Pointer returning Address

Question

When the variable is defined inside some block it gets destroyed when the end of the block is reached.

So from the below program I expected some kind of warning

#include<stdio.h>
int *fun()
{
    int i=10;
    return &i;
}

int main(void)
{
    int *p=fun();
    return 0;
}

I expect a warning as I am trying to return the address of the local variable i which will be destroyed when the control comes out of the scope

But if I store the value variable i in some integer pointer and then return the value from the fun like this

#include<stdio.h>
int *fun()
{
    int i=10,*p;
    p=&i;
    return p;
}

int main(void)
{
    int *p=fun();
    return 0;
}

Why I dont get any warning ?

Answer 1

• The compiler warns only when you are returning address of a local variable directly.
• It does not throw warning if you return an address pointer.
• It does not check if the address pointer is assigned with a local variable.

Duplicate of: Return address of local variable in C

Why both programs will reult in undefined behaviour: https://www.fayewilliams.com/2015/06/30/a-challenge-discussion-returning-pointers-to-local-variables/

Answer 2

The compiler gives warning only in the former program and not the second because you are technically not returning the address of a local variable.

That's how the compiler looks at things, it can only look at the syntax makes a statically calculated warning.

also, just found this: Return address of local variable in C

Answer 3

You will get a warning:

warning: function returns address of local variable [-Wreturn-local-addr]

but you must compile with the command line option -Wall. I'd also recommend using -Werror. Use these two options always. You have been warned :-)

Also, note that the value isn't really destroyed [as in Java]. It still exists at the memory location returned, which is part of the stack frame for fun. It will remain intact for a brief (i.e. unpredictable/undefined) amount of time.

It's just that if you call any other function, that function's stack frame will be at the same address and whatever it does will [probably] make the value of fun's i seem like garbage.

For example:

fun stack frame:
    int i;          // offset 0x00
    int *p;         // offset 0x04

fn2 stack frame:
    double q;       // offset 0x00
    int x;          // offset 0x08
    int j;          // offset 0x0C

So, after you call fun, you call fn2 and it sets q to 123.7. After return from fn2 the first four bytes of q have overwritten the space held by fun's i. Hence, the "garbage" value for i

Answer 4

That is because in C just because a variable goes out of scope does not mean that the system releases that memory like in java. In C if you create a variable and set a pointer to that variable then as long as you have the pointer to that variable you can get the value and modify. here is what you would need to do to print off the value that p holds.

#include<stdio.h>
int *fun()
{
    int num=2;//this sets some memory address equal to 2
    int *p=&num; //this sets some memory address equal to
                 //the memory address of num
    return p; //this returns a "pointer" to the value
              //of num
}

int main(void)
{
    int *p=fun();
    printf("num equals: %d\n",*p); //need star to get to the value of num
                      //if you tried to print p by itself it would work
                      //but it would be a memory address which
                      //means nothing to the program
    return 0;
} //output is "num equals: 2"