[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added Target Milestone|--- |14.0 Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #7 from anlauf at gcc dot gnu.org --- Fixed on mainline for gcc-14. Thanks for the report!
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 --- Comment #6 from GCC Commits --- The master branch has been updated by Harald Anlauf : https://gcc.gnu.org/g:48024a99e3c2ae522d0026eedd591390506b68ca commit r14-9996-g48024a99e3c2ae522d0026eedd591390506b68ca Author: Harald Anlauf Date: Sat Apr 13 19:09:24 2024 +0200 Fortran: ALLOCATE of fixed-length CHARACTER with SOURCE/MOLD [PR113793] F2008 requires for ALLOCATE with SOURCE= or MOLD= specifier that the kind type parameters of allocate-object and source-expr have the same values. Add compile-time diagnostics for different character length and a runtime check (under -fcheck=bounds). Use length from allocate-object to prevent heap corruption and to allow string padding or truncation on assignment. gcc/fortran/ChangeLog: PR fortran/113793 * resolve.cc (resolve_allocate_expr): Reject ALLOCATE with SOURCE= or MOLD= specifier for unequal length. * trans-stmt.cc (gfc_trans_allocate): If an allocatable character variable has fixed length, use it and do not use the source length. With bounds-checking enabled, add a runtime check for same length. gcc/testsuite/ChangeLog: PR fortran/113793 * gfortran.dg/allocate_with_source_29.f90: New test. * gfortran.dg/allocate_with_source_30.f90: New test. * gfortran.dg/allocate_with_source_31.f90: New test.
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added Assignee|unassigned at gcc dot gnu.org |anlauf at gcc dot gnu.org Status|NEW |ASSIGNED --- Comment #5 from anlauf at gcc dot gnu.org --- Submitted: https://gcc.gnu.org/pipermail/fortran/2024-April/060431.html
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added Keywords||accepts-invalid Priority|P3 |P4
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added Attachment #57931|0 |1 is obsolete|| --- Comment #4 from anlauf at gcc dot gnu.org --- Created attachment 57938 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=57938=edit Enhanced patch This version add checks for standard conformance and a runtime check for equal length.
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added Attachment #57354|0 |1 is obsolete|| --- Comment #3 from anlauf at gcc dot gnu.org --- Created attachment 57931 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=57931=edit Improved patch This patch fixes both the scalar and the array variants. Needs regtesting.
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 --- Comment #2 from anlauf at gcc dot gnu.org --- Created attachment 57354 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=57354=edit Tentative partial patch This appears to fix the malloc size for character arrays, but not for allocatable scalars, like in: program p implicit none CHARACTER*30,allocatable :: a(:), b(:,:), d CHARACTER(kind=4,len=15),allocatable :: c(:), e ALLOCATE (a(100),source=" ") ! OK ALLOCATE (b(5,6),source=" ") ! OK ALLOCATE (c(42), source=4_"zzz") ! OK ALLOCATE (d,source="xx") ! malloc too small ALLOCATE (e,source=4_"zz") ! malloc too small END
[Bug fortran/113793] malloc abort on character allocate with source argument
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113793 anlauf at gcc dot gnu.org changed: What|Removed |Added CC||anlauf at gcc dot gnu.org Ever confirmed|0 |1 Last reconfirmed||2024-02-07 Keywords||wrong-code Status|UNCONFIRMED |NEW --- Comment #1 from anlauf at gcc dot gnu.org --- (In reply to Manfred Schwarb from comment #0) > Allocating an allocatable character array, I get a malloc error > when the source argument is not properly padded: > > CHARACTER*30,allocatable :: a(:),b(:) > ALLOCATE(a(100),source=" ") > ALLOCATE(b(100),source=" ") > END > > yields: > malloc(): corrupted top size Confirmed. > I would have expected that the source argument is automatically padded > as with variable assignments and function call arguments. The dump-tree shows that it is padded, but the actual malloc is too short: a.data = (void * restrict) __builtin_malloc (100); Omitting the source= part, we get the expected: a.data = (void * restrict) __builtin_malloc (3000);