Skip to content

fix: prevent /generate 502 caused by event loop mismatch + add e2e tests #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
zhaochenyang20 merged 6 commits into from
Mar 4, 2026
Merged

fix: prevent /generate 502 caused by event loop mismatch + add e2e tests #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1949643
fix: refresh video support bugfix & add e2e test
alphabetc1 Feb 24, 2026
a8e2019
lint
alphabetc1 Feb 24, 2026
532005b
add test/intgration
alphabetc1 Feb 27, 2026
5b4a3cd
fix lint
alphabetc1 Feb 27, 2026
3904852
fix API
alphabetc1 Feb 27, 2026
2cd7a92
reuse utils.py
alphabetc1 Feb 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/cpu-test-api.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,4 @@ jobs:
python -m pip install torch --index-url https://download.pytorch.org/whl/cpu

- name: Run CPU unit tests
run: pytest tests/unit -v
run: pytest tests/unit tests/integration -v
8 changes: 6 additions & 2 deletions development.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,17 @@ Run CPU only tests:

```bash
pip install pytest
pytest tests/unit -v
# CPU-only tests (unit + integration)
pytest tests/unit tests/integration -v

# Real E2E tests (GPU required, longer runtime)
pytest tests/e2e/test_e2e_sglang.py -v -s
```

## Benchmark Scripts

Benchmark scripts are available under `tests/benchmarks/diffusion_router/` and are intended for manual runs.
They are not part of default unit test collection (`pytest tests/unit -v`).
They are not part of default unit test collection (`pytest tests/unit tests/integration -v`).

Single benchmark:

Expand Down
6 changes: 5 additions & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,5 +40,9 @@ package-dir = { "" = "src" }
where = ["src"]

[tool.pytest.ini_options]
testpaths = ["tests/unit"]
testpaths = ["tests/unit", "tests/integration"]
markers = [
"integration: CPU-only integration tests with real processes.",
"real_e2e: Real e2e tests requiring sglang and GPU.",
]
pythonpath = ["src"]
9 changes: 0 additions & 9 deletions src/sglang_diffusion_routing/cli/main.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,18 +67,9 @@ def _run_router_server(
) from exc

worker_urls = list(args.worker_urls or [])
refresh_tasks = []
for url in worker_urls:
normalized_url = router.normalize_worker_url(url)
router.register_worker(normalized_url)
refresh_tasks.append(router.refresh_worker_video_support(normalized_url))

if refresh_tasks:

async def _refresh_all_worker_video_support() -> None:
await asyncio.gather(*refresh_tasks)

asyncio.run(_refresh_all_worker_video_support())

print(f"{log_prefix} starting router on {args.host}:{args.port}", flush=True)
print(
Expand Down
15 changes: 12 additions & 3 deletions src/sglang_diffusion_routing/launcher/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,20 @@
from collections.abc import Iterable

import httpx
import torch

# TODO (mengyang, shuwen, chenyang): these utils should be clean up.


def _cuda_device_count() -> int:
"""Best-effort CUDA device count without hard torch import at module import."""
try:
import torch

return int(torch.cuda.device_count())
except Exception:
return 0


def infer_connect_host(host: str) -> str:
"""Normalize bind-all addresses to loopback for client connections."""
if host in ("0.0.0.0", "::", "localhost"):
Expand Down Expand Up @@ -72,7 +81,7 @@ def resolve_gpu_pool(
if parsed:
return parsed

gpu_count = int(torch.cuda.device_count())
gpu_count = _cuda_device_count()
if gpu_count > 0:
return [str(i) for i in range(gpu_count)]
return None
Expand Down Expand Up @@ -116,7 +125,7 @@ def build_gpu_assignments(
gpu_pool = parsed

if gpu_pool is None:
gpu_count = int(torch.cuda.device_count())
gpu_count = _cuda_device_count()
if gpu_count > 0:
gpu_pool = [str(i) for i in range(gpu_count)]

Expand Down
10 changes: 10 additions & 0 deletions src/sglang_diffusion_routing/router/diffusion_router.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,16 @@ def _setup_routes(self) -> None:
)

async def _start_background_health_check(self) -> None:
# Probe capability for pre-registered workers in the active server loop.
unknown_workers = [
url for url, support in self.worker_video_support.items() if support is None
]
if unknown_workers:
await asyncio.gather(
*(self.refresh_worker_video_support(url) for url in unknown_workers),
return_exceptions=True,
)
Comment on lines +94 to +97
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-high high

The _start_background_health_check function initiates network requests to worker URLs that are not sufficiently validated. The validation logic in normalize_worker_url (used when workers are registered) does not block private IP addresses (RFC 1918) and can be bypassed using a trailing dot in the hostname (e.g., 169.254.169.254.). This allows an attacker to probe internal network services or cloud metadata endpoints by registering malicious worker URLs via the /add_worker endpoint.

To remediate this, ensure that normalize_worker_url strictly validates that the hostname is not a private or loopback IP address and correctly handles trailing dots in hostnames.

Copy link
Copy Markdown
Contributor

@dreamyang-liu dreamyang-liu Feb 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still feel like it shouldn't be an one-off check, we might want to have one specific loop task to check it periodically. Also putting this refresh here changes the semnaitc of _start_background_health_check function.

Copy link
Copy Markdown
Collaborator Author

@alphabetc1 alphabetc1 Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree. Maybe we can open a separate PR to implement this, and keep this PR focused on decoupling the video support logic from cli/main.py.


if self._health_task is None or self._health_task.done():
self._health_task = asyncio.create_task(self._health_check_loop())

Expand Down
11 changes: 11 additions & 0 deletions tests/conftest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
"""Pytest configuration: force local src import precedence."""

from __future__ import annotations

import sys
from pathlib import Path

src_str = str(Path(__file__).resolve().parent.parent / "src")
while src_str in sys.path:
sys.path.remove(src_str)
sys.path.insert(0, src_str)
Empty file added tests/e2e/__init__.py
View file
Open in desktop
Empty file.
Loading