Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Issue]: UB in fmm_translate_hsa_to_ioc_flags due to signed overflow #271

Open
LunNova opened this issue Dec 30, 2024 · 0 comments · May be fixed by #273
Open

[Issue]: UB in fmm_translate_hsa_to_ioc_flags due to signed overflow #271

LunNova opened this issue Dec 30, 2024 · 0 comments · May be fixed by #273

Comments

@LunNova
Copy link

LunNova commented Dec 30, 2024

This line triggers a UBsan error at runtime:

https://github.com/ROCm/ROCR-Runtime/blob/8b6b9c140d0ec01f73b69348eb53206eea5d5e50/libhsakmt/src/fmm.c#L1403C27-L1403C28

ioc_flags |= KFD_IOC_ALLOC_MEM_FLAGS_WRITABLE;

It's defined as

#define KFD_IOC_ALLOC_MEM_FLAGS_WRITABLE	(1 << 31)

/build/source/libhsakmt/src/fmm.c:1403:16: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
    #0 0x7fff7691f943 in fmm_translate_hsa_to_ioc_flags /build/source/libhsakmt/src/fmm.c:1403
    #1 0x7fff7691f943 in fmm_allocate_host_gpu /build/source/libhsakmt/src/fmm.c:1831
    #2 0x7fff7691f943 in hsakmt_fmm_allocate_host /build/source/libhsakmt/src/fmm.c:1921
    #3 0x7fff76940d7e in hsakmt_allocate_exec_aligned_memory_gpu (/nix/store/62bsg8k600m71hih5l9fm2igx1rfcf23-rocm-runtime-6.3.1/lib/libhsa-runtime64.so.1+0x540d7e)
    #4 0x7fff7691853f in hsaKmtCreateEvent (/nix/store/62bsg8k600m71hih5l9fm2igx1rfcf23-rocm-runtime-6.3.1/lib/libhsa-runtime64.so.1+0x51853f)
    #5 0x7fff7671f318 in rocr::core::InterruptSignal::CreateEvent(_HSA_EVENTTYPE, bool) (/nix/store/62bsg8k600m71hih5l9fm2igx1rfcf23-rocm-runtime-6.3.1/lib/libhsa-runtime64.so.1+0x31f318)
    #6 0x7fff7674a625 in BindErrorHandlers /build/source/runtime/hsa-runtime/core/runtime/runtime.cpp:1692
    #7 0x7fff7673bbcf in Load /build/source/runtime/hsa-runtime/core/runtime/runtime.cpp:1992
    #8 0x7fff7673b77f in Acquire /build/source/runtime/hsa-runtime/core/runtime/runtime.cpp:150
    #9 0x7fff7670109d in rocr::HSA::hsa_init() (/nix/store/62bsg8k600m71hih5l9fm2igx1rfcf23-rocm-runtime-6.3.1/lib/libhsa-runtime64.so.1+0x30109d)

Tested on rocm-6.3.1
@LunNova LunNova changed the title [Issue] Undefined Behavior in fmm_translate_hsa_to_ioc_flags [Issue]: Undefined Behavior in fmm_translate_hsa_to_ioc_flags Dec 30, 2024
This was referenced Dec 30, 2024
Draft
Open
@LunNova LunNova changed the title [Issue]: Undefined Behavior in fmm_translate_hsa_to_ioc_flags [Issue]: UB in fmm_translate_hsa_to_ioc_flags due to signed overflow Jan 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix multiple places with undefined behavior due to signed 1 << 31 LunNova/ROCR-Runtime
1 participant
@LunNova