Free pointer???

this my code:

1
2
3
4
5
6
int fn_Test(){
	char *a = (char *)malloc(10);
	free(a+2); //error
	printf("%c",a[0]);
	return 0;
}


when i run this code, occur error, i do'nt understand. Please explain for me!
Last edited on
closed account (S6k9GNh0)
You're abusing free(). Don't. That probably leads to memory corruption, confusion in result, and so on.
Last edited on
thank you, but i don't understand why can't execute free(a+2). Please explain or link to a detail for me, thanks so much.
The declaration of free is this (using MinGW compiler in Code::Blocks, in stdlib.h):
_CRTIMP void __cdecl __MINGW_NOTHROW free (void*);

You can see that free takes void pointer as it's parameter. When you'd try free(a+2), it doesn't work. When you add 2 to the pointer, you change the address of the pointer you are supposed to free & when you try to free memory from address that isn't allocated, there are unexpected results.
i think because (a+2) is address, is not pointer, so free(a+2) doesn't work. Your opinion is that?
Yes. You are freeing memory address that is not memory allocated.

If you'd like to change the value a points to, you can do it like this:
*a+2
a+2 is still a pointer but for free() the wrong one
a+2 is a memory address, not a pointer.
a+2 is a memory address, not a pointer
explain the difference
If you think the difference needs explaining, why not explain it yourself?
so interesting, what is correct answer, "(a + 2) is pointer" or "(a + 2) is address"?
closed account (1vRz3TCk)
free() has a pointer for a parameter. When you call free with an argument like (a +2) the argument is evaluated, taking the address that a holds and offsetting it the equivalent of 2 types*. This new address is used in the construction of the parameter of free().


* the size of the offset is determined by the size of the type
Last edited on
(a + 2) is a memory address. It's like if I'd say (variable + 2) is a variable when it clearly is just a value.
closed account (S6k9GNh0)
A pointer is a memory address. There, I said it. The difference is nothing as far as C++ is concerned anyways. C++ thinks (myPointer) and (myPointer+2) are pointers. You can assign a pointer a raw value but the idea is to think what you assigned it was still a pointer.

myPointer = myPointer is valid because myPointer returns a pointer.
myPointer = myPointer + 2 is valid because myPointer+2 returns a pointer.
but... myPointer = NULL? Well, it's valid but NULL is nothing but 0 (in C++ at least). Does that mean that you can assign a pointer a raw value but a pointer is still not the same as a raw value? In C++, it's designed to have no difference. See if you can find one. You can print it, you can add, subtract, what functionality does it have or not have compared to a raw value or "address"? The only difference in reality is that it is of pointer type. int* is not the same as int which is clear. However, (pInt + 2) will be evaluated to type int*.


This example ( http://codepad.org/En2eFbsu ) strangely compiles but it gives me a runtime error when calling free() which is normal. You said you got an error during printf so I'd like to ask what compiler are you using?
Last edited on
closed account (zwA4jE8b)
does it matter that (a + 2) is an r-value.

like computerquip said
myPointer = myPointer + 2

mypointer is a pointer and an lvalue but mypointer + 2 is an expression so therefore an r-value.

I am wondering because an r-value can be an address but not a pointer and free() takes a void*.

I don't know if that makes a difference or not though. I just woke up and it crossed my mind.
closed account (zb0S216C)
As you know, dereferencing a pointer reveals the address it's pointing to. When adding n to a non-dereferenced pointer, you're offsetting the address by n, changing the address the pointer is pointing to. When you do this during a call to std::free( ), you're telling it this:

My array starts at the address 0x0002, not 0x0000. My array holds 10 char types. Now I want you to delete this array.

So std::free( ) goes about its business and releases your resources. Little do you know, you've overstepped your arrays boundaries by 2 addresses.

[Note: This post has been rewritten.]

Wazzak
Last edited on
closed account (1vRz3TCk)
So std::free( ) goes about its business and releases your resources.
The interesting thing would be how it goes about its business. How does it determine how much memory to free or even can it determine this?
closed account (zb0S216C)
CodeMonkey wrote:
How does it determine how much memory to free or even can it determine this? (sic)

Programmers don't need to concern themselves with the inner-workings of standard functions/classes. The only thing programmers need to know is how to use it efficiently and effectively.

Wazzak
closed account (1vRz3TCk)
Framework wrote:
Programmers don't need to concern themselves with the inner-workings of standard functions/classes.

True but you are talking about why free() screws the pooch if you give it an offset address.

binladenvn88 wrote:
but i don't understand why can't execute free(a+2). Please explain or link to a detail for me,
is it a good answer to say "because it will mess your heap up but don't worry about why it would." or is it better to investigate what is going on.
Topic archived. No new replies allowed.