Why the memory not freed will cause leaking ? and some other questions

Question

As I know, all processes run within its own virtual address space. If a process call malloc, OS will allocate some region from the heap owned by the program, and return an address which is a virtual address not a real physical address. As the heap is owned by the program, why can't OS reclaim the memory not freed by programmer ?

Virtual address space is respectively for every program, so program have no method to destroy the data owned by other program. Am I right?

If a program access to an random address owned by other program, segment fault will occur. But why no error occurs when the program access to the address freed by itself previously?

Answer 1

As the heap is owned by the program, why can't OS reclaim the memory not freed by programmer ?

Assuming virtual memory as you do here, the OS will reclaim any memory not freed by the program when it terminates. For short lived programs this is not a problem. However not all systems have virtual memory (think embedded programming on strange CPU's.) Also for programs that live for a long time, leaking memory while the program is running could be bad.

Virtual address space is respectively for every program, so program have no method to destroy the data owned by other program. Am I right?

Yes.

If a program access to an random address owned by other program, segment fault will occur. But why no error occurs when the program access to the address freed by itself previously?

This depends. What OS you're running, which allocator you're using, where the block of memory was located and its size will all matter in how the actual memory is freed or not. In short, the OS allocates fixed size pages of memory to your application. Your runtime library maps memory requested by malloc to the pages served by the OS. A page will not be released back to the OS until all the memory blocks located within it is freed. Some allocators also hold on to pages once they've been allocated in the assumption that you will need them again later. You will only get segfaults for trying to access memory in a page that does not belong to your program, either because it was never allocated in the first place, or because it has been released back to the OS.

Answer 2

1. The OS can't reclaim the memory not freed by a running program (a process) because it (the OS) doesn't know whether the process is still using that memory. This is exactly what the freeing act is there for - notifying the OS that the memory will not be used anymore. Of course, the OS can reclaim the memory of the program once it's terminated.

2. Yes, one process can't easily destroy (or even modify) another process's address space. Processes are isolated from one another (which is a good thing) and in order to make some interaction possible, a programmer has to resort to some means of interprocess communication (or IPC), e.g. shared memory, pipes, signals etc.

3. Actually, accessing previously freed region of memory can lead to a program crash. But usually detecting this kind of errors by OS is not cheap and is not, therefore, generaly done.