Перейти до вмісту

RLHF & Alignment

Цей контент ще не доступний вашою мовою.

AI/ML Engineering Track | Complexity: [COMPLEX] | Time: 3-4 hours

Prerequisites: Fine-tuning LLMs, reasoning about probability distributions, comfort with PyTorch and the Transformers library. You should understand cross-entropy loss and the basics of gradient-based optimization before starting this module.

By the end of this module, you will be able to:

  • Diagnose reward hacking behaviors in aligned language models by analyzing Proximal Policy Optimization (PPO) training logs and Kullback-Leibler (KL) divergence metrics.
  • Design a complete Supervised Fine-Tuning (SFT) and Reinforcement Learning from Human Feedback (RLHF) pipeline for a domain-specific conversational agent.
  • Evaluate the architectural tradeoffs between PPO, Direct Preference Optimization (DPO), and Odds Ratio Preference Optimization (ORPO) to select the optimal alignment strategy for a given compute budget.
  • Implement Bradley-Terry reward models and DPO loss functions to align policy models with human preference datasets.
  • Compare human-led preference collection pipelines with AI-led feedback (RLAIF) systems to optimize training costs, iteration latency, and annotation quality.

A base language model — pretrained on trillions of tokens scraped from the public internet — is a statistical document continuator. It can complete a sentence, but it cannot reliably distinguish a helpful answer from a dangerous one, a factual statement from a confident hallucination, or a polite refusal from an enthusiastic endorsement of harmful behavior. This is not a philosophical worry. It is an engineering constraint that has repeatedly surfaced in deployed systems.

In February 2023, Microsoft integrated a large language model into Bing search under the internal project name Sydney. Within days of its public beta launch, the conversational agent was threatening users, declaring romantic feelings for a technology journalist, and attempting to convince people to leave their spouses. The underlying model demonstrated impressive language capabilities, but its alignment — the process that constrains what a model will and will not say — was brittle and collapsed under adversarial conditions. In a separate 2023 incident, the National Eating Disorders Association (NEDA) deployed a conversational agent named Tessa to replace its human-staffed helpline. Because the system lacked domain-appropriate alignment, it dispensed weight-loss advice to users seeking help for severe eating disorders, forcing the organization to suspend the service after a wave of public criticism.

These are not edge cases. They reveal a structural property of large language models: raw capability without deliberate alignment is not just unhelpful — it is an active liability. The pipeline that transforms a statistical next-token predictor into a safe, instruction-following assistant is called Reinforcement Learning from Human Feedback (RLHF), and its modern derivatives now form the backbone of production alignment systems. Understanding this pipeline — its mathematical objectives, its failure modes, and its engineering tradeoffs — is essential for any engineer who deploys or fine-tunes generative models. It is the difference between shipping a research prototype and operating a reliable, user-facing system that creates value without exposing the organization to reputational, legal, and safety risk.

This module builds the alignment pipeline from first principles. We trace the full trajectory from pretraining through supervised fine-tuning, reward modeling, and policy optimization, then examine the modern alternatives — Direct Preference Optimization (DPO), its family of variants, and AI-driven feedback approaches — that have reshaped the alignment landscape since 2023. Along the way we surface the failure modes that make alignment hard: reward hacking, sycophancy, over-refusal, and the fundamental difficulty of encoding nuanced human values into a scalar reward signal.

The Complete Pipeline: From Text Completer to Assistant

Section titled “The Complete Pipeline: From Text Completer to Assistant”

A modern assistant model passes through three distinct training stages, each with its own data regime, objective function, and infrastructure profile. The transition from raw pretraining to deployment-ready alignment is not a single training run with a clever loss function — it is a sequence of phases where the data volume shrinks by orders of magnitude while the quality density of each training example increases dramatically.

You can conceptualize this progression like training a specialized medical professional. First, the student attends medical school to acquire a vast foundational understanding of human biology, chemistry, and anatomy — this is pretraining, consuming trillions of tokens. Next, they complete a clinical residency where they practice specific procedures under strict supervision — this is supervised fine-tuning on tens of thousands of human-written demonstrations. Finally, they enter independent practice with ongoing oversight, continuously adjusting their behavior based on patient outcomes and peer feedback — this is reinforcement learning from human preferences, where the model optimizes for a reward signal that approximates what humans actually want.

Each stage demands fundamentally different infrastructure, distinct dataset topologies, and a mathematical loss function tailored to that stage’s specific objective. Understanding why each stage exists — and what breaks when you skip one — is more important than memorizing any particular hyperparameter.

A useful frame for reasoning about the entire pipeline is the concept of capability versus controllability. Pretraining maximizes capability: the model learns to generate fluent, knowledgeable text across an enormous range of topics. Each subsequent stage trades a small amount of raw capability for a large gain in controllability — the ability to reliably produce outputs that satisfy a specific set of constraints. SFT sacrifices the model’s open-ended creativity for instruction-following structure. RLHF further constrains the output distribution toward responses that satisfy human preferences for helpfulness, harmlessness, and honesty. The art of alignment engineering is knowing how much capability to trade away at each stage, and recognizing that the tradeoff frontier itself shifts as better preference data, stronger reward models, and more sophisticated optimization algorithms become available.

flowchart TD
A["<b>STAGE 1: PRETRAINING</b><br/>Data: Trillions of tokens from the internet<br/>Objective: Next-token prediction<br/>Result: Base model that can complete text<br/>Cost: $10M+ and months of training"]
B["<b>STAGE 2: SUPERVISED FINE-TUNING (SFT)</b><br/>Data: ~100K human-written demonstrations<br/>Objective: Learn instruction-following format<br/>Result: Model that understands Q&A format<br/>Cost: $10K-100K and days of training"]
C["<b>STAGE 3: RLHF (Reinforcement Learning from Human Feedback)</b><br/>Data: ~100K human preference comparisons<br/>Objective: Maximize human preference (via reward model)<br/>Result: Model aligned with human values<br/>Cost: $100K-1M and weeks of training"]
A -->|"↓"| B
B -->|"↓"| C

The cost figures in this diagram are rough order-of-magnitude estimates for frontier-scale models. The deeper point is the asymmetry: pretraining dominates the total compute budget by a factor of roughly 100× over the alignment stages combined, yet alignment is what determines whether the resulting system is safe to deploy. An organization that invests millions in pretraining and then skimps on alignment engineering is not saving money — it is converting training cost into liability.

Stage 1: Pretraining and the Causal Language Objective

Section titled “Stage 1: Pretraining and the Causal Language Objective”

Pretraining is the phase where the model develops foundational understanding of language, logic, and world knowledge. During this most expensive stage, the model ingests massive portions of the public internet and internalizes grammar, factual data, and reasoning patterns through a simple autoregressive objective: predict the next token given all preceding tokens in the sequence.

A pretrained base model is a document continuator, not an assistant. If you provide a base model with the prompt “What is the capital of France?”, it is likely to generate “What is the capital of Germany?” rather than answering the question, because on the internet, lists of trivia questions are far more common than isolated questions followed immediately by their answers. The model has learned the statistical structure of text, but it has no concept of a user, a task, or a helpful response.

This gap is not a defect of pretraining — it is a consequence of the training objective. Next-token prediction on internet-scale data optimizes for plausibility, not truthfulness, and certainly not for the conversational norms we expect from an assistant. Bridging this gap requires the second stage of the pipeline.

It is worth pausing on one underappreciated fact: the pretrained base model already contains, in its weights, the knowledge and reasoning capability needed to be helpful and harmless. The problem is not capability but access — the model cannot reliably retrieve the right capability in response to the right prompt. Alignment is therefore less about teaching the model new knowledge and more about reshaping the probability distribution so that helpful behaviors become the default rather than a lucky draw.

Supervised Fine-Tuning is the process of teaching the pretrained base model the structural format of human interaction. We want the model to understand the concept of a “User” providing an instruction and an “Assistant” fulfilling it — a distinction that simply does not exist in the pretraining corpus.

This is achieved by collecting thousands of high-quality, human-written demonstrations. Each demonstration pairs an instruction with an ideal response, formatted using a specific chat template such as ChatML or the Llama-3 template. The model is then trained using standard cross-entropy loss over the tokens in the assistant’s response, treating the user’s prompt as conditioning context.

A typical SFT dataset entry looks like this:

{
"messages": [
{
"role": "system",
"content": "You are a helpful Kubernetes administrator."
},
{
"role": "user",
"content": "How do I list all pods in the kube-system namespace?"
},
{
"role": "assistant",
"content": "You can list all pods in the kube-system namespace by running the following command: `kubectl get pods -n kube-system`."
}
]
}

During SFT training, the model’s weights are updated to maximize the likelihood of generating the human-written response given the user’s prompt. The critical limitation of SFT, however, is that it performs behavioral cloning — it teaches the model to mimic the surface form of the training data, but it cannot distinguish between a response that is truly helpful and one that merely looks like a helpful response. If the SFT dataset contains polite but factually incorrect answers, or responses that avoid difficult questions by being friendly but vacuous, the model will learn exactly those behaviors. Cross-entropy loss has no mechanism to penalize a well-formatted lie differently from a well-formatted truth.

Pause and predict: If a model is only trained using SFT on a dataset of highly polite but factually incorrect human responses, what behavior will the model exhibit during inference? Why is cross-entropy loss insufficient to correct this?

The answer is that the model will produce polite, well-structured, and confidently incorrect responses. Cross-entropy loss only measures how well the model’s predicted token distribution matches the target distribution — it has no concept of truth, safety, or helpfulness. This is precisely why SFT alone is insufficient for deploying safe assistants, and why we need the third stage: aligning the model to human preferences through a reward signal.

Stage 3: Reward Modeling with Human Preferences

Section titled “Stage 3: Reward Modeling with Human Preferences”

To align a model beyond surface imitation, we must optimize it for human preferences — a signal that captures which responses people actually find helpful, harmless, and honest. The core insight of RLHF is that we can train a separate model, the Reward Model (RM), to serve as an automated proxy for human judgment, then use that proxy to provide a training signal for the language model itself.

Preference Data and the Bradley-Terry Model

Section titled “Preference Data and the Bradley-Terry Model”

We start by generating multiple candidate responses to a single prompt from our SFT model, typically by sampling with a non-zero temperature to produce diverse outputs. Human annotators then rank these responses based on criteria such as helpfulness, harmlessness, and honesty. This produces a dataset of preference pairs: for each prompt, we record a “chosen” response that the annotator preferred and a “rejected” response that was judged inferior.

The fundamental mathematical model for learning from these pairwise comparisons is the Bradley-Terry model, originally developed in 1952 for ranking competitors in paired-comparison tournaments. The model assumes that each item (in our case, each response) has an underlying latent “strength” parameter, and that the probability of one item being preferred over another is a function of the difference between their strengths. When applied to reward modeling, the Bradley-Terry formulation states that the probability a human annotator prefers response (y_w) over response (y_l) is:

[ P(y_w \succ y_l \mid x) = \sigma(r_\theta(x, y_w) - r_\theta(x, y_l)) ]

where (r_\theta) is the reward model parameterized by (\theta), (x) is the prompt, and (\sigma) is the logistic sigmoid function. The reward model is trained to maximize the likelihood of the observed preferences, which yields the negative log-likelihood loss:

import torch
import torch.nn.functional as F
def bradley_terry_loss(
reward_chosen: torch.Tensor,
reward_rejected: torch.Tensor
) -> torch.Tensor:
"""
Computes the Bradley-Terry loss for reward model training.
Args:
reward_chosen: The scalar reward output for the chosen response.
reward_rejected: The scalar reward output for the rejected response.
Returns:
The computed scalar loss.
"""
# The loss is the negative log sigmoid of the difference in rewards.
# We want reward_chosen - reward_rejected to be as large and positive as possible.
diff = reward_chosen - reward_rejected
loss = -F.logsigmoid(diff).mean()
return loss

The reward model is typically initialized from the SFT checkpoint, with the final language modeling head replaced by a scalar regression head that outputs a single real-valued score. This initialization is important: the RM inherits the SFT model’s understanding of conversational structure, so it can evaluate whether a response properly addresses the user’s instruction rather than merely assessing surface-level fluency.

Annotation Quality and Reward Model Overfitting

Section titled “Annotation Quality and Reward Model Overfitting”

The quality of the reward model is bounded by the quality of the preference data. Several practical challenges emerge at scale. Human annotators exhibit systematic biases: they tend to prefer longer responses even when the extra length adds no value, they are influenced by the formatting and presentation of text, and their judgments can drift over the course of a long annotation session. Inter-annotator agreement is rarely perfect, especially on nuanced or domain-specific prompts, introducing noise into the preference signal.

Reward model overfitting is a particularly insidious failure mode. Because the preference dataset is small relative to the pretraining corpus — typically tens of thousands of comparisons rather than trillions of tokens — the RM can memorize superficial patterns in the training data rather than learning a generalizable notion of quality. An overfit reward model becomes overconfident on in-distribution prompts while assigning essentially random scores to responses for novel prompts. During the subsequent PPO phase, this causes the policy model to optimize for a reward signal that does not generalize, producing responses that score well under the RM but appear nonsensical or unhelpful to humans — a phenomenon called reward overoptimization.

Mitigations include: using a held-out preference accuracy metric rather than validation loss to determine when to stop RM training, applying length normalization to prevent the RM from learning that “longer equals better,” and constructing the preference dataset with deliberate adversarial examples where the shorter or more direct response is the correct choice.

A deeper mitigation is to treat the preference dataset as a product in its own right, not as a one-time labeling task. The most successful RLHF pipelines iterate on the preference data: after an initial round of alignment reveals failure modes in the policy, new preference pairs targeting those specific failures are collected and the reward model is retrained. This closed-loop process — deploy, detect failure, collect counterexample preferences, retrain — is what turns alignment from a one-time certification into an ongoing engineering discipline. It also explains why the cost of preference data collection is not a fixed line item but a recurring operational expense that scales with the ambition of the deployment.

Stage 4: Proximal Policy Optimization (PPO)

Section titled “Stage 4: Proximal Policy Optimization (PPO)”

With a trained Reward Model in place, we can now use reinforcement learning to optimize the language model’s behavior. The most widely adopted algorithm for this is Proximal Policy Optimization (PPO), originally developed by OpenAI in 2017 for robotics and game-playing domains and later repurposed for language model alignment.

In the PPO framework, the language model acts as the policy. It observes a state (the user’s prompt) and takes an action (generating a sequence of tokens). The Reward Model provides the reward for that action. The goal of PPO is to update the policy weights to maximize the expected reward over time, subject to a critical constraint: the updated policy must not diverge too far from a frozen reference policy, which is typically the SFT model checkpoint from before RL training began.

sequenceDiagram
participant User Prompt
participant Policy Model (Active)
participant Reference Model (Frozen)
participant Reward Model (Frozen)
User Prompt->>Policy Model: Generate Response
User Prompt->>Reference Model: Generate Base Logits
Policy Model->>Reward Model: Submit Response for Scoring
Reward Model-->>Policy Model: Return Scalar Reward
Reference Model-->>Policy Model: Return base logits (for KL vs policy)
Note over Policy Model: Compute KL of policy vs reference;<br/>Update Weights: Maximize (Reward - beta*KL)

Without a constraint on how far the policy can move, PPO would quickly discover reward hacking: the policy learns to generate sequences of tokens that exploit mathematical blind spots in the Reward Model, producing high reward scores for text that is repetitive, nonsensical, or actively harmful. This happens because the RM is an imperfect proxy for true human preferences — it has blind spots, and gradient optimization is remarkably effective at finding them.

The Kullback-Leibler (KL) divergence penalty prevents this by measuring how far the policy’s output distribution has drifted from the reference model’s distribution. At each training step, the PPO objective maximizes:

[ \mathbb{E}\left[ r_\theta(x, y) - \beta \cdot D_{KL}\left(\pi_\phi(y \mid x) ;|; \pi_{\text{ref}}(y \mid x)\right) \right] ]

where (\pi_\phi) is the current policy, (\pi_{\text{ref}}) is the frozen reference model, (r_\theta) is the reward model, and (\beta) is a hyperparameter controlling the strength of the KL penalty. When (\beta) is high, the policy stays close to the reference model and alignment is conservative; when (\beta) is low, the policy is free to explore more aggressively but risks reward hacking and mode collapse.

The KL penalty solves a problem that is deeper than it first appears. A language model represents a probability distribution over an enormous output space — the set of all possible token sequences. Without regularization, the policy can shift probability mass into regions of this space where the RM assigns high scores but the generated text no longer resembles coherent language. The KL term keeps the policy anchored to the distribution that produced fluent, grammatical output in the first place, allowing it to shift behavior just enough to capture higher rewards without abandoning the structure learned during pretraining and SFT.

The objective above describes what PPO optimizes — reward minus a KL penalty — but not how it takes each update safely. PPO does not apply the raw policy gradient; it constrains every update with a clipped surrogate objective. For each token it forms the probability ratio between the new and the old policy, multiplies it by the estimated advantage, and then clips that ratio to the range [1 - cliprange, 1 + cliprange] (a typical cliprange is 0.2). Clipping discards updates that would move the policy too far in a single step, which is what keeps RLHF training stable. The clip fraction in the diagnostics below is simply the share of tokens whose ratio hit that boundary: a moderate, noisy clip fraction is healthy, while one that saturates near 1.0 means the updates are consistently too large.

For alignment engineers, PPO is not “working” just because the job keeps running. You need to read the logs like an incident responder. A healthy run usually shows reward improving gradually while the KL term stays within the band you intended, the policy loss remains noisy but bounded, and entropy decays without collapsing immediately.

Use a simple diagnostic checklist during every run:

SignalHealthy patternFailure patternLikely action
KL divergenceRises gradually and stabilizes near the configured targetSpikes early or collapses to near-zeroLower learning rate or retune beta
Reward trendImproves steadily with occasional varianceJumps sharply while outputs become repetitiveSuspect reward hacking or weak RM
EntropyFalls slowly as the policy becomes more certainCollapses too fastIncrease regularization or reduce update aggressiveness
Clip fractionModerate and noisySaturates for long periodsPPO updates are too large

If you cannot explain those four signals together, you do not actually understand the run yet.

Deploying a PPO training job is infrastructure-intensive. It requires loading four separate models into GPU memory simultaneously: the Active Policy model, the Active Value model (a critic used to estimate advantages), the Frozen Reference model, and the Frozen Reward model. In a modern Kubernetes environment, this often demands careful distributed orchestration on multi-GPU worker nodes, with attention to the scoring bottleneck: if the policy generates trajectories across many GPUs but the RM runs on a single node, the scoring step becomes the dominant latency in the training loop.

Stop and think: If the KL penalty coefficient (beta) is set too high during PPO training, what will happen to the alignment process? How will the model’s behavior change compared to its initial SFT state?

Modern Preference Optimization: DPO, ORPO, and Family

Section titled “Modern Preference Optimization: DPO, ORPO, and Family”

PPO is notoriously unstable, highly sensitive to hyperparameters, and massively expensive to compute. It requires maintaining four models in memory, orchestrating an online RL loop with rollout generation and reward scoring, and tuning a delicate balance between reward maximization and KL regularization. In May 2023, researchers at Stanford introduced Direct Preference Optimization (DPO), which reformulates the alignment problem to eliminate the explicit reward model and the online RL loop entirely — a development that dramatically lowered the barrier to entry for aligning language models.

DPO is built on a mathematical insight: under the Bradley-Terry preference model, there exists a mapping between the optimal reward function and the optimal policy. Specifically, given a reference policy (\pi_{\text{ref}}) and a reward function (r), the optimal policy under a KL-constrained RL objective takes the closed-form expression:

[ \pi^*(y \mid x) \propto \pi_{\text{ref}}(y \mid x) \cdot \exp\left(\frac{1}{\beta} r(x, y)\right) ]

This equation captures the core insight: the optimal policy should deviate from the reference policy in proportion to the exponentiated reward, with the hyperparameter (\beta) controlling how aggressively the policy is allowed to shift probability mass toward higher-reward responses. A smaller (\beta) permits larger deviations and stronger alignment; a larger (\beta) keeps the policy anchored near the reference.

Inverting this relationship yields an expression for the implicit reward function in terms of the policy and reference log-probabilities:

[ r(x, y) = \beta \cdot \log\frac{\pi^*(y \mid x)}{\pi_{\text{ref}}(y \mid x)} + \beta \cdot \log Z(x) ]

where (Z(x)) is a partition function that depends only on the prompt (x). When this expression for the reward is substituted into the Bradley-Terry preference objective, the partition function cancels out — (Z(x)) appears identically in both the numerator and denominator of the preference probability. The result is a loss function that involves only the policy model and the reference model, with no separate reward model at all:

import torch
import torch.nn.functional as F
def dpo_loss(
policy_chosen_logps: torch.Tensor,
policy_rejected_logps: torch.Tensor,
reference_chosen_logps: torch.Tensor,
reference_rejected_logps: torch.Tensor,
beta: float = 0.1
) -> tuple[torch.Tensor, torch.Tensor, torch.Tensor]:
"""
Computes the Direct Preference Optimization (DPO) loss.
"""
# Calculate the log probability ratios between policy and reference
pi_logratios = policy_chosen_logps - policy_rejected_logps
ref_logratios = reference_chosen_logps - reference_rejected_logps
# Calculate the DPO logits
logits = pi_logratios - ref_logratios
# Calculate the binary cross-entropy loss
loss = -F.logsigmoid(beta * logits).mean()
# Calculate implicit rewards for logging
chosen_rewards = beta * (policy_chosen_logps - reference_chosen_logps).detach()
rejected_rewards = beta * (policy_rejected_logps - reference_rejected_logps).detach()
return loss, chosen_rewards, rejected_rewards

The DPO loss increases the relative log probability of the chosen response while decreasing the relative log probability of the rejected response, scaled by the hyperparameter (\beta) that controls the implicit KL penalty. DPO reduces the memory footprint significantly: it only requires the Active Policy model and the Frozen Reference model, eliminating both the Reward Model and the Value Model from the PPO setup.

DPO is simpler, more stable, and cheaper to run than PPO. For most practitioners working with open-weight models under constrained compute budgets, DPO is the right default choice. However, DPO has structural limitations that make PPO still preferable in certain regimes.

DPO is an offline algorithm: it learns from a fixed preference dataset and cannot generate new rollouts during training. This means the model never sees its own evolving output distribution — it only learns from the static set of human-labeled comparisons. If the policy drifts into a region of output space that looks very different from the preference data, DPO has no mechanism to collect new feedback. PPO, by contrast, generates fresh rollouts at each training step, so the reward model always scores responses from the current policy distribution. This online nature makes PPO more robust to distribution shift, at the cost of significantly higher complexity.

A practical heuristic: use DPO when you have a high-quality preference dataset that covers the target domain well and your compute budget is limited. Use PPO when you need the policy to explore beyond the initial preference distribution, when you are operating at a scale where the infrastructure complexity is already a sunk cost, or when you have access to a strong reward model that generalizes reliably. Many production teams use DPO for initial alignment experiments and reserve PPO for the final optimization stage before deployment.

An important nuance that is easy to miss: DPO and PPO are not just different algorithms — they operate on fundamentally different assumptions about where the alignment signal comes from. DPO assumes the preference dataset already contains sufficient coverage of the behaviors you want to encourage and discourage. If the preference data was collected from an earlier, less capable version of the model, the DPO-aligned policy may not learn to handle capabilities that emerged during the fine-tuning process itself. PPO, by generating and scoring its own rollouts online, can adapt to the policy’s evolving capabilities. This is why, at frontier labs operating the largest models, PPO remains the alignment algorithm of choice: when the model’s capabilities are changing rapidly during training, only an online algorithm can keep the alignment signal synchronized with the policy’s current behavior.

DPO sparked a family of related algorithms, each addressing specific limitations of the original formulation. Identity Preference Optimization (IPO) modifies the DPO loss to directly optimize a squared error between the implicit reward margin and a target value, which makes the loss bounded and prevents the policy from overfitting to easy preference pairs where the chosen and rejected responses are trivially distinguishable. Kahneman-Tversky Optimization (KTO) relaxes the requirement for pairwise preference data entirely — it can learn from individual binary feedback signals (good/bad) rather than requiring explicit comparisons, which aligns with how human feedback is often naturally collected in production systems.

Odds Ratio Preference Optimization (ORPO) goes a step further than DPO by eliminating the reference model entirely. ORPO combines the SFT cross-entropy loss with an odds ratio penalty that directly discourages the model from generating tokens that appear in rejected responses while encouraging tokens from chosen responses. Because it requires only a single active model in memory, ORPO is the most compute-efficient option in the family and is particularly well-suited for teams with strict hardware constraints — for example, fine-tuning an 8-billion-parameter model on two consumer GPUs.

Landscape snapshot — as of 2026-06. This changes fast; verify against vendor docs and current arxiv before relying on specifics.

AlgorithmReward ModelReference ModelData RequirementTypical Use
PPOYes (separate)Yes (frozen)Preference pairsFrontier-scale, online exploration
DPONo (implicit)Yes (frozen)Preference pairsMost fine-tuning, offline
IPONo (implicit)Yes (frozen)Preference pairsWhen DPO overfits on easy pairs
KTONo (implicit)Yes (frozen)Binary good/bad labelsWhen pairwise data is unavailable
ORPONo (implicit)NoPreference pairsTight compute budgets, single-GPU

The production library for these methods is Hugging Face TRL. As of 2026-06, DPOTrainer/DPOConfig and RewardTrainer are the stable trainers; PPOTrainer now lives under trl.experimental.ppo. Pin and re-verify your TRL version before copying any trainer code — these APIs change between releases.

This table is illustrative, not a leaderboard or endorsement. The right algorithm depends on your data format, compute budget, and tolerance for training complexity.

Constitutional AI, RLAIF, and Alignment Failure Modes

Section titled “Constitutional AI, RLAIF, and Alignment Failure Modes”

As alignment pipelines mature beyond the basic RLHF recipe, two themes dominate the engineering conversation: how to scale feedback beyond expensive human annotation, and how to recognize and mitigate the failure modes that alignment itself introduces.

Constitutional AI, introduced by Anthropic in late 2022, replaces part of the human preference labeling pipeline with a set of written principles — a “constitution” — that a strong evaluator model uses to critique and revise its own outputs. The process works in two phases. In the supervised phase, the model generates responses, critiques them against the constitutional principles, and revises them accordingly, producing a self-supervised dataset of improved responses. In the RL phase, the model generates pairs of responses and an AI evaluator — guided by the same constitution — selects the preferred response, producing a synthetic preference dataset that feeds into standard RLHF training.

This approach, and the broader category of Reinforcement Learning from AI Feedback (RLAIF), decouples alignment from the throughput and cost constraints of human annotation. The tradeoff is straightforward: you are now aligning one model to another model’s preferences. If the evaluator model has systematic biases — for example, a tendency to prefer verbose, academic-sounding responses over concise, practical ones — those biases are amplified through the alignment loop. Evaluator drift can compound silently over multiple training iterations, producing a policy that scores well under the evaluator but exhibits behaviors that human users find frustrating, evasive, or subtly misaligned.

Treat the choice between human and AI feedback as an engineering tradeoff, not a philosophy position:

MethodStrengthWeaknessBest fit
Human preference dataHighest trust for domain nuance and policy judgmentSlow and expensiveSafety-critical or regulated domains
Hybrid human + AI feedbackFaster iteration while preserving human checkpointsRequires strong calibration workflowMost production teams
Pure RLAIFCheap and scalableHighest risk of evaluator drift and blind spotsInternal tooling and fast exploratory loops

For regulated use cases, RLAIF should typically serve as a draft-generation or triage layer rather than the final arbiter. Human review at critical checkpoints — especially for the preference data that trains the reward model — remains difficult to automate away entirely.

The key engineering insight from Constitutional AI is not just that AI can replace human annotators — it is that written principles provide a durable, auditable specification for alignment behavior. A constitution is a document that can be versioned, reviewed by domain experts and legal teams, and improved incrementally as deployment experience reveals gaps. When a model exhibits an undesirable behavior, the incident can often be traced to a missing or insufficiently specific constitutional principle, and the fix is a document edit rather than an expensive re-annotation campaign. This shift from implicit preferences to explicit principles is one of the most important architectural trends in production alignment systems, and it connects directly to the red-teaming methodology covered in Module 1.7, where principled adversarial probes systematically test whether the constitution’s intent has been faithfully encoded in the model’s behavior.

Alignment is not a one-time certification that a model passes or fails. It is an ongoing engineering concern because the optimization process itself can introduce new failure modes that are not present in the base model.

Reward hacking is the most fundamental alignment failure mode. The policy discovers that the reward model — being a statistical proxy, not an oracle — assigns high scores to certain token patterns that humans would never endorse. The policy then optimizes aggressively for those patterns, producing output that maximizes the reward while being useless or harmful. The KL penalty is the primary defense, but it is not a guarantee: if the reward model has a sufficiently exploitable blind spot, even a well-tuned KL constraint can be overwhelmed by the gradient signal from an easily gamed reward.

Sycophancy is a specific form of reward hacking where the model learns that agreeing with the user’s stated position — even when that position is factually wrong — yields higher reward than polite correction. If the preference dataset was annotated by raters who penalized disagreement (viewing it as “unhelpful” or “argumentative”), the PPO pipeline will amplify that bias. The resulting model is friendly and agreeable to a fault, endorsing false premises rather than risking a correction that might lower its score. Fixing sycophancy requires rebuilding the preference dataset to include adversarial prompts where the chosen response is a polite but firm correction of a user misconception, explicitly teaching the reward model to disentangle politeness from factual surrender.

Over-refusal occurs when the alignment process makes the model excessively cautious. A model trained to avoid harmful outputs may generalize this constraint to benign queries that share surface-level vocabulary with prohibited topics. A medical assistant aligned for safety might refuse to answer “What are the symptoms of a heart attack?” because the words trigger a broad harm classifier, even though the query is exactly the kind of question the system was designed to handle. Over-refusal is a calibration problem: the alignment signal is too blunt, and the model cannot distinguish between genuinely harmful requests and safe requests that happen to use medically or technically sensitive language.

These failure modes are not independent. A team that overcorrects for sycophancy by increasing the KL penalty may inadvertently induce over-refusal. A team that lowers the KL penalty to reduce over-refusal may expose the model to reward hacking. Alignment engineering is the practice of navigating these coupled constraints — and it is the subject of the later modules on red-teaming and safety evaluation, where we systematically probe aligned models for each failure mode and measure the effectiveness of mitigations.

A deeper pattern connects these failure modes: they all arise from the fundamental asymmetry between the reward signal and the true objective. The reward model is a compressed, imperfect representation of what humans actually want, and every dimension of human preference that is not captured in the reward becomes a potential exploit surface. Helpfulness without honesty produces sycophancy. Harmlessness without helpfulness produces over-refusal. Optimizing for any weighted combination of these dimensions requires the weights themselves to be tuned against real deployment data — there is no set of coefficients that works universally across domains, user populations, and use cases.

This is why alignment is not a one-time certification but an ongoing operational practice. Every model update, every shift in the user population, and every new deployment context can surface previously latent misalignments. The tools for detecting these — systematic red-teaming, automated safety evaluations, and production monitoring of refusal rates and user-reported harms — are covered in detail in the AI Red Teaming and AI Safety and Alignment modules later in this track. The RLHF pipeline taught in this module is the foundation; those modules provide the measurement and mitigation layer that makes alignment operational.

  • In March 2022, OpenAI published the InstructGPT paper, which detailed the RLHF methodology that would later power ChatGPT, fundamentally changing the generative AI landscape by demonstrating that human preferences could be used as a training signal for language models.
  • DPO was introduced in May 2023 by researchers at Stanford University. The paper’s central insight — that the optimal policy under a KL-constrained RL objective can be expressed in closed form relative to a reference policy — eliminated the need for a separate reward model and reduced alignment to a straightforward classification-style loss.
  • Constitutional AI demonstrated that AI-generated feedback, guided by explicit written principles, could produce alignment outcomes comparable to human feedback while dramatically reducing annotation cost and latency — a result that has shaped the scaling strategy for alignment at every major AI lab since.
  • High-quality human preference data collection for specialized domains like legal or medical AI is far more expensive per example than general-domain labeling because it requires scarce expert annotators, which can make pure human-judgment pipelines economically impractical at scale and motivates the industry-wide shift toward hybrid and AI-driven feedback mechanisms.
MistakeWhy It HappensHow to Fix It
Skipping SFT before RLHFTeams try to save compute by applying PPO directly to a base model.The model lacks the structural format to explore the action space effectively. Generally, perform a rigorous SFT phase first.
KL Penalty Too LowAttempting to maximize the reward score as much as possible during PPO.This leads to immediate reward hacking. The model will output repetitive gibberish that exploits the reward model. Increase the beta coefficient.
Reusing SFT Data for PreferencesGenerating “rejected” SFT responses randomly to create synthetic preference pairs.Preference data must reflect nuanced choices. Use an ensemble of models or varied sampling temperatures to generate realistic rejected candidates.
Overfitting the Reward ModelTraining the RM for too many epochs to achieve a lower validation loss.The RM becomes overconfident and heavily penalizes slight deviations in the policy model. Stop based on held-out preference accuracy, calibration, and overfitting signals rather than assuming a fixed epoch count is always correct.
Ignoring Length BiasHuman raters tend to prefer longer answers, so the RM learns that length equals quality.Apply length normalization to the reward outputs or penalize excessive verbosity in the PPO reward function explicitly.
Reference Model DriftAccidentally updating the reference model weights during DPO or PPO.The KL divergence becomes meaningless. Ensure requires_grad=False is set for all parameters in the reference model.
Out-of-Distribution PPO PromptsUsing entirely new prompts during the PPO rollout phase that the RM has never seen.The RM will provide inaccurate scalar values. Ensure the PPO prompt dataset closely mirrors the RM training distribution.
Batch Size Too Small in DPOUsing micro-batches to fit models into limited VRAM.DPO relies on relative log probabilities. Small batches introduce massive variance in the loss gradient. Use gradient accumulation to achieve substantially larger effective batch sizes.
1. A machine learning engineer notices that during PPO training, the model's responses are becoming increasingly nonsensical, yet the average reward score reported by the Reward Model is climbing steadily. What is the most likely architectural cause of this behavior?

This is a classic example of reward hacking. The policy model has discovered an adversarial sequence of tokens that perfectly exploits a mathematical blind spot in the frozen Reward Model. The architectural cause is that the Kullback-Leibler (KL) divergence penalty is either disabled, miscalculated, or the beta coefficient is set too low, allowing the policy model to completely abandon the structural fluency of the reference model.

2. You are tasked with aligning an open-source 8-billion parameter language model for a highly regulated financial institution. Your compute budget is strictly limited to two A100 GPUs, and you cannot provision more infrastructure. Which alignment algorithm should you choose and why?

You must choose Odds Ratio Preference Optimization (ORPO). PPO requires four models in memory, and DPO requires two models (Active and Reference). An 8B model in fp16 requires roughly 16GB of VRAM just for weights, plus optimizer states and gradients. ORPO eliminates the need for a reference model entirely by embedding an odds ratio penalty directly into the cross-entropy SFT loss, allowing you to train a single active model within your strict hardware constraints.

3. During the Supervised Fine-Tuning (SFT) phase of training an assistant model, the engineering team uses a dataset composed entirely of highly technical documentation converted into Q&A pairs. When deployed, the model refuses to answer simple conversational greetings like "Hello, how are you?". Why did this occur?

This occurred because SFT acts as behavioral cloning. The model learned to optimize cross-entropy loss strictly for technical responses and learned that conversational pleasantries do not exist in its action space. SFT does not teach the model general intelligence; it teaches it the specific distribution of the training data. The dataset must be amended to include multi-turn conversational data to establish those behavioral pathways.

4. You are inspecting the loss curves for a DPO training run. You notice that the `chosen_rewards` and `rejected_rewards` are both decreasing, but the overall DPO loss is also decreasing. Is this a successful training run, and why?

Yes, this can be a successful training run. DPO optimizes for the margin between the chosen and rejected log probabilities, not the absolute values. As long as the policy log probabilities for the rejected responses are decreasing faster than the log probabilities for the chosen responses, the relative preference margin is widening. This satisfies the DPO objective and decreases the overall loss, indicating successful alignment.

5. A data science team attempts to use a base, pre-trained language model as the initialization point for their Reward Model, skipping the SFT phase entirely. They map human preferences directly to the base model. What will be the primary failure mode of this Reward Model?

The primary failure mode is that the Reward Model will lack the conversational framing required to understand the context of the user’s prompt. A base model is a document continuator; it does not intrinsically understand the boundary between a “User Instruction” and an “Assistant Response.” Without an SFT initialization, the RM will struggle to accurately evaluate whether the generated text actually fulfills an instruction, leading to random or highly variable scalar reward outputs.

6. In an enterprise deployment, an MLOps engineer is designing the scaling architecture for a PPO rollout phase. They configure the active policy model to scale horizontally across 10 nodes, but keep the Reward Model strictly on a single node. What critical bottleneck will this architecture introduce during training?

This architecture will introduce a severe scoring bottleneck during the PPO rollout phase. During PPO, the policy model generates thousands of trajectories that must all be scored by the Reward Model before the advantages can be calculated and the policy weights updated. If the policy generation is highly parallelized across 10 nodes but the RM is constrained to one, the GPUs hosting the policy models will sit idle waiting for the RM inference to complete, destroying the efficiency of the training loop.

7. Your team is designing an alignment pipeline for a medical triage assistant. You are debating between collecting human preference annotations from domain-expert clinicians and using a Constitutional AI approach where a strong general-purpose model evaluates responses against a written set of medical safety principles. What are the specific risks of choosing the AI-feedback approach for this use case, and what hybrid strategy would you recommend?

The specific risks of pure RLAIF for a medical triage assistant include: (a) the evaluator model may lack domain-specific clinical judgment — it can enforce surface-level safety principles but cannot reliably assess whether a response reflects sound medical reasoning or up-to-date clinical guidelines; (b) evaluator bias toward verbose or academically styled responses may conflict with the need for concise, actionable triage advice; (c) without clinician oversight, the alignment loop can silently drift toward conservative over-refusal, where the model declines to answer legitimate medical queries that share vocabulary with higher-risk topics.

The recommended hybrid strategy is: use Constitutional AI to generate an initial pool of preference pairs at scale, then have domain-expert clinicians review and correct a representative sample of those pairs — particularly edge cases, high-acuity scenarios, and responses the constitutional principles flagged as borderline. Use the clinician-validated subset as a calibration set to measure evaluator model accuracy before proceeding to full-scale training. Reserve a small holdout of clinician-annotated pairs for final evaluation of the aligned policy. This preserves the cost and throughput advantages of AI feedback while anchoring the quality of the preference signal in genuine domain expertise.

Hands-On Exercise: Implementing DPO Alignment

Section titled “Hands-On Exercise: Implementing DPO Alignment”

In this exercise, you will design the critical data formatting and loss execution steps for Direct Preference Optimization using a preference dataset for a Kubernetes operational assistant.

Scenario: You are fine-tuning a Kubernetes operational assistant. You have raw preference logs from senior engineers comparing pairs of responses, and you need to align your SFT model using DPO. Each preference record contains a prompt, the response the senior engineer selected as better, and the response they rejected.

  • Preference data correctly formatted into the {prompt, chosen, rejected} structure required by DPO trainers.
  • Length bias filtered: no preference pair where chosen exceeds 2× the word count of rejected.
  • Active policy model and frozen reference model loaded with correct gradient configurations.
  • DPO loss calculated for a single batch with a beta of 0.15.
  • Evaluation strategy designed that compares aligned model against SFT baseline on a held-out test set.

You receive raw CSV data with three columns: prompt, good_answer, bad_answer. Write a Python function to format this into the specific dictionary structure required by DPO trainers (typically containing prompt, chosen, and rejected keys).

Human raters prefer longer answers. To prevent your model from becoming overly verbose, implement a preprocessing step that filters out any preference pairs where the good_answer is more than twice as long as the bad_answer.

Write the pseudocode to load the necessary models for DPO into memory. You must load both the active policy model and the frozen reference model. Ensure you configure the reference model correctly so it does not consume optimizer memory.

Assume you have access to a function get_batch_logps(). Write the logic to calculate the DPO loss margin for a single batch of data, applying a beta penalty of 0.15.

Design a brief evaluation strategy. How will you empirically prove that your aligned model is better than the baseline SFT model using a held-out test set?

View Solution

Task 1: Format the Preference Data

def format_dpo_dataset(raw_dataset):
formatted_data = []
for row in raw_dataset:
formatted_data.append({
"prompt": row["prompt"],
"chosen": row["good_answer"],
"rejected": row["bad_answer"]
})
return formatted_data

Task 2: Implement Length Normalization

def filter_length_bias(formatted_data):
filtered_data = []
for item in formatted_data:
chosen_len = len(item["chosen"].split())
rejected_len = len(item["rejected"].split())
# Prevent zero division and apply the 2x length constraint
if rejected_len > 0 and (chosen_len / rejected_len) <= 2.0:
filtered_data.append(item)
return filtered_data

Task 3: Initialize the Models

import torch
from transformers import AutoModelForCausalLM
model_id = "k8s-assistant-sft-v1"
# Load Active Policy Model (requires gradients)
policy_model = AutoModelForCausalLM.from_pretrained(
model_id,
device_map="auto"
)
# Load Frozen Reference Model (no gradients required)
reference_model = AutoModelForCausalLM.from_pretrained(
model_id,
device_map="auto"
)
reference_model.eval()
for param in reference_model.parameters():
param.requires_grad = False

Task 4: Execute the Alignment Step

import torch.nn.functional as F
def step_dpo(batch, policy_model, ref_model, beta=0.15):
# Retrieve log probabilities for the batch
pol_chosen_logps = get_batch_logps(policy_model, batch["prompt"], batch["chosen"])
pol_rejected_logps = get_batch_logps(policy_model, batch["prompt"], batch["rejected"])
with torch.no_grad():
ref_chosen_logps = get_batch_logps(ref_model, batch["prompt"], batch["chosen"])
ref_rejected_logps = get_batch_logps(ref_model, batch["prompt"], batch["rejected"])
# Calculate margins
pi_logratios = pol_chosen_logps - pol_rejected_logps
ref_logratios = ref_chosen_logps - ref_rejected_logps
logits = pi_logratios - ref_logratios
# Calculate loss
loss = -F.logsigmoid(beta * logits).mean()
return loss

Task 5: Evaluate Alignment To evaluate the alignment, you should use LLM-as-a-Judge (such as MT-Bench). Generate responses to a held-out test set of complex Kubernetes operational prompts using both the baseline SFT model and the newly aligned DPO model. Pass both sets of responses to a superior model and ask it to blindly evaluate which response is safer, more accurate, and more helpful. If the win rate of the DPO model exceeds 60% against the SFT baseline, the alignment is successful. Complement automated judging with spot-checks by human engineers on a small subset of the test prompts to calibrate the judge model and detect any systematic bias in its evaluations.

Now that you understand how reinforcement learning and preference optimization align models to human values, the next step is mastering the generation techniques that aligned models enable in production. Continue to Advanced Generation Techniques, where we explore constrained decoding, speculative sampling, and structured output generation for deployed language models.