Le 16/02/2022 à 22:20, Harald Anlauf via Fortran a écrit :
Dear Fortranners,
while we detect invalid uses of type(*), we may run into other issues
later when the declared variable is used, leading to an ICE due to a
NULL pointer dereference. This is demonstrated by Gerhard's testcase.
Steve and I came to rather similar fixes, see PR. Mine is attached.
Regtested on x86_64-pc-linux-gnu. OK for mainline?
Thanks,
Harald
diff --git a/gcc/fortran/resolve.cc b/gcc/fortran/resolve.cc
index 266e41e25b1..2fa1acdbd6d 100644
--- a/gcc/fortran/resolve.cc
+++ b/gcc/fortran/resolve.cc
@@ -1288,15 +1288,17 @@ resolve_structure_cons (gfc_expr *expr, int init)
}
}
- cons = gfc_constructor_first (expr->value.constructor);
-
/* A constructor may have references if it is the result of substituting a
parameter variable. In this case we just pull out the component we
want. */
if (expr->ref)
comp = expr->ref->u.c.sym->components;
- else
+ else if (expr->ts.u.derived)
comp = expr->ts.u.derived->components;
These unprotected union accesses always make me nervous.
I have tried (hard) to exhibit a case not fixed by your patch,
and I have found the case below that almost qualifies, except that there
is an ICE before anything can happen.
With a minor tweak to prevent the ICE, the problem does appear.
program p
type t
integer :: a
end type
character(3), parameter :: x = t(2)
character(3), parameter :: y = x
print *, y
end
In that case the character length information occupies the same space as
a derived type symbol; the else-if condition evaluates to true, and
everything breaks from there.
So please use a condition on expr->ts.type instead.
I think the relevant values associated with ts->u.derived are
BT_DERIVED, BT_CLASS and BT_UNION.
OK with that change.
Thanks, and sorry for the time I took before looking at it.
