Bug 45848 - [OOP] ICE on invalid code in fortran/symbol.c:2410
Summary: [OOP] ICE on invalid code in fortran/symbol.c:2410
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: fortran (show other bugs)
Version: 4.6.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: ice-on-invalid-code
Depends on:
Blocks:
 
Reported: 2010-09-30 20:06 UTC by Harald Anlauf
Modified: 2011-01-13 16:38 UTC (History)
3 users (show)

See Also:
Host: i686-pc-linux-gnu
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2010-10-01 09:24:03


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Harald Anlauf 2010-09-30 20:06:27 UTC
Hi,

the following (invalid) code leads to an ICE:

! Compile with: gfortran -fwhole-file -c gfcbug111.f90
! The "comment line" below appears to have an effect!?

module gfcbug111
!!  use abstract_vector
  implicit none

  type, abstract :: inner_product_class
  end type inner_product_class

  type, extends(inner_product_class) :: trivial_inner_product_type
  end type trivial_inner_product_type

contains

  function my_dot_v_v (this,a,b)
    class(trivial_inner_product_type), intent(in) :: this
    class(vector_class),               intent(in) :: a,b
    real :: my_dot_v_v

    select type (a)
    class is (trivial_vector_type)
       select type (b)
       class is (trivial_vector_type)
       class default
       end select
    class default
    end select
  end function my_dot_v_v
end module gfcbug111


I get:

gfcbug111.f90:18.23:                                                                      

    class(vector_class),               intent(in) :: a,b
                       1                                
Error: Derived type 'vector_class' at (1) is being used before it is defined
gfcbug111.f90:22.33:                                                        

    class is (trivial_vector_type)
                                 1
Error: 'trivial_vector_type' at (1) is not an accessible derived type
gfcbug111.f90:23.22:                                                 

       select type (b)
                      1
Error: Expected TYPE IS, CLASS IS or END SELECT statement following SELECT TYPE at (1)
f951: internal compiler error: Segmentation fault                                     

> gdb /opt/gcc/trunk/libexec/gcc/i686-pc-linux-gnu/4.6.0/f951
GNU gdb (GDB; openSUSE 11.1) 6.8.50.20081120-cvs                                            
Copyright (C) 2008 Free Software Foundation, Inc.                                           
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>               
This is free software: you are free to change and redistribute it.                          
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"                  
and "show warranty" for details.                                                            
This GDB was configured as "i586-suse-linux".                                               
For bug reporting instructions, please see:
<http://bugs.opensuse.org/>...
(gdb) run gfcbug111.f90 -quiet -dumpbase gfcbug111.f90 -mtune=generic -march=pentiumpro -auxbase gfcbug111 -version -fwhole-file -fintrinsic-modules-path /opt/gcc/trunk/lib/gcc/i686-pc-linux-gnu/4.6.0/finclude -o /tmp/ccnYRIzm.s
Starting program: /opt/gcc/trunk/libexec/gcc/i686-pc-linux-gnu/4.6.0/f951 gfcbug111.f90 -quiet -dumpbase gfcbug111.f90 -mtune=generic -march=pentiumpro -auxbase gfcbug111 -version -fwhole-file -fintrinsic-modules-path /opt/gcc/trunk/lib/gcc/i686-pc-linux-gnu/4.6.0/finclude -o /tmp/ccnYRIzm.s
GNU Fortran (GCC) version 4.6.0 20100929 (experimental) (i686-pc-linux-gnu)
        compiled by GNU C version 4.6.0 20100929 (experimental), GMP version 4.2.3, MPFR version 2.3.2, MPC version 0.8.2
GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096
GNU Fortran (GCC) version 4.6.0 20100929 (experimental) (i686-pc-linux-gnu)
        compiled by GNU C version 4.6.0 20100929 (experimental), GMP version 4.2.3, MPFR version 2.3.2, MPC version 0.8.2
GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096
gfcbug111.f90:18.23:

    class(vector_class),               intent(in) :: a,b
                       1
Error: Derived type 'vector_class' at (1) is being used before it is defined
gfcbug111.f90:22.33:

    class is (trivial_vector_type)
                                 1
Error: 'trivial_vector_type' at (1) is not an accessible derived type
gfcbug111.f90:23.22:

       select type (b)
                      1
Error: Expected TYPE IS, CLASS IS or END SELECT statement following SELECT TYPE at (1)

Program received signal SIGSEGV, Segmentation fault.
gfc_find_symtree (st=0x7e1, name=0xbfffe120 "class")
    at ../../trunk/gcc/fortran/symbol.c:2410
2410          c = strcmp (name, st->name);
(gdb) where
#0  gfc_find_symtree (st=0x7e1, name=0xbfffe120 "class")
    at ../../trunk/gcc/fortran/symbol.c:2410
#1  0x08160f8e in gfc_find_sym_tree (name=0xbfffe120 "class", ns=0x8cd9048, parent_flag=0,
    result=0xbfffe0ec) at ../../trunk/gcc/fortran/symbol.c:2631
#2  0x0816125c in gfc_get_ha_sym_tree (name=0xbfffe120 "class", result=0xbfffe198)
    at ../../trunk/gcc/fortran/symbol.c:2800
#3  0x0811cdc4 in gfc_match_sym_tree (matched_symbol=0xbfffe198, host_assoc=1)
    at ../../trunk/gcc/fortran/match.c:678
#4  0xbfffe120 in ?? ()
(gdb)


> /opt/gcc/trunk/bin/gfortran -vUsing built-in specs.
COLLECT_GCC=/opt/gcc/trunk/bin/gfortran
COLLECT_LTO_WRAPPER=/opt/gcc/trunk/libexec/gcc/i686-pc-linux-gnu/4.6.0/lto-wrapper
Target: i686-pc-linux-gnu
Configured with: ../trunk/configure --enable-languages=c,fortran --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk : (reconfigured) ../trunk/configure --enable-languages=c,fortran --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk : (reconfigured) ../trunk/configure --enable-languages=c,fortran --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk : (reconfigured) ../trunk/configure --enable-languages=c,fortran --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk : (reconfigured) ../trunk/configure --enable-languages=c,fortran --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion : (reconfigured) ../trunk/configure --with-libelf=/usr/local --with-system-zlib --prefix=/opt/gcc/trunk --enable-languages=c,fortran,lto --no-create --no-recursion
Thread model: posix
gcc version 4.6.0 20100929 (experimental) (GCC)


It is funny that if I remove the comment line !! use ...
I get a compiler that appears to compile endlessly...

Cheers,
-ha
Comment 1 janus 2010-10-01 09:24:03 UTC
Confirmed. Valgrind shows lots of errors, e.g.:

==1988== Invalid write of size 8
==1988==    at 0x519596: next_statement (parse.c:891)
==1988==    by 0x51CBB8: parse_executable (parse.c:3616)
==1988==    by 0x51BE94: parse_select_type_block (parse.c:2986)
==1988==    by 0x51CC63: parse_executable (parse.c:3678)
==1988==    by 0x51D33C: parse_progunit (parse.c:3948)
==1988==    by 0x51D13A: parse_contained (parse.c:3862)
==1988==    by 0x51D6F6: parse_module (parse.c:4118)
==1988==    by 0x51DD52: gfc_parse_file (parse.c:4345)
==1988==    by 0x562BF5: gfc_be_parse_file (f95-lang.c:242)
==1988==    by 0xA3E740: compile_file (toplev.c:939)
==1988==    by 0xA40C8E: do_compile (toplev.c:2379)
==1988==    by 0xA40D5C: toplev_main (toplev.c:2420)
==1988==  Address 0x5d81f00 is 1,856 bytes inside a block of size 2,552 free'd
==1988==    at 0x4C280BD: free (vg_replace_malloc.c:366)
==1988==    by 0x507FB1: gfc_free (misc.c:51)
==1988==    by 0x50558F: free_case (match.c:4338)
==1988==    by 0x5055B7: gfc_free_case_list (match.c:4352)
==1988==    by 0x552C5F: gfc_free_statement (st.c:133)
==1988==    by 0x5198AA: undo_new_statement (parse.c:1077)
==1988==    by 0x51A262: reject_statement (parse.c:1664)
==1988==    by 0x51BE51: parse_select_type_block (parse.c:2975)
==1988==    by 0x51CC63: parse_executable (parse.c:3678)
==1988==    by 0x51D33C: parse_progunit (parse.c:3948)
==1988==    by 0x51D13A: parse_contained (parse.c:3862)
==1988==    by 0x51D6F6: parse_module (parse.c:4118)
==1988== 
==1988== Invalid read of size 8
==1988==    at 0x51BF2B: parse_select_type_block (parse.c:3016)
==1988==    by 0x51CC63: parse_executable (parse.c:3678)
==1988==    by 0x51D33C: parse_progunit (parse.c:3948)
==1988==    by 0x51D13A: parse_contained (parse.c:3862)
==1988==    by 0x51D6F6: parse_module (parse.c:4118)
==1988==    by 0x51DD52: gfc_parse_file (parse.c:4345)
==1988==    by 0x562BF5: gfc_be_parse_file (f95-lang.c:242)
==1988==    by 0xA3E740: compile_file (toplev.c:939)
==1988==    by 0xA40C8E: do_compile (toplev.c:2379)
==1988==    by 0xA40D5C: toplev_main (toplev.c:2420)
==1988==    by 0x5F5453: main (main.c:36)
==1988==  Address 0x5d81ff0 is 2,096 bytes inside a block of size 2,552 free'd
==1988==    at 0x4C280BD: free (vg_replace_malloc.c:366)
==1988==    by 0x507FB1: gfc_free (misc.c:51)
==1988==    by 0x50558F: free_case (match.c:4338)
==1988==    by 0x5055B7: gfc_free_case_list (match.c:4352)
==1988==    by 0x552C5F: gfc_free_statement (st.c:133)
==1988==    by 0x5198AA: undo_new_statement (parse.c:1077)
==1988==    by 0x51A262: reject_statement (parse.c:1664)
==1988==    by 0x51BE51: parse_select_type_block (parse.c:2975)
==1988==    by 0x51CC63: parse_executable (parse.c:3678)
==1988==    by 0x51D33C: parse_progunit (parse.c:3948)
==1988==    by 0x51D13A: parse_contained (parse.c:3862)
==1988==    by 0x51D6F6: parse_module (parse.c:4118)
Comment 2 Mikael Morin 2010-10-01 13:34:46 UTC
gfc_match_select_type has: 

  new_st.op = EXEC_SELECT_TYPE;
  new_st.expr1 = expr1;
  new_st.expr2 = expr2;
  new_st.ext.block.ns = gfc_current_ns;



gfc_free_statement has:

    case EXEC_SELECT:
    case EXEC_SELECT_TYPE:
      if (p->ext.case_list)
	gfc_free_case_list (p->ext.case_list);
      break;


as gfc_code.ext is an union, gfc_free_case_list (p->ext.case_list) is actually gfc_free_case_list (p->ext.block.ns)
Comment 3 Tobias Burnus 2011-01-13 16:32:43 UTC
Author: burnus
Date: Thu Jan 13 16:32:33 2011
New Revision: 168753

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=168753
Log:
2011-01-13  Tobias Burnus  <burnus@net-b.de>
            Mikael Morin  <mikael@gcc.gnu.org>

        PR fortran/45848
        PR fortran/47204
        * gfortran.h (gfc_code): Move union ext's case_list into
        the struct block.
        * dump-parse-tree.c (show_code_node): Adapt by prefixing
        * case_list
        by "block.".
        * frontend-passes.c (gfc_code_walker): Ditto.
        * match.c (gfc_match_goto, gfc_match_call, gfc_match_case,
        gfc_match_type_is, gfc_match_class_is): Ditto.
        * resolve.c (resolve_select, resolve_select_type): Ditto.
        * st.c (gfc_free_statement): Ditto.
        * trans-stmt.c (gfc_trans_integer_select,
        * gfc_trans_logical_select,
        gfc_trans_character_select): Ditto.
        * parse.c (resolve_all_program_units): For error recovery, avoid
        segfault is proc_name is NULL.

2011-01-13  Tobias Burnus  <burnus@net-b.de>
            Mikael Morin  <mikael@gcc.gnu.org>

        PR fortran/45848
        PR fortran/47204
        * gfortran.dg/select_type_20.f90: New.
        * gfortran.dg/select_type_21.f90: New.


Added:
    trunk/gcc/testsuite/gfortran.dg/select_type_20.f90
    trunk/gcc/testsuite/gfortran.dg/select_type_21.f90
Modified:
    trunk/gcc/fortran/ChangeLog
    trunk/gcc/fortran/dump-parse-tree.c
    trunk/gcc/fortran/frontend-passes.c
    trunk/gcc/fortran/gfortran.h
    trunk/gcc/fortran/match.c
    trunk/gcc/fortran/parse.c
    trunk/gcc/fortran/resolve.c
    trunk/gcc/fortran/st.c
    trunk/gcc/fortran/trans-stmt.c
    trunk/gcc/testsuite/ChangeLog
Comment 4 Tobias Burnus 2011-01-13 16:38:28 UTC
FIXED on the trunk (4.6). Thanks for the report Harald! And thanks for the analysis Mikael!