Skip to content

Conversation

@russellb
Copy link
Member

@russellb russellb commented Apr 30, 2025

commit f12b92a
Author: Russell Bryant [email protected]
Date: Tue Apr 29 21:09:15 2025 -0400

[V1] Disable pickle fallback by default for better security

This changes `vllm.v1.serial_utils` to disable the pickle fallback by
default. Add an environment variable that can be used to turn the pickle
fallback back on.

Follow-up to #17427.

Signed-off-by: Russell Bryant <[email protected]>

@github-actions
Copy link

👋 Hi! Thank you for contributing to the vLLM project.

💬 Join our developer Slack at https://slack.vllm.ai to discuss your PR in #pr-reviews, coordinate on features in #feat- channels, or join special interest groups in #sig- channels.

Just a reminder: PRs would not trigger full CI run by default. Instead, it would only run fastcheck CI which starts running only a small and essential subset of CI tests to quickly catch errors. You can run other CI tests on top of those by going to your fastcheck build on Buildkite UI (linked in the PR checks section) and unblock them. If you do not have permission to unblock, ping simon-mo or khluu to add you in our Buildkite org.

Once the PR is approved and ready to go, your PR reviewer(s) can run CI to test the changes comprehensively before merging.

To run CI, PR reviewers can either: Add ready label to the PR or enable auto-merge.

🚀

This changes `vllm.v1.serial_utils` to disable the pickle fallback by
default. Add an environment variable that can be used to turn the pickle
fallback back on.

Follow-up to vllm-project#17427.

Signed-off-by: Russell Bryant <[email protected]>
@russellb russellb force-pushed the allow-pickle-env-var branch from 381b54f to f12b92a Compare May 5, 2025 20:10
@russellb russellb added the ready ONLY add when PR is ready to merge/full CI is needed label May 5, 2025
@russellb
Copy link
Member Author

russellb commented May 5, 2025

@njhill I updated this to disable pickle by default and enabled CI. We'll see what happens ..

@russellb
Copy link
Member Author

russellb commented May 6, 2025

@njhill I updated this to disable pickle by default and enabled CI. We'll see what happens ..

It broke. I'll look for a bit to see if it's easy ...

Signed-off-by: Nick Hill <[email protected]>
@njhill
Copy link
Member

njhill commented May 6, 2025

The new test failure is something that's been fixed on main.. let's wait for the rest to finish to see if anything else pops up though before rebasing.

@russellb
Copy link
Member Author

russellb commented May 7, 2025

The V1 test failures are structured output and unrelated. It looks like the model didn't terminate the JSON object before it hit the output length limit. I'll try to add something to the prompt telling the model to keep its response as short as possible to see if that helps make it less likely to fail.

Update all prompts with an instruction to keep responses short.
We see ocassional failures when output has not reached the end before
hitting the output length limit, particularly in the JSON cases.
Hopefully this helps.

Signed-off-by: Russell Bryant <[email protected]>
@russellb russellb requested a review from mgoin as a code owner May 7, 2025 15:22
@njhill
Copy link
Member

njhill commented May 7, 2025

I am trying to repro the other legitimate failure locally

Copy link
Member

@njhill njhill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good to me!

@DarkLight1337 DarkLight1337 merged commit 6930a41 into vllm-project:main May 8, 2025
54 checks passed
russellb added a commit to russellb/vllm that referenced this pull request May 8, 2025
This change is related to vllm-project#17490. This test didn't run on that PR, so
the failure was missed. This code currently relies on the pickle
fallback, so pickle support must be enabled to use it for now.

Signed-off-by: Russell Bryant <[email protected]>
russellb added a commit to russellb/vllm that referenced this pull request May 8, 2025
This is a follow-up to vllm-project#17490 and improves related logging.

- If serialization fails, include a pointer to the environment variable
  that will enable `pickle` fallback serialization.

- Only log the warning about using insecure serialization once.
  Previously we were logging it several times.

Signed-off-by: Russell Bryant <[email protected]>
princepride pushed a commit to princepride/vllm that referenced this pull request May 10, 2025
Signed-off-by: Russell Bryant <[email protected]>
Signed-off-by: Nick Hill <[email protected]>
Co-authored-by: Nick Hill <[email protected]>
Signed-off-by: 汪志鹏 <[email protected]>
RichardoMrMu pushed a commit to RichardoMrMu/vllm that referenced this pull request May 12, 2025
Signed-off-by: Russell Bryant <[email protected]>
Signed-off-by: Nick Hill <[email protected]>
Co-authored-by: Nick Hill <[email protected]>
Signed-off-by: Mu Huai <[email protected]>
russellb added a commit to russellb/vllm that referenced this pull request May 12, 2025
We occasionally see the JSON format structured output tests fail in CI.
PR vllm-project#17490 included a change to the prompts asking to make the response
as short as possible. This change includes a couple more things to help:

- Increase the output length limit. The failures occur when we cut off
  the output before a JSON object is properly terminated.

- Set `additionalProperties` to `False` in each JSON schema used. This
  should restrict the model from adding properties not specified in the
  schemas, unnecessarily increasing the size of the JSON object output
  and making it more likely to hit the length limit before it finishes.

Signed-off-by: Russell Bryant <[email protected]>
mawong-amd pushed a commit to ROCm/vllm that referenced this pull request May 14, 2025
Signed-off-by: Russell Bryant <[email protected]>
Signed-off-by: Nick Hill <[email protected]>
Co-authored-by: Nick Hill <[email protected]>
zzzyq pushed a commit to zzzyq/vllm that referenced this pull request May 24, 2025
Signed-off-by: Russell Bryant <[email protected]>
Signed-off-by: Nick Hill <[email protected]>
Co-authored-by: Nick Hill <[email protected]>
Signed-off-by: Yuqi Zhang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ready ONLY add when PR is ready to merge/full CI is needed v1

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants