[Bug fortran/66578] [F2008] Invalid free on allocate(...,source=a(:)) in block

Wed, 17 Jun 2015 13:50:09 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66578

Dominique d'Humieres <dominiq at lps dot ens.fr> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2015-06-17
     Ever confirmed|0                           |1

--- Comment #2 from Dominique d'Humieres <dominiq at lps dot ens.fr> ---
I don't see the invalid free on x86_64-apple-darwin14, but if I compile the
code with -fsanitize=address, I get at run time

==49974==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60f00000effc at pc 0x00010b20fa1d bp 0x7fff549f11f0 sp 0x7fff549f11e8
READ of size 4 at 0x60f00000effc thread T0
    #0 0x10b20fa1c 
(/Users/dominiq/Documents/Fortran/g95bench/win/f90/bug/a.out+0x100001a1c)
    #1 0x10b20fb67 
(/Users/dominiq/Documents/Fortran/g95bench/win/f90/bug/a.out+0x100001b67)
    #2 0x7fff8ecb55c8  (/usr/lib/system/libdyld.dylib+0x35c8)
    #3 0x0  (<unknown module>)

0x60f00000effc is located 0 bytes to the right of 172-byte region
[0x60f00000ef50,0x60f00000effc)
allocated by thread T0 here:
    #0 0x10b24755a  (/opt/gcc/gcc6w/lib/libasan.2.dylib+0x3255a)
    #1 0x10b20f761 
(/Users/dominiq/Documents/Fortran/g95bench/win/f90/bug/a.out+0x100001761)
    #2 0x10b20fb67 
(/Users/dominiq/Documents/Fortran/g95bench/win/f90/bug/a.out+0x100001b67)
    #3 0x7fff8ecb55c8  (/usr/lib/system/libdyld.dylib+0x35c8)
    #4 0x0  (<unknown module>)

SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 ??
Shadow bytes around the buggy address:
  0x1c1e00001da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001dc0: fa fa fa fa fa fa fa fa fa fa fa fa 00 00 00 00
  0x1c1e00001dd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1c1e00001de0: 00 04 fa fa fa fa fa fa fa fa 00 00 00 00 00 00
=>0x1c1e00001df0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00[04]
  0x1c1e00001e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x1c1e00001e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
==49974==ABORTING

Reply via email to