libpmemobj-cpp
libpmemobj-cpp copied to clipboard
pmem
avx access beyond end of string
Environment Information
- libpmemobj-cpp version(s): 1.13.0
- PMDK (libpmemobj) package version(s): 1.12.0
- OS(es) version(s): Debian bookworm/unstable
- kernel version(s): 5.10.70 (reporter), 5.19-rc5 (me)
- compiler, libraries, packaging and other related tools version(s): gcc-11, glibc 2.33
- TBB version(s): -
- ndctl version(s): 73
For some reason, string comparison started to optimistically vectorize matching pieces of the string, including strings shorter than the AVX2 chunk (32 bytes) or tails of longer strings. This never gives an invalid answer (matches past the buffer's end get cut off later), is AFAIK allowed by the hardware+kernel on x86 — but valgrind hates that.
We now get fails like:
==730367== Invalid read of size 32
==730367== at 0x4C3E899: __wmemcmp_avx2_movbe (memcmp-avx2-movbe.S:412)
==730367== Address 0xbd7f090 is 0 bytes inside a block of size 20 alloc'd
I don't see any obvious toolchain upgrades in unstable recently — gcc-11, gcc-2.33, valgrind 3.18.1 have been there for a long time. Still, some bit must have been upgraded so now these tests reliably fail.
@kilobyte, I managed to reproduce one failing issue on this Docker file: https://github.com/pmem/libpmemobj-cpp/blob/master/utils/docker/images/Dockerfile.debian-unstable
and I prepared a suppression for (I believe) both of the failing tests. Could you please verify if this PR works for you: https://github.com/pmem/libpmemobj-cpp/pull/1263 ?
