fillNeighborsMPI() truncates byte offsets from size_t to int #5061
Description
- Type: Correctness / Large-message robustness
- Severity: Medium
- Component: Neighbor particle CPU MPI unpack path
- Location:
Src/Particle/AMReX_NeighborParticlesCPUImpl.H:524Src/Particle/AMReX_NeighborParticlesCPUImpl.H:573
Problem
Receive offsets are accumulated in Vector<std::size_t> rOffset, but unpack converts each offset to int:
const auto offset = int(rOffset[i]);
char* buffer = &recvdata[offset];For large aggregate receive buffers, this can overflow/truncate and produce invalid buffer pointers.
Impact
- Potential out-of-bounds reads during unpack on large-scale runs with large ghost exchange payloads.
- Corrupted neighbor data or hard crashes.
Suggested patch
Keep offsets in std::size_t through pointer arithmetic.
--- a/Src/Particle/AMReX_NeighborParticlesCPUImpl.H
+++ b/Src/Particle/AMReX_NeighborParticlesCPUImpl.H
@@
- const auto offset = int(rOffset[i]);
+ const std::size_t offset = rOffset[i];
char* buffer = &recvdata[offset];Prepared by Codex
Metadata
Metadata
Assignees
Labels
No labels