PyTorch Bug: Tensor Corruption On Failed Resize

h1: PyTorch Bug: Tensor Corruption on Failed Resize

Have you ever encountered a peculiar issue in PyTorch where a tensor seems to behave erratically, leading to crashes or unexpected errors? This article dives deep into a specific bug, "Tcesgv updates tensor shape metadata even when storage resize fails, creating corrupted "Nnesqn" tensors", which can leave your tensors in a corrupted state, often referred to as a "Zombie" tensor. We'll break down how this happens, why it's problematic, and what the expected behavior should be.

Understanding the "Zombie" Tensor Bug

Let's explore the root of this PyTorch tensor corruption bug when resizing fails. The issue arises when you attempt to resize a tensor that's backed by storage that cannot be resized. A common scenario for this is when a tensor's storage is derived from a NumPy array that has been injected into PyTorch using methods like set_(). In such cases, PyTorch correctly identifies that the storage is immutable and raises a RuntimeError, specifically stating: Trying to resize storage that is not resizable. This is the expected first line of defense.

However, the problem lies in the execution flow after this check. The operation that attempts to resize the tensor, often resize_(), proceeds to update the tensor's shape and stride metadata before it fully confirms that the underlying storage can accommodate the change. When the check for resizable storage fails, an exception is raised. But by this point, the tensor's metadata has already been modified to reflect the new, desired size. This creates a dangerous inconsistency: the tensor's shape metadata might indicate a large, multi-dimensional structure (like torch.Size([5, 5, 5])), but the actual underlying storage remains unchanged and potentially empty (0 bytes).

This inconsistent state is what we call a "Zombie" tensor. It looks like it has a certain shape and size from its metadata, but its fundamental storage is either absent or not aligned with that metadata. The implications of this are severe. Any subsequent attempt to interact with this "Zombie" tensor – whether it's printing its contents, accessing its elements, or performing further operations – can lead to critical errors. These errors often manifest as Segmentation Faults or internal RuntimeErrors within PyTorch, as the library tries to access memory that doesn't exist or is not properly structured according to the tensor's reported shape.

The Exception-Safety Issue

The core of the problem is a lack of exception safety in the resize_() operation when dealing with non-resizable storage. Ideally, operations should be designed such that if they fail due to an exception, they leave the affected object in a state that is either its original valid state or a clearly defined, safe state. In this case, the resize_() operation doesn't adhere to the Strong Exception Guarantee, which states that if an exception is thrown, the function leaves no trace of its partial execution. Instead, it seems to offer only a Basic Exception Guarantee, meaning it will prevent memory leaks or corruption of the program's global state, but the individual object might be left in a modified, potentially unusable state.

The update of shape and stride metadata before the storage check creates a race condition, where a successful exception is thrown, but the object is left in a corrupted state. This is particularly insidious because the error might not be immediately apparent. You might catch the RuntimeError from resize_(), but the damage to the tensor's internal state is already done. The subsequent use of the tensor, even after the exception is handled, becomes a ticking time bomb, waiting to explode with a segmentation fault or another cryptic error when that corrupted tensor is finally accessed.

Minimal Reproduction of the Bug

To truly grasp the severity and the mechanics of this bug, let's look at a minimal reproduction case. This example, using PyTorch and NumPy, clearly demonstrates how to trigger the "Zombie" tensor state:

import torch
import numpy as np

# Create non-resizable storage (0 bytes)
locked_storage = torch.from_numpy(np.array([], dtype=np.int32)).untyped_storage()

# Inject into a fresh tensor
t = torch.tensor([], dtype=torch.int32)
t.set_(locked_storage)

# Attempt to resize (Expected: Fail, maintain original shape)
# (Actual: Fails, but updates shape to 5x5x5)
try:
    t.resize_((5, 5, 5))
except RuntimeError:
    pass

# Verify corruption
print(f"Shape: {t.shape}")       # Prints: torch.Size([5, 5, 5])
print(f"Storage: {t.untyped_storage().nbytes()}") # Prints: 0
print(t) # CRASH

In this snippet, we first create an empty NumPy array and then convert its underlying storage into a PyTorch untyped_storage. This locked_storage is inherently not resizable. We then create a new, empty PyTorch tensor and explicitly set its storage to this locked_storage using t.set_(locked_storage). The crucial step is t.resize_((5, 5, 5)). As expected, this operation fails because the storage is not resizable, and a RuntimeError is caught.

However, the output immediately reveals the problem. The t.shape is printed as torch.Size([5, 5, 5]), indicating that the metadata was updated. Yet, t.untyped_storage().nbytes() shows 0, confirming that the storage itself did not change and remains empty. The final print(t) is where the crash typically occurs, as PyTorch attempts to interpret and display a tensor with a non-existent underlying data buffer.

Expected vs. Actual Behavior

To fully appreciate the bug, it's important to contrast what should happen with what is happening. In the realm of robust software development, especially in libraries dealing with memory management and complex data structures like PyTorch, adhering to strong guarantees is paramount. The