Torch Load Warning causing test suite to fail.

[hmaarrfk]

🐛 Describe the bug

Personally, I'm unable to follow the codepath, but it seems that the recent warning introcued in pytroch 2.4 is causing the test_transforms_v2 tests to fail due to the very strict warnings.

https://github.com/pytorch/vision/blob/main/test/test_transforms_v2.py#L57

2024-08-24T19:20:41.2823509Z _____ TestResizedCrop.test_transform[make_segmentation_mask-ratio-value2] ______
2024-08-24T19:20:41.2825077Z test/test_transforms_v2.py:3659: in test_transform
2024-08-24T19:20:41.2825572Z     check_transform(
2024-08-24T19:20:41.2826263Z test/test_transforms_v2.py:397: in check_transform
2024-08-24T19:20:41.2826701Z     pickle.loads(pickle.dumps(transform))
2024-08-24T19:20:41.2827710Z ../_test_env_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_plac/lib/python3.10/site-packages/torch/storage.py:414: in _load_from_bytes
2024-08-24T19:20:41.2828812Z     return torch.load(io.BytesIO(b))
2024-08-24T19:20:41.2829850Z ../_test_env_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_placehold_plac/lib/python3.10/site-packages/torch/serialization.py:1040: in load
2024-08-24T19:20:41.2830545Z     warnings.warn(
2024-08-24T19:20:41.2832296Z E   FutureWarning: You are using `torch.load` with `weights_only=False` (the current default value), which uses the default pickle module implicitly. It is possible to construct malicious pickle data which will execute arbitrary code during unpickling (See https://github.com/pytorch/pytorch/blob/main/SECURITY.md#untrusted-models for more details). In a future release, the default value for `weights_only` will be flipped to `True`. This limits the functions that could be executed during unpickling. Arbitrary objects will no longer be allowed to be loaded via this mode unless they are explicitly allowlisted by the user via `torch.serialization.add_safe_globals`. We recommend you start setting `weights_only=True` for any use case where you don't have full control of the loaded file. Please open an issue on GitHub for any issues related to this experimental feature.

Versions

Pytorch 2.4 Conda-forge

sample log from https://github.com/conda-forge/torchvision-feedstock/pull/94: 181.log.txt

[Jbenav200]

It looks like the issue might be in line 57 of test_transforms_v2.py

pytestmark = [pytest.mark.filterwarnings("error")] 

I could be wrong. The comment above it suggests that warnings are turned into errors, and your log suggests that you're using torch.load 'with weights_only=False'. Is this explicitly called in your arguments or are you relying on the default value?

[hmaarrfk]

I am running the test suite when building the package for conda-forge.

I've removed that line to move forward with our builds, but I mostly wanted to flag this to the pytorch team as a whole.

We sometimes find ourselves a little more bleeding edge at the conda-forge builds, but I found it strange since torchvision officially supports pytorch 2.4.0 and that is when that warning first appeared.

[NicolasHug]

Thanks for the report @hmaarrfk .

I think the error you're observing has already been addressed in both torchvision and pytorch codebases. I had opened https://github.com/pytorch/vision/issues/8517 in torchvision and https://github.com/pytorch/pytorch/issues/130242 in pytorch, and https://github.com/pytorch/pytorch/pull/130246 was the fix. It may not have been picked up in pytorch 2.4 but hopefully it should be included in pytorch 2.4.1 (and in any case, in 2.5).

[hmaarrfk]

great thanks!

[hmaarrfk]

My reading of the solution is that you specified False which stops triggering the warning, but you left the "unsecure loading".

hmm, i have to say, one of the things i dislike the most about pytorch is its usage of pickle to load and store data structures.

I understand it enables fast iteration, but these security problems are a long standing issue in the design of pickle. However I also understand that it is difficult to move away from storage formats.

So good luck working through this migration (torchvision + pytorch!).

We are looking forward to continuing to be users of your software!

Hopefully you don't find my opening of issues too annoying.