This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug fortran/56594] Invalid read of size 1 for gfortran.dg/realloc_on_assign_5.f03
- From: "tilo at tilo-schwarz dot de" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Sun, 17 Mar 2013 19:56:11 +0000
- Subject: [Bug fortran/56594] Invalid read of size 1 for gfortran.dg/realloc_on_assign_5.f03
- Auto-submitted: auto-generated
- References: <bug-56594-4@http.gcc.gnu.org/bugzilla/>
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56594
Tilo Schwarz <tilo@tilo-schwarz.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tilo@tilo-schwarz.de
--- Comment #1 from Tilo Schwarz <tilo@tilo-schwarz.de> 2013-03-17 19:56:11 UTC ---
I think the problem is, that for the line
a = a(2:2)
1st, a is realloced to length one and
2nd, a(2) is memmoved to a(1), but at that time a(2) is already invalid.
Using -fdump-tree-original:
On line 42 the realloc happens to length 1.
On line 50 the memmove happens from &(*a)[2], which is not valid anymore
because of the realloc on line 42.
42 a = (character(kind=1)[1:.a] *) __builtin_realloc ((void *) a, 1);
43 L.4:;
44 .a = 1;
45 D.1827 = .a;
46 if (D.1827 != 0)
47 {
48 if ((character(kind=4)) D.1827 <= 1)
49 {
50 __builtin_memmove ((void *) a, (void *) &(*a)[2]{lb: 1 sz:
1}, (character(kind=4)) D.1827);
51 }