Why does MISRA C state that a copy of pointers can cause a memory exception?

Question

MISRA C 2012 directive 4.12 is "Dynamic memory allocation should not be used".

As an example, the document provides this sample of code:

char *p = (char *) malloc(10); char *q;  free(p); q = p; /* Undefined behaviour - value of p is indeterminate */ 

And the document states that:

Although the value stored in the pointer is unchanged following the call to free, it is possible, on some targets, that the memory to which it points no longer exists and the act of copying that pointer could cause a memory exception.

I'm ok with almost all the sentence but the end. As p and q are both allocated on the stack, how can the copy of the pointers cause a memory exception ?

Answer 1

According to the Standard, copying the pointer q = p;, is undefined behaviour.

Reading J.2 Undefined behaviour states:

The value of a pointer to an object whose lifetime has ended is used (6.2.4).

Going to that chapter we see that:

6.2.4 Storage durations of objects

The lifetime of an object is the portion of program execution during which storage is guaranteed to be reserved for it. An object exists, has a constant address,33)and retains its last-stored value throughout its lifetime.34)If an object is referred to outside of its lifetime, the behavior is undefined. The value of a pointer becomes indeterminate when the object it points to (or just past) reaches the end of its lifetime.

What is indeterminate:

3.19.2 indeterminate value: either an unspecified value or a trap representation

Answer 2

Once you free an object through the pointer, all pointers to that memory become indeterminate. (Even) reading indeterminate memory is undefined behaviour (UB). Following is UB:

char *p = malloc(5); free(p); if(p == NULL) // UB: even just reading value of p as here, is UB {  }