invoke-ai
[bug]: Starter Model, RealESRGAN_x4plus_anime_6B - Fails to install
Is there an existing issue for this problem?
- [x] I have searched the existing issues
Operating system
Linux
GPU vendor
Nvidia (CUDA)
GPU model
Multiple different
GPU VRAM
Multiple different
Version number
5.6.0+
Browser
Multiple (Chrome - Edge - Vivaldi)
Python dependencies
No response
What happened
When you try to install the model from "Starter Models" called "RealESRGAN_x4plus_anime_6B" It fails to install and I get the error:
Model install error The model {model_name} is potentially infected by malware. Aborting import.
"{model_name}" Is exactly what it says, it does not say "RealESRGAN_x4plus_anime_6B" This on multiple different systems since somewhere around version 5.6.0
What you expected to happen
For it to install like it did previously, or for a different anime upscaler to be recommended instead.
How to reproduce the problem
Try to install the "Starter model" called RealESRGAN_x4plus_anime_6B
Additional context
No response
Discord username
No response
I have had another instance of this where the error was more accurate and said..
"Model install error The model RealESRGAN_x4plus_anime_6B is potentially infected by malware. Aborting import.
I get almost the same but in my error message the model name is correct (I have manually masked with xxxx): Model install error The model file "/mnt/xxx/sd3/xxxx_SD35_LoRa_v1/optimizer.pt" is potentially infected by malware. Aborting import
In v5.9.1, we improved the log messages for scan results. Previously, a malware detection or problem scanning the model printed the error in this ticket. In v5.9.1, the logging differentiates between these two cases.
I believe the error when attempting to install these models is a scan error, not a malware detection. It would look like this:
[2025-04-09 09:20:47,636]::[ModelInstallService]::ERROR --> Model install error: https://github.com/xinntao/Real-ESRGAN/releases/download/v0.2.2.4/RealESRGAN_x4plus_anime_6B.pth
Exception: Error scanning model RealESRGAN_x4plus_anime_6B.pth for malware. Aborting import.
The error indicates there is a problem scanning the model - not that malware was detected.
I dug in a bit deeper to understand what is happening. We use picklescan as a best-effort way to scan models for malware. A "pickle" is a kind of file commonly used to share python code or data. Many ML models are distributed as pickles. picklescan attempts to identify suspicious and dangerous code in pickles, reporting on this when it scans.
In the 0.0.19 release of picklescan, its strictness when scanning files increased. It reports more scan errors than before, specifically when it is unable to scan a file. You can see the code that increased the strictness here: https://github.com/mmaitre314/picklescan/pull/33
When I reviewed the scan of RealESRGAN_x4plus_anime_6B.pth in detail, I found that it contains a pickle that was unable to be scanned. Because picklescan cannot scan it, it returns a scan error. It's saying "I am unable to scan this model fully, so there could be malware in the parts of the model I cannot scan".
Invoke errs on the side of caution and thus refuses to install the model.
I think we will just remove this model from the starter models and suggest a different model.
Is there any update on this? I would like to use Invoke but 100% of my models give this "Error scanning model at ... for malware. Aborting install". Perhaps an override option?
