FreeRTOS+FAT: In function 'FF_Partition': warning: array subscript is above array bounds

Libraries
1

When I compile, I get this warning:

ff_format.c: In function 'FF_Partition':
ff_format.c:704:50: warning: array subscript is above array bounds [-Warray-bounds]
      writeParts[ 1 ].ulSectorCount = pxPartitions[index+1].ulSectorCount + ulInterSpace;
                                                  ^

Is it anything to worry about?

It is in this area:

		for( index = -1; index < xPartitionCount; index++ )
		{


				if( index < xPartitionCount - 1 )
				{
					/* Next extended partition */
					writeParts[ 1 ].ulStartLBA = ulInterSpace + ulLBA - extendedLBA + writeParts[ 0 ].ulSectorCount;
					writeParts[ 1 ].ulSectorCount = pxPartitions[index+1].ulSectorCount + ulInterSpace;
2

Carl, I’m sorry I didn’t see your post earlier.

I can not replicate the warning message. Only when I change the code to this:

    FF_Part_t writeParts[ 1 ];
    writeParts[ 1 ].ucActive = 0x80;

it gives the warning: array subscript is above array bounds

What compiler (and version) are you using?

3

Suspect the warning is generate by this code section.

4

Ah yes, could very well be.

Carl, have you tried increasing the value of ffconfigMAX_PARTITIONS already?
What is its current value?

5

It is this:

/* Defines the maximum number of partitions (and also logical partitions)
that can be recognised. */
#define	ffconfigMAX_PARTITIONS 1

I leave SD Cards in one partition because I believe Windows will only look at one, and my use cases require the cards to be readable on Windows.

Note, this is just a compile-time warning. I’m not having a problem at run time.

I’m thinking it is a spurious warning. The if( index < xPartitionCount - 1 ) ensures that index is at most xPartitionCount-2, so pxPartitions[index+1] can’t be higher than pxPartitions[xPartitionCount-1], which is within array bounds, right?

6

can’t be higher than pxPartitions[xPartitionCount-1],
which is within array bounds, right?

I think so too.
Actually it is a very long time that I wrote this code and that I tested all possible scenarios.

7

I guess it depends on ffconfigMAX_PARTITIONS and xPartitionCount. It might be worth sticking in an assert at line ff_format.c:704:

				writeParts[ 1 ].ulStartLBA = ulInterSpace + ulLBA - extendedLBA + writeParts[ 0 ].ulSectorCount;
				configASSERT(index+1 < ffconfigMAX_PARTITIONS);
				writeParts[ 1 ].ulSectorCount = pxPartitions[index+1].ulSectorCount + ulInterSpace;
8

The compiler is ARM GCC 5.4-2016-q2-update.

arm-none-eabi-gcc.exe -mcpu=cortex-m0plus -mthumb -I. -IGenerated_Source\PSoC6 -IGenerated_Source\PSoC6\pdl\cmsis/include/ -IGenerated_Source\PSoC6\pdl\devices/psoc6/include/ -IGenerated_Source\PSoC6\pdl\devices/psoc6/include/ip/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/device/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/efuse/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/flash/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/gpio/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/ipc/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/lvd/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/profile/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/prot/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/rtc/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/scb/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysanalog/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysclk/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysint/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/syslib/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/syspm/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/systick/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/trigmux/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/wdt/ -IGenerated_Source\PSoC6\pdl\middleware/ -IGenerated_Source\PSoC6\pdl\rtos/FreeRTOS/10.0.1/Source/include/ -IGenerated_Source\PSoC6\pdl\rtos/FreeRTOS/10.0.1/Source/portable/GCC/CM4F/ -IGenerated_Source\PSoC6\pdl\utilities/ -Wa,-alh=.\CortexM0p\ARM_GCC_541\Release/ff_format.lst -g -D NDEBUG -D CY_CORE_ID=0 -D CY_PSOC_CREATOR_USED=1 -D CY8C6347BZI_BLD53 -Wall -ffunction-sections -ffat-lto-objects -Os -c ff_format.c -o .\CortexM0p\ARM_GCC_541\Release\ff_format.o
ff_format.c: In function 'FF_Format':
ff_format.c:191:10: warning: variable 'ulClusterBeginLBA' set but not used [-Wunused-but-set-variable]
 uint32_t ulClusterBeginLBA = 0;        /* Sector address of the first data cluster */
          ^
ff_format.c: In function 'FF_Partition':
ff_format.c:705:50: warning: array subscript is above array bounds [-Warray-bounds]
      writeParts[ 1 ].ulSectorCount = pxPartitions[index+1].ulSectorCount + ulInterSpace;
                                                  ^
9

I went through the code while writing assertions about possible values.

When ffconfigMAX_PARTITIONS equals 1, there can never be an extended partition. The code that triggers a warning is part of this code block:

if( xNeedExtended != pdFALSE )

Further, I saw that xPartitionCount <= ffconfigMAX_PARTITIONS, and as you wrote the code is protected with an extra test:

if( index < xPartitionCount - 1 )

i wonder if your compiler will not complain if we use a const in the comparison:

if( index < ffconfigMAX_PARTITIONS - 1 )

If not, let’s just leave it with a comment about a possible compiler warning.

Thanks, Hein

10

Indeed, the compiler no longer complains if I change it to:

//				if( index < xPartitionCount - 1 )
                if( index < ffconfigMAX_PARTITIONS - 1 )              
				{
					/* Next extended partition */
					writeParts[ 1 ].ulStartLBA = ulInterSpace + ulLBA - extendedLBA + writeParts[ 0 ].ulSectorCount;
					writeParts[ 1 ].ulSectorCount = pxPartitions[index+1].ulSectorCount + ulInterSpace;

Here is the compilation output:

arm-none-eabi-gcc.exe -mcpu=cortex-m4 -mfloat-abi=softfp -mfpu=fpv4-sp-d16 -mthumb -I..\Lab-Project-FreeRTOS-FAT\include -I..\Lab-Project-FreeRTOS-FAT\portable\common -I.\portable\MCU_PSOC6_M4 -I. -IGenerated_Source\PSoC6 -IGenerated_Source\PSoC6\pdl\cmsis/include/ -IGenerated_Source\PSoC6\pdl\devices/psoc6/include/ -IGenerated_Source\PSoC6\pdl\devices/psoc6/include/ip/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/device/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/efuse/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/flash/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/gpio/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/ipc/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/lvd/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/profile/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/prot/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/rtc/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/scb/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysanalog/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysclk/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/sysint/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/syslib/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/syspm/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/systick/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/trigmux/ -IGenerated_Source\PSoC6\pdl\drivers/peripheral/wdt/ -IGenerated_Source\PSoC6\pdl\middleware/ -IGenerated_Source\PSoC6\pdl\rtos/FreeRTOS/10.0.1/Source/include/ -IGenerated_Source\PSoC6\pdl\rtos/FreeRTOS/10.0.1/Source/portable/GCC/CM4F/ -IGenerated_Source\PSoC6\pdl\utilities/ -Wa,-alh=.\CortexM4\ARM_GCC_541\Release/ff_format.lst -g -D NDEBUG -D CY_CORE_ID=0 -D CY_PSOC_CREATOR_USED=1 -D CY8C6347BZI_BLD53 -Wall -ffunction-sections -ffat-lto-objects -finline-functions -flto -O1 -I ..\Lab-Project-FreeRTOS-FAT\include -c ..\Lab-Project-FreeRTOS-FAT\ff_format.c -o .\CortexM4\ARM_GCC_541\Release\ff_format.o
..\Lab-Project-FreeRTOS-FAT\ff_format.c: In function 'FF_Format':
..\Lab-Project-FreeRTOS-FAT\ff_format.c:168:10: warning: variable 'ulClusterBeginLBA' set but not used [-Wunused-but-set-variable]
 uint32_t ulClusterBeginLBA = 0;        /* Sector address of the first data cluster */
          ^