-1

I have the following c code:

#include <stdint.h>
#include <stdio.h>

int main (){
    uint8_t *array;
    int i=0;
    for(;i<32120;i++)
        printf("Array[%d] = %d \n",i,*(array+i));
}

As I don't declare the memory for array, I would expect this code to segfault on the second iteration, but it's not the case (it happens at i==3295 on my raspberry, and larger random i value on my debian virtual machine.

Am I missing something here ?

ps: compiled with gcc version 4.9.2 (Debian 4.9.2-10)

Nico
  • 155
  • 9
  • 5
    Undefined Behavior is..................Undefined..........Unpredictable......... – LPs Dec 20 '16 at 13:50
  • _I would expect this code to segfault on the second iteration_...and why not at the first time? O_o – LPs Dec 20 '16 at 13:51
  • What is undefined here ? The access to an undeclared memory ? Is this written in the C specification ? – Nico Dec 20 '16 at 13:56
  • Reading uninitialized variables is undefined, and reading random memory locations is also undefined. And yes, of course that's all in the standard. – alain Dec 20 '16 at 13:59
  • You are not accessing _undeclared memory_, you are accessing a memory which is pointed by a random address that (uninitialized) array pointer is pointing. – LPs Dec 20 '16 at 13:59
  • "I would expect this code to segfault" - if you jump off a cliff, don't expect to die. – barak manos Dec 20 '16 at 14:02
  • It is tiresome to explain what undefined behavior means, several times per day. Please do some research before asking, since this is a frequently-asked question. In addition to the duplicate see also [Accessing an array out of bounds gives no error, why?](http://stackoverflow.com/questions/1239938/accessing-an-array-out-of-bounds-gives-no-error-why) and [Mysterious crash or “segmentation fault” when data is copied/scanned to an uninitialized pointer](http://stackoverflow.com/questions/37549594/mysterious-crash-or-segmentation-fault-when-data-is-copied-scanned-to-an-unini). – Lundin Dec 20 '16 at 14:04
  • 1
    Maybe this can solve your doubts about c standard. [N1570](http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf) (page 558) states that this is undefined behavior: **The value of an object with automatic storage duration is used while it is indeterminate (6.2.4, 6.7.9, 6.8).** – LPs Dec 20 '16 at 14:11

2 Answers2

5

The Segmentation faults happens when you're trying to access non-paged memory block. Its an undefined behavior to access non initialized pointer, also accessing to memory with uninitialized subscript is undefined^2.

Undefined behavior may result in segmentation faults, may result data loss, may result papa noel comes out from your terminal !! or .... But in most cases, memory related undefined behavior issues result in segmentation faults or similar issues, but why you're not getting segmentation fault until dereferencing index you mentioned?

This is because you doesn't have initialized pointer array, the value stored in the memory which array occupied doesn't changed. Its totally by your chance that this variable holds an address which is paged on you applications virtual memory space. If you initialize it by zero or make it static or defining it as global variable you will definitely get an segmentation fault on its first dereference.

Some examples :

Manual initialization to NULL (zero)

{
   int * ptr = NULL;
   int index;
   *ptr = 1;    // segfault
   *ptr[index] = 1; // may not segfault, based on uninitialized value stored in index
}

Static variables are initialized automatically

{
    static int * ptr; // static variable (default initialized to 0)
    *ptr = 1;   // segfault
}

Global variables are initialized automatically, also

int * ptr; // global variable (default initialized to 0)
{
    *ptr = 1;  // segfault
}

Local storage variables in stack are uninitialized and keep the value on memory occupied untouched

{
    int * ptr; // unintialized
    *ptr = 1;  // may segfault or may not 
}
e.jahandar
  • 1,715
  • 12
  • 30
  • Thank you, this makes perfectly sense. This is the last time I forget to initialize a pointer. – Nico Dec 20 '16 at 14:08
1

Dereferencing an uninitialized pointer invokes undefined behavior. This means anything can happen. The program could crash, it could generate strange results, or it could appear to work properly. It all depends on whatever random value happens to be in that pointer.

There's no guarantee that invoking undefined behavior will cause a crash.

dbush
  • 205,898
  • 23
  • 218
  • 273
  • So whether it crashes or not is undefined? – Paul Ogilvie Dec 20 '16 at 14:08
  • @PaulOgilvie Correct. Just because it can doesn't necessarily mean it will. – dbush Dec 20 '16 at 14:10
  • (I mean, the nature of "undefined" is that you can't predict, let alone, gurantee, _anything_. Of course the contrary is true, and so your last line is true, though its oposite is not true, i.e. it is not so that without invoking undefined behavior there is a guarantee of _no_ crash. But again, I am lost in logic :-) – Paul Ogilvie Dec 20 '16 at 15:17