1

i just experiment the things on the c language could you answer my question regarding the program i've written

void main()
{
    char *p,; // created a  pointer pointing to string
    p = (char *) malloc(50); // dynamically create 50 bytes.
    strcpy(p, "this code is written about the dynamic allocation");
    p += 20;
    free(p);
}

Now could anyone tell me what is the effect of free(p) statement will the last 30 bytes will be freed of and used for the future memory allocation.? what would be the output?

karthik
  • 345
  • 3
  • 5
  • 11
  • `void main()` is not valid. `int main()` and `int main(int argc, char **argv)` are the valid signatures for `main()`. – ThiefMaster Jun 16 '11 at 06:31
  • okay let it be the int main could you tell whats the free(p) statement would be doin now. – karthik Jun 16 '11 at 06:32
  • but u used to free(p+1) not juss the p.i say use free(++p) and check it . – karthik Jun 16 '11 at 06:34
  • You realize that `p+1` and `++p` are equal if `p` is used only once in that statement since the side-effect of incrementing p doesn't matter in such a case? – ThiefMaster Jun 16 '11 at 06:35
  • but your not incrementing the pointer p ur incrementing the value by 1.well i didnt get the right solution yet and thanks for givine me a little information – karthik Jun 16 '11 at 06:39
  • Both statements increment the pointer. To increment the value you'd have to dereference the pointer using `*`. – ThiefMaster Jun 16 '11 at 07:10
  • Additionally, after `p += 20` both `q` and `p` point to the same address. – ThiefMaster Jun 16 '11 at 07:12
  • your right theif master but my problem is not solved yet well i removed q char pointer. now just let me know the effect of free(p), thats my question now im passing the pointer that i used in malloc function but i incremented it by 20 so whats the output would be? – karthik Jun 17 '11 at 11:16
  • After freeing memory you **may not access it anymore**. It might work, might not work or break things - you cannot know. After freeing a pointer not coming from one of the malloc functions, you cannot assume anything about your program until you restarted it. – ThiefMaster Jun 17 '11 at 11:41

2 Answers2

10

You are not supposed to free any addresses but those returned by malloc(), calloc() or realloc(). And p + 20 is no such address. http://codepad.org/FMr3dvnq shows you that such a free() is likely to fail.

The free() function frees the memory space pointed to by ptr, which must have been returned by a previous call to malloc(), calloc() or realloc(). Otherwise, or if free(ptr) has already been called before, undefined behavior occurs. If ptr is NULL, no operation is performed.

Does the pointer passed to free() have to point to beginning of the memory block, or can it point to the interior? is also worth reading.

Even if you could use free() on any pointer that points to a malloc'd memory - your could would free it twice since you are calling free() on more than one memory inside that area. And double-frees are evil as they can result in security holes.

Community
  • 1
  • 1
ThiefMaster
  • 310,957
  • 84
  • 592
  • 636
  • yeah i agree thief master ; char *p,char a,p=&a,free(p), the compiler closes with error and started again but when i compiled the above program it was fine no errors no restart of the compiler so it must be working right but som or the other way – karthik Jun 16 '11 at 06:19
  • 1
    Your example is completely different, it tries to free memory on the stack. And "Undefined Behaviour" might include "works perfectly fine" and "appears to work fine but crashes later with an odd reason" – ThiefMaster Jun 16 '11 at 06:20
  • ofcourse u can chect it.use the statement printf(q) before free(q);it prints the string after 20 bytes thats output is "about the dynamic allocation"and use the same statement printf(q) after free(q) statement you would see nothing on the screen and empty so it means the pointer must be freed of right?? – karthik Jun 16 '11 at 06:22
2

It will result in Undefined Behavior.

The free() function shall cause the space pointed to by ptr to be deallocated; that is, made available for further allocation. If ptr is a null pointer, no action shall occur. Otherwise, if the argument does not match a pointer earlier returned by the calloc(), malloc(), posix_memalign(), realloc(), strdup() function, or if the space has been deallocated by a call to free() or realloc(), the behavior is undefined.

Alok Save
  • 202,538
  • 53
  • 430
  • 533