Experimental Physics and
Industrial Control System

Hi Lewis,

thanks for reporting this!

Looking at the code, I can confirm the off-by-one bug you found in case
of the '-S' option (string as array of chars).
The fix you supplied looks fine, and I added it to the 3.14 branch.

However, I am not able to reproduce the bug using your database and
command file on my Linux machine (10,000s of iterations without a problem).
I found your shell script containing '\r' characters, so I am assuming
you see this behavior on Windows. Correct? Cygwin, native, or an
adventurous mix?

Note that inside caput, string arguments are pushed through
epicsStrnRawFromEscaped(), which understands and translates backslash
escape sequences. If your setup somehow changes forward slashes in
arguments to Windows-style backslashes, the current code in
epicsStrnRawFromEscaped() would regard a backslash being the last
character as illegal, and not copy it to the target string.
Can you try with your string value not ending in a slash? Do you still
see the error?
Far fetched, I know, but something like that might explain why the bug
does not show up on Linux.

Well ... in any case I can't tell you why the '-t' option should change
the behavior. Really weird.

Thanks again,
~Ralph


On 17.08.2012 01:12, J. Lewis Muir wrote:
> I believe there is an off-by-one bug in caput for the case of
> writing a string as an array of chars (i.e. the '-S' option) in
> EPICS Base 3.14.12.2.  (Looking at the 3.15 source code, the bug
> is probably there as well, but I haven't tested it.)
>
> The caput program will sometimes write an incorrect value--a
> value different from the value passed as an argument.  I believe
> this is because caput does not allocate enough memory to hold
> the string value *plus* the terminating null character.
>
> Attached is caput-string-off-by-one-fix.diff, a patch against
> EPICS Base 3.14.12.2 plus Known Problems patches, to fix the
> problem.
>
> Attached is image-file-path.db and reproduce-bug.sh which can be
> used to reproduce the problem.
>
> Load image-file-path.db into a soft IOC like this:
>
>   dbLoadRecords("image-file-path.db","P=ioc23:")
>
> Run the reproduce-bug.sh program like this:
>
>   $ sh reproduce-bug.sh
>
> On my system, it usually fails within 20 iterations.  For example:
>
>   $ sh reproduce-bug.sh
>   [3] "/tmp/lys_001.img/" != "/tmp/lys_001.img"
>
> What I don't understand, though, is that if I add the '-t'
> option to the caput command in reproduce-bug.sh, the problem
> does not occur.  I'd be interested to hear an explanation of why
> that is.
>
> Thanks,
>
> Lewis

Replies:

RE: caput off-by-one bug for string as array of chars Mark Rivers

Re: caput off-by-one bug for string as array of chars J. Lewis Muir

References:

caput off-by-one bug for string as array of chars J. Lewis Muir

Navigate by Date:

Prev: Re: edm and other extensions on 64-bit SL machines Dirk Zimoch

Next: RE: caput off-by-one bug for string as array of chars Mark Rivers

Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <2012>  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 

Navigate by Thread:

Prev: caput off-by-one bug for string as array of chars J. Lewis Muir

Next: RE: caput off-by-one bug for string as array of chars Mark Rivers

Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <2012>  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024