[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2019-08-13 Thread kargl at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994
Bug 87994 depends on bug 87993, which changed state.

Bug 87993 Summary: ICE in gfc_constructor_first, at fortran/constructor.c:234
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87993

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-12-15 Thread kargl at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

kargl at gcc dot gnu.org changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED
   Assignee|unassigned at gcc dot gnu.org  |kargl at gcc dot gnu.org
   Target Milestone|--- |9.0

--- Comment #9 from kargl at gcc dot gnu.org ---
Fixed on trunk.

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-18 Thread dominiq at lps dot ens.fr 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #8 from Dominique d'Humieres  ---
I have instrumented gfortran with the patch in comment 5 and all the tests fail
as with pr87881:

=
==67715==ERROR: AddressSanitizer: heap-use-after-free on address 0x617045d8
at pc 0x0001001565a9 bp 0x7ffeefbfdd30 sp 0x7ffeefbfdd28
READ of size 8 at 0x617045d8 thread T0
#0 0x1001565a8 in simplify_ref_chain(gfc_ref*, int, gfc_expr**) expr.c:1943
#1 0x10015438e in gfc_simplify_expr(gfc_expr*, int) expr.c:2164
#2 0x100369eaf in gfc_match_varspec(gfc_expr*, int, bool, bool)
primary.c:2287
#3 0x1003798ba in gfc_match_rvalue(gfc_expr**) primary.c:3670
#4 0x1000c2f63 in match_data_constant(gfc_expr**) decl.c:379
#5 0x1000c4291 in top_val_list(gfc_data*) decl.c:478
#6 0x1000c4905 in gfc_match_data() decl.c:624
#7 0x10032fbc7 in match_word(char const*, match (*)(), locus*) parse.c:65
#8 0x10033d154 in decode_statement() parse.c:468
#9 0x10033ee0d in next_free() parse.c:1234
#10 0x10033f7d2 in next_statement() parse.c:1466
#11 0x100345d67 in parse_spec(gfc_statement) parse.c:3858
#12 0x10034c892 in parse_progunit(gfc_statement) parse.c:5671
#13 0x10034ec10 in gfc_parse_file() parse.c:6211
#14 0x100525304 in gfc_be_parse_file() f95-lang.c:204
#15 0x1062941c8 in compile_file() toplev.c:455
#16 0x10629f87c in do_compile() toplev.c:2172
#17 0x109388807 in toplev::main(int, char**) toplev.c:2307
#18 0x1097eaf4c in main main.c:39
#19 0x7fff703f908c in start (libdyld.dylib:x86_64+0x1708c)

0x617045d8 is located 728 bytes inside of 736-byte region
[0x61704300,0x617045e0)
freed by thread T0 here:
#0 0x15948a8e0 in wrap_free.part.0 sanitizer_malloc_mac.inc:121
#1 0x10012e8e5 in gfc_free_ref_list(gfc_ref*) expr.c:599
#2 0x10012efdd in free_expr0(gfc_expr*) expr.c:505
#3 0x10012f3be in gfc_replace_expr(gfc_expr*, gfc_expr*) expr.c:616
#4 0x1001563b7 in simplify_ref_chain(gfc_ref*, int, gfc_expr**) expr.c:1970
#5 0x10015438e in gfc_simplify_expr(gfc_expr*, int) expr.c:2164
#6 0x100369eaf in gfc_match_varspec(gfc_expr*, int, bool, bool)
primary.c:2287
#7 0x1003798ba in gfc_match_rvalue(gfc_expr**) primary.c:3670
#8 0x1000c2f63 in match_data_constant(gfc_expr**) decl.c:379
#9 0x1000c4291 in top_val_list(gfc_data*) decl.c:478
#10 0x1000c4905 in gfc_match_data() decl.c:624
#11 0x10032fbc7 in match_word(char const*, match (*)(), locus*) parse.c:65
#12 0x10033d154 in decode_statement() parse.c:468
#13 0x10033ee0d in next_free() parse.c:1234
#14 0x10033f7d2 in next_statement() parse.c:1466
#15 0x100345d67 in parse_spec(gfc_statement) parse.c:3858
#16 0x10034c892 in parse_progunit(gfc_statement) parse.c:5671
#17 0x10034ec10 in gfc_parse_file() parse.c:6211
#18 0x100525304 in gfc_be_parse_file() f95-lang.c:204
#19 0x1062941c8 in compile_file() toplev.c:455
#20 0x10629f87c in do_compile() toplev.c:2172
#21 0x109388807 in toplev::main(int, char**) toplev.c:2307
#22 0x1097eaf4c in main main.c:39
#23 0x7fff703f908c in start (libdyld.dylib:x86_64+0x1708c)

previously allocated by thread T0 here:
#0 0x159489db3 in wrap_calloc sanitizer_malloc_mac.inc:132
#1 0x1088a10de in xcalloc xmalloc.c:162
#2 0x10035b5ae in is_inquiry_ref(char const*, gfc_ref**) primary.c:1964
#3 0x100368721 in gfc_match_varspec(gfc_expr*, int, bool, bool)
primary.c:2199
#4 0x1003798ba in gfc_match_rvalue(gfc_expr**) primary.c:3670
#5 0x1000c2f63 in match_data_constant(gfc_expr**) decl.c:379
#6 0x1000c4291 in top_val_list(gfc_data*) decl.c:478
#7 0x1000c4905 in gfc_match_data() decl.c:624
#8 0x10032fbc7 in match_word(char const*, match (*)(), locus*) parse.c:65
#9 0x10033d154 in decode_statement() parse.c:468
#10 0x10033ee0d in next_free() parse.c:1234
#11 0x10033f7d2 in next_statement() parse.c:1466
#12 0x100345d67 in parse_spec(gfc_statement) parse.c:3858
#13 0x10034c892 in parse_progunit(gfc_statement) parse.c:5671
#14 0x10034ec10 in gfc_parse_file() parse.c:6211
#15 0x100525304 in gfc_be_parse_file() f95-lang.c:204
#16 0x1062941c8 in compile_file() toplev.c:455
#17 0x10629f87c in do_compile() toplev.c:2172
#18 0x109388807 in toplev::main(int, char**) toplev.c:2307
#19 0x1097eaf4c in main main.c:39
#20 0x7fff703f908c in start (libdyld.dylib:x86_64+0x1708c)

SUMMARY: AddressSanitizer: heap-use-after-free expr.c:1943 in
simplify_ref_chain(gfc_ref*, int, gfc_expr**)
Shadow bytes around the buggy address:
  0x1c2e0860: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c2e0870: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c2e0880: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c2e0890: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c2e08a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x1c2e00

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-14 Thread kargl at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #7 from kargl at gcc dot gnu.org ---
(In reply to Dominique d'Humieres from comment #6)
> AFAICT the patch in comment 5 fixes the tests in comments 1 and 5, but not
> the test in comment 0.

% cat a.f90
program p
   real :: a, b
   data b /a%kind/
   print *, b
end

% gfcx -o z a.f90 && ./z
   4.

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-14 Thread dominiq at lps dot ens.fr 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #6 from Dominique d'Humieres  ---
AFAICT the patch in comment 5 fixes the tests in comments 1 and 5, but not the
test in comment 0.

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-14 Thread kargl at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

kargl at gcc dot gnu.org changed:

   What|Removed |Added

 CC||kargl at gcc dot gnu.org

--- Comment #5 from kargl at gcc dot gnu.org ---
Better patch.  Permits %re and %im in data statement.
program p
   complex, parameter :: a = (42.5,23)
   real :: b
   data b /a%re/
   print *, b
end

Index: gcc/fortran/decl.c
===
--- gcc/fortran/decl.c  (revision 266155)
+++ gcc/fortran/decl.c  (working copy)
@@ -388,6 +388,14 @@ match_data_constant (gfc_expr **result)
 }
   else if (m == MATCH_YES)
 {
+  /* If a parameter inquiry ends up here, symtree is NULL but **result
+contains the right constant expression.  Check here.  */
+  if ((*result)->symtree == NULL
+ && (*result)->expr_type == EXPR_CONSTANT
+ && ((*result)->ts.type == BT_INTEGER 
+ || (*result)->ts.type == BT_REAL))
+   return m;
+
   /* F2018:R845 data-stmt-constant is initial-data-target.
 A data-stmt-constant shall be ... initial-data-target if and
 only if the corresponding data-stmt-object has the POINTER

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-14 Thread kargl at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

kargl at gcc dot gnu.org changed:

   What|Removed |Added

   Priority|P3  |P4

--- Comment #4 from kargl at gcc dot gnu.org ---
Index: gcc/fortran/decl.c
===
--- gcc/fortran/decl.c  (revision 266155)
+++ gcc/fortran/decl.c  (working copy)
@@ -388,6 +388,13 @@ match_data_constant (gfc_expr **result)
 }
   else if (m == MATCH_YES)
 {
+  /* If a parameter inquiry ends up here, symtree is NULL but **result
+contains the right constant expression.  Check here.  */
+  if ((*result)->symtree == NULL
+ && (*result)->expr_type == EXPR_CONSTANT
+ && (*result)->ts.type == BT_INTEGER)
+   return m;
+
   /* F2018:R845 data-stmt-constant is initial-data-target.
 A data-stmt-constant shall be ... initial-data-target if and
 only if the corresponding data-stmt-object has the POINTER

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-13 Thread gs...@t-online.de 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #3 from G. Steinmetz  ---
Sure ...

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-13 Thread dominiq at lps dot ens.fr 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #2 from Dominique d'Humieres  ---
Related to/duplicate of pr87881/pr87945/pr87993.

> Changed between 20181028 and 20181104 (ICE).

Parameter inquiry has been introduced at revision r265729: before it gave the
error

Error: Unexpected '%' for nonderived-type variable 'a' at (1)

IMO you should give Paul a chance to fix pr87881 before filing new PRs.

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-13 Thread tkoenig at gcc dot gnu.org 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

Thomas Koenig  changed:

   What|Removed |Added

   Keywords||ice-on-valid-code
 Status|UNCONFIRMED |NEW
   Last reconfirmed||2018-11-13
 CC||tkoenig at gcc dot gnu.org
 Ever confirmed|0   |1

[Bug fortran/87994] ICE in match_data_constant, at fortran/decl.c:399

2018-11-12 Thread gs...@t-online.de 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87994

--- Comment #1 from G. Steinmetz  ---
> Should be valid code, ...
Whoops, suboptimal. Better examples :


$ cat z3.f90
program p
   real, parameter :: a = 1.0
   data b /a%kind/
end

$ cat z4.f90
program p
   integer, parameter :: a = 1
   integer :: b
   data b /a%kind/
end


Changed between 20181028 and 20181104 (ICE).