RSRV expanding large buffer causes crash

Bug #1706703 reported by mdavidsaver on 2017-07-26
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
EPICS Base
Status tracked in 7.0
3.16
High
Unassigned
7.0
High
mdavidsaver

Bug Description

The change to automatic allocation of send/recv buffers in RSRV introduced a regression in 3.16.1. Expanding from a small (16kB) buffer to a large buffer works correctly. Further expanding a large buffer to a larger size triggers a call to freeListFree() with a NULL free list pointer.

Reported by Joao Martins (ESS)

> #0 0x00003fffb7c91374 in .freeListFree () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libCom.so
> #1 0x00003fffb7e18e94 in .casExpandSendBuffer () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libdbCore.so
> #2 0x00003fffb7e15924 in .cas_copy_in_header () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libdbCore.so
> #3 0x00003fffb7e1af14 in .read_reply () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libdbCore.so
> #4 0x00003fffb7de3ec0 in .event_task () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libdbCore.so
> #5 0x00003fffb7caaa98 in .start_routine () from /opt/vsee/bases/3.16.1/lib/linux-ppc64e6500/libCom.so
> #6 0x00003fffb76a5680 in start_thread (arg=0x3fff95876180) at pthread_create.c:315
> #7 0x00003fffb7817ca0 in .__clone () at ../sysdeps/unix/sysv/linux/powerpc/powerpc64/clone.S:96

mdavidsaver (mdavidsaver) wrote :
Changed in epics-base:
milestone: none → 3.16.branch
assignee: nobody → mdavidsaver (mdavidsaver)
status: New → Fix Committed
importance: Undecided → High
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers