safetensors is a brand new, easy, quick, and protected file format for storing tensors. The design of the file format and its unique implementation are being led
by Hugging Face, and it’s getting largely adopted of their standard ‘transformers’ framework. The safetensors R bundle is a pure-R implementation, permitting to each learn and write safetensor information.
The preliminary model (0.1.0) of safetensors is now on CRAN.
Motivation
The primary motivation for safetensors within the Python group is safety. As famous
within the official documentation:
The primary rationale for this crate is to take away the necessity to use pickle on PyTorch which is utilized by default.
Pickle is taken into account an unsafe format, because the motion of loading a Pickle file can
set off the execution of arbitrary code. This has by no means been a priority for torch
for R customers, for the reason that Pickle parser that’s included in LibTorch solely helps a subset
of the Pickle format, which doesn’t embody executing code.
Nonetheless, the file format has extra benefits over different generally used codecs, together with:
-
Help for lazy loading: You may select to learn a subset of the tensors saved within the file.
-
Zero copy: Studying the file doesn’t require extra reminiscence than the file itself.
(Technically the present R implementation does makes a single copy, however that may
be optimized out if we actually want it in some unspecified time in the future). -
Easy: Implementing the file format is straightforward, and doesn’t require complicated dependencies.
Which means it’s a very good format for exchanging tensors between ML frameworks and
between completely different programming languages. As an illustration, you’ll be able to write a safetensors file
in R and cargo it in Python, and vice-versa.
There are extra benefits in comparison with different file codecs frequent on this house, and
you’ll be able to see a comparability desk right here.
Format
The safetensors format is described within the determine beneath. It’s principally a header file
containing some metadata, adopted by uncooked tensor buffers.
Fundamental utilization
safetensors could be put in from CRAN utilizing:
set up.packages("safetensors")We will then write any named record of torch tensors:
library(torch)
library(safetensors)
tensors <- record(
x = torch_randn(10, 10),
y = torch_ones(10, 10)
)
str(tensors)
#> Listing of two
#> $ x:Float [1:10, 1:10]
#> $ y:Float [1:10, 1:10]
tmp <- tempfile()
safe_save_file(tensors, tmp)It’s attainable to go extra metadata to the saved file by offering a metadata
parameter containing a named record.
Studying safetensors information is dealt with by safe_load_file, and it returns the named
record of tensors together with the metadata attribute containing the parsed file header.
tensors <- safe_load_file(tmp)
str(tensors)
#> Listing of two
#> $ x:Float [1:10, 1:10]
#> $ y:Float [1:10, 1:10]
#> - attr(*, "metadata")=Listing of two
#> ..$ x:Listing of three
#> .. ..$ form : int [1:2] 10 10
#> .. ..$ dtype : chr "F32"
#> .. ..$ data_offsets: int [1:2] 0 400
#> ..$ y:Listing of three
#> .. ..$ form : int [1:2] 10 10
#> .. ..$ dtype : chr "F32"
#> .. ..$ data_offsets: int [1:2] 400 800
#> - attr(*, "max_offset")= int 929At the moment, safetensors solely helps writing torch tensors, however we plan so as to add
help for writing plain R arrays and tensorflow tensors sooner or later.
Future instructions
The following model of torch will use safetensors as its serialization format,
that means that when calling torch_save() on a mannequin, record of tensors, or different
varieties of objects supported by torch_save, you’re going to get a legitimate safetensors file.
That is an enchancment over the earlier implementation as a result of:
-
It’s a lot sooner. Greater than 10x for medium sized fashions. Could possibly be much more for big information.
This additionally improves the efficiency of parallel dataloaders by ~30%. -
It enhances cross-language and cross-framework compatibility. You may prepare your mannequin
in R and use it in Python (and vice-versa), or prepare your mannequin in tensorflow and run it
with torch.
If you wish to attempt it out, you’ll be able to set up the event model of torch with:
remotes::install_github("mlverse/torch")Picture by Nick Fewings on Unsplash
Reuse
Textual content and figures are licensed beneath Artistic Commons Attribution CC BY 4.0. The figures which were reused from different sources do not fall beneath this license and could be acknowledged by a notice of their caption: “Determine from …”.
Quotation
For attribution, please cite this work as
Falbel (2023, June 15). Posit AI Weblog: safetensors 0.1.0. Retrieved from https://blogs.rstudio.com/tensorflow/posts/2023-06-15-safetensors/
BibTeX quotation
@misc{safetensors,
writer = {Falbel, Daniel},
title = {Posit AI Weblog: safetensors 0.1.0},
url = {https://blogs.rstudio.com/tensorflow/posts/2023-06-15-safetensors/},
12 months = {2023}
}
