Thread: no double free for win XP?

  1. #1
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300

    no double free for win XP?

    t014y says in the concurrent "link list math" thread that this compiles and executes without error on win XP:
    Code:
    #include <stdio.h>
    #include <stdlib.h>
    
    int main() {
    	void *ptr = malloc(666);
    	free(ptr);
    	puts("okay!");
    	free(ptr);
    	puts("okay!");
    	return 0;
    }
    What's the deal? I thought that kind of mistake would be Universally Impermissible?
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  2. #2
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Location
    Inside my computer
    Posts
    24,654
    It's undefined behavior. It may or may not crash or error or destroy your computer.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  3. #3
    and the hat of sweating
    Join Date
    Aug 2007
    Location
    Toronto, ON
    Posts
    3,545
    Maybe in debug mode free() checks a list of allocated pointers and only tries to free it if it's on that list?
    "I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008

    "the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010

  4. #4
    Registered User
    Join Date
    Sep 2008
    Posts
    43

    Question

    i was told that if the pointer was pointing to 'NULL' then free() did nothing... not make the program crash. but i don't know that much.

    but if that is true then you could free the same thing any amount of times without crashing the program... right?

  5. #5
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by t014y View Post
    i was told that if the pointer was pointing to 'NULL' then free()
    Does ptr==NULL in that program? Never! I think my point is it's not your fault, t014y, that this twist has slipped by you if the compiler/OS, etc. let it.

    What will happen is that the memory pointed to by ptr is freed, returned back to a pool used by the compiler. But the actual value of ptr, which is that memory address, has not changed (it would if you set it to NULL). You, yourself, and I are free to use that address (since we have it in a variable, ptr) however we like. The problem will arise if you are freeing and allocating in a loop like this, because the compiler will probably stick the next instance of x into that (same size) block, then you "double free" it because you have TWO pointer variables containing the same address. Or -- if you try to realloc one of them when the other just freed -- you will have some similar complication.

    Basically, double-freeing occurs when you've lost control of the memory and that is guaranteed to cause a problem sometime soon. In the example I gave, it's easy to get away with, because no more memory is ever allocated so the space is safe. But it shows you're not getting told what you should have been.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  6. #6
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Quote Originally Posted by t014y View Post
    i was told that if the pointer was pointing to 'NULL' then free() did nothing... not make the program crash. but i don't know that much.

    but if that is true then you could free the same thing any amount of times without crashing the program... right?
    The only way ptr would be NULL in the above code is if malloc failed (or one of the standard functions in the code has been replaced by a macro or something is REALLY b0rkened somewhere in the C runtime library).

    It is most likely that whatever C runtime this is, it happens to work. Double free, after all, is undefined behaviour, not a "defined to crash".

    Setting the pointer to NULL after free is definitely a good thing to do.

    Double free can also cause problems later. For example, it may be that free is inserting into a linked list, and if the object has already been freed, it gets inserted twice. Guess what happens when you next ALLOCATE two blocks of that size? You get two pointers to the same bit of memory. Now try to debug why when you update ptr1, the values referenced by ptr2 that you allocated in a completely different place, is changing.... Nasty to figure that one out.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  7. #7
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by matsp View Post
    It is most likely that whatever C runtime this is, it happens to work. Double free, after all, is undefined behaviour, not a "defined to crash".
    I actually spit an edit about this:
    In the example I gave, it's easy to get away with, because no more memory is ever allocated so the space is safe. But it shows you're not getting told what you should have been.
    quick like a bunny!
    Setting the pointer to NULL after free is definitely a good thing to do.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  8. #8
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Quote Originally Posted by cpjust View Post
    Maybe in debug mode free() checks a list of allocated pointers and only tries to free it if it's on that list?
    That's the opposite of what should happen in debug mode. In debug mode, such things should be checked for, and the program should crash if it happens.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  9. #9
    and the hat of sweating
    Join Date
    Aug 2007
    Location
    Toronto, ON
    Posts
    3,545
    Quote Originally Posted by brewbuck View Post
    That's the opposite of what should happen in debug mode. In debug mode, such things should be checked for, and the program should crash if it happens.
    You should also crash if you write past the end of an array, but since VC++ (and maybe other compilers) add extra padding before and after stack variables in debug mode, you don't crash unless you write past the end of the array and the padding.
    "I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008

    "the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. double free or corruption (out)
    By Mouser58907 in forum C Programming
    Replies: 5
    Last Post: 02-25-2009, 12:20 AM
  2. double free or corruption (fasttop)
    By yougene in forum C Programming
    Replies: 6
    Last Post: 01-17-2009, 06:44 PM
  3. Replies: 8
    Last Post: 04-25-2008, 02:45 PM
  4. Copying 2-d arrays
    By Holtzy in forum C++ Programming
    Replies: 11
    Last Post: 03-14-2008, 03:44 PM
  5. double free or corruption???
    By hwttdz in forum C++ Programming
    Replies: 2
    Last Post: 07-22-2006, 03:02 PM