bug-glpk
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Invalid memory usage in GLPK


From: Heinrich Schuchardt
Subject: Re: Invalid memory usage in GLPK
Date: Mon, 3 Aug 2020 20:45:11 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0

On 03.08.20 17:56, Domingo Alvarez Duarte wrote:
> Hello !
>
> Changing the file src/env/env.h like this:
>
> =====
>
> @@ -185,27 +189,59 @@ void put_err_msg(const char *msg);
>  const char *get_err_msg(void);
>  /* obtain error message string */
>
> +#if defined(GLP_NO_MEMORY_POOL)
> +#define xmalloc(size) malloc(size)
> +#else
>  #define xmalloc(size) glp_alloc(1, size)
> +#endif
>  /* allocate memory block (obsolete) */
>
> +#if defined(GLP_NO_MEMORY_POOL)
> +#define xcalloc(n, size) calloc(n, size)
> +#else
>  #define xcalloc(n, size) glp_alloc(n, size)
> +#endif
>  /* allocate memory block (obsolete) */
>
> +#if defined(GLP_NO_MEMORY_POOL)
> +#define xalloc(n, size) calloc(n, size)
> +#define talloc(n, type) ((type *)calloc(n, sizeof(type)))
> +#else
>  #define xalloc(n, size) glp_alloc(n, size)
>  #define talloc(n, type) ((type *)glp_alloc(n, sizeof(type)))
> +#endif
> +
> +#ifndef GLP_NO_MEMORY_POOL
>  void *glp_alloc(int n, int size);
>  /* allocate memory block */
> +#endif
>
> +#if defined(GLP_NO_MEMORY_POOL)
> +#define xrealloc(ptr, n, size) realloc(ptr, n*size)
> +#define trealloc(ptr, n, type) ((type *)realloc(ptr, n*sizeof(type)))
> +#else
>  #define xrealloc(ptr, n, size) glp_realloc(ptr, n, size)
>  #define trealloc(ptr, n, type) ((type *)glp_realloc(ptr, n, \
>        sizeof(type)))
> +#endif
> +
> +#ifndef GLP_NO_MEMORY_POOL
>  void *glp_realloc(void *ptr, int n, int size);
>  /* reallocate memory block */
> +#endif
>
> +#if defined(GLP_NO_MEMORY_POOL)
> +#define xfree(ptr) free(ptr)
> +#define tfree(ptr) free(ptr)
> +#else
>  #define xfree(ptr) glp_free(ptr)
>  #define tfree(ptr) glp_free(ptr)
> +#endif
>
> ======
>
> Compiling GKPL with:
>
> ======
>
> CFLAGS="-g -DGLP_NO_MEMORY_POOL" ./configure
>
> make
>
> ======
>
> And running glspol under valgrind:
>
> ======
>
> valgrind ./glpsol -m dist.mod > dist.mod-valgrind.txt 2>&1
>
> ======
>
> We get several messages of invalid use of memory like:
>
> ======
>
> ==10533== Memcheck, a memory error detector
> ==10533== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
> ==10533== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright
> info
> ==10533== Command: ./glpsol -m dist.mod
> ==10533==
> GLPSOL: GLPK LP/MIP Solver, v4.65
> Parameter(s) specified in the command line:
>  -m dist.mod
> Reading model section from dist.mod...
> dist.mod:23: warning: keyword logical understood as binary
> Reading data section from dist.mod...
> 565 lines were read
> Generating cost...
> Generating rtlim...
> Generating otlim...
> Generating rlim...
> Generating olim...
> Generating noRprd...
> Generating noOprd...
> Generating bal...
> Generating trdef...
> Model has been successfully generated
> GLPK Simplex Optimizer, v4.65
> 299 rows, 1179 columns, 4682 non-zeros
> Preprocessing...
> 168 rows, 1074 columns, 2564 non-zeros
> Scaling...
>  A: min|aij| =  7.855e-03  max|aij| =  1.600e+00  ratio = 2.037e+02
> GM: min|aij| =  9.466e-01  max|aij| =  1.056e+00  ratio = 1.116e+00
> EQ: min|aij| =  8.960e-01  max|aij| =  1.000e+00  ratio = 1.116e+00
> Constructing initial basis...
> Size of triangular part is 168
>       0: obj =   2.641276014e+06 inf =   1.663e+03 (9)
> ==10533== Invalid write of size 2
> ==10533==    at 0x4C36B73: memmove (vg_replace_strmem.c:1271)
> ==10533==    by 0x197427: _glp_sva_resize_area (sva.c:166)
> ==10533==    by 0x197986: _glp_sva_more_space (sva.c:301)
> ==10533==    by 0x1F1562: _glp_fhv_ft_update (fhv.c:271)
> ==10533==    by 0x18D234: _glp_fhvint_update (fhvint.c:93)
> ==10533==    by 0x12FB71: _glp_bfd_update (bfd.c:445)
> ==10533==    by 0x1DB9EB: _glp_spx_update_invb (spxlp.c:814)
> ==10533==    by 0x17C2BA: primal_simplex (spxprim.c:1565)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==  Address 0x589dd40 is 13,440 bytes inside a block of size
> 13,441 alloc'd
> ==10533==    at 0x4C321F9: realloc (vg_replace_malloc.c:836)
> ==10533==    by 0x197391: _glp_sva_resize_area (sva.c:161)
> ==10533==    by 0x197986: _glp_sva_more_space (sva.c:301)
> ==10533==    by 0x1F1562: _glp_fhv_ft_update (fhv.c:271)
> ==10533==    by 0x18D234: _glp_fhvint_update (fhvint.c:93)
> ==10533==    by 0x12FB71: _glp_bfd_update (bfd.c:445)
> ==10533==    by 0x1DB9EB: _glp_spx_update_invb (spxlp.c:814)
> ==10533==    by 0x17C2BA: primal_simplex (spxprim.c:1565)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==
> ==10533== Invalid write of size 8
> ==10533==    at 0x4C36B19: memmove (vg_replace_strmem.c:1271)
> ==10533==    by 0x19746C: _glp_sva_resize_area (sva.c:168)
> ==10533==    by 0x197986: _glp_sva_more_space (sva.c:301)
> ==10533==    by 0x1F1562: _glp_fhv_ft_update (fhv.c:271)
> ==10533==    by 0x18D234: _glp_fhvint_update (fhvint.c:93)
> ==10533==    by 0x12FB71: _glp_bfd_update (bfd.c:445)
> ==10533==    by 0x1DB9EB: _glp_spx_update_invb (spxlp.c:814)
> ==10533==    by 0x17C2BA: primal_simplex (spxprim.c:1565)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==  Address 0x58a4690 is 26,880 bytes inside a block of size
> 26,881 alloc'd
> ==10533==    at 0x4C321F9: realloc (vg_replace_malloc.c:836)
> ==10533==    by 0x1973BD: _glp_sva_resize_area (sva.c:162)
> ==10533==    by 0x197986: _glp_sva_more_space (sva.c:301)
> ==10533==    by 0x1F1562: _glp_fhv_ft_update (fhv.c:271)
> ==10533==    by 0x18D234: _glp_fhvint_update (fhvint.c:93)
> ==10533==    by 0x12FB71: _glp_bfd_update (bfd.c:445)
> ==10533==    by 0x1DB9EB: _glp_spx_update_invb (spxlp.c:814)
> ==10533==    by 0x17C2BA: primal_simplex (spxprim.c:1565)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==
> ==10533== Use of uninitialised value of size 8
> ==10533==    at 0x1F288D: _glp_fhv_h_solve (fhv.c:548)
> ==10533==    by 0x18D334: _glp_fhvint_ftran (fhvint.c:116)
> ==10533==    by 0x12F8CC: _glp_bfd_ftran (bfd.c:335)
> ==10533==    by 0x1DA057: _glp_spx_eval_tcol (spxlp.c:285)
> ==10533==    by 0x179385: choose_pivot (spxprim.c:632)
> ==10533==    by 0x17B970: primal_simplex (spxprim.c:1384)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x18F66B: _glp_luf_v_solve (luf.c:564)
> ==10533==    by 0x18D34B: _glp_fhvint_ftran (fhvint.c:117)
> ==10533==    by 0x12F8CC: _glp_bfd_ftran (bfd.c:335)
> ==10533==    by 0x1DA057: _glp_spx_eval_tcol (spxlp.c:285)
> ==10533==    by 0x179385: choose_pivot (spxprim.c:632)
> ==10533==    by 0x17B970: primal_simplex (spxprim.c:1384)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x18F676: _glp_luf_v_solve (luf.c:564)
> ==10533==    by 0x18D34B: _glp_fhvint_ftran (fhvint.c:117)
> ==10533==    by 0x12F8CC: _glp_bfd_ftran (bfd.c:335)
> ==10533==    by 0x1DA057: _glp_spx_eval_tcol (spxlp.c:285)
> ==10533==    by 0x179385: choose_pivot (spxprim.c:632)
> ==10533==    by 0x17B970: primal_simplex (spxprim.c:1384)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x1D80DD: _glp_spx_chuzr_harris (spxchuzr.c:238)
> ==10533==    by 0x179AD6: choose_pivot (spxprim.c:755)
> ==10533==    by 0x17B970: primal_simplex (spxprim.c:1384)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
>
> ...
>
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x1D6C31: _glp_spx_chuzc_sel (spxchuzc.c:85)
> ==10533==    by 0x17AC11: display (spxprim.c:1077)
> ==10533==    by 0x17B812: primal_simplex (spxprim.c:1341)
> ==10533==    by 0x17CE50: _glp_spx_primal (spxprim.c:1766)
> ==10533==    by 0x130555: solve_lp (glpapi06.c:248)
> ==10533==    by 0x130A1D: preprocess_and_solve_lp (glpapi06.c:334)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> *   275: obj =   2.359623959e+06 inf =   0.000e+00 (0)
> OPTIMAL LP SOLUTION FOUND
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x1D12F3: rcv_forcing_row (npp3.c:2218)
> ==10533==    by 0x17145B: _glp_npp_postprocess (npp1.c:696)
> ==10533==    by 0x130B0F: preprocess_and_solve_lp (glpapi06.c:353)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> ==10533== Conditional jump or move depends on uninitialised value(s)
> ==10533==    at 0x1D12FF: rcv_forcing_row (npp3.c:2218)
> ==10533==    by 0x17145B: _glp_npp_postprocess (npp1.c:696)
> ==10533==    by 0x130B0F: preprocess_and_solve_lp (glpapi06.c:353)
> ==10533==    by 0x13144F: glp_simplex (glpapi06.c:480)
> ==10533==    by 0x10E72E: main (glpsol.c:1380)
> ==10533==
> Time used:   0.5 secs
> Memory used: 0.0 Mb (0 bytes)
> ==10533==
> ==10533== HEAP SUMMARY:
> ==10533==     in use at exit: 0 bytes in 0 blocks
> ==10533==   total heap usage: 484 allocs, 484 frees, 3,054,338 bytes
> allocated
> ==10533==
> ==10533== All heap blocks were freed -- no leaks are possible
> ==10533==
> ==10533== Use --track-origins=yes to see where uninitialised values come
> from
> ==10533== For lists of detected and suppressed errors, rerun with: -s
> ==10533== ERROR SUMMARY: 358826 errors from 194 contexts (suppressed: 0
> from 0)
>
> ======
>
> Cheers !
>
>

Thanks for the bug report.

Could you, please, analyze which variables are uninitialized.

Best regards

Heinrich



reply via email to

[Prev in Thread] Current Thread [Next in Thread]