C free() allocated memory twice, will it cause segfault?

Question

If we twice free() the same char pointer which is allocated with malloc(), will it cause segfalut?

void Allocate() 
{     
   char *y;
   y = (char *) malloc (sizeof(char) * 200);    
   free (y);
   strcpy(y,"helloworld");
   free (y);
}

int main()
{
     Allocate();
     return 0;
}

@mangusta: A self-check validates something for a particular compiler during a particular moon-phase. Sometimes that is enough; other times it's best to check the Standard (or SO). — pmg, Mar 17 '14 at 09:59

score 2 · Answer 1 · edited May 23 '17 at 12:05

2

It's undefined behavior, so don't do it.

Even more, don't use the memory after calling free() in it, this is a total no-no:

free (y);
strcpy(y,"helloworld");

The above is also undefined behavior.

Also, don't cast the return value of malloc() in C.

edited May 23 '17 at 12:05

Community

1
1

answered Mar 17 '14 at 09:57

unwind

391,730
64
469
606

In my application i got core dump but in this example code i didn't get core dump. – Jeyamaran Mar 17 '14 at 10:00
@Jeyamaran Yes, that's because of *undefined* behavior. You cannot depend on getting any particular result. It's *undefined*. Clear? – unwind Mar 17 '14 at 10:01
Oh but some situation surely it will create core dump correct. – Jeyamaran Mar 17 '14 at 10:03

score 0 · Answer 2 · answered Mar 17 '14 at 10:03

Freeing the same memory twice will result in undefined behaviour, as will writing to memory which has been freed (see the strcpy).

The C Standard defines Undefined Behaviour in Section §1.3.12 as

behaviour, such as might arise upon use of an erroneous program construct or erroneous data, for which this International Standard imposes no requirements [3].

Undefined behaviour may also be expected when this International Standard omits the description of any explicit definition of behavior.

(3) = permissible undefined behavior ranges from ignoring the situation completely with unpredictable results, to behaving during translation or program execution in a documented manner characteristic of the environment (with or with- out the issuance of a diagnostic message), to terminating a translation or execution (with the issuance of a diagnostic message).

As to what's happening I would guess the following:

You free y
You then strcpy over what was once y which may corrupt the heap; this itself is unlikely to segfault, but might (see above)
You then allocate z, which uses the possibly corrupted heap, and may segfault or misallocate the memory (i.e. return an address which cannot be used).
You then strcpy into a possibly misallocated bit of memory and thus may segfault.
You then free y again, with a heap which is possibly corrupt, which may segfault etc.

If you really want to know, use debug libc and gdb to find out.

Those thing i hv already knw. But i just need will it core dump at any situation. — Jeyamaran, Mar 17 '14 at 10:14
The question says "will it cause segfalut" *(sic)*, not "will it core dump". Segfaults do not always cause a core dump. You will have to do (OS dependent) `ulimit -c unlimited` before running it to get a core dump. — abligh, Mar 17 '14 at 20:38

s.s · Answer 3 · 2014-03-21T07:56:01.393

0

Freeing same pointer twice may cause heap corruption. In your program after deallocating you are trying to copy a string which will cause segfault.

edited Mar 21 '14 at 07:56

answered Mar 17 '14 at 10:09

s.s

138
8

But i m not getting any core dump. I tried various way but i didn't get core dump even single time. – Jeyamaran Mar 17 '14 at 10:12
you may find here how to enable core dump. http://www.akadia.com/services/ora_enable_core.html – s.s Mar 17 '14 at 13:53
There's never going to be a guarantee that you'll get a core dump just because you're violating your program's memory. – This isn't my real name Mar 20 '14 at 16:38

C free() allocated memory twice, will it cause segfault?

3 Answers3