Memory corruption issue in 1.17.3 #142
Comments
|
Clp/src/ClpHelperFunctions.hpp Line 214 in 582b642
This doesn't appear to be the issue. Lines 2710 to 2713 in 4688136 |
odow
changed the title
|
Confirmed present in 1.17.3. |
|
Looks like it shouldn't be too difficult to create as small example that replicates this in stand-alone Cbc. That would help a lot. |
|
Unless someone beats me to it, my plan for this weekend is to run a git bisect and find the issue. This is blocking us upgrading a lot of the COIN solvers for JuMP. |
|
That would be great, but since you're just directly calling library functions from Julia, wouldn't a simple program doing the identical calls from C++ exhibit the behavior? Then we'd be able to just debug it. |
That too. Either way, it's my weekend project. |
|
Bisected to 832b459, but turns out it is already fixed on @ViralBShah, can we carry this patch for 1.17.5? --- a/Clp/src/ClpModel.cpp
+++ b/Clp/src/ClpModel.cpp
@@ -3786,6 +3786,12 @@ int ClpModel::emptyProblem(int * infeasNumber, double * infeasSum, bool printMes
if (objValue) {
numberDualInfeasibilities++;;
sumDualInfeasibilities += fabs(objValue);
+ badColumn = i;
+ if (objValue > 0.0) {
+ badValue = -1.0;
+ } else {
+ badValue = 1.0;
+ }
returnCode |= 2;
}
status_[i] = 0;ExplanationReproducer #include "Clp_C_Interface.h"
#include <stdio.h>
int main(int argc, const char * argv[]) {
double lb = {-2e20};
double c = {1.0};
Clp_Simplex * model = Clp_newModel();
Clp_addColumns(model, 1, &lb, NULL, &c, NULL, NULL, NULL);
Clp_initialSolve(model);
Clp_deleteModel(model);
return 0;
}
Line 3738 in 832b459 And we have Line 3746 in 832b459 we end up in this elseLines 3784 to 3792 in 832b459 which doesn't change badColumn. So we create the ray, but badColumn is still -1 and we end up poking things out-of-bounds:Lines 3816 to 3822 in 832b459 |
|
Yes I can carry this patch. We can build binaries from any commit :-) But if a 1.17.6 can be tagged in the next few days, that will be preferable. |
|
We should be able to make a new release with this patched. @svigerske what do you think? |
|
yeah, I can do that |
|
Thanks Stefan! Is there a document that outlines the branching structure? I'm a little confused as to the difference between |
|
Development happens on trunk (aka master) and bugfixes are typically going into master and are cherry-picked to a "stable/" branch. Releases are made from this branch. Some documentation (not updates for a long while, though) is at https://github.com/coin-or-tools/BuildTools/wiki/pm-svn-releases This scheme will probably change when development moves from svn to git. A release like this one happens when someone feels like doing so, e.g., because it has been a while and fixes have been accumulated, or someone explicitly asks for it. |
Dear all,
We're struggling to track down a memory corruption issue somewhere inside the Julia wrapper of Clp (jump-dev/Clp.jl#77).
Here is a reliable way to reproduce on Ubuntu. The
ccalls call the corresponding method in the C interface. If you can tell from the stacktrace, it appears to be somewhere insidegutsOfDelete. I'm guessing it'scolumnLower_.The reason being, I can only reproduce this when
1.0or-1.0-1e20My guess is that somewhere in Clp, a routine is touching some memory it shouldn't.
Any ideas for how to proceed?
Oscar
Here's the platform:
The text was updated successfully, but these errors were encountered: