Why do we have to malloc in this string function c?

Question

char * concat(const char *s1, const char *s2) {
    char result[70];
    strcpy(result, s1);
    strcat(result, s2);
    return result;
}
int main() {
    char *s1 = "Hello";
    char *s2 = " World!";
    char *s3 = concat(s1, s2);
    printf("%s\n", s3);

    return 0;
}

This program just calls the concat function which returns a char * that is the concat of s1 and s2. However, upon compiling, I get the error address of stack memory associated with local variable 'result' returned.

So I understand that result is a local variable in the concat function, but not really why we have to malloc it. Why doesn't result just get returned with Hello World as it's value?

If you consider a program like this:

int ret() {

    int a = 4;
    return a;
}
int main() {
    int b = ret();
    printf("%d\n", b); // 4

    return 0;
}

there is no error. I don't have to malloc the int. a is local, but I still return it and it still works.

I want to know what's the main difference between concat and ret, and why concat must dynamically allocate memory. Thank you.

Would someone care to explain the downvote so I can improve this question? — K Split X, Aug 15 '17 at 21:11
There is a fundamental difference in the way that arrays are handled as arguments/return values. — Martin James, Aug 15 '17 at 21:11
`char *` means "pointer to char", not "block of 70 characters" — M.M, Aug 15 '17 at 21:13
@MartinJames Well, the OP is claiming that "*I understand that result is a local variable in the concat function*". Which makes it more "unclear" than dup. — Eugene Sh., Aug 15 '17 at 21:18
The difference between the two codes is, in other words, the difference between the value type and the reference type. You can return the value as a value type like [this](http://ideone.com/OmcCRX) — BLUEPIXY, Aug 15 '17 at 21:24
@EugeneSh.: I disagree with _unclear_. The question was posted because OP does not know about memory layout nor the difference between stack and heap. Therefore, OP would have a hard time deducing the correct wording to search for it. I'd close as _dup_, at most. — jweyrich, Aug 15 '17 at 21:33
I close it as a dup because I have the hammer - it is faster. — Antti Haapala -- Слава Україні, Aug 15 '17 at 22:06

Vlad from Moscow · Answer 1 · 2017-08-15T22:16:17.407

From the C Standard (6.2.4 Storage durations of objects)

1 An object has a storage duration that determines its lifetime. There are four storage durations: static, thread, automatic, and allocated. Allocated storage is described in 7.22.3.

2 The lifetime of an object is the portion of program execution during which storage is guaranteed to be reserved for it. An object exists, has a constant address,33) and retains its last-stored value throughout its lifetime.34) If an object is referred to outside of its lifetime, the behavior is undefined. The value of a pointer becomes indeterminate when the object it points to (or just past) reaches the end of its lifetime.

and

6 For such an object that does not have a variable length array type, its lifetime extends from entry into the block with which it is associated until execution of that block ends in any way...

In this function definition

char * concat(const char *s1, const char *s2) {
    char result[70];
    strcpy(result, s1);
    strcat(result, s2);
    return result;
}

the variable result has the automatic storage duration. Its lifetime is ended after exiting the function. So as it is written in the Standard

If an object is referred to outside of its lifetime, the behavior is undefined.

If to allocate the array dynamically then its lifetime will not end after exiting the function and a pointer that points to it will be valid. You can access the allocated memory outside the function where it was allocated.

As for this function definition

int ret() {

    int a = 4;
    return a;
}

then the function returns the object itself. If you returned the object indirectly through a pointer like this

int * ret() {

    int a = 4;
    return &a;
}

then you had the same problem as with the first program that is the program will have undefined behavior if you try to access the variable a using the returned pointer.

Take into account that functions can return an object of the type int but they can not return an array.

score 0 · Answer 2 · answered Aug 15 '17 at 21:13

char * concat(const char *s1, const char *s2) {
    char result[70];
    strcpy(result, s1);
    strcat(result, s2);
    return result;
}

In your function, the result array is freed after the function call, so char *s3 = concat(s1, s2); pointer s3 is pointing to an invalid address.

score 0 · Answer 3 · answered Aug 15 '17 at 22:01

There are ways to make this function work without dynamic memory allocations. For example, you can ditch all hopes if being multi-threading compatible and declare a static variable inside the function. Illustration:

char* concat() {
    static char result[70];
    // ... rest of the code
}

score -1 · Answer 4 · answered Aug 15 '17 at 21:16

Returning a primitive like an int and returning a string is fundamentally different in C. A string is not a primitive object and is actually a character array. Just like how you cannot declare an array in a function locally, then return that array, you cannot simply return the string. The compiler does not throw an error, but instead a warning, because usually, the stack frame where the contents of result is stored is not cleared when the function returns, so for a short time after exiting the function, you MIGHT be still able to the pointer returned, but don't count on it.

The fundamental difference here is that malloc will allocate space on the heap, which will not be overwritten unless explicitly told otherwise, whereas simply declaring an array in a function does not guarantee that the space the array occupies will still be accessible / readable after the exit of the function (hence a local variable).

Your 'because usually...' is very wrong. This is not while compiler doesn't give an error. — SergeyA, Aug 15 '17 at 21:50

Why do we have to malloc in this string function c?

4 Answers4