[Bug fortran/56594] New: Invalid read of size 1 for gfortran.dg/realloc_on_assign_5.f03

dominiq at lps dot ens.fr gcc-bugzilla@gcc.gnu.org
Mon Mar 11 13:28:00 GMT 2013 

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56594

             Bug #: 56594
           Summary: Invalid read of size 1 for
                    gfortran.dg/realloc_on_assign_5.f03
    Classification: Unclassified
           Product: gcc
           Version: 4.8.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: fortran
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: dominiq@lps.ens.fr


Running gfortran.dg/realloc_on_assign_5.f03 under valgrind gives

==32678== Invalid read of size 1
==32678==    at 0x7FFFFFE007D4: ???
==32678==    by 0x100000DA6: MAIN__ (realloc_on_assign_5.f03:15)
==32678==    by 0x100000E60: main (realloc_on_assign_5.f03:18)
==32678==  Address 0x100449541 is 0 bytes after a block of size 1 alloc'd
==32678==    at 0x100012891: realloc (vg_replace_malloc.c:635)
==32678==    by 0x100000D71: MAIN__ (realloc_on_assign_5.f03:15)
==32678==    by 0x100000E60: main (realloc_on_assign_5.f03:18)
==32678== 

Program aborted. Backtrace:
#0  0x10001fe42
#1  0x1000201b2
#2  0x1000f1618
#3  0x100000dfc
#4  0x100000e60
==32678== 
==32678== Process terminating with default action of signal 6 (SIGABRT)
==32678==    at 0x1001DA0B6: __kill (in /usr/lib/libSystem.B.dylib)
==32678==    by 0x100020198: _gfortrani_sys_abort (in
/opt/gcc/gcc4.8w/lib/libgfortran.3.dylib)
==32678==    by 0x100000E60: main (realloc_on_assign_5.f03:18)
==32678== 
==32678== HEAP SUMMARY:
==32678==     in use at exit: 3,822 bytes in 18 blocks
==32678==   total heap usage: 21 allocs, 3 frees, 3,953 bytes allocated
==32678== 
==32678== LEAK SUMMARY:
==32678==    definitely lost: 0 bytes in 0 blocks
==32678==    indirectly lost: 0 bytes in 0 blocks
==32678==      possibly lost: 0 bytes in 0 blocks
==32678==    still reachable: 3,734 bytes in 17 blocks
==32678==         suppressed: 88 bytes in 1 blocks
==32678== Rerun with --leak-check=full to see details of leaked memory
==32678== 
==32678== For counts of detected and suppressed errors, rerun with: -v
==32678== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Abort

The test also aborts at run time when compiled with -fsanitize=address.

Reduced test

program main
  implicit none
  character(:), allocatable :: a, b
  a = 'ax'
  a = a(2:2)
end program main

There is no error if "a = a(2:2)" is replaced with "a = 'x'".

More information about the Gcc-bugs mailing list