diff --git a/0001-Fix-for-PyTorch-mobile-flatbuffer-loader-out-of-bounds-reads.patch b/0001-Fix-for-PyTorch-mobile-flatbuffer-loader-out-of-bounds-reads.patch new file mode 100644 index 0000000000000000000000000000000000000000..aab86ea5f074876559c32b5acf00af34f20d53f8 --- /dev/null +++ b/0001-Fix-for-PyTorch-mobile-flatbuffer-loader-out-of-bounds-reads.patch @@ -0,0 +1,37 @@ +From 0d3ceb3058201868765ff3aa1126685f3f7f9ecc Mon Sep 17 00:00:00 2001 +From: Andrew Calvano +Date: Fri, 17 Nov 2023 17:29:04 +0000 +Subject: [PATCH] Fix for PyTorch mobile flatbuffer loader out of bounds reads + (#110162) + +Summary: +The mobile_ivalue_size field in the mobile_bytecode flatbuffer schema can be larger than the ivalues vector. This introduces potential for memory corruption when parsing the mobile_bytecode Module. + +This diff fixes the issue by ensuring that mobile_ivalue_size is less than the size of the ivalues vector. + +Test Plan: contbuild & OSS CI + +Differential Revision: D49687548 + +Pull Request resolved: https://github.com/pytorch/pytorch/pull/110162 +Approved by: https://github.com/malfet +--- + torch/csrc/jit/mobile/flatbuffer_loader.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/torch/csrc/jit/mobile/flatbuffer_loader.cpp b/torch/csrc/jit/mobile/flatbuffer_loader.cpp +index 2fb12a4f..2069330b 100644 +--- a/torch/csrc/jit/mobile/flatbuffer_loader.cpp ++++ b/torch/csrc/jit/mobile/flatbuffer_loader.cpp +@@ -302,7 +302,7 @@ mobile::Module FlatbufferLoader::parseModule( + storage_loaded_.resize(module->storage_data_size(), false); + + mobile_ivalue_size_ = module_->mobile_ivalue_size(); +- if (mobile_ivalue_size_ == 0) { ++ if (mobile_ivalue_size_ == 0 || mobile_ivalue_size_ > ivalues->size()) { + mobile_ivalue_size_ = ivalues->size(); + } + +-- +2.43.0 + diff --git a/0003-Add-loongarch64-support-for-third_party.patch b/0003-Add-loongarch64-support-for-third_party.patch new file mode 100644 index 0000000000000000000000000000000000000000..11944314148307a35bc79b895e560a0e45685eb5 --- /dev/null +++ b/0003-Add-loongarch64-support-for-third_party.patch @@ -0,0 +1,81 @@ +From cba0eb7a9a7504847f48366c2efc901d3f3652ec Mon Sep 17 00:00:00 2001 +From: zhangzikang +Date: Tue, 21 May 2024 15:28:14 +0800 +Subject: [PATCH] Add loongarch64 support for third_party + +--- + third_party/benchmark/src/cycleclock.h | 2 +- + .../third_party/onnx/third_party/benchmark/src/cycleclock.h | 2 +- + third_party/onnx/third_party/benchmark/src/cycleclock.h | 2 +- + third_party/protobuf/third_party/benchmark/src/cycleclock.h | 2 +- + third_party/sleef/src/arch/helperpurec_scalar.h | 2 +- + 5 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/third_party/benchmark/src/cycleclock.h b/third_party/benchmark/src/cycleclock.h +index d65d32a3..4efaf582 100644 +--- a/third_party/benchmark/src/cycleclock.h ++++ b/third_party/benchmark/src/cycleclock.h +@@ -208,7 +208,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + asm volatile("rdcycle %0" : "=r"(cycles)); + return cycles; + #endif +-#elif defined(__e2k__) || defined(__elbrus__) ++#elif defined(__e2k__) || defined(__elbrus__) || defined(__loongarch64) + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +diff --git a/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h b/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h +index 3b376ac5..b0a3c0cb 100644 +--- a/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h ++++ b/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h +@@ -153,7 +153,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +-#elif defined(__mips__) ++#elif defined(__mips__) || defined(__loongarch64) + // mips apparently only allows rdtsc for superusers, so we fall + // back to gettimeofday. It's possible clock_gettime would be better. + struct timeval tv; +diff --git a/third_party/onnx/third_party/benchmark/src/cycleclock.h b/third_party/onnx/third_party/benchmark/src/cycleclock.h +index d65d32a3..4efaf582 100644 +--- a/third_party/onnx/third_party/benchmark/src/cycleclock.h ++++ b/third_party/onnx/third_party/benchmark/src/cycleclock.h +@@ -208,7 +208,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + asm volatile("rdcycle %0" : "=r"(cycles)); + return cycles; + #endif +-#elif defined(__e2k__) || defined(__elbrus__) ++#elif defined(__e2k__) || defined(__elbrus__) || defined(__loongarch64) + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +diff --git a/third_party/protobuf/third_party/benchmark/src/cycleclock.h b/third_party/protobuf/third_party/benchmark/src/cycleclock.h +index 4251fe4c..694e03dc 100644 +--- a/third_party/protobuf/third_party/benchmark/src/cycleclock.h ++++ b/third_party/protobuf/third_party/benchmark/src/cycleclock.h +@@ -153,7 +153,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +-#elif defined(__mips__) ++#elif defined(__mips__) || defined(__loongarch64) + // mips apparently only allows rdtsc for superusers, so we fall + // back to gettimeofday. It's possible clock_gettime would be better. + struct timeval tv; +diff --git a/third_party/sleef/src/arch/helperpurec_scalar.h b/third_party/sleef/src/arch/helperpurec_scalar.h +index e77e518f..a8c96e3b 100644 +--- a/third_party/sleef/src/arch/helperpurec_scalar.h ++++ b/third_party/sleef/src/arch/helperpurec_scalar.h +@@ -54,7 +54,7 @@ + #define ENABLE_FMA_SP + //@#define ENABLE_FMA_SP + +-#if defined(__AVX2__) || defined(__aarch64__) || defined(__arm__) || defined(__powerpc64__) || defined(__zarch__) || CONFIG == 3 ++#if defined(__AVX2__) || defined(__aarch64__) || defined(__arm__) || defined(__powerpc64__) || defined(__zarch__) || defined(__loongarch64) || CONFIG == 3 + #ifndef FP_FAST_FMA + #define FP_FAST_FMA + //@#define FP_FAST_FMA +-- +2.33.0 + diff --git a/0004-Fix-build-error-for-riscv64.patch b/0004-Fix-build-error-for-riscv64.patch new file mode 100644 index 0000000000000000000000000000000000000000..c3115f7d272eda9e268e1a5a3156a49e5d40a66b --- /dev/null +++ b/0004-Fix-build-error-for-riscv64.patch @@ -0,0 +1,74 @@ +From 1dc0fa9e37959b8fedfd1799670388e3f06d0ecc Mon Sep 17 00:00:00 2001 +From: Dingli Zhang +Date: Tue, 16 Jul 2024 17:52:28 +0000 +Subject: [PATCH] Fix build error for riscv64 + + +diff --git a/third_party/benchmark/src/cycleclock.h b/third_party/benchmark/src/cycleclock.h +index d65d32a3..452e11e4 100644 +--- a/third_party/benchmark/src/cycleclock.h ++++ b/third_party/benchmark/src/cycleclock.h +@@ -208,7 +208,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + asm volatile("rdcycle %0" : "=r"(cycles)); + return cycles; + #endif +-#elif defined(__e2k__) || defined(__elbrus__) ++#elif defined(__e2k__) || defined(__elbrus__) || defined(__riscv) + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +diff --git a/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h b/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h +index 3b376ac5..add2f298 100644 +--- a/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h ++++ b/third_party/onnx-tensorrt/third_party/onnx/third_party/benchmark/src/cycleclock.h +@@ -153,7 +153,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +-#elif defined(__mips__) ++#elif defined(__mips__) || defined(__riscv) + // mips apparently only allows rdtsc for superusers, so we fall + // back to gettimeofday. It's possible clock_gettime would be better. + struct timeval tv; +diff --git a/third_party/onnx/third_party/benchmark/src/cycleclock.h b/third_party/onnx/third_party/benchmark/src/cycleclock.h +index d65d32a3..452e11e4 100644 +--- a/third_party/onnx/third_party/benchmark/src/cycleclock.h ++++ b/third_party/onnx/third_party/benchmark/src/cycleclock.h +@@ -208,7 +208,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + asm volatile("rdcycle %0" : "=r"(cycles)); + return cycles; + #endif +-#elif defined(__e2k__) || defined(__elbrus__) ++#elif defined(__e2k__) || defined(__elbrus__) || defined(__riscv) + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +diff --git a/third_party/protobuf/third_party/benchmark/src/cycleclock.h b/third_party/protobuf/third_party/benchmark/src/cycleclock.h +index 4251fe4c..07d63307 100644 +--- a/third_party/protobuf/third_party/benchmark/src/cycleclock.h ++++ b/third_party/protobuf/third_party/benchmark/src/cycleclock.h +@@ -153,7 +153,7 @@ inline BENCHMARK_ALWAYS_INLINE int64_t Now() { + struct timeval tv; + gettimeofday(&tv, nullptr); + return static_cast(tv.tv_sec) * 1000000 + tv.tv_usec; +-#elif defined(__mips__) ++#elif defined(__mips__) || defined(__riscv) + // mips apparently only allows rdtsc for superusers, so we fall + // back to gettimeofday. It's possible clock_gettime would be better. + struct timeval tv; +diff --git a/third_party/sleef/src/arch/helperpurec_scalar.h b/third_party/sleef/src/arch/helperpurec_scalar.h +index e77e518f..f28c2b83 100644 +--- a/third_party/sleef/src/arch/helperpurec_scalar.h ++++ b/third_party/sleef/src/arch/helperpurec_scalar.h +@@ -54,7 +54,7 @@ + #define ENABLE_FMA_SP + //@#define ENABLE_FMA_SP + +-#if defined(__AVX2__) || defined(__aarch64__) || defined(__arm__) || defined(__powerpc64__) || defined(__zarch__) || CONFIG == 3 ++#if defined(__AVX2__) || defined(__aarch64__) || defined(__arm__) || defined(__powerpc64__) || defined(__zarch__) || defined(__riscv) || CONFIG == 3 + #ifndef FP_FAST_FMA + #define FP_FAST_FMA + //@#define FP_FAST_FMA +-- +2.41.0 + diff --git a/pytorch.spec b/pytorch.spec index 73c7523342ff81b4222ef7808ba0d3bba14831de..27eda9b5d1f9fa8d900221207eecbf16ceca7d24 100644 --- a/pytorch.spec +++ b/pytorch.spec @@ -1,13 +1,21 @@ %global _empty_manifest_terminate_build 0 Name: pytorch Version: 2.1.2 -Release: 2 +Release: 5 Summary: Tensors and Dynamic neural networks in Python with strong GPU acceleration License: BSD-3-Clause URL: https://pytorch.org/ Source0: https://github.com/pytorch/pytorch/releases/download/v%{version}/pytorch-v%{version}.tar.gz Patch1: 0001-add-Wno-error-nonnull-for-test-cpp-api.patch +Patch2: 0001-Fix-for-PyTorch-mobile-flatbuffer-loader-out-of-bounds-reads.patch +%ifarch loongarch64 +Patch3: 0003-Add-loongarch64-support-for-third_party.patch +%endif +%ifarch riscv64 +Patch4: 0004-Fix-build-error-for-riscv64.patch +%endif + BuildRequires: g++ Requires: python3-future Requires: python3-numpy @@ -86,6 +94,15 @@ mv %{buildroot}/doclist.lst . %{_docdir}/* %changelog +* Wed Jul 17 2024 Dingli Zhang - 2.1.2-5 +- Fix build error for riscv64 + +* Wed May 22 2024 zhangzikang - 2.1.2-4 +- Fix build error for loongarch64 + +* Mon Apr 22 2024 wangxiaomeng - 2.1.2-3 +- Fix CVE-2024-31584 + * Thu Jan 11 2024 Dongxing Wang - 2.1.2-2 - Patch: Add -Wno-error=nonnull for test/cpp/api/