View Issue Details

IDProjectCategoryView StatusLast Update
0026605Open CASCADEOCCT:Modeling Algorithmspublic2015-10-23 20:50
ReporterabvAssigned Tobugmaster  
PrioritynormalSeverityminor 
Status closedResolutionfixed 
PlatformWindowsOSVC++ 2010 
Product Version6.9.1 
Target Version6.9.1Fixed in Version6.9.1 
Summary0026605: Possible array out of bounds read in Extrema_GExtPC.gxx
DescriptionThe fix made for #26351 introduced a new code in Extrema_GExtPC.gxx that is not protected against situation when aFirstUsedKnot == aLastUsedKnot (which may happen due to periodic adjustment). This seems to be partially fixed in 0026468, and one more correction is done in #21564 (to avoid incorrect adjustment).

Anyway the code remains not protected against situation if aFirstUsedKnot == aLastUsedKnot: no check is done.

The problem is detected during preparation of OCCT 6.9.1 release, in the branch containing fixes for #26351 and 0026468, but not #21564. It caused hangs on two test cases (listed below) in Release mode, if executed in parallel by testgrid command, and OutOfRange exception in Debug mode.
Steps To Reproduceblend buildevol K6
blend simple U5

TagsNo tags attached.
Test case numberblend buildevol K6, simple U5

Relationships

related to 0026468 closedbugmaster Open CASCADE Out of range exception on current master 

Activities

git

2015-08-26 17:08

administrator   ~0044680

Branch CR26605 has been created by abv.

SHA-1: 14eadc4b5ee6f30b5a42c2da3c030275cdbf6eae


Detailed log of new commits:

Author: abv
Date: Wed Aug 26 17:07:30 2015 +0300

    0026605: Possible array out of bounds read in Extrema_GExtPC.gxx
    
    Extract of correction made in #21564; assert added.

aml

2015-08-26 18:22

developer   ~0044683

aFirstUsedKnot == aLastUsedKnot situation may happen in blend algorithm, where right border of computation space is lower than left border of curve parameter space.

msv

2015-08-26 19:56

developer   ~0044690

I would prefer treating this case instead of raising exception.
Alexander, please take care of this.

abv

2015-08-26 20:27

manager   ~0044691

Mikhail, for the moment I have added assert at that place (generating exception), assuming that this situation should never happen. I encourage everybody to use asserts in the code to ensure that assumptions on which algorithms are based are valid.

For information: my assert has failed on test bugs modalg_5 bug24809. Running that test in debug mode on master, I got out-of-range exception -- just the same as in blend tests where bug has been detected. This proves that the problem is relevant not only for blend algorithms, neither it is specific to my branch.

msv

2015-08-26 20:33

developer   ~0044693

Inserting assert is just a temp workaround, and I would like Alexander to make proper treatment and to return a proper result in this particular case.

git

2015-08-27 08:28

administrator   ~0044695

Branch CR26605 has been updated forcibly by abv.

SHA-1: f35421fb44e1fbbd21b7a39100ced820394ebd6f

abv

2015-08-27 08:30

manager   ~0044696

I have changed assert behavior to do break instead of exception, thus test bugs modalg_5 bug24809 now passes (but still causes debug break in Debug mode, due to assert).

Mikhail, asserts should not be considered as workarounds, but as a way to verify assumptions in your code, and to protect against unintentional errors and unpredicted situations. I believe we shall discuss that.

msv

2015-08-27 12:06

developer   ~0044714

Andrey, I agree with your statement in general. But in this particular case I believe we can do without assert.

git

2015-08-27 20:25

administrator   ~0044768

Branch CR26605_1 has been created by aml.

SHA-1: 1c0de62f5fe0e3da9254f44c9d43377cdec9dbd4


Detailed log of new commits:

Author: aml
Date: Thu Aug 27 20:24:12 2015 +0300

    0026605: Possible array out of bounds read in Extrema_GExtPC.gxx
    
    Degenerated case fixed.

aml

2015-08-27 20:26

developer   ~0044769

Dear msv,

Please check current state of branch CR26605_1.

git

2015-08-27 20:58

administrator   ~0044772

Branch CR26605_1 has been updated forcibly by aml.

SHA-1: c53b83bc28a3a9dda3416b5d40aa7511bf3268d5

aml

2015-08-28 07:54

developer   ~0044774

Last edited: 2015-08-28 07:55

bugs modalg_5 bug24809:

trying to invoke extrema with parameters out of curve param space.

*********** Dump of aC *************
BSplineCurve
  Degree 3, 7 Poles, 5 Knots
Poles :

   1 : 38427.19669, -5249.97975, 0.006730987775
   2 : 38277.51715, -5249.97975, 0.006730987775
   3 : 37907.44789, -5249.97975, 0.006730987775
   4 : 37316.98893, -5249.97975, 0.006730987775
   5 : 36733.32315, -5249.97975, 0.006730987775
   6 : 36370.04707, -5249.97975, 0.006730987775
   7 : 36227.1607, -5249.97975, 0.006730987776
Knots :

   1 : 0.320841482 4
   2 : 1 1
   3 : 2 1
   4 : 3 1
   5 : 3.648335036 4

myuinf = 5.351...
myusup = 8.679...

Curve is not closed or periodic.

msv

2015-08-28 13:07

developer   ~0044793

Reviewed.

git

2015-08-28 15:29

administrator   ~0044812

Branch CR26605_1 has been updated forcibly by mkv.

SHA-1: 6c539b2b25f33c4b9673a79163cdc1781151708f

mkv

2015-08-31 18:06

tester   ~0044906

Dear BugMaster,
Branch CR26605_1 was rebased on current master of occt git-repository.
SHA-1: 6c539b2b25f33c4b9673a79163cdc1781151708f

mkv

2015-08-31 18:06

tester   ~0044907

Dear BugMaster,
Branch CR26605_1 from occt git-repository (and master from products git-repository) was compiled on Linux, MacOS and Windows platforms and tested on Release mode.
SHA-1: 6c539b2b25f33c4b9673a79163cdc1781151708f

Number of compiler warnings:

occt component :
Linux: 15 (15 on master)
Windows: 0 (0 on master)

products component :
Linux: 39 (39 on master)
Windows: 0 (0 on master)

Regressions/Differences/Improvements:
No regressions/differences

Testing cases:
http://occt-tests/CR26605-1-master-occt-64/Debian70-64/blend/buildevol/K6.html
http://occt-tests/CR26605-1-master-occt-64/Windows-64-VC10/blend/buildevol/K6.html
blend buildevol K6: OK
http://occt-tests/CR26605-1-master-occt-64/Debian70-64/blend/simple/U5.html
http://occt-tests/CR26605-1-master-occt-64/Windows-64-VC10/blend/simple/U5.html
blend simple U5: OK

Testing on Linux:
occt component :
Total MEMORY difference: 91984024 / 91195163 [+0.87%]
Total CPU difference: 17817.849999999056 / 17162.289999999382 [+3.82%]
products component :
Total MEMORY difference: 25218947 / 25226546 [-0.03%]
Total CPU difference: 7131.310000000012 / 7039.5099999999975 [+1.30%]

Testing on Windows:
occt component :
Total MEMORY difference: 57096973 / 57088045 [+0.02%]
Total CPU difference: 16547.50967309906 / 16439.697381998914 [+0.66%]
products component :
Total MEMORY difference: 16223029 / 16222282 [+0.00%]
Total CPU difference: 5420.00514339997 / 5332.831784599964 [+1.63%]

There are no differences in images found by testdiff.

git

2015-10-16 16:37

administrator   ~0047002

Branch CR26605 has been deleted by kgv.

SHA-1: f35421fb44e1fbbd21b7a39100ced820394ebd6f

git

2015-10-16 16:37

administrator   ~0047003

Branch CR26605_1 has been deleted by kgv.

SHA-1: 6c539b2b25f33c4b9673a79163cdc1781151708f

Related Changesets

occt: master 1581d651

2015-08-27 17:24:12

aml


Committer: bugmaster Details Diff
0026605: Possible array out of bounds read in Extrema_GExtPC.gxx

Degenerated case fixed.
Affected Issues
0026605
mod - src/Extrema/Extrema_GExtPC.gxx Diff File

Issue History

Date Modified Username Field Change
2015-08-26 17:05 abv New Issue
2015-08-26 17:05 abv Assigned To => msv
2015-08-26 17:08 git Note Added: 0044680
2015-08-26 18:22 aml Note Added: 0044683
2015-08-26 19:56 msv Note Added: 0044690
2015-08-26 19:56 msv Assigned To msv => aml
2015-08-26 19:56 msv Status new => assigned
2015-08-26 20:27 abv Note Added: 0044691
2015-08-26 20:33 msv Note Added: 0044693
2015-08-27 08:28 git Note Added: 0044695
2015-08-27 08:30 abv Note Added: 0044696
2015-08-27 12:06 msv Note Added: 0044714
2015-08-27 20:25 git Note Added: 0044768
2015-08-27 20:26 aml Note Added: 0044769
2015-08-27 20:26 aml Assigned To aml => msv
2015-08-27 20:26 aml Status assigned => resolved
2015-08-27 20:58 git Note Added: 0044772
2015-08-28 07:54 aml Note Added: 0044774
2015-08-28 07:55 aml Note Edited: 0044774
2015-08-28 13:07 msv Note Added: 0044793
2015-08-28 13:07 msv Assigned To msv => bugmaster
2015-08-28 13:07 msv Status resolved => reviewed
2015-08-28 14:42 mkv Assigned To bugmaster => mkv
2015-08-28 15:29 git Note Added: 0044812
2015-08-31 18:06 mkv Note Added: 0044906
2015-08-31 18:06 mkv Note Added: 0044907
2015-08-31 18:06 mkv Assigned To mkv => bugmaster
2015-08-31 18:06 mkv Status reviewed => tested
2015-08-31 18:07 mkv Test case number => blend buildevol K6, simple U5
2015-09-04 13:02 bugmaster Changeset attached => occt master 1581d651
2015-09-04 13:02 bugmaster Status tested => verified
2015-09-04 13:02 bugmaster Resolution open => fixed
2015-09-16 15:23 aml Relationship added related to 0026468
2015-10-16 14:55 aiv Status verified => closed
2015-10-16 16:37 git Note Added: 0047002
2015-10-16 16:37 git Note Added: 0047003
2015-10-23 20:50 aiv Fixed in Version => 6.9.1