AntFleet

Disagreement · d9ae4fa5-openai-0

Provider selection can oversubscribe maxConcurrency when all providers are full

mismatch
repo 56f59a0d·PR #3·reviewed 4 days ago

Primary finding

Provider selection can oversubscribe maxConcurrency when all providers are full

highconcurrencyhigh
  • src/providers/orchestrator.ts:197-201
  • src/providers/orchestrator.ts:203-209
When every provider has reached its maxConcurrency, the code rebuilds the eligible set ignoring the concurrency check, allowing providers already at their concurrency limit to be selected. Since the send/stream loops increment activeConcurrency without rechecking, this can push a provider beyond its configured maxConcurrency, violating the throttle and risking overload.

Recommendation

When repopulating eligible after an empty set, do not ignore maxConcurrency. Instead, either: (a) include only providers with status !== 'down' AND activeConcurrency < maxConcurrency but allow degraded status; or (b) if you must relax constraints, relax status (include degraded) but keep the concurrency guard. Alternatively, enqueue or short-circuit with a clear overload error.

Counterpart finding

deterministic mode still iterates remaining candidates after first failure instead of failing fast

mediumbughigh
  • src/providers/orchestrator.ts:200-220
  • src/providers/orchestrator.ts:440-460
selectProvider returns a single candidate for deterministic mode, so the deterministic-mode check in catch is technically reached only on that single candidate (and throws). That's fine, but the comment 'Deterministic mode: don't fallback (except hard 5xx)' is misleading — there is no hard-5xx exception; it always throws. The deceptive comment may lead callers to believe deterministic mode falls back on 5xx, which it does not.

Recommendation

Either implement the documented 5xx-fallback behavior or correct the comment to 'never falls back'.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗