diff --git a/environments/huggingface.yml b/environments/huggingface.yml index 3d0ca633..af16423e 100644 --- a/environments/huggingface.yml +++ b/environments/huggingface.yml @@ -32,7 +32,7 @@ dependencies: - flask-ngrok - flask-cors - lupa==1.10 - - transformers==4.29.* + - transformers==4.28.* - huggingface_hub==0.12.1 - safetensors==0.3.1 - accelerate==0.18.0 diff --git a/environments/rocm.yml b/environments/rocm.yml index eb2927bd..ffcacfb6 100644 --- a/environments/rocm.yml +++ b/environments/rocm.yml @@ -30,7 +30,7 @@ dependencies: - flask-ngrok - flask-cors - lupa==1.10 - - transformers==4.29.* + - transformers==4.28.* - huggingface_hub==0.12.1 - safetensors==0.3.1 - accelerate==0.18.0 diff --git a/modeling/inference_models/hf_torch.py b/modeling/inference_models/hf_torch.py index 71da3606..5dd53bf8 100644 --- a/modeling/inference_models/hf_torch.py +++ b/modeling/inference_models/hf_torch.py @@ -536,10 +536,9 @@ class HFTorchInferenceModel(HFInferenceModel): last_storage_key = storage_key if isinstance(f, zipfile.ZipExtFile): f.close() - try: - f = z.open(f"archive/data/{storage_key}") - except: - f = z.open(f"{zipfolder}/data/{storage_key}") + ziproot = z.namelist()[0].split("/")[0] + f = z.open(f"{ziproot}/data/{storage_key}") + current_offset = 0 if current_offset != model_dict[key].seek_offset: f.read(model_dict[key].seek_offset - current_offset) diff --git a/modeling/lazy_loader.py b/modeling/lazy_loader.py index 3dee5bae..5a27d549 100644 --- a/modeling/lazy_loader.py +++ b/modeling/lazy_loader.py @@ -196,6 +196,8 @@ class RestrictedUnpickler(pickle.Unpickler): return collections.OrderedDict elif module == "torch._utils" and name == "_rebuild_tensor_v2": return torch._utils._rebuild_tensor_v2 + elif module == "torch._tensor" and name == "_rebuild_from_type_v2": + return torch._tensor._rebuild_from_type_v2 elif module == "torch" and name in ( "DoubleStorage", "FloatStorage", @@ -207,6 +209,7 @@ class RestrictedUnpickler(pickle.Unpickler): "ByteStorage", "BoolStorage", "BFloat16Storage", + "Tensor", ): return getattr(torch, name) elif module == "numpy.core.multiarray" and name == "scalar": @@ -219,7 +222,7 @@ class RestrictedUnpickler(pickle.Unpickler): # Forbid everything else. qualified_name = name if module == "__builtin__" else f"{module}.{name}" raise pickle.UnpicklingError( - f"`{qualified_name}` is forbidden; the model you are loading probably contains malicious code" + f"`{qualified_name}` is forbidden; the model you are loading probably contains malicious code. If you think this is incorrect ask the developer to unban the ability for {module} to execute {name}" ) def load(self, *args, **kwargs): diff --git a/requirements.txt b/requirements.txt index 28fdb28c..c98b7252 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -transformers==4.29.* +transformers==4.28.* huggingface_hub==0.12.1 Flask==2.2.3 Flask-SocketIO==5.3.2 diff --git a/requirements_mtj.txt b/requirements_mtj.txt index 7fc866f0..b41b7ead 100644 --- a/requirements_mtj.txt +++ b/requirements_mtj.txt @@ -5,7 +5,7 @@ requests dm-haiku==0.0.9 jax==0.3.25 jaxlib==0.3.25 -transformers==4.29.* +transformers==4.28.* chex == 0.1.5 huggingface_hub==0.12.1 progressbar2