Skip to content

Fix TOCTOU heap-buffer-overflow in SDPA per-thread scratch#20470

Open
derekdixu wants to merge 1 commit into
pytorch:mainfrom
derekdixu:export-D109464749
Open

Fix TOCTOU heap-buffer-overflow in SDPA per-thread scratch#20470
derekdixu wants to merge 1 commit into
pytorch:mainfrom
derekdixu:export-D109464749

Conversation

@derekdixu

@derekdixu derekdixu commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Summary:
The SDPA flash-attention kernel allocates per-thread scratch space using the threadpool's current thread count, then dispatches parallel work that independently re-reads the thread count. On a 96-core host post-fork, the threadpool can be resized between the two reads, causing the parallel dispatcher to create more tasks than scratch slots were allocated. Worker threads then index past the end of the buffer, triggering heap-buffer-overflow (reproduced 55% of the time, 11/20 runs).

This adds an optional num_threads parameter to parallel_for and calc_num_tasks_and_chunk_size. When <= 0 (the default), they read the threadpool's current count as before, so existing callers are unchanged. The SDPA kernel now passes the same thread count it used to size the buffer, guaranteeing num_tasks <= num_thread and keeping every worker's ompIdx in bounds.

Reviewed By: GregoryComer

Differential Revision: D109464749

@facebook-github-bot
Fix TOCTOU heap-buffer-overflow in SDPA per-thread scratch
10df7cc 
Summary:
The SDPA flash-attention kernel allocates per-thread scratch space using the threadpool's current thread count, then dispatches parallel work that independently re-reads the thread count. On a 96-core host post-fork, the threadpool can be resized between the two reads, causing the parallel dispatcher to create more tasks than scratch slots were allocated. Worker threads then index past the end of the buffer, triggering heap-buffer-overflow (reproduced 55% of the time, 11/20 runs).

This adds an optional `num_threads` parameter to `parallel_for` and `calc_num_tasks_and_chunk_size`. When `<= 0` (the default), they read the threadpool's current count as before, so existing callers are unchanged. The SDPA kernel now passes the same thread count it used to size the buffer, guaranteeing `num_tasks <= num_thread` and keeping every worker's `ompIdx` in bounds.

Reviewed By: GregoryComer

Differential Revision: D109464749




Signed-off-by: Chris Edmonds <edmondsc@meta.com>
@pytorch-bot

pytorch-bot Bot commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown

🔗 Helpful Links

🧪 See artifacts and rendered test results at hud.pytorch.org/pr/pytorch/executorch/20470

Note: Links to docs will display an error until the docs builds have been completed.

❗ 1 Active SEVs

There are 1 currently active SEVs. If your PR is affected, please view them below:

❌ 1 Awaiting Approval, 4 New Failures, 3 Unrelated Failures

As of commit 10df7cc with merge base aada6d7 (image):

AWAITING APPROVAL - The following workflow needs approval before CI can run:

NEW FAILURES - The following jobs have failed:

BROKEN TRUNK - The following jobs failed but were present on the merge base:

👉 Rebase onto the `viable/strict` branch to avoid these failures

This comment was automatically generated by Dr. CI and updates every 15 minutes.

@meta-cla meta-cla Bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Jun 24, 2026
@linux-foundation-easycla

linux-foundation-easycla Bot commented Jun 24, 2026

Copy link
Copy Markdown

CLA Missing ID

  • ❌ The email address for the commit (10df7cc) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please visit our EasyCLA portal and chat with our support bot.

@meta-codesync

meta-codesync Bot commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

@derekdixu has exported this pull request. If you are a Meta employee, you can view the originating Diff in D109464749.

@github-actions

github-actions Bot commented Jun 24, 2026

Copy link
Copy Markdown

This PR needs a release notes: label

If your change should be included in the release notes (i.e. would users of this library care about this change?), please use a label starting with release notes:. This helps us keep track and include your important work in the next release notes.

To add a label, you can comment to pytorchbot, for example
@pytorchbot label "release notes: none"

For more information, see
https://github.com/pytorch/pytorch/wiki/PyTorch-AutoLabel-Bot#why-categorize-for-release-notes-and-how-does-it-work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GregoryComer GregoryComer GregoryComer approved these changes
@JacobSzwejbka JacobSzwejbka Awaiting requested review from JacobSzwejbka JacobSzwejbka is a code owner
@kimishpatel kimishpatel Awaiting requested review from kimishpatel kimishpatel is a code owner
@larryliu0820 larryliu0820 Awaiting requested review from larryliu0820 larryliu0820 is a code owner
@mergennachin mergennachin Awaiting requested review from mergennachin mergennachin is a code owner

Assignees

No one assigned

Labels

CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. meta-exported

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@derekdixu @GregoryComer