为什么指针,它被释放后,我还访问结构的成员? [英] Why can I still access a member of a struct after the pointer to it is freed?
问题描述
如果我定义一个结构...
If I define a structure...
struct LinkNode
{
int node_val;
struct LinkNode *next_node;
};
,然后创建一个指向它...
and then create a pointer to it...
struct LinkNode *mynode = malloc(sizeof(struct LinkNode));
...然后终于自由了()吧...
...and then finally free() it...
free(mynode);
...我仍然可以访问结构的next_node成员。
...I can still access the 'next_node' member of the structure.
mynode->next_node
我的问题是这样的:?其底层机制的一片跟踪的事实,这个内存块是应该重新present一个struct LinkNode 我是一个新手到C和我的预期,我上的指针使用后免费()我LinkNode,我将不再能够访问结构的成员。我期望某种'不再可用警告。
My question is this: which piece of the underlying mechanics keeps track of the fact that this block of memory is supposed to represent a struct LinkNode? I'm a newbie to C, and I expected that after I used free() on the pointer to my LinkNode, that I would no longer be able to access the members of that struct. I expected some sort of 'no longer available' warning.
我很想更多地了解底层的过程是如何工作的。
I would love to know more about how the underlying process works.
推荐答案
编译后的程序不再有大约结构LinkedNode 的任何知识或场名为 next_node ,或类似的东西。任何名字完全从编译后的程序了。编译后的程序中的数值的条件操作时,它可以播放存储器地址,偏移量,指数的角色等。
The compiled program no longer has any knowledge about struct LinkedNode or field named next_node, or anything like that. Any names are completely gone from the compiled program. The compiled program operates in terms of numerical values, which can play roles of memory addresses, offsets, indices and so on.
在你的榜样,当你读 mynode-> next_node 在你的程序的源$ C $ C,它被编译成机器code,简单地读取一些保留内存位置的4字节的数值(在源$ C $ C称为变量 MYNODE ),增加了4到它(这是抵消 next_node 字段),并在产生的地址中的4字节的值(即 mynode-> next_node )。这code,你可以看到,在整数值方面的工作 - 地址,大小和偏移量。它不关心任何的名称,如 LinkedNode 或 next_node 。它不关心内存是否分配和/或释放。它不关心任何这些访问是否是合法与否。
In your example, when you read mynode->next_node in the source code of your program, it is compiled into machine code that simply reads the 4-byte numerical value from some reserved memory location (known as variable mynode in your source code), adds 4 to it (which is offset of the next_node field) and reads the 4-byte value at the resultant address (which is mynode->next_node). This code, as you can see, operates in terms of integer values - addresses, sizes and offsets. It does not care about any names, like LinkedNode or next_node. It does not care whether the memory is allocated and/or freed. It does not care whether any of these accesses are legal or not.
(恒定4我在上面的例子中重复使用特异于32位平台。在64位平台它将由8在大多数(或全部)实例来代替。)
(The constant 4 I repeatedly use in the above example is specific for 32-bit platforms. On 64-bit platforms it would be replaced by 8 in most (or all) instances.)
如果试图读取已经被释放的内存,这些访问可能会崩溃程序。或者,他们可能不会。这是纯粹的运气问题。至于语言方面,该行为是不确定的。
If an attempt is made to read memory that has been freed, these accesses might crash your program. Or they might not. It is a matter of pure luck. As far as the language is concerned, the behavior is undefined.
这篇关于为什么指针,它被释放后,我还访问结构的成员?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
