Disagreement · c9663187-anthropic-13

BasePlatform reuses single shared `db_cursor` from background loop, but other handlers also call `_execute_db_command` — concurrent reads will clobber cursor state

mismatch

repo 193af03f·PR #2·reviewed 1 week ago

Primary finding

BasePlatform reuses single shared `db_cursor` from background loop, but other handlers also call `_execute_db_command` — concurrent reads will clobber cursor state

highconcurrencymedium

backend/wonderwall/simulations/base.py:204-215
backend/wonderwall/simulations/polymarket/platform.py:237-260

Although the message loop processes one message at a time (so cursor reuse appears safe within a single handler), `update_rec_table` and other async hooks could be invoked elsewhere. Also, the handler uses `self.db_cursor.fetchone()` immediately after `_execute_db_command` for one query, then another `_execute_db_command` overwrites the cursor state for the next read. This is correct sequentially but if any awaited code between two `_execute_db_command` calls re-enters the platform (e.g., during testing/mocks), the second `_execute_db_command` will clobber pending rows. Multiple sequential reads pattern is brittle.

Recommendation

Use `conn.cursor()` per query (or per handler) instead of a shared cursor. SQLite Python cursors are lightweight.

Counterpart finding

Missing input validation for non-positive trade sizes in buy_shares/sell_shares can raise unhandled ValueError and crash the loop

highapi-contracthigh

backend/wonderwall/simulations/polymarket/amm.py:71-73
backend/wonderwall/simulations/polymarket/platform.py:162-165
backend/wonderwall/simulations/polymarket/amm.py:126-128
backend/wonderwall/simulations/polymarket/platform.py:244-246

quote_buy and quote_sell explicitly raise on non-positive inputs. Platform buy_shares/sell_shares neither validate inputs nor catch these exceptions, and BasePlatform.running does not guard action handlers with try/except. A bad input (0 or negative) can propagate a ValueError and terminate the platform loop.

Recommendation

Add explicit validation in PolymarketPlatform.buy_shares and sell_shares: - If amount_usd <= 0 or num_shares <= 0, return {"success": False, "error": "amount_usd must be positive"} (or similar) without calling the AMM. - Alternatively, wrap the quote_* calls in try/except ValueError and convert to structured error responses.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗