Bug 514748 - Spurious 'array subscript is above array bounds' warning.
Summary: Spurious 'array subscript is above array bounds' warning.
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: gcc
Version: 11
Hardware: powerpc
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-07-30 15:57 UTC by David Woodhouse
Modified: 2009-08-03 08:51 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-08-03 08:32:35 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
test case (686.46 KB, text/plain)
2009-07-30 17:28 UTC, David Woodhouse 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
GNU Compiler Collection 40946 0 None None None Never

Description David Woodhouse 2009-07-30 15:57:07 UTC 
See bug #505071.

Attached preprocessed source fails to build with -Wall -Werror -O2:

pmac /home/dwmw2 $ gcc -c -o sip-sec-ntlm.o sip-sec-ntlm.i  -Wall  -Werror -O2
cc1: warnings being treated as errors
sip-sec-ntlm.c: In function ‘purple_ntlm_gen_authenticate’:
sip-sec-ntlm.c:509: error: array subscript is above array bounds

gcc version 4.4.0 20090506 (Red Hat 4.4.0-4) (GCC) 

As observed in bug #505071, phrasing the pointer arithmetic slightly differently makes it work fine. The three commented out versions build OK:

	tmsg->dom_off = sizeof(struct authenticate_message);

 	tmp = ((char*) tmsg) + tmsg->dom_off;
//	tmp = ((char*) tmsg) + sizeof(struct authenticate_message);
//	tmp = (char *) (tmsg+1);
//	tmp = (char *)&tmsg[1];
Comment 1 David Woodhouse 2009-07-30 15:57:34 UTC 
Sorry, that should be bug #512170
Comment 2 Stefan Becker 2009-07-30 17:14:04 UTC 
David: You forgot to add the pre-processed file...
Comment 3 David Woodhouse 2009-07-30 17:28:04 UTC 
Created attachment 355708 [details]
test case
Comment 4 Stefan Becker 2009-08-02 16:34:16 UTC 
FYI: looks like this is not a ppc architecture bug. arm-unknown-linux-gnueabi on Ubuntu reports the same error:

 <https://launchpad.net/ubuntu/+source/pidgin-sipe/1.5.0-0ubuntu1>
 <http://launchpadlibrarian.net/29699481/buildlog_ubuntu-karmic-armel.pidgin-sipe_1.5.0-0ubuntu1_FAILEDTOBUILD.txt.gz>

cc1: warnings being treated as errors
sip-sec-ntlm.c: In function 'sip_sec_init_sec_context__ntlm':
sip-sec-ntlm.c:507: error: array subscript is above array bounds
make[2]: *** [libsipe_la-sip-sec-ntlm.lo] Error 1
Comment 5 Jakub Jelinek 2009-08-03 07:43:45 UTC 
Simplified testcase:
struct A
{
  unsigned char a1[8];
  unsigned short a2, a3, a4, a5, a6, a7;
};

int bar (void *, const char *, int);
char *foo (void *, int);

char *
baz (const char *x, const char *y)
{
  int a = sizeof (struct A) + 2 * (__builtin_strlen (y)
				   + __builtin_strlen (x) + 24) + 16;
  struct A *b = __builtin_malloc (a);
  char *c;
  int d;

  b->a4 = sizeof (struct A);
  c = ((char *) b) + b->a4;
  d = ((char *) b) + a - c;
  b->a2 = b->a3 = (unsigned short) bar (c, y, d);
  c += b->a2;
  d = ((char *) b) + a - c;
  b->a7 = b->a4 + b->a2;
  b->a5 = b->a6 = (unsigned short) bar (c, x, d);
  c = foo (b, a);
  return c;
}
Comment 6 Jakub Jelinek 2009-08-03 08:32:35 UTC 
Tracking upstream.  As a workaround, either use one of the above mentioned workarounds, or make sure the first field in the struct isn't a char array.
Comment 7 David Woodhouse 2009-08-03 08:51:53 UTC 
If you drop the 'unsigned' and use just 'char a1[8]' in your test case, in the definition of 'struct A', then it'll occur on architectures where 'char' is signed by default too.
Note You need to log in before you can comment on or make changes to this bug.