UTF-8 Plumbing: Byte-level Tokenizers Unavoidably Enable LLMs to Generate Ill-formed UTF-8

TL;DR

This paper formalizes how byte-level tokenizers in language models can generate ill-formed UTF-8 sequences, leading to potential bugs, and evaluates mitigations through case studies of major models.

Contribution

It provides a formal proof that byte-level tokenizers can produce ill-formed UTF-8 sequences and demonstrates the implications for language model applications.

Findings

Byte-level tokenizers can produce ill-formed UTF-8 sequences.

Incremental decoding differs from full-sequence decoding in UTF-8 interpretation.

Mitigations can reduce, but not eliminate, UTF-8 breakage issues.

Abstract

Subword tokenization segments input text according to a pre-defined vocabulary to feed it into a language model; the language model, in turn, generates a sequence made from this same vocabulary. The members of the vocabulary can be built of code points or bytes. Using code points means that all members of the vocabulary are valid UTF-8 characters. However, it also requires thousands of initial members to achieve acceptable coverage of inputs. Beginning with bytes, on the contrary, avoids out-of-vocabulary errors with only 256 initial members of the vocabulary, but the members of the vocabulary and sequences of them are not guaranteed to be valid UTF-8. Sequences that are not valid UTF-8 break code that assumes its input to be valid UTF-8. Applications of language models must account for the breakage thereby introduced. In this paper, we formalize tokenization using monoid theory and prove that tokenizers whose vocabularies contain tokens that are ill-formed UTF-8 can always produce sequences that are ill-formed UTF-8. We demonstrate formally that attempting to incrementally convert tokens back to a string and interpret the results as UTF-8 gives different results than converting the whole sequence of tokens at once. This formal result predicts real-world bugs: we evaluate mitigations for the problem identified and provide case studies of major foundation models, serving engines, and constrained generation systems.