Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent signed integer overflow in check_scan_over_group #776

Merged
merged 10 commits into from
Sep 13, 2023

Conversation

0x12CC
Copy link
Contributor

@0x12CC 0x12CC commented Aug 2, 2023

Check that the maximum value of T is large enough to store the results of the scan functions. This check prevents overflow for small types. Also, remove the largest check_scan test case.

Check that the maximum value of `T` is large enough to store the results
of the scan functions. This check prevents overflow for small types.

Signed-off-by: Michael Aziz <[email protected]>
@0x12CC 0x12CC requested a review from a team as a code owner August 2, 2023 18:21
@bader bader added the help wanted Extra attention is needed label Aug 3, 2023
Comment on lines 306 to 309
if (std::sqrt(std::numeric_limits<T>::max()) + T(init) <= range.size()) {
return;
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it's a good idea silently skipping all checks in this case.
Although this sounds like a test issue, rather than a bug in the tested implementation, we probably can use REQUIRE macro to "Check that the maximum value of T is large enough to store the results of the scan functions.".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please clarify how you’re suggesting we use the REQUIRE macro? I understood that this macro would cause the test to fail if the assertion is false.

The change I’m proposing should only skip cases where the type is not large enough for the specified range. The type will still be tested with the smaller ranges.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we launch the configuration causing the overflow? Isn't this a bug?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that the relevant code is here:

const size_t sizes[3] = {5, work_group_size / 2, 3 * work_group_size};

We use the same template for all of the test cases so I’m not able to remove the problematic cases without changing the other working tests.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right. This where I think we should change the logic to avoid an overflow.
work_goup_size here is the maximum possible # of work-items the device can execute. Do we really need to the maximum # of work-items to test the scan functionality? If so, the input buffer must be initialized with zeros to avoid overflow.
But I don't think we need to run so many work-items, it's a good stress test, but an overkill for this test purpose.

std::iota(v.begin(), v.end(), T(1));
- this seems to be the right place to make sure that we can run the test w/o an overflow. BTW, it's better to use the sum of arithmetic progression instead of sqrt for the overflow check.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right. This where I think we should change the logic to avoid an overflow.
work_goup_size here is the maximum possible # of work-items the device can execute. Do we really need to the maximum # of work-items to test the scan functionality?

I believe that the larger test case is not needed. I've removed it and updated the PR description.

If so, the input buffer must be initialized with zeros to avoid overflow.

I don't think I understand this suggestion. The test case is computing the sum of an arithmetic progression, but the result may be too large to store in certain types. I don't think that the issue is related to buffer initialization.

BTW, it's better to use the sum of arithmetic progression instead of sqrt for the overflow check.

I've updated the overflow check to use this formula.

@@ -238,7 +238,7 @@ struct init_joint_scan_group {

size_t work_group_size = work_group_range.size();

const size_t sizes[3] = {5, work_group_size / 2, 3 * work_group_size};
const size_t sizes[3] = {5, work_group_size / 2};
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Either declare 2-element array or explicitly initialize the 3rd element.

Why the second element is work_group_size / 2? Why can't we put 1 or 2 instead (+ check that HW is able to run the work of that size)?

Copy link
Contributor Author

@0x12CC 0x12CC Aug 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Either declare 2-element array or explicitly initialize the 3rd element.

Good catch! I've updated the array declaration to include the correct number of elements.

Why the second element is work_group_size / 2? Why can't we put 1 or 2 instead (+ check that HW is able to run the work of that size)?

I'm not sure why the second size was work_group_size / 2, but I've set it to 2 instead.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That means which should even more comment the code.

tests/group_functions/group_scan.h Outdated Show resolved Hide resolved
@fraggamuffin
Copy link

Ivan, please have a look. Thx.

@bader
Copy link
Contributor

bader commented Aug 10, 2023

I'll wait for the feedback from @Melirius to merge.

Copy link
Member

@keryell keryell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks.

@fraggamuffin
Copy link

Will wait one more week.

@bader
Copy link
Contributor

bader commented Aug 17, 2023

Friendly reminder for @Melirius.

@bader
Copy link
Contributor

bader commented Aug 22, 2023

Friendly reminder №2 for @Melirius.

@0x12CC, could you resolve merge conflicts with SYCL-2020 branch, please?

@Melirius
Copy link
Contributor

Friendly reminder №2 for @Melirius.

Sorry, I'm at vacations now, be back on the next week.

@bader
Copy link
Contributor

bader commented Sep 7, 2023

Friendly reminder №2 for @Melirius.

Sorry, I'm at vacations now, be back on the next week.

@Melirius, friendly reminder №3.

We have required approvals, so it's ready to be merged. I'm going to merge this PR next Wednesday if there are no additional requests for changes.
@Melirius, feel free provide your feedback regardless of the merge status. I'll make sure that we address post-merge review comments too.

@bader bader merged commit 4b0e1ea into KhronosGroup:SYCL-2020 Sep 13, 2023
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
help wanted Extra attention is needed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants