[pushed] PR fortran/104331 - [10/11/12 Regression] ICE in gfc_simplify_eoshift, at fortran/simplify.cc:2590

2022-02-01 Thread Harald Anlauf via Fortran 
Dear all,

another trivial and obvious one, discovered by Gerhard.

We can have a NULL pointer dereference simplifying EOSHIFT on an array
that was not properly declared.

Pushed to mainline as r12-6977 after regtesting on x86_64-pc-linux-gnu.
Will backport to affected branches [11/10] with some delay.

Thanks,
Harald

From 447047a8f95c6bf4b1873f390c833e91aa8af18c Mon Sep 17 00:00:00 2001
From: Harald Anlauf 
Date: Tue, 1 Feb 2022 21:36:42 +0100
Subject: [PATCH] Fortran: error recovery when simplifying EOSHIFT

gcc/fortran/ChangeLog:

	PR fortran/104331
	* simplify.cc (gfc_simplify_eoshift): Avoid NULL pointer
	dereference when shape is not set.

gcc/testsuite/ChangeLog:

	PR fortran/104331
	* gfortran.dg/eoshift_9.f90: New test.
---
 gcc/fortran/simplify.cc | 3 +++
 gcc/testsuite/gfortran.dg/eoshift_9.f90 | 8 
 2 files changed, 11 insertions(+)
 create mode 100644 gcc/testsuite/gfortran.dg/eoshift_9.f90

diff --git a/gcc/fortran/simplify.cc b/gcc/fortran/simplify.cc
index 8604162cfd5..6483f9c31e7 100644
--- a/gcc/fortran/simplify.cc
+++ b/gcc/fortran/simplify.cc
@@ -2572,6 +2572,9 @@ gfc_simplify_eoshift (gfc_expr *array, gfc_expr *shift, gfc_expr *boundary,
   if (arraysize == 0)
 goto final;

+  if (array->shape == NULL)
+goto final;
+
   arrayvec = XCNEWVEC (gfc_expr *, arraysize);
   array_ctor = gfc_constructor_first (array->value.constructor);
   for (i = 0; i < arraysize; i++)
diff --git a/gcc/testsuite/gfortran.dg/eoshift_9.f90 b/gcc/testsuite/gfortran.dg/eoshift_9.f90
new file mode 100644
index 000..f711b04a7da
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/eoshift_9.f90
@@ -0,0 +1,8 @@
+! { dg-do compile }
+! PR fortran/104331 - ICE in gfc_simplify_eoshift
+! Contributed by G.Steinmetz
+
+program p
+  character(3), parameter :: a(:) = ['123'] ! { dg-error "deferred shape" }
+  character(3), parameter :: b(*) = eoshift(a, 1)
+end
--
2.34.1

[PATCH] PR fortran/104311 - [9/10/11/12 Regression] ICE out of memory since r9-6321-g4716603bf875ce

2022-02-01 Thread Harald Anlauf via Fortran 
Dear Fortranners,

a check in gfc_calculate_transfer_sizes had a bug in the logic:
it did not trigger for MOLD having a storage size zero when
arugment SIZE was present.  The attached obvious patch fixes this.

Regtested on x86_64-pc-linux-gnu.  OK for mainline/11/10/9?

Thanks,
Harald

From b8f124adcf258eccd29ffcec5cc3f8915cc2ca47 Mon Sep 17 00:00:00 2001
From: Harald Anlauf 
Date: Tue, 1 Feb 2022 23:33:24 +0100
Subject: [PATCH] Fortran: reject simplifying TRANSFER for MOLD with storage
 size 0

gcc/fortran/ChangeLog:

	PR fortran/104311
	* check.cc (gfc_calculate_transfer_sizes): Checks for case when
	storage size of SOURCE is greater than zero while the storage size
	of MOLD is zero and MOLD is an array shall not depend on SIZE.

gcc/testsuite/ChangeLog:

	PR fortran/104311
	* gfortran.dg/transfer_simplify_15.f90: New test.
---
 gcc/fortran/check.cc   |  2 +-
 gcc/testsuite/gfortran.dg/transfer_simplify_15.f90 | 11 +++
 2 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gfortran.dg/transfer_simplify_15.f90

diff --git a/gcc/fortran/check.cc b/gcc/fortran/check.cc
index d6c6767ae9e..fc97bb1371e 100644
--- a/gcc/fortran/check.cc
+++ b/gcc/fortran/check.cc
@@ -6150,7 +6150,7 @@ gfc_calculate_transfer_sizes (gfc_expr *source, gfc_expr *mold, gfc_expr *size,
* representation is not shorter than that of SOURCE.
* If SIZE is present, the result is an array of rank one and size SIZE.
*/
-  if (result_elt_size == 0 && *source_size > 0 && !size
+  if (result_elt_size == 0 && *source_size > 0
   && (mold->expr_type == EXPR_ARRAY || mold->rank))
 {
   gfc_error ("% argument of % intrinsic at %L is an "
diff --git a/gcc/testsuite/gfortran.dg/transfer_simplify_15.f90 b/gcc/testsuite/gfortran.dg/transfer_simplify_15.f90
new file mode 100644
index 000..cdbec97ae71
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/transfer_simplify_15.f90
@@ -0,0 +1,11 @@
+! { dg-do compile }
+! PR fortran/104311 - ICE out of memory
+! Contributed by G.Steinmetz
+
+program p
+  type t
+  end type
+  type(t) :: x(2)
+  print *, transfer(1,x,2)   ! { dg-error "shall not have storage size 0" }
+  print *, transfer(1,x,huge(1)) ! { dg-error "shall not have storage size 0" }
+end
--
2.34.1