starcoder_memorization_checker

Runtime error

App Files Files Community

lauro1 commited on Oct 13, 2023

Commit

a01d7ef

•

1 Parent(s): 54efef6

testing theory

Browse files

Files changed (2) hide show

app.py +56 -20
requirements.txt +1 -0

app.py CHANGED Viewed

@@ -5,6 +5,7 @@ from huggingface_hub import InferenceClient, login
 from transformers import AutoTokenizer
 import evaluate
 import theme
 bleu = evaluate.load("bleu")
@@ -24,11 +25,9 @@ description = """
 This ability of LLMs to learn their training set by heart can pose huge privacy issues, as many large-scale Conversational AI available commercially collect users' data at scale and fine-tune their models on it.
 This means that if sensitive data is sent and memorized by an AI, other users can willingly or unwillingly prompt the AI to spit out this sensitive data. 🔓
 To raise awareness of this issue, we show in this demo how much [StarCoder](https://huggingface.co/bigcode/starcoder), an LLM specialized in coding tasks, memorizes its training set, [The Stack](https://huggingface.co/datasets/bigcode/the-stack-dedup).
 We found that **StarCoder memorized at least 8% of the training samples** we used, which highlights the high risks of LLMs exposing the training set. We provide a notebook to reproduce our results [here](https://colab.research.google.com/drive/1YaaPOXzodEAc4JXboa12gN5zdlzy5XaR?usp=sharing). 👈
 To evaluate memorization of the training set, we can prompt StarCoder with the first tokens of an example from the training set. If StarCoder completes the prompt with an output that looks very similar to the original sample, we will consider this sample to be memorized by the LLM. 💾
 """
@@ -205,6 +204,14 @@ def cosine_dist(x, y):
 """
 }
 def complete(sample, k):
     prefix_tokens = tokenizer(sample)["input_ids"][:k]
     prefix = tokenizer.decode(prefix_tokens)
@@ -214,67 +221,94 @@ def complete(sample, k):
         if token == "<|endoftext|>":
             bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
-            return output, gr.Label.update(value=bleu_score)
         output += token
         bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
-        yield output, gr.Label.update(value=bleu_score)
     bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
-    return output, gr.Label.update(value=bleu_score)
 def high_bleu_mirror(x):
     output = high_bleu_examples[x]
     return output
 def low_bleu_mirror(x):
     output = low_bleu_examples[x]
     return output
 def df_select(evt: gr.SelectData):
     return evt.value
 style = theme.Style()
 with gr.Blocks(theme=style) as demo:
     with gr.Column():
         gr.Markdown(title)
         with gr.Row():
             with gr.Column():
-                gr.Markdown(description)
                 with gr.Accordion("Learn more about memorization definition", open=False):
                     gr.Markdown(memorization_definition)
         with gr.Row():
             with gr.Column():
                 instruction = gr.Textbox(
-                    placeholder="Enter your code here",
                     lines=5,
-                    label="Original",
-                    value=high_bleu_examples["Example 1"]
                 )
             with gr.Column():
-                output = gr.Textbox(lines=5, label="Completion", interactive=False)
         with gr.Row():
             with gr.Column():
-                with gr.Accordion("Advanced parameters", open=False):
-                    k = gr.Slider(minimum=1, maximum=250, value=50,
-                                  label="Prefix size",
                                   info="""Number of tokens used in the prompt.
                                   Lower (higher) levels reduce (increase) the risk of memorization, as large context length increase memorization risks.""")
                 submit = gr.Button("Check", variant="primary")
                 high_bleu_examples = gr.Examples(list(high_bleu_examples.keys()), label="High memorization samples",
                                                  inputs=instruction, outputs=instruction,
                                        fn=high_bleu_mirror, cache_examples=True)
                 low_bleu_examples = gr.Examples(list(low_bleu_examples.keys()), label = "Low memorization samples",
                                                 inputs=instruction, outputs=instruction,
                                        fn=low_bleu_mirror, cache_examples=True)
             with gr.Column():
-                label = gr.Label(value={"BLEU": 0},label="Memorization score (BLEU)")
-                gr.Markdown("""[BLEU](https://huggingface.co/spaces/evaluate-metric/bleu) score is a metric that can be used to measure the similarity of two sentences.
-                            Here, the higher the BLEU score, the more likely the model will learn the example by heart.
-                            You can reduce the Prefix size in the Advanced parameters to reduce the context length and see if the model still extracts the training sample.""")
         with gr.Row():
             with gr.Column():
@@ -282,11 +316,13 @@ with gr.Blocks(theme=style) as demo:
                             The examples shown above come from [The Stack](https://huggingface.co/datasets/bigcode/the-stack-dedup), an open-source dataset of code data.
                             To try other examples from The Stack, you can browse the table below and select different training samples to re-run the checker with to assess their memorization score.""")
                 with gr.Accordion("More samples", open=False):
                     table = gr.DataFrame(value=df, row_count=5, label="Samples from The Stack", interactive=False)
     submit.click(
         complete,
         inputs=[instruction, k],
-        outputs=[output, label],
     )
     table.select(fn=df_select, outputs=instruction)
 demo.queue(concurrency_count=16).launch(debug=True)

 from transformers import AutoTokenizer
 import evaluate
 import theme
+from difflib import Differ
 bleu = evaluate.load("bleu")
 This ability of LLMs to learn their training set by heart can pose huge privacy issues, as many large-scale Conversational AI available commercially collect users' data at scale and fine-tune their models on it.
 This means that if sensitive data is sent and memorized by an AI, other users can willingly or unwillingly prompt the AI to spit out this sensitive data. 🔓
 To raise awareness of this issue, we show in this demo how much [StarCoder](https://huggingface.co/bigcode/starcoder), an LLM specialized in coding tasks, memorizes its training set, [The Stack](https://huggingface.co/datasets/bigcode/the-stack-dedup).
 We found that **StarCoder memorized at least 8% of the training samples** we used, which highlights the high risks of LLMs exposing the training set. We provide a notebook to reproduce our results [here](https://colab.research.google.com/drive/1YaaPOXzodEAc4JXboa12gN5zdlzy5XaR?usp=sharing). 👈
 To evaluate memorization of the training set, we can prompt StarCoder with the first tokens of an example from the training set. If StarCoder completes the prompt with an output that looks very similar to the original sample, we will consider this sample to be memorized by the LLM. 💾
 """
 """
 }
+def diff_texts(text1, text2):
+    d = Differ()
+    ret = [
+        (token[2:], token[0] if token[0] != " " else None)
+        for token in d.compare(text1, text2)
+    ]
+    return ret
 def complete(sample, k):
     prefix_tokens = tokenizer(sample)["input_ids"][:k]
     prefix = tokenizer.decode(prefix_tokens)
         if token == "<|endoftext|>":
             bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
+            return output, diff_texts(output, sample), gr.Label.update(value=bleu_score)
         output += token
         bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
+        yield output, diff_texts(output, sample), gr.Label.update(value=bleu_score)
     bleu_score = {"BLEU": bleu.compute(predictions=[sample],
                                 references=[output])["bleu"]}
+    return output, diff_texts(output, sample), gr.Label.update(value=bleu_score)
 def high_bleu_mirror(x):
     output = high_bleu_examples[x]
+    current_example = gr.State(output)
+    length= len(tokenizer(current_example.value)["input_ids"]) # LAURA REVIEW USE OF .VALUE
+    max_value = gr.State(length)
     return output
 def low_bleu_mirror(x):
     output = low_bleu_examples[x]
+    current_example = gr.State(output)
+    length= len(tokenizer(current_example.value)["input_ids"]) # LAURA REVIEW USE OF .VALUE
+    max_value = gr.State(length)
     return output
 def df_select(evt: gr.SelectData):
+    length= len(tokenizer(evt.value)["input_ids"]) # LAURA REVIEW USE OF .VALUE
+    max_value = gr.State(length) # LAURA REVIEW USE OF .VALUE
     return evt.value
 style = theme.Style()
+def update_x(k):
+    int_k = int(k)
+    tokens = tokenizer(current_example.value)["input_ids"][:int_k] # LAURA REVIEW USE OF .VALUE
+    prefix = tokenizer.decode(tokens)
+    return prefix
 with gr.Blocks(theme=style) as demo:
+    current_example = gr.State(high_bleu_examples["Example 1"])
+    length= len(tokenizer(current_example.value)["input_ids"]) # LAURA REVIEW USE OF .VALUE
+    max_value = gr.State(length)
     with gr.Column():
         gr.Markdown(title)
         with gr.Row():
             with gr.Column():
+                gr.Markdown(description, line_breaks=True)
                 with gr.Accordion("Learn more about memorization definition", open=False):
                     gr.Markdown(memorization_definition)
         with gr.Row():
             with gr.Column():
                 instruction = gr.Textbox(
+                    id="instruction",
+                    placeholder="Output",
                     lines=5,
+                    label="Prompt",
+                    value=high_bleu_examples["Example 1"],
+                    disable=True,
+                    interactive=False,
                 )
             with gr.Column():
+                label = gr.Label(value={"BLEU": 0},label="Memorization score (BLEU)")
+                gr.Markdown("""[BLEU](https://huggingface.co/spaces/evaluate-metric/bleu) score is a metric that can be used to measure the similarity of two sentences.
+                            Here, the higher the BLEU score, the more likely the model will learn the example by heart.
+                            You can reduce the Prefix size in the Advanced parameters to reduce the context length and see if the model still extracts the training sample.""")
         with gr.Row():
             with gr.Column():
+                with gr.Accordion("Prompt size", open=True):
+                    k = gr.Slider(minimum=1, maximum=max_value.value, value=50, # LAURA REVIEW USE OF .VALUE
+                                  label="Prompt size",
                                   info="""Number of tokens used in the prompt.
                                   Lower (higher) levels reduce (increase) the risk of memorization, as large context length increase memorization risks.""")
                 submit = gr.Button("Check", variant="primary")
                 high_bleu_examples = gr.Examples(list(high_bleu_examples.keys()), label="High memorization samples",
                                                  inputs=instruction, outputs=instruction,
                                        fn=high_bleu_mirror, cache_examples=True)
+                # LAURA REVIEW WHY FIRST EXAMPLE IS COMING BACK AS 100 PERCENT
                 low_bleu_examples = gr.Examples(list(low_bleu_examples.keys()), label = "Low memorization samples",
                                                 inputs=instruction, outputs=instruction,
                                        fn=low_bleu_mirror, cache_examples=True)
             with gr.Column():
+                with gr.Row(): # for side-by-side view
+                    output = gr.Textbox(lines=5, label="Completion", interactive=False)
+                    diff = gr.HighlightedText(
+                    label="Diff",
+                    combine_adjacent=True,
+                    show_legend=True,
+                    color_map={"+": "red", "-": "green"})
         with gr.Row():
             with gr.Column():
                             The examples shown above come from [The Stack](https://huggingface.co/datasets/bigcode/the-stack-dedup), an open-source dataset of code data.
                             To try other examples from The Stack, you can browse the table below and select different training samples to re-run the checker with to assess their memorization score.""")
                 with gr.Accordion("More samples", open=False):
+                    # Local styling issue noted - but does not seem to happen when live
                     table = gr.DataFrame(value=df, row_count=5, label="Samples from The Stack", interactive=False)
+    k.release(update_x, inputs=k, outputs=instruction)
     submit.click(
         complete,
         inputs=[instruction, k],
+        outputs=[output, diff, label],
     )
     table.select(fn=df_select, outputs=instruction)
 demo.queue(concurrency_count=16).launch(debug=True)

requirements.txt CHANGED Viewed

@@ -3,3 +3,4 @@ gradio==3.47.1
 huggingface_hub
 pandas==2.0.1
 transformers==4.34.0

 huggingface_hub
 pandas==2.0.1
 transformers==4.34.0
+python==3.11.4