public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug fortran/45432] New: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE
@ 2010-08-27 19:29 burnus at gcc dot gnu dot org
2010-08-27 19:40 ` [Bug fortran/45432] " janus at gcc dot gnu dot org
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: burnus at gcc dot gnu dot org @ 2010-08-27 19:29 UTC (permalink / raw)
To: gcc-bugs
When running gfortran gfortran.dg/allocate_alloc_opt_9.f90 I get an ICE with
free_expr0(): Bad expr type
That happens for the second call to gfc_match_allocate and the ICE happens via
gfc_match_allocate (match.c:309) -> gfc_free_expr
valgrind writes:
==2974== Invalid read of size 4
==2974== at 0x508BC9: gfc_match_allocate (match.c:3098)
==2974== by 0x518FA9: match_word (parse.c:65)
==2974== by 0x519EFC: decode_statement (parse.c:332)
If one prints the value of tmp and tmp->expr_type, one gets tmp != NULL and
expr_type == 1549556828 ...
Daniel checked 4.5.0 and found the same valgrind error.
--
Summary: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to
invalid FREE
Product: gcc
Version: 4.6.0
Status: UNCONFIRMED
Keywords: ice-on-invalid-code, error-recovery
Severity: normal
Priority: P3
Component: fortran
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: burnus at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45432
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug fortran/45432] gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE
2010-08-27 19:29 [Bug fortran/45432] New: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE burnus at gcc dot gnu dot org
@ 2010-08-27 19:40 ` janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
2 siblings, 0 replies; 4+ messages in thread
From: janus at gcc dot gnu dot org @ 2010-08-27 19:40 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from janus at gcc dot gnu dot org 2010-08-27 19:40 -------
This should fix it (it was some kind of double-free problem):
Index: gcc/fortran/match.c
===================================================================
--- gcc/fortran/match.c (revision 163594)
+++ gcc/fortran/match.c (working copy)
@@ -2955,6 +2955,7 @@ alloc_opt_list:
}
stat = tmp;
+ tmp = NULL;
saw_stat = true;
if (gfc_check_do_variable (stat->symtree))
@@ -2981,6 +2982,7 @@ alloc_opt_list:
}
errmsg = tmp;
+ tmp = NULL;
saw_errmsg = true;
if (gfc_match_char (',') == MATCH_YES)
@@ -3019,6 +3021,7 @@ alloc_opt_list:
}
source = tmp;
+ tmp = NULL;
saw_source = true;
if (gfc_match_char (',') == MATCH_YES)
@@ -3050,6 +3053,7 @@ alloc_opt_list:
}
mold = tmp;
+ tmp = NULL;
saw_mold = true;
mold->mold = 1;
--
janus at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at gcc dot gnu |janus at gcc dot gnu dot org
|dot org |
Status|UNCONFIRMED |ASSIGNED
Ever Confirmed|0 |1
Last reconfirmed|0000-00-00 00:00:00 |2010-08-27 19:40:17
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45432
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug fortran/45432] gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE
2010-08-27 19:29 [Bug fortran/45432] New: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE burnus at gcc dot gnu dot org
2010-08-27 19:40 ` [Bug fortran/45432] " janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
@ 2010-08-27 21:51 ` janus at gcc dot gnu dot org
2 siblings, 0 replies; 4+ messages in thread
From: janus at gcc dot gnu dot org @ 2010-08-27 21:51 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from janus at gcc dot gnu dot org 2010-08-27 21:51 -------
Fixed with r163599. Closing.
--
janus at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45432
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug fortran/45432] gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE
2010-08-27 19:29 [Bug fortran/45432] New: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE burnus at gcc dot gnu dot org
2010-08-27 19:40 ` [Bug fortran/45432] " janus at gcc dot gnu dot org
@ 2010-08-27 21:51 ` janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
2 siblings, 0 replies; 4+ messages in thread
From: janus at gcc dot gnu dot org @ 2010-08-27 21:51 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from janus at gcc dot gnu dot org 2010-08-27 21:51 -------
Subject: Bug 45432
Author: janus
Date: Fri Aug 27 21:50:47 2010
New Revision: 163599
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=163599
Log:
2010-08-27 Janus Weil <janus@gcc.gnu.org>
PR fortran/45432
* match.c (gfc_match_allocate): Avoid double free on error.
Modified:
trunk/gcc/fortran/ChangeLog
trunk/gcc/fortran/match.c
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45432
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-08-27 21:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-27 19:29 [Bug fortran/45432] New: gfortran.dg/allocate_alloc_opt_9.f90: Segfault due to invalid FREE burnus at gcc dot gnu dot org
2010-08-27 19:40 ` [Bug fortran/45432] " janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
2010-08-27 21:51 ` janus at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).