Heap buffer overflow in rrSparse.

[CiaranWelsh]

I've added two new tests that catch this error TEST_F(RoadRunnerAPITestsWithMCJit, getIdsAfterSetConservedMoiety) and TEST_F(RoadRunnerAPITestsWithLLJit, getIdsAfterSetConservedMoiety) but disabled them for the time being. Basically we get a heap buffer overflow error when we do:

        RoadRunner rr(sbml);
        rr.setConservedMoietyAnalysis(true); // does a regenerate model. 
        std::list<std::string> l;
        rr.getIds(SelectionRecord::ALL, l);

Here's address sanitizer's output:

rrSparse.cpp
Heap-buffer-overflow on address 0x6020000a0318 at pc 0x0001305f6e3c bp 0x7ff7b06f7760 sp 0x7ff7b06f7758
READ of size 4 at 0x6020000a0318 thread T0
0x1305f6e3b rr::csr_matrix_get_nz rrSparse.cpp:149 
0x130824b88 rrllvm::LLVMExecutableModel::getStoichiometry LLVMExecutableModel.cpp:2249 
0x13080ad51 rrllvm::LLVMExecutableModel::getIds LLVMExecutableModel.cpp:1213 
0x1303f068d rr::RoadRunner::getIds rrRoadRunner.cpp:4830 
0x10f80d096 RoadRunnerAPITests::getIdsAfterSetConservedMoiety RoadRunnerAPITests.h:160 
0x10f80c114 RoadRunnerAPITestsWithMCJit_getIdsAfterSetConservedMoiety_Test::TestBody RoadRunnerAPITestsWithMCJit.cpp:54 
0x10fa1298c testing::internal::HandleSehExceptionsInMethodIfSupported<…> gtest.cc:2631 
0x10f97d2df testing::internal::HandleExceptionsInMethodIfSupported<…> gtest.cc:2667 
0x10f97cdc7 testing::Test::Run gtest.cc:2706 
0x10f97fbbc testing::TestInfo::Run gtest.cc:2885 
0x10f9829fe testing::TestSuite::Run gtest.cc:3039 
0x10f9a7322 testing::internal::UnitTestImpl::RunAllTests gtest.cc:5897 
0x10fa1f617 testing::internal::HandleSehExceptionsInMethodIfSupported<…> gtest.cc:2631 
0x10f9a6211 testing::internal::HandleExceptionsInMethodIfSupported<…> gtest.cc:2667 
0x10f9a5cc4 testing::UnitTest::Run gtest.cc:5464 
0x10fa399e0 RUN_ALL_TESTS gtest.h:2492 
0x10fa3994b main gtest_main.cc:52 
0x11f3b44fd start 
Allocated by thread T0 here:
0x11030a7d5 wrap_calloc 
0x1305f539e rr::csr_matrix_new rrSparse.cpp:114 
0x1309403b7 rrllvm::createModelData LLVMModelGenerator.cpp:705 
0x13093c1db rrllvm::codeGenAddModuleAndMakeModelData LLVMModelGenerator.cpp:256 
0x1309360db rrllvm::LLVMModelGenerator::regenerateModel LLVMModelGenerator.cpp:300 
0x1305f0c72 rr::ExecutableModelFactory::regenerateModel ExecutableModelFactory.cpp:80 
0x1303aac06 rr::RoadRunner::regenerateModel rrRoadRunner.cpp:6673 
0x1303a9679 rr::RoadRunner::setConservedMoietyAnalysis rrRoadRunner.cpp:1697 
0x10f80d056 RoadRunnerAPITests::getIdsAfterSetConservedMoiety RoadRunnerAPITests.h:158 
0x10f80c114 RoadRunnerAPITestsWithMCJit_getIdsAfterSetConservedMoiety_Test::TestBody RoadRunnerAPITestsWithMCJit.cpp:54 
0x10fa1298c testing::internal::HandleSehExceptionsInMethodIfSupported<…> gtest.cc:2631 
0x10f97d2df testing::internal::HandleExceptionsInMethodIfSupported<…> gtest.cc:2667 
0x10f97cdc7 testing::Test::Run gtest.cc:2706 
0x10f97fbbc testing::TestInfo::Run gtest.cc:2885 
0x10f9829fe testing::TestSuite::Run gtest.cc:3039 
0x10f9a7322 testing::internal::UnitTestImpl::RunAllTests gtest.cc:5897 
0x10fa1f617 testing::internal::HandleSehExceptionsInMethodIfSupported<…> gtest.cc:2631 
0x10f9a6211 testing::internal::HandleExceptionsInMethodIfSupported<…> gtest.cc:2667 
0x10f9a5cc4 testing::UnitTest::Run gtest.cc:5464 
0x10fa399e0 RUN_ALL_TESTS gtest.h:2492 
0x10fa3994b main gtest_main.cc:52 
0x11f3b44fd start 

These tests pass in Release and Debug builds but fail in when CMAKE_BUILD_TYPE="Asan" (which works out of the box on mac, provided sanitizers are installed - windows will be problematic). We may also be able to detect this with valgrind but I haven't tried.

I haven't been able to figure out what is going on here but I'm thinking that this is a symptom of the numbers of species changing after the regenerate model associated with the call to setConservedMoieties.