StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhy do I get different results when I dereference a pointer after freeing it?
primarykey
Id
1078677
data
AcceptedAnswerId
1079208
AnswerCount
7
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2009-07-03T09:55:02.097
FavoriteCount
0
LastActivityDate
2009-07-03T12:47:11.810
LastEditDate
2009-07-03T10:13:35.627
LastEditorUserId
11208
OwnerUserId
126125
ParentId
0
PostTypeId
1
Score
2
ViewCount
1178
LastEditorDisplayName
text
Body
I've a question about the memory management in C (and GCC 4.3.3 under Debian GNU/Linux). According to the C Programming Language Book by K&R, (chap. 7.8.5), when I free a pointer and then dereference it, is an error. But I've some doubts since I've noted that sometimes, as in the source I've pasted below, the compiler (?) seems to work according a well-defined principle. I've a trivial program like this, that shows how to return an array dynamically allocated: <pre><code>#include <stdio.h> #include <stdlib.h> int * ret_array(int n) { int * arr = (int *) malloc(10 * sizeof(int)); int i; for (i = 0; i < n; i++) { arr[i] = i*2; } printf("Address pointer in ret_array: %p\n", (void *) arr); return arr; } int * ret_oth_array(int n) { int * arr = (int *) malloc(10 * sizeof(int)); int i; for (i = 0; i < n; i++) { arr[i] = i+n; } printf("Address pointer in ret_oth_array: %p\n", (void *) arr); return arr; } int main(void) { int *p = NULL; int *x = NULL; p = ret_array(5); x = ret_oth_array(6); printf("Address contained in p: %p\nValue of *p: %d\n", (void *) p, *p); free(x); free(p); printf("Memory freed.\n"); printf("*(p+4) = %d\n", *(p+4)); printf("*x = %d\n", *x); return 0; } </code></pre> If I try to compile it with some arguments: <code>-ansi -Wall -pedantic-errors</code>, it doesn't raises errors or warning. Not only; it also runs fine. <pre><code>Address pointer in ret_array: 0x8269008 Address pointer in ret_oth_array: 0x8269038 Address contained in p: 0x8269008 Value of *p: 0 Memory freed. *p+4 = 8 *x = 0 </code></pre> *(p+4) is 8 and *x is 0. Why does this happen? If *(p+4) is 8, shouldn't *x be 6, since the first element of the x-array is 6? Another strange thing happens if I try to change the order of the calls to free. E.g.: <pre><code>int main(int argc, char * argv[]) { /* ... code ... */ free(p); free(x); printf("Memory freed.\n"); printf("*(p+4) = %d\n", *(p+4)); printf("*x = %d\n", *x); return 0; } </code></pre> In fact in this case the output (on my machine) will be: <pre><code>*p+4 = 8 *x = 142106624 </code></pre> Why does the x pointer is really "freed", while the p pointer is freed (I hope) "differently"? Ok, I know that after freeing memory I should make the pointers to point to NULL, but I was just curious :P
Tags
<c><gcc><memory-management><free><malloc>
Title
Why do I get different results when I dereference a pointer after freeing it?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USAssaf Lavie
UserOwnerUserId
1. USMarkon
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTDuplicate
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhy do I get different results when I dereference a pointer after freeing it?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POWhy do I get different results when I dereference a pointer after freeing it?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.