fix(behavior_path_planner): prevent segfault in updateBoundary with index validation

[shmpwk]

Description

This PR addresses a critical segmentation fault that occurs in the behavior_path_planner, specifically within the static obstacle avoidance module. The crash happens during the process of modifying the drivable area boundary when multiple static obstacles are present, causing the component_container_mt process to die.

Stack Trace of the Crash

The crash is identified by the following stack trace, which points to an issue within the updateBoundary function.

[component_container_mt-94] malloc(): invalid size (unsorted)
[component_container_mt-94] *** Aborted at 1750213214 (unix time) try "date -d @1750213214" if you are using GNU date ***
[component_container_mt-94] PC: @                0x0 (unknown)
[component_container_mt-94] *** SIGABRT (@0x3e800001dd0) received by PID 7632 (TID 0x7f81e0ff1640) from PID 7632; stack trace: ***
[component_container_mt-94]     @     0x7f820b19e4d6 google::(anonymous namespace)::FailureSignalHandler()
[component_container_mt-94]     @     0x7f820a642520 (unknown)
[component_container_mt-94]     @     0x7f820a6969fc pthread_kill
[component_container_mt-94]     @     0x7f820a642476 raise
[component_container_mt-94]     @     0x7f820a6287f3 abort
[component_container_mt-94]     @     0x7f820a689677 (unknown)
[component_container_mt-94]     @     0x7f820a6a0cfc (unknown)
[component_container_mt-94]     @     0x7f820a6a40dc (unknown)
[component_container_mt-94]     @     0x7f820a6a5139 malloc
[component_container_mt-94]     @     0x7f820aaae98c operator new()
[component_container_mt-94]     @     0x7f81dd792a4e std::vector<>::reserve()
[component_container_mt-94]     @     0x7f81dd795004 autoware::motion_utils::removeOverlapPoints<>()
[component_container_mt-94]     @     0x7f81dd795426 autoware::motion_utils::calcLongitudinalOffsetToSegment<>()
[component_container_mt-94]     @     0x7f81dd7779f9 autoware::behavior_path_planner::utils::drivable_area_processing::updateBoundary()
[component_container_mt-94]     @     0x7f81dd7788d6 autoware::behavior_path_planner::utils::extractObstaclesFromDrivableArea()
[component_container_mt-94]     @     0x7f81dc86ecb2 autoware::behavior_path_planner::utils::static_obstacle_avoidance::updateRoadShoulderDistance()
[component_container_mt-94]     @     0x7f81dc827cc2 autoware::behavior_path_planner::StaticObstacleAvoidanceModule::fillAvoidanceTargetObjects()
[component_container_mt-94]     @     0x7f81dc8299cb autoware::behavior_path_planner::StaticObstacleAvoidanceModule::fillFundamentalData()
[component_container_mt-94]     @     0x7f81dc82a855 autoware::behavior_path_planner::StaticObstacleAvoidanceModule::updateData()
[component_container_mt-94]     @     0x7f81ddd6b27a autoware::behavior_path_planner::SceneModuleManagerInterface::isExecutionRequested()
[component_container_mt-94]     @     0x7f81ddd465b6 autoware::behavior_path_planner::SubPlannerManager::getRequestModules()
[component_container_mt-94]     @     0x7f81ddd5105e autoware::behavior_path_planner::SubPlannerManager::propagateFull()
[component_container_mt-94]     @     0x7f81ddd53578 autoware::behavior_path_planner::PlannerManager::run()
[component_container_mt-94]     @     0x7f81dddac05e autoware::behavior_path_planner::BehaviorPathPlannerNode::run()
[component_container_mt-94]     @     0x7f81dddb43d5 rclcpp::GenericTimer<>::execute_callback()
[component_container_mt-94]     @     0x7f820af5effe rclcpp::Executor::execute_any_executable()
[component_container_mt-94]     @     0x7f820af65432 rclcpp::executors::MultiThreadedExecutor::run()
[component_container_mt-94]     @     0x7f820aadc253 (unknown)
[component_container_mt-94]     @     0x7f820a694ac3 (unknown)
[component_container_mt-94]     @     0x7f820a726850 (unknown)
[ERROR] [component_container_mt-94]: process has died [pid 7632, exit code -6, cmd '/home/autoware/autoware.proj/install/rclcpp_components/lib/rclcpp_components/component_container_mt --ros-args -r __node:=behavior_planning_container -r __ns:=/planning/scenario_planning/lane_driving/behavior_planning -p use_sim_time:=False -p wheel_radius:=0.3725 -p wheel_width:=0.215 -p wheel_base:=4.76012 -p wheel_tread:=1.754 -p front_overhang:=0.95099 -p rear_overhang:=1.52579 -p left_overhang:=0.26878 -p right_overhang:=0.26878 -p vehicle_height:=3.08 -p max_steer_angle:=0.64'].
...

Root Cause Analysis

The root cause of the segmentation fault lies in the updateBoundary function located in drivable_area_expansion/static_drivable_area.cpp.

This function modifies the drivable area's boundary (updated_bound) by iterating through a list of obstacle polygons and removing sections of the boundary vector using std::vector::erase().

The core of the problem is as follows:

1. The function iterates over obstacle polygons, each containing segment indices (bound_seg_idx) that were calculated based on the original boundary's state before any modifications.
2. Inside the loop, updated_bound.erase() is called, which shrinks the size of the updated_bound vector.
3. In subsequent iterations, the pre-calculated indices from other obstacle polygons can become invalid (i.e., out of bounds) for the now-smaller updated_bound vector.
4. Calling erase() with iterators derived from these out-of-bounds indices results in undefined behavior, leading to the observed segmentation fault.

Solution

To resolve this issue, this PR introduces a guard clause to validate the indices right before calling updated_bound.erase().

This check ensures that both the start and end indices for the erase operation are within the valid range of the updated_bound vector's current size. If the indices are invalid, the operation for that particular polygon is skipped, and an error is logged. This prevents the crash while maintaining the integrity of the drivable area generation process.

Related links

Parent Issue:

• Link

How was this PR tested?

• Internal test scenario passes 2248/2832, no degration

Notes for reviewers

None.

Interface changes

None.

Effects on system behavior

None.

[github-actions]

Thank you for contributing to the Autoware project!

🚧 If your pull request is in progress, switch it to draft mode.

Please ensure:

• You've checked our contribution guidelines.
• Your PR follows our pull request guidelines.
• All required CI checks pass before marking the PR ready for review.

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.

Project coverage is 19.52%. Comparing base (60ac065) to head (fc2e3a7).
Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
...s/drivable_area_expansion/static_drivable_area.cpp	0.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #10848      +/-   ##
==========================================
+ Coverage   15.72%   19.52%   +3.79%     
==========================================
  Files        1342     1352      +10     
  Lines      100478   101205     +727     
  Branches    32571    33009     +438     
==========================================
+ Hits        15804    19761    +3957     
- Misses      72494    72835     +341     
+ Partials    12180     8609    -3571     

Flag	Coverage Δ		*Carryforward flag
daily	17.12% <ø> (ø)		Carriedforward from 60ac065
daily-cuda	15.77% <ø> (ø)		Carriedforward from 60ac065
differential	29.64% <0.00%> (?)
total-cuda	15.73% <ø> (ø)		Carriedforward from 60ac065

*This pull request uses carry forward flags. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.