Solved QByteArray not initializing
-
@mzimmers
Hi
Can you try
// QCoreApplication a(argc, argv);
// a.exec();
and just return 0;You are not sending it a close signal so i think crash is due to killing it with debugger.
At least i cannot crash it without running the coreapp and exec().
-
@mrjj yeah, I'm pretty sure my loops are OK. I honestly don't know what's going on -- maybe some weird bug in the constructor.
I removed the core app stuff...same results.
I think I'll implement aha_1980's suggestion. I took another look, and it's a lot simpler than this. I'll report back on how I do with it.
-
@mzimmers
Ok. i checked the loop and its 64 in length and result is 32 in bytearray.
no crashes at any time.
Very odd then.
Im on 64 bit. -
I'm on Windows 10, using MinGW, FWIW. Just tried null terminating the string myself, and still bombs in the loop (though aha's suggestion works).
-
@mzimmers
Hmm visual studio here.
Maybe its related to mingw.
I will try tomorrow at work with mingw and see.
I dont like when crashes are not reproducible. -
@mzimmers said in QByteArray not initializing:
@mrjj here's the code in its entirety:
uint8_t c; sscanf(p, "%2x", (int *) &c);
c
holds a 8-bitint
, right? Firstly that's not right for(int *) &c
, and secondly look atsscanf("%2x"
, it will expect the address of a wholeint
(32-bit? 64-bit?) to store its result. So you're overwriting the local stack space, hence possible crashing? Or,uint8_t
is allocated on an odd address boundary, which won't be good.Make
c
be a properint
, or fix yoursscanf
.Your understanding of
QByteArray
is fine, but not ofscanf
:-)Also, if you use
QByteArray::fromHex()
, you won't need to usesscanf
:) -
@JNBarchan the pointer should be OK, as far as I can see. Your point about the sscanf() overwriting the output buffer may be valid, though it's really odd that the first two loops worked fine.
-
@JNBarchan
Thats a really good observation and might explain why
no crashing here 64bit. Completely overlooked it :)
-
@mzimmers said in QByteArray not initializing:
@JNBarchan the pointer should be OK
What pointer, and what do you mean by "OK"?
P.S. I can explain why it goes through sometimes and fails others, but it's going to mean quite a bit of typing, do you really want to know?
-
@mrjj
If thatsscanf
supports%hhx
that should work. -
@JNBarchan in this line of code:
sscanf(p, "%2x", (int *) &c);
the address formed by the cast should be fine, as far as I can tell.
I agree the problem is in the sscanf. This line of code:
sscanf(p, "%hhx", &c);
compiles but doesn't work right (c keeps getting 0xff). I'm going to go with aha_1980's approach and call it a day.
Thanks to everyone who looked at this.
-
@mzimmers said in QByteArray not initializing:
@JNBarchan in this line of code:
sscanf(p, "%2x", (int *) &c);
the address formed by the cast should be fine, as far as I can tell.
The address is indeed a valid address, but it points to an area reserved to hold one byte and you're storing 4 or 8 bytes there, which is very naughty! Hope you understand.
-
@JNBarchan said in QByteArray not initializing:
which is very naughty!
Buffer overflows - the pinnacle of C programming ... ;)
-
@kshegunov I expected the "%2x" in the sscanf to restrict output to one byte (2 hex characters), but I guess it doesn't work that way.
-
Not really, no. There's no compile-time type checking with variadic functions (which
scanf
and related are). It will expect you to give it a proper integer to write to. But really your error is the cast itself. You can't cast pointers like this. You have achar
on the stack and you cast its address to aint *
. From there on the compiler will consider that this pointer is referencing an integer, meaning you have "hijacked" 3 bytes from the nearby variables in the stack. If you modify your code like this:uint8_t c, c2, c3, c4; // ... sscanf(p, "%2x", (int *) &c); // ...
You'd discover that all those variables -
c2
,c3
andc4
are modified alongside your originalc
becausesscanf
overruns the given buffer and writes outside of it. -
The original code has:
QByteArray qMac; uint8_t c;
My guess is
qMac
is stored abovec
in the local stack. When you write to&c
you cobble what's inqMac
, so the bug doesn't show up till you reach theqMac
loop. ThenqMac.append((char) c);
gets evaluated and crashes. Am I right?Behaviour could vary across 32/64 size and specific compiler allocation or register code generated.
-
@JNBarchan that explanation makes sense. I'll have to brush up on how sscanf works (though I'd rather use something else) to avoid similar problems in the future.
Thanks to all who participated.
-
@kshegunov said in QByteArray not initializing:
uint8_t c, c2, c3, c4; // ... sscanf(p, "%2x", (int *) &c); // ...
You'd discover that all those variables -
c2
,c3
andc4
are modified alongside your originalc
becausesscanf
overruns the given buffer and writes outside of it.@kshegunov Purely OOI, did you actually test this code? I was actually thinking, assuming local variables allocated down the stack in order they're encountered, you'd have to
sscanf
intoc4
rather thanc
to get that behaviour from the way they're laid out...? -
@JNBarchan said in QByteArray not initializing:
@kshegunov Purely OOI, did you actually test this code?
Not at the time, no.
I was actually thinking, assuming local variables allocated down the stack in order they're encountered, you'd have to sscanf into c4 rather than c to get that behaviour from the way they're laid out...?
Depends on many things in fact, but most important of those would be the compiler (also which way the stack goes address-wise). Don't forget the compiler's allowed to reorder the variables and memory access freely (with exception of memory fences and
volatile
, but that's another discussion) if it finds it convenient to do so. Meaning, if you don't reference a variable it may even strip it from the assembly. That is for release, though, I've noticed compilers (at least g++) will not remove things from the binary in debug mode even if redundant/unnecessary.Anyway, I just made a quick test with g++ (7.2):
uint8_t c = 0, c2 = 0, c3 = 0, c4 = 0; *reinterpret_cast<int *>(&c) = -1; // c = c2 = c3 = c4 = 0xFF
and
uint8_t c = 0, c2 = 0, c3 = 0, c4 = 0, c5 = 0; *reinterpret_cast<int *>(&c) = -1; // c = c3 = c4 = c5 = 0xFF; c2 = 0x00
and the assembly for the second one:
8 [1] uint8_t c = 0, c2 = 0, c3 = 0, c4 = 0, c5 = 0; 0x5555555547c5 <+0x000b> c6 45 fb 00 movb $0x0,-0x5(%rbp) 0x5555555547c9 <+0x000f> c6 45 ff 00 movb $0x0,-0x1(%rbp) 0x5555555547cd <+0x0013> c6 45 fe 00 movb $0x0,-0x2(%rbp) 0x5555555547d1 <+0x0017> c6 45 fd 00 movb $0x0,-0x3(%rbp) 0x5555555547d5 <+0x001b> c6 45 fc 00 movb $0x0,-0x4(%rbp) 9 [1] *reinterpret_cast<int *>(&c) = -1; 0x5555555547d9 <+0x001f> 48 8d 45 fb lea -0x5(%rbp),%rax 0x5555555547dd <+0x0023> c7 00 ff ff ff ff movl $0xffffffff,(%rax)
As you can see the variable
c
was actually reordered by the compiler to occupy an address deeper in the stack. -
@kshegunov you'll see reordering in other areas of code as well. For bit-bangers like me, the most notorious is the realignment of scalars within a structure. Some of the compilers for embedded systems have ways to prevent it, but you usually have to take care of it yourself.
In retrospect it's pretty obvious that sscanf would behave the way it did. At the time, I was just hustling through a problem and didn't think it through.
One of the challenges I'm having on this project is all the necessary data type conversions for data streams. As a C++ programmer, I'm partial to the string object, but I'm using an AES facility that likes uints, an authentication utility that uses char arrays, and then there's Qt's QStrings and QByteArrays. The compiler catches a lot of mismatches, but there are still a lot of ways to hit the weeds.