From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 22084 invoked by alias); 4 Dec 2013 21:44:37 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Received: (qmail 22050 invoked by uid 48); 4 Dec 2013 21:44:33 -0000 From: "manu at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/59389] [C++11] bogus error:=?UTF-8?Q?=20call=20of=20overloaded=20=E2=80=98Foo?=()=?UTF-8?Q?=E2=80=99=20is=20ambiguous?= Date: Wed, 04 Dec 2013 21:44:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c++ X-Bugzilla-Version: unknown X-Bugzilla-Keywords: rejects-valid X-Bugzilla-Severity: normal X-Bugzilla-Who: manu at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2013-12/txt/msg00332.txt.bz2 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D59389 Manuel L=C3=B3pez-Ib=C3=A1=C3=B1ez changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |manu at gcc dot gnu.org --- Comment #3 from Manuel L=C3=B3pez-Ib=C3=A1=C3=B1ez --- Even in the first case the diagnostic is quite poor compared with clang's (location info included). >>From gcc-bugs-return-436678-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Wed Dec 04 22:13:20 2013 Return-Path: Delivered-To: listarch-gcc-bugs@gcc.gnu.org Received: (qmail 7358 invoked by alias); 4 Dec 2013 22:13:19 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Delivered-To: mailing list gcc-bugs@gcc.gnu.org Received: (qmail 7325 invoked by uid 48); 4 Dec 2013 22:13:14 -0000 From: "awwafa at gmail dot com" To: gcc-bugs@gcc.gnu.org Subject: [Bug libstdc++/59391] New: std::sort will go out of std::vector bounds and crash Date: Wed, 04 Dec 2013 22:13:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: libstdc++ X-Bugzilla-Version: 4.4.6 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: awwafa at gmail dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2013-12/txt/msg00333.txt.bz2 Content-length: 4621 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59391 Bug ID: 59391 Summary: std::sort will go out of std::vector bounds and crash Product: gcc Version: 4.4.6 Status: UNCONFIRMED Severity: normal Priority: P3 Component: libstdc++ Assignee: unassigned at gcc dot gnu.org Reporter: awwafa at gmail dot com $ gcc -v Using built-in specs. Target: x86_64-redhat-linux Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-bootstrap --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre --enable-libgcj-multifile --enable-java-maintainer-mode --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libjava-multilib --with-ppl --with-cloog --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux Thread model: posix gcc version 4.4.6 20110731 (Red Hat 4.4.6-3) (GCC) ----------- gcc switches used ----- g++ -o sort_test.o -c sort_test.cxx g++ -o sort_test sort_test.o ------------ sort_test.cxx--------- #include #include bool compare_val(int* a, int* b) { if (*a <= *b) return true; return false; } int main (void) { const int int_array[] = {12, 13, 2, 2, 6, 7, 12, 2, 10, 11, 16, 5, 5, 2, 16, 7, 6, 16, 14, 5, 10, 9, 14, 3, 7, 15, 14, 6, 2, 1, 11, 13, 14, 12, 15, 4, 3, 11, 5, 12, 5, 5, 1, 9, 6, 16, 15, 11, 16, 13, 15, 10, 6, 13, 13, 12, 11, 10, 1, 13, 11, 11, 10, 9, 7, 8, 12, 10, 2}; std::vector my_vec; int length = sizeof(int_array)/sizeof(int); for(int i=0; i < length; ++i) { int *int_ptr =new int; *int_ptr = int_array[i]; my_vec.push_back(int_ptr); } std::sort(my_vec.begin(), my_vec.end(), compare_val); } ------------ sort_test.cxx--------- ---------------- Valgrind output ----------------- ==20061== Memcheck, a memory error detector ==20061== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==20061== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==20061== Command: ./sort_test ==20061== ==20061== Invalid read of size 8 ==20061== at 0x40159E: __gnu_cxx::__normal_iterator > > std::__unguarded_partition<__gnu_cxx::__normal_iterator > >, int*, bool (*)(int*, int*)>(__gnu_cxx::__normal_iterator > >, __gnu_cxx::__normal_iterator > >, int*, bool (*)(int*, int*)) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x4010B8: void std::__introsort_loop<__gnu_cxx::__normal_iterator > >, long, bool (*)(int*, int*)>(__gnu_cxx::__normal_iterator > >, __gnu_cxx::__normal_iterator > >, long, bool (*)(int*, int*)) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x400B08: void std::sort<__gnu_cxx::__normal_iterator > >, bool (*)(int*, int*)>(__gnu_cxx::__normal_iterator > >, __gnu_cxx::__normal_iterator > >, bool (*)(int*, int*)) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x40092A: main (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== Address 0x4a33a48 is 8 bytes before a block of size 1,024 alloc'd ==20061== at 0x490459B: operator new(unsigned long) (vg_replace_malloc.c:220) ==20061== by 0x401844: __gnu_cxx::new_allocator::allocate(unsigned long, void const*) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x4012C9: std::_Vector_base >::_M_allocate(unsigned long) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x400D5A: std::vector >::_M_insert_aux(__gnu_cxx::__normal_iterator > >, int* const&) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x400A73: std::vector >::push_back(int* const&) (in /home/awafa/tmp/std_sort_crash/sort_test) ==20061== by 0x4008E1: main (in /home/awafa/tmp/std_sort_crash/sort_test)