berkus
/
ANE
mirror of https://github.com/maderix/ANE.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Harden token file layout checks and prevent exec-time fd leaks

This commit is contained in:
nabbilkhan 2026-03-03 19:42:33 +00:00
parent 991bf4d618
commit 60b0512be3
6 changed files with 218 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
training/README.md
View File

@ -81,6 +81,7 @@ bash download_data.sh
Downloads pretokenized TinyStories (Llama 2 BPE, 32K vocab) from HuggingFace. Produces `tinystories_data00.bin` (~41 MB, ~20M tokens).
All training pipelines perform token-data validation at startup:
- token file byte length must align to 16-bit token boundaries
- token file must contain at least `SEQ+1` tokens
- every token id must be within `[0, vocab_size)`

8
training/data_validation.h
View File

@ -16,6 +16,14 @@ typedef struct {
uint16_t bad_token;
} TokenDataValidationError;
// Token files are 16-bit ids. Return false when byte length is misaligned.
static inline bool token_data_bytes_to_token_count(size_t n_bytes, size_t *n_tokens, size_t *extra_bytes) {
size_t rem = n_bytes % sizeof(uint16_t);
if (n_tokens) *n_tokens = n_bytes / sizeof(uint16_t);
if (extra_bytes) *extra_bytes = rem;
return rem == 0;
}
static inline bool token_data_has_min_tokens(size_t n_tokens, int seq, size_t *required_tokens) {
if (seq < 0) return false;
size_t needed = (size_t)seq + 1;

127
training/test_data_validation.c
View File

@ -23,6 +23,39 @@ typedef struct {
#define CHECK_EQ_INT(stats, got, want, msg) CHECK_TRUE((stats), (got) == (want), msg)
#define CHECK_EQ_SIZE(stats, got, want, msg) CHECK_TRUE((stats), (got) == (want), msg)
static uint32_t lcg_next(uint32_t *state) {
*state = (*state * 1664525u) + 1013904223u;
return *state;
}
static void test_bytes_to_token_count_even(TestStats *stats) {
size_t n_tokens = 0;
size_t extra = 99;
CHECK_TRUE(stats, token_data_bytes_to_token_count(1024, &n_tokens, &extra),
"even byte length should map to token count");
CHECK_EQ_SIZE(stats, n_tokens, 512, "1024 bytes should map to 512 tokens");
CHECK_EQ_SIZE(stats, extra, 0, "even byte length should have zero remainder");
stats->passed++;
}
static void test_bytes_to_token_count_odd(TestStats *stats) {
size_t n_tokens = 0;
size_t extra = 0;
CHECK_TRUE(stats, !token_data_bytes_to_token_count(1025, &n_tokens, &extra),
"odd byte length should fail alignment check");
CHECK_EQ_SIZE(stats, n_tokens, 512, "odd byte length should still report floor token count");
CHECK_EQ_SIZE(stats, extra, 1, "1025 bytes should report one extra byte");
stats->passed++;
}
static void test_bytes_to_token_count_null_outputs(TestStats *stats) {
CHECK_TRUE(stats, token_data_bytes_to_token_count(8, NULL, NULL),
"alignment helper should work with null output pointers");
CHECK_TRUE(stats, !token_data_bytes_to_token_count(9, NULL, NULL),
"alignment helper should fail odd byte length with null outputs");
stats->passed++;
}
static void test_min_tokens_boundary(TestStats *stats) {
size_t required = 0;
CHECK_TRUE(stats, token_data_has_min_tokens(257, 256, &required), "257 tokens should satisfy seq=256");
@ -37,6 +70,13 @@ static void test_min_tokens_short(TestStats *stats) {
stats->passed++;
}
static void test_min_tokens_negative_seq(TestStats *stats) {
size_t required = 777;
CHECK_TRUE(stats, !token_data_has_min_tokens(10, -1, &required), "negative seq should fail min-token check");
CHECK_EQ_SIZE(stats, required, 777, "required token out param should remain unchanged for invalid seq");
stats->passed++;
}
static void test_validate_too_short(TestStats *stats) {
uint16_t tokens[2] = {1, 2};
TokenDataValidationError err = {0};
@ -46,6 +86,22 @@ static void test_validate_too_short(TestStats *stats) {
stats->passed++;
}
static void test_validate_too_short_precedes_oob(TestStats *stats) {
uint16_t tokens[2] = {65000, 1};
TokenDataValidationError err = {0};
TokenDataValidationCode code = token_data_validate(tokens, 2, 4, 32000, &err);
CHECK_EQ_INT(stats, code, TOKEN_DATA_ERR_TOO_SHORT, "too-short check should happen before OOB check");
CHECK_EQ_SIZE(stats, err.required_tokens, 5, "required token count should still be reported");
stats->passed++;
}
static void test_validate_too_short_with_null_err(TestStats *stats) {
uint16_t tokens[2] = {1, 2};
TokenDataValidationCode code = token_data_validate(tokens, 2, 4, 32000, NULL);
CHECK_EQ_INT(stats, code, TOKEN_DATA_ERR_TOO_SHORT, "validation should work when err output is null");
stats->passed++;
}
static void test_validate_oob_first(TestStats *stats) {
uint16_t tokens[6] = {32000, 1, 2, 3, 4, 5};
TokenDataValidationError err = {0};
@ -85,6 +141,20 @@ static void test_validate_ok(TestStats *stats) {
stats->passed++;
}
static void test_validate_vocab_boundary(TestStats *stats) {
uint16_t valid_tokens[3] = {0, 0, 0};
TokenDataValidationError err = {0};
TokenDataValidationCode valid_code = token_data_validate(valid_tokens, 3, 2, 1, &err);
CHECK_EQ_INT(stats, valid_code, TOKEN_DATA_VALID, "token 0 should be valid when vocab=1");
uint16_t invalid_tokens[3] = {0, 1, 0};
TokenDataValidationCode invalid_code = token_data_validate(invalid_tokens, 3, 2, 1, &err);
CHECK_EQ_INT(stats, invalid_code, TOKEN_DATA_ERR_OOB_TOKEN, "token >= vocab should fail at vocab boundary");
CHECK_EQ_SIZE(stats, err.bad_index, 1, "boundary OOB should report exact index");
CHECK_EQ_INT(stats, err.bad_token, 1, "boundary OOB should report offending token");
stats->passed++;
}
static void test_find_oob_empty(TestStats *stats) {
size_t bad_index = 123;
uint16_t bad_token = 456;
@ -95,17 +165,74 @@ static void test_find_oob_empty(TestStats *stats) {
stats->passed++;
}
static void test_find_oob_null_outputs(TestStats *stats) {
uint16_t tokens[4] = {0, 1, 32000, 2};
CHECK_TRUE(stats, token_data_find_oob_token(tokens, 4, 32000, NULL, NULL),
"OOB scan should work with null output pointers");
stats->passed++;
}
static void test_find_oob_invalid_vocab(TestStats *stats) {
uint16_t tokens[3] = {0, 1, 2};
CHECK_TRUE(stats, !token_data_find_oob_token(tokens, 3, 0, NULL, NULL),
"OOB scan should reject non-positive vocab");
CHECK_TRUE(stats, !token_data_find_oob_token(tokens, 3, -1, NULL, NULL),
"OOB scan should reject negative vocab");
stats->passed++;
}
static void test_find_oob_randomized_consistency(TestStats *stats) {
uint32_t seed = 1;
for (int iter = 0; iter < 512; iter++) {
int vocab = (int)(lcg_next(&seed) % 128u) + 1;
size_t n_tokens = (size_t)(lcg_next(&seed) % 64u);
uint16_t tokens[64] = {0};
bool expected_found = false;
size_t expected_index = 0;
uint16_t expected_token = 0;
for (size_t i = 0; i < n_tokens; i++) {
tokens[i] = (uint16_t)(lcg_next(&seed) % 256u);
if (!expected_found && (int)tokens[i] >= vocab) {
expected_found = true;
expected_index = i;
expected_token = tokens[i];
}
}
size_t got_index = 0;
uint16_t got_token = 0;
bool got_found = token_data_find_oob_token(tokens, n_tokens, vocab, &got_index, &got_token);
CHECK_EQ_INT(stats, got_found, expected_found, "randomized OOB scan should match reference result");
if (expected_found) {
CHECK_EQ_SIZE(stats, got_index, expected_index, "randomized OOB index should match reference");
CHECK_EQ_INT(stats, got_token, expected_token, "randomized OOB token should match reference");
}
}
stats->passed++;
}
int main(void) {
TestStats stats = {0, 0};
test_bytes_to_token_count_even(&stats);
test_bytes_to_token_count_odd(&stats);
test_bytes_to_token_count_null_outputs(&stats);
test_min_tokens_boundary(&stats);
test_min_tokens_short(&stats);
test_min_tokens_negative_seq(&stats);
test_validate_too_short(&stats);
test_validate_too_short_precedes_oob(&stats);
test_validate_too_short_with_null_err(&stats);
test_validate_oob_first(&stats);
test_validate_oob_middle(&stats);
test_validate_oob_last(&stats);
test_validate_ok(&stats);
test_validate_vocab_boundary(&stats);
test_find_oob_empty(&stats);
test_find_oob_null_outputs(&stats);
test_find_oob_invalid_vocab(&stats);
test_find_oob_randomized_consistency(&stats);
printf("test_data_validation: %d passed, %d failed\n", stats.passed, stats.failed);
return stats.failed == 0 ? 0 : 1;

53
training/train_large.m
View File

@ -283,14 +283,28 @@ int main(int argc, char *argv[]) {
printf("ANE FLOPs/step: %.0fM (fwd+bwd_dx+sdpa_bwd) | CPU: dW+cls (cblas)\n\n", ane_f/1e6);
}
// mmap token data
// mmap token data
int data_fd = open(DATA_PATH, O_RDONLY);
if (data_fd < 0) { printf("Cannot open %s\n", DATA_PATH); return 1; }
struct stat st; fstat(data_fd, &st);
size_t data_len = st.st_size;
struct stat st;
if (fstat(data_fd, &st) != 0) { perror("fstat"); close(data_fd); return 1; }
size_t data_len = (size_t)st.st_size;
size_t n_tokens = 0, extra_bytes = 0;
if (!token_data_bytes_to_token_count(data_len, &n_tokens, &extra_bytes)) {
fprintf(stderr,
"Token data validation failed: file size %zu bytes has %zu extra byte(s); expected 16-bit tokens\n",
data_len, extra_bytes);
close(data_fd);
return 1;
}
if (n_tokens == 0) {
fprintf(stderr, "Token data validation failed: token file is empty\n");
close(data_fd);
return 1;
}
uint16_t *token_data = (uint16_t*)mmap(NULL, data_len, PROT_READ, MAP_PRIVATE, data_fd, 0);
if (token_data == MAP_FAILED) { printf("mmap failed\n"); close(data_fd); return 1; }
size_t n_tokens = data_len / 2;
if (token_data == MAP_FAILED) { perror("mmap"); close(data_fd); return 1; }
close(data_fd); // mapping remains valid; avoid fd leaks across exec() restarts
printf("Token data: %zu tokens (%.1f MB)\n", n_tokens, data_len/1e6);
TokenDataValidationError data_err = {0};
@ -298,13 +312,13 @@ int main(int argc, char *argv[]) {
if (data_code == TOKEN_DATA_ERR_TOO_SHORT) {
fprintf(stderr, "Token data validation failed: need at least %zu tokens (SEQ+1), got %zu\n",
data_err.required_tokens, n_tokens);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
if (data_code == TOKEN_DATA_ERR_OOB_TOKEN) {
fprintf(stderr, "Token data validation failed: token %u at index %zu is outside vocab [0, %d)\n",
data_err.bad_token, data_err.bad_index, VOCAB);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
@ -695,19 +709,18 @@ int main(int argc, char *argv[]) {
printf("ANE utilization: %.1f%% of 15.8 TFLOPS\n", 100*ane_flops/(total_train_ms*1e9)/15.8);
// Cleanup
for (int L=0; L<NLAYERS; L++) {
free_layer_kernels(&kern[L]);
free_kern(sdpaBwd2[L]);
layer_weights_free(&lw[L]);
layer_adam_free(&la[L]);
layer_acts_free(&acts[L]);
layer_grads_free(&grads[L]);
}
munmap(token_data, data_len);
close(data_fd);
free(rms_final); free(embed); free(grms_final); free(gembed);
adam_free(&arms_final); adam_free(&aembed);
free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);
for (int L=0; L<NLAYERS; L++) {
free_layer_kernels(&kern[L]);
free_kern(sdpaBwd2[L]);
layer_weights_free(&lw[L]);
layer_adam_free(&la[L]);
layer_acts_free(&acts[L]);
layer_grads_free(&grads[L]);
}
munmap(token_data, data_len);
free(rms_final); free(embed); free(grms_final); free(gembed);
adam_free(&arms_final); adam_free(&aembed);
free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);
free(do_out_buf); free(dq); free(dk); free(dv); free(dx_attn);
free(x_cur); free(x_final); free(logits); free(dlogits);
}

28
training/train_large_ane.m
View File

@ -274,11 +274,25 @@ int main(int argc, char *argv[]) {
// mmap token data
int data_fd = open(DATA_PATH, O_RDONLY);
if (data_fd < 0) { printf("Cannot open %s\n", DATA_PATH); return 1; }
struct stat st; fstat(data_fd, &st);
size_t data_len = st.st_size;
struct stat st;
if (fstat(data_fd, &st) != 0) { perror("fstat"); close(data_fd); return 1; }
size_t data_len = (size_t)st.st_size;
size_t n_tokens = 0, extra_bytes = 0;
if (!token_data_bytes_to_token_count(data_len, &n_tokens, &extra_bytes)) {
fprintf(stderr,
"Token data validation failed: file size %zu bytes has %zu extra byte(s); expected 16-bit tokens\n",
data_len, extra_bytes);
close(data_fd);
return 1;
}
if (n_tokens == 0) {
fprintf(stderr, "Token data validation failed: token file is empty\n");
close(data_fd);
return 1;
}
uint16_t *token_data = (uint16_t*)mmap(NULL, data_len, PROT_READ, MAP_PRIVATE, data_fd, 0);
if (token_data == MAP_FAILED) { printf("mmap failed\n"); close(data_fd); return 1; }
size_t n_tokens = data_len / 2;
if (token_data == MAP_FAILED) { perror("mmap"); close(data_fd); return 1; }
close(data_fd); // mapping remains valid; avoid fd leaks across exec() restarts
printf("Token data: %zu tokens (%.1f MB)\n", n_tokens, data_len/1e6);
TokenDataValidationError data_err = {0};
@ -286,13 +300,13 @@ int main(int argc, char *argv[]) {
if (data_code == TOKEN_DATA_ERR_TOO_SHORT) {
fprintf(stderr, "Token data validation failed: need at least %zu tokens (SEQ+1), got %zu\n",
data_err.required_tokens, n_tokens);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
if (data_code == TOKEN_DATA_ERR_OOB_TOKEN) {
fprintf(stderr, "Token data validation failed: token %u at index %zu is outside vocab [0, %d)\n",
data_err.bad_token, data_err.bad_index, VOCAB);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
@ -749,7 +763,7 @@ int main(int argc, char *argv[]) {
layer_acts_free(&acts[L]); layer_grads_free(&grads[L]);
}
free_kern(softmaxKern); free_kern(finalRmsKern); free_kern(classifierKern);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
free(rms_final); free(embed); free(grms_final); free(gembed);
adam_free(&arms_final); adam_free(&aembed);
free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);

42
training/training_dynamic/train.m
View File

@ -333,14 +333,28 @@ int main(int argc, char *argv[]) {
transpose_weight(W3t_buf[L], lw[L].W3, HIDDEN, DIM);
}
// mmap token data
// mmap token data
int data_fd = open(DATA_PATH, O_RDONLY);
if (data_fd < 0) { printf("Cannot open %s\n", DATA_PATH); return 1; }
struct stat st; fstat(data_fd, &st);
size_t data_len = st.st_size;
struct stat st;
if (fstat(data_fd, &st) != 0) { perror("fstat"); close(data_fd); return 1; }
size_t data_len = (size_t)st.st_size;
size_t n_tokens = 0, extra_bytes = 0;
if (!token_data_bytes_to_token_count(data_len, &n_tokens, &extra_bytes)) {
fprintf(stderr,
"Token data validation failed: file size %zu bytes has %zu extra byte(s); expected 16-bit tokens\n",
data_len, extra_bytes);
close(data_fd);
return 1;
}
if (n_tokens == 0) {
fprintf(stderr, "Token data validation failed: token file is empty\n");
close(data_fd);
return 1;
}
uint16_t *token_data = (uint16_t*)mmap(NULL, data_len, PROT_READ, MAP_PRIVATE, data_fd, 0);
if (token_data == MAP_FAILED) { printf("mmap failed\n"); close(data_fd); return 1; }
size_t n_tokens = data_len / 2;
if (token_data == MAP_FAILED) { perror("mmap"); close(data_fd); return 1; }
close(data_fd); // mapping remains valid; avoid fd leaks across exec() restarts
printf("Token data: %zu tokens (%.1f MB)\n", n_tokens, data_len/1e6);
TokenDataValidationError data_err = {0};
@ -348,13 +362,13 @@ int main(int argc, char *argv[]) {
if (data_code == TOKEN_DATA_ERR_TOO_SHORT) {
fprintf(stderr, "Token data validation failed: need at least %zu tokens (SEQ+1), got %zu\n",
data_err.required_tokens, n_tokens);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
if (data_code == TOKEN_DATA_ERR_OOB_TOKEN) {
fprintf(stderr, "Token data validation failed: token %u at index %zu is outside vocab [0, %d)\n",
data_err.bad_token, data_err.bad_index, VOCAB);
munmap(token_data, data_len); close(data_fd);
munmap(token_data, data_len);
return 1;
}
@ -883,10 +897,10 @@ int main(int argc, char *argv[]) {
free(Wqt_buf[L]); free(Wkt_buf[L]); free(Wvt_buf[L]); free(Wot_buf[L]);
free(W1t_buf[L]); free(W2t_buf[L]); free(W3t_buf[L]);
}
free_kern(dk.sdpaFwd); free_kern(dk.ffnW13); free_kern(dk.ffnW2);
free_kern(dk.ffnBwdW2t); free_kern(dk.ffnBwdW13t); free_kern(dk.wotBwd);
free_kern(dk.sdpaBwd1); free_kern(dk.sdpaBwd2); free_kern(dk.qkvBwd);
munmap(token_data, data_len); close(data_fd);
}
return 0;
}
free_kern(dk.sdpaFwd); free_kern(dk.ffnW13); free_kern(dk.ffnW2);
free_kern(dk.ffnBwdW2t); free_kern(dk.ffnBwdW13t); free_kern(dk.wotBwd);
free_kern(dk.sdpaBwd1); free_kern(dk.sdpaBwd2); free_kern(dk.qkvBwd);
munmap(token_data, data_len);
}
return 0;
}