Fix security scan for release owned by Xunsong (#3545)

Include all parts of under directories of `tests/gpu/` and `scripts`

Signed-off-by: Xunsong, Huang <[email protected]>
Co-authored-by: Ye Ting <[email protected]>
Co-authored-by: Jinghui <[email protected]>

Author: 3 people

scripts/gpu/gen_code.py

@@ -724,8 +724,6 @@ def extract_schema(path):
     for line in open(path, "r"):
         line = line.strip()
         m = re.match(r"\s*([^\s].*);\s*//\s*([^\s].*)", line)
-        if not m:
-            continue
         if m:
             schema = m.group(2)
             if schema.startswith("{"):
@@ -754,7 +752,6 @@ def get_lazy_reorder(schema_name, argument):
                     LAZY_REORDER_OPTIONAL_TENSOR.substitute(change_dict),
                     change_dict["temp_name"],
                 )
-                option["actuals"][i] = change_dict["temp_name"]
             elif not argument["type"].startswith("const"):
                 return LAZY_REORDER_TENSOR.substitute(change_dict), change_dict["name"]
             else:

scripts/tools/setup/cmake.py

@@ -124,12 +124,14 @@ def _get_cmake_command():
         # if IS_WINDOWS:
         #     return cmake_command
         # cmake3 = 'cmake3' # which('cmake3')
-        cmake3 = None
+        # cmake3 = None
         cmake = "cmake"  # which('cmake')
-        if cmake3 is not None and CMake._get_version(cmake3) >= LooseVersion("3.5.0"):
-            cmake_command = "cmake3"
-            return cmake_command
-        elif cmake is not None and CMake._get_version(cmake) >= LooseVersion("3.5.0"):
+        # Security Scan: waste code as cmake3 is always None here.
+        # if cmake3 is not None and CMake._get_version(cmake3) >= LooseVersion("3.5.0"):
+        #     cmake_command = "cmake3"
+        #     return cmake_command
+        # elif cmake is not None and CMake._get_version(cmake) >= LooseVersion("3.5.0"):
+        if cmake is not None and CMake._get_version(cmake) >= LooseVersion("3.5.0"):
             return cmake_command
         else:
             raise RuntimeError("no cmake or cmake3 with version >= 3.5.0 found")

scripts/tools/torchgen/executorch/model.py

@@ -145,12 +145,15 @@ def has_kernels(self, g: Union[NativeFunction, NativeFunctionsGroup]) -> bool:
     def get_kernels(
         self, g: Union[NativeFunction, NativeFunctionsGroup]
     ) -> Dict[ETKernelKey, BackendMetadata]:
+        f = None
         if isinstance(g, NativeFunction):
             f = g
         elif isinstance(g, NativeFunctionsGroup):
             f = g.functional
         else:
             assert_never(g)
+        assert f is not None, \
+            f"NoneTypeError: Cannot get funcion from {type(g).__name__}"
         if f.func.name not in self.index:
             return {}
         return self.index[f.func.name]

scripts/tools/torchgen/gen_functionalization_type.py

@@ -782,4 +782,3 @@ def gen_functionalization_definition(
         if g.mutable is not None:
             mutation_defs.append(emit_inplace_functionalization_body(g.mutable, g))
         return mutation_defs
-    return []

scripts/tools/torchgen/model.py

@@ -966,14 +966,15 @@ def __post_init__(self) -> None:
 
     @property
     def has_composite_kernel(self) -> bool:
+        # as scanned, self.has_composite_implicit_autograd_kernel here must be false
         return (
-            self.has_composite_implicit_autograd_kernel
-            or self.has_composite_explicit_autograd_kernel
-            or self.has_composite_explicit_autograd_non_functional_kernel
-        ) or (
-            self.has_composite_implicit_autograd_kernel
-            and self.has_composite_implicit_autograd_nested_tensor_kernel
-        )
+            # self.has_composite_implicit_autograd_kernel or
+            self.has_composite_explicit_autograd_kernel or
+            self.has_composite_explicit_autograd_non_functional_kernel
+        ) #  or (
+          #     self.has_composite_implicit_autograd_kernel
+          #     and self.has_composite_implicit_autograd_nested_tensor_kernel
+          # )
 
     @property
     def is_view_op(self) -> bool:
@@ -1236,12 +1237,15 @@ def has_kernel(self, g: Union[NativeFunction, NativeFunctionsGroup]) -> bool:
     def get_kernel(
         self, g: Union[NativeFunction, NativeFunctionsGroup]
     ) -> Optional[BackendMetadata]:
+        f = None
         if isinstance(g, NativeFunction):
             f = g
         elif isinstance(g, NativeFunctionsGroup):
             f = self.primary(g)
         else:
             assert_never(g)
+        assert f is not None, \
+            f"NoneTypeError: Cannot get funcion from {type(g).__name__}"
         if f.func.name not in self.index:
             return None
         return self.index[f.func.name]

scripts/tools/torchgen/packaged/autograd/gen_inplace_or_view_type.py

@@ -276,7 +276,10 @@ def unpack_args(f: NativeFunction) -> Tuple[List[str], List[Binding]]:
 
         is_tensor_list = is_tensor_list_type(binding.argument.type)
         ref = (not is_nullable) and not is_tensor_list
-        suffix = "_opt" if is_nullable and not is_tensor_list else ""
+        # Security Scan: if is_nullable is True, loop will continue at #L275
+        # which makes below line dead
+        # suffix = "_opt" if is_nullable and not is_tensor_list else ""
+        suffix = ""
         body.append(
             UNPACK_TENSOR.substitute(
                 arg_name=binding.name,

tests/gpu/examples/test_margin_ranking_loss.py

@@ -35,8 +35,6 @@ def _test_cpu(input1, input2, target, reduc):
             print(input1.grad)
             print(input2.grad)
             return input1, input2
-            input1.grad.zero_()
-            input2.grad.zero_()
 
         def _test_dpcpp(input1, input2, target, reduc):
             loss = nn.MarginRankingLoss(reduction=reduc)

tests/gpu/examples/test_qconv_channels_last.py

@@ -15,12 +15,11 @@ def test_qconv_simple_channels_last(self, dtype=torch.float):
         dtype_filters = torch.qint8
         zp_vec = [128, 2, 0]
         for with_relu in [True, False]:
+            qconv_fn = torch.ops.quantized.conv2d
+            if with_relu:
+                qconv_fn = torch.ops.quantized.conv2d_relu
             for scale_in in [1.2, 1.6]:
                 for zero_point_in in zp_vec:  # torch u8, random zp, 0
-                    if with_relu:
-                        qconv_fn = torch.ops.quantized.conv2d_relu
-                    else:
-                        qconf_fn = torch.ops.quantized.conv2d
                     scale_weight = 0.5
                     scale_out = 0.5
                     zero_point_out = 2
@@ -83,12 +82,11 @@ def test_qconv_simple_channels_last_3d(self, dtype=torch.float):
         dtype_filters = torch.qint8
         zp_vec = [128, 2, 0]
         for with_relu in [True, False]:
+            qconv_fn = torch.ops.quantized.conv3d
+            if with_relu:
+                qconv_fn = torch.ops.quantized.conv3d_relu
             for scale_in in [1.2, 1.6]:
                 for zero_point_in in zp_vec:  # torch u8, random zp, 0
-                    if with_relu:
-                        qconv_fn = torch.ops.quantized.conv3d_relu
-                    else:
-                        qconf_fn = torch.ops.quantized.conv3d
                     scale_weight = 0.5
                     scale_out = 4.0
                     zero_point_out = 2

tests/gpu/examples/test_qdeconv.py

@@ -67,10 +67,7 @@ def test_qdeconv3d_cpuref(self, dtype=torch.float):
 
             X_gpu = X.to("xpu")
             W_gpu = W.to("xpu")
-            if bias is not None:
-                bias_gpu = bias.to("xpu")
-            else:
-                bias_gpu = None
+            bias_gpu = None
 
             # We do the s8 quantize in backend, the formula is qx = x / sc + 0
             qX_gpu = torch.quantize_per_tensor(

tests/gpu/pytorch/test/functorch/test_aotdispatch.py

@@ -168,17 +168,18 @@ def test_make_fx_no_decompose(self, device):
         # FIXME
         return self.skipTest("error: maximum recursion reached")
 
-        def f(x):
-            return torch.tanh(x).sum()
+        # Security Scan: dead code due to skipTest(), need to reopen in future
+        # def f(x):
+        #     return torch.tanh(x).sum()
 
-        fx_f = make_fx(grad(f))(torch.randn(5))
-        ops = {i.target for i in fx_f.graph.nodes}
+        # fx_f = make_fx(grad(f))(torch.randn(5))
+        # ops = {i.target for i in fx_f.graph.nodes}
 
-        self.assertEqual(torch.ops.aten.tanh_backward in ops, True)
+        # self.assertEqual(torch.ops.aten.tanh_backward in ops, True)
 
-        fx_f = make_fx(grad(f), decomposition_table)(torch.randn(5))
-        ops = {i.target for i in fx_f.graph.nodes}
-        self.assertEqual(torch.ops.aten.tanh_backward in ops, False)
+        # fx_f = make_fx(grad(f), decomposition_table)(torch.randn(5))
+        # ops = {i.target for i in fx_f.graph.nodes}
+        # self.assertEqual(torch.ops.aten.tanh_backward in ops, False)
 
     def test_nnc_jit(self, device):
         def f(x):