User account creation filtered due to spam.

Bug 32594 - substring simplification leads to ICE
Summary: substring simplification leads to ICE
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: fortran (show other bugs)
Version: 4.3.0
: P3 normal
Target Milestone: ---
Assignee: Francois-Xavier Coudert
URL: http://gcc.gnu.org/ml/gcc-patches/200...
Keywords: ice-on-valid-code, patch
Depends on:
Blocks: 32834
  Show dependency treegraph
 
Reported: 2007-07-02 18:49 UTC by Al Greynolds
Modified: 2007-08-14 12:47 UTC (History)
3 users (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail: 4.1.2 4.2.1 4.3.0
Last reconfirmed: 2007-08-13 23:48:53


Attachments
source code that causes ICE: bus error (1.87 KB, application/zip)
2007-07-02 18:51 UTC, Al Greynolds
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Al Greynolds 2007-07-02 18:49:42 UTC
Originally thought was related to 31609 bug but may be new

gfortran -c utility.f9
Comment 1 Al Greynolds 2007-07-02 18:51:23 UTC
Created attachment 13828 [details]
source code that causes ICE: bus error

zip containing 2 include and 1 f90 file
Comment 2 Daniel Franke 2007-07-02 19:31:02 UTC
Simplified testcase and backtrace (4.3, 20070702):

function EvaluateMath(expr)
  character(*), intent(in) :: expr
  character(*), parameter  :: chrs='-+.0123456789eEdD'

  LOGICAL :: tmp
  tmp = (index(chrs(14:), "xxx") > 0)
end


Backtrace:

Program received signal SIGSEGV, Segmentation fault.
gfc_extract_int (expr=0x0, result=0xbfb25b84) at ../../../gcc/gcc/fortran/expr.c:252
252       if (expr->expr_type != EXPR_CONSTANT)
(gdb) bt
#0  gfc_extract_int (expr=0x0, result=0xbfb25b84) at ../../../gcc/gcc/fortran/expr.c:252
#1  0x08067087 in gfc_simplify_expr (p=0x8934270, type=0) at ../../../gcc/gcc/fortran/expr.c:1516
#2  0x080671a5 in gfc_simplify_expr (p=0x89340e0, type=0) at ../../../gcc/gcc/fortran/expr.c:1496
#3  0x080671d4 in gfc_simplify_expr (p=0x8934500, type=0) at ../../../gcc/gcc/fortran/expr.c:779
#4  0x0809da90 in resolve_operator (e=0x8934500) at ../../../gcc/gcc/fortran/resolve.c:2830
#5  0x0809a88c in gfc_resolve_expr (e=0x8934500) at ../../../gcc/gcc/fortran/resolve.c:3768
#6  0x0809ec7a in resolve_code (code=0x8934570, ns=0x8933208) at ../../../gcc/gcc/fortran/resolve.c:5649
#7  0x080a075c in resolve_codes (ns=0x8933208) at ../../../gcc/gcc/fortran/resolve.c:8298
#8  0x080a0793 in gfc_resolve (ns=0x8933208) at ../../../gcc/gcc/fortran/resolve.c:8317
#9  0x08092e10 in gfc_parse_file () at ../../../gcc/gcc/fortran/parse.c:3263
#10 0x080b7efd in gfc_be_parse_file (set_yydebug=0) at ../../../gcc/gcc/fortran/f95-lang.c:301
#11 0x08328ac8 in toplev_main (argc=2, argv=0xbfb26094) at ../../../gcc/gcc/toplev.c:1051
#12 0x080fec6f in main (argc=Cannot access memory at address 0x80000000
) at ../../../gcc/gcc/main.c:35
Comment 3 Francois-Xavier Coudert 2007-07-04 07:47:17 UTC
I think it's due to the fact that there is no simplification done for INDEX (in simplify.c).
Comment 4 Francois-Xavier Coudert 2007-07-04 14:36:19 UTC
Please forget comment #3. The reason for the ICE is that substring simplification was written without taking into account the possibility of foo(14:) or foo(:14), ie one of the substring bounds being implicit. The following patch fixes it, I'm regtesting and will try to write a few more testcases before submitting it for review:

Index: expr.c
===================================================================
--- expr.c      (revision 126249)
+++ expr.c      (working copy)
@@ -1503,9 +1503,19 @@ gfc_simplify_expr (gfc_expr *p, int type
          char *s;
          int start, end;
 
-         gfc_extract_int (p->ref->u.ss.start, &start);
-         start--;  /* Convert from one-based to zero-based.  */
-         gfc_extract_int (p->ref->u.ss.end, &end);
+         if (p->ref->u.ss.start)
+         {
+           gfc_extract_int (p->ref->u.ss.start, &start);
+           start--;  /* Convert from one-based to zero-based.  */
+         }
+         else
+           start = 0;
+
+         if (p->ref->u.ss.end)
+           gfc_extract_int (p->ref->u.ss.end, &end);
+         else
+           end = p->value.character.length - 1;
+
          s = gfc_getmem (end - start + 2);
          memcpy (s, p->value.character.string + start, end - start);
          s[end - start + 1] = '\0';  /* TODO: C-style string.  */
Comment 5 Francois-Xavier Coudert 2007-07-10 22:44:20 UTC
It's a larger problem. The patch above avoids this ICE, but we have another one when using substring references of type string(:). The following code, with patched compiler, yields the other ICE:

  character(*), parameter  :: chrs = '-+.0123456789eEdD'
  character(*), parameter  :: expr = '-+.0123456789eEdD'
  print *, index(chrs(:), expr)
  print *, index(chrs(14:), expr)
  print *, index(chrs(:12), expr)
  print *, index(chrs, expr(:))
  print *, index(chrs, expr(1:))
  print *, index(chrs, expr(:1))

contains
  function foo(expr)
    character(*), intent(in) :: expr
    character(*), parameter  :: chrs = '-+.0123456789eEdD'
    integer :: foo
  
    foo = index(chrs(:), expr)
    foo = index(chrs(14:), expr)
    foo = index(chrs(:12), expr)
    foo = index(chrs, expr(:))
    foo = index(chrs, expr(1:))
    foo = index(chrs, expr(:1))
  end function foo
end

This is because expr->ref is NULL in that later case (there's a comment somewhere to that effect), which is not dealt with later during translation.
Comment 6 Francois-Xavier Coudert 2007-08-13 23:48:52 UTC
A complete patch (for both original problem and a few other ones discovered while preparing the testcase) was submitted here: http://gcc.gnu.org/ml/gcc-patches/2007-08/msg00834.html
Comment 7 patchapp@dberlin.org 2007-08-13 23:50:34 UTC
Subject: Bug number PR32594

A patch for this bug has been added to the patch tracker.
The mailing list url for the patch is http://gcc.gnu.org/ml/gcc-patches/2007-08/msg00834.html
Comment 8 Francois-Xavier Coudert 2007-08-14 12:44:38 UTC
Subject: Bug 32594

Author: fxcoudert
Date: Tue Aug 14 12:44:19 2007
New Revision: 127478

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=127478
Log:
	PR fortran/32594

	* trans-expr.c (gfc_conv_substring_expr): Only call
	gfc_conv_substring if expr->ref is not NULL.
	* expr.c (gfc_is_constant_expr): If e->ref is NULL, the substring
	expression might be a constant.
	(gfc_simplify_expr): Handle missing start and end, as well as
	missing ref.

	* gfortran.dg/substr_5.f90: New test.

Added:
    trunk/gcc/testsuite/gfortran.dg/substr_5.f90
Modified:
    trunk/gcc/fortran/ChangeLog
    trunk/gcc/fortran/expr.c
    trunk/gcc/fortran/trans-expr.c
    trunk/gcc/testsuite/ChangeLog

Comment 9 Francois-Xavier Coudert 2007-08-14 12:47:36 UTC
Fixed.