Opened 9 years ago

Closed 9 years ago

Last modified 8 years ago

#3590 closed defect (fixed)

LOG_NLS_V fails due to memory overrun

Reported by: casella Owned by: lochel
Priority: critical Milestone: 1.9.4
Component: Run-time Version:
Keywords: Cc:

Description

Please consider the attached test case. The log output comes to this point:

LOG_NLS_V         | info    | SOLVING NON-LINEAR SYSTEM USING HOMOTOPY SOLVER
LOG_NLS_V         | info    | EQUATION NUMBER: 1201
LOG_NLS_V         | info    | TIME:  0.0000000000e+000
LOG_NLS_V         | info    | number of function calls (so far!):  0
LOG_NLS_V         | info    | System values [295-dim]

and then the simulation process doesn't proceed anymore.

If you reduce N to 300 or less, everything goes as expected. I guess there are some strings which become too long when there are more than about 300 unknowns in the initial system, which is pretty normal for steady-state initialization of energy systems.

Unfortunately, this completely prevents any debugging.

Attachments (1)

Test.zip (682 bytes) - added by casella 9 years ago.
Test case

Download all attachments as: .zip

Change History (9)

Changed 9 years ago by casella

Test case

comment:1 follow-up: Changed 9 years ago by crupp@…

+1

I've been intending to report this for a while, but haven't had a chance. The problem is caused by a buffer overflow in nonlinearSolverHomotopy.c in the debugMatrixXXX functions (multiple locations). It happens for large models with large matrices to report because a whole row is put into a single 4096 char buffer.

There are also places in the other nonlinearSolverXXX.c files where the same procedure is used for LOG_NLS_JAC. These should probably be fixed as well.

comment:2 Changed 9 years ago by lochel

  • Owner changed from somebody to lochel
  • Status changed from new to accepted

comment:3 Changed 9 years ago by casella

As a general rule, we should not have code in OMC which crashes or is unsafe if

  • the number of unknowns in a strong component
  • the number of states in a model
  • the number of variables in a model
  • the number of equations or the number of initial equations
  • etc.

goes above a certain, otherwise unspecified threshold. Never assume anything is "small enough". Things like limited filename length, or limited variable name length, or limited number of file icons, are still plaguing modern OSs and software. Let's try to avoid this in OMC and build the code to stand for the next 20 years (Dymola is already 20 years old).

In this case, I suggest we always use dynamic memory allocation for string buffers. In particular if it is used for debugging, where a bit of slowdown is perfectly acceptable. Or maybe introduce some macro so that a fixed size buffer is used if the size is less than a certain threshold, otherwise dynamic memory is used.

comment:4 Changed 9 years ago by lochel

I fixed memory overrun inside nonlinearSolverHomotopy.c with ecd1bc6.

comment:5 in reply to: ↑ 1 Changed 9 years ago by lochel

Replying to crupp@…:

There are also places in the other nonlinearSolverXXX.c files where the same procedure is used for LOG_NLS_JAC. These should probably be fixed as well.

I'm going to fix that as well.

comment:6 Changed 9 years ago by lochel

  • Resolution set to fixed
  • Status changed from accepted to closed

This should be fixed with 1abd255.
Please reopen this ticket if there is any issue with my changes.

comment:7 Changed 8 years ago by sjoelund.se

  • Milestone changed from 1.9.4 to 1.9.4-1.9.x

Milestone renamed

comment:8 Changed 8 years ago by sjoelund.se

  • Milestone changed from 1.9.4-1.9.x to 1.9.4

Milestone renamed

Note: See TracTickets for help on using tickets.