[Patch, fortran] PR96624 - A segment fault occurred when using the reshape function result to assign a variable

Wed, 26 Aug 2020 23:18:30 -0700 

Hi All,

Here is another of Steve Kargl's patches.

Before the patch is applied, the following code is generated:
    atmp.0.span = 4;
    atmp.0.data = 0B;
    atmp.0.offset = 0;
    (*(integer(kind=4)[0] * restrict) atmp.0.data)[0] = 1;
    (*(integer(kind=4)[0] * restrict) atmp.0.data)[1] = 2;

which causes a segfault at run time. The test case counts the number of
occurrences of 'data' to check that the bad assignments have gone.

Regtests OK on FC31/x86_64 - OK for aster?

This patch fixes PR96624.

2020-08-27  Paul Thomas  <[email protected]>

gcc/fortran
PR fortran/96624
* simplify.c (gfc_simplify_reshape): Detect zero shape and
clear index if found.

gcc/testsuite/
PR fortran/96624
* gfortran.dg/reshape_8.f90 : New test.

diff --git a/gcc/fortran/simplify.c b/gcc/fortran/simplify.c
index 074b50c2e68..8e0d2f97a60 100644
--- a/gcc/fortran/simplify.c
+++ b/gcc/fortran/simplify.c
@@ -6398,7 +6398,7 @@ gfc_simplify_is_contiguous (gfc_expr *array)
 
   if (gfc_is_not_contiguous (array))
     return gfc_get_logical_expr (gfc_default_logical_kind, &array->where, 0);
-    
+
   return NULL;
 }
 
@@ -6725,6 +6725,7 @@ gfc_simplify_reshape (gfc_expr *source, gfc_expr *shape_exp,
   unsigned long j;
   size_t nsource;
   gfc_expr *e, *result;
+  bool zerosize = false;
 
   /* Check that argument expression types are OK.  */
   if (!is_constant_array_expr (source)
@@ -6847,7 +6848,14 @@ gfc_simplify_reshape (gfc_expr *source, gfc_expr *shape_exp,
   result->rank = rank;
   result->shape = gfc_get_shape (rank);
   for (i = 0; i < rank; i++)
-    mpz_init_set_ui (result->shape[i], shape[i]);
+    {
+      mpz_init_set_ui (result->shape[i], shape[i]);
+      if (shape[i] == 0)
+	zerosize = true;
+    }
+
+  if (zerosize)
+    goto sizezero;
 
   while (nsource > 0 || npad > 0)
     {
@@ -6897,6 +6905,8 @@ inc:
       break;
     }
 
+sizezero:
+
   mpz_clear (index);
 
   return result;

! { dg-do compile }
! { dg-options "-fdump-tree-original" }
!
! Test the fix for PR96624 in which an attempt was made to assign
! to the zero length temporary created by reshape, resulting in a segfault.
!
! Contributed by Dong Shenpo  <[email protected]>
!
program test
  integer :: a(2,0)
  a = reshape([1,2,3,4], [2,0])
  print *, a
end
! { dg-final { scan-tree-dump-times "data" 3 "original" } }

Reply via email to