I am using an array of structs and then set up the elements like the following:
#include <stdio.h>
#include <stdlib.h>
typedef struct _point {
char s;
unsigned int x;
unsigned int y;
} point;
point* vehicle;
int main(int argc, char *argv[]) {
/* 26 Vehicles */
vehicle = malloc(26*sizeof(point*));
for (int i = 0; i < 26; i++) {
vehicle[i].s = ' ';
}
/* Print already existing vehicles */
for (int i = 0; i < 26; i++) {
if (vehicle[i].s != ' ') {
printf("%c: x=%d y=%d\n", vehicle[i].s, vehicle[i].x, vehicle[i].y);
}
}
return 0;
}
NOTE: this is not the actual code (which is too big to post) but the set up of the array and structs is the same.
As you can see, I set every vehicle[i].s to the space character, but the loop prints the following (not it this example code but in my actual code):
: x=32215344 y=0
P: x=0 y=33
: x=2105376 y=0
Question: how can it be that after the first loop, some elements are modified in the "background" without assigning them in the code? Or can some other malloc operations overwrite/reallocate the memory?
The problem, as I see it is in
vehicle = malloc(26*sizeof(point*));
you're allocating memory for the pointer-to-the-data-type type, whereas you should be allocating for the data type itself.
To elaborate, you want to allocate memory for 26 elements of type point (i.e., struct _point), not 26 point *.
Change
vehicle = malloc(26*sizeof(point));
or, for better,
vehicle = malloc(26*sizeof * vehicle);
Otherwise, you're running short of allocated memory when you try to dererference the pointer to access ns of instances. So, you end up accessing out-of-bound memory which causes undefined behavior.
That said, just an advice, if you know the size to be allocated beforehand, (26, for example), don't use dynamic memory, there's no need for it. Use an array.
Related
I'm currently working on structures for a personnal project. I'm trying to use dynamically-allocated bidimensionnal arrays, and then free the space they're taking. An error occurs when I try to free the allocated space.
I was able to narrow down the source of the issue down to the function I had set up to destroy my structures, but wasn't able to pinpoint the cause of the error within. More concerning is the fact that the error, an access violation, only triggers half of the time.
I've included the functions below, with a few comments. I'm sorry if I'm including too much code here, but I'm geniunely lost at words and do feel like the way I initialize the structures may have an impact on whether I'm destroying them correctly.
#include <stdio.h>
#include <stdlib.h>
typedef struct f_part f_part;
typedef struct field field;
//these are the structures I used:
//part of a field: includes a character and a color
struct f_part
{
char caractere;
short int color;
};
//field: points to a bidimensionnal array of f_part, and remember its size
struct field
{
int fsize_x;
int fsize_y;
f_part **fbody;
};
field* fieldInitialize(const int size_x, const int size_y) //this function seems to work correctly, I've mostly added it as an indicator
{
field* terrain = malloc(sizeof(*terrain));
if (terrain == NULL)
printf("fail1");
terrain->fsize_x = size_x;
terrain->fsize_y = size_y;
f_part* ptrToFPart = NULL;
terrain->fbody = malloc(sizeof(ptrToFPart) * size_x); //this is where I allocate the space for an array of pointers
if (terrain->fbody == NULL)
printf("fail2");
int i,j;
for (i = 0 ; i < size_x ; i++)
{
terrain->fbody[i] = malloc(sizeof(f_part) * size_y);
for (j = 0 ; j < size_y ; j++)
{
terrain->fbody[i][j].caractere = 'a';
terrain->fbody[i][j].color = 0;
}
}
terrain->fsize_x = size_x;
terrain->fsize_y = size_y;
return terrain;
}
void fieldDestroy(field* terrain) //this is the function that is supposed to destroy the object and free the memory, and fails
{
int i;
for (i = 0 ; i < terrain->fsize_x ; i++)
{
free(terrain->fbody[i]); //this part always goes well
}
printf("flag 1\n");
free(terrain->fbody); //this is where the access violation happens, when it does
printf("flag 2\n");
free(terrain); //this part goes well too
printf("flag 3\n");
}
int main()
{
field* testField = fieldInitialize(5, 5);
fieldDestroy(testField); //This is the function that fails. Sometimes.
return 0;
}
The error systematically happens on that second-to-last line, when I try to free the space allocated for the array of pointers. Except it doesn't always happen! Sometimes, I can free terrain->fbody, and everything goes well, but other times, I can't free the space.
The error I get is 0xC0000005, which apparently translates to "access violation". Which I understand would be common when dealing with dynamic memory allocation, but then why do I seem to get the error only half of the time?
Edit : Okay, so I've edited a bit of the code. Interestingly enough, while my Windows 10 would fail between flags 1 and 2, my Windows 7 fails between flags 2 and 3, and returns too a 0xC0000005 error. But again, only occasionally.
In C, you must precede structure names with struct. So your functions should be declared:
struct field* fieldInitialize( ... )
and your allocations should be
struct field* terrain = malloc(sizeof(struct field));
You could also define these structures as types:
typedef struct
{
int fsize_x;
int fsize_y;
struct f_part **fbody;
} field;
I want to use a struct to contain some data and passing them between different functions in my program,this struct has to contain a dynamic 2D array (i need a matrix) the dimensions change depending on program arguments.
So this is my struct :
struct mystruct {
int **my2darray;
}
I have a function that read numbers from a file and has to assign each of them to a cell of the struct array.
I tried doing this :
FILE *fp = fopen(filename, "r");
int rows;
int columns;
struct mystruct *result = malloc(sizeof(struct mystruct));
result->my2darray = malloc(sizeof(int)*rows);
int tmp[rows][columns];
for(int i = 0;i<rows;i++) {
for(int j = 0;j<columns;j++) {
fscanf(fp, "%d", &tmp[i][j]);
}
result->my2darray[i]=malloc(sizeof(int)*columns);
memcpy(result->my2darray[i],tmp[i],sizeof(tmp[i]));
}
But this is giving me a strange result : all the rows are correctly stored except for the first.
(I'm sure that the problem is not in the scanning of file).
While if i change the fourth line of code in this :
result->my2darray = malloc(sizeof(int)*(rows+1));
it works fine.
Now my question is why this happens?
Here's an answer using some "new" features of the language: flexible array members and pointers to VLA.
First of all, please check Correctly allocating multi-dimensional arrays. You'll want a 2D array, not some look-up table.
To allocate such a true 2D array, you can utilize flexible array members:
typedef struct
{
size_t x;
size_t y;
int flex[];
} array2d_t;
It will be allocated as a true array, although "mangled" into a single dimension:
size_t x = 2;
size_t y = 3;
array2d_t* arr2d = malloc( sizeof *arr2d + sizeof(int[x][y]) );
Because the problem with flexible array members is that they can neither be VLA nor 2-dimensional. And although casting it to another integer array type is safe (in regards of aliasing and alignment), the syntax is quite evil:
int(*ptr)[y] = (int(*)[y]) arr2d->flex; // bleh!
It would be possible hide all this evil syntax behind a macro:
#define get_array(arr2d) \
_Generic( (arr2d), \
array2d_t*: (int(*)[(arr2d)->y])(arr2d)->flex )
Read as: if arr2d is a of type array2d_t* then access that pointer to get the flex member, then cast it to an array pointer of appropriate type.
Full example:
#include <stdlib.h>
#include <stdio.h>
typedef struct
{
size_t x;
size_t y;
int flex[];
} array2d_t;
#define get_array(arr2d) \
_Generic( (arr2d), \
array2d_t*: (int(*)[(arr2d)->y])(arr2d)->flex )
int main (void)
{
size_t x = 2;
size_t y = 3;
array2d_t* arr = malloc( sizeof *arr + sizeof(int[x][y]) );
arr->x = x;
arr->y = y;
for(size_t i=0; i<arr->x; i++)
{
for(size_t j=0; j<arr->y; j++)
{
get_array(arr)[i][j] = i+j;
printf("%d ", get_array(arr)[i][j]);
}
printf("\n");
}
free(arr);
return 0;
}
Advantages over pointer-to-pointer:
An actual 2D array that can be allocated/freed with a single function call, and can be passed to functions like memcpy.
For example if you have two array2d_t* pointing at allocated memory, you can copy all the contents with a single memcpy call, without needing to access individual members.
No extra clutter in the struct, just the array.
No cache misses upon array access due to the memory being segmented all over the heap.
The code above never sets rows and columns, so the code has undefined behavior from reading those values.
Assuming you set those values properly, this isn't allocating the proper amount of memory:
result->my2darray = malloc(sizeof(int)*rows);
You're actually allocating space for an array of int instead of an array of int *. If the latter is larger (and it most likely is) then you haven't allocated enough space for the array and you again invoke undefined behavior by writing past the end of allocated memory.
You can allocate the proper amount of space like this:
result->my2darray = malloc(sizeof(int *)*rows);
Or even better, as this doesn't depend on the actual type:
result->my2darray = malloc(sizeof(*result->my2darray)*rows);
Also, there's no need to create a temporary array to read values into. Just read them directly into my2darray:
for(int i = 0;i<rows;i++) {
result->my2darray[i]=malloc(sizeof(int)*columns);
for(int j = 0;j<columns;j++) {
fscanf(fp, "%d", &result->my2darray[i][j]);
}
}
In your provided code example, the variables rows and columns have not been initialized before use, so they can contain anything, but are likely to be equal to 0. Either way, as written, the results will always be unpredictable.
When a 2D array is needed in C, it is useful to encapsulate the memory allocation, and freeing of memory into functions to simplify the task, and improve readability. For example, in your code the following line will create an array of 5 pointers, each pointing to 20 int storage locations: (creating 100 index addressable int locations.)
int main(void)
{
struct mystruct result = {0};
result.my2darray = Create2D(5, 20);
if(result.my2darray)
{
// use result.my2darray
result.my2darray[0][3] = 20;// for simple example, but more likely in a read loop
// then free result.my2darray
free2D(result.my2darray, 5);
}
return 0;
}
Using the following two functions:
int ** Create2D(int c, int r)
{
int **arr;
int y;
arr = calloc(c, sizeof(int *)); //create c pointers (columns)
for(y=0;y<c;y++)
{
arr[y] = calloc(r, sizeof(int)); //create r int locations for each pointer (rows)
}
return arr;
}
void free2D(int **arr, int c)
{
int i;
if(!arr) return;
for(i=0;i<c;i++)
{
if(arr[i])
{
free(arr[i]);
arr[i] = NULL;
}
}
free(arr);
arr = NULL;
}
Keep in mind that what you have created using this technique is actually 5 different pointer locations each pointing to a set of 20 int locations. This is what facilitates the use of array like indexing, i.e. we can say result.my2darray[1][3] represents the second column, forth row element of a 5X20 array, when it is not really an array at all.
int some_array[5][20] = {0};//init all elements to zero
Is what is commonly referred to in C an int array, also allowing access to each element via indexing. In actuality (Even though commonly referred to as an array.) it is not an array. The location of elements in this variable are stored in one contiguous location in memory.
|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0... (~ 82 more)
But C maintains the locations such that they are all indexable as an 2D array.
My issue is with nums3 array and why the last for-loop actually prints expected results. The nums3 array as I understand it contains an array of pointers to the struct but these pointers have not yet been initialized to any specific instance of a struct. But in this for-loop I can assign values and see the expected results display.
Also, I've read that with the pointer returned by malloc I can use the [index] after the pointer and iterate over the allocated memory. I assume this feature is using the fact it has a type multiplied by some value and it does the division automatically to know how this block of memory is split up and therefore how far to advance to the next index. But I'm still confused as to why I'm getting expected results on that last for-loop when I haven't initialized or pointed those pointers to anything specific.
I know that if I were to add ** and change the to -> then I could operate on those pointers directly, but with the code now I'm able to use the . operator to access structure members. So, without the ** in the nums3 malloc line, what exactly does the pointer returned from malloc return?
#include <stdio.h>
#include <stdlib.h>
#define ARRAY_MAX 5
int main(void)
{
struct number {
int num1;
int num2;
int num3;
};
struct number n;
n.num1 = 5;
printf("n.num1: %d\n", n.num1);
n.num2 = 6;
printf("n.num2: %d\n", n.num2);
n.num3 = 7;
printf("n.num3: %d\n", n.num3);
struct number nums1[5];
struct number* nums2 = malloc(sizeof(struct number) * ARRAY_MAX);
struct number* nums3 = malloc(sizeof(struct number*) * ARRAY_MAX);
int x;
for(x = 0; x <= 5; x++) {
nums1[x].num1 = x;
nums1[x].num2 = x;
nums1[x].num3 = x;
}
int y;
for(y = 0; y <= ARRAY_MAX; y++) {
nums2[y].num1 = x;
nums2[y].num2 = x;
nums2[y].num3 = x;
}
for(y=0; y<=ARRAY_MAX; y++) {
nums3[y].num1 = y;
nums3[y].num2 = y;
nums3[y].num3 = y;
printf("%d ", nums3[y].num1);
printf("%d ", nums3[y].num2);
printf("%d \n", nums3[y].num3);
}
Here is a simpler test case of my question:
#include <stdio.h>
#include <stdlib.h>
#define MAX 5
int main(void)
{
struct number {
int num1;
};
struct number* n = malloc(sizeof(struct number*) * MAX);
int i;
for(i=0; i<MAX; i++) {
n[i].num1 = i;
printf("%d\n", n[i]);
}
free(n);
}
Result of running this code:
jason smith#jasonS-pc ~/src/c
$ ./a.exe
0
1
2
3
4
jason smith#jasonS-pc ~/src/c
$
Questions:
How does n[i] work with n being the pointer returned from malloc? How does C know what to do with n[i]? How does C know how to get to n[i+1]? Does it look at what sizeof() is being called on and divide by however many times it is multiplied and use that result to know where the next cell starts?
Why does n[i].num1 = i; even compile? If all I have done is specify a block of memory containing size for x number of pointers to the struct (pointers which would be smaller than the size of the struct itself) and certainly have not initialized anything to point to an actual instance of this struct. Why isn't this a syntax or some other compiler generated error? What exists at cell n[i] that .num1 is working on? Doesn't n[i] right now just contain a pointer without a valid address since it's not yet initialized? How do we go from that to n[i].num1 = i? Is it valid syntax to do "some memory address".num1 = "some value"?
I understand this is not the correct way to do this, and you all have provided great information, but I'm still puzzled as to why this code even compiles. It just doesn't make sense to me.
In general, if you access memory incorrectly you cannot expect anything. You can't expect to get the right answer, and you can't expect to get the wrong answer. You can't expect your program to crash and you can't expect it to run. Again, it can do anything.
The error here is that you allocated an array of pointers but then chose the wrong type to hold the result.
// This is wrong!
struct number* nums3 = malloc(sizeof(struct number*) * ARRAY_MAX);
You want this:
struct number **nums3 = malloc(sizeof(struct number*) * ARRAY_MAX);
// ^^
Or really, this way is better:
struct number **nums3 = malloc(sizeof(*nums3) * ARRAY_MAX);
Then you have an array of (uninitialized) pointers to play with. For example,
for (int i = 0; i < ARRAY_MAX; i++) {
nums3[i] = malloc(sizeof(*nums3[i]));
nums3[i]->num1 = i;
nums3[i]->num2 = i;
nums3[i]->num3 = i;
}
or...
for (int i = 0; i < ARRAY_MAX; i++) {
nums3[i] = &nums2[i];
}
Whatever you want.
(We're pretending here that malloc() doesn't return NULL which is not guaranteed.)
You are correct by saying you are not allocating enough space as sizeof(struct number) = 12 while sizeof(struct number*) = 8
Malloc finds a free memory according to the size you asked and (if successful) returns you a pointer to the first address (this is virtual memory). If you exceed the size created you enter the realm of unexpected behavior. Meaning you either will be able to write and read data from the memory or you won't and even if you manage to do that, you can accidentally overwrite areas in memory storing other data.
In this case, although printing passed with no special behavior, when you try to free(nums3) you will get an error.
Also, if you will reverse the order of nums2 and nums3 declaration and print nums2 after nums3 loop, you will probably be able to see this corruption of data.
Hope this is helpful
I have written a function that allocates and initialises a 2D array, like this -
static state **symbols;
void initNFAStates()
{
int i,j;
numStates = 256;
symbols = (state**)malloc(numStates * sizeof(char));
for(i = 0;i < numStates;i++)
{
symbols[i] = (state*)malloc(NUMSYMBOLS * sizeof(state));
for(j = 0;j < NUMSYMBOLS;j++)
symbols[i][j] = 0;
}
}
and a function to print this array, like this -
void printNFAStateTable()
{
int i, j;
for(i = 0;i < numStates;i++)
{
printf("%d \t",i);
for(j = 0;j < NUMSYMBOLS;j++)
printf("%ld",symbols[i][j]);
printf("\n");
}
}
When called consecutively from the main() function, they both work fine. However, the code as follows results in a segfault after reading only the first 32 lines from the array.
int main(int argc, char **argv)
{
int i;
clock_t begin, end;
double timeTaken;
currNFAState = 0;
initNFAStates();
if(getChars(argc,argv) != NULL)
{
printNFAStateTable();
begin = clock();
regex();
...
Similarly, the printf() function causes the same issue, but only when printing a floating point number -
int main(int argc, char **argv)
{
int i;
clock_t begin, end;
double timeTaken;
currNFAState = 0;
initNFAStates();
printf("A floating point number - %f",0.0124f);
printNFAStateTable();
...
I am aware this has to do with the symbols array being static, as the issue does not appear when the array is global. Could anyone explain why this occurs?
Given this declaration:
static state **symbols;
This allocation is incorrect:
symbols = (state**)malloc(numStates * sizeof(char));
The type of *symbols is state *; this is the type of the elements of the array you are dynamically allocating, and I feel confident in asserting that pointers on your machine are larger than char is. This would be a more appropriate allocation:
symbols = malloc(numStates * sizeof(*symbols));
(Note that you do not need to cast the return value of malloc(), and there are good reasons not to do so.)
Having not allocated memory sufficient for all the pointers you want to use, your program exhibits undefined behavior when it tries to access elements at indices that would fall outside the bounds of the allocation. That UB very easily could manifest in the form of library functions modifying memory you did not expect them to modify.
This is not doing what you expect:
symbols[i][j] = 0;
The reason is that this assumes a singularly allocated block of memory organized as a 2D array. That's not what you've created.
Your code indicates the first dimension is sized at 256, which would look like this:
state symbols[256][NUMSYMBOLS];
If you allocated globally or on the stack. This would be a single block of RAM sized as 256 * NUMSYBOLS * sizeof( state ), where each row is advanced NUMSYMBOLS * sizeof( state ).
What you're doing, however, is create an a array of pointers in one block of RAM, and then allocating additional blocks of RAM for each row. They are unrelated such that access is not going to work using the 2D array syntax.
What you need is first to access the pointer to the row, conceptually:
state *state_row = symbols[ i ];
This gives you the row. Now, get the column;
stat * state_cell = state_row[ j ];
This is expanded to show how to think about it, you can easily choose other specific means of accessing the appropriate cells.
The following code causes a SIGSEGV, but only while debugging.
#include <stdio.h>
#include <stdlib.h>
typedef struct enemy_desc
{
int type;
int x;
int y;
}enemy;
int main()
{
enemy **enemies;
enemies=(enemy **)malloc(sizeof(enemy *)*16);
enemies[0]->type=23;
printf("%i",enemies[0]->type);
return 0;
}
You are only creating space for 16 pointers to enemy, but are not creating the actual enemy objects that you're attempting to use.
Here is an example where I create an enemy object to the first pointer in the array.
#include <iostream>
typedef struct enemy_desc
{
int type;
int x;
int y;
}enemy;
using namespace std;
int main(int argc, char **argv)
{
enemy **enemies;
enemies=(enemy **)malloc(sizeof(enemy *)*16);
memset(enemies, 0, sizeof(enemy*)*16);
enemies[0] = (enemy *) malloc(sizeof(enemy));
memset(enemies[0], 0, sizeof(enemy));
enemies[0]->type=23;
printf("type: %i x: %i y: %i\n\n",enemies[0]->type, enemies[0]->x, enemies[0]->y);
enemies[0]->x = 10;
enemies[0]->y = 25;
enemies[0]->type= 7;
printf("type: %i x: %i y: %i\n\n",enemies[0]->type, enemies[0]->x, enemies[0]->y);
free(enemies[0]);
free(enemies);
return 0;
}
You have allocated memory for 16 enemy * pointers, but you have not allocated room for the 16 enemy structs themselves. There are two ways to fix this. One is to add a loop that allocates each of the 16 enemy structs one by one:
int main()
{
enemy **enemies;
int i;
enemies = (enemy **) malloc(sizeof(enemy *) * 16);
for (i = 0; i < 16; ++i) {
enemies[i] = (enemy *) malloc(sizeof(enemy));
}
enemies[0]->type = 23;
printf("%i",enemies[0]->type);
return 0;
}
The other is to remove one level of indirection. If you declare enemy *enemies then you can allocate the 16 structs at once and forgo a loop. If there's no need for the double indirection this would be my preferred solution:
int main()
{
enemy *enemies;
enemies = (enemy *) malloc(sizeof(enemy) * 16);
enemies[0].type=23;
printf("%i",enemies[0].type);
return 0;
}
Notice that the -> operator switches to ..
You need to create the struct that the pointers point to. The reason why it only gives a SEGV while debugging will be that there's some initialisation done during debugging to cause this sort of thing to segfault; whatever random data's in enemies[0] when you're not debugging is getting dereferenced and is just happening not to cause a segfault.
Your code probably wants to read like this:
int main()
{
enemy *enemies;
enemies=(enemy *)malloc(sizeof(enemy)*16);
enemies[0].type=23;
printf("%i",enemies[0].type);
return 0;
}
Well it should crash right away... because you initialize the array of (array of pointers). And then you DEREFERENCE the first item (enemies[0]) which should give you any random pointer. You try to access that random memory area to write in the value 23.
It should be along the lines of this:
enemies = (enemy **)malloc(sizeof(enemy *) * 16);
for (int i = 0; i < 16; i++) {
enemies[i] = (enemy *)malloc(sizof(enemy));
}
... before you access it.
Looks like you want to allocate an array of pointer to struct, but you're trying to access the struct without allocating space for them. You should do:
enemy **enemies;
enemies=(enemy **)malloc(sizeof(enemy *)*16);
for(i=0;i<16;i++) // allocate space for the structs
enemies[i] = (enemy *)malloc(sizeof(enemy))
enemies[0]->type=23; // now access type field of the first struct obj in array.
On my system (x86, Debian GNU/Linux), the code always segfaults.
Crash backtrace:
signal SIGSEGV, Segmentation fault.
0x08048413 in main () at en.c:16
16 enemies[0]->type=23;
(gdb)
The assignment cited (enemies[0]->type=23;) is the problem. You only allocate memory for the array enemies, which is an array of pointers. You then access the structure that enemies[0] is supposed to point to, but you have not allocated memory for the structure, and enemies[0] is an uninitialized pointer, hence the segfault.
In cases like this, a debugger is your friend :-).