Array access outbound in system header file "stl_algobase.h" in project header file "ByteInterval.hpp"

[PhiliaTheCat]

This happened when I was building the project with a v2.2.0 source tree on Windows 11 WSL running on a x64 CPU.

Checkout with the following command: git checkout v2.2.0

CMake invocation:

# Source tree locates at ~/gtirb
# Working dir is ~/gtirb-build
cmake ../gtirb -DCMAKE_BUILD_TYPE=relese
cmake --build . -j32

WSL version is 2.3.26.0, and I am using the latest Ubuntu version available (24.04) on WSL.

GCC version is 13.2.0

CMake version is 3.28.3

Shell output as following:

In file included from /usr/include/c++/13/string:51,
                 from /usr/include/c++/13/bits/locale_classes.h:40,
                 from /usr/include/c++/13/bits/ios_base.h:41,
                 from /usr/include/c++/13/iomanip:42,
                 from /home/philia/gtirb/include/gtirb/Addr.hpp:21,
                 from /home/philia/gtirb/include/gtirb/IR.hpp:18,
                 from /home/philia/gtirb/src/ByteInterval.cpp:15:
In static member function ‘static _Up* std::__copy_move<_IsMove, true, std::random_access_iterator_tag>::__copy_m(_Tp*, _Tp*, _Up*) [with _Tp = const unsigned char; _Up = unsigned char; bool _IsMove = false]’,
    inlined from ‘_OI std::__copy_move_a2(_II, _II, _OI) [with bool _IsMove = false; _II = const unsigned char*; _OI = unsigned char*]’ at /usr/include/c++/13/bits/stl_algobase.h:506:30,
    inlined from ‘_OI std::__copy_move_a1(_II, _II, _OI) [with bool _IsMove = false; _II = const unsigned char*; _OI = unsigned char*]’ at /usr/include/c++/13/bits/stl_algobase.h:533:42,
    inlined from ‘_OI std::__copy_move_a(_II, _II, _OI) [with bool _IsMove = false; _II = __gnu_cxx::__normal_iterator<const unsigned char*, vector<unsigned char> >; _OI = unsigned char*]’ at /usr/include/c++/13/bits/stl_algobase.h:540:31,
    inlined from ‘_OI std::copy(_II, _II, _OI) [with _II = __gnu_cxx::__normal_iterator<const unsigned char*, vector<unsigned char> >; _OI = unsigned char*]’ at /usr/include/c++/13/bits/stl_algobase.h:633:7,
    inlined from ‘_OutputIterator std::__copy_n(_RandomAccessIterator, _Size, _OutputIterator, random_access_iterator_tag) [with _RandomAccessIterator = __gnu_cxx::__normal_iterator<const unsigned char*, vector<unsigned char> >; _Size = long unsigned int; _OutputIterator = unsigned char*]’ at /usr/include/c++/13/bits/stl_algo.h:731:23,
    inlined from ‘_OIter std::copy_n(_IIter, _Size, _OIter) [with _IIter = __gnu_cxx::__normal_iterator<const unsigned char*, vector<unsigned char> >; _Size = long unsigned int; _OIter = unsigned char*]’ at /usr/include/c++/13/bits/stl_algo.h:763:27,
    inlined from ‘gtirb::ByteInterval::BytesReference<ByteIntervalType, T>::operator T() const [with ByteIntervalType = const gtirb::ByteInterval; T = char]’ at /home/philia/gtirb/include/gtirb/ByteInterval.hpp:1654:20,
    inlined from ‘static _OI std::__copy_move<_IsMove, _IsSimple, _Category>::__copy_m(_II, _II, _OI) [with _II = gtirb::ByteInterval::BytesBaseIterator<const gtirb::ByteInterval, char>; _OI = std::back_insert_iterator<std::__cxx11::basic_string<char> >; bool _IsMove = false; bool _IsSimple = false; _Category = boost::iterators::detail::iterator_category_with_traversal<std::input_iterator_tag, boost::iterators::random_access_traversal_tag>]’ at /usr/include/c++/13/bits/stl_algobase.h:356:16,
    inlined from ‘_OI std::__copy_move_a2(_II, _II, _OI) [with bool _IsMove = false; _II = gtirb::ByteInterval::BytesBaseIterator<const gtirb::ByteInterval, char>; _OI = back_insert_iterator<__cxx11::basic_string<char> >]’ at /usr/include/c++/13/bits/stl_algobase.h:506:30,
    inlined from ‘_OI std::__copy_move_a1(_II, _II, _OI) [with bool _IsMove = false; _II = gtirb::ByteInterval::BytesBaseIterator<const gtirb::ByteInterval, char>; _OI = back_insert_iterator<__cxx11::basic_string<char> >]’ at /usr/include/c++/13/bits/stl_algobase.h:533:42,
    inlined from ‘_OI std::__copy_move_a(_II, _II, _OI) [with bool _IsMove = false; _II = gtirb::ByteInterval::BytesBaseIterator<const gtirb::ByteInterval, char>; _OI = back_insert_iterator<__cxx11::basic_string<char> >]’ at /usr/include/c++/13/bits/stl_algobase.h:540:31,
    inlined from ‘_OI std::copy(_II, _II, _OI) [with _II = gtirb::ByteInterval::BytesBaseIterator<const gtirb::ByteInterval, char>; _OI = back_insert_iterator<__cxx11::basic_string<char> >]’ at /usr/include/c++/13/bits/stl_algobase.h:633:7,
    inlined from ‘void gtirb::ByteInterval::toProtobuf(MessageType*) const’ at /home/philia/gtirb/src/ByteInterval.cpp:82:12:
/usr/include/c++/13/bits/stl_algobase.h:437:30: error: ‘void* __builtin_memcpy(void*, const void*, long unsigned int)’ forming offset 1 is out of the bounds [0, 1] of object ‘Array’ with type ‘std::array<unsigned char, 1>’ [-Werror=array-bounds=]
  437 |             __builtin_memmove(__result, __first, sizeof(_Tp) * _Num);
      |             ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/philia/gtirb/include/gtirb/DataBlock.hpp:19,
                 from /home/philia/gtirb/include/gtirb/Module.hpp:20,
                 from /home/philia/gtirb/include/gtirb/IR.hpp:23:
/home/philia/gtirb/include/gtirb/ByteInterval.hpp: In member function ‘void gtirb::ByteInterval::toProtobuf(MessageType*) const’:
/home/philia/gtirb/include/gtirb/ByteInterval.hpp:1652:40: note: ‘Array’ declared here
 1652 |         std::array<uint8_t, sizeof(T)> Array{};
      |                                        ^~~~~
cc1plus: all warnings being treated as errors
gmake[2]: *** [src/CMakeFiles/gtirb.dir/build.make:104: src/CMakeFiles/gtirb.dir/ByteInterval.cpp.o] Error 1
gmake[2]: *** Waiting for unfinished jobs....
gmake[1]: *** [CMakeFiles/Makefile2:436: src/CMakeFiles/gtirb.dir/all] Error 2
gmake: *** [Makefile:166: all] Error 2

[jdorn-gt]

I'm fairly confident this is a false positive. It looks like gcc made their array bounds algorithm more aggressive around gcc-12, and it's not happy with the way we compute the bounds for the copy on line 1654. I'll work on a patch to convince gcc the access is safe or otherwise silence the warning for that line.