fix for out-of-bounds index in HitPattern::getHitPatternByAbsoluteIndex

[missirol]

PR description:

This PR contains a minor technical fix to HitPattern::getHitPatternByAbsoluteIndex.

It was prompted by an error detected in last week's UBSAN IB (step4 of wf 4.22).

The error was coming from secondWord==57 (out of bounds) when position==75.

Merely technical. No changes expected.

PR validation:

Tested wf 4.22 with a UBSAN IB.

If this PR is a backport, please specify the original PR and why you need to backport that PR:

N/A

[cmsbuild]

+code-checks

Logs: https://cmssdt.cern.ch/SDT/code-checks/cms-sw-PR-36116/26618

• This PR adds an extra 20KB to repository

[cmsbuild]

A new Pull Request was created by @missirol (Marino Missiroli) for master.

It involves the following packages:

• DataFormats/TrackReco (reconstruction)

@jpata, @cmsbuild, @slava77 can you please review it and eventually sign? Thanks.
@JanFSchulte, @rovere, @VinInn, @gpetruc, @mmusich, @mtosi this is something you requested to watch as well.
@perrotta, @dpiparo, @qliphy you are the release manager for this.

cms-bot commands are listed here

[VinInn]

what do you mean with ! of a uint8?

[missirol]

Just wanted this to be true if all bits were zero.
Testing locally (outside CMSSW) it seemed to work, but I guess I'm missing something?

[slava77]

!= 0 ?

[cmsbuild]

+code-checks

Logs: https://cmssdt.cern.ch/SDT/code-checks/cms-sw-PR-36116/26620

• This PR adds an extra 20KB to repository

[cmsbuild]

Pull request #36116 was updated. @jpata, @cmsbuild, @slava77 can you please check and sign again.

[slava77]

@cmsbuild please test

[cmsbuild]

+1

Summary: https://cmssdt.cern.ch/SDT/jenkins-artifacts/pull-request-integration/PR-c6635a/20544/summary.html
COMMIT: 9e53f33
CMSSW: CMSSW_12_2_X_2021-11-15-1100/slc7_amd64_gcc900
User test area: For local testing, you can use /cvmfs/cms-ci.cern.ch/week1/cms-sw/cmssw/36116/20544/install.sh to create a dev area with all the needed externals and cmssw changes.

Comparison Summary

Summary:

• No significant changes to the logs found
• Reco comparison results: 4 differences found in the comparisons
• DQMHistoTests: Total files compared: 42
• DQMHistoTests: Total histograms compared: 3320802
• DQMHistoTests: Total failures: 5
• DQMHistoTests: Total nulls: 1
• DQMHistoTests: Total successes: 3320774
• DQMHistoTests: Total skipped: 22
• DQMHistoTests: Total Missing objects: 0
• DQMHistoSizes: Histogram memory added: -0.004 KiB( 41 files compared)
• DQMHistoSizes: changed ( 312.0 ): -0.004 KiB MessageLogger/Warnings
• Checked 177 log files, 37 edm output root files, 42 DQM output files
• TriggerResults: no differences found

[jpata]

Looking at this code, it's not clear why lines 3-4 would do anything different than line 2 if secondWordBits==0. In other words, could you please explain a bit how this fixes the out of bounds issue reported by UBSAN?

1:    if (secondWordBits == 0)
2:     return firstWordBlock;
3:    uint16_t secondWordBlock = hitPattern[secondWord] & ((1 << secondWordBits) - 1); //(1<<0)-1 gives secondWordBlock==0
4:    uint16_t myResult = firstWordBlock + (secondWordBlock << firstWordBits); //0 << firstWordBits gives 0

[missirol]

The difference is that with this change, when secondWordBits == 0, hitPattern is not accessed in L3; this is what fixes the out-of-bounds issue reported in the UBSAN IB for the edge case secondWord == 57 (hitPattern has size 57, so 57 is out of bounds). The return value of the relevant function is unchanged by this PR, because (even pre-PR) if secondWordBits==0, then myResult equals firstWordBlock.

[jpata]

ah, I see, thanks for the explanation!

[jpata]

+reconstruction

• technical UBSAN fix
• no reco changes

[cmsbuild]

This pull request is fully signed and it will be integrated in one of the next master IBs (tests are also fine). This pull request will now be reviewed by the release team before it's merged. @perrotta, @dpiparo, @qliphy (and backports should be raised in the release meeting by the corresponding L2)

[perrotta]

+1