Hello! I am trying to sort an array in my program:
#include <cstdlib> #include <cstdio> #include <algorithm> #include <stdint.h> using namespace std; class E { public: int64_t x; int a; bool operator<(const E& e2) const { return x != e2.x ? x < e2.x : a; } }; E *e; void alloc() { e = new E[100100]; } int32_t main() { freopen("bad_array", "r", stdin); int n = 100000; alloc(); for(int i = 0; i < n; ++i) { scanf("%lld %d", &e[i].x, &e[i].a); } sort(e, e + n); } I am getting a segmentation fault in std::sort, when trying to sort a bad array: bori...@vaio:~/gcc-bug$ g++ -o bug bug.cpp -g3 bori...@vaio:~/gcc-bug$ gdb ./bug GNU gdb (GDB) 7.1 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-slackware-linux". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /home/borisko/gcc-bug/bug...done. (gdb) run Starting program: /home/borisko/gcc-bug/bug Program received signal SIGSEGV, Segmentation fault. 0x00000000004007e3 in E::operator< (this=0x7fffffffdd60, e2=...) at bug.cpp:15 15 return x != e2.x ? x < e2.x : a; (gdb) p e $1 = (E *) 0x7ffff7e4b010 (gdb) p &e2 $2 = (const E *) 0x7ffff7e4aff0 Also, valgrind notices incorrect accesses to memory like bori...@vaio:~/gcc-bug$ valgrind ./bug ==8890== Invalid read of size 8 ==8890== at 0x4007E3: E::operator<(E const&) const (bug.cpp:15) ==8890== by 0x400B22: E* std::__unguarded_partition<E*, E>(E*, E*, E) (stl_algo.h:2212) ==8890== by 0x400921: void std::__introsort_loop<E*, long>(E*, E*, long) (stl_algo.h:2268) ==8890== by 0x40085C: void std::sort<E*>(E*, E*) (stl_algo.h:5220) ==8890== by 0x40079E: main (bug.cpp:40) ==8890== Address 0x5947030 is 16 bytes before a block of size 1,601,600 alloc'd ==8890== at 0x4C262A4: operator new[](unsigned long) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==8890== by 0x4006E9: alloc() (bug.cpp:23) ==8890== by 0x40071F: main (bug.cpp:33) or ==8890== Invalid read of size 8 ==8890== at 0x400DBF: void std::__unguarded_linear_insert<E*, E>(E*, E) (stl_algo.h:2069) ==8890== by 0x400C4D: void std::__unguarded_insertion_sort<E*>(E*, E*) (stl_algo.h:2148) ==8890== by 0x4009CA: void std::__final_insertion_sort<E*>(E*, E*) (stl_algo.h:2179) ==8890== by 0x40086F: void std::sort<E*>(E*, E*) (stl_algo.h:5222) ==8890== by 0x40079E: main (bug.cpp:40) ==8890== Address 0x5947030 is 16 bytes before a block of size 1,601,600 alloc'd ==8890== at 0x4C262A4: operator new[](unsigned long) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==8890== by 0x4006E9: alloc() (bug.cpp:23) ==8890== by 0x40071F: main (bug.cpp:33) or ==8890== Invalid write of size 8 ==8890== at 0x400DC9: void std::__unguarded_linear_insert<E*, E>(E*, E) (stl_algo.h:2069) ==8890== by 0x400C4D: void std::__unguarded_insertion_sort<E*>(E*, E*) (stl_algo.h:2148) ==8890== by 0x4009CA: void std::__final_insertion_sort<E*>(E*, E*) (stl_algo.h:2179) ==8890== by 0x40086F: void std::sort<E*>(E*, E*) (stl_algo.h:5222) ==8890== by 0x40079E: main (bug.cpp:40) ==8890== Address 0x5947038 is 8 bytes before a block of size 1,601,600 alloc'd ==8890== at 0x4C262A4: operator new[](unsigned long) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==8890== by 0x4006E9: alloc() (bug.cpp:23) ==8890== by 0x40071F: main (bug.cpp:33) Is it a bug, or I am doing something wrong? The problem doesn't appear on all arrays, I will attach the bad array in the next message. bori...@vaio:~/gcc-bug$ LC_ALL=C g++ -v Reading specs from /usr/lib64/gcc/x86_64-slackware-linux/4.4.4/specs Target: x86_64-slackware-linux Configured with: ../gcc-4.4.4/configure --prefix=/usr --libdir=/usr/lib64 --enable-shared --enable-bootstrap --enable-languages=ada,c,c++,fortran,java,objc --enable-threads=posix --enable-checking=release --with-system-zlib --with-python-dir=/lib64/python2.6/site-packages --disable-libunwind-exceptions --enable-__cxa_atexit --enable-libssp --with-gnu-ld --verbose --disable-multilib --target=x86_64-slackware-linux --build=x86_64-slackware-linux --host=x86_64-slackware-linux Thread model: posix gcc version 4.4.4 (GCC) bori...@vaio:~/gcc-bug$ uname -a Linux vaio 2.6.34.1 #9 SMP Tue Aug 3 13:01:34 MSD 2010 x86_64 Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz GenuineIntel GNU/Linux -- Summary: sort accesses memory before first iterator Product: gcc Version: 4.4.4 Status: UNCONFIRMED Severity: major Priority: P3 Component: c++ AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: boris at dolgov dot name GCC build triplet: x86_64-slackware-linux GCC host triplet: x86_64-slackware-linux GCC target triplet: x86_64-slackware-linux http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45284