Free allocated memory in C

Question

Let's say I have allocated a big enough char** array.

Why can I do free(arr) but not free(arr + 5)?

Please notice that I'm not speaking about arr[0] or arr[5].

Mainly because the standard says so. For a more technical reasons, some `malloc()` implementations put bookkeeping data right before the allocated memory region. Passing something else than the pointer `malloc()` gave you to `free()` would cause `free()` to interpret garbage data as its bookkeeping data with fatal consequences. — fuz, Nov 28 '15 at 16:02

P.P · Answer 1 · 2015-12-01T10:12:34.443

2

You always call free() with the pointer that was returned by malloc(), realloc() or calloc(). You must not pass any other pointers.

From the free() manual:

The free() function frees the memory space pointed to by ptr, which must have been returned by a previous call to malloc(), calloc(), or realloc(). Otherwise, or if free(ptr) has already been called before, undefined behavior occurs. If ptr is NULL, no operation is performed.

edited Dec 01 '15 at 10:12

answered Nov 28 '15 at 15:55

P.P

117,907
20
175
238

2

Shouldn't as in “must not.” – fuz Nov 28 '15 at 16:01
Thank you, I get it now. – W2a Nov 28 '15 at 19:12
@FUZxxl Indeed. Thanks. – P.P Dec 01 '15 at 10:12

score 0 · Accepted Answer · answered Nov 28 '15 at 16:04

malloc(3) doesn't work that way. It allocates a fixed-size block of data in the memory, adds metadata at the start of the block (like the address of the next free block or the size of the block) and returns the address just after the metadata.

free(3) needs the information contained in the metadata to be executed (for example, to update the addresses of the free blocks in its linked list. If you provide a pointer that has not been allocated by malloc(3), the metadata are not present and free is unable to do that.

For that reason, the man page of free(3) explicitely forbids to pass a pointer that has not been allocated by `malloc(3)

The free() function frees the memory space pointed to by ptr, which must have been returned by a previous call to malloc(), calloc(), or realloc(). Otherwise, or if free(ptr) has already been called before, undefined behavior occurs. If ptr is NULL, no operation is performed.

Doing so may result in undefined behavior, that, if your system has not put some protections in place to prevent you from doing so, could result in security breaches, since free(3) will write on arbitrary memory zones pointed by the fake metadata.

Then please mark the answer that solved your problem! – Antoine Pietri Nov 28 '15 at 20:00 — Antoine Pietri, Nov 28 '15 at 20:00

Free allocated memory in C

2 Answers2