Crash when FSE_MAX_MEMORY_USAGE 13

Question

Crash when FSE_MAX_MEMORY_USAGE 13

clbr opened this issue 4 years ago · comments

Clone current master
Edit FSE_MAX_MEMORY_USAGE to 13
fse blows up its stack when compressing

Valgrind and gdb traces are useless. Changing DEBUGLEVEL to 1 in debug.h does not help, no assert fires. Compiling with -fstack-protector says "*** stack smashing detected ***" and gdb says it came when exiting FSE_compress2 at ../lib/fse_compress.c:706.

clbr · Answer 1 · Thu Jul 16 2020 19:28:55 GMT+0800 (China Standard Time)

Happens with multiple gcc versions.

clbr · Answer 2 · Thu Jul 16 2020 20:05:16 GMT+0800 (China Standard Time)

Seems to still happen when I update fse_compress.c and related files from zstd. (needed some edits)

Yann Collet · Answer 3 · Fri Jul 17 2020 00:42:11 GMT+0800 (China Standard Time)

Thanks for reporting @clbr .

You mean you reduced FSE_MAX_MEMORY_USAGE from 14 to 13 ?
This should have been fine, as long as FSE_DEFAULT_MEMORY_USAGE <= FSE_MAX_MEMORY_USAGE.

Maybe some of the more recent changes impacted this scenario.
To be checked.

Yann Collet · Answer 4 · Fri Jul 17 2020 06:38:39 GMT+0800 (China Standard Time)

I made a quick test, lowering FSE_MAX_MEMORY_USAGE to 13, and got this error :
Error 23 : Compression error : workspace buffer is too small.

So, I don't know what's is the exact usage of fse in your case, but I can easily see such error becoming a memory stack access if it is undetected.

Now onto a fix.

Yann Collet · Answer 5 · Fri Jul 17 2020 08:40:35 GMT+0800 (China Standard Time)

I've uploaded a fix in dev branch that seems to solve the issue (tested with FSE_MAX_MEMORY_USAGE 13 and 12)

clbr · Answer 6 · Fri Jul 17 2020 14:19:55 GMT+0800 (China Standard Time)

My fse usage was simply "./fse xxhash.c". It also triggered when trying to execute the tests, or compressing via calling the library functions. In no case did I get the error, curious.

I confirm the lower values now work, tested 13, 12 and 11. Closing.