------- Additional Comments From uweigand at gcc dot gnu dot org 2005-05-27
16:05 -------
I'm seeing the failure on s390 as well. What appears to happen is that
the main program calls the library routine
static void
eoshift0 (gfc_array_char * ret, const gfc_array_char * array,
int shift, const char * pbound, int which)
with a correctly set up 'ret' array descriptor, but after the routine
returns, the ret->data pointer has been clobbered to NULL. The main
routine then segfaults when accessing data via that pointer.
The pointer is clobbered by the memcpy in line 165:
while (n--)
{
memcpy (dest, pbound, size);
dest += roffset;
}
which is presumably not intended to overwrite the descriptor. I'm
assuming this is some sort of buffer overflow bug ...
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21594
