intrinsics_kind_argument_1.f90 -O (test for excess errors)

hjl.tools at gmail dot com Wed, 26 Mar 2014 13:47:28 -0700

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60678


            Bug ID: 60678
           Summary: [4.9 Regression] FAIL:
                    gfortran.dg/intrinsics_kind_argument_1.f90  -O  (test
                    for excess errors)
           Product: gcc
           Version: 4.9.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: fortran
          Assignee: unassigned at gcc dot gnu.org
          Reporter: hjl.tools at gmail dot com

spawn -ignore SIGHUP
/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/testsuite/gfortran4/../../gfortran
-B/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/testsuite/gfortran4/../../
-B/export/build/gnu/gcc-asan/build-x86_64-linux/x86_64-unknown-linux-gnu/32/libgfortran/
/export/gnu/import/git/gcc/gcc/testsuite/gfortran.dg/intrinsics_kind_argument_1.f90
-fno-diagnostics-show-caret -fdiagnostics-color=never -O -pedantic-errors -S -o
intrinsics_kind_argument_1.s
=================================================================
==9199==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fffdb25aff0 at pc 0x88f360 bp 0x7fffdb25ada0 sp 0x7fffdb25ad98
WRITE of size 8 at 0x7fffdb25aff0 thread T0
    #0 0x88f35f in gfc_conv_intrinsic_function_args
/export/gnu/import/git/gcc/gcc/fortran/trans-intrinsic.c:244
    #1 0x8b5f34 in gfc_conv_intrinsic_ichar
/export/gnu/import/git/gcc/gcc/fortran/trans-intrinsic.c:4694
    #2 0x8b5f34 in gfc_conv_intrinsic_function(gfc_se*, gfc_expr*)
/export/gnu/import/git/gcc/gcc/fortran/trans-intrinsic.c:6822
    #3 0x86f2a1 in gfc_conv_function_expr
/export/gnu/import/git/gcc/gcc/fortran/trans-expr.c:5559
    #4 0x87019a in gfc_conv_expr(gfc_se*, gfc_expr*)
/export/gnu/import/git/gcc/gcc/fortran/trans-expr.c:6310
    #5 0x87d41b in gfc_conv_expr_reference(gfc_se*, gfc_expr*)
/export/gnu/import/git/gcc/gcc/fortran/trans-expr.c:6445
    #6 0x864d40 in gfc_conv_procedure_call(gfc_se*, gfc_symbol*,
gfc_actual_arglist*, gfc_expr*, vec<tree_node*, va_gc, vl_embed>*)
/export/gnu/import/git/gcc/gcc/fortran/trans-expr.c:4242
    #7 0x8e1d6c in gfc_trans_call(gfc_code*, bool, tree_node*, tree_node*,
bool) /export/gnu/import/git/gcc/gcc/fortran/trans-stmt.c:408
    #8 0x7d9b43 in trans_code
/export/gnu/import/git/gcc/gcc/fortran/trans.c:1717
    #9 0x84dc30 in gfc_generate_function_code(gfc_namespace*)
/export/gnu/import/git/gcc/gcc/fortran/trans-decl.c:5610
    #10 0x735673 in translate_all_program_units
/export/gnu/import/git/gcc/gcc/fortran/parse.c:4535
    #11 0x735673 in gfc_parse_file()
/export/gnu/import/git/gcc/gcc/fortran/parse.c:4732
    #12 0x7c9719 in gfc_be_parse_file
/export/gnu/import/git/gcc/gcc/fortran/f95-lang.c:188
    #13 0x1371cc1 in compile_file /export/gnu/import/git/gcc/gcc/toplev.c:548
    #14 0x1376c2b in do_compile /export/gnu/import/git/gcc/gcc/toplev.c:1914
    #15 0x1376c2b in toplev_main(int, char**)
/export/gnu/import/git/gcc/gcc/toplev.c:1990
    #16 0x3cdda21b44 in __libc_start_main (/lib64/libc.so.6+0x3cdda21b44)
    #17 0x5d2de0
(/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/f951+0x5d2de0)

Address 0x7fffdb25aff0 is located in stack of thread T0 at offset 176 in frame
    #0 0x8b551f in gfc_conv_intrinsic_function(gfc_se*, gfc_expr*)
/export/gnu/import/git/gcc/gcc/fortran/trans-intrinsic.c:6527

  This frame has 7 object(s):
    [32, 40) 'append_args'
    [96, 104) 'len'
    [160, 176) 'args' <== Memory access at offset 176 overflows this variable
    [224, 248) 'args'
    [288, 328) 'ts'
    [384, 464) 'se1'
    [512, 592) 'argse'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow
/export/gnu/import/git/gcc/gcc/fortran/trans-intrinsic.c:244
gfc_conv_intrinsic_function_args
Shadow bytes around the buggy address:
  0x10007b6435a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007b6435b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
  0x10007b6435c0: f1 f1 00 00 00 00 00 00 00 00 00 00 f4 f4 f3 f3
  0x10007b6435d0: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007b6435e0: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f4 f4 f4
=>0x10007b6435f0: f2 f2 f2 f2 00 f4 f4 f4 f2 f2 f2 f2 00 00[f4]f4
  0x10007b643600: f2 f2 f2 f2 00 00 00 f4 f2 f2 f2 f2 00 00 00 00
  0x10007b643610: 00 f4 f4 f4 f2 f2 f2 f2 00 00 00 00 00 00 00 00
  0x10007b643620: 00 00 f4 f4 f2 f2 f2 f2 00 00 00 00 00 00 00 00
  0x10007b643630: 00 00 f4 f4 f3 f3 f3 f3 00 00 00 00 00 00 00 00
  0x10007b643640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==9199==ABORTING

[Bug fortran/60678] New: [4.9 Regression] FAIL: gfortran.dg/intrinsics_kind_argument_1.f90 -O (test for excess errors)

Reply via email to