Pointer to Pointer & Mem allocation

Y

Yossarian

Hi,

I'm a bit confused about something, hopefully someone can put me
straight.

I'd like to be able to call a function which takes a pointer to
pointer, have that function allocate memory and return the size. I
can't get it to work and I would like to know why this code outputs
wierd values (the first mem address is ok i think):


int f3(int **ptr)
{
*ptr = malloc(sizeof(int)*4);
printf("%p\n", *ptr);
*ptr++;
printf("%p\n", *ptr);
*ptr++;
printf("%p\n", *ptr);
}

int main(void)
{
int *p2;
f3(&p2);
return 0;
}

The output is:

0xa040448
0x0
0x22f40

:-S Thanks for reading.
 
E

Eric Sosman

Yossarian said:
Hi,

I'm a bit confused about something, hopefully someone can put me
straight.

I'd like to be able to call a function which takes a pointer to
pointer, have that function allocate memory and return the size. I
can't get it to work and I would like to know why this code outputs
wierd values (the first mem address is ok i think):


int f3(int **ptr)
{
*ptr = malloc(sizeof(int)*4);

If the malloc() call succeeds, you now have this situation
(apologies for the bad ASCII art):

ptr p2 dynamic
+------+ +------+ +---+---+---+---+
| *--------> | *--------> |int|int|int|int|
+------+ +------+ +---+---+---+---+
printf("%p\n", *ptr);

(Side-issue: This isn't quite right. The "%p" specifier
requires a `void*' pointer value, and you're giving it an
`int*' instead. On many machines you will get away with this
error, but for correctness write `(void*)*ptr' instead.)

Here's the crux: I don't think you understand what this
statement accomplishes. It says "Fetch the value at `*ptr'
(the contents of the second box above), ignore them, and
then advance `ptr' itself by one `int*' position." Now you
have

ptr p2 dynamic
+------+ +------+ +---+---+---+---+
| *-----+ | *--------> |int|int|int|int|
+------+ | +------+ +---+---+---+---+
|
+-->
printf("%p\n", *ptr);

You are now in a serious state of error. You are trying
to print the value `ptr' points at, but it no longer points
at anything useful. It is legal to form a "one past the end"
pointer, but it is not legal to try to access the memory at
that position. There might not even *be* any memory at that
position, and even if there is you have never stored a value
there. So when you try to access the uninitialized value in
a region of memory that might not even exist, all bets are
off and anything at all might happen.

"Fetch the pointed-to value, ignore it, and advance `ptr'
again." Once again you commit the error of fetching a value
that hasn't been initialized and might not even exist, and
then you add a new error: A "one past the end" pointer is
legal, but a "two past the end" pointer is not. Things just
get worse.
printf("%p\n", *ptr);
}

int main(void)
{
int *p2;
f3(&p2);
return 0;
}

The output is:

0xa040448
0x0
0x22f40

As I hope you now understand, the fact that you got any
output at all is more by good luck than good management. I
suggest you review Question 4.3 in the comp.lang.c Frequently
Asked Questions (FAQ) list

http://www.eskimo.com/~scs/C-faq/top.html

In fact, reviewing all of Sections 4, 6, and 7 might be a
good idea.
 
M

Mike Wahler

Yossarian said:
Hi,

I'm a bit confused about something, hopefully someone can put me
straight.

I'd like to be able to call a function which takes a pointer to
pointer, have that function allocate memory and return the size. I
can't get it to work and I would like to know why this code outputs
wierd values (the first mem address is ok i think):


int f3(int **ptr)

If you're returning the allocated size, the return
type should be 'size_t'.
{
*ptr = malloc(sizeof(int)*4);

You should check here that 'malloc()' succeeded,
and take appropriate action if it did not.
printf("%p\n", *ptr);
*ptr++;

This dereferences the pointer 'ptr', yeilding the address
returned by 'malloc()', discards that value, and then
increments 'ptr' (which makes it point to memory not
'owned' by your program -- i.e. 'ptr' represents a
single pointer, not an array of them. After the above
increment, another *ptr will give 'undefined behavior.)

If you want to 'step through' the addresses of the
allocated 'int' objects:

(*ptr)++;

(this dereferences 'ptr', yeilding the value returned
by 'malloc()', then increments that (pointer) value,
giving it the address of the second allocated 'int'.)

But note that this statement also 'throws away' the value
returned by 'malloc()', preventing you from freeing the memory
later -- a 'memory leak' (unless you either save the original
pointer somewhere or keep track of how many times you increment
*ptr, and use that info to recalculate the original pointer value
returned by 'malloc()'.

If this is not what you're after, please clarify.

(and if I've somehow erred with my explanation,
someone will be sure to point it out. :))

-Mike
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top