Open MPI logo

Open MPI Development Mailing List Archives

  |   Home   |   Support   |   FAQ   |   all Development mailing list

Subject: [OMPI devel] size of items in mca_osc_pt2pt_component.p2p_c_buffers
From: doriankrause (doriankrause_at_[hidden])
Date: 2009-04-23 15:36:27


Hi,

I'm currently looking at this bug:
http://www.open-mpi.org/community/lists/users/2008/12/7611.php
I'm using the 1.3.2 tarball.

Valgrind tells me that there is an invalid write (of size 1) in
osc_pt2pt_data_move.c at line 229 which is the
statement

    memcpy((unsigned char*) buffer->payload + written_data,
           packed_ddt, packed_ddt_len);

in the function ompi_osc_pt2pt_sendreq_send.

I have

(gdb) p packed_ddt_len
$2 = 44852

and

(gdb) p written_data
$3 = 36

but I can't figure out what the actual size of buffer->payload is. I have

(gdb) p *buffer
$6 = {mpireq = {super = {super = {super = {
          obj_magic_id = 16046253926196952813, obj_class = 0x4f5240,
          obj_reference_count = 1,
          cls_init_file_name = 0x2efe0b "class/opal_free_list.c",
          cls_init_lineno = 114}, opal_list_next = 0x0, opal_list_prev =
0x0,
        item_free = 1, opal_list_item_refcount = 0,
        opal_list_item_belong_to = 0x0}}, request = 0x5a35, status = {
      MPI_SOURCE = 23094, MPI_TAG = 23095, MPI_ERROR = 23096, _count =
23097,
      _cancelled = 23098}, cbfunc = 0x4e6cc5
<ompi_osc_pt2pt_sendreq_send_cb>,
    cbdata = 0x8681080}, payload = 0x86bc0d8, len = 23102}

Is len the size of payload?

In osc_pt2pt_component.c I found the statement

    /* adjust size to be multiple of ompi_ptr_t to avoid alignment issues*/
    aligned_size = sizeof(ompi_osc_pt2pt_buffer_t) +
        (sizeof(ompi_osc_pt2pt_buffer_t) % sizeof(ompi_ptr_t)) +
        mca_osc_pt2pt_component.p2p_c_eager_size;
    OBJ_CONSTRUCT(&mca_osc_pt2pt_component.p2p_c_buffers, opal_free_list_t);
    opal_free_list_init(&mca_osc_pt2pt_component.p2p_c_buffers,
                        aligned_size,
                        OBJ_CLASS(ompi_osc_pt2pt_buffer_t),
                        1, -1, 1);

but this doesn't help me to understand ...

Can you help with this? Where can I find the allocation routine for the
buffer?
Or do you know why there could be an invalid write?

Thanks + Best regards,
Dorian