search

bethgelab / foolbox

A Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX
https://foolbox.jonasrauber.de
MIT License
2.77k stars 426 forks source link

assert not strict or in_bounds foolbox, Keras cifar 10 #257

Closed Marvinmw closed 5 years ago

Marvinmw commented 5 years ago

I encounter assert not strict or inbounds foolbox, using Keras and cifar 10. I can run it locally without this error but when I run it in the cluters, it happens. Finally, I find that it is caused by nan or inf elements in the input (image). I modiy bounds checking method and now it works.

def in_bounds(self, input_):
        min_, max_ = self.bounds()
        print("min_{}".format(min_))
        print("max_{}".format(max_))
        input_[np.isinf(input_)] = max_
        input_[np.isnan(input_)] = min_
        input_[input_ >= max_] = max_
        input_[input_ <= min_] = min_
        return min_ <= input_.min() and input_.max() <= max_

fmodel = foolbox.models.KerasModel(model, bounds=(0,255.))
attack = foolbox.attacks.FGSM(fmodel)
adversial = np.zeros(images.shape)

for i in np.arange(len(images)):
        print("Generate adversial Image {}".format(i))
        images[i][images[i] >= 255] = 255
        images[i][images[i] <= 0] = 0
        adversial[i] = attack(images[i], label[i][0])
wielandbrendel commented 5 years ago

Inf and NaN values can only arise if the gradients of the model include Infs and NaN values, so rather than modifying the bound check to accept broken images you should rather try to modify your model. Also, how is your model even accepting images with Inf or NaN values?

Marvinmw commented 5 years ago

I do not think so. Inf and nan are not from a tuned-fine model but during training W. R. T x for attacking. It is possibly related to the hardware or the low-level libraries.

wielandbrendel commented 5 years ago

Wherever the Inf and NaN values are coming from, there is little we can do in Foolbox here. Feel free to reopen if you think differently.

Marvinmw commented 5 years ago

Thanks

momo1986 commented 3 years ago

It happens in the model evaluation phase.

In my point of view, there is no correspondence with the gradient.

If it has problem with gradient issue, what API can we set parameters to resolve the problem.

I import this package: from foolbox.models import PyTorchModel

I believe there exists switch to handle this issue.

Regards! Momo