Takahiro, Nice catch. A nicer fix will be to check the type of the header, and copy the header accordingly. Attached is a patch following this idea.
Thanks,
george.
hdr_copy.patch
Description: Binary data
On Oct 18, 2012, at 03:06 , "Kawashima, Takahiro" <t-kawash...@jp.fujitsu.com> wrote: > Hi Open MPI developers, > > I found another issue in Open MPI. > > In MCA_PML_OB1_RECV_FRAG_INIT macro in ompi/mca/pml/ob1/pml_ob1_recvfrag.h > file, we copy a PML header from an arrived message to another buffer, > as follows: > > frag->hdr = *(mca_pml_ob1_hdr_t*)hdr; > > On this copy, we cast hdr to mca_pml_ob1_hdr_t, which is a union > of all actual header structs such as mca_pml_ob1_match_hdr_t. > This means we copy the buffer of the size of the largest header > even if the arrived message is smaller than it. This can cause > SEGV if the arrived message is small and it is laid on the bottom > of the page. Actually, my tofu BTL, the BTL component of Fujitsu > MPI for K computer, suffered from this. > > The attached patch will be one of possible fixes for this issue. > This fix assume that the arrived header has at least segs[0].seg_len > bytes. This is always true for current Open MPI code because hdr > equals to segs[0].seg_addr.pval. There may exist a smarter fix. > > Regards, > > Takahiro Kawashima, > MPI development team, > Fujitsu > <recvfrag-segv-fix.patch><License.txt>_______________________________________________ > devel mailing list > de...@open-mpi.org > http://www.open-mpi.org/mailman/listinfo.cgi/devel
