[Bug fortran/79524] [8/9/10/11 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[Bug fortran/79524] [8/9/10/11 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[zeccav at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Vittorio Zecca <zeccav at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |zeccav at gmail dot com

--- Comment #9 from Vittorio Zecca <zeccav at gmail dot com> ---
On sanitized current trunk, note I have line numbers.

~/local/gcc-150221-sanitized/bin/gfortran
~/gcc-150221/gcc/testsuite/gfortran.dg/fimplicit_none_2.f90 -S 
/home/vitti/gcc-150221/gcc/testsuite/gfortran.dg/fimplicit_none_2.f90:5:34:

    5 |    character(*), parameter :: z(2) = [character(n) :: 'x', 'y'] ! {
dg-error "Scalar INTEGER expression expected" }
      |                                  1
Error: Cannot initialize parameter array at (1) with variable length elements
=================================================================
==130180==ERROR: AddressSanitizer: heap-use-after-free on address
0x604000001628 at pc 0x0000008c1918 bp 0x7ffceba92260 sp 0x7ffceba92258
READ of size 8 at 0x604000001628 thread T0
    #0 0x8c1917 in gfc_resolve_expr(gfc_expr*)
../../gcc-150221/gcc/fortran/resolve.c:7079
    #1 0x91d45b in resolve_charlen ../../gcc-150221/gcc/fortran/resolve.c:12436
    #2 0x96f604 in resolve_types ../../gcc-150221/gcc/fortran/resolve.c:17294
    #3 0x970adf in gfc_resolve(gfc_namespace*)
../../gcc-150221/gcc/fortran/resolve.c:17411
    #4 0x81fc90 in resolve_all_program_units
../../gcc-150221/gcc/fortran/parse.c:6290
    #5 0x82229f in gfc_parse_file() ../../gcc-150221/gcc/fortran/parse.c:6542
    #6 0xa64b7c in gfc_be_parse_file
../../gcc-150221/gcc/fortran/f95-lang.c:212
    #7 0x33fa43d in compile_file ../../gcc-150221/gcc/toplev.c:457
    #8 0x34097a2 in do_compile ../../gcc-150221/gcc/toplev.c:2197
    #9 0x340a39f in toplev::main(int, char**)
../../gcc-150221/gcc/toplev.c:2336
    #10 0x7f24cb9 in main ../../gcc-150221/gcc/main.c:39
    #11 0x152cd7c9a1e1 in __libc_start_main (/usr/lib64/libc.so.6+0x281e1)
    #12 0x41958d in _start
(/home/vitti/1TB/local/gcc-150221-sanitized/libexec/gcc/x86_64-pc-linux-gnu/11.0.0/f951+0x41958d)

0x604000001628 is located 24 bytes inside of 48-byte region
[0x604000001610,0x604000001640)
freed by thread T0 here:
    #0 0x152cd8bec797 in __interceptor_free
../../../../gcc-150221/libsanitizer/asan/asan_malloc_linux.cpp:127
    #1 0xa1cd6f in gfc_delete_symtree(gfc_symtree**, char const*)
../../gcc-150221/gcc/fortran/symbol.c:2964
    #2 0xa25801 in gfc_restore_last_undo_checkpoint()
../../gcc-150221/gcc/fortran/symbol.c:3706
    #3 0xa25a5f in gfc_undo_symbols()
../../gcc-150221/gcc/fortran/symbol.c:3739
    #4 0x80175f in reject_statement ../../gcc-150221/gcc/fortran/parse.c:2678
    #5 0x7f2bb0 in match_word ../../gcc-150221/gcc/fortran/parse.c:70
    #6 0x7f445d in decode_statement ../../gcc-150221/gcc/fortran/parse.c:376
    #7 0x7fd6c8 in next_free ../../gcc-150221/gcc/fortran/parse.c:1316
    #8 0x7fe845 in next_statement ../../gcc-150221/gcc/fortran/parse.c:1548
    #9 0x80bfe5 in parse_spec ../../gcc-150221/gcc/fortran/parse.c:3783
    #10 0x81bef7 in parse_progunit ../../gcc-150221/gcc/fortran/parse.c:5896
    #11 0x821732 in gfc_parse_file() ../../gcc-150221/gcc/fortran/parse.c:6437
    #12 0xa64b7c in gfc_be_parse_file
../../gcc-150221/gcc/fortran/f95-lang.c:212
    #13 0x33fa43d in compile_file ../../gcc-150221/gcc/toplev.c:457
    #14 0x34097a2 in do_compile ../../gcc-150221/gcc/toplev.c:2197
    #15 0x340a39f in toplev::main(int, char**)
../../gcc-150221/gcc/toplev.c:2336
    #16 0x7f24cb9 in main ../../gcc-150221/gcc/main.c:39
    #17 0x152cd7c9a1e1 in __libc_start_main (/usr/lib64/libc.so.6+0x281e1)

previously allocated by thread T0 here:
    #0 0x152cd8becc47 in __interceptor_calloc
../../../../gcc-150221/libsanitizer/asan/asan_malloc_linux.cpp:154
    #1 0x83c3e31 in xcalloc ../../gcc-150221/libiberty/xmalloc.c:162
    #2 0xa1cade in gfc_new_symtree(gfc_symtree**, char const*)
../../gcc-150221/gcc/fortran/symbol.c:2934
    #3 0xa20eed in gfc_get_sym_tree(char const*, gfc_namespace*, gfc_symtree**,
bool) ../../gcc-150221/gcc/fortran/symbol.c:3384
    #4 0xa21e11 in gfc_get_ha_sym_tree(char const*, gfc_symtree**)
../../gcc-150221/gcc/fortran/symbol.c:3469
    #5 0x846df0 in gfc_match_rvalue(gfc_expr**)
../../gcc-150221/gcc/fortran/primary.c:3512
    #6 0x7191c4 in match_primary ../../gcc-150221/gcc/fortran/matchexp.c:157
    #7 0x7194a7 in match_level_1 ../../gcc-150221/gcc/fortran/matchexp.c:211
    #8 0x719832 in match_mult_operand
../../gcc-150221/gcc/fortran/matchexp.c:267
    #9 0x71a031 in match_add_operand
../../gcc-150221/gcc/fortran/matchexp.c:356
    #10 0x71a9bd in match_level_2 ../../gcc-150221/gcc/fortran/matchexp.c:480
    #11 0x71af3e in match_level_3 ../../gcc-150221/gcc/fortran/matchexp.c:551
    #12 0x71b368 in match_level_4 ../../gcc-150221/gcc/fortran/matchexp.c:599
    #13 0x71c2f7 in match_and_operand
../../gcc-150221/gcc/fortran/matchexp.c:693
    #14 0x71c5b1 in match_or_operand
../../gcc-150221/gcc/fortran/matchexp.c:722
    #15 0x71c9c2 in match_equiv_operand
../../gcc-150221/gcc/fortran/matchexp.c:765
    #16 0x71cdd3 in match_level_5 ../../gcc-150221/gcc/fortran/matchexp.c:811
    #17 0x71d283 in gfc_match_expr(gfc_expr**)
../../gcc-150221/gcc/fortran/matchexp.c:870
    #18 0x4f8e6b in char_len_param_value
../../gcc-150221/gcc/fortran/decl.c:1072
    #19 0x515d15 in gfc_match_char_spec(gfc_typespec*)
../../gcc-150221/gcc/fortran/decl.c:3431
    #20 0x6e814b in gfc_match_type_spec(gfc_typespec*)
../../gcc-150221/gcc/fortran/match.c:2169
    #21 0x43f26c in gfc_match_array_constructor(gfc_expr**)
../../gcc-150221/gcc/fortran/array.c:1242
    #22 0x7191a7 in match_primary ../../gcc-150221/gcc/fortran/matchexp.c:153
    #23 0x7194a7 in match_level_1 ../../gcc-150221/gcc/fortran/matchexp.c:211
    #24 0x719832 in match_mult_operand
../../gcc-150221/gcc/fortran/matchexp.c:267
    #25 0x71a031 in match_add_operand
../../gcc-150221/gcc/fortran/matchexp.c:356
    #26 0x71a9bd in match_level_2 ../../gcc-150221/gcc/fortran/matchexp.c:480
    #27 0x71af3e in match_level_3 ../../gcc-150221/gcc/fortran/matchexp.c:551
    #28 0x71b368 in match_level_4 ../../gcc-150221/gcc/fortran/matchexp.c:599
    #29 0x71c2f7 in match_and_operand
../../gcc-150221/gcc/fortran/matchexp.c:693

SUMMARY: AddressSanitizer: heap-use-after-free
../../gcc-150221/gcc/fortran/resolve.c:7079 in gfc_resolve_expr(gfc_expr*)
Shadow bytes around the buggy address:
  0x0c087fff8270: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
  0x0c087fff8280: fa fa 00 00 00 00 00 00 fa fa fd fd fd fd fd fd
  0x0c087fff8290: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
  0x0c087fff82a0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fa
  0x0c087fff82b0: fa fa 00 00 00 00 00 00 fa fa fd fd fd fd fd fd
=>0x0c087fff82c0: fa fa fd fd fd[fd]fd fd fa fa 00 00 00 00 00 00
  0x0c087fff82d0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
  0x0c087fff82e0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
  0x0c087fff82f0: fa fa 00 00 00 00 00 00 fa fa fd fd fd fd fd fd
  0x0c087fff8300: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
  0x0c087fff8310: fa fa fd fd fd fd fd fd fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==130180==ABORTING

[Bug fortran/79524] [9/10/11/12 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[jakub at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|8.5                         |9.4

--- Comment #10 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 8 branch is being closed.

[Bug fortran/79524] [9/10/11/12 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|9.4                         |9.5

--- Comment #11 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 9.4 is being released, retargeting bugs to GCC 9.5.

[Bug fortran/79524] [9/10/11/12 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[anlauf at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

anlauf at gcc dot gnu.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |gscfq@t-online.de

--- Comment #12 from anlauf at gcc dot gnu.org ---
*** Bug 101069 has been marked as a duplicate of this bug. ***

[Bug fortran/79524] [10/11/12/13 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|9.5                         |10.4

--- Comment #13 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 9 branch is being closed

[Bug fortran/79524] [10/11/12/13 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[jakub at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|10.4                        |10.5

--- Comment #14 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 10.4 is being released, retargeting bugs to GCC 10.5.

[Bug fortran/79524] [11/12/13/14 Regression] valgrind error for gcc/testsuite/gfortran.dg/fimplicit_none_2.f90

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79524

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|10.5                        |11.5

--- Comment #15 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 10 branch is being closed.