Hi.
I am having some trouble with realloc, specifically when I increase the size of a block of memory. I have a global pointer array of objects that I deal with, and those are created using 'new'. The reason I mention this array is because it is becoming corrupt from realloc. When I use realloc, it starts freeing objects in my global array and writing over them, starting at the first object and moving on. Its like realloc has no clue there is anything even there, and just writes over it. Why I think realloc is actually freeing this memory is because when I try to delete the objects of the global array it says "Free Heap block 'bla' modified at 'bla' after it was freed". Now I read that that can mean I am trying to refree something that is already freed. I am not sure though.
My code looks something like this, I simplify it greatly, removed a lot of safety checks etc so I can present something here.
fillvertlist(); // Fills the global array with data from a txt file.
// Start off the model file by creating the root.
int allocated_memory = sizeof( model_t );
void *pToFile = malloc( sizeof( model_t ) );
// Create a pointer to the model.
model_t *pModel = (model_t *)pToFile;
memset( pModel, 0, sizeof( model_t ) );
// Vertex Groups
pModel->num_vertex_groups = 1;
pModel->vertex_groups_offset = allocated_memory;
allocated_memory += CreateVertexGroupBlock( &pToFile, allocated_memory );
Then I pass the pointer of pToFile into functions which realloc's and adds new memory to the end. Basically I am creating a buffer that I in the end write to a model file, which my game can load.
A function could look like this.
int CreateVertexGroupBlock( void **ppToFile, int cur_alloc )
{
int num_bytes_alloced = 0;
byte *pCurFilePos = ((byte*)*ppToFile);
if ( !*ppToFile )
return 0;
// Move everything forward.
num_bytes_alloced += sizeof(vertex_groups_t);
pCurFilePos = (pCurFilePos + cur_alloc );
// realloc new memory size, and create the object.
*ppToFile = realloc( *ppToFile, cur_alloc + num_bytes_alloced );
vertex_groups_t *vert_group = (vertex_groups_t*)pCurFilePos;
memset( vert_group, 0, sizeof( vertex_groups_t ) );
// Vert Group Variables
strncpy( vert_group->name, "Default", 7 );
vert_group->meshes_offset = sizeof( vertex_groups_t );
//Move forward for next blocks
//cur_byte_pos += sizeof( vertex_groups_t );
pCurFilePos = (pCurFilePos + sizeof( vertex_groups_t ) );
// A bunch of other stuff happens, stores all the objects from the global array etc...
return num_bytes_alloced;
}
That is an example of sticking a vertex_groups_t object on the end of the data buffer.
Again this was all working great until just recently when I tried reallocing more memory for storing a collision model as well. One thing to note is that I am deleting all the global array objects since they aren't needed anymore, and filling them up again with the collision model data so it can be written in the same manner as the models real verts. I wonder if passing the pointer to functions is causing realloc to not understand exactly how much is allocated, or where it is in memory. Or is deleting the objects in the global array while that buffer is still getting written, is causing realloc to not understand where the global array data is, and its just writing over top obliviously.
Its hard to describe my thoughts on the matter to be honest. I wonder if after creating the data in the global array, I should copy the malloc'd block in front of it so it doesn't overwrite the global array, but I thought realloc was designed to know when it was too large and move itself.
Anyway, I hope I was specific enough, and I will post all the code if it's really needed, but there is a lot.
So in conclusion, the problem is that I don't understand why realloc is writing over already stored memory (The stuff being pointed to by the global pointer array).
