I tried code like this:
int *a;
*a = 10;
printf("%d",*a);
in eclipse and it is not printing out anything.
is it because I haven't give initial value to a?
Thank you that was helpful. I know it is problematic I just wasn't sure the exact problem
like, if I do printf("%d",a); I can see it does contain something, is it C's rule
that I do have to give it a place to point to then I can start to change the value in that address?
int *a; This defines a variable which is a pointer to an integer type. The pointer type variable a at the creation contains garbage value.
When you do *a = 10; it ties to use the value stored in a , which is garbage, as an address and store the value 10 there. Because we do not know what a contains and it is not allocated so a points to some memory location which is unknown and accessing it will be illegal, and will get you a segmentation fault (or something similar).
Same in the case of printf ("%d", *a); . This also tries to access the value stored at some undefined memory location which you have not allocated.
.
this variable is this is the location
stored in some with the address
address on the 'garbage'. You do not
stack have permissions to
access this
+-------+---------+
| name | value |
+-------+---------+ +---------+
| a | garbage |---->| ????? |
+-------+---------+ +---------+
After you have defined the pointer type variable, you need to request for some memory location from the operating system and use that memory location value to store into a, and then use that memory location through a.
To do that you need to do the following:
int *a;
a = malloc (sizeof (int)); /* allocates a block of memory
* of size of one integer
*/
*a = 10;
printf ("%d", *a);
free (a); /* You need to free it after you have used the memory
* location back to the OS yourself.
*/
In this case it is like below:
After *a = 10; . The pointer variable is allocated in the stack. At this moment the a contains a garbage value. Then a points to an address with that garbage value.
this variable is this is the location
stored in some with the address
address on the 'garbage'. You do not
stack have permissions to
access this
+-------+---------+
| name | value |
+-------+---------+ +---------+
| a | garbage |---->| ????? |
+-------+---------+ +---------+
After a = (int *) malloc (sizeof (int)); . Let us assume that malloc returns you some address 0x1234abcd, to be used. At this moment a will contain 0x1234abcd then a points to a valid memory location which was allocated and reserved for you to be used. But note that the value inside 0x1234abcd can be anything, ie. garbage. You can use calloc to set the contents of the memory locations you allocate to 0.
this variable is this is the location
stored in some 0x1234abcd , allocated
address on the by malloc, and reserved
stack for your program. You have
access to this location.
+-------+------------+
| name | value |
+-------+------------+ +---------+
| a | 0x1234abcd |---->| garbage|
+-------+------------+ +---------+
After *a = 10; , by *a you access the memory location 0x1234abcd and store 10 into it.
this variable is this is the location
stored in some 0x1234abcd , allocated
address on the by malloc, and reserved
stack for your program. You have
access to this location.
+-------+------------+
| name | value |
+-------+------------+ +---------+
| a | 0x1234abcd |---->| 10 |
+-------+------------+ +---------+
After free (a) , the contents of a ie. the memory address 0x1234abcd will be freed, ie returned back to the operating system. Note that after freeing the 0x1234abcd the contents of a is still 0x1234abcd , but you can no more access it legally, because you just freed it. Accessing the contents pointed by the address stored in a will result in undefined behavior, most probably a segmentation fault or heap corruption, as it is freed and you do not have access rights.
this variable is this is the location
stored in some 0x1234abcd , allocated
address on the by malloc. You have freed it.
stack Now you CANNOT access it legally
+-------+------------+
| name | value |
+-------+------------+ +---------+
| a | 0x1234abcd | | 10 |
+-------+------------+ +---------+
the contents of a remains
the same.
EDIT1
Also note the difference between printf ("%d", a); and printf ("%d", *a); . When you refer to a , it simply prints the contents of a that is 0x1234abcd. And when you refer *a then it uses 0x1234abcd as an address , and then prints the contents of the address, which is 10 in this case.
this variable is this is the location
stored in some 0x1234abcd , allocated
address on the by malloc, and reserved
stack for your program. You have
access to this location.
+-------+------------+
| name | value |
+-------+------------+ +---------+
| a | 0x1234abcd |---->| 10 |
+-------+------------+ +---------+
^ ^
| |
| |
(contents of 'a') (contents of the )
| (location, pointed )
printf ("%d", a); ( by 'a' )
|
+----------------+
|
printf ("%d", *a);
EDIT2
Also note that malloc can fail to get you some valid memory location. You should always check if malloc returned you a valid memory location. If malloc cannot get you some memory location to be used then it will return you NULL so you should check if the returned value is NULL or not before use. So finally the code becomes:
int *a;
a = malloc (sizeof (int)); /* allocates a block of memory
* of size of one integer
*/
if (a == NULL)
{
printf ("\nCannot allocate memory. Terminating");
exit (1);
}
*a = 10;
printf ("%d", *a);
free (a); /* You need to free it after you have used the memory
* location back to the OS yourself.
*/
You haven't allocated memory for a.
Try
int *a;
a = (int*)malloc(sizeof(int)); //Allocating memory for one int.
*a = 10;
printf("%d", *a);
free(a); //Don't forget to free it.
When you declare the pointer, the compiler is only going to reserve memory to store a pointer variable. If you want that pointer to point to something after the fact, it has to be something that had its own memory allocated. Either point it at something that was declared as an int, or allocate memory from the heap for an int.
Related
In a recent exam question I got this code with following options:
char **mptr, *pt1;
int i;
mptr = calloc(10, sizeof(char*));
for (i=0; i<10; i++)
{
mptr[i] = ( char *)malloc(10);
}
Which of the following de-allocation strategies creates a memory leakage?
A. free(mptr);
B. for(i = 0; i < 10; i++): { free(mptr[i]); }
C. All of them
The answer is C. But it seems to me that applying free(mptr); would suffice covering the memory leak, and B as well, although I'm less sure of that, can someone explain me why all of them would cause a memory leak?
I'm guessing the C options expects that each operation ( A or B ) are applied separatly.
P.S.
I don't see the point of this code, if you already have allocated memory with calloc (and initialized it) why would you go as far as to allocate each cell with a cycle? Am I wrong to believe that?
Which of the following de-allocation strategies creates a memory leakage?
In my pedantic opinion the correct answer would have to be option A, it creates a memory leak because it deallocates mptr, making mptr[i] pointers inaccessible. They cannot be deallocated afterwards, assuming that the memory is completely inaccessible by other means.
Option B does not lead to memory leak per se, mptr is still accessible after you free mptr[i] pointers. You can reuse it or deallocate it later. Memory leak would only occur if and when you loose access to the memory pointed by mptr.
I believe the question is somewhat ill-formed, if the question was "Which option would you use to correctly deallocate all the memory?", then yes, option C would be correct.
I do agree that the correct strategy to deallocate all the memory is B + A, albeit A first will cause immediate memory leak whereas B first will allow for later deallocation of mptr, as long as the access to the memory pointed by it is not lost.
I don't see the point of this code, if you already have allocated memory with calloc (and initialized it) why would you go as far as to allocate each cell with a cycle? Am I wrong to believe that?
The allocation is correct.
//pointer to pointer to char, has no access to any memory
char **mptr;
//allocates memory for 10 pointers to char
mptr = calloc(10, sizeof(char*));
//allocates memory for each of the 10 mptr[i] pointers to point to
for (i = 0; i < 10; i++)
{
mptr[i] = malloc(10); //no cast needed, #include <stdlib.h>
}
Check this thread for more info.
Let's draw this out:
char ** char * char
+---+ +---+ +---+---+ +---+
mptr: | | -------->| | mptr[0] -------->| | | ... | |
+---+ +---+ +---+---+ +---+
| | mptr[1] ------+
+---+ | +---+---+ +---+
... +->| | | ... | |
+---+ +---+---+ +---+
| | mptr[9] ----+
+---+ | +---+---+ +---+
+--->| | | ... | |
+---+---+ +---+
If all you do is free the memory pointed to by mptr, you wind up with this:
char ** char
+---+ +---+---+ +---+
mptr: | | | | | ... | |
+---+ +---+---+ +---+
+---+---+ +---+
| | | ... | |
+---+---+ +---+
+---+---+ +---+
| | | ... | |
+---+---+ +---+
The allocations for each mptr[i] are not freed. Those are all separate allocations, and each must be freed independently before you free mptr. free does not examine the contents of the memory it's deallocating to determine if there are any nested allocations that also need to be freed. The proper procedure would be to write
for ( int i = 0; i < 10; i++ )
free( mptr[i] );
free( mptr );
If all you do is free each mptr[i] but not mptr, you wind up with this:
char ** char *
+---+ +---+
mptr: | | -------->| | mptr[0]
+---+ +---+
| | mptr[1]
+---+
...
+---+
| | mptr[9]
+---+
You still have the array of pointers you allocated initially. Now, this isn't a memory leak yet - it only becomes one when you lose track of mptr.
So, these are the rules for memory management in C:
Every malloc, calloc, or realloc call must eventually have a corresponding free;
When doing nested allocations, always deallocate in reverse order that you allocated (i.e., deallocate each ptr[i] before deallocating ptr);
The argument to free must be a pointer returned from a malloc, calloc, or realloc call.
P.S. I don't see the point of this code, if you already have allocated memory with calloc (and initialized it) why would you go as far as to allocate each cell with a cycle? Am I wrong to believe that?
This is an example of a "jagged" array, where each "row" can be a different length (which you can't do with a regular 2D array). This can be handy if you're storing (for example) a list of words of all different lengths:
char ** char * char
+---+ +---+ +---+---+---+---+
| | -------->| |-------->|'f'|'o'|'o'| 0 |
+---+ +---+ +---+---+---+---+
| | -----+
+---+ | +---+---+---+---+---+---+---+
| | ---+ +->|'b'|'l'|'u'|'r'|'g'|'a'| 0 |
+---+ | +---+---+---+---+---+---+---+
... |
| +---+---+---+---+---+---+
+--->|'h'|'e'|'l'|'l'|'o'| 0 |
+---+---+---+---+---+---+
If necessary, you can easily resize each "row" without affecting any of the others, and you can easily add more "rows". This looks like a 2D array when you index it - you can access individual elements using mptr[i][j] like any other 2D array - but the "rows" are not contiguous in memory.
Compare this with a "real" 2D array, where all the rows are the same size and laid out contiguously:
+---+---+---+---+---+---+---+
|'f'|'o'|'o'| 0 | ? | ? | ? |
+---+---+---+---+---+---+---+
|'b'|'l'|'u'|'r'|'g'|'a'| 0 |
+---+---+---+---+---+---+---+
|'h'|'e'|'l'|'l'|'o'| 0 | ? |
+---+---+---+---+---+---+---+
The main disadvantage is some wasted space. Your array has to be sized for the longest word you want to store. If you have a table of 100 strings, one of which is 100 characters long and the rest 10, then you have a lot of wasted space. You can't have one row that's longer than the others.
The advantage is that the rows are contiguous, so it's easier to "walk" down the array.
Note that you can allocate a regular 2D array dynamically as well:
char (*ptr)[10] = calloc( 10, sizeof *ptr );
This allocates enough space for a 10x10 array of char in a single allocation, which you can index into like any other 2D array:
strcpy( ptr[0], "foo" );
ptr[0][0] = 'F';
Since this is a single allocation, you only need a single deallocation:
free( ptr );
free(mptr); just frees the memory allocated for the pointers, but not the memory the pointers point to.
If you free() the memory for the pointers before freeing the memory the pointer to point to, you got no reference anymore to the memory to be pointed to and hence you got a memory leak.
for(i = 0; i < 10; i++): { free(mptr[i]); }, on the other side, frees only the memory pointed to but not the pointers. Dependent upon how strictly you see it, you could also consider this as memory leak because the memory for the pointers is not deallocated.
So, dependent upon the point of view and one's own opinion, either A. or C. is correct.
I don't see the point of this code, if you already have allocated memory with calloc (and initialized it) why would you go as far as to allocate each cell with a cycle?
With
mptr = calloc(10, sizeof(char*));
you allocated memory for the pointers itself to which the pointer to pointer mptr is pointing to.
But pointers need to point to data memory which you can access by using the pointers. The pointers itself can't store any other data than the address of the memory to point to.
Thus, you allocate memory to point to for each pointer by each iteration inside of the for loop.
A pointer always needs a place to point to in order to use it correctly as pointer (Exception: null pointers).
I came across an example in a page outlining the various ways to represent a string in C structures. It explains that an array defined in a function outside main will be stored in the stack segment and as such will not necessarily be present following its return potentially causing a runtime error.
HIGHLIGHTED POSSIBLE DUPLICATE EXPLAINED WHY THE ARRAY FAILED ON RETURN I.E THE POINTER TO ELEMENT 0 RETURNED IS NO LONGER VALID BUT DID NOT SHOW THAT THE REASON VARIABLES OF THE SAME STORAGE CLASS (AUTO) ARE SUCCESSFUL IS THAT THEY PASS A VALUE WHICH SURVIVES THE REMOVAL OF THE STACK FRAME
" the below program may print some garbage data as string is stored in stack frame of function getString() and data may not be there after getString() returns. "
char *getString()
{
char str[] = "GfG"; /* Stored in stack segment */
/* Problem: string may not be present after getSting() returns */
return str;
}
int main()
{
printf("%s", getString());
getchar();
return 0;
}
I understand that other local C variables will also be defined in their respective stack frames and obviously they can be returned so why is it an issue for arrays?
Thanks
This should roughly explains what happened, after return from getString(), its stack is not valid anymore.
^ ^
| not valid | ^ ^
+------------+ | not valid |
str--> | "GfG" | | not valid | <---+
| --- | | not valid | |
| stack of | +------------+ |
| getString | | return(str)| ----+
+------------+ | --- |
| | | |
| stack of | | stack of |
| main() | | main() |
+------------+ +------------+
If compiled with gcc -W -Wall (should always use those options), it should give the warning:
warning: function returns address of local variable [-Wreturn-local-addr]
The difference is in returning a value as opposed to returning a pointer.
When you do this:
int f()
{
int x = 9;
return x;
}
int main()
{
int a = f();
printf("a=%d\n", a);
return;
}
This is valid because even though x is out of scope when f returns, it is the value stored in x (9 in this case) that is returned. That value is then assigned to a and subsequently printed.
In your example you're returning an array. In most contexts, an array used in an expression decays into a pointer to its first element. So return str is the same as return &str[0]. That pointer value is returned and passed to printf. Then printf tried to dereference that pointer, but the memory it points to (the array str) is no longer valid.
So you can return values from a function, but if that value is a pointer to a local variable it will not be valid.
There are 2 situations:
When you return a simple value like an int or char from a local function and that variable is defined/declared in that local function. It happens successfully, because while returning the value is actually copied.
Now you have string "GfG" in str and when you do return str, the value that is copied is what is there in str and that is the address location of the array. So in this case the array location (pointer) is copied, while the contents of this array vanishes (since the contents were on local stack frame).
Given the following code:
typedef struct Tokens {
char **data;
size_t count;
} Tokens;
void freeTokens(Tokens *tokens) {
int d;
for(d = 0;d < tokens->count;d++)
free(tokens->data[d]);
free(tokens->data);
free(tokens);
tokens = NULL;
}
Why do I need that extra:
free(tokens->data);
Shouldn't that be handled in the for loop?
I've tested both against valgrind/drmemory and indeed the top loop correctly deallocates all dynamic memory, however if I remove the identified line I leak memory.
Howcome?
Let's look at a diagram of the memory you're using in the program:
+---------+ +---------+---------+---------+-----+
| data | --> | char * | char * | char * | ... |
+---------+ +---------+---------+---------+-----+
| count | | | |
+---------+ v v v
+---+ +---+ +---+
| a | | b | | c |
+---+ +---+ +---+
|...| |...| |...|
+---+ +---+ +---+
In C, we can dynamically allocate space for a group (more simply, an array) of elements. However, we can't use an array type to reference that dynamic allocation, and instead use a pointer type. In this case, the pointer just points to the first element of the dynamically allocated array. If you add 1 to the pointer, you'll get a pointer to the second element of the dynamically allocated array, add two to get a pointer to the second element, and so on.
In C, the bracket syntax (data[1]) is shorthand for addition and dereferencing to a pointer. So pointers in C can be used like arrays in this way.
In the diagram, data pointing to the first char * in the dynamically allocated array, which is elsewhere in memory.
Each member of the array pointed to by data is a string, itself dynamically allocated (since the elements are char *s).
So, the loop deallocates the strings ('a...', 'b...', 'c...', etc), free(tokens->data) deallocates the array data points to, and finally, free(tokens) frees the entire struct.
data is a pointer to a pointer. This means data points to a dynamically allocated array of pointers, which then each point to the actual data. The first for loops frees each of the pointers IN the array, but you still need to free the original pointer TO that array of the other points which you freed already. That's the reason for the line you pointed out.
As a general rule of thumb, every malloc() should have a corresponding call to free(). If you look at the code which allocates the memory in this program, you will very likely see a very strict correspondence with the code you posted here that frees the memory.
I'm kinda confused:
int* p=1000;
printf("%d\n", (int)(p+sizeof(int))); // what is going on here?
does p point to 1000 or does p = the memory address 1000? If it is the former, could this be achieved achieved like this:
int dummyVariable = 1000;
int * p = &dummyVariable;
The declaration
int* p=1000;
makes p point to the address 1000.
While in the case of
int dummyVariable = 1000;
int * p = &dummyVariable;
you initialize dummyVariable to the value 1000 and make p point to dummyVariable.
Another way to look at it:
In the first case you have
Address 1000
|
v
+---+ +-----+
| p | --> | ??? |
+---+ +-----+
And in the second case you have
Address &dummyVariable
|
v
+---+ +----------------------------+
| p | --> | dummyVariable (value 1000) |
+---+ +----------------------------+
A third way of looking at it, is that the value of p is an integer (that just happens to be an address). In the first case p contains the value 1000, i.e. it's pointing to the address 1000.
In the second case the contents of p is &dummyVariable, i.e. it points to the location in memory where dummyVariable is stored.
As for the printout in the first example giving you the value 1016, that's because of how pointer arithmetic works: Whatever you add to a pointer is multiplied by the size of the base type. So if you have a pointer to int, then everything you add to that pointer will be multiplied by sizeof int.
In your case, the size of int is 4 bytes, so what you are doing is actually 1000 + 4 * 4 which is equal to 1016.
In your example, p is storing the memory address 1000, whatever that memory address is holding. In fact, p resides at another memory address, which, again stores the number 1000, which is a memory address, etc. Your second example is correct: The pointer p is assigned the memory address of dummyVariable, now if you modify dummyVariable or the *p (dereferencing the pointer), the changes will be applied to both (because they point to the same memory space).
int* p=1000;
p is a pointer pointing to memory location 1000.
printf("%d\n", (int)(p+sizeof(int)));
You are trying to access some memory here.( 1000 + sizeof(int))
Directly assigning some random address to a pointer as done here is not a good idea.
You should have got below mentioned warnings:
warning: initialization makes pointer from integer without a cast
warning: cast from pointer to integer of different size
The second part:
int dummyVariable = 1000;
int * p = &dummyVariable;
Here 1000 is a value and pointer p is pointing to a memory location holding 1000.
So both are diffrent.
I wrote a C program as follows:
CASE 1
int *a; /* pointer variable declaration */
int b; /* actual variable declaration */
*a=11;
a=&b;/* store address of b in pointer variable*/
It gives a segmentation fault when running the program.
I changed the code as follows:
CASE 2
int *a; /* pointer variable declaration */
int b; /* actual variable declaration */
a=&b;/* store address of b in pointer variable*/
*a=11;
Now it's working fine.
If anyone knows please explain why it is giving a segmentation fault in CASE 1.
CASE .1
int *a; /* pointer variable declaration */
int b; /* actual variable declaration */
*a=11;//Not valid means you are not owner of the address where a now pointing it is unknown and accessing this will segfault/
a=&b;/* store address of b in pointer variable*/
This is going to be segmentation fault because the address you are using is not a valid address and there you are storing 11 which is illegal.
b
+-------+ +--------+
| + | 11 |
|Unknown| | |
+---+---+ +---+----+
| |
| |
+ +
a a
CASE .2
int *a; /* pointer variable declaration */
int b; /* actual variable declaration */
a=&b;/* store address of b in pointer variable*/
*a=11;
Now its working fine because the address of b is valid an there you are storing 11 which is legal.
Also above cases are not correct way of pointer declaration
int *a = NUll;
a = malloc(sizeof(int));
*a=5;
free(a);//must
or
int *a = NUll;
int b;
a = &b;
*a=5;
This will remove segmentation fault many times which is hard to find .
int *a; // a pointer variable that can hold a memory address of a integer value.
In case 1,
*a = 10; // here you have asigned 10 to unknown memory address;
It shows segmentation fault because of assigning value to a memory address that is not defined. Undefined behaviour.
In case 2,
a=&b; // assigning a proper memory address to a.
*a=11;// assigning value to that address
Consider this example:
#include<stdio.h>
int main()
{
int *a,b=10;
printf("\n%d",b);
a=&b;
*a=100;
printf("-->%d",b);
}
Output: 10-->100
Here this is how it works.
b // name
----------
+ 10 + // value
----------
4000 // address
Asuuming memory location of b is 4000.
a=&b => a=4000;
*a=100 => *(4000)=100 => valueat(4000) => 100
After manipulation it looks like this.
b // name
----------
+ 100 + // value
----------
4000 // address
One line: First code you are dereferencing uninitialized pointer which exhibits undefined behaviour, and in the second code you are dereferencing initialized pointer which will give access to the value at the address.
A bit of explanation:
First you need to realize that a pointer is nothing but an integer, an with the *var we tell the compiler that we will be using the content of the variable var (the integer in it) as an address to fetch the value in that address. If there is **var similarly we tell the compiler that we will first use the stored value of the variable var to fetch the value at the address and again use this fetched value as an address and fetch the value stored in it.
Therefore in your first declaration it is:
+----------+ +----------+
| garbage | | garbage |
+----------+ +----------+
| a | | b |
+----------+ +----------+
| addr1 | | addr2 |
+----------+ +----------+
Then you try to use the value stored in a as an address. a contains garbage, it can be any value, but you do not have access to any address location. Therefore the next moment when you do *a it will use the stored value in a as an address. Because the stored value can be anything, anything can happen.
If you have permission to access the location , the code will continue to execute without a segmentation fault. If the address happens to be an address from the heap book-keeping structure, or other memory area which your code allocated from heap or stack then when you do *a = 10 it will simply wipe off the existing value with 10 in that location. This can lead to undefined behaviour as now you have changed something without the knowledge of the context having the actual authority of the memory. If you don't have permission to the memory, you simply get a segmentation fault. This is called dereferencing of an uninitialized pointer.
Next statement you do a = &b which just assigns the address of b in a. This doesn't help, because the previous line has dereferenced an uninitialized pointer.
Next code you have something like this after the third statement:
+----------+ +----------+
| addr2 |---+ | garbage |
+----------+ | +----------+
| a | +--> | b |
+----------+ +----------+
| addr1 | | addr2 |
+----------+ +----------+
The third statement assigns the address of b into a. Before that a is not dereferenced, therefore the garbage value stored in a before the initialization is never used as an address. Now when you assign a valid address of your knowledge into a, dereferencing a now will give you access to the value pointed to by a.
Extending the answer, you need to keep an eye that, even if you have assigned a valid address to a pointer, you have to make sure at the time of dereferencing the pointer the lifetime of the address pointed to by the pointer has not expired. For example returning local variable.
int foo (void)
{
int a = 50;
return &a; //Address is valid
}//After this `a' is destroyed (lifetime finishes), accessing this address
//results in undefined behaviour
int main (void)
{
int *v = foo ();
*v = 50; //Incorrect, contents of `v' has expired lifetime.
return 0;
}
Same in the case of accessing freed memory location from heap.
int main (void)
{
char *a = malloc (1);
*a = 'A'; //Works fine, because we have allocated memory
free (a); //Freeing allocated memory
*a = 'B'; //Undefined behaviour, we have already freed
//memory, it's not for us now.
return 0;
}
int a stores a random integer value. So saying by saying *a, you might be accessing a memory location that is out of bounds or invalid. So it is a seg fault.
In the first case you have declared a pointer but you have not assigned the address to which it has to point hence the pointer would have contained an address that would have belonged to another process in the system (or it would have contained an junk value which is not an address at all or it would have contained an null which can't be an memory address)hence operating system sends an signal to prevent invalid memory operation and hence an segmentation fault occurs.
In the second case you are assigning the address of the variable which has to be updated to the pointer and storing the value which is the correct way of doing and hence there's no segmentation fault.