By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,132 Members | 1,265 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,132 IT Pros & Developers. It's quick & easy.

Malloc Doubt

P: n/a
main()

{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));

*a=10;
b=a;
free(a);

printf("%d \t %x\n", *b, b);

}

In the above code, i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.

So the malloc is having any reference count or something to count the
number of variables having this address. Please clarify me.

Dec 20 '06 #1
Share this Question
Share on Google+
6 Replies


P: n/a

deepak wrote:
main()

{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));

*a=10;
b=a;
free(a);

printf("%d \t %x\n", *b, b);

}

In the above code, i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.

So the malloc is having any reference count or something to count the
number of variables having this address. Please clarify me.
b is an danggling pointer...

Dec 20 '06 #2

P: n/a
deepak said:
main()

{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));

*a=10;
b=a;
free(a);

printf("%d \t %x\n", *b, b);

}

In the above code,
In the above code, the behaviour is undefined because you're missing
prototypes for malloc and printf. You need <stdio.hand <stdlib.h>.
i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.
Even if you fix the header problem, the behaviour is undefined because
you're using the value of b - worse than that, you're *dereferencing* the
value of b, when that value is rendered indeterminate by the call to
free(). So all bets are off, and any result you might get from your program
is as valid as any other. It could print "baloney" if it liked.

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/1999
http://www.cpax.org.uk
email: rjh at the above domain, - www.
Dec 20 '06 #3

P: n/a
"deepak" <de*********@gmail.comwrote:
main()

{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));

*a=10;
b=a;
free(a);

printf("%d \t %x\n", *b, b);

}

In the above code, i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.

So the malloc is having any reference count or something to count the
number of variables having this address. Please clarify me.
malloc isn't responsible for cleaning up pointers; you are.

--
-Rob Hoelz
Dec 20 '06 #4

P: n/a
deepak wrote:
main()
`int main(void)` preferred.
{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));
You forgot to #include <stdlib.h>. This is a Bad Thing.
It will, for example, mean that your code doesn't
compile: and even if you (legally) replaced `NULL`
with `0`, your code would /still/ be broken, since
you haven't declared `malloc`.

Also, you've pointlessly initialised `a` to NULL.
You might as well have written either of

int *a;
int *b;
a = nasty ikky expression see below;

or

int *a = nasty ikky expression ditto;
int *b;

I prefer the second one because I like to initialise
variables with their intended values.

The nasty ikky expression is better written

malloc( sizeof (*a) )

because that way it's coupled to the pointer variable
you're assigning it to (which appears nice and obviously
in the same line) rather than some type or other (which
doesn't):

int *a = malloc( sizeof (*a) );

[If you introduced the `int*` cast because the compiler
objected, you may be using a C++ compiler, not a C
compiler. Don't Do That.]
*a=10;
[It's technically possible that `a` is null and this assignment
provokes undefined behaviour like trashing your disc or giving
you infinite lives in your next game of Doom: you should
check /any/ return from `malloc` for non-null. Very few
implementations will /actually/ deliver null from the one
and only mallocate in a program when it's asking for an
intsworth of space.]
b=a;
free(a);
This invalidates the value of `b`.

Yes, really. The object that `a`s value pointed to has officially
Ceased To Be. It is an Ex-Object. Every copy of that pointer
value no longer points anywhere legal: dereferencing it is
undefined behaviour.
printf("%d \t %x\n", *b, b);

}

In the above code, i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.
It's retained in `a` as well, but you can't legally tell.

Many implementations of malloc/free don't actually dispose of the
freed memory: they keep it hanging around, perhaps for the next
malloc call. If the implementation doesn't have hardware
pointer protection, you may still be able to get at the memory
and do things to it.

But because you can't /legally/ do that, the implementation is
also free to use that freed space for /whatever it likes/.
Buffers for fprintf, for example. Bookkeeping for malloc.
You may just have been unlucky that your error didn't /visibly/
break something.
So the malloc is having any reference count or something to count the
number of variables having this address.
No.
Please clarify me.
But, er, surely you don't /really/ want to be melted slowly in a pan
until you separate?

http://www.ochef.com/69.htm

--
Chris "HO. HO. HO." Dollin
Meaning precedes definition.

Dec 20 '06 #5

P: n/a
Chris Dollin wrote:
deepak wrote:
.... snip ...
>
>Please clarify me.

But, er, surely you don't /really/ want to be melted slowly in a
pan until you separate?
It works better if there is a layer of water. That way the foreign
material tends to separate and sink to the bottom of the pan,
leaving the top clarified. Things subject to clarification are
normally lighter than water, and this includes most human beings.

--
Chuck F (cbfalconer at maineline dot net)
Available for consulting/temporary embedded and systems.
<http://cbfalconer.home.att.net>
Dec 20 '06 #6

P: n/a
"deepak" <de*********@gmail.comwrites:

Add:

#include <stdio.h>
#include <stdlib.h>
main()
Better:
int main(void)
{
int *a=NULL;
int *b;

a = (int *) malloc(sizeof(int));
Better: a = malloc(sizeof *a);
*a=10;
You didn't check the result of malloc(). If it fails, the above
assignment invokes undefined behavior.
b=a;
free(a);
b now has an indeterminate value. Any attempt to refer to that value
invokes undefined behavior. Don't do that.

The allocated memory is marked as available for further allocation.
It's likely that you can still get away with referring to its address,
or even to its contents. But any attempt to do so invokes undefined
behavior. Don't do that.
printf("%d \t %x\n", *b, b);
"%x" is not the correct format for printing a pointer value. If b
were a valid pointer, you'd want to do this:

printf("%d \t %p\n", *b, (void*)b);

And add a "return 0;" here. It's not strictly required, but it's a
good idea.
}

In the above code, i thought the printf for *b 'll not be '10'. But
after free the address in 'a' is retained in 'b'.

So the malloc is having any reference count or something to count the
number of variables having this address. Please clarify me.
You have to keep track of these things yourself.

--
Keith Thompson (The_Other_Keith) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <* <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
Dec 20 '06 #7

This discussion thread is closed

Replies have been disabled for this discussion.