EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <20102011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <20102011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
<== Date ==> <== Thread ==>
Subject: vxStats memory corruption
From: "Kasemir, Kay" <[email protected]>
To: EPICS Tech-Talk <[email protected]>
Date: Fri, 09 Jul 2010 08:47:01 -0400 
Hi:

At the SNS we're using a version of vxStats where devVxStats.c looks similar
to this synapps release:
https://subversion.xor.aps.anl.gov/trac/synApps/browser/vxStats/trunk/vxStat
sApp/src/devVxStats.c

The cluster info support in there seems to cause memory corruption.

clustinfo is defined like this for 10 elements
974    #define CLUSTSIZES 10
975    
976    static int clustinfo[2][CLUSTSIZES][4];

... but later filled for CL_TBL_SIZE elements:
997    void getClusts(int dataPool)
998    {
999       NET_POOL_ID pNetPool;
1000       int i;
1001       int test;
1002    
1003       if (dataPool)
1004       {
1005          dataPool = 1;
1006          pNetPool = _pNetSysPool;
1007       }
1008       else
1009       {
1010          pNetPool = _pNetDpool;
1011       }
1012    
1013       test = pNetPool->clTbl[0]->clSize;
1014       for (i = 0; i < CL_TBL_SIZE; i++)
1015       {
1016          /* first two are constant under current conditions and could
be
1017           * done just once per pool.
1018           */
1019          if (i > 0)
1020             if (pNetPool->clTbl[i]->clSize != (2 * test)) break;
1021          test = pNetPool->clTbl[i]->clSize;
1022          clustinfo[dataPool][i][0] = test;
1023          clustinfo[dataPool][i][1] = pNetPool->clTbl[i]->clNum;
1024          clustinfo[dataPool][i][2] = pNetPool->clTbl[i]->clNumFree;
1025          clustinfo[dataPool][i][3] = pNetPool->clTbl[i]->clUsage;
1026       }
1027    }

On our MV2100 CPUs, CL_TBL_SIZE evaluates to 11, which might be close
enough. With our new MV5500 setups, CL_TBL_SIZE is 16, which in one case
happened to cause getClusts() to clobber a save_restore structure.

Replacing all use of CLUSTSIZES with CL_TBL_SIZE fixes the issue.
We also changed 

980    void minMBuf(int dataPool, int *ret)
981    {
982       int i;
983       double lowest = 1.0, comp;
984    
985       i = 0;
986       dataPool = dataPool?1:0;
987       while (clustinfo[dataPool][i][0] != 0)

into

987       while (i < CL_TBL_SIZE   &&   clustinfo[dataPool][i][0] != 0)


Thanks,
Kay
Replies:
iocStats (was: vxStats memory corruption) Ralph Lange
Navigate by Date:
Prev: RE: SNMP & Electrical power grid or generation plant Dalesio, Leo
Next: VxWorks 6.7, MV5500 Re: EPICS R3.14.11, sequencer 2.0.12 crash on device support write error Kasemir, Kay
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <20102011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
Navigate by Thread:
Prev: Re: SNMP & Electrical power grid or generation plant David Dudley
Next: iocStats (was: vxStats memory corruption) Ralph Lange
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <20102011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
ANJ, 02 Sep 2010 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·