PyTorch Tensor Bug: Corrupted Metadata On Failed Resize

Hey there, fellow PyTorch enthusiasts! Ever run into a weird bug that makes your code crash in unexpected ways, leaving you scratching your head? We've got a doozy to talk about today, concerning a subtle but potentially **devastating issue** within PyTorch that affects tensor metadata when storage resizing fails. This bug can lead to corrupted tensors, often referred to as "Frblpz" tensors, and can manifest as segmentation faults or internal runtime errors. Let's dive deep into what's happening, why it's a problem, and how it might be affecting your projects.

Understanding the "Zombie" Tensor Problem

So, what exactly is this "Frblpz" tensor issue? Imagine you're working with a PyTorch tensor that's sharing its underlying data storage with something that can't be resized. A common scenario for this is when you've initialized a tensor using storage from a NumPy array that was injected into PyTorch. When you then try to resize this tensor using the `resize_()` method, PyTorch *should* ideally handle this gracefully. It correctly identifies that the underlying storage is not resizable and throws a `RuntimeError`, stating: Trying to resize storage that is not resizable. This is the expected and desired behavior – preventing operations that would corrupt data.

However, here's where the bug creeps in. The `resize_()` operation, even though it detects the non-resizable storage, is not entirely exception-safe. Before it hits the check that identifies the unresizable storage, it proceeds to update the tensor's shape and stride metadata to reflect the new, *intended* size. When the `RuntimeError` is subsequently raised, the operation stops, but the tensor is left in a precarious state. It's like a zombie – its metadata (shape and stride) points to a much larger size, but its actual storage is still the original, potentially empty, 0-byte storage. This mismatch is what we're calling a "Zombie" tensor. Accessing or attempting to use this "Zombie" tensor later on can lead to unpredictable crashes, including the dreaded Segmentation Faults or internal `RuntimeError`s within PyTorch itself. The code expects data based on the shape, but it finds none, leading to memory access violations.

The implications of this bug are significant, especially for users who might not be directly aware of the underlying storage management. If you're performing operations in a loop or in a complex pipeline, catching the initial `RuntimeError` might be the only indication you have. However, the problematic tensor might have already been propagated to other parts of your code, causing failures much later in the execution, making debugging a nightmare. This issue highlights the critical importance of exception safety in deep learning frameworks. When an operation fails, it must leave the involved objects in a well-defined and consistent state, adhering to the **Strong Exception Guarantee** – meaning if an exception is thrown, the program remains in the state it was before the operation began. Unfortunately, this bug violates that guarantee.

Let's look at a minimal reproduction case to see this in action. The provided code snippet demonstrates how to create this corrupted state:

import torch
import numpy as np

# Create non-resizable storage (0 bytes)
locked_storage = torch.from_numpy(np.array([], dtype=np.int32)).untyped_storage()

# Inject into a fresh tensor
t = torch.tensor([], dtype=torch.int32)
t.set_(locked_storage)

# Attempt to resize (Expected: Fail, maintain original shape)
# (Actual: Fails, but updates shape to 5x5x5)
try:
    t.resize_((5, 5, 5))
except RuntimeError:
    pass

# Verify corruption
print(f"Shape: {t.shape}")       # Prints: torch.Size([5, 5, 5])
print(f"Storage: {t.untyped_storage().nbytes()}") # Prints: 0
print(t) # CRASH

As you can see, after the `try...except` block, the tensor `t` reports a shape of `torch.Size([5, 5, 5])`, yet its storage size remains 0 bytes. Attempting to print `t` directly can lead to a crash. This clearly illustrates the metadata corruption caused by the failed resize operation. The expected behavior is that if `resize_()` throws a `RuntimeError` due to locked storage, the tensor's metadata should remain unchanged, preserving its original shape (which would be `torch.Size([0])` in this case). The actual behavior, however, updates the shape to `torch.Size([5, 5, 5])`, creating the dangerous inconsistency.

The Root Cause: Exception Safety in Tensor Operations

The core of this issue lies in how PyTorch handles exceptions within its tensor manipulation functions, specifically the `resize_()` operation. When `resize_()` is called, it performs several checks and updates. One crucial check involves verifying if the tensor's underlying storage can actually be resized. This check is necessary because, as demonstrated, tensors can be linked to storage that is fixed in size, such as NumPy arrays or other immutable data structures. If the storage is not resizable, PyTorch correctly raises a `RuntimeError` to signal this problem.

The bug occurs because the sequence of operations within `resize_()` isn't atomic in its error handling. Specifically, the code updates the tensor's shape and stride information *before* it fully confirms that the storage is resizable. Let's break down the typical flow:

1. The `resize_()` function is called with a new target shape (e.g., `(5, 5, 5)`).
2. The function prepares to update the tensor's metadata, including its shape and strides, to match this new target shape.
3. During this process, it checks the underlying storage. It discovers that the storage is *not* resizable (e.g., it's backed by a NumPy array or a zero-byte tensor's storage).
4. A `RuntimeError` is raised to inform the user about the impossibility of resizing the storage.

The problem is that steps 1 and 2 have already modified the tensor's metadata. When the exception is thrown in step 4, the `resize_()` function unwinds, but the corrupted metadata (the new shape and strides) persists. The tensor's `shape` attribute now reflects `torch.Size([5, 5, 5])`, but its `storage()` remains unchanged and, in the example, is 0 bytes. This creates a severe disconnect between what the tensor *thinks* it contains and what it *actually* contains. This is precisely why accessing such a tensor, for instance, by trying to print its elements or perform calculations, can lead to a segmentation fault. The program tries to access memory locations based on the reported shape, but those memory locations don't exist or are not allocated because the storage size is zero. It's a classic case of memory corruption leading to undefined behavior.

This bug underscores the importance of the Strong Exception Guarantee in software development, particularly in libraries dealing with complex data structures and memory management like PyTorch. The Strong Exception Guarantee states that if an operation fails due to an exception, the program's state should be exactly as it was before the operation was attempted. In this scenario, PyTorch fails to provide this guarantee. Instead, it offers what's sometimes called the