EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024  Index 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
<== Date ==> <== Thread ==>

Subject: [Bug 1877113] Re: call ca_clear_event gives a seg fault
From: Helge Brands via Core-talk <core-talk at aps.anl.gov>
To: core-talk at aps.anl.gov
Date: Fri, 08 May 2020 07:44:35 -0000
Hi Michael,

valgrind only tells me that this is uninitialized pointer as you already
said. But I guess somebody already thought about this problem: There is
a note in cacIO.h about bad practice

The problem can replicated easily. The question is only what is the
error in terms of:

1) why is the data structure corrupted (zeroed,deleted...)
2) why there is no callback for the disconnect
3) how this can be detected.

I tried an old EPICS (3.14.12) and a new one (7.0.3.2) in debug, but both are showing the same behavior. 
Can you give me some hints where to set some breakpoints to find some problems. It look that this a sync problem between the put and the release of callbacks.

Best regards
     Helge

-- 
You received this bug notification because you are a member of EPICS
Core Developers, which is subscribed to EPICS Base.
Matching subscriptions: epics-core-list-subscription
https://bugs.launchpad.net/bugs/1877113

Title:
  call ca_clear_event gives a seg fault

Status in EPICS Base:
  New

Bug description:
  the segmentation fault happends when a client writes to the SYSRESET
  channel of an IOCSTATS - IOC. This kills the IOC and the call of
  ca_clear_event() of SYSRESET on the client gives a this error.

  What can be seen too: is that all connected channels gets a clean
  disconnect except SYSRESET.

  This happends with our 3.14.12 and with 7.0.3

  gdb backtrace of caqtdm(epics 3.14.12):
  #0  0x0000000000000000 in ?? ()
  #1  0x00007fffee1d2f74 in ca_client_context::eliminateExcessiveSendBacklog (this=0x8f8f20, guard=..., chan=...) at ../ca_client_context.cpp:791
  #2  0x00007fffee1d30d1 in eliminateExcessiveSendBacklog (pMon=<value optimized out>) at ../oldAccess.h:482
  #3  ca_clear_subscription (pMon=<value optimized out>) at ../ca_client_context.cpp:761
  #4  0x00007fffe79e80d6 in ClearMonitor (kData=<value optimized out>) at epicsSubs.c:937
  #5  0x00007fffe79e39e5 in Epics3Plugin::pvClearMonitor (this=0x8f74e0, kData=0x7fffffffa600) at epics3_plugin.cpp:86
  #6  0x00007ffff7d79f39 in CaQtDM_Lib::closeEvent (this=0x12016bb0, ce=<value optimized out>) at src/caqtdm_lib.cpp:6445
  #7  0x00000030c67f5cbc in QWidget::event(QEvent*) () from /usr/lib64/libQtGui.so.4
  #8  0x00000030c6b898eb in QMainWindow::event(QEvent*) () from /usr/lib64/libQtGui.so.4
  #9  0x00000030c67aaa0c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
  #10 0x00000030c67b094b in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQtGui.so.4
  #11 0x00000030bfb57d0c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/libQtCore.so.4
  #12 0x00000030c67fa711 in QWidgetPrivate::close_helper(QWidgetPrivate::CloseMode) () from /usr/lib64/libQtGui.so.4
  #13 0x00000030c68134b6 in QApplication::x11ClientMessage(QWidget*, _XEvent*, bool) () from /usr/lib64/libQtGui.so.4
  #14 0x00000030c68213c6 in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/libQtGui.so.4
  #15 0x00000030c6849e92 in ?? () from /usr/lib64/libQtGui.so.4
  #16 0x00000030b8a40555 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
  #17 0x00000030b8a44d08 in ?? () from /lib64/libglib-2.0.so.0
  #18 0x00000030b8a44ec2 in g_main_context_iteration () from /lib64/libglib-2.0.so.0
  #19 0x00000030bfb7d613 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
  #20 0x00000030c6849b5e in ?? () from /usr/lib64/libQtGui.so.4
  #21 0x00000030bfb56752 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
  #22 0x00000030bfb56a1c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQtCore.so.4
  #23 0x00000030bfb58d09 in QCoreApplication::exec() () from /usr/lib64/libQtCore.so.4
  #24 0x000000000040e132 in main ()

  gdb backtrace of caqtdm(epics 7.0.3):
  #0  0x0000000000000000 in ?? ()
  #1  0x00007fffd75df200 in ca_client_context::eliminateExcessiveSendBacklog (this=0x9259c0, guard=..., chan=...) at ../ca_client_context.cpp:785
  #2  0x00007fffd75c2949 in eliminateExcessiveSendBacklog (this=0xc55a98, this=0xc55a98, guard=...) at ../oldAccess.h:481
  #3  ca_clear_channel (pChan=0xc55a98) at ../access.cpp:371
  #4  0x00007fffdc0c590d in ClearMonitor (kData=<optimized out>) at epicsSubs.c:942
  #5  0x00007fffdc0c0a3f in Epics3Plugin::pvClearMonitor (this=0x89ba50, kData=0x7fffffffa700) at epics3_plugin.cpp:87
  #6  0x00007ffff7b4e531 in CaQtDM_Lib::closeEvent (this=0x1049ff0, ce=<optimized out>) at src/caqtdm_lib.cpp:6445
  #7  0x00007ffff5eb5db4 in QWidget::event(QEvent*) () from /lib64/libQtGui.so.4
  #8  0x00007ffff62870d3 in QMainWindow::event(QEvent*) () from /lib64/libQtGui.so.4
  #9  0x00007ffff5e600ec in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQtGui.so.4
  #10 0x00007ffff5e669c5 in QApplication::notify(QObject*, QEvent*) () from /lib64/libQtGui.so.4
  #11 0x00007ffff592e87d in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /lib64/libQtCore.so.4
  #12 0x00007ffff5eb1fd9 in QWidgetPrivate::close_helper(QWidgetPrivate::CloseMode) () from /lib64/libQtGui.so.4
  #13 0x00007ffff5ed0e32 in QApplication::x11ClientMessage(QWidget*, _XEvent*, bool) () from /lib64/libQtGui.so.4
  #14 0x00007ffff5edd98f in QApplication::x11ProcessEvent(_XEvent*) () from /lib64/libQtGui.so.4
  #15 0x00007ffff5f04f34 in x11EventSourceDispatch(_GSource*, int (*)(void*), void*) () from /lib64/libQtGui.so.4
  #16 0x00007ffff1f3f049 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
  #17 0x00007ffff1f3f3a8 in g_main_context_iterate.isra.19 () from /lib64/libglib-2.0.so.0
  #18 0x00007ffff1f3f45c in g_main_context_iteration () from /lib64/libglib-2.0.so.0
  #19 0x00007ffff595d3ae in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
  #20 0x00007ffff5f050b6 in QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtGui.so.4
  #21 0x00007ffff592d30f in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
  #22 0x00007ffff592d65d in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQtCore.so.4
  #23 0x00007ffff5932d29 in QCoreApplication::exec() () from /lib64/libQtCore.so.4
  #24 0x000000000040defd in main (argc=4, argv=<optimized out>) at src/caQtDM.cpp:390

To manage notifications about this bug go to:
https://bugs.launchpad.net/epics-base/+bug/1877113/+subscriptions

References:
[Bug 1877113] [NEW] call ca_clear_event gives a seg fault Helge Brands via Core-talk

Navigate by Date:
Prev: dbNotify w/ processRequest Michael Davidsaver via Core-talk
Next: Re: dbNotify w/ processRequest Johnson, Andrew N. via Core-talk
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
Navigate by Thread:
Prev: [Bug 1877113] Re: call ca_clear_event gives a seg fault mdavidsaver via Core-talk
Next: [Bug 1877113] Re: call ca_clear_event gives a seg fault Ralph Lange via Core-talk
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
ANJ, 08 May 2020 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·