Bug 34980 - [4.3 Regression] Segfault in shape given a scalar
Summary: [4.3 Regression] Segfault in shape given a scalar
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: libfortran (show other bugs)
Version: 4.3.0
: P4 normal
Target Milestone: 4.3.0
Assignee: Thomas Koenig
URL: http://gcc.gnu.org/ml/fortran/2008-01...
Keywords: patch, wrong-code
Depends on:
Blocks:
 
Reported: 2008-01-26 06:02 UTC by Jerry DeLisle
Modified: 2008-01-28 19:07 UTC (History)
1 user (show)

See Also:
Host: x86-64-linux-gnu
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2008-01-26 14:28:50


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jerry DeLisle 2008-01-26 06:02:14 UTC
Found this while checking other things:

$ cat test6.f90 
  integer :: foo(3)
  integer :: n
  foo(1) = 17
  foo(2) = 55
  foo(3) = 314
  print *, i, foo
  n = 5
  print *,shape(n)
  print *, n
end
$ gfc test6.f90
[jerry@quasar pr31610]$ ./a.out
           0          17          55         314
Segmentation fault

With gdb:

Program received signal SIGSEGV, Segmentation fault.
0x00002aaaaab3a8c2 in shape_4 (ret=<value optimized out>, 
    array=<value optimized out>)
    at ../../../gcc43/libgfortran/generated/shape_i4.c:53
53            ret->data[n * stride] =

Works OK in 4.2,
Comment 1 Jerry DeLisle 2008-01-26 09:00:32 UTC
Index: libgfortran/generated/shape_i4.c
===================================================================
--- libgfortran/generated/shape_i4.c    (revision 131856)
+++ libgfortran/generated/shape_i4.c    (working copy)
@@ -46,6 +46,8 @@ shape_4 (gfc_array_i4 * const restrict r
   int n;
   index_type stride;
 
+  if (ret->data == NULL)
+    return;
   stride = ret->dim[0].stride;
 
   for (n = 0; n < GFC_DESCRIPTOR_RANK (array); n++)

Something like the above fixes this.  Since this is generated, some m4 magic is needed.  Also it seems that this could be simplified quite a bit in the frontend and not make the call at all.
Comment 2 Richard Biener 2008-01-26 11:36:43 UTC
As usual.
Comment 3 Thomas Koenig 2008-01-26 14:28:50 UTC
From the *.original dump:

      atmp.2.dtype = 265;
      atmp.2.dim[0].stride = 1;
      atmp.2.dim[0].lbound = 0;
      atmp.2.dim[0].ubound = -1;
      atmp.2.data = 0B;

It is probably better to check for this case.

And yes, this needs a bit of m4 hackery :-)
Comment 4 Thomas Koenig 2008-01-26 19:36:11 UTC
This is currently bootstrapping.

$ svn diff
Index: shape.m4
===================================================================
--- shape.m4	(revision 131874)
+++ shape.m4	(working copy)
@@ -49,6 +49,9 @@ shape_'rtype_kind` ('rtype` * const rest
 
   stride = ret->dim[0].stride;
 
+  if (ret->dim[0].ubound < ret->dim[0].lbound)
+    return;
+
   for (n = 0; n < GFC_DESCRIPTOR_RANK (array); n++)
     {
       ret->data[n * stride] =
Comment 5 Tobias Burnus 2008-01-26 21:21:00 UTC
How about the following patch instead (or additionally)?

Index: gcc/fortran/simplify.c
===================================================================
--- gcc/fortran/simplify.c      (Revision 131876)
+++ gcc/fortran/simplify.c      (Arbeitskopie)
@@ -3714,7 +3714,11 @@ gfc_simplify_shape (gfc_expr *source)
   int n;
   try t;

-  if (source->rank == 0 || source->expr_type != EXPR_VARIABLE)
+  if (source->rank == 0)
+    return gfc_start_constructor (BT_INTEGER, gfc_default_integer_kind,
+                                 &source->where);
+
+  if (source->expr_type != EXPR_VARIABLE)
     return NULL;

   result = gfc_start_constructor (BT_INTEGER, gfc_default_integer_kind,
Comment 6 Tobias Burnus 2008-01-28 17:26:41 UTC
Subject: Bug 34980

Author: burnus
Date: Mon Jan 28 17:25:55 2008
New Revision: 131913

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131913
Log:
2008-01-28  Tobias Burnus  <burnus@net-b.de>

    PR libfortran/34980
    * simplify.c (gfc_simplify_shape): Simplify rank zero arrays.


2008-01-28  Thomas Koenig  <tkoenig@gcc.gnu.org>

    PR libfortran/34980
    * gfortran.dg/shape_3.f90:  New test.


Added:
    trunk/gcc/testsuite/gfortran.dg/shape_3.f90
Modified:
    trunk/gcc/fortran/ChangeLog
    trunk/gcc/fortran/simplify.c
    trunk/gcc/testsuite/ChangeLog

Comment 7 Tobias Burnus 2008-01-28 17:39:36 UTC
The commit fixed the SHAPE(scalar) problem in the front end. For the library to do:

a) The following should print "1 0" but it prints "1 -8":

integer :: i,j, a(10,10),res(2)
j = 1
i = 10
res = shape(a(1:1,i:j:1))
print *, res
res = shape(a(1:1,j:i:-1))
print *, res
end


b) The following should be diagnosed with -fbounds-check.
NAG -C=all prints:
Rank 1 of array operand has extent 2 instead of 0

integer :: i,j, a(10,10),res(2)
j = 1
i = 10
res = [42, 24 ]
res(2:j) = shape(a(1:1,i:j))
print *, res
end

I do not know whether one should check this also without -fbounds-check. I think it is not needed; however, the other compilers seem to have such a check as they print "42 24" (i.e. "res" is not modified) whereas gfortran prints "42 1". As it is invalid, both choices are OK.
Comment 8 Thomas Koenig 2008-01-28 19:03:37 UTC
Subject: Bug 34980

Author: tkoenig
Date: Mon Jan 28 19:02:47 2008
New Revision: 131915

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131915
Log:
2008-01-27  Thomas Koenig  <tkoenig@gcc.gnu.org>

	PR libfortran/34980
	* m4/shape.m4:  If return array is empty, return early.
	* generated/shape_i4.c:  Regenerated.
	* generated/shape_i8.c:  Regenerated.
	* generated/shape_i16.c:  Regenerated.


Modified:
    trunk/libgfortran/ChangeLog
    trunk/libgfortran/generated/shape_i16.c
    trunk/libgfortran/generated/shape_i4.c
    trunk/libgfortran/generated/shape_i8.c
    trunk/libgfortran/m4/shape.m4

Comment 9 Thomas Koenig 2008-01-28 19:07:57 UTC
Fixed on trunk.

Closing (so we're one regression down).

(In reply to comment #7)
> The commit fixed the SHAPE(scalar) problem in the front end. 
> a) The following should print "1 0" but it prints "1 -8":
> 
> integer :: i,j, a(10,10),res(2)
> j = 1
> i = 10
> res = shape(a(1:1,i:j:1))
> print *, res
> res = shape(a(1:1,j:i:-1))
> print *, res
> end

Now tracked as PR 35001.


> b) The following should be diagnosed with -fbounds-check.
> NAG -C=all prints:
> Rank 1 of array operand has extent 2 instead of 0
> 
> integer :: i,j, a(10,10),res(2)
> j = 1
> i = 10
> res = [42, 24 ]
> res(2:j) = shape(a(1:1,i:j))
> print *, res
> end

Noted in PR 34670.