data, m_Length); }
delete [] m_Data;
m_Data = temp;
m_Maximum = newmax;
}
return *this;
}
This is what I suspect is the problem. Now, my question becomes:
How can I reallocate memory in C++ without it triggering a memory leak in the CRT debugger?
Constructor:
TB_INLINE StringBase<char>::StringBase(const char* a_String)
{
m_Length = StringHelper::GetLength<char>(a_String);
m_Maximum = m_Length + 1;
m_Data = new char[m_Maximum];
StringHelper::Clear<char>(m_Data, m_Maximum);
StringHelper::Copy<char, char>(m_Data, a_String, m_Length);
_AppendSingle = &StringBase<char>::_AppendDynSingle;
_AppendDouble = &StringBase<char>::_AppendDynDouble;
}
Destructor:
TB_INLINE StringBase<char>::~StringBase()
{
if (m_Data) { delete [] m_Data; }
}
Assignment operator:
TB_INLINE StringBase<char>& StringBase<char>::operator = (const char *a_String)
{
Clear();
return (this->*_AppendSingle)(a_String);
}
Append function:
template<>
TB_INLINE StringBase<char>& StringBase<char>::_AppendDynSingle(const char* a_String)
{
if (!a_String) { return *this; }
int src_len = StringHelper::GetLength<char>(a_String);
// check size
if (m_Maximum == -1)
{
m_Maximum = src_len + 1;
m_Data = new char[m_Maximum];
StringHelper::Clear<char>(m_Data, m_Maximum);
m_Length = 0;
}
int checklen = m_Length + src_len + 1;
if (checklen > m_Maximum)
{
while (checklen > m_Maximum) { m_Maximum *= 2; }
Resize(m_Maximum);
}
// append
strcat(m_Data, a_String);
// new length
m_Length += src_len;
return *this;
}
Please note: I do not want to use std::string
or std::vector
, I want to fix this function.
Solution 2
This is going to be a long one.
First, I decided to check my sanity. Does the CRT memory debugger work correctly?
int* src_test = new int[10];
for (int i = 0; i < 10; i++) { src_test[i] = i; }
int* dst_test = new int[10];
for (int i = 0; i < 10; i++) { dst_test[i] = src_test[i]; }
delete [] src_test;
This correctly reports a leak of 40 bytes. This line fixes the leak:
delete [] dst_test;
Okay, what else? Well, maybe the deconstructor is not being called. Let's put it in a function:
void ScopeTest()
{
tb::String test("Hello World!");
test = "Hello World! Again!";
}
It works, but it leaks. Let's make absolutely sure the deconstructor is called.
void ScopeTest()
{
tb::String* test = new tb::String("Hello World!");
*test = "Hello World! Again!";
delete test;
}
Still leaking. Well, what does the =
operator do? It clears and it appends. Let's do it manually:
void ScopeTest()
{
tb::String* test = new tb::String("Hello World!");
test->Clear();
test->Append("Hello World! Again!");
delete test;
}
Same result, so it has nothing to do with the operator. I wonder what would happen if I removed the Clear
...
void ScopeTest()
{
tb::String* test = new tb::String("Hello World!");
test->Append("Hello World! Again!");
delete test;
}
Alright, it... wait, what? It doesn't leak? What does Clear
do then?
template <>
TB_INLINE StringBase<char>& StringBase<char>::Clear()
{
if (m_Data)
{
StringHelper::Clear<char>(m_Data, m_Maximum);
}
m_Length = 0;
return *this;
}
That's... harmless. But let's comment it out.
template <>
TB_INLINE StringBase<char>& StringBase<char>::Clear()
{
/*if (m_Data)
{
StringHelper::Clear<char>(m_Data, m_Maximum);
}
m_Length = 0;*/
return *this;
}
Same result, no leaks. Let's remove the call to Clear
again.
void ScopeTest()
{
tb::String* test = new tb::String("Hello World!");
//test->Clear();
test->Append("Hello World! Again!");
delete test;
}
Leaking bytes again...
But wait a second, it's still clearing the tb::String
? The length is set to 0 and the data is zeroed out, even though the body is commented out. How, what...
Alright, compiler, let's see you compile this:
/*template <>
TB_INLINE StringBase<char>& StringBase<char>::Clear()
{
if (m_Data)
{
StringHelper::Clear<char>(m_Data, m_Maximum);
}
m_Length = 0;
return *this;
}*/
Ha! That will show him! Oh wait... it... still compiles and runs.
Am I using a different version of the same file? No, I only have one version of TBString2.h
and TBString2.inl
on this computer...
Oh.
Oh wait a second.
Oh goddammit.
This better not be what I think it is.
Project Toolbox -> $(OutDir)\$(ProjectName)_d.lib
I'm going to murder the person who spent three hours on this.
Project Game -> Toolbox.lib
Oh wait. That was me.
TL;DR: I linked to an old build of the string class, causing all kinds of weird behavior, including leaking memory.
OTHER TIPS
You are leaking whatever bytes were initialized in the constructor after you perform an assignment. To debug the leak, step through with the debugger when you perform the assignment. It might be useful to set a watchpoint on the m_Data
variable so that the debugger will stop whenever it changes value.