Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add weights_only=True in torch.load #6094

Closed
wants to merge 13 commits into from
Closed

Add weights_only=True in torch.load #6094

wants to merge 13 commits into from

Conversation

terry-for-github
Copy link
Contributor

FutureWarning: You are using torch.load with weights_only=False (the current default value), which uses the default pickle module implicitly. It is possible to construct malicious pickle data which will execute arbitrary code during unpickling (See https://github.com/pytorch/pytorch/blob/main/SECURITY.md#untrusted-models for more details). In a future release, the default value for weights_only will be flipped to True. This limits the functions that could be executed during unpickling. Arbitrary objects will no longer be allowed to be loaded via this mode unless they are explicitly allowlisted by the user via torch.serialization.add_safe_globals. We recommend you start setting weights_only=True for any use case where you don't have full control of the loaded file. Please open an issue on GitHub for any issues related to this experimental feature.

@terry-for-github
Copy link
Contributor Author

I didnt check which case should not use weights_only=True. I just add it in all of the torch.load. Hope it will help.

@tjruwase
Copy link
Contributor

I didnt check which case should not use weights_only=True. I just add it in all of the torch.load. Hope it will help.

@terry-for-github, thanks for making DeepSpeed more secure.

loadams
loadams reviewed Aug 19, 2024
View reviewed changes
deepspeed/checkpoint/deepspeed_checkpoint.py
@@ -116,7 +116,7 @@ def show_transformer_file_map(self):
self._dump_mapping(self.transformer_file_map, 'rank_to_transformer_files')

def _build_global_state(self):
sd = torch.load(self.mp_rank_files[0], map_location=torch.device('cpu'))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @terry-for-github - could you run the pre-commit formatter, that should fix the formatting errors on these files.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, I'll try that.

@terry-for-github
Copy link
Contributor Author

Is this OK? I haven't use pre-commit tools brefore. I do it by myself lol.

@loadams
Copy link
Contributor

loadams commented Aug 26, 2024

Is this OK? I haven't use pre-commit tools brefore. I do it by myself lol.

Yes @terry-for-github thanks, the formatting checks appear to be passing, though other checks are not now.

@terry-for-github
Copy link
Contributor Author

I found that not all of the torch.load are compatible with weights_only=True. Some of them should be set to weights_only=False explicitly instead.

@tohtana tohtana self-requested a review as a code owner October 17, 2024 23:42
@loadams
Copy link
Contributor

loadams commented Oct 25, 2024

I found that not all of the torch.load are compatible with weights_only=True. Some of them should be set to weights_only=False explicitly instead.

Agreed, we've fixed most of the unrelated CI issues, would you be interested in continuing this PR?

@loadams
Copy link
Contributor

loadams commented Nov 13, 2024

I found that not all of the torch.load are compatible with weights_only=True. Some of them should be set to weights_only=False explicitly instead.

Agreed, we've fixed most of the unrelated CI issues, would you be interested in continuing this PR?

Hi @terry-for-github - no worries if you aren't, but I'll make a PR as well to fix these warnings.

@loadams loadams mentioned this pull request Nov 14, 2024
Open
1 task
@loadams
Copy link
Contributor

loadams commented Nov 14, 2024

Closing in favor of #6751

@loadams loadams closed this Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@loadams loadams loadams left review comments

@tjruwase tjruwase tjruwase approved these changes

@awan-10 awan-10 Awaiting requested review from awan-10 awan-10 is a code owner

@arashb arashb Awaiting requested review from arashb

@tohtana tohtana Awaiting requested review from tohtana tohtana is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@terry-for-github @tjruwase @loadams @tohtana