Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to end up with a pointer to 0xCCCCCCCC

The program I'm working on crashes sometimes trying to read data at the address 0xCCCCCCCC. Google (and StackOverflow) being my friends I saw that it's the MSVC debug code for uninitialized stack variable. To understand where the problem can come from, I tried to reproduce this behavior: problem is I haven't been able to do it.

Question is: have you a code snippet showing how a pointer can end pointing to 0xCCCCCCCC?

Thanks.

like image 702
gregseth Avatar asked Sep 01 '10 13:09

gregseth


2 Answers

int main()
{
    int* p;
}

If you build with the Visual C++ debug runtime, put a breakpoint in main(), and run, you will see that p has a value of 0xcccccccc.

like image 65
James McNellis Avatar answered Sep 20 '22 13:09

James McNellis


Compile your code with the /GZ compiler switch or /RTCs switch. Make sure that /Od switch is also used to disable any optimizations.

s

Enables stack frame run-time error checking, as follows:

  • Initialization of local variables to a nonzero value. This helps identify bugs that do not appear when running in debug mode. There is a greater chance that stack variables will still be zero in a debug build compared to a release build because of compiler optimizations of stack variables in a release build. Once a program has used an area of its stack, it is never reset to 0 by the compiler. Therefore, subsequent, uninitialized stack variables that happen to use the same stack area can return values left over from the prior use of this stack memory.

  • Detection of overruns and underruns of local variables such as arrays. /RTCs will not detect overruns when accessing memory that results from compiler padding within a structure. Padding could occur by using align (C++), /Zp (Struct Member Alignment), or pack, or if you order structure elements in such a way as to require the compiler to add padding.

  • Stack pointer verification, which detects stack pointer corruption. Stack pointer corruption can be caused by a calling convention mismatch. For example, using a function pointer, you call a function in a DLL that is exported as __stdcall but you declare the pointer to the function as __cdecl.

like image 29
Michael Stum Avatar answered Sep 20 '22 13:09

Michael Stum