This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug fortran/53379] [4.8/4.9/5 Regression] No backtrace generated for array bounds violation
- From: "Joost.VandeVondele at mat dot ethz.ch" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 02 Dec 2014 11:59:13 +0000
- Subject: [Bug fortran/53379] [4.8/4.9/5 Regression] No backtrace generated for array bounds violation
- Auto-submitted: auto-generated
- References: <bug-53379-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53379
Joost VandeVondele <Joost.VandeVondele at mat dot ethz.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed|2013-12-29 00:00:00 |2014-12-2
CC| |Joost.VandeVondele at mat dot ethz
| |.ch
--- Comment #15 from Joost VandeVondele <Joost.VandeVondele at mat dot ethz.ch> ---
still fails with trunk, while this really was a useful feature.
> cat test.f90
MODULE m1
CONTAINS
SUBROUTINE foo(b)
INTEGER, POINTER :: b(:)
b(-1)=0
END SUBROUTINE foo
END MODULE
USE m1
INTEGER, POINTER :: a(:)
ALLOCATE(a(0:1))
CALL foo(a)
END
> gfortran -g -fbacktrace -fbounds-check test.f90 && ./a.out
At line 5 of file test.f90
Fortran runtime error: Index '-1' of dimension 1 of array 'b' below lower bound
of 0
While if we use -fsanitize=address (at greatly increased cost), we actually get
a Christmas tree with losts of colourful lights:
> gfortran -g -fsanitize=address test.f90 && ./a.out
=================================================================
==32762==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60200000ef8c at pc 0x000000400c17 bp 0x7fff7f4bd220 sp 0x7fff7f4bd218
WRITE of size 4 at 0x60200000ef8c thread T0
#0 0x400c16 in __m1_MOD_foo /data/vjoost/gnu/bugs/test.f90:5
#1 0x400d1a in MAIN__ /data/vjoost/gnu/bugs/test.f90:12
#2 0x400da2 in main /data/vjoost/gnu/bugs/test.f90:9
#3 0x3094e1ed5c in __libc_start_main (/lib64/libc.so.6+0x3094e1ed5c)
#4 0x400a48 (/data/vjoost/gnu/bugs/a.out+0x400a48)
0x60200000ef8c is located 4 bytes to the left of 8-byte region
[0x60200000ef90,0x60200000ef98)
allocated by thread T0 here:
#0 0x7fb401b2ab1a in __interceptor_malloc
../../../../gcc/libsanitizer/asan/asan_malloc_linux.cc:38
#1 0x400cc2 in MAIN__ /data/vjoost/gnu/bugs/test.f90:11
#2 0x400da2 in main /data/vjoost/gnu/bugs/test.f90:9
#3 0x3094e1ed5c in __libc_start_main (/lib64/libc.so.6+0x3094e1ed5c)
SUMMARY: AddressSanitizer: heap-buffer-overflow
/data/vjoost/gnu/bugs/test.f90:5 __m1_MOD_foo
Shadow bytes around the buggy address:
0x0c047fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fff9df0: fa[fa]00 fa fa fa 07 fa fa fa 07 fa fa fa 06 fa
0x0c047fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==32762==ABORTING