|
Subject: |
[Bug 1815908] Re: casExpandRecvBuffer modifies the contents of the buffer |
|
From: |
mdavidsaver via Core-talk <[email protected]> |
|
To: |
[email protected] |
|
Date: |
Wed, 16 Oct 2019 03:10:30 -0000 |
Sorry, this ticket fell through a crack. Looking at your proposed fix I
think I see what the logic bug is. The only change I'll make when
applying is to test if realloc() returns NULL.
** Changed in: epics-base
Assignee: (unassigned) => mdavidsaver (mdavidsaver)
** Changed in: epics-base
Milestone: None => 7.0.3.1
** Changed in: epics-base
Status: New => In Progress
--
You received this bug notification because you are a member of EPICS
Core Developers, which is subscribed to EPICS Base.
Matching subscriptions: epics-core-list-subscription
https://bugs.launchpad.net/bugs/1815908
Title:
casExpandRecvBuffer modifies the contents of the buffer
Status in EPICS Base:
In Progress
Bug description:
For the following data base run in a SoftIOC (3.16.2):
record(waveform, "PXD:H9999:D9:memoffsetdata_array:A:set"){
field(FTVL, "UCHAR")
field(NELM, "262144")
}
record(waveform, "PXD:H9999:D9:memswdata_array:A:set"){
field(FTVL, "UCHAR")
field(NELM, "262144")
}
the sequence of PV accesses created by this minimal sequence:
// vi: ft=cpp
program seqtest("")
option +c; /* dont wait for db connections */
option +r; /* make functions reentrant, multiple instances */
option +d; /* toggle runtime debugging messages */
option +W; /* extra warnings. */
%%int i;
unsigned char memswdata_array_set[16384];
assign memswdata_array_set to "PXD:H9999:D9:memswdata_array:A:set";
unsigned char memoffsetdata_array_set_small[32768];
assign memoffsetdata_array_set_small to "PXD:H9999:D9:memoffsetdata_array:A:set";
ss dhhseq_small {
state init {
entry {
for( i = 0; i < sizeof memswdata_array_set; ++i ) memswdata_array_set[i] = i % 256;
for( i = 0; i < sizeof memoffsetdata_array_set_small; ++i ) memoffsetdata_array_set_small[i] = 255 - i % 256;
pvPut(memswdata_array_set, SYNC);
pvPut(memoffsetdata_array_set_small, SYNC);
}
when() {} state done
}
state done {
when () {} state done
}
}
gives this error message on the softIOC side:
CAS: request from 192.168.0.1:44512 => CAS: Missaligned protocol rejected
CAS: Request from 192.168.0.1:44512 => cmmd=30720 cid=0x7800002c type=17023 count=0 postsize=44
CAS: Request from 192.168.0.1:44512 => available=0x427f0000 N=0 paddr=(nil)
CAS: forcing disconnect from 192.168.0.1:44512
and a segfault on the sequence side.
This report is (for now) about the softIOC.
I can reliably produce this behavior on two different systems (SL7 and
Debian) when both the softIOC and the sequence run on the same host.
Communication is via the lo interface, so the data packets are large.
During the second pvPut, the receive buffer is to be expanded a second
time, and during this call, the contents change:
before casExpandRecvBuffer
start of buffer=00 13 ffffff80
after casExpandRecvBuffer
start of buffer=78 00 00
I will try to follow this even further, but for now I'm creating this
report to have a place to track my findings.
Might there be a relation to https://bugs.launchpad.net/epics-
base/+bug/1706703 ?
To manage notifications about this bug go to:
https://bugs.launchpad.net/epics-base/+bug/1815908/+subscriptions
- Navigate by Date:
- Prev:
[Bug 541239] Re: explicitly unloading Com.dll causes crash Andrew Johnson via Core-talk
- Next:
[Merge] ~anj/epics-base/+git/base-3.15:epics-prove into epics-base:3.15 Andrew Johnson via Core-talk
- Index:
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
<2019>
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
[Bug 1815908] Re: casExpandRecvBuffer modifies the contents of the buffer Michael Ritzert via Core-talk
- Next:
[Bug 1815908] Re: casExpandRecvBuffer modifies the contents of the buffer mdavidsaver via Core-talk
- Index:
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
<2019>
2020
2021
2022
2023
2024
| 
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·