[Bug libfortran/81938] New: valgrind error message and heap-buffer-overflow on address sanitized libgfortran.so

zeccav at gmail dot com gcc-bugzilla@gcc.gnu.org
Wed Aug 23 08:56:00 GMT 2017 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81938

            Bug ID: 81938
           Summary: valgrind error message and heap-buffer-overflow on
                    address sanitized libgfortran.so
           Product: gcc
           Version: 8.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libfortran
          Assignee: unassigned at gcc dot gnu.org
          Reporter: zeccav at gmail dot com
  Target Milestone: ---
              Host: x86_64-pc-linux-gnu
             Build: trunk 251201

! test case fmt_cache_1.f
! compiled with -g
! valgrind error message and heap-buffer-overflow on address sanitized
libgfortran.so
      program astap
      implicit none
      character(34) :: teststring
      real(4) :: arlxca = 0.0
      open(10)
      write(10,40) arlxca
      write(10,40) arlxca
40    format(t4,"arlxca = ",1pg13.6,t27,"arlxcc = ",g13.6,t53,
     .            "atmpca = ",g13.6,t79,"atmpcc = ",g13.6,t105,
     .            "backup = ",g13.6,/,
     .         t4,"csgfac = ",g13.6,t27,"csgmax = ",g13.6,t53,
     .            "csgmin = ",g13.6,t79,"drlxca = ",g13.6,t105,
     .            "drlxcc = ",g13.6,/,
     .         t4,"dtimeh = ",g13.6,t27,"dtimei = ",g13.6,t53,
     .            "dtimel = ",g13.6,t79,"dtimeu = ",g13.6,t105,
     .            "dtmpca = ",g13.6,/,
     .         t4,"dtmpcc = ",g13.6,t27,"ebalna = ",g13.6,t53,
     .            "ebalnc = ",g13.6,t79,"ebalsa = ",g13.6,t105,
     .            "ebalsc = ",g13.6)
      rewind 10
      teststring = ""
      read(10,'(a)') teststring
      if (teststring.ne."   arlxca =   0.00000     arlxcc =")call abort
      teststring = ""
      read(10,'(a)') teststring
      if (teststring.ne."   arlxca =   0.00000     arlxcc =")call abort
      close(10, status='delete')
      end program astap


!==5357== Memcheck, a memory error detector
!==5357== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
!==5357== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
!==5357== Command: ./a.out
!==5357==
!==5357== Invalid read of size 4
!==5357==    at 0x5020044: _gfortrani_free_format_data (format.c:269)
!==5357==    by 0x50200D5: _gfortrani_free_format_hash_table (format.c:68)
!==5357==    by 0x5031789: close_unit_1 (unit.c:787)
!==5357==    by 0x400CBD: MAIN__ (p.f:31)
!==5357==    by 0x400CF4: main (p.f:32)
!==5357==  Address 0x5dbdf30 is 0 bytes after a block of size 4,176 alloc'd
!==5357==    at 0x4C2EB6B: malloc (vg_replace_malloc.c:299)
!==5357==    by 0x4E55404: _gfortrani_xmalloc (memory.c:42)
!==5357==    by 0x50203D2: _gfortrani_parse_format (format.c:1318)
!==5357==    by 0x502F727: data_transfer_init (transfer.c:2791)
!==5357==    by 0x400A0B: MAIN__ (p.f:10)
!==5357==    by 0x400CF4: main (p.f:32)
!==5357==
!==5357==
!==5357== HEAP SUMMARY:
!==5357==     in use at exit: 0 bytes in 0 blocks
!==5357==   total heap usage: 31 allocs, 31 frees, 34,795 bytes allocated
!==5357==
!==5357== All heap blocks were freed -- no leaks are possible
!==5357==
!==5357== For counts of detected and suppressed errors, rerun with: -v
!==5357== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

More information about the Gcc-bugs mailing list