public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters
@ 2023-06-16 14:46 zed.three at gmail dot com
2023-06-16 16:38 ` [Bug fortran/110288] [11/12/13/14] " anlauf at gcc dot gnu.org
` (10 more replies)
0 siblings, 11 replies; 12+ messages in thread
From: zed.three at gmail dot com @ 2023-06-16 14:46 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
Bug ID: 110288
Summary: [11/12/13] Regression: segfault in findloc with
allocatable array of allocatable characters
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: fortran
Assignee: unassigned at gcc dot gnu.org
Reporter: zed.three at gmail dot com
Target Milestone: ---
Created attachment 55350
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=55350&action=edit
Minimal example source code
The following program crashes with a segfault "invalid memory reference" inside
`findloc`:
program test
character(len=:), allocatable, dimension(:) :: array
array = ["bb", "bb"]
print*, findloc(array, "aa", dim=1)
end program
Compiler Explorer example: https://godbolt.org/z/Evrnose5o
The same program works in gfortran 10.4, crashes in 11+, including trunk (GNU
Fortran
(Compiler-Explorer-Build-gcc-7ff793415f55fa9a92f348fecb8c75ac8acc8b87-binutils-2.40)
14.0.0 20230616 (experimental)).
A minimum of two elements in the array are required, and it must be
allocatable, but it doesn't matter if the element is in `array` or not.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
@ 2023-06-16 16:38 ` anlauf at gcc dot gnu.org
2023-07-09 20:38 ` anlauf at gcc dot gnu.org
` (9 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-06-16 16:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
anlauf at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |wrong-code
Summary|[11/12/13] Regression: |[11/12/13/14] Regression:
|segfault in findloc with |segfault in findloc with
|allocatable array of |allocatable array of
|allocatable characters |allocatable characters
Target Milestone|--- |11.5
Last reconfirmed| |2023-06-16
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
--- Comment #1 from anlauf at gcc dot gnu.org ---
Confirmed.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
2023-06-16 16:38 ` [Bug fortran/110288] [11/12/13/14] " anlauf at gcc dot gnu.org
@ 2023-07-09 20:38 ` anlauf at gcc dot gnu.org
2023-07-10 20:50 ` anlauf at gcc dot gnu.org
` (8 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-09 20:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
anlauf at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |anlauf at gcc dot gnu.org
--- Comment #2 from anlauf at gcc dot gnu.org ---
Interesting bug.
Modified testcase:
program test
character(len=:), allocatable, dimension(:) :: array
array = ["bb", "aa"]
print *, findloc (array, "aa", dim=1, kind=8)
contains
subroutine sub (str)
character(*), intent(in) :: str(:)
! print *, findloc (str, "bb", dim=1, kind=8) ! (un-)comment this line!
end
end program test
The tree-dump shows for the findloc call:
D.4354 = _gfortran_findloc2_s1 (&parm.3, &"aa"[1]{lb: 1 sz: 1}, 0, &.array, 2);
Note that we pass an address where we should pass the dereferenced length.
Uncommenting the marked line, we get instead (for the same source line!):
D.4374 = _gfortran_findloc2_s1 (&parm.9, &"aa"[1]{lb: 1 sz: 1}, 0, .array, 2);
Indeed this variant is fine and runs fine.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
2023-06-16 16:38 ` [Bug fortran/110288] [11/12/13/14] " anlauf at gcc dot gnu.org
2023-07-09 20:38 ` anlauf at gcc dot gnu.org
@ 2023-07-10 20:50 ` anlauf at gcc dot gnu.org
2023-07-11 18:21 ` anlauf at gcc dot gnu.org
` (7 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-10 20:50 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #3 from anlauf at gcc dot gnu.org ---
The apparent discrepancy between fndecl and the actual arguments in the call
may be a result from the following block in gfc_conv_procedure_call after:
7390 /* Deferred length dummies pass the character length by reference
7391 so that the value can be returned. */
7392 if (parmse.string_length && fsym && fsym->ts.deferred)
...
The following patch fixes the testcase and regtests ok so far:
diff --git a/gcc/fortran/trans-expr.cc b/gcc/fortran/trans-expr.cc
index 7017b652d6e..8ed812bff0d 100644
--- a/gcc/fortran/trans-expr.cc
+++ b/gcc/fortran/trans-expr.cc
@@ -7404,7 +7404,10 @@ gfc_conv_procedure_call (gfc_se * se, gfc_symbol * sym,
tmp = parmse.string_length;
if (!VAR_P (tmp) && TREE_CODE (tmp) != COMPONENT_REF)
tmp = gfc_evaluate_now (parmse.string_length, &se->pre);
- parmse.string_length = gfc_build_addr_expr (NULL_TREE, tmp);
+ if (fsym->attr.allocatable || fsym->attr.pointer)
+ parmse.string_length = gfc_build_addr_expr (NULL_TREE, tmp);
+ else
+ parmse.string_length = tmp;
}
if (e && e->expr_type == EXPR_VARIABLE
Needs more checking.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (2 preceding siblings ...)
2023-07-10 20:50 ` anlauf at gcc dot gnu.org
@ 2023-07-11 18:21 ` anlauf at gcc dot gnu.org
2023-07-11 19:40 ` anlauf at gcc dot gnu.org
` (6 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-11 18:21 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #4 from anlauf at gcc dot gnu.org ---
The patch in comment#3 tries to fix a symptom and is wrong. The true cause
is the attempt to derive the formal argument typespec from the actual for
intrinsics. This mistreats character, as the actual might be deferred-length.
Better fix:
diff --git a/gcc/fortran/symbol.cc b/gcc/fortran/symbol.cc
index 37a9e8fa0ae..18d0fde8319 100644
--- a/gcc/fortran/symbol.cc
+++ b/gcc/fortran/symbol.cc
@@ -4725,6 +4731,13 @@ gfc_copy_formal_args_intr (gfc_symbol *dest,
gfc_intrinsic_sym *src,
formal_arg->sym->attr.flavor = FL_VARIABLE;
formal_arg->sym->attr.dummy = 1;
+ /* Be careful not to treat an actual deferred-length character
+ argument wrongly as template for the formal argument. */
+ if (formal_arg->sym->ts.type == BT_CHARACTER
+ && !(formal_arg->sym->attr.allocatable
+ || formal_arg->sym->attr.pointer))
+ formal_arg->sym->ts.deferred = false;
+
if (formal_arg->sym->ts.type == BT_CHARACTER)
formal_arg->sym->ts.u.cl = gfc_new_charlen (gfc_current_ns, NULL);
Regtests OK.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (3 preceding siblings ...)
2023-07-11 18:21 ` anlauf at gcc dot gnu.org
@ 2023-07-11 19:40 ` anlauf at gcc dot gnu.org
2023-07-11 20:26 ` cvs-commit at gcc dot gnu.org
` (5 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-11 19:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
anlauf at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |anlauf at gcc dot gnu.org
Status|NEW |ASSIGNED
--- Comment #5 from anlauf at gcc dot gnu.org ---
Submitted: https://gcc.gnu.org/pipermail/fortran/2023-July/059587.html
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (4 preceding siblings ...)
2023-07-11 19:40 ` anlauf at gcc dot gnu.org
@ 2023-07-11 20:26 ` cvs-commit at gcc dot gnu.org
2023-07-13 17:38 ` anlauf at gcc dot gnu.org
` (4 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-07-11 20:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #6 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Harald Anlauf <anlauf@gcc.gnu.org>:
https://gcc.gnu.org/g:3b2c523ae31b68fc3b8363b458a55eec53a44365
commit r14-2439-g3b2c523ae31b68fc3b8363b458a55eec53a44365
Author: Harald Anlauf <anlauf@gmx.de>
Date: Tue Jul 11 21:21:25 2023 +0200
Fortran: formal symbol attributes for intrinsic procedures [PR110288]
gcc/fortran/ChangeLog:
PR fortran/110288
* symbol.cc (gfc_copy_formal_args_intr): When deriving the formal
argument attributes from the actual ones for intrinsic procedure
calls, take special care of CHARACTER arguments that we do not
wrongly treat them formally as deferred-length.
gcc/testsuite/ChangeLog:
PR fortran/110288
* gfortran.dg/findloc_10.f90: New test.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (5 preceding siblings ...)
2023-07-11 20:26 ` cvs-commit at gcc dot gnu.org
@ 2023-07-13 17:38 ` anlauf at gcc dot gnu.org
2023-07-14 18:27 ` cvs-commit at gcc dot gnu.org
` (3 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-13 17:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #7 from anlauf at gcc dot gnu.org ---
The fix for FINDLOC also fixes the same regression for MINLOC, MAXLOC.
There is another issue for MINVAL and MAXVAL that exists already in
10-branch, thus not a regression. I get at runtime:
a.out: ../../../gcc-10/libgfortran/generated/maxval0_s1.c:68: maxval0_s1:
Assertion `xlen == len' failed.
Thus should be tracked separately.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (6 preceding siblings ...)
2023-07-13 17:38 ` anlauf at gcc dot gnu.org
@ 2023-07-14 18:27 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:32 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-07-14 18:27 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #8 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-13 branch has been updated by Harald Anlauf
<anlauf@gcc.gnu.org>:
https://gcc.gnu.org/g:447dd2924e43884d798d8c40765cbfddd0fde0ae
commit r13-7564-g447dd2924e43884d798d8c40765cbfddd0fde0ae
Author: Harald Anlauf <anlauf@gmx.de>
Date: Tue Jul 11 21:21:25 2023 +0200
Fortran: formal symbol attributes for intrinsic procedures [PR110288]
gcc/fortran/ChangeLog:
PR fortran/110288
* symbol.cc (gfc_copy_formal_args_intr): When deriving the formal
argument attributes from the actual ones for intrinsic procedure
calls, take special care of CHARACTER arguments that we do not
wrongly treat them formally as deferred-length.
gcc/testsuite/ChangeLog:
PR fortran/110288
* gfortran.dg/findloc_10.f90: New test.
(cherry picked from commit 3b2c523ae31b68fc3b8363b458a55eec53a44365)
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (7 preceding siblings ...)
2023-07-14 18:27 ` cvs-commit at gcc dot gnu.org
@ 2023-07-14 18:32 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:35 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:39 ` anlauf at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-07-14 18:32 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #9 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-12 branch has been updated by Harald Anlauf
<anlauf@gcc.gnu.org>:
https://gcc.gnu.org/g:995c717500c368c5aec7889dfa047cff7cb0139b
commit r12-9773-g995c717500c368c5aec7889dfa047cff7cb0139b
Author: Harald Anlauf <anlauf@gmx.de>
Date: Tue Jul 11 21:21:25 2023 +0200
Fortran: formal symbol attributes for intrinsic procedures [PR110288]
gcc/fortran/ChangeLog:
PR fortran/110288
* symbol.cc (gfc_copy_formal_args_intr): When deriving the formal
argument attributes from the actual ones for intrinsic procedure
calls, take special care of CHARACTER arguments that we do not
wrongly treat them formally as deferred-length.
gcc/testsuite/ChangeLog:
PR fortran/110288
* gfortran.dg/findloc_10.f90: New test.
(cherry picked from commit 3b2c523ae31b68fc3b8363b458a55eec53a44365)
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (8 preceding siblings ...)
2023-07-14 18:32 ` cvs-commit at gcc dot gnu.org
@ 2023-07-14 18:35 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:39 ` anlauf at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-07-14 18:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
--- Comment #10 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-11 branch has been updated by Harald Anlauf
<anlauf@gcc.gnu.org>:
https://gcc.gnu.org/g:a348245bfb018f02b36d22575380b34aef58f52c
commit r11-10910-ga348245bfb018f02b36d22575380b34aef58f52c
Author: Harald Anlauf <anlauf@gmx.de>
Date: Tue Jul 11 21:21:25 2023 +0200
Fortran: formal symbol attributes for intrinsic procedures [PR110288]
gcc/fortran/ChangeLog:
PR fortran/110288
* symbol.c (gfc_copy_formal_args_intr): When deriving the formal
argument attributes from the actual ones for intrinsic procedure
calls, take special care of CHARACTER arguments that we do not
wrongly treat them formally as deferred-length.
gcc/testsuite/ChangeLog:
PR fortran/110288
* gfortran.dg/findloc_10.f90: New test.
(cherry picked from commit 3b2c523ae31b68fc3b8363b458a55eec53a44365)
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug fortran/110288] [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
` (9 preceding siblings ...)
2023-07-14 18:35 ` cvs-commit at gcc dot gnu.org
@ 2023-07-14 18:39 ` anlauf at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: anlauf at gcc dot gnu.org @ 2023-07-14 18:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110288
anlauf at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #11 from anlauf at gcc dot gnu.org ---
Fixed for gcc-14, and backported to affected branches. Closing.
Thanks for the report!
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2023-07-14 18:40 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-16 14:46 [Bug fortran/110288] New: [11/12/13] Regression: segfault in findloc with allocatable array of allocatable characters zed.three at gmail dot com
2023-06-16 16:38 ` [Bug fortran/110288] [11/12/13/14] " anlauf at gcc dot gnu.org
2023-07-09 20:38 ` anlauf at gcc dot gnu.org
2023-07-10 20:50 ` anlauf at gcc dot gnu.org
2023-07-11 18:21 ` anlauf at gcc dot gnu.org
2023-07-11 19:40 ` anlauf at gcc dot gnu.org
2023-07-11 20:26 ` cvs-commit at gcc dot gnu.org
2023-07-13 17:38 ` anlauf at gcc dot gnu.org
2023-07-14 18:27 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:32 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:35 ` cvs-commit at gcc dot gnu.org
2023-07-14 18:39 ` anlauf at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).