public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name
@ 2015-03-25 18:26 tkoenig at gcc dot gnu.org
2015-03-25 18:37 ` [Bug libfortran/65563] " dominiq at lps dot ens.fr
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: tkoenig at gcc dot gnu.org @ 2015-03-25 18:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Bug ID: 65563
Summary: Segfault on reopening fort.xxx file with explicit name
Product: gcc
Version: 5.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libfortran
Assignee: unassigned at gcc dot gnu.org
Reporter: tkoenig at gcc dot gnu.org
This is inspired by
https://stackoverflow.com/questions/29238857/fortran-error-about-eof-marker/
,but is slightly different.
This segfaults:
variable_1 = 0
open(345,iostat=ios, form='unformatted')
read(345, err=37, end=37) variable_1
close(345)
go to 38
37 continue
38 continue
open(522, file="fort.345", form='unformatted')
write(522) variable_1
rewind(522)
close(522)
end program
Backtrace:
#0 0x00007ffff778d42a in strlen () from /lib64/libc.so.6
#1 0x00007ffff778d14e in strdup () from /lib64/libc.so.6
#2 0x00007ffff7ba1eec in _gfortrani_filename_from_unit (n=<optimized out>)
at ../../../trunk/libgfortran/io/unit.c:833
#3 0x00007ffff7ad83af in _gfortrani_show_locus (cmp=0x7fffffffd7f0)
at ../../../trunk/libgfortran/runtime/error.c:266
#4 0x00007ffff7ad8990 in _gfortrani_generate_error
(cmp=cmp@entry=0x7fffffffd7f0,
family=family@entry=5004, message=0x7ffff7bb8b60 "File already opened in
another unit",
message@entry=0x0) at ../../../trunk/libgfortran/runtime/error.c:561
#5 0x00007ffff7b9a1f4 in _gfortrani_new_unit (opp=opp@entry=0x7fffffffd7f0,
u=u@entry=0x6083e0,
flags=flags@entry=0x7fffffffd790) at
../../../trunk/libgfortran/io/open.c:493
#6 0x00007ffff7b9a6ee in already_open (flags=<optimized out>, u=<optimized
out>, opp=<optimized out>)
at ../../../trunk/libgfortran/io/open.c:694
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
@ 2015-03-25 18:37 ` dominiq at lps dot ens.fr
2015-03-25 20:08 ` jvdelisle at gcc dot gnu.org
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: dominiq at lps dot ens.fr @ 2015-03-25 18:37 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Dominique d'Humieres <dominiq at lps dot ens.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Last reconfirmed| |2015-03-25
Ever confirmed|0 |1
--- Comment #1 from Dominique d'Humieres <dominiq at lps dot ens.fr> ---
With 4.8.4, 4.9.5, 4.9.2, 4.9.3, and trunk (5.0), I get the error
At line 8 of file pr65563.f90 (unit = 522, file = '')
Fortran runtime error: File already opened in another unit
However if I compile the test with -fsanitize=address, I get with 4.9x
==91085==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60200000e011 at pc 0x10a40c5d8 bp 0x7fff5580f2a0 sp 0x7fff5580f278
READ of size 2 at 0x60200000e011 thread T0
#0 0x10a40c5d7 (/opt/gcc/gcc4.9wr/lib/libasan.1.dylib+0x175d7)
#1 0x7fff8bd20f01 (/usr/lib/system/libsystem_c.dylib+0x45f01)
#2 0x7fff8bd499ae (/usr/lib/system/libsystem_c.dylib+0x6e9ae)
#3 0x7fff8bd2e154 (/usr/lib/system/libsystem_c.dylib+0x53154)
#4 0x7fff8bd2e209 (/usr/lib/system/libsystem_c.dylib+0x53209)
#5 0x10b0a4dca (/opt/gcc/gcc4.9wr/lib/libgfortran.3.dylib+0x2dca)
0x60200000e011 is located 0 bytes to the right of 1-byte region
[0x60200000e010,0x60200000e011)
allocated by thread T0 here:
#0 0x10a412a06 (/opt/gcc/gcc4.9wr/lib/libasan.1.dylib+0x1da06)
#1 0x10b0a5c24 (/opt/gcc/gcc4.9wr/lib/libgfortran.3.dylib+0x3c24)
Shadow bytes around the buggy address:
0x1c0400001bb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400001bc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400001bd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400001be0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400001bf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x1c0400001c00: fa fa[01]fa fa fa 00 fa fa fa 06 fa fa fa 06 fa
0x1c0400001c10: fa fa 05 fa fa fa 00 06 fa fa 00 00 fa fa 03 fa
0x1c0400001c20: fa fa 00 06 fa fa 00 07 fa fa 00 fa fa fa 00 00
0x1c0400001c30: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00
0x1c0400001c40: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00
0x1c0400001c50: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00
while I get the above error with 4.8 and 5.0 (clean or patched trees).
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
2015-03-25 18:37 ` [Bug libfortran/65563] " dominiq at lps dot ens.fr
@ 2015-03-25 20:08 ` jvdelisle at gcc dot gnu.org
2015-03-28 19:33 ` jvdelisle at gcc dot gnu.org
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jvdelisle at gcc dot gnu.org @ 2015-03-25 20:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Jerry DeLisle <jvdelisle at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jvdelisle at gcc dot gnu.org
Assignee|unassigned at gcc dot gnu.org |jvdelisle at gcc dot gnu.org
--- Comment #2 from Jerry DeLisle <jvdelisle at gcc dot gnu.org> ---
It never ceases to amaze me. :) I will look into this.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
2015-03-25 18:37 ` [Bug libfortran/65563] " dominiq at lps dot ens.fr
2015-03-25 20:08 ` jvdelisle at gcc dot gnu.org
@ 2015-03-28 19:33 ` jvdelisle at gcc dot gnu.org
2015-03-28 22:31 ` mikael at gcc dot gnu.org
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jvdelisle at gcc dot gnu.org @ 2015-03-28 19:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Jerry DeLisle <jvdelisle at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|jvdelisle at gcc dot gnu.org |unassigned at gcc dot gnu.org
--- Comment #4 from Jerry DeLisle <jvdelisle at gcc dot gnu.org> ---
Thomas, maybe you will have to hunt for this. Unassigning myself
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
` (2 preceding siblings ...)
2015-03-28 19:33 ` jvdelisle at gcc dot gnu.org
@ 2015-03-28 22:31 ` mikael at gcc dot gnu.org
2015-03-29 14:33 ` tkoenig at gcc dot gnu.org
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: mikael at gcc dot gnu.org @ 2015-03-28 22:31 UTC (permalink / raw)
To: gcc-bugs
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="UTF-8", Size: 3313 bytes --]
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Mikael Morin <mikael at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mikael at gcc dot gnu.org
--- Comment #5 from Mikael Morin <mikael at gcc dot gnu.org> ---
Maybe this works?
Index: io/open.c
===================================================================
--- io/open.c (révision 221654)
+++ io/open.c (copie de travail)
@@ -595,6 +595,8 @@ new_unit (st_parameter_open *opp, gfc_unit *u, uni
u->strm_pos = stell (u->s) + 1;
}
+ free (u->filename);
+ u->filename = NULL;
u->filename = fc_strdup (opp->file, opp->file_len);
/* Curiously, the standard requires that the
@@ -666,8 +668,6 @@ already_open (st_parameter_open *opp, gfc_unit * u
if (u->filename && u->flags.status == STATUS_SCRATCH)
unlink (u->filename);
#endif
- free (u->filename);
- u->filename = NULL;
u = new_unit (opp, u, flags);
if (u != NULL)
>From gcc-bugs-return-482153-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Sat Mar 28 20:03:20 2015
Return-Path: <gcc-bugs-return-482153-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Delivered-To: listarch-gcc-bugs@gcc.gnu.org
Received: (qmail 115699 invoked by alias); 28 Mar 2015 20:03:20 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Delivered-To: mailing list gcc-bugs@gcc.gnu.org
Received: (qmail 115597 invoked by uid 48); 28 Mar 2015 20:03:11 -0000
From: "mikael at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
Date: Sat, 28 Mar 2015 23:15:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: libfortran
X-Bugzilla-Version: 5.0
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: mikael at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-65563-4-vIZiPphqAV@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-65563-4@http.gcc.gnu.org/bugzilla/>
References: <bug-65563-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-03/txt/msg03297.txt.bz2
Content-length: 401
https://gcc.gnu.org/bugzilla/show_bug.cgi?ide563
--- Comment #6 from Mikael Morin <mikael at gcc dot gnu.org> ---
(In reply to Jerry DeLisle from comment #3)
> I cannot reproduce this on trunk (5.0) and I get nothing with
> -fsanitizedress
> accept the error message. This is on x86-64-linux.
>
Same here. I do get a segfault with the system libgfortran (4.8.3), not with
trunk (unpatched).
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
` (3 preceding siblings ...)
2015-03-28 22:31 ` mikael at gcc dot gnu.org
@ 2015-03-29 14:33 ` tkoenig at gcc dot gnu.org
2015-03-29 15:57 ` tkoenig at gcc dot gnu.org
2015-03-29 16:31 ` tkoenig at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: tkoenig at gcc dot gnu.org @ 2015-03-29 14:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
--- Comment #7 from Thomas Koenig <tkoenig at gcc dot gnu.org> ---
I upgraded to recent trunk (which I hadn't done for some time) and found that I
can no longer reproduce the error with 5.0.
So I'll make this into a test case and commit this as obvious, to make sure no
regressions come up.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
` (4 preceding siblings ...)
2015-03-29 14:33 ` tkoenig at gcc dot gnu.org
@ 2015-03-29 15:57 ` tkoenig at gcc dot gnu.org
2015-03-29 16:31 ` tkoenig at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: tkoenig at gcc dot gnu.org @ 2015-03-29 15:57 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
Thomas Koenig <tkoenig at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #8 from Thomas Koenig <tkoenig at gcc dot gnu.org> ---
Test case committed, resolving as FIXED.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libfortran/65563] Segfault on reopening fort.xxx file with explicit name
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
` (5 preceding siblings ...)
2015-03-29 15:57 ` tkoenig at gcc dot gnu.org
@ 2015-03-29 16:31 ` tkoenig at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: tkoenig at gcc dot gnu.org @ 2015-03-29 16:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65563
--- Comment #9 from Thomas Koenig <tkoenig at gcc dot gnu.org> ---
Author: tkoenig
Date: Sun Mar 29 14:33:09 2015
New Revision: 221762
URL: https://gcc.gnu.org/viewcvs?rev=221762&root=gcc&view=rev
Log:
2015-03-29 Thomas Koenig <tkoenig@gcc.gnu.org>
PR libgfortran/65563
Refer to correct PR in ChangeLog.
Modified:
trunk/gcc/testsuite/ChangeLog
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2015-03-29 14:33 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-25 18:26 [Bug libfortran/65563] New: Segfault on reopening fort.xxx file with explicit name tkoenig at gcc dot gnu.org
2015-03-25 18:37 ` [Bug libfortran/65563] " dominiq at lps dot ens.fr
2015-03-25 20:08 ` jvdelisle at gcc dot gnu.org
2015-03-28 19:33 ` jvdelisle at gcc dot gnu.org
2015-03-28 22:31 ` mikael at gcc dot gnu.org
2015-03-29 14:33 ` tkoenig at gcc dot gnu.org
2015-03-29 15:57 ` tkoenig at gcc dot gnu.org
2015-03-29 16:31 ` tkoenig at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).