Bugzilla – Full Text Bug Listing
| Summary: | PTP SDM: Segmentation fault when expand a structure with very big array. | ||
|---|---|---|---|
| Product: | [Tools] PTP | Reporter: | Xuan Chen <xuanchen> |
| Component: | Debug SDM | Assignee: | Greg Watson <g.watson> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | major | ||
| Priority: | P3 | ||
| Version: | 5.0 | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Windows XP | ||
| Whiteboard: | |||
Please changed the array size from 5000000, to 500000. Otherwise I ran into Seg fault when just running this program (sometimes). But I could still reproduce this problem after changing the size. I debugged the SDM code, and this is what I found:
In proxy_msg.c, proxy_serialize_msg for processing the AIF for myStruct.
I can see the size of m->args[1] (which I think supposed to be the data of the AIF), is really big, 4000042.
And when proxy_msg.c, packet_append_bytes() method is called,
void
packet_append_bytes(int length, char *data)
{
if ((packet_allocation - packet_size) < length) {
packet_allocation = packet_allocation + PACKET_SIZE_INCREMENT;
packet = (unsigned char *) realloc(packet, packet_allocation);
assert(packet != NULL);
}
memcpy(&packet[packet_size], data, length);
packet_size += length;
}
the length argument is 4000042, which is way bigger than PACKET_SIZE_INCREMENT, which is only 1024.
So the memory allocated is not big enough for the data.
I am not sure why in this case (I haven't request to expand myStruct.a yet, so the myStruct.a is still an empty node with no content), the data field of the AIF needs to be so big.
Fixed in HEAD. There is a related issue which is that the debugger should not fetch the contents of the structure elements unless they are view in the UI. I think currently it fetches all the first level elements. To fix this would require some reworking of the way variables are obtained, both in the client and server sides. Please open a separate bug on this (severity: feature request) if you'd like. Thanks! Thanks, Greg. I will give it a try. Bug 326562 has been opened for requesting the enhancement. https://bugs.eclipse.org/bugs/show_bug.cgi?id=326562 Closing as fixed. |
This is the source for the C program: ***************************************************************** #include <stdio.h> int main() { int debug = 1; int a1[10]; a1[0] = 0; a1[1] = 1; a1[2] = 2; a1[3] = 3; a1[4] = 4; a1[5] = 5; struct MappingStruct0 { int intOne; int intTwo; int* intPtr; long longVal; } myStruct0; myStruct0.intOne = 5; myStruct0.intTwo = 6; myStruct0.longVal = 155; struct MappingStruct { int intOne; int intTwo; int a[5000000]; int* intPtr; long longVal; } myStruct; myStruct.a[0] = 0; myStruct.a[1] = 1; myStruct.a[2] = 2; myStruct.a[3] = 3; myStruct.a[4] = 4; myStruct.a[5] = 5; printf("Hello World1!\n"); return 0; } ******************************************** Run to the printf statement, and put myStruct in the expression view. Expand myStruct. I got a segmentation fault.