[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 2/3] Fix -Werror=array-bounds array subscript 0 is outside
From: |
Daniel Kiper |
Subject: |
Re: [PATCH v2 2/3] Fix -Werror=array-bounds array subscript 0 is outside array bounds |
Date: |
Wed, 6 Apr 2022 18:01:25 +0200 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Mon, Mar 28, 2022 at 03:00:53PM +0800, Michael Chang via Grub-devel wrote:
> The grub is failing to build with gcc-12 in many places like this:
>
> In function 'init_cbfsdisk',
> inlined from 'grub_mod_init' at ../../grub-core/fs/cbfs.c:391:3:
> ../../grub-core/fs/cbfs.c:345:7: error: array subscript 0 is outside array
> bounds of 'grub_uint32_t[0]' {aka 'unsigned int[]'} [-Werror=array-bounds]
> 345 | ptr = *(grub_uint32_t *) 0xfffffffc;
> | ~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> This is caused by gcc regression in 11/12 [1]. In a nut shell, the
> warning is about detected invalid accesses at non-zero offsets to NULL
> pointers. Since hardwired constant address is treated as NULL plus an
> offset in the same underlying code, the warning is therefore triggered.
>
> Instead of inserting #pragma all over the places where literal pointers
> are accessed to avoid diagnosing array-bounds, we can try to borrow the
> idea from linux kernel that the absolute_pointer macro [2][3] is used to
> disconnect a pointer using literal address from it's original object,
> hence gcc won't be able to make assumptions on the boundary while doing
> pointer arithmetic. With that we can greatly reduce the code we have to
> cover up by making initial literal pointer assignment to use the new
> wrapper but not having to track everywhere literal pointers are
> accessed. This also makes code looks cleaner.
>
> Please note the absolute_pointer macro requires to be invoked in a
> function as long as it is compound expression. Some global variables
> with literal pointers has been changed to local ones in order to use
> absolute_pointer to initialize it. The suffling is basically done in a
> selective and careful way that the variable's scope doesn't matter being
> local or global, for example, the global variable must not get modified
> at run time throughout. For the record, here's the list of global
> variables got shuffled in this patch.
>
> grub-core/commands/i386/pc/drivemap.c::int13slot
> grub-core/term/i386/pc/console.c::bios_data_area
> grub-core/term/ns8250.c::serial_hw_io_addr
>
> [1]
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578
> [2]
> https://elixir.bootlin.com/linux/v5.16.14/source/include/linux/compiler.h#L180
> [3]
> https://elixir.bootlin.com/linux/v5.16.14/source/include/linux/compiler-gcc.h#L31
>
> Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Daniel
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH v2 2/3] Fix -Werror=array-bounds array subscript 0 is outside array bounds,
Daniel Kiper <=