Skip to content

SSD V1#5

Open
avnermay wants to merge 41 commits intoavner/mainfrom
avner/ssd-v1
Open

SSD V1#5
avnermay wants to merge 41 commits intoavner/mainfrom
avner/ssd-v1

Conversation

@avnermay
Copy link
Copy Markdown
Collaborator

@avnermay avnermay commented Feb 17, 2026

Motivation

Modifications

Accuracy Tests

Benchmarking and Profiling

Checklist

Review Process

  1. Ping Merge Oncalls to start the PR flow. See the PR Merge Process.
  2. Get approvals from CODEOWNERS and other reviewers.
  3. Trigger CI tests with comments or contact authorized users to do so.
    • /tag-run-ci-label, /rerun-failed-ci, /tag-and-rerun-ci
  4. After green CI and required approvals, ask Merge Oncalls to merge.

@github-actions github-actions bot added the documentation Improvements or additions to documentation label Feb 23, 2026
arnica-github-connector[bot]
arnica-github-connector bot reviewed Mar 13, 2026
View reviewed changes
Comment thread python/sglang/srt/speculative/spec_worker.py
Comment on lines +110 to +112
self.speculative_algorithm = SpeculativeAlgorithm.from_string(
server_args.speculative_algorithm
)
Copy link
Copy Markdown

@arnica-github-connector arnica-github-connector bot Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static Code Analysis Risk: Together python jinja2 ssti

User-controlled input is used as a Jinja2 template string (Server-Side Template Injection). Jinja2 templates can execute arbitrary Python code via class/mro traversal (CWE-94). Load templates from trusted static sources only; pass user data as render() variables, never as the template itself.

Severity: High 🚨
Status: Open 🔴

References:

  1. https://cwe.mitre.org/data/definitions/94
  2. https://portswigger.net/web-security/server-side-template-injection
  3. https://jinja.palletsprojects.com/en/3.1.x/api/#jinja2.Template

Suggested reviewers 🧐: @avnermay

More details:

🌻 View in Arnica

If you see an issue, please contact Shasheen in the #security-engineering Slack channel.

Take action by replying with an [arnica] command 💬

Actions

Use [arnica] or [a] to interact with the Arnica bot to acknowledge or dismiss code risks.

To acknowledge the finding as a valid code risk: [arnica] ack <acknowledge additional details>

To dismiss the risk with a reason: [arnica] dismiss <fp|accept|capacity> <dismissal reason>

Examples

  • [arnica] ack This is a valid risk and I'm looking into it

  • [arnica] dismiss fp Dismissed - Risk Not Accurate: (i.e. False Positive)

  • [arnica] dismiss accept Dismiss - Risk Accepted: Allow the risk to exist in the system

  • [arnica] dismiss capacity Dismiss - No Capacity: This will need to wait for a future sprint

arnica-github-connector[bot]
arnica-github-connector bot reviewed Mar 13, 2026
View reviewed changes
Comment thread python/sglang/srt/model_executor/model_runner_kv_cache_mixin.py
extra_max_context_len = 4
if self.server_args.speculative_num_draft_tokens is not None:
extra_max_context_len += self.server_args.speculative_num_draft_tokens
if SpeculativeAlgorithm.from_string(self.server_args.speculative_algorithm).is_async():
Copy link
Copy Markdown

@arnica-github-connector arnica-github-connector bot Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static Code Analysis Risk: Together python jinja2 ssti

User-controlled input is used as a Jinja2 template string (Server-Side Template Injection). Jinja2 templates can execute arbitrary Python code via class/mro traversal (CWE-94). Load templates from trusted static sources only; pass user data as render() variables, never as the template itself.

Severity: High 🚨
Status: Open 🔴

References:

  1. https://cwe.mitre.org/data/definitions/94
  2. https://portswigger.net/web-security/server-side-template-injection
  3. https://jinja.palletsprojects.com/en/3.1.x/api/#jinja2.Template

Suggested reviewers 🧐: @avnermay

More details:

🌻 View in Arnica

If you see an issue, please contact Shasheen in the #security-engineering Slack channel.

Take action by replying with an [arnica] command 💬

Actions

Use [arnica] or [a] to interact with the Arnica bot to acknowledge or dismiss code risks.

To acknowledge the finding as a valid code risk: [arnica] ack <acknowledge additional details>

To dismiss the risk with a reason: [arnica] dismiss <fp|accept|capacity> <dismissal reason>

Examples

  • [arnica] ack This is a valid risk and I'm looking into it

  • [arnica] dismiss fp Dismissed - Risk Not Accurate: (i.e. False Positive)

  • [arnica] dismiss accept Dismiss - Risk Accepted: Allow the risk to exist in the system

  • [arnica] dismiss capacity Dismiss - No Capacity: This will need to wait for a future sprint

arnica-github-connector[bot]
arnica-github-connector bot reviewed Mar 13, 2026
View reviewed changes
Comment thread python/sglang/srt/server_args.py
)

def _handle_speculative_decoding(self):
speculative_algorithm = SpeculativeAlgorithm.from_string(self.speculative_algorithm)
Copy link
Copy Markdown

@arnica-github-connector arnica-github-connector bot Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static Code Analysis Risk: Together python jinja2 ssti

User-controlled input is used as a Jinja2 template string (Server-Side Template Injection). Jinja2 templates can execute arbitrary Python code via class/mro traversal (CWE-94). Load templates from trusted static sources only; pass user data as render() variables, never as the template itself.

Severity: High 🚨
Status: Open 🔴

References:

  1. https://cwe.mitre.org/data/definitions/94
  2. https://portswigger.net/web-security/server-side-template-injection
  3. https://jinja.palletsprojects.com/en/3.1.x/api/#jinja2.Template

Suggested reviewers 🧐: @avnermay

More details:

🌻 View in Arnica

If you see an issue, please contact Shasheen in the #security-engineering Slack channel.

Take action by replying with an [arnica] command 💬

Actions

Use [arnica] or [a] to interact with the Arnica bot to acknowledge or dismiss code risks.

To acknowledge the finding as a valid code risk: [arnica] ack <acknowledge additional details>

To dismiss the risk with a reason: [arnica] dismiss <fp|accept|capacity> <dismissal reason>

Examples

  • [arnica] ack This is a valid risk and I'm looking into it

  • [arnica] dismiss fp Dismissed - Risk Not Accurate: (i.e. False Positive)

  • [arnica] dismiss accept Dismiss - Risk Accepted: Allow the risk to exist in the system

  • [arnica] dismiss capacity Dismiss - No Capacity: This will need to wait for a future sprint

@avnermay avnermay requested a review from zhyncs as a code owner March 18, 2026 18:37
arnica-github-connector[bot]
arnica-github-connector bot reviewed Mar 18, 2026
View reviewed changes
Comment thread python/sglang/srt/debug_utils/dump_comparator.py
Copy link
Copy Markdown

@arnica-github-connector arnica-github-connector bot Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static Code Analysis Risk: Together python torch load

torch.load() detected (CVE-2025-32434, CVSS 9.8). In PyTorch <= 2.5.1, torch.load() enables arbitrary code execution even with weights_only=True. The weights_only flag does NOT provide the intended protection on affected versions. Use safetensors format for model weights, or ensure PyTorch >= 2.6.0 and validate model provenance before loading.

Severity: High 🚨
Status: Open 🔴

References:

  1. https://nvd.nist.gov/vuln/detail/CVE-2025-32434
  2. GHSA-53q9-r3pm-6pq6
  3. https://cwe.mitre.org/data/definitions/502

NOTE: This comment applies to line 251 but could not be created inline due to GitHub limitations.

Suggested reviewers 🧐: @avnermay

More details:

🌻 View in Arnica

If you see an issue, please contact Shasheen in the #security-engineering Slack channel.

Take action by replying with an [arnica] command 💬

Actions

Use [arnica] or [a] to interact with the Arnica bot to acknowledge or dismiss code risks.

To acknowledge the finding as a valid code risk: [arnica] ack <acknowledge additional details>

To dismiss the risk with a reason: [arnica] dismiss <fp|accept|capacity> <dismissal reason>

Examples

  • [arnica] ack This is a valid risk and I'm looking into it

  • [arnica] dismiss fp Dismissed - Risk Not Accurate: (i.e. False Positive)

  • [arnica] dismiss accept Dismiss - Risk Accepted: Allow the risk to exist in the system

  • [arnica] dismiss capacity Dismiss - No Capacity: This will need to wait for a future sprint

avnermay added 21 commits March 18, 2026 11:52
@avnermay
Merge branch 'main' into avner/ssd-v1
f24e877
@avnermay
Fixes to get AsyncSpecWorker functioning after the big upstream merge
f51aa90
@avnermay
Integrate latest SSD refactors of PrefillRequest, SpeculationRequest,…
aabba8c 
… SpeculationResponse
@avnermay
Bug fixes to get eagle working
689a741
@avnermay
Async Phoenix support
b78c5db
@avnermay
Support for Async Eagle-V1 and Async Phoenix-V2 (SSD side needs work …
403a484 
…though)
@avnermay
Fix Eagle activation bug
60c9cbd
@avnermay
Finish fixing Eagle activation bug
aee5b66
@avnermay
page size > 1 support for SSD
4d1e585
@avnermay
Depend on avner/sglang-fa4-phnx branch of SSD repo
f72a70e
@avnermay
Merge branch 'main' into avner/ssd-v1
ee81e6d
@avnermay
Bug fix
c3336ec
@avnermay
Add file for launching remote draft process
6257fcf
@avnermay
Fix launch command in scripts/launch_remote_draft.py
ea239ee
@avnermay
Add phoenix support to scripts/launch_remote_draft.py
8f7df4b
@avnermay
Add log statement before loading draft model in scripts/launch_remote…
92b2293 
…_draft.py
@avnermay
Draft vs target context length mismatch fix
c2736ca
@avnermay
page size argument and more logging
21bb5db
@avnermay
Fix is_async bug
0706d98
@avnermay
Switch from ssh to https git dependency in pyproject.toml
5cb687c
@avnermay
More visible draft <-> target waiting logs
1ee894c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arnica-github-connector arnica-github-connector[bot] arnica-github-connector[bot] left review comments

@zhyncs zhyncs Awaiting requested review from zhyncs

Assignees

No one assigned

Labels

amd blackwell deepseek dependencies deterministic diffusion documentation Improvements or additions to documentation hicache jit-kernel lora model-gateway mthreads Multi-modal npu piecewise-cuda-graph quant sgl-kernel speculative-decoding

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avnermay