The Latticework A Mental-Models Reading · July 2026
Tap edges or swipe ← →
Field Note № 21 · Infrastructure & Reliability

Three Overlapping Bugs.

A latticework reading of Anthropic Engineering's postmortem on three concurrent bugs that degraded Claude — what complex systems, masking failures, and the privacy–observability trade-off look like from the inside.

1 / 7
Illustrative timeline of events on the Claude API

Anthropic Engineering · Published September 17, 2025

3Separate bugs
16%Peak requests hit (Aug 31)
30%Claude Code users affected
Sep 4First fix deployed
2 / 7
I · The Frame

What this postmortem is really about.

Between August and early September 2025, three infrastructure bugs degraded Claude's response quality for a meaningful fraction of users. Anthropic published this postmortem — unusually detailed for the company — to explain what went wrong, why detection and resolution took longer than expected, and what is being changed. It is a good-faith engineering account. It is also, for the latticework, something more: a clean case study in how complex systems fail in ways that resist conventional diagnostic tools, and how institutional constraints can make good engineering harder even when everyone is trying.

Three themes run through it. The first is the interaction of concurrent failures: none of the three bugs was catastrophic alone, but their overlap created a confusing mix of symptoms across different platforms and traffic rates, making root-cause analysis genuinely hard. The second is the masking bug pattern — a December 2024 workaround had been inadvertently hiding the deeper August bug for eight months; removing the workaround exposed what it had been concealing. The third is a privacy–observability trade-off that Anthropic names directly: their own privacy controls limited engineers' ability to examine the interactions where problems were occurring.

Each theme has a natural home in the latticework. What follows traces which existing models the postmortem amplifies, which it troubles, and which new ones it earns.

3 / 7
II · The Reinforced

Old models, sharper edges.

Complex systems thinking predicts that concurrent, loosely-coupled failures are harder to diagnose than isolated failures. The postmortem confirms this precisely. Bug 1 (context window routing) was present from August 5. Bugs 2 and 3 (output corruption and approximate top-k miscompilation) arrived on August 25 and 26. None was easily distinguishable from the others in user reports. A standard load balancing change on August 29 amplified Bug 1's blast radius, which then dominated the symptom picture and obscured the other two. Second-order effects — the load balancer change was routine; its interaction with the pre-existing routing bug was not — did most of the damage.

On August 5, some Sonnet 4 requests were misrouted to servers configured for the upcoming 1M token context window…
On August 5, some Sonnet 4 requests were misrouted to servers configured for the upcoming 1M token context window. This bug initially affected 0.8% of requests. On August 29, a routine load balancing change unintentionally increased the number of short-context requests routed to the 1M context servers. At the worst impacted hour on August 31, 16% of Sonnet 4 requests were affected. Approximately 30% of Claude Code users who made requests during this period had at least one message routed to the wrong server type, resulting in degraded responses. Our routing is 'sticky': once a request was served by the incorrect server, subsequent follow-ups were likely served by the same incorrect server.

Feedback from the outside is amplified here in an interesting direction. The team's own evaluations failed to catch the degradation, but user reports — the “noisy” signal that is ordinarily discounted as hard to interpret — turned out to be the most reliable early signal. This reverses the usual epistemic hierarchy: internal benchmarks gave false confidence; informal user reports from forums and feedback channels were accurate before internal metrics caught up. The postmortem explicitly endorses this: “We need continuous signal from users when responses from Claude aren't up to the usual standard.”

Honesty under pressure is perhaps the quietest amplification. Anthropic states plainly: “In these recent incidents, we didn't meet that bar.” They decline to cushion this with passive constructions. The postmortem names specific failures, specific timelines, and specific engineers. This kind of institutional candour is comparatively rare and worth noting as a model for how post-failure communication can be done.

4 / 7
III · The Contradicted

Models that do not survive intact.

Canary testing as sufficient gets a clean counterexample here. Standard practice is to deploy to a small group first, observe, and only then widen. All three bugs passed through canary deployment. The reason is not that canary testing was poorly executed: it is that “Claude often recovers well from isolated mistakes,” so even degraded versions looked acceptable in small-sample evaluation. Benchmarks as ground truth is similarly troubled: the internal evaluations Anthropic ran did not capture what users were experiencing. Benchmarks measure what they measure; they do not automatically measure what matters to users in production.

Although we were aware of an increase in reports online, we lacked a clear way to connect these to each of our recent changes…
Our validation process ordinarily relies on benchmarks alongside safety evaluations and performance metrics. Engineering teams perform spot checks and deploy to small 'canary' groups first. These issues exposed critical gaps that we should have identified earlier. The evaluations we ran simply didn't capture the degradation users were reporting, in part because Claude often recovers well from isolated mistakes. Our own privacy practices also created challenges in investigating reports. Our internal privacy and security controls limit how and when engineers can access user interactions with Claude, in particular when those interactions are not reported to us as feedback. This protects user privacy but prevents engineers from examining the problematic interactions needed to identify or reproduce bugs.

Privacy and observability as non-conflicting goods is the sharpest overturn. Anthropic's privacy controls — which limit engineers' access to user interactions — are genuinely important and correctly implemented. But those same controls made it harder to investigate reports of degraded behaviour, because the interactions where problems were occurring were exactly the ones engineers could not easily examine. This is not a failure of privacy design; it is a genuine trade-off that the postmortem names honestly. Any system with strong user-data privacy constraints faces this: the information most useful for debugging is often the most protected.

Finally, the completeness of internal signal. There is a common assumption that a well-instrumented system will surface its own failures. These bugs falsified that assumption: “we lacked a clear way to connect [online reports] to each of our recent changes.” Good telemetry is necessary but not sufficient. Failures that manifest as subtle quality degradation — responses that are a little worse, not completely broken — may be invisible to uptime monitors and latency dashboards for weeks.

5 / 7
IV · The New

New entries for the latticework.

The most technically distinct new model here is precision arithmetic as a source of non-determinism. The XLA:TPU compiler bug arose because bf16 and fp32 arithmetic do not agree on which token has the highest probability, and whether the performance optimisation flag xla_allow_excess_precision is enabled determines which precision each operation uses. The bug was non-deterministic: the same prompt might succeed on one request and fail on the next, depending on batch size, surrounding operations, and whether debugging tools were active. This is a warning about the assumption that “floating-point is just arithmetic”: at the level of ML inference at scale, precision choices interact with compiler optimisations in ways that can change which token is selected, non-reproducibly.

Our models compute next-token probabilities in bf16. However, the vector processor is fp32-native, so the XLA compiler can optimize by converting some operations to fp32…
Our models compute next-token probabilities in bf16 (16-bit floating point). However, the vector processor is fp32-native, so the TPU compiler (XLA) can optimize runtime by converting some operations to fp32 (32-bit). This optimization pass is guarded by the xla_allow_excess_precision flag which defaults to true. This caused a mismatch: operations that should have agreed on the highest probability token were running at different precision levels. The precision mismatch meant they didn't agree on which token had the highest probability. This caused the highest probability token to sometimes disappear from consideration entirely.

The second new entry is the masking bug pattern. A December 2024 workaround was deployed to fix a dropped-token bug. It worked as intended. But by working, it inadvertently concealed a deeper bug in the approximate top-k operation — a bug that had been there all along but whose effects were suppressed by the workaround. When the August rewrite removed the workaround (correctly, because the root cause was believed solved), the deeper bug became visible. Workarounds can mask problems that will re-emerge when the workaround is eventually removed: the fix that hides the symptom may also delay the discovery of the underlying cause.

In December 2024, we discovered our TPU implementation would occasionally drop the most probable token when temperature was zero. We deployed a workaround to fix this case…
In December 2024, we discovered our TPU implementation would occasionally drop the most probable token when temperature was zero. We deployed a workaround to fix this case. On August 26, we deployed a rewrite of our sampling code to fix the precision issues. But in fixing these problems, we exposed a trickier one: our fix removed the December workaround because we believed we'd solved the root cause. This led to a deeper bug in the approximate top-k operation — a performance optimization that quickly finds the highest probability tokens. This approximation sometimes returned completely wrong results, but only for certain batch sizes and model configurations. The December workaround had been inadvertently masking this problem.

Third, the privacy–observability trade-off as a named design constraint. Any system that processes user data faces a genuine tension: the same controls that protect user privacy also limit the diagnostic surface available when something goes wrong. This is not resolvable by better engineering; it is a fundamental trade-off that requires explicit architectural decisions about which investigations are permissible, under what conditions, and with what oversight. Anthropic's postmortem is unusually honest about this — it names the constraint rather than pretending it does not exist.

6 / 7
V · The Field Card

When to reach for which.

VI · Coda

The latticework, after the postmortem.

What makes this postmortem worth reading is not the bugs — infrastructure bugs of this kind are more common than public postmortems suggest. It is the honesty about why detection was slow, and the willingness to name the structural constraints (privacy controls, evaluation gaps, routing complexity) that made the bugs hard to see. That kind of institutional candour is itself a model worth adding to the latticework.

We relied too heavily on noisy evaluations. We lacked a clear way to connect community reports to each of our recent changes. Anthropic Engineering, Sep 2025

The latticework, after reading, gains a cleaner vocabulary for a class of failures that are increasingly common as systems grow complex: concurrent failures that interact, workarounds that mask, and privacy constraints that create genuine diagnostic blind spots. These are not exceptional events. They are structural features of the kind of systems we are building. The models to reach for are complex systems thinking, the masking bug, and the privacy–observability trade-off — and the first step is naming them as design constraints, not engineering failures.

7 / 7