[Bug fortran/83611] New: [PDT] Assignment of parameterized types causes double free error in runtime

pault at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Thu Dec 28 13:51:00 GMT 2017 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83611

            Bug ID: 83611
           Summary: [PDT] Assignment of parameterized types causes double
                    free error in runtime
           Product: gcc
           Version: 8.0
            Status: UNCONFIRMED
          Keywords: ice-on-valid-code
          Severity: normal
          Priority: P3
         Component: fortran
          Assignee: pault at gcc dot gnu.org
          Reporter: pault at gcc dot gnu.org
                CC: berke.durak at gmail dot com
            Blocks: 82173
  Target Milestone: ---

Noticed when working on PR83567.


! { dg-do run }
!
module pdt_m
  implicit none
  type :: vec(k)
     integer, len :: k=3
     integer :: foo(k)=[1,2,3]
  end type vec
end module pdt_m

program test_pdt
  use pdt_m
  implicit none
  type(vec) :: u,v
  v = u
end program test_pdt

[pault@pc30 pr83567]$ ~/irun/bin/gfortran -static-libgfortran test.f90
-fdump-tree-original -g
[pault@pc30 pr83567]$ ./a.out
*** Error in `./a.out': double free or corruption (fasttop): 0x00000000007225d0
***
======= Backtrace: =========
/lib64/libc.so.6(+0x77de5)[0x7f5f72fccde5]
....snip....


The tree-dump:

test_pdt ()
{
  void * restrict D.3781;
  void * restrict D.3782;
  static struct Pdtvec u;
  static struct Pdtvec v;

  try
    {
      u.k = 3;
      u.foo.dim[0].lbound = 1;
      u.foo.dim[0].ubound = 3;
      u.foo.dim[0].stride = 1;
      u.foo.offset = -1;
      D.3782 = (void * restrict) __builtin_malloc (12);
      u.foo.data = D.3782;
      u.foo.dtype = 265;
      v.k = 3;
      v.foo.dim[0].lbound = 1;
      v.foo.dim[0].ubound = 3;
      v.foo.dim[0].stride = 1;
      v.foo.offset = -1;
      D.3781 = (void * restrict) __builtin_malloc (12);
      v.foo.data = D.3781;
      v.foo.dtype = 265;
      v = u;               <<<<<<deep copy of PDTs needed
    }
  finally
    {
      if ((integer(kind=4)[0:] * restrict) v.foo.data != 0B)
        {
          __builtin_free ((void *) v.foo.data);
        }
      v.foo.data = 0B;
      if ((integer(kind=4)[0:] * restrict) u.foo.data != 0B)
        {
          __builtin_free ((void *) u.foo.data);
        }
      u.foo.data = 0B;
    }
}


__attribute__((externally_visible))
main (integer(kind=4) argc, character(kind=1) * * argv)
{
  static integer(kind=4) options.0[7] = {68, 8191, 0, 1, 1, 0, 31};

  _gfortran_set_args (argc, argv);
  _gfortran_set_options (7, &options.0[0]);
  test_pdt ();
  return 0;
}

Note the lack of default initialization too :-(

Some work is needed to copy PDTs and to ensure the initialization.

I'm on to it.

Paul


Referenced Bugs:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82173
[Bug 82173] [meta-bug] Parameterized derived type errors

More information about the Gcc-bugs mailing list