Fine-tuning aligned language models on benign tasks unpredictably degrades safety guardrails, even when training data contains no harmful content and developers have no adversarial intent. We show that the prevailing explanation, that fine-tuning updates should be orthogonal to safety-critical directions in high-dimensional parameter space, offers false reassurance: we show this orthogonality is structurally unstable and collapses under the dynamics of gradient descent. We then resolve this through a novel geometric analysis, proving that alignment concentrates in low-dimensional subspaces with sharp curvature, creating a brittle structure that first-order methods cannot detect or defend. While initial fine-tuning updates may indeed avoid these subspaces, the curvature of the fine-tuning loss generates second-order acceleration that systematically steers trajectories into alignment-sensitive regions. We formalize this mechanism through the Alignment Instability Condition, three geometric properties that, when jointly satisfied, lead to safety degradation. Our main result establishes a quartic scaling law: alignment loss grows with the fourth power of training time, governed by the sharpness of alignment geometry and the strength of curvature coupling between the fine-tuning task and safety-critical parameters. These results expose a structural blind spot in the current safety paradigm. The dominant approaches to safe fine-tuning address only the initial snapshot of a fundamentally dynamic problem. Alignment fragility is not a bug to be patched; it is an intrinsic geometric property of gradient descent on curved manifolds. Our results motivate the development of curvature-aware methods, and we hope will further enable a shift in alignment safety analysis from reactive red-teaming to predictive diagnostics for open-weight model deployment.

翻译：在良性任务上微调对齐语言模型会不可预测地削弱安全防护机制，即使训练数据不含恶意内容且开发者无对抗意图。我们证明，当前主流解释——即微调更新应正交于高维参数空间中安全关键方向——提供了虚假保证：我们揭示这种正交性在结构上不稳定，会在梯度下降动力学中崩溃。通过新颖的几何分析，我们证明对齐机制集中于具有尖锐曲率的低维子空间，形成一阶优化方法无法检测或防御的脆弱结构。虽然初始微调更新可能确实避开这些子空间，但微调损失函数的曲率会产生二阶加速效应，系统性地将优化轨迹导向对齐敏感区域。我们通过"对齐不稳定性条件"——三个共同作用导致安全性退化的几何特性——形式化这一机制。主要结论建立了四次方缩放定律：对齐损失随训练时间的四次方增长，其增长率由对齐几何的尖锐度以及微调任务与安全关键参数间的曲率耦合强度共同决定。这些发现揭示了当前安全范式的结构性盲区。主流安全微调方法仅处理了本质动态问题的初始静态快照。对齐脆弱性不是需要修补的程序缺陷，而是曲流形上梯度下降的固有几何特性。我们的研究为开发曲率感知方法提供了理论依据，并有望推动对齐安全分析从被动的对抗测试转向开放权重模型部署的预测性诊断。