[Bug fortran/64699] New: memory corruption with array packing

tkoenig at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Tue Jan 20 20:35:00 GMT 2015 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64699

            Bug ID: 64699
           Summary: memory corruption with array packing
           Product: gcc
           Version: 5.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: fortran
          Assignee: unassigned at gcc dot gnu.org
          Reporter: tkoenig at gcc dot gnu.org

Trying to find some codepaths for PR 57023 to make sure that there
are no new regressions, find a bug...

ig25@linux-fd1f:~/Krempel/Pack> cat int.f90
module mymod
  implicit none
contains
   subroutine foo3(a,n)
     integer, dimension(n,n), intent(inout) :: a
     integer :: n, m
     m = n - 1
     call baz(a(1:m,1:m),n)  ! { dg-warning "array temporary" }
   end subroutine foo3

  subroutine foo4(a,n)
    integer, dimension(n,n), intent(inout) :: a
    integer, intent(in) :: n
    a(1:n,1:n) = 1
  end subroutine foo4

  subroutine baz(a,n)
    integer, dimension(n,n), intent(inout) :: a
    integer, intent(in) :: n
    a = 1
  end subroutine baz

end module mymod

program main
  use mymod
  implicit none
  integer, dimension(5,5) :: a, b
  integer :: n

  n = 5
  a = 0
  call foo3(a,n)
  if (any(a /= b)) call abort

end program main
ig25@linux-fd1f:~/Krempel/Pack> gfortran int.f90
ig25@linux-fd1f:~/Krempel/Pack> ./a.out
*** Error in `./a.out': free(): invalid pointer: 0x0000000000a7cfd0 ***
*** Error in `./a.out': malloc(): memory corruption: 0x0000000000a7d020 ***
ig25@linux-fd1f:~/Krempel/Pack> valgrind ./a.out
==29433== Memcheck, a memory error detector
==29433== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==29433== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==29433== Command: ./a.out
==29433== 
==29433== Invalid write of size 4
==29433==    at 0x40086F: __mymod_MOD_baz (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x4009F7: __mymod_MOD_foo3 (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x400A6C: MAIN__ (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x400B17: main (in /home/ig25/Krempel/Pack/a.out)
==29433==  Address 0x5c60800 is 0 bytes after a block of size 64 alloc'd
==29433==    at 0x4C277AB: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29433==    by 0x4E4F9A6: _gfortrani_xmallocarray (memory.c:67)
==29433==    by 0x4EF2F8A: _gfortrani_internal_pack_4 (in_pack_i4.c:79)
==29433==    by 0x4009E5: __mymod_MOD_foo3 (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x400A6C: MAIN__ (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x400B17: main (in /home/ig25/Krempel/Pack/a.out)
==29433== 
==29433== Conditional jump or move depends on uninitialised value(s)
==29433==    at 0x400ABC: MAIN__ (in /home/ig25/Krempel/Pack/a.out)
==29433==    by 0x400B17: main (in /home/ig25/Krempel/Pack/a.out)
==29433== 

Program aborted. Backtrace:
#0  0x4E50477
#1  0x4E512A2
#2  0x4F225D8
#3  0x400AE0 in MAIN__ at int.f90:?

Looks the same with 4.8, I'm not sure about earlier.

More information about the Gcc-bugs mailing list