145840 – Incorrect or missing memory allocation for variable

Bug 145840 - Incorrect or missing memory allocation for variable

Summary: Incorrect or missing memory allocation for variable

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gcc34
Sub Component:
Version:	3
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jakub Jelinek
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-01-22 03:27 UTC by Kim Lux
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-03-01 12:25:04 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Kim Lux 2005-01-22 03:27:33 UTC

Description of problem: 
 
gcc doesn't appear to correctly allocate memory for a variable 
 
 
Version-Release number of selected component (if applicable): 
 
gcc-3.4.2-6.fc3 
gdb-6.1post-1.20040607.43 
glibc-2.3.4-2.fc3 
 
How reproducible: 
 
I tried everything I could to get it to work.  I spent about 4 hours 
on this issue with no solution other than the one described below.  
 
 
Steps to Reproduce: 
 
<shortened code snippet begins> 
 
static int dbug12_get_reply (unsigned char *packet) 
{ 
return 5;  
} 
 
 
void dbug12_stop_reason (enum dbug12_stop *reason, int *sigrc) 
{ 
  int replyEnd;  
  unsigned char reply[254]; 
   
  // This line is needed  
  //to make the code work 
  replyEnd = 0;  
   
  // get the reply 
  replyEnd = dbug12_get_reply(reply);  
  printf("Reply is %s\n",reply);  
   
  // handle the error condition 
  // can't pass here with a zero length 
  if (replyEnd == 0) 
  ... 
<end of shortned code snippet> 
 
Problem #1:  gdb cannot find replyEnd: 
 
(gdb) whatis replyEnd  
No symbol "replyEnd" in current context. 
 
Problem #2: 
The code doesn't execute properly if I delete the "replyEnd = 0;" 
line.  Without "replyEnd = 0;" in the code, replyEnd gets an 
unalterable junk value.  With "replyEnd = 0;" in the code, replyEnd 
gets set to the return value of 5, which it should. 
 
 
I was also playing around with changing the size of the reply buffer, 
ie "reply[255]", reply[253], etc.  It didn't look like gcc was 
changing the size of the buffer on a clean build.  
 
Additional info: 
 
If the included code snippet doesn't reproduce the problem, I can 
provide the volumous code sample that does.  
 
gcc is being run from kdevelop.  The gcc command line switches used 
are -ggdb only.

Comment 1 Jakub Jelinek 2005-01-24 14:30:29 UTC

Such incomplete snippets are useless, only self-contained (and ideally
preprocessed) testcase helps.
BTW, you are printing uninitialized buffer in the incomplete snippet above.
I have cut'n'pasted it and fixed it so that it compiles, but replyEnd var
is definitely there, visible to the debugger and removing replyEnd = 0; doesn't
change anything.

Comment 2 Kim Lux 2005-01-24 18:26:07 UTC

I stripped everything out of dbug12_get_reply().  It used to set a value for reply.

How are you confirming that varEnd is there for the debugger to use ?  

I mean, where and how are you confirming that the var is getting created and/or
set ?

Adding and removing replyEnd changes whether or not replyEnd gets the return
value from dbug12_get_reply() on my machine.  gdb cannot get replyEnd no matter
what I do. 

I'll see if I can create a test case or better illustrate what is going on.

Comment 3 Jakub Jelinek 2005-02-21 15:37:44 UTC

Have you managed to create a test case yet?  Without it it is really hard
to talk about this.

Comment 4 Jakub Jelinek 2005-03-01 12:25:04 UTC

Closing until you provide a testcase.  When you have it, please reopen.

Note You need to log in before you can comment on or make changes to this bug.