Thread: function with variable arguments crashes

The following program compiles with no errors. If left as is, it will execute with no apparent errors.

Code:

#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>

#define ARGCNT 5

void show_array(const double * array, int num);
double * new_d_array(int num, ...);

int main(void)
{
	double * p1;

	p1 = (double *) malloc(ARGCNT * sizeof(double));

	p1 = new_d_array(ARGCNT, 1.2, 2.3, 3.4, 4.5, 5.6);

	show_array(p1, ARGCNT);

	free(p1);

	puts("Goodbye!");

	return 0;
}

void show_array(const double * array, int num)
{
    int ct;

    for (ct = 0; ct < num; ct++)
        printf("%.2lf ", array[ct]);

    putchar('\n');
}

double * new_d_array(int num, ...)
{
	int ct;
	double * array;
	va_list holder;
	va_start(holder, num);
	
	for (ct = 0; ct < num; ct++)
		array[ct] = va_arg(holder, double);   // crashes HERE

	va_end(holder);
	
	return &array[0];
}

The behavior I don't understand is: when I change the line

Code:

p1 = new_d_array(ARGCNT, 1.2, 2.3, 3.4, 4.5, 5.6);

to include more (or fewer) arguments, the program crashes at the commented spot. I am of course changing the body of ARGCNT to reflect the addition (or subtraction) of double values. It doesn't seem to matter.

To make this even more interesting, if I leave the five double values as they are, but change the ARGCNT body to any number above or below 5, it will still run fine, but will truncate or add on output as expected. The added output (above 5 arguments) will be zeroed out double values, but it will still process and print them.

Where is the problem???

Where's your memory allocation for array? Try changing the definition to:

Code:

double *array = malloc(sizeof(double) * num);

Don't forget to free() the memory in the calling function somewhere.

Crap! Memory allocation again... and I was trying to be mindful of it.

The mistake I made was assuming I only had to use malloc() for the pointer in main(). I never even considered I'd need to do the same allocation in the called function as well!

Thanks!!!

So should I have used malloc() only in new_d_array()?

After itsme86's reply, I used malloc() to declare the array pointer as per his suggestion, and the program worked. After reading your response, I'm thinking I should have never used malloc() with p1 in main() in the first place.

Due to your new information regarding memory leaks, I removed the malloc() use in main() and recompiled, and everything still works.

If I merely declare p1 this way in main():

Code:

double * p1;

and refrain from using malloc() until new_d_array(), then does this code (before the return statement in main()):

Code:

free(p1);

free up the memory originally allocated for array in new_d_array()? If so, is it because p1 is now pointing to the same address that the allocated memory began at in the first place?

Adak, msh and itsme86:

Thanks a ton! All my questions were answered, and more importantly, I think I now properly understand the rules regarding malloc() and free() as applied to this type of scenario.

sf