MantisBT
Mantis Bug Tracker Workflow

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0030552Community[OCCT] OCCT:Foundation Classespublic2019-03-09 18:142019-10-02 15:32
Reportergalbramc 
Assigned Toabv 
PrioritynormalSeveritymajor 
StatusfeedbackResolutionopen 
PlatformMacOSOSOS VersionX
Product Version[OCCT] 6.7.0 
Target Version[OCCT] 7.5.0*Fixed in Version 
Summary0030552: Foundation Classes - Stack overflow due to math_SingleTab static array size
DescriptionI got the following stack overflow error when running OCCT on OSX copmiled with the -fsanitize=address clang compiler flag:

==76206==ERROR: AddressSanitizer: stack-overflow on address 0x70000fa94f00 (pc 0x0001106876dc bp 0x70000fa9c190 sp 0x70000fa94f00 T41)
    #0 0x1106876db in GeomInt_ParLeastSquareOfMyGradientOfTheComputeLineBezierOfWLApprox::MakeTAA(math_Vector&, math_Vector&) AppParCurves_LeastSquare.gxx:1377
    0000001 0x11067bf87 in GeomInt_ParLeastSquareOfMyGradientOfTheComputeLineBezierOfWLApprox::Perform(math_Vector const&) AppParCurves_LeastSquare.gxx:644
    0000002 0x11063c631 in GeomInt_ParFunctionOfMyGradientOfTheComputeLineBezierOfWLApprox::Perform(math_Vector const&) AppParCurves_Function.gxx:268
    #3 0x11064e782 in GeomInt_ParFunctionOfMyGradientOfTheComputeLineBezierOfWLApprox::Values(math_Vector const&, double&, math_Vector&) AppParCurves_Function.gxx:589
    #4 0x1112c8660 in math_BFGS::Perform(math_MultipleVarFunctionWithGradient&, math_Vector const&) math_BFGS.cxx:338
    #5 0x1105c6285 in GeomInt_Gradient_BFGSOfMyGradientOfTheComputeLineBezierOfWLApprox::GeomInt_Gradient_BFGSOfMyGradientOfTheComputeLineBezierOfWLApprox(math_MultipleVarFunctionWithGradient&, math_Vector const&, double, double, double, int) AppParCurves_Gradient_BFGS.gxx:31
    #6 0x11061b256 in GeomInt_MyGradientOfTheComputeLineBezierOfWLApprox::GeomInt_MyGradientOfTheComputeLineBezierOfWLApprox(GeomInt_TheMultiLineOfWLApprox const&, int, int, opencascade::handle<AppParCurves_HArray1OfConstraintCouple> const&, math_Vector&, int, double, double, int) AppParCurves_Gradient.gxx:186
    0000007 0x1106c0b28 in GeomInt_TheComputeLineBezierOfWLApprox::Compute(GeomInt_TheMultiLineOfWLApprox const&, int, int, math_Vector&, double&, double&, int&) Approx_ComputeLine.gxx:1281
    0000008 0x1106b9891 in GeomInt_TheComputeLineBezierOfWLApprox::Perform(GeomInt_TheMultiLineOfWLApprox const&) Approx_ComputeLine.gxx:1114
    0000009 0x110709a56 in GeomInt_WLApprox::buildCurve(opencascade::handle<IntPatch_WLine> const&, void*) ApproxInt_Approx.gxx:646
    #10 0x11070bdf8 in GeomInt_WLApprox::Perform(IntSurf_Quadric const&, opencascade::handle<Adaptor3d_HSurface> const&, opencascade::handle<IntPatch_WLine> const&, bool, bool, bool, int, int, bool) ApproxInt_Approx.gxx:386
    0000011 0x11070b170 in GeomInt_WLApprox::Perform(opencascade::handle<Adaptor3d_HSurface> const&, opencascade::handle<Adaptor3d_HSurface> const&, opencascade::handle<IntPatch_WLine> const&, bool, bool, bool, int, int) ApproxInt_Approx.gxx:297
    #12 0x110061735 in IntTools_FaceFace::MakeCurve(int, opencascade::handle<Adaptor3d_TopolTool> const&, opencascade::handle<Adaptor3d_TopolTool> const&, double) IntTools_FaceFace.cxx:1257
    0000013 0x11005747b in IntTools_FaceFace::Perform(TopoDS_Face const&, TopoDS_Face const&) IntTools_FaceFace.cxx:564
    0000014 0x11027afd1 in BOPAlgo_FaceFace::Perform() BOPAlgo_PaveFiller_6.cxx:151
    0000015 0x10f879a0e in (anonymous namespace)::OSD_Parallel_Threads::Task::Run(void*) OSD_Parallel_Threads.cxx:106
    0000016 0x7fff5527f660 in _pthread_body (libsystem_pthread.dylib:x86_64+0x3660)
    0000017 0x7fff5527f50c in _pthread_start (libsystem_pthread.dylib:x86_64+0x350c)
    0000018 0x7fff5527ebf8 in thread_start (libsystem_pthread.dylib:x86_64+0x2bf8)

SUMMARY: AddressSanitizer: stack-overflow AppParCurves_LeastSquare.gxx:1377 in GeomInt_ParLeastSquareOfMyGradientOfTheComputeLineBezierOfWLApprox::MakeTAA(math_Vector&, math_Vector&)
Thread T41 created by T0 here:
    #0 0x10de9de1d in wrap_pthread_create (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4ee1d)
    0000001 0x10f886308 in OSD_Thread::Run(void*, int) OSD_Thread.cxx:159
    0000002 0x10f879062 in OSD_Parallel::forEach(OSD_Parallel::UniversalIterator&, OSD_Parallel::UniversalIterator&, OSD_Parallel::FunctorInterface const&) OSD_Parallel_Threads.cxx:144
    #3 0x11027be82 in void OSD_Parallel::For<BOPTools_Functor<BOPAlgo_FaceFace, NCollection_Vector<BOPAlgo_FaceFace> > >(int, int, BOPTools_Functor<BOPAlgo_FaceFace, NCollection_Vector<BOPAlgo_FaceFace> > const&, bool) OSD_Parallel.hxx:324
    #4 0x11023aab6 in BOPAlgo_PaveFiller::PerformFF() BOPTools_Parallel.hxx:70
    #5 0x1101f4041 in BOPAlgo_PaveFiller::PerformInternal() BOPAlgo_PaveFiller.cxx:294
    #6 0x1101f369a in BOPAlgo_PaveFiller::Perform() BOPAlgo_PaveFiller.cxx:235
    0000007 0x1100c1ed5 in BRepAlgoAPI_BooleanOperation::Build() BRepAlgoAPI_BooleanOperation.cxx:318
    0000008 0x1100d55cc in BRepAlgoAPI_Fuse::BRepAlgoAPI_Fuse(TopoDS_Shape const&, TopoDS_Shape const&) BRepAlgoAPI_Fuse.cxx:61
    0000009 0x10d9556ad in EG_solidBoolean egadsHLevel.cpp:1505
    #10 0x10d78d733 in solidBoolean OpenCSM.c:35948
    0000011 0x10d5fe96a in buildBoolean OpenCSM.c:18358
    #12 0x10d50ec78 in ocsmBuild OpenCSM.c:6048
    0000013 0x10d3d3015 in buildBodys serveCSM.c:1833
    0000014 0x10d3c9f34 in main serveCSM.c:740
    0000015 0x7fff54f67014 in start (libdyld.dylib:x86_64+0x1014)

I was able to track this back to the static size of

static const Standard_Integer aLengthOfBuf = 512;

in src/math/math_SingleTab.hxx. Reducing the size of this buffer resolves the issue.
Steps To ReproduceCompile OCCT on OSX with -fsanitize=address and run the test suite. I can provide a more specific example if needed.
TagsNo tags attached.
Test case number
Attached Filestgz file icon stack_overflow.tgz (6,000 bytes) 2019-09-24 05:04

- Relationships
related to 0030558verifiedapn Open CASCADE Coding - replace math_SingleTab with NCollection_LocalArray 
child of 0030557newkgv Open CASCADE Coding - eliminate errors reported by -fsanitize 
child of 0024044closedbugmaster Community Performance improvements: Foundation Classes (math) 

-  Notes
(0082866)
git (administrator)
2019-03-12 10:57

Branch CR30552 has been created by kgv.

SHA-1: 0652ae3717b0088549a80827ece9747533e4dde2


Detailed log of new commits:

Author: kgv
Date: Tue Mar 12 10:51:40 2019 +0300

    0030552: Foundation Classes - Stack overflow due to math_SingleTab static array size
    
    math_Vector, math_IntegerVector - static size of NCollection_LocalArray has been reduced from 512 to 32.

Author: kgv
Date: Tue Mar 12 06:05:21 2019 +0300

    0030558: Coding - replace math_SingleTab with NCollection_LocalArray
    
    math_Vector::Multiplied() - fixed modification of original array.
    
    math_SVD::Solve(), math_SVD::PseudoInverse(), GeomFill_LocationGuide::InitX() - removed incorrect constness.
    
    math_Vector, math_IntegerVector - math_SingleTab has been replaced by NCollection_LocalArray+NCollection_Array1.
    Added accessors returning const value.
(0082867)
git (administrator)
2019-03-12 11:19

Branch CR30552_1 has been created by kgv.

SHA-1: 70453cd8c82e7458b1591e34dfd621358dd9767b


Detailed log of new commits:

Author: kgv
Date: Tue Mar 12 11:14:15 2019 +0300

    math_Vector, math_IntegerVector - added move constructors.
(0082869)
git (administrator)
2019-03-12 13:18

Branch CR30552_1 has been updated forcibly by kgv.

SHA-1: c54d2e676e8c457afdf80ae2a24825597050d9ed
(0082870)
git (administrator)
2019-03-12 13:50

Branch CR30552_1 has been updated forcibly by kgv.

SHA-1: 30e4f081678d5ec84ff986dd4cf8cb134318cf7e
(0082871)
git (administrator)
2019-03-12 13:55

Branch CR30552_1 has been updated forcibly by kgv.

SHA-1: fca968d2fa64aff5650c2cadf8ebb11c74089567
(0087439)
abv (manager)
2019-09-23 09:26

@galbramc: I could not reproduce this on current master (OCCT tests with -address=sanitize are still running on my computer - since Thursday, however all tests involving Boolean operations should have passed already), can you please check on your side? If it is still reproduced, please provide a test case.
(0087449)
galbramc (reporter)
2019-09-23 14:37

I don't have access to the current OCCT master branch to test it out.

I only observed this on OSX, I did not see this problem with Ubuntu. I'll run through our test suite with OCCT 7.3 and put together a test case,
(0087458)
galbramc (reporter)
2019-09-24 05:08

I discovered that I had turn on parallel execution to get the stack overflow error to occur. Again, it only happens on OSX. I don't see this error on Linux. Here is the error I get from the attached example.

AddressSanitizer:DEADLYSIGNAL
AddressSanitizer:DEADLYSIGNAL
=================================================================
==40329==ERROR: AddressSanitizer: stack-overflow on address 0x700009a2b0d0 (pc 0x00010d4f80fc bp 0x700009a26c70 sp 0x700009a26bc0 T87)
    #0 0x10d4f80fb in math_SingleTab<double>::math_SingleTab(int, int) math_SingleTab.hxx

SUMMARY: AddressSanitizer: stack-overflow math_SingleTab.hxx in math_SingleTab<double>::math_SingleTab(int, int)
Thread T87 created by T0 here:
    #0 0x11405b7cd in wrap_pthread_create (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x587cd)
    0000001 0x10b5d060f in OSD_Thread::Run(void*, int) OSD_Thread.cxx:159
    0000002 0x10b5bbdf1 in OSD_Parallel::forEach(OSD_Parallel::UniversalIterator&, OSD_Parallel::UniversalIterator&, OSD_Parallel::FunctorInterface const&) OSD_Parallel_Threads.cxx:144
    #3 0x10bffe8d5 in void OSD_Parallel::For<BOPTools_Functor<BOPAlgo_FaceFace, NCollection_Vector<BOPAlgo_FaceFace> > >(int, int, BOPTools_Functor<BOPAlgo_FaceFace, NCollection_Vector<BOPAlgo_FaceFace> > const&, bool) OSD_Parallel.hxx:324
    #4 0x10bfd301a in BOPTools_Cnt<BOPTools_Functor<BOPAlgo_FaceFace, NCollection_Vector<BOPAlgo_FaceFace> >, NCollection_Vector<BOPAlgo_FaceFace> >::Perform(bool, NCollection_Vector<BOPAlgo_FaceFace>&) BOPTools_Parallel.hxx:70
    #5 0x10bfcfc79 in BOPAlgo_PaveFiller::PerformFF() BOPAlgo_PaveFiller_6.cxx:290
    #6 0x10bf8d37a in BOPAlgo_PaveFiller::PerformInternal() BOPAlgo_PaveFiller.cxx:294
    0000007 0x10bf8cbde in BOPAlgo_PaveFiller::Perform() BOPAlgo_PaveFiller.cxx:235
    0000008 0x10be941dd in BRepAlgoAPI_BooleanOperation::Build() BRepAlgoAPI_BooleanOperation.cxx:318
    0000009 0x10bea65bb in BRepAlgoAPI_Cut::BRepAlgoAPI_Cut(TopoDS_Shape const&, TopoDS_Shape const&) BRepAlgoAPI_Cut.cxx:61
    #10 0x10bea6614 in BRepAlgoAPI_Cut::BRepAlgoAPI_Cut(TopoDS_Shape const&, TopoDS_Shape const&) BRepAlgoAPI_Cut.cxx:58
    0000011 0x10aacef96 in main stack_overflow.cpp:19
    #12 0x7fff68a3c3d4 in start (libdyld.dylib:x86_64+0x163d4)

==40329==ABORTING
(0087469)
abv (manager)
2019-09-24 12:48

Can you please give the value of the default stack size on your computer (should be returned by "ulimit -s"), or custom stack size if you set it during build? I learned that Ubuntu has default stack size 8192, which should be pretty sufficient. If we know the stack size when you observe error, we will try reproducing the problem on Ubuntu.
(0087473)
galbramc (reporter)
2019-09-24 13:41

"ulimit -s" on OSX also gives 8192...
(0087497)
abv (manager)
2019-09-24 22:04

I propose this issue shall be re-checked on OCCT 7.4.0 after it is released
(0087498)
galbramc (reporter)
2019-09-25 03:25

I'll check it out as soon as I can after OCCT 7.4.0 is released.
(0087679)
galbramc (reporter)
2019-10-02 06:12

I've tested this with 7.4 and get the same error:

AddressSanitizerAddressSanitizer:DEADLYSIGNAL
:DEADLYSIGNAL
=================================================================
==9347==ERROR: AddressSanitizer: stack-overflow on address 0x70000dbf85c0 (pc 0x0001072c7366 bp 0x70000dbf7590 sp 0x70000dbf7550 T2)
    #0 0x1072c7365 in math_Vector::math_Vector(int, int, double) (libTKMath.7.dylib:x86_64+0xbc365)

SUMMARY: AddressSanitizer: stack-overflow (libTKMath.7.dylib:x86_64+0xbc365) in math_Vector::math_Vector(int, int, double)
Thread T2 created by T0 here:
    #0 0x10c5c57cd in wrap_pthread_create (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x587cd)
    0000001 0x1059b2648 in OSD_Thread::Run(void*, int) (libTKernel.7.dylib:x86_64+0x55648)
    0000002 0x1059b65b2 in OSD_ThreadPool::Launcher::perform(OSD_ThreadPool::JobInterface&) (libTKernel.7.dylib:x86_64+0x595b2)
    #3 0x10635f87e in void BOPTools_Parallel::Perform<NCollection_Vector<BOPAlgo_ShrunkRange>, IntTools_Context>(bool, NCollection_Vector<BOPAlgo_ShrunkRange>&, opencascade::handle<IntTools_Context>&) (libTKBO.7.dylib:x86_64+0x34487e)
    #4 0x10635ea74 in BOPAlgo_PaveFiller::FillShrunkData(TopAbs_ShapeEnum, TopAbs_ShapeEnum) (libTKBO.7.dylib:x86_64+0x343a74)
    #5 0x1062a1cf1 in BOPAlgo_PaveFiller::PerformEE() (libTKBO.7.dylib:x86_64+0x286cf1)
    #6 0x106285986 in BOPAlgo_PaveFiller::PerformInternal() (libTKBO.7.dylib:x86_64+0x26a986)
    0000007 0x10628511e in BOPAlgo_PaveFiller::Perform() (libTKBO.7.dylib:x86_64+0x26a11e)
    0000008 0x1060f85f2 in BRepAlgoAPI_BuilderAlgo::IntersectShapes(NCollection_List<TopoDS_Shape> const&) (libTKBO.7.dylib:x86_64+0xdd5f2)
    0000009 0x1060f36c4 in BRepAlgoAPI_BooleanOperation::Build() (libTKBO.7.dylib:x86_64+0xd86c4)
    #10 0x106101a05 in BRepAlgoAPI_Cut::BRepAlgoAPI_Cut(TopoDS_Shape const&, TopoDS_Shape const&) (libTKBO.7.dylib:x86_64+0xe6a05)
    0000011 0x104ed3022 in main stack_overflow.cpp:19
    #12 0x7fff68a3c3d4 in start (libdyld.dylib:x86_64+0x163d4)

==9347==ABORTING
Abort trap: 6
(0087692)
galbramc (reporter)
2019-10-02 15:32

I can also fix this again by reducing the size of the static array in math_Vector.hxx:

Index: math_Vector.hxx
===================================================================
--- math_Vector.hxx (revision 1)
+++ math_Vector.hxx (working copy)
@@ -338,7 +338,7 @@
 
 private:
 
- NCollection_LocalArray<Standard_Real, 512> myLocArray;
+ NCollection_LocalArray<Standard_Real, 64> myLocArray;
   NCollection_Array1<Standard_Real> Array;
 
 };

- Issue History
Date Modified Username Field Change
2019-03-09 18:14 galbramc New Issue
2019-03-09 18:14 galbramc Assigned To => abv
2019-03-12 04:40 galbramc Assigned To abv => kgv
2019-03-12 05:00 kgv Relationship added child of 0030557
2019-03-12 06:06 kgv Summary Stack overflow due to math_SingleTab static array size => Foundation Classes - Stack overflow due to math_SingleTab static array size
2019-03-12 06:50 kgv Relationship added related to 0030558
2019-03-12 06:55 kgv Product Version 7.3.0 => 6.7.1
2019-03-12 06:55 kgv Relationship added child of 0024044
2019-03-12 06:57 kgv Product Version 6.7.1 => 6.7.0
2019-03-12 10:57 git Note Added: 0082866
2019-03-12 11:19 git Note Added: 0082867
2019-03-12 13:18 git Note Added: 0082869
2019-03-12 13:50 git Note Added: 0082870
2019-03-12 13:55 git Note Added: 0082871
2019-09-20 21:44 abv Target Version => 7.4.0
2019-09-23 09:26 abv Note Added: 0087439
2019-09-23 09:26 abv Assigned To kgv => galbramc
2019-09-23 09:26 abv Status new => feedback
2019-09-23 14:37 galbramc Note Added: 0087449
2019-09-24 05:04 galbramc File Added: stack_overflow.tgz
2019-09-24 05:08 galbramc Note Added: 0087458
2019-09-24 12:48 abv Note Added: 0087469
2019-09-24 13:41 galbramc Note Added: 0087473
2019-09-24 22:04 abv Note Added: 0087497
2019-09-24 22:04 abv Target Version 7.4.0 => 7.5.0*
2019-09-25 03:25 galbramc Note Added: 0087498
2019-10-02 06:12 galbramc Note Added: 0087679
2019-10-02 06:59 abv Assigned To galbramc => abv
2019-10-02 15:32 galbramc Note Added: 0087692


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker