Heap-Buffer-Overflow in gmshtest-onedgrid
When compiling the tests with clang's -fsanitize=address -fsanitize=undefined, apart from several warnings about undefined behavior introduced by dune-uggrid, the following error shows up:
13: Test command: build/clang-sanitizer/dune-grid/dune/grid/io/file/test/gmshtest-onedgrid
13: Test timeout computed to be: 300
13: Using OneDGrid
13: Reading mesh file dune-grid/doc/grids/gmsh/oned-testgrid.msh
13: Reading 1d Gmsh grid...
13: version 2.1 Gmsh file detected
13: file contains 10 nodes
13: file contains 11 elements
13: number of real vertices = 10
13: number of boundary elements = 2
13: number of elements = 9
13: 2, 0, 0
13: 2, 1, 2
13: =================================================================
13: ==1464084==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200003b5b8 at pc 0x00000051cb03 bp 0x7ffd492a2b30 sp 0x7ffd492a2b28
13: READ of size 4 at 0x60200003b5b8 thread T0
13: #0 0x51cb02 in void testReadingAndWritingGrid<Dune::OneDGrid>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int, bool) dune-grid/dune/grid/io/file/test/gmshtest.cc:85:56
13: #1 0x5136be in main dune-grid/dune/grid/io/file/test/gmshtest.cc:298:3
13: #2 0x7feaf63f80b2 in __libc_start_main /build/glibc-YYA7BZ/glibc-2.31/csu/../csu/libc-start.c:308:16
13: #3 0x4689dd in _start (build/clang-sanitizer/dune-grid/dune/grid/io/file/test/gmshtest-onedgrid+0x4689dd)
13:
13: 0x60200003b5b8 is located 0 bytes to the right of 8-byte region [0x60200003b5b0,0x60200003b5b8)
13: allocated by thread T0 here:
13: #0 0x51088d in operator new(unsigned long) (build/clang-sanitizer/dune-grid/dune/grid/io/file/test/gmshtest-onedgrid+0x51088d)
13: #1 0x548b29 in __gnu_cxx::new_allocator<int>::allocate(unsigned long, void const*) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/ext/new_allocator.h:114:27
13: #2 0x548a8d in std::allocator_traits<std::allocator<int> >::allocate(std::allocator<int>&, unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/alloc_traits.h:444:20
13: #3 0x548a13 in std::_Vector_base<int, std::allocator<int> >::_M_allocate(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/stl_vector.h:343:20
13: #4 0x55afd3 in std::vector<int, std::allocator<int> >::_M_default_append(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/vector.tcc:635:34
13: #5 0x557d71 in std::vector<int, std::allocator<int> >::resize(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/stl_vector.h:937:4
13: #6 0x53c7a7 in Dune::GmshReaderParser<Dune::OneDGrid>::read(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) dune-grid/dune/grid/io/file/gmshreader.hh:472:38
13: #7 0x532a89 in Dune::GmshReader<Dune::OneDGrid>::do_read(Dune::GridFactory<Dune::OneDGrid>&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<int, std::allocator<int> >&, std::vector<int, std::allocator<int> >&, bool, bool) dune-grid/dune/grid/io/file/gmshreader.hh:805:16
13: #8 0x5231b2 in Dune::GmshReader<Dune::OneDGrid>::read(Dune::GridFactory<Dune::OneDGrid>&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, Dune::GmshReader<Dune::OneDGrid>::DataFlagArg, Dune::GmshReader<Dune::OneDGrid>::DataArg, bool) dune-grid/dune/grid/io/file/gmshreader.hh:938:7
13: #9 0x51bc23 in void testReadingAndWritingGrid<Dune::OneDGrid>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int, bool) dune-grid/dune/grid/io/file/test/gmshtest.cc:73:3
13: #10 0x5136be in main dune-grid/dune/grid/io/file/test/gmshtest.cc:298:3
13: #11 0x7feaf63f80b2 in __libc_start_main /build/glibc-YYA7BZ/glibc-2.31/csu/../csu/libc-start.c:308:16
13:
13: SUMMARY: AddressSanitizer: heap-buffer-overflow dune-grid/dune/grid/io/file/test/gmshtest.cc:85:56 in void testReadingAndWritingGrid<Dune::OneDGrid>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int, bool)
13: Shadow bytes around the buggy address:
13: 0x0c047ffff660: fa fa 06 fa fa fa 06 fa fa fa 06 fa fa fa 06 fa
13: 0x0c047ffff670: fa fa 06 fa fa fa 00 fa fa fa fd fd fa fa fd fa
13: 0x0c047ffff680: fa fa 04 fa fa fa 04 fa fa fa 04 fa fa fa 00 fa
13: 0x0c047ffff690: fa fa 05 fa fa fa 03 fa fa fa fd fa fa fa 00 fa
13: 0x0c047ffff6a0: fa fa 07 fa fa fa 04 fa fa fa 00 fa fa fa 00 00
13: =>0x0c047ffff6b0: fa fa 00 07 fa fa 00[fa]fa fa fd fa fa fa fd fa
13: 0x0c047ffff6c0: fa fa fd fa fa fa 00 fa fa fa fd fa fa fa fd fa
13: 0x0c047ffff6d0: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fa
13: 0x0c047ffff6e0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
13: 0x0c047ffff6f0: fa fa fd fa fa fa 00 fa fa fa 00 fa fa fa 00 fa
13: 0x0c047ffff700: fa fa 00 fa fa fa 00 fa fa fa 00 fa fa fa fa fa
13: Shadow byte legend (one shadow byte represents 8 application bytes):
13: Addressable: 00
13: Partially addressable: 01 02 03 04 05 06 07
13: Heap left redzone: fa
13: Freed heap region: fd
13: Stack left redzone: f1
13: Stack mid redzone: f2
13: Stack right redzone: f3
13: Stack after return: f5
13: Stack use after scope: f8
13: Global redzone: f9
13: Global init order: f6
13: Poisoned by user: f7
13: Container overflow: fc
13: Array cookie: ac
13: Intra object redzone: bb
13: ASan internal: fe
13: Left alloca redzone: ca
13: Right alloca redzone: cb
13: Shadow gap: cc
13: ==1464084==ABORTING
1/1 Test #13: gmshtest-onedgrid ................***Failed 0.60 secThe problem occurs in https://gitlab.dune-project.org/core/dune-grid/-/blob/master/dune/grid/io/file/test/gmshtest.cc#L84, where gridFactory.insertionIndex(intersection) becomes 2 although boundaryIDs.size() == 2.