https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121203
anlauf at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |anlauf at gcc dot gnu.org
Keywords| |wrong-code
Ever confirmed|0 |1
Last reconfirmed| |2025-07-21
Status|UNCONFIRMED |NEW
--- Comment #1 from anlauf at gcc dot gnu.org ---
Confirmed. All versions >= 7 generate wrong code and may crash with
double free or corruption. Can be checked with -fsanitize=address etc.
Reduced testcase:
program p
character(10), external :: f
call eval(f,"abc")
call eval(f,"abc") ! double free or corruption
end
character(10) function f(arg)
character(*) arg
f=arg
end
subroutine eval(func,c_arg)
character(*) c_arg
character(*) func
external func
! print *, len (c_arg) ! Enable to see junk
print *,func(c_arg)
end subroutine
The dump tree looks suspicious:
__attribute__((fn spec (". . w ")))
void eval (void (*<T693>) (character(kind=1)[1:_func] &, integer(kind=8)) func,
character(kind=1)[1:_c_arg] & restrict c_arg, integer(kind=8) _func,
integer(kind=8) _c_arg)
so we have 4 arguments (2 are character length), but the main translates as
eval (f, &"abc"[1]{lb: 1 sz: 1}, 3);
eval (f, &"abc"[1]{lb: 1 sz: 1}, 3);
thus I count 3 only.
Enabling the indicated statement shows random lengths.
