Harden token file layout checks and prevent exec-time fd leaks

Author: nabbilkhan

training/README.md

@@ -81,6 +81,7 @@ bash download_data.sh
 Downloads pretokenized TinyStories (Llama 2 BPE, 32K vocab) from HuggingFace. Produces `tinystories_data00.bin` (~41 MB, ~20M tokens).
 
 All training pipelines perform token-data validation at startup:
+- token file byte length must align to 16-bit token boundaries
 - token file must contain at least `SEQ+1` tokens
 - every token id must be within `[0, vocab_size)`
 

training/data_validation.h

@@ -16,6 +16,14 @@ typedef struct {
     uint16_t bad_token;
 } TokenDataValidationError;
 
+// Token files are 16-bit ids. Return false when byte length is misaligned.
+static inline bool token_data_bytes_to_token_count(size_t n_bytes, size_t *n_tokens, size_t *extra_bytes) {
+    size_t rem = n_bytes % sizeof(uint16_t);
+    if (n_tokens) *n_tokens = n_bytes / sizeof(uint16_t);
+    if (extra_bytes) *extra_bytes = rem;
+    return rem == 0;
+}
+
 static inline bool token_data_has_min_tokens(size_t n_tokens, int seq, size_t *required_tokens) {
     if (seq < 0) return false;
     size_t needed = (size_t)seq + 1;

training/test_data_validation.c

@@ -23,6 +23,39 @@ typedef struct {
 #define CHECK_EQ_INT(stats, got, want, msg) CHECK_TRUE((stats), (got) == (want), msg)
 #define CHECK_EQ_SIZE(stats, got, want, msg) CHECK_TRUE((stats), (got) == (want), msg)
 
+static uint32_t lcg_next(uint32_t *state) {
+    *state = (*state * 1664525u) + 1013904223u;
+    return *state;
+}
+
+static void test_bytes_to_token_count_even(TestStats *stats) {
+    size_t n_tokens = 0;
+    size_t extra = 99;
+    CHECK_TRUE(stats, token_data_bytes_to_token_count(1024, &n_tokens, &extra),
+               "even byte length should map to token count");
+    CHECK_EQ_SIZE(stats, n_tokens, 512, "1024 bytes should map to 512 tokens");
+    CHECK_EQ_SIZE(stats, extra, 0, "even byte length should have zero remainder");
+    stats->passed++;
+}
+
+static void test_bytes_to_token_count_odd(TestStats *stats) {
+    size_t n_tokens = 0;
+    size_t extra = 0;
+    CHECK_TRUE(stats, !token_data_bytes_to_token_count(1025, &n_tokens, &extra),
+               "odd byte length should fail alignment check");
+    CHECK_EQ_SIZE(stats, n_tokens, 512, "odd byte length should still report floor token count");
+    CHECK_EQ_SIZE(stats, extra, 1, "1025 bytes should report one extra byte");
+    stats->passed++;
+}
+
+static void test_bytes_to_token_count_null_outputs(TestStats *stats) {
+    CHECK_TRUE(stats, token_data_bytes_to_token_count(8, NULL, NULL),
+               "alignment helper should work with null output pointers");
+    CHECK_TRUE(stats, !token_data_bytes_to_token_count(9, NULL, NULL),
+               "alignment helper should fail odd byte length with null outputs");
+    stats->passed++;
+}
+
 static void test_min_tokens_boundary(TestStats *stats) {
     size_t required = 0;
     CHECK_TRUE(stats, token_data_has_min_tokens(257, 256, &required), "257 tokens should satisfy seq=256");
@@ -37,6 +70,13 @@ static void test_min_tokens_short(TestStats *stats) {
     stats->passed++;
 }
 
+static void test_min_tokens_negative_seq(TestStats *stats) {
+    size_t required = 777;
+    CHECK_TRUE(stats, !token_data_has_min_tokens(10, -1, &required), "negative seq should fail min-token check");
+    CHECK_EQ_SIZE(stats, required, 777, "required token out param should remain unchanged for invalid seq");
+    stats->passed++;
+}
+
 static void test_validate_too_short(TestStats *stats) {
     uint16_t tokens[2] = {1, 2};
     TokenDataValidationError err = {0};
@@ -46,6 +86,22 @@ static void test_validate_too_short(TestStats *stats) {
     stats->passed++;
 }
 
+static void test_validate_too_short_precedes_oob(TestStats *stats) {
+    uint16_t tokens[2] = {65000, 1};
+    TokenDataValidationError err = {0};
+    TokenDataValidationCode code = token_data_validate(tokens, 2, 4, 32000, &err);
+    CHECK_EQ_INT(stats, code, TOKEN_DATA_ERR_TOO_SHORT, "too-short check should happen before OOB check");
+    CHECK_EQ_SIZE(stats, err.required_tokens, 5, "required token count should still be reported");
+    stats->passed++;
+}
+
+static void test_validate_too_short_with_null_err(TestStats *stats) {
+    uint16_t tokens[2] = {1, 2};
+    TokenDataValidationCode code = token_data_validate(tokens, 2, 4, 32000, NULL);
+    CHECK_EQ_INT(stats, code, TOKEN_DATA_ERR_TOO_SHORT, "validation should work when err output is null");
+    stats->passed++;
+}
+
 static void test_validate_oob_first(TestStats *stats) {
     uint16_t tokens[6] = {32000, 1, 2, 3, 4, 5};
     TokenDataValidationError err = {0};
@@ -85,6 +141,20 @@ static void test_validate_ok(TestStats *stats) {
     stats->passed++;
 }
 
+static void test_validate_vocab_boundary(TestStats *stats) {
+    uint16_t valid_tokens[3] = {0, 0, 0};
+    TokenDataValidationError err = {0};
+    TokenDataValidationCode valid_code = token_data_validate(valid_tokens, 3, 2, 1, &err);
+    CHECK_EQ_INT(stats, valid_code, TOKEN_DATA_VALID, "token 0 should be valid when vocab=1");
+
+    uint16_t invalid_tokens[3] = {0, 1, 0};
+    TokenDataValidationCode invalid_code = token_data_validate(invalid_tokens, 3, 2, 1, &err);
+    CHECK_EQ_INT(stats, invalid_code, TOKEN_DATA_ERR_OOB_TOKEN, "token >= vocab should fail at vocab boundary");
+    CHECK_EQ_SIZE(stats, err.bad_index, 1, "boundary OOB should report exact index");
+    CHECK_EQ_INT(stats, err.bad_token, 1, "boundary OOB should report offending token");
+    stats->passed++;
+}
+
 static void test_find_oob_empty(TestStats *stats) {
     size_t bad_index = 123;
     uint16_t bad_token = 456;
@@ -95,17 +165,74 @@ static void test_find_oob_empty(TestStats *stats) {
     stats->passed++;
 }
 
+static void test_find_oob_null_outputs(TestStats *stats) {
+    uint16_t tokens[4] = {0, 1, 32000, 2};
+    CHECK_TRUE(stats, token_data_find_oob_token(tokens, 4, 32000, NULL, NULL),
+               "OOB scan should work with null output pointers");
+    stats->passed++;
+}
+
+static void test_find_oob_invalid_vocab(TestStats *stats) {
+    uint16_t tokens[3] = {0, 1, 2};
+    CHECK_TRUE(stats, !token_data_find_oob_token(tokens, 3, 0, NULL, NULL),
+               "OOB scan should reject non-positive vocab");
+    CHECK_TRUE(stats, !token_data_find_oob_token(tokens, 3, -1, NULL, NULL),
+               "OOB scan should reject negative vocab");
+    stats->passed++;
+}
+
+static void test_find_oob_randomized_consistency(TestStats *stats) {
+    uint32_t seed = 1;
+    for (int iter = 0; iter < 512; iter++) {
+        int vocab = (int)(lcg_next(&seed) % 128u) + 1;
+        size_t n_tokens = (size_t)(lcg_next(&seed) % 64u);
+        uint16_t tokens[64] = {0};
+
+        bool expected_found = false;
+        size_t expected_index = 0;
+        uint16_t expected_token = 0;
+        for (size_t i = 0; i < n_tokens; i++) {
+            tokens[i] = (uint16_t)(lcg_next(&seed) % 256u);
+            if (!expected_found && (int)tokens[i] >= vocab) {
+                expected_found = true;
+                expected_index = i;
+                expected_token = tokens[i];
+            }
+        }
+
+        size_t got_index = 0;
+        uint16_t got_token = 0;
+        bool got_found = token_data_find_oob_token(tokens, n_tokens, vocab, &got_index, &got_token);
+        CHECK_EQ_INT(stats, got_found, expected_found, "randomized OOB scan should match reference result");
+        if (expected_found) {
+            CHECK_EQ_SIZE(stats, got_index, expected_index, "randomized OOB index should match reference");
+            CHECK_EQ_INT(stats, got_token, expected_token, "randomized OOB token should match reference");
+        }
+    }
+    stats->passed++;
+}
+
 int main(void) {
     TestStats stats = {0, 0};
 
+    test_bytes_to_token_count_even(&stats);
+    test_bytes_to_token_count_odd(&stats);
+    test_bytes_to_token_count_null_outputs(&stats);
     test_min_tokens_boundary(&stats);
     test_min_tokens_short(&stats);
+    test_min_tokens_negative_seq(&stats);
     test_validate_too_short(&stats);
+    test_validate_too_short_precedes_oob(&stats);
+    test_validate_too_short_with_null_err(&stats);
     test_validate_oob_first(&stats);
     test_validate_oob_middle(&stats);
     test_validate_oob_last(&stats);
     test_validate_ok(&stats);
+    test_validate_vocab_boundary(&stats);
     test_find_oob_empty(&stats);
+    test_find_oob_null_outputs(&stats);
+    test_find_oob_invalid_vocab(&stats);
+    test_find_oob_randomized_consistency(&stats);
 
     printf("test_data_validation: %d passed, %d failed\n", stats.passed, stats.failed);
     return stats.failed == 0 ? 0 : 1;

training/train_large.m

@@ -283,28 +283,42 @@ int main(int argc, char *argv[]) {
             printf("ANE FLOPs/step: %.0fM (fwd+bwd_dx+sdpa_bwd) | CPU: dW+cls (cblas)\n\n", ane_f/1e6);
         }
 
-        // mmap token data
+        // mmap token data
         int data_fd = open(DATA_PATH, O_RDONLY);
         if (data_fd < 0) { printf("Cannot open %s\n", DATA_PATH); return 1; }
-        struct stat st; fstat(data_fd, &st);
-        size_t data_len = st.st_size;
+        struct stat st;
+        if (fstat(data_fd, &st) != 0) { perror("fstat"); close(data_fd); return 1; }
+        size_t data_len = (size_t)st.st_size;
+        size_t n_tokens = 0, extra_bytes = 0;
+        if (!token_data_bytes_to_token_count(data_len, &n_tokens, &extra_bytes)) {
+            fprintf(stderr,
+                    "Token data validation failed: file size %zu bytes has %zu extra byte(s); expected 16-bit tokens\n",
+                    data_len, extra_bytes);
+            close(data_fd);
+            return 1;
+        }
+        if (n_tokens == 0) {
+            fprintf(stderr, "Token data validation failed: token file is empty\n");
+            close(data_fd);
+            return 1;
+        }
         uint16_t *token_data = (uint16_t*)mmap(NULL, data_len, PROT_READ, MAP_PRIVATE, data_fd, 0);
-        if (token_data == MAP_FAILED) { printf("mmap failed\n"); close(data_fd); return 1; }
-        size_t n_tokens = data_len / 2;
+        if (token_data == MAP_FAILED) { perror("mmap"); close(data_fd); return 1; }
+        close(data_fd); // mapping remains valid; avoid fd leaks across exec() restarts
         printf("Token data: %zu tokens (%.1f MB)\n", n_tokens, data_len/1e6);
 
         TokenDataValidationError data_err = {0};
         TokenDataValidationCode data_code = token_data_validate(token_data, n_tokens, SEQ, VOCAB, &data_err);
         if (data_code == TOKEN_DATA_ERR_TOO_SHORT) {
             fprintf(stderr, "Token data validation failed: need at least %zu tokens (SEQ+1), got %zu\n",
                     data_err.required_tokens, n_tokens);
-            munmap(token_data, data_len); close(data_fd);
+            munmap(token_data, data_len);
             return 1;
         }
         if (data_code == TOKEN_DATA_ERR_OOB_TOKEN) {
             fprintf(stderr, "Token data validation failed: token %u at index %zu is outside vocab [0, %d)\n",
                     data_err.bad_token, data_err.bad_index, VOCAB);
-            munmap(token_data, data_len); close(data_fd);
+            munmap(token_data, data_len);
             return 1;
         }
 
@@ -695,19 +709,18 @@ int main(int argc, char *argv[]) {
         printf("ANE utilization: %.1f%% of 15.8 TFLOPS\n", 100*ane_flops/(total_train_ms*1e9)/15.8);
 
         // Cleanup
-        for (int L=0; L<NLAYERS; L++) {
-            free_layer_kernels(&kern[L]);
-            free_kern(sdpaBwd2[L]);
-            layer_weights_free(&lw[L]);
-            layer_adam_free(&la[L]);
-            layer_acts_free(&acts[L]);
-            layer_grads_free(&grads[L]);
-        }
-        munmap(token_data, data_len);
-        close(data_fd);
-        free(rms_final); free(embed); free(grms_final); free(gembed);
-        adam_free(&arms_final); adam_free(&aembed);
-        free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);
+        for (int L=0; L<NLAYERS; L++) {
+            free_layer_kernels(&kern[L]);
+            free_kern(sdpaBwd2[L]);
+            layer_weights_free(&lw[L]);
+            layer_adam_free(&la[L]);
+            layer_acts_free(&acts[L]);
+            layer_grads_free(&grads[L]);
+        }
+        munmap(token_data, data_len);
+        free(rms_final); free(embed); free(grms_final); free(gembed);
+        adam_free(&arms_final); adam_free(&aembed);
+        free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);
         free(do_out_buf); free(dq); free(dk); free(dv); free(dx_attn);
         free(x_cur); free(x_final); free(logits); free(dlogits);
     }

training/train_large_ane.m

@@ -274,25 +274,39 @@ int main(int argc, char *argv[]) {
         // mmap token data
         int data_fd = open(DATA_PATH, O_RDONLY);
         if (data_fd < 0) { printf("Cannot open %s\n", DATA_PATH); return 1; }
-        struct stat st; fstat(data_fd, &st);
-        size_t data_len = st.st_size;
+        struct stat st;
+        if (fstat(data_fd, &st) != 0) { perror("fstat"); close(data_fd); return 1; }
+        size_t data_len = (size_t)st.st_size;
+        size_t n_tokens = 0, extra_bytes = 0;
+        if (!token_data_bytes_to_token_count(data_len, &n_tokens, &extra_bytes)) {
+            fprintf(stderr,
+                    "Token data validation failed: file size %zu bytes has %zu extra byte(s); expected 16-bit tokens\n",
+                    data_len, extra_bytes);
+            close(data_fd);
+            return 1;
+        }
+        if (n_tokens == 0) {
+            fprintf(stderr, "Token data validation failed: token file is empty\n");
+            close(data_fd);
+            return 1;
+        }
         uint16_t *token_data = (uint16_t*)mmap(NULL, data_len, PROT_READ, MAP_PRIVATE, data_fd, 0);
-        if (token_data == MAP_FAILED) { printf("mmap failed\n"); close(data_fd); return 1; }
-        size_t n_tokens = data_len / 2;
+        if (token_data == MAP_FAILED) { perror("mmap"); close(data_fd); return 1; }
+        close(data_fd); // mapping remains valid; avoid fd leaks across exec() restarts
         printf("Token data: %zu tokens (%.1f MB)\n", n_tokens, data_len/1e6);
 
         TokenDataValidationError data_err = {0};
         TokenDataValidationCode data_code = token_data_validate(token_data, n_tokens, SEQ, VOCAB, &data_err);
         if (data_code == TOKEN_DATA_ERR_TOO_SHORT) {
             fprintf(stderr, "Token data validation failed: need at least %zu tokens (SEQ+1), got %zu\n",
                     data_err.required_tokens, n_tokens);
-            munmap(token_data, data_len); close(data_fd);
+            munmap(token_data, data_len);
             return 1;
         }
         if (data_code == TOKEN_DATA_ERR_OOB_TOKEN) {
             fprintf(stderr, "Token data validation failed: token %u at index %zu is outside vocab [0, %d)\n",
                     data_err.bad_token, data_err.bad_index, VOCAB);
-            munmap(token_data, data_len); close(data_fd);
+            munmap(token_data, data_len);
             return 1;
         }
 
@@ -749,7 +763,7 @@ int main(int argc, char *argv[]) {
             layer_acts_free(&acts[L]); layer_grads_free(&grads[L]);
         }
         free_kern(softmaxKern); free_kern(finalRmsKern); free_kern(classifierKern);
-        munmap(token_data, data_len); close(data_fd);
+        munmap(token_data, data_len);
         free(rms_final); free(embed); free(grms_final); free(gembed);
         adam_free(&arms_final); adam_free(&aembed);
         free(dy); free(dffn); free(dh1); free(dh3); free(dx_ffn); free(dx2);