According to my knowledge, local variables are uninitialized i.e, it contains garbage value.
But following program is giving 0 (zero) as output.
main()
{
int i;
printf("%d\n",i);
}
When i run above program it is giving always 0.
I know that 0 is also can be a garbage value but every time i am getting zero as output.
Can anybody know reason for it?
Garbage value means whatever happened to be in that memory location. In your case, the value happened to be zero. It may not be the case in another machine.
Note that some compiler will fill uninitialized variable with some magic value for the purpose of debugging (like 0xA5A5), but it's usually not zero, either.
When i run above program it is giving always 0. I know that 0 is also
can be a garbage value but every time i am getting zero as output.
Whatever happened to cause a 0 to be written into the location where i is now probably happens every time the program runs. Computers are nice and reliable like that. "garbage" doesn't necessarily mean "random" or "always changing," it just means "not meaningful in any context that I care about."
I think it is just an accident. local variable is indeed uninitialized, but the memory your compiler allocate for the (int i) variable is not used previously by your current process, so there is no garbage value.
Luck! The behaviour is undefined, and so the answer depends on your compiler and system. This time, you happened to get lucky that the first four bytes in that area of memory were zero. But there is no guarantee that it will always do so, from one system to the next or even from one invocation to the next.
A possible reason for printing always 0 is that main is started in a well defined state; more exactly, an ELF program is starting with a well defined stack (defined by the ELF specification) and registers, so its _start function (from crt*.o) which is the ELF executable starting point gets a well defined stack, and calls main .
Try making your function some other name, and call it in various states (e.g. call it several times from main in more complex ways). Try also running your program with different program arguments and environments. You'll probably observe different values for i
Your program exhibits some undefined behavior (and with all warnings enabled gcc -Wall is warning you).
As far as I know, uninitialized variables in Linux are first "allocated" in the Zero Page - a special page that contains only zeros.
Then, at the first write to the unitialized variable, the variable is moved from the zero page to another page that is not write-protected.
Related
#include <stdio.h>
int main()
{
int a;
const int b = a;
printf("%d %d\n", a, b);
return 0;
}
The same code I tried to execute on onlinegdb.com compiler and on Ubuntu WSL. In onlinegdb.com, I got both a and b as 0 with every run, whereas in WSL it was a garbage value. I am not able to understand why garbage value is not coming onlinegdb.com
Using int a; inside a function is described by C 2018 6.2.4 5:
An object whose identifier is declared with no linkage and without the storage-class specifier static has automatic storage duration, as do some compound literals…
Paragraph 6 continues:
… The initial value of the object is indeterminate…
An indeterminate value is not an actual specific value but is a theoretical state used to describe the semantics of C. 3.19.2 says it is:
… either an unspecified value or a trap representation…
and 3.19.3 says an unspecified value is:
… valid value of the relevant type where this document imposes no requirements on which value is chosen in any instance…
That “any instance” part means that the program may behave as if a has a different value each time it is used. For example, these two statements may print different values for a:
printf("%d\n", a);
printf("%d\n", a);
Regarding const int b = a;, this is not covered explicitly by the C standard, but I have seen a committee response: When an indeterminate value is assigned (or initialized into) another object, the other object is also said to have an indeterminate value. So, after this declaration, b has an indeterminate value. The const is irrelevant; it means the source code of the program is not supposed to change b, but it cannot remedy the fact that b does not have a determined value.
Since the C standard permits any value to be used in each instance, onlinegdb.com conforms when it prints zero, and WSL conforms when it prints other values. Any int values printed for printf("%d %d\n", a, b); conform to the C standard.
Further, another provision in the C standard actually renders the entire behavior of the program undefined. C 2018 6.3.2.1 2 says:
… If the lvalue designates an object of automatic storage duration that could have been declared with the register storage class (never had its address taken), and that object is uninitialized (not declared with an initializer and no assignment to it has been performed prior to use), the behavior is undefined.
This applies to a: It could have been declared register because its address is never taken, and it is not initialized or assigned a value. So, using a has undefined behavior, and that extends to the entire behavior of the program on the code branch where a is used, which is the entire program execution.
I am not able to understand why garbage value is not coming
This is a very strange statement. I wonder: what kind of answer or explanation do you expect you might get? Something like:
Everyone who said that "uninitialized local variables start out containing random values" lied to you. WSL was wrong for giving you random values. You should have gotten 0, like you did with onlinegdb.com.
onlinegdb.com is buggy. It should have given truly random values.
The rules for const variables are special. When you say const int b = a;, it magically makes a's uninitialized value more predictable.
Are you expecting to get an answer like any of those? Because, no, none of those is true, none of those can possibly be true.
I'm sorry if it sounds like I'm teasing you here. I agree, it's surprising at first if an uninitialized local variable always starts out containing 0, because that's not very random, is it?
But the point is, the value of an uninitialized local variable is not defined. It is unspecified, indeterminate, and/or undefined. You cannot know what it is going to be. But that means that no value — no possible value — that it contains can ever be "wrong". In particular, onlinegdb.com is not wrong for not giving you random values: remember, it's not obligated to give you anything!
Think about it like this. Suppose you buy a carton of milk. Suppose it's printed on the label, "Contents may spoil — keep refrigerated." Suppose you leave the carton of milk on the counter overnight. That is, suppose you fail to properly refrigerate it. Suppose that, a day later, you realize your mistake. Horrified, you carefully open the milk carton and take a small taste, to see if it has spoiled. But you got lucky! It's still okay! It didn't spoil!
Now, at this point, what do you do?
Hastily put the milk in the refrigerator, and vow to be more careful next time.
March back to the store where you bought the milk, and accuse the shopkeeper of false advertising: "The label says 'contents may spoil', but it didn't!!" What do you think the shopkeeper is going to say?
This may seem like a silly analogy, but really, it's just like your C/C++ coding situation. The rules say you're supposed to initialize your local variables before you use them. You failed. Yet, somehow, you got predictable values anyway, at least under one compiler. But you can't complain about this, because it's not causing you a problem. And you can't depend on it, because as your experience with the other compiler showed you, it's not a guaranteed result.
Typically, local variables are stored on the stack. The stack gets used for all sorts of stuff. When you call a function, it receives a new stack frame where it can store its local variables, and where other stuff pertaining to that function call is stored, too. When a function returns, its stack frame is popped, but the memory is typically not cleared. That means that, when the next function is called, its newly-allocated stack frame may end up containing random bits of data left over from the previous function whose stack frame happened to occupy that part of stack memory.
So the question of what value an uninitialized local variable contains ends up depending on what the previous function might have been and what it might have left lying around on the stack.
In the case of main, it's quite possible that since it's the first function to be called, and the stack might start out empty, that main's stack frame always ends up being built on top of virgin, untouched, all-0 memory. That would mean that uninitialized variables in main might always seem to start out containing 0.
But this is not, not, not, not, not guaranteed!!!
Nobody said the stack was guaranteed to start out containing 0. Nobody said that there wasn't some startup code that ran before main that might have left some random garbage lying around on the stack.
If you want to enumerate possibilities, I can think of 3:
The function you're wondering about is one that always gets called first, or always gets called at a "deep leaf" of the call stack, meaning that it always gets a brand-new stack frame, and on a machine where the stack always starts out containing 0. Under these circumstances, uninitialized variables might always seem to start out containing 0.
The function you're wondering about does not always get a brand-new stack frame. It always gets a "dirty" stack frame with some previous function's random data lying around, and the program is such that, during every run, that previous function was doing something different and left something different on the stack, such that the next function's uninitialized local variables always seem to start out containing different, seemingly random values.
The function you're wondering about is always called right after a previous function that always does the same thing, meaning that it always leaves the same values lying around, meaning that the next function's uninitialized local variables always seem to start out with the same values every time, which aren't zero but aren't random.
But I hope it's obvious that you absolutely can't depend on any of this! And of course there's no reason to depend on any of this. If you want your local variables to have predictable values, you can simply initialize them. But if you're curious what happens when you don't, hopefully this explanation has helped you understand that.
Also, be aware that the explanation I've given here is somewhat of a simplification, and is not complete. There are systems that don't use a conventional stack at all, meaning that none of those possibilities 1, 2, or 3 could apply. There are systems that deliberately randomize the stack every time, either to help new programs not to accidentally become dependent on uninitialized variables, or to make sure that attackers can't exploit certain predictable results of a badly written program's undefined behavior.
When your operating system gives your program memory to work with, it will likely be zero to start (though not guaranteed). As your program calls functions it creates stack frames, and your program will effectively go from the .start assembly function to the int main() c function, so when main is called, no stack frame has written the memory that local variables are placed at. Therefore, a and b are both likely to be 0 (and b is guaranteed to be the same as a). However, it's not guaranteed to be 0, especially if you call some functions that have local variables or lots of parameters. For instance, if your code was instead
#include <stdio.h>
void foo()
{
int x = 42;
}
int main()
{
foo();
int a;
const int b = a;
printf("%d %d\n", a, b);
return 0;
}
then a would PROBABLY have the value 42 (in unoptimized builds), but that would depend on the ABI (https://en.wikipedia.org/wiki/Application_binary_interface) that your compiler uses and probably a few other things.
Basically, don't do that.
I heard several times that if you do not initialise a variable then garbage value is stored in it.
Say
int i;
printf("%d",i);
The above code prints any garbage value, but I want to know that what is the need for storing garbage value if uninitialized?
The value of an uninitialized value is not simply unknown or garbage, but indeterminate and evaluating that variable may invoke undefined behavior or implementation-defined behavior.
One possible scenario (which is probably the scenario you are seeing) is that the variable, when evaluated, will return the value that was previously present in that memory address. Therefore, it's not like garbage is explicitly written to that variable.
It's worth noting that languages (or even C implementations) that do not exhibit the behavior you're seeing, do so by explicitly writing zeroes (or other initial values) to that area, before allowing you to use it.
It is not storing garbage, it prints whatever happens to be there in memory at that address when it is running. This is in the name of efficiency. You don't pay for what you didn't ask for.
EDIT
To answer why there is something in memory. All sort of program runs and need to share memory. When memory is allocated to your process, it is not reset, again for performance reason. Since the variable we are observing is declared on the stack, it could even be your program that put the value there in a previous function call.
C only does what you tell it to. The standard defines reading an uninitialized variable as undefined behavior.
This question elaborates: (Why) is using an uninitialized variable undefined behavior?
The accepted answer has a very good explanation.
EDIT:
A funny sidenote though, if you declare the variable static it is guaranteed to be initialized to zero per the standard. Can't find a quote right now, working on it..
EDIT2:
I left my C reference at work and CBA to download one. This answer elaborates on the initial values of variables, whether they be local/auto, global, static or indeterminate: https://stackoverflow.com/a/1597491/700170
The other answers point out (correctly) that what's being printed is whatever's already in memory in the memory location that happens to have been assigned to i.
They don't, however, clarify why there are any values stored in these locations in the first place, which is perhaps what you're really asking.
There are two reasons for this: first, upon startup, we can't be sure exactly how the memory circuits will initialize themselves. So they could be set to any arbitrary value. The second (and, in general, more likely reason, unless you just restarted your computer) is that before you started your program, that memory location had been used by another program, which stored something there--something that wasn't garbage at the time, since it was stored intentionally. From the perspective of your program, however, it is garbage, since your program has no way of knowing why that particular value was stored there.
EDIT: As I mentioned in a comment on another answer, even if the value stored in memory under some uninitialized variable is actually 0, that's not the same thing as "not having a value stored." The value stored is 0, which is to say, the physical hardware that represents one bit of memory is faithfully storing the value 0. As long as a circuit is active (i.e. turned on), the memory cells must store something; for an explanation of why this is, look into flip-flop gates. (There's a decent overview here, assuming you already understand a little bit about NAND gates: http://computer.howstuffworks.com/boolean4.htm)
It's happens only in case of local varibales. As memory for local variables are allocated on stack and while allocating the memory the runtime system does not clear the memory before allocating it to the variable unlike in case of allocating memory in heap for global and static variables. Hence the default value of local varibles beomes the content of its memory on stack while that of constant and static variables is 0.
I got some code to analyze and I can't realize why this expression always give me the same result, the letter "b" in this example.
unsigned char ucVal2;
ucVal2 |= 0x62;
I always thought that when you don't define a variable, its value is non-deterministic..
So, in this case, I was supposing that the value of ucVal2 would have been SOMETHING OR 0x62, but the execution always show me that ucVal2 is 0x62, just like SOMETHING is always 0x00.
That might just be luck. Or your particular compiler and/or OS might guarantee that memory is initialized to 0, even though the C language itself doesn't.
According to the standard, the value of ucVal2 is undefined and the above code is not portable. Ther eis nothing special about using the |= operator like this that in some way affects the fact that it's undefined.
If ucVal2 is defined at file scope (ie a "global") then it will always be initialized to 0. If it's declared at function scope, then it won't be, and its value will be random.
non-deterministic is not the same thing as random.
Just because there are no guarantees about the value of an uninitialized variable doesn't mean it you cannot reasonably guess what the value is.
Most memory ends up being zero after a computer starts up. Until a process writes to it, it will continue to be zero. When your program declares this uninitialized variable, the value is most likely still zero. But you cannot be assured that it will be zero.
You absolutely cannot rely on the value being zero. Just because the variable starts at zero for one thousand tests in a row, for the thousand-and-first test, it may be something completely different.
Accessing the contents of an uninitialized variable is undefined behavior. Meaning it could be non-deterministic junk, deterministic junk or zero. The program is even free to crash and burn when you access it, although on most systems that is unlikely.
Think of it as if blindly sticking your hand into a public garbage bin: it can be empty, it could contain more or less disgusting garbage, there could be a gigantic rat inside biting your hand off. There is no guarantee of what you will come up with.
Trying to understand why a certain kind of undefined behavior gives a certain result isn't particularly meaningful, it usually yields little or no useful knowledge.
If we are to guess, then the junk you have there on the stack is a left-over from some program pre-initialization code, or previously executed functions. In such a case, the nature of the junk will likely be of a deterministic nature.
We know that automatic variables are destroyed upon the return of the function.
Then, why is this C program returning correct value?
#include <stdio.h>
#include <process.h>
int * ReturningPointer()
{
int myInteger = 99;
int * ptrToMyInteger = &myInteger;
return ptrToMyInteger;
}
main()
{
int * pointerToInteger = ReturningPointer();
printf("*pointerToInteger = %d\n", *pointerToInteger);
system("PAUSE");
}
Output
*pointerToInteger = 99
Edit
Then why is this giving garbage values?
#include <stdio.h>
#include <process.h>
char * ReturningPointer()
{
char array[13] = "Hello World!";
return array;
}
main()
{
printf("%s\n", ReturningPointer());
system("PAUSE");
}
Output
xŤ
There is no answer to that question: your code exhibits undefined behavior. It could print "the right value" as you are seeing, it could print anything else, it could segfault, it could order pizza online with your credit card.
Dereferencing that pointer in main is illegal, it doesn't point to valid memory at that point. Don't do it.
There's a big difference between you two examples: in the first case, *pointer is evaluated before calling printf. So, given that there are no function calls between the line where you get the pointer value, and the printf, chances are high that the stack location pointer points to will not have been overwritten. So the value that was stored there prior to calling printf is likely to be output (that value will be passed on to printf's stack, not the pointer).
In the second case, you're passing a pointer to the stack to printf. The call to printf overwrites (a part of) that same stack region the pointer is pointing to, and printf ends up trying to print its own stack (more or less) which doesn't have a high chance of containing something readable.
Note that you can't rely on getting gibberish either. Your implementation is free to use a different stack for the printf call if it feels like it, as long as it follows the requirements laid out by the standard.
This is undefined behavior, and it could have launched a missile instead. But it just happened to give you the correct answer.
Think about it, it kind of make sense -- what else did you expect? Should it have given you zero? If so, then the compiler must insert special instructions at the scope end to erase the variable's content -- waste of resources. The most natural thing for the compiler to do is to leave the contents unchanged -- so you just got the correct output from undefined behavior by chance.
You could say this behavior is implementation defined. For example. Another compiler (or the same compiler in "Release" mode) may decide to allocate myInteger purely in register (not sure if it actually can do this when you take an address of it, but for the sake of argument...), in that case no memory would be allocated for 99 and you would get garbage output.
As a more illustrative (but totally untested) example -- if you insert some malloc and exercise some memory usage before printf you may find the garbage value you were looking for :P
Answer to "Edited" part
The "real" answer that you want needs to be answered in disassembly. A good place to start is gcc -S and gcc -O3 -S. I will leave the in-depth analysis for wizards that will come around. But I did a cursory peek using GCC and it turns out that printf("%s\n") gets translated to puts, so the calling convention is different. Since local variables are allocated on the stack, calling a function could "destroy" previously allocated local variables.
Destroying is the wrong word imho. Locals reside on the stack, if the function returns the stack space may be reused again. Until then it is not overwritten and still accessible by pointers which you might not really want (because this might never point to something valid)
Pointers are used to address space in memory, for local pointers the same as I described in 1 is valid. However the pointer seems to be passed to the main program.
If it really is the address storing the former integer it will result in "99" up until that point in the execution of your program when the program overwrite this memory location. It may also be another 99 by coincidence. Any way: do not do this.
These kind of errors will lead to trouble some day, may be on other machines, other OS, other compiler or compiler options - imagine you upgrade your compiler which may change the behaviour the memory usage or even a build with optimization flags, e.g. release builds vs default debug builds, you name it.
In most C/C++ programs their local variables live on the stack, and destroyed means overwritten with something else. In this case that particular location had not been overwritten yet when it was passed as a parameter to printf().
Of course, having such code is asking for trouble because per the C and C++ standards it exhibits undefined behavior.
That is undefined behavior. That means that anything can happen, even what you would expect.
The tricky part of UB is when it gives you the result you expect, and so you think that you are doing it right. Then, any change in an unrelated part of the program changes that...
Answering your question more specifically, you are returning a pointer to an automatic variable, that no longer exists when the function returns, but since you call no other functions in the middle, it happens to keep the old value.
If you call, for example printf twice, the second time it will most likely print a different value.
The key idea is that a variable represents a name and type for value stored somewhere in memory. When it is "destroyed", it means that a) that value can no longer be accessed using that name, and b) the memory location is free to be overwritten.
The behavior is undefined because the implementation of the compiler is free to choose what time after "destruction" the location is actually overwritten.
I had a question regarding a C code.
#include <stdio.h>
void foo(void){
int a;
printf("%d\n",a);
}
void bar(void){
int a = 42;
}
int main(void){
bar();foo();
}
Apparently I am supposed to get a 42 as a result at the end of compilation. http://www.slideshare.net/olvemaudal/deep-c , slide #126. But when I compile it on my machine I get garbage values (gcc version 4.4.5 (Ubuntu/Linaro 4.4.4-14ubuntu5))
Do I need to turn off some optimization? Or is the author of the slide wrong about this? Can someone explain what should be the result of the code? If it is 42, could you also explain how/why? Also, would the result be any different on a C++ compiler (g++).
There is no knowing what you will get. The assumption I guess is that the second stack frame will be in the same location as the last and as the var a is the first variable it should be assigned the same location as the a from the previous functions stackframe. But that is not defined behavior.
Accessing uninitialized variables is simply undefined behavior.
Undefined behavior means that the standard doesn't specify how to behave in some situations, including this one. The compiler might even "make demons fly out of your nose" (popular joke about UB :) )
In that article the program works because bar's a and foo's a are placed in the same memory location, but this is completely uninsured and you should never rely on such behaviors!
Things that you can try to obtain the desired result (the value propagating from bar to foo):
Maybe the variable a is allocated in CPU registers and not in stack. In order to force allocation on stack, try using its address (&a) in some way.
Maybe the compiler generates some code to stuff the uninitialized variables on stack with a debugging pattern (0xcdcdcdcd) - i think gcc doesn't do it but maybe i am wrong?
Examine the machine code generated by the compiler - this is the ultimate way
When you call a function, the CPU first pushes the function arguments on the stack, pushes the return address on the stack and then proceeds to jump to the function's code.
There, it saves the old stack position by pushing it on the stack (function prologue).
Next, it allocates the a variable on the stack (again) and sets it's value to 42.
While exiting the function (function epilogue), the CPU removes the a variable from the stack by just moving the stack pointer back to where it saved the old stack position and gets that old position. The value 42 stored at that place in the memory is kept intact!
Then, the second function gets called and the same process takes place:
push arguments (we skip this step since there are none)
push return address (at the same place in memory that the other function's return address was stored)
push stack position (same as with return address)
allocate the a variable which ends in the exact same place in memory as the a variable from the bar() function!
Since bar's a variable was initialized to 42, that value is still there and foo's a "inherits" it by pointing to the same place in memory.
Stack before calling bar():
[someThings]<=StackPointer
Stack while in bar():
[someThings][returnAddress][oldStackPointer][a = 42]<=StackPointer
Stack after bar() and before foo():
[someThings]<-StackPointer {oldStackPointer}{a = 42}
Stack while in foo():
[someThings][newRetAddress][oldStackPointer][a (= 42 as the value was here before)]<=StackPointer
So, yes, the author of the slides is right and the ones saying he is wrong are in fact wrong themselves :)
(take note that it is important that the code is compiled without optimization)
As others noted, this is undefined behaviour.
However, the author is partly right, on some architectures the address of the local variables will be the same, so foo will read the data that bar left there.
# gcc x.c; ./a.out
42
It's an interesting way to show what goes behind the scenes, but do not depend on it, it's architecture, compiler and optimization dependent:
# gcc -O2 x.c; ./a.out
0
BTW, if you read the next slides you'll get all the answers...
The author of that code is making a lot of platform-specific assumptions that simply don't hold in general. He's assuming that local variables are stored in memory in a specific way, and that those locations won't be overwritten between function calls. In general, he is wrong.
This is a textbook example undefined behavior - it's bad code, and the language standard places no requirements on the compiler to do anything specific with it.
Your two 'a' variables are local to function they're contained inside. The memory space occupied by the 'a' in foo() is not the same memory space as the 'a' in bar. So when you initialize the 'a' in bar, that 42 is thrown away when the function returns, and never ever affects the a in foo.
Since you're accessing an uninitialized variable, the behaviour of your code is undefined.
Having said that, the program is quite likely to print 42 on architectures that I am familiar with. However, it would be outright silly to rely on this, even if the program were to behave this way on your architecture.
If anything, this behaviour might even be a hindrance, as getting consistent values from an uninitialized variables could mask bugs.