[XNNPACK][Weights Cache] Use sha256 hash of bytes instead of tensor name #9413
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull Request resolved: #9333 In production use cases, I've become increasingly afraid of the Weights Cache managing weights across multiple models and the potential for collisions on names. Names like "encoder.layer.weight1" are popular names for encoder models, and that name may be reused across many different models. In reality such a tensor found in different models will be different. A way to alleviate such concerns around collisions is to provide a strong hashing guarantee around the tensor's bytes. Namely if we use the sha256 hash of the tensor bytes as the named key we would have much stronger guarantees around the potential of collisions between weights. Additionally this can provide stronger weight deduplication guarantees. For now we use the named key as the only method for deduplicating weights, but if the underlying bytes are the same but the keys are different we won't be able to deduplicate. Using a hash on the underlying bytes as a key though would help with this (though how likely this happens remains to be seen). Regardless i think hashing the bytes will be much safer in the long-term. The draw back is that this adds a guaranteed 64 bytes per weight. On smaller models this might amount to a bit. Open to discuss on whether other hashing algorithms might provide tolerable collision guarantees like: md5_hash. ghstack-source-id: 272502584 @exported-using-ghexport Differential Revision: [D71212509](https://our.internmc.facebook.com/intern/diff/D71212509/)
🔗 Helpful Links🧪 See artifacts and rendered test results at hud.pytorch.org/pr/pytorch/executorch/9413
Note: Links to docs will display an error until the docs builds have been completed. ❌ 1 New FailureAs of commit 9f70bf9 with merge base 5a5fab7 ( NEW FAILURE - The following job has failed:
This comment was automatically generated by Dr. CI and updates every 15 minutes. |
facebook-github-bot
added
the
CLA Signed
larryliu0820
approved these changes
Mar 19, 2025
|
pull / android / build-llm-demo / linux-job (pull_request)Failing after 21m Not related. Rebase should work. |
oscarandersson8218
pushed a commit
to oscarandersson8218/executorch
that referenced
this pull request
Mar 21, 2025
…ame (pytorch#9413) In production use cases, I've become increasingly afraid of the Weights Cache managing weights across multiple models and the potential for collisions on names. Names like "encoder.layer.weight1" are popular names for encoder models, and that name may be reused across many different models. In reality such a tensor found in different models will be different. A way to alleviate such concerns around collisions is to provide a strong hashing guarantee around the tensor's bytes. Namely if we use the sha256 hash of the tensor bytes as the named key we would have much stronger guarantees around the potential of collisions between weights. Additionally this can provide stronger weight deduplication guarantees. For now we use the named key as the only method for deduplicating weights, but if the underlying bytes are the same but the keys are different we won't be able to deduplicate. Using a hash on the underlying bytes as a key though would help with this (though how likely this happens remains to be seen). Regardless i think hashing the bytes will be much safer in the long-term. The draw back is that this adds a guaranteed 64 bytes per weight. On smaller models this might amount to a bit. Open to discuss on whether other hashing algorithms might provide tolerable collision guarantees like: md5_hash. Differential Revision: [D71212509](https://our.internmc.facebook.com/intern/diff/D71212509/) Co-authored-by: Max Ren <[email protected]>
DannyYuyang-quic
pushed a commit
to CodeLinaro/executorch
that referenced
this pull request
Apr 2, 2025
…ame (pytorch#9413) In production use cases, I've become increasingly afraid of the Weights Cache managing weights across multiple models and the potential for collisions on names. Names like "encoder.layer.weight1" are popular names for encoder models, and that name may be reused across many different models. In reality such a tensor found in different models will be different. A way to alleviate such concerns around collisions is to provide a strong hashing guarantee around the tensor's bytes. Namely if we use the sha256 hash of the tensor bytes as the named key we would have much stronger guarantees around the potential of collisions between weights. Additionally this can provide stronger weight deduplication guarantees. For now we use the named key as the only method for deduplicating weights, but if the underlying bytes are the same but the keys are different we won't be able to deduplicate. Using a hash on the underlying bytes as a key though would help with this (though how likely this happens remains to be seen). Regardless i think hashing the bytes will be much safer in the long-term. The draw back is that this adds a guaranteed 64 bytes per weight. On smaller models this might amount to a bit. Open to discuss on whether other hashing algorithms might provide tolerable collision guarantees like: md5_hash. Differential Revision: [D71212509](https://our.internmc.facebook.com/intern/diff/D71212509/) Co-authored-by: Max Ren <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was created by the merge bot to help merge the original PR into the main branch.
ghstack PR number: #9333 by @mcr229
^ Please use this as the source of truth for the PR details, comments, and reviews
ghstack PR base: https://github.com/pytorch/executorch/tree/gh/mcr229/13/base
ghstack PR head: https://github.com/pytorch/executorch/tree/gh/mcr229/13/head
Merge bot PR base: https://github.com/pytorch/executorch/tree/main
Merge bot PR head: https://github.com/pytorch/executorch/tree/gh/mcr229/13/orig
@diff-train-skip-merge