Skip to content

[ICM CXX] Address Pad kernel shortcomings #26864

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yuslepukhin merged 29 commits into from
Jan 8, 2026
Merged

[ICM CXX] Address Pad kernel shortcomings #26864

yuslepukhin merged 29 commits into from
Jan 8, 2026

Conversation

@yuslepukhin
Copy link
Member

@yuslepukhin yuslepukhin commented Dec 25, 2025
edited
Loading

Description

Address OOB reads and writes issues.

Motivation and Context

#11828
#13332
See also this: onnx/onnx#4294

@yuslepukhin
Add test model
1af3abd
@yuslepukhin
Add test model
4be2420
@yuslepukhin
Py formatting
4029951
@yuslepukhin
Merge branch 'yuslepukhin/pad_rce' of https://github.com/microsoft/on…
1eda095 
…nxruntime into yuslepukhin/pad_rce
@yuslepukhin
Continue testing
0b84e6b
@yuslepukhin
Commit the latest
fdfe2b5
@yuslepukhin
Fix up constant
3e711a5
@yuslepukhin
More refactoring
af3a016
@yuslepukhin
Add instrumentation
e1e8fa9
@yuslepukhin
Add tests
ec57b37
@yuslepukhin
All Edge tests fail
96a6045
@yuslepukhin
Revert "All Edge tests fail"
a2570d0 
This reverts commit 96a6045.
@yuslepukhin
Add missing Edge tests
5a6a979
@yuslepukhin
Fix Reflect and add tests for Wrap
635c6f8
@yuslepukhin
Test pass on CPU
096d539
@yuslepukhin
Add some cases handling for CUDA
0c521ae
@yuslepukhin
Clamp output dimensions, early exist on zero output
b78cfe7
@yuslepukhin
Produce outut before early exist
f3e68f6
@yuslepukhin
Wrap is not supported on CUDA. Wrap test must be ver 18
5ef84e2
@yuslepukhin
Still have CUDA failures, not clear why cudaMemset is not working as …
8319d47 
…expected.

[  FAILED  ] PadOpTest/0.Pad_Constant_DimWithZeroInput, where TypeParam = float
[  FAILED  ] PadOpTest/1.Pad_Constant_DimWithZeroInput, where TypeParam = double
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 25, 2025
View reviewed changes
@yuslepukhin yuslepukhin requested a review from Copilot December 25, 2025 22:59
Copilot AI reviewed Dec 25, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses shortcomings in the Pad kernel implementation across CPU and CUDA providers, with a focus on improving robustness, safety, and edge case handling for padding operations.

Key Changes:

  • Enhanced integer overflow protection using SafeInt throughout CPU and CUDA Pad implementations
  • Added validation for edge cases including zero-extent dimensions and reflect mode constraints
  • Introduced new comprehensive test cases for edge conditions, negative padding, and mixed-sign padding scenarios

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 12 comments.

Show a summary per file
File Description
onnxruntime/test/testdata/test_pad_rce.py Python script to generate ONNX model for RCE (Remote Code Execution) testing with dynamic pad inputs
onnxruntime/test/testdata/test_pad_rce.onnx Generated ONNX model artifact for pad RCE testing
onnxruntime/test/providers/cpu/tensor/pad_test.cc Updated test exclusions for DML provider, added extensive new tests for edge cases, negative padding, and various pad modes
onnxruntime/core/providers/cuda/tensor/pad.h Minor update with copyright header duplication issue
onnxruntime/core/providers/cuda/tensor/pad.cc Enhanced type safety (int32_t→size_t), added SafeInt usage, improved edge case handling for zero extents and reflect mode
onnxruntime/core/providers/cuda/cuda_utils.cu Added Fill template specialization for bool type
onnxruntime/core/providers/cpu/tensor/padbase.h Added helper functions for flattening validation and element coverage checking
onnxruntime/core/providers/cpu/tensor/pad.cc Introduced OutputSink debug wrapper, enhanced SafeInt usage, improved validation for zero extents and reflect mode, conditional flattening logic

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@yuslepukhin yuslepukhin requested a review from tianleiwu January 5, 2026 21:38
@yuslepukhin yuslepukhin changed the title [DRAFT] Address Pad kernel shortcomings [ICM CXX] Address Pad kernel shortcomings Jan 5, 2026
@yuslepukhin yuslepukhin marked this pull request as ready for review January 5, 2026 21:38
tianleiwu
tianleiwu reviewed Jan 6, 2026
View reviewed changes
Copy link
Contributor

@tianleiwu tianleiwu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code and comprehensive tests looks good.

OutputSink only checks boundary in debug build. Is there use case that need bounds check in release build?

Some CI pipeline failed. Please take a look.

fs-eire
fs-eire reviewed Jan 6, 2026
View reviewed changes
tianleiwu
tianleiwu previously approved these changes Jan 6, 2026
View reviewed changes
edgchen1
edgchen1 reviewed Jan 7, 2026
View reviewed changes
edgchen1
edgchen1 reviewed Jan 7, 2026
View reviewed changes
@yuslepukhin yuslepukhin merged commit 5d59608 into main Jan 8, 2026
91 checks passed
@yuslepukhin yuslepukhin deleted the yuslepukhin/pad_rce branch January 8, 2026 22:08
Copilot AI mentioned this pull request Jan 12, 2026
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fs-eire fs-eire fs-eire left review comments

Copilot code review Copilot Copilot left review comments

@edgchen1 edgchen1 edgchen1 approved these changes

@tianleiwu tianleiwu tianleiwu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@yuslepukhin @fs-eire @edgchen1 @tianleiwu