public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs
@ 2007-07-07 9:29 dfranke at gcc dot gnu dot org
2007-07-09 22:42 ` [Bug fortran/32665] " pault at gcc dot gnu dot org
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: dfranke at gcc dot gnu dot org @ 2007-07-07 9:29 UTC (permalink / raw)
To: gcc-bugs
While experimenting with testcases from PR31320, I hit this:
$> cat alloc.f90
TYPE :: x
INTEGER, ALLOCATABLE :: a(:)
END TYPE
TYPE(x) :: a
a = x((/ 1, 2, 3 /))
a = x((/ a%a, 4 /))
end
$> gfortran-svn -g -Wall -fdump-tree-original allocatable.f90 && ./a.out
Segmentation fault
$> valgrind --tool=memcheck --leak-check=full ./a.out
[...]
==2287== Invalid read of size 4
==2287== at 0x804895F: MAIN__ (allocatable.f90:8)
==2287== by 0x8048C78: main (fmain.c:22)
==2287== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==2287==
==2287== Process terminating with default action of signal 11 (SIGSEGV)
==2287== Access not within mapped region at address 0x0
==2287== at 0x804895F: MAIN__ (allocatable.f90:8)
==2287== by 0x8048C78: main (fmain.c:22)
>From trre-dump:
[...]
_gfortran_deallocate (a.a.data, &D.1050);
a.a.data = 0B;
[...]
D.1029 = (int4[0:] *) a.a.data;
[...]
while (1)
{
if (S.6 > a.a.dim[0].ubound) goto L.1;
(*(int4[0:] *) atmp.4.data)[offset.5] = (*D.1029)[S.6 * D.1034 +
D.1030];
offset.5 = offset.5 + 1;
S.6 = S.6 + 1;
}
L.1:;
$> gcc version 4.3.0 20070705 (experimental)
--
Summary: allocatable array on lhs deleted while still in use on
rhs
Product: gcc
Version: 4.3.0
Status: UNCONFIRMED
Keywords: wrong-code
Severity: normal
Priority: P3
Component: fortran
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: dfranke at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
@ 2007-07-09 22:42 ` pault at gcc dot gnu dot org
2007-07-13 9:50 ` pault at gcc dot gnu dot org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-09 22:42 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from pault at gcc dot gnu dot org 2007-07-09 22:42 -------
Oh dear - that's right. I feel a temporary coming on!
Paul
--
pault at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Ever Confirmed|0 |1
Last reconfirmed|0000-00-00 00:00:00 |2007-07-09 22:42:47
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
2007-07-09 22:42 ` [Bug fortran/32665] " pault at gcc dot gnu dot org
@ 2007-07-13 9:50 ` pault at gcc dot gnu dot org
2007-07-13 9:58 ` dfranke at gcc dot gnu dot org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-13 9:50 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from pault at gcc dot gnu dot org 2007-07-13 09:50 -------
This is a two-in-oner; as well as the deallocation, this is broken:
$ cat pr32665.f90
TYPE :: x
INTEGER, ALLOCATABLE :: a(:)
END TYPE
TYPE(x) :: a, b
call foo
b = x((/ (a%a), 4 /))
print *, "foo gives ", b%a
call bar
b = x((/ (a%a), 4 /))
print *, "bar gives ", b%a
contains
subroutine foo
allocate (a%a(2))
a%a(1) = 1
a%a(2) = 2
end subroutine
subroutine bar
a = x ((/1, 2/))
end subroutine
end
$ ./a
foo gives 1 2 4
bar gives 1 2 0 4
This comes about because the structure constructor suddenly runs amok, with:
parm.2.data = 0B;
x.0.a.offset = 0;
x.0.a.dim[0].ubound = x.0.a.dim[0].ubound + 1;
x.0.a.dim[0].lbound = 1;
D.1014 = x.0.a.dim[0].lbound * x.0.a.dim[0].stride;
x.0.a.offset = x.0.a.offset - D.1014;
}
a = x.0;
*sigh*
Paul
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
2007-07-09 22:42 ` [Bug fortran/32665] " pault at gcc dot gnu dot org
2007-07-13 9:50 ` pault at gcc dot gnu dot org
@ 2007-07-13 9:58 ` dfranke at gcc dot gnu dot org
2007-07-13 13:48 ` pault at gcc dot gnu dot org
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: dfranke at gcc dot gnu dot org @ 2007-07-13 9:58 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from dfranke at gcc dot gnu dot org 2007-07-13 09:58 -------
Paul, please have a look at PR31320 as well.
The issue described there is at least very close to your observation.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
` (2 preceding siblings ...)
2007-07-13 9:58 ` dfranke at gcc dot gnu dot org
@ 2007-07-13 13:48 ` pault at gcc dot gnu dot org
2007-07-16 9:45 ` patchapp at dberlin dot org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-13 13:48 UTC (permalink / raw)
To: gcc-bugs
------- Comment #4 from pault at gcc dot gnu dot org 2007-07-13 13:48 -------
(In reply to comment #3)
> Paul, please have a look at PR31320 as well.
> The issue described there is at least very close to your observation.
(In reply to comment #3)
> Paul, please have a look at PR31320 as well.
> The issue described there is at least very close to your observation.
Daniel,
So close, in fact, as to be identical! Thanks
Paul
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
` (3 preceding siblings ...)
2007-07-13 13:48 ` pault at gcc dot gnu dot org
@ 2007-07-16 9:45 ` patchapp at dberlin dot org
2007-07-16 12:01 ` pault at gcc dot gnu dot org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: patchapp at dberlin dot org @ 2007-07-16 9:45 UTC (permalink / raw)
To: gcc-bugs
------- Comment #5 from patchapp at dberlin dot org 2007-07-16 09:45 -------
Subject: Bug number PR32665
A patch for this bug has been added to the patch tracker.
The mailing list url for the patch is
http://gcc.gnu.org/ml/gcc-patches/2007-07/msg01417.html
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
` (4 preceding siblings ...)
2007-07-16 9:45 ` patchapp at dberlin dot org
@ 2007-07-16 12:01 ` pault at gcc dot gnu dot org
2007-07-17 17:23 ` pault at gcc dot gnu dot org
2007-07-17 17:49 ` pault at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-16 12:01 UTC (permalink / raw)
To: gcc-bugs
------- Comment #6 from pault at gcc dot gnu dot org 2007-07-16 12:01 -------
I have just posted a fix for this PR.
Paul
--
pault at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at gcc dot gnu |pault at gcc dot gnu dot org
|dot org |
Status|NEW |ASSIGNED
Last reconfirmed|2007-07-09 22:42:47 |2007-07-16 12:01:33
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
` (5 preceding siblings ...)
2007-07-16 12:01 ` pault at gcc dot gnu dot org
@ 2007-07-17 17:23 ` pault at gcc dot gnu dot org
2007-07-17 17:49 ` pault at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-17 17:23 UTC (permalink / raw)
To: gcc-bugs
------- Comment #7 from pault at gcc dot gnu dot org 2007-07-17 17:23 -------
Subject: Bug 32665
Author: pault
Date: Tue Jul 17 17:22:44 2007
New Revision: 126703
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=126703
Log:
2007-07-17 Paul Thomas <pault@gcc.gnu.org>
PR fortran/31320
PR fortran/32665
* trans-expr.c (gfc_trans_subcomponent_assign): Ensure that
renormalization unity base is done independently of existing
lbound value.
(gfc_trans_scalar_assign): If rhs is not a variable, put
lse->pre after rse->pre to ensure that de-allocation of lhs
occurs after evaluation of rhs.
2007-07-17 Paul Thomas <pault@gcc.gnu.org>
PR fortran/31320
PR fortran/32665
* gfortran.dg/alloc_comp_constructor_3.f90: New test.
Added:
trunk/gcc/testsuite/gfortran.dg/alloc_comp_constructor_3.f90
Modified:
trunk/gcc/fortran/ChangeLog
trunk/gcc/fortran/trans-expr.c
trunk/gcc/testsuite/ChangeLog
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug fortran/32665] allocatable array on lhs deleted while still in use on rhs
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
` (6 preceding siblings ...)
2007-07-17 17:23 ` pault at gcc dot gnu dot org
@ 2007-07-17 17:49 ` pault at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: pault at gcc dot gnu dot org @ 2007-07-17 17:49 UTC (permalink / raw)
To: gcc-bugs
------- Comment #8 from pault at gcc dot gnu dot org 2007-07-17 17:49 -------
Fixed on trunk.
Paul
--
pault at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32665
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2007-07-17 17:49 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-07 9:29 [Bug fortran/32665] New: allocatable array on lhs deleted while still in use on rhs dfranke at gcc dot gnu dot org
2007-07-09 22:42 ` [Bug fortran/32665] " pault at gcc dot gnu dot org
2007-07-13 9:50 ` pault at gcc dot gnu dot org
2007-07-13 9:58 ` dfranke at gcc dot gnu dot org
2007-07-13 13:48 ` pault at gcc dot gnu dot org
2007-07-16 9:45 ` patchapp at dberlin dot org
2007-07-16 12:01 ` pault at gcc dot gnu dot org
2007-07-17 17:23 ` pault at gcc dot gnu dot org
2007-07-17 17:49 ` pault at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).