[Clp] Possible bug in setObjCoeff

Aleksandr M. Kazachkov akazachk at cmu.edu
Mon Oct 2 11:16:59 EDT 2017 

I apologize; I am not sure my report is a bug. In the case of changing a
single objective coefficient (at a time), the proper modification to
whatsChanged_ seems to be done in ClpSimplex (I had been looking at
ClpModel). I am still getting a memory error, and I am trying to figure out
how it happens.

In case someone has any suggestions, below is the (abridged) valgrind
output, which says that memory is being written to after it has been
deleted. In particular, the issue appears to be with the call
"alternateWeights_->clear();" at ClpPrimalColumnSteepest.cpp:3041, which
seems to be accessing memory freed via a conditionalDelete() of
"nextCount_" at CoinFactorization1.cpp:1734 (and 1735, for lastCount_). I
am not sure how these arrays are connected.

I would appreciate any advice, and thank you,
Alex

==22103== 7 errors in context 1 of 2:
==22103== Invalid write of size 8
==22103==    at 0xA39E10: CoinIndexedVector::clear()
(CoinIndexedVector.cpp:51)
==22103==    by 0x8B742D: ClpPrimalColumnSteepest::saveWeights(ClpSimplex*,
int) (ClpPrimalColumnSteepest.cpp:3041)
==22103==    by 0x95939D: ClpSimplexPrimal::statusOfProblemInPrimal(int&,
int, ClpSimplexProgress*, bool, int, ClpSimplex*)
(ClpSimplexPrimal.cpp:1636)
==22103==    by 0x953FCE: ClpSimplexPrimal::primal(int, int)
(ClpSimplexPrimal.cpp:361)
==22103==    by 0x8DC44E: ClpSimplex::primal(int, int) (ClpSimplex.cpp:5971)
==22103==    by 0x70A3E6: OsiClpSolverInterface::resolve()
(OsiClpSolverInterface.cpp:1056)
// abridged
==22103==  Address 0x784dbc8 is 744 bytes inside a block of size 2,248
free'd
==22103==    at 0x4A07D8E: operator delete[](void*) (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22103==    by 0xA42F12: CoinArrayWithLength::conditionalDelete()
(CoinIndexedVector.cpp:1841)
==22103==    by 0x9E9CE2: CoinFactorization::cleanup()
(CoinFactorization1.cpp:1734)
==22103==    by 0x9E7E63: CoinFactorization::factor()
(CoinFactorization1.cpp:1184)
==22103==    by 0x8575AD: ClpFactorization::factorize(ClpSimplex*, int,
bool) (ClpFactorization.cpp:2255)
==22103==    by 0x8C8254: ClpSimplex::internalFactorize(int)
(ClpSimplex.cpp:1992)
==22103==    by 0x9554CF: ClpSimplexPrimal::statusOfProblemInPrimal(int&,
int, ClpSimplexProgress*, bool, int, ClpSimplex*) (ClpSimplexPrimal.cpp:855)
==22103==    by 0x953FCE: ClpSimplexPrimal::primal(int, int)
(ClpSimplexPrimal.cpp:361)
==22103==    by 0x8DC44E: ClpSimplex::primal(int, int) (ClpSimplex.cpp:5971)
==22103==    by 0x70A3E6: OsiClpSolverInterface::resolve()
(OsiClpSolverInterface.cpp:1056)

==22103== 8 errors in context 2 of 2:
==22103== Invalid write of size 8
==22103==    at 0xA39DF3: CoinIndexedVector::clear()
(CoinIndexedVector.cpp:50)
==22103==    by 0x8B742D: ClpPrimalColumnSteepest::saveWeights(ClpSimplex*,
int) (ClpPrimalColumnSteepest.cpp:3041)
==22103==    by 0x95939D: ClpSimplexPrimal::statusOfProblemInPrimal(int&,
int, ClpSimplexProgress*, bool, int, ClpSimplex*)
(ClpSimplexPrimal.cpp:1636)
==22103==    by 0x953FCE: ClpSimplexPrimal::primal(int, int)
(ClpSimplexPrimal.cpp:361)
==22103==    by 0x8DC44E: ClpSimplex::primal(int, int) (ClpSimplex.cpp:5971)
==22103==    by 0x70A3E6: OsiClpSolverInterface::resolve()
(OsiClpSolverInterface.cpp:1056)
// abridged
==22103==  Address 0x784e818 is 1,576 bytes inside a block of size 2,248
free'd
==22103==    at 0x4A07D8E: operator delete[](void*) (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22103==    by 0xA42F12: CoinArrayWithLength::conditionalDelete()
(CoinIndexedVector.cpp:1841)
==22103==    by 0x9E9CF7: CoinFactorization::cleanup()
(CoinFactorization1.cpp:1735)
==22103==    by 0x9E7E63: CoinFactorization::factor()
(CoinFactorization1.cpp:1184)
==22103==    by 0x8575AD: ClpFactorization::factorize(ClpSimplex*, int,
bool) (ClpFactorization.cpp:2255)
==22103==    by 0x8C8254: ClpSimplex::internalFactorize(int)
(ClpSimplex.cpp:1992)
==22103==    by 0x9554CF: ClpSimplexPrimal::statusOfProblemInPrimal(int&,
int, ClpSimplexProgress*, bool, int, ClpSimplex*) (ClpSimplexPrimal.cpp:855)
==22103==    by 0x953FCE: ClpSimplexPrimal::primal(int, int)
(ClpSimplexPrimal.cpp:361)
==22103==    by 0x8DC44E: ClpSimplex::primal(int, int) (ClpSimplex.cpp:5971)
==22103==    by 0x70A3E6: OsiClpSolverInterface::resolve()
(OsiClpSolverInterface.cpp:1056)

On Mon, Oct 2, 2017 at 2:11 AM Aleksandr M. Kazachkov <akazachk at cmu.edu>
wrote:

> Hi all, I have a possible bug report, as well as a (related) question.
>
> 1. In OsiClpSolverInterface::setObjCoeff (when setting just one
> coefficient), I think (unless I am misunderstanding something, in which
> case I apologize) that line 6125
>
>   modelPtr_->whatsChanged_ &= 0xffff;
>
> should be
>
>   modelPtr_->whatsChanged_ &= (0xffff&~64);
>
> same as in OsiClpSolverInterface::setObjective, as the 64 bit corresponds
> to "OBJECTIVE_SAME". This was (ultimately) causing a memory corruption
> error for me after I would set the objective (coefficient by coefficient,
> because my objective is sparse), resolve, then delete my solver object.
>
> 2. I am working with an instance in n-dimensional space, but the majority
> of these columns are empty. In my context, I will be solving the instance
> repeatedly with different objective functions. The first solve is an
> "initialSolve" and subsequent solves, unless some issue is encountered, are
> "resolve" calls.
>
> Is it better (faster in the long run, given the multiple resolves) to
> preprocess the instance in advance to have no empty columns, or is that a
> waste of time? My first thought was that it would not make much difference
> since internally the matrix is kept in sparse form and anyway presolve
> would catch this, but I am not sure I am right.
>
> Thank you in advance for your input,
> Aleksandr Kazachkov
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.coin-or.org/pipermail/clp/attachments/20171002/a902e3fb/attachment.html>

More information about the Clp mailing list