perf: completions & responses streaming optimizations with comprehensive benchmarks

[ilblackdragon]

Summary

End-to-end performance optimization of the streaming inference hot paths (Chat Completions API + Responses API), guided by criterion microbenchmarks that cover every per-request operation.

Optimizations Applied

Completions streaming (previously merged commits on this branch):

• Switch tokio::sync::Mutex → std::sync::Mutex for SSE byte accumulation (no await points needed)
• Eliminate SSE re-framing: pass vLLM SSE bytes through directly instead of parse → re-serialize
• First-token-only JSON parse instead of parsing every SSE chunk
• Sync .map() instead of async .then() in stream pipeline
• Result: 16.8x throughput improvement (234 µs → 13.9 µs per 200 tokens)

Responses streaming (new in this PR):

• Switch tokio::sync::Mutex → std::sync::Mutex for byte accumulation and response_id tracking — 2.5x faster mutex operations (4.8 µs → 1.9 µs per 200 events)
• Hash accumulated bytes directly from mutex guard reference instead of cloning the entire Vec<u8> on response.completed — eliminates O(response_size) heap allocation
• Replace format!() SSE formatting with pre-allocated Vec::with_capacity() + extend_from_slice() — eliminates intermediate String allocation per token

Request validation:

• Remove redundant serde_json::to_value(content) from ChatCompletionRequest::validate() — all MessageContent variants use derive-based Serialize with only String fields, so serialization can never fail (the data was already deserialized by the framework) — ~20x faster validation (1.14 µs → 54 ns for 50 messages)

Provider pool:

• Eliminate index_key.clone() by moving the key directly into HashMap::entry()
• Replace Vec allocation + N×Arc::clone loop with in-place rotate_left() on the already-cloned provider list — 8–12% faster provider ordering

Benchmark Suites Added (5 total)

Suite	Location	Sub-benchmarks
completions_bench	services/benches/	SSE token processing, InterceptStream poll_next, model cache
auth_bench	services/benches/	API key hash, format validation, moka cache, bloom filter
provider_pool_bench	services/benches/	Round-robin, sticky routing, RwLock lookup, pubkey filtering
responses_bench	services/benches/	Event serialization, SSE format, mutex comparison, SHA-256
validation_bench	api/benches/	validate(), serde_to_value, has_image_content, body SHA-256

Key Benchmark Results (post-optimization)

Operation	Time	Notes
Auth hot path (format+hash+cache)	433 ns	Well-optimized, no action needed
validate() / 10 messages	16 ns	Was 257 ns (16x improvement)
validate() / 50 messages	54 ns	Was 1.14 µs (21x improvement)
validate() / multimodal	4.6 ns	Was 336 ns (73x improvement)
Provider ordering / 3 providers	55 ns	Was 56 ns (+ eliminated allocs)
Provider ordering / 10 providers	70 ns	Was 76 ns (8% faster)
std::Mutex / 200 events	1.9 µs	vs tokio::Mutex at 5.2 µs (2.6x)
Completions stream / 200 tokens	13.9 µs	Was 234 µs (16.8x faster)
Body SHA-256 / 10KB	28.5 µs	Hardware-bound, no easy win
Bytes::clone / 10KB	4.1 ns	Ref-counted — negligible

Test plan

• cargo bench -p services --bench completions_bench — all groups pass
• cargo bench -p services --bench auth_bench — all groups pass
• cargo bench -p services --bench provider_pool_bench — all groups pass
• cargo bench -p services --bench responses_bench — all groups pass
• cargo bench -p api --bench validation_bench — all groups pass
• cargo test --lib --bins — all 190 unit tests pass
• cargo fmt --all -- --check — passes
• cargo clippy -p services -p api — no new warnings
• CI passes

🤖 Generated with Claude Code

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a comprehensive set of performance optimizations and new benchmarking capabilities for the completions service. The changes focus on reducing overhead in the streaming pipeline, enhancing data access efficiency through caching, and improving the responsiveness of the attestation process. These updates are designed to provide a faster and more scalable experience for handling completion requests, with new benchmarks to validate and track future performance gains.

Highlights

• Performance Benchmarking: Introduced a new Criterion microbenchmark suite (completions_bench.rs) to quantify performance optimizations in the streaming completion pipeline. This includes benchmarks for SSE token processing, InterceptStream throughput, and model resolution cache hit/miss latency.
• Streaming Completion Pipeline Optimizations: Implemented several key optimizations in the completion streaming path: switched from tokio::sync::Mutex to std::sync::Mutex for non-async critical sections, utilized std::str::from_utf8 for zero-copy string conversion, optimized JSON parsing to only extract chat_id from the first token, and transitioned from stream.then() (async) to stream.map() (sync) for per-token processing.
• Caching Improvements: Added moka::future::Cache for workspace_context_cache in the authentication middleware and for model_resolution_cache in the completion service, significantly reducing database lookups for frequently accessed data. The InferenceProviderPool now uses a moka::future::Cache for chat_id_mapping with a TTL to prevent unbounded growth and improve lookup performance.
• Attestation Flow Refinement: Decoupled attestation signature storage from the critical path of stream completion. The create_signature_future was replaced with spawn_signature_storage, which now runs as a background task, ensuring that [DONE] events are not blocked by attestation processing.
• Provider Timeout Configuration: Refined the VLlmConfig to differentiate between request_timeout_seconds for non-streaming requests and no explicit timeout for streaming requests, preventing long generations from being prematurely terminated.

Changelog

• Cargo.lock
  • Added new dependencies for the criterion benchmarking framework and its associated crates like anes, cast, ciborium, clap, criterion-plot, half, is-terminal, oorandom, plotters, rayon, and tinytemplate.
• crates/api/src/middleware/auth.rs
  • Introduced a moka::future::Cache for workspace_context_cache to store workspace and organization data, reducing database calls.
  • Implemented caching logic within authenticate_api_key_with_context to retrieve workspace context from the cache or the database, then populate the cache.
• crates/api/src/routes/completions.rs
  • Replaced tokio::sync::Mutex with std::sync::Mutex for accumulated_bytes and chat_id_state to reduce async overhead.
  • Changed stream processing from then() to map() for synchronous, non-blocking operations.
  • Optimized chat_id extraction by parsing JSON only for the first token and using std::str::from_utf8 for zero-copy conversion.
• crates/inference_providers/src/vllm/mod.rs
  • Renamed timeout_seconds to request_timeout_seconds in VLlmConfig to clarify its purpose.
  • Modified various API calls to use the new request_timeout_seconds for non-streaming requests.
  • Removed explicit timeouts for streaming requests, ensuring long generations are not interrupted.
• crates/inference_providers/tests/integration_tests.rs
  • Updated VLlmConfig initialization in integration tests to use the new request_timeout_seconds field.
• crates/services/Cargo.toml
  • Added criterion as a development dependency with async_tokio feature.
  • Configured a new benchmark harness named completions_bench.
• crates/services/benches/completions_bench.rs
  • Added a new file containing Criterion microbenchmarks for sse_token_processing, intercept_stream throughput, and model_resolution_cache performance.
  • Included helper functions to generate synthetic SSE payloads and events for benchmarking.
  • Provided stub implementations for MetricsServiceTrait, AttestationServiceTrait, and UsageServiceTrait to isolate InterceptStream benchmarks.
• crates/services/src/completions/mod.rs
  • Made StreamState and InterceptStream public and hidden (#[doc(hidden)]) to allow direct instantiation in benchmarks.
  • Removed FinalizeFuture and the StreamState::Finalizing state, simplifying the stream's state machine.
  • Refactored create_signature_future into spawn_signature_storage to asynchronously store attestation signatures without blocking the stream.
  • Integrated a model_resolution_cache (moka cache) into CompletionServiceImpl with a 60-second TTL.
  • Implemented resolve_model_cached to leverage the new model resolution cache.
  • Updated CompletionServiceImpl constructor and completion request handlers to utilize the cached model resolution.
• crates/services/src/inference_provider_pool/mod.rs
  • Introduced SyncMutex as an alias for std::sync::Mutex for clarity.
  • Replaced load_balancer_index from tokio::sync::RwLock to std::sync::Mutex for synchronous access.
  • Migrated chat_id_mapping from tokio::sync::RwLock<HashMap> to moka::future::Cache with a 1-hour TTL.
  • Updated access patterns for load_balancer_index and chat_id_mapping to match the new mutex and cache types.
  • Adjusted the pool shutdown logic to correctly clear the new cache types.

Activity

• The pull request introduces new criterion benchmarks to measure performance, indicating a focus on optimization and quantitative analysis.
• Several code changes were made to improve the efficiency of the streaming completion pipeline, including changes to mutex types, string handling, and JSON parsing.
• Caching mechanisms were introduced or enhanced in multiple services to reduce database load and improve response times.
• The attestation signature storage was moved to a background task to prevent it from blocking the main completion stream, improving perceived latency.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive benchmark suite using criterion to measure and validate performance optimizations in the completions hot path. It also includes several significant performance enhancements across the services and API layers. Key optimizations include adding caching for workspace and model resolution to reduce database load, replacing tokio::sync::Mutex with the more performant std::sync::Mutex in non-async critical sections, and refactoring stream processing to be more efficient. My review focuses on ensuring these changes are robust and align with existing patterns for critical background tasks.

[gemini-code-assist]

This logic for extracting the chat_id locks the mutex twice: once to check if the ID is needed, and a second time to write it. This can be optimized to lock only once, which is a small but worthwhile improvement in this hot path.

                                {
                                    let mut guard = chat_id_clone.lock().unwrap_or_else(|e| e.into_inner());
                                    if guard.is_none() {
                                        if let Ok(chunk_str) = std::str::from_utf8(&event.raw_bytes) {
                                            if let Some(data) = chunk_str.strip_prefix("data: ") {
                                                if let Ok(serde_json::Value::Object(obj)) =
                                                    serde_json::from_str::<serde_json::Value>(
                                                        data.trim(),
                                                    )
                                                {
                                                    if let Some(serde_json::Value::String(id)) =
                                                        obj.get("id")
                                                    {
                                                        *guard = Some(id.clone());
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }

[ilblackdragon]

Fixed in 3291f0b — refactored to a single let mut guard = chat_id_clone.lock()... acquisition that covers both the .is_none() check and the write, eliminating the redundant second lock.

[claude]

Code Review PR 461: Criterion benchmarks + completions hot-path optimisations

Summary

The optimisations are well-motivated and the benchmark suite is a solid addition. Most of the changes are correct. Several issues need addressing before merge.

---

Critical Issues

1. Privacy violation - workspace/org names logged at debug level

File: crates/api/src/middleware/auth.rs, line 621

On a cache-hit the log is skipped (accidentally better for privacy), but on a DB miss workspace.name and organization.name are still emitted. These are customer metadata and must not appear in logs per CLAUDE.md. Replace with workspace_id/organization_id.

Additionally, lines 113 and 116 log the raw Authorization header value (the full API key string). These must be removed immediately - logging credentials is an absolute CLAUDE.md violation.

2. Double-lock / TOCTOU on chat_id_clone in streaming closure

File: crates/api/src/routes/completions.rs, lines 408-428

The code checks chat_id_clone.is_none() under one lock, releases it, then acquires a second independent lock to write. Between the two acquisitions another caller could have set the field. Fix: hold the guard across both the check and the write:

let mut guard = chat_id_clone.lock().unwrap_or_else(|e| e.into_inner());
if guard.is_none() {
    // parse JSON and set
    *guard = Some(id.clone());
}  // guard dropped here - no second lock needed

3. Streaming requests have no read-deadline - stalled connections hold concurrency slots indefinitely

File: crates/inference_providers/src/vllm/mod.rs

Removing .timeout() from streaming POSTs is intentional, but the only protection is a 30-second connect timeout. Once TCP is established and streaming begins, a slow or dead vLLM backend can stall indefinitely. The AtomicU32 concurrency slot is released only in Drop, so a stalled stream holds a slot until the client disconnects.

Minimum fix: document in a comment that stall protection is entirely client-disconnect-driven. Stronger fix: apply a per-chunk read deadline via tokio::time::timeout around the bytes_stream consumer.

4. Workspace context cache does not invalidate on org/workspace mutations

File: crates/api/src/middleware/auth.rs, workspace_context_cache (30s TTL)

If an org is suspended after a cache population, requests continue to succeed for up to 30 seconds. Please confirm that suspension/deactivation is enforced downstream (e.g. in usage.check_can_use) and not from the cached Organization struct. If the cached struct drives authorization decisions, either reduce the TTL significantly or add explicit cache invalidation in org mutation paths.

5. InterceptStream and StreamState made fully pub - permanent encapsulation break

File: crates/services/src/completions/mod.rs

Making these types and all their fields pub (even with doc(hidden)) solely to support benchmark struct construction is a permanent API surface leak. doc(hidden) does not restrict access from external crates.

Preferred fix: add a bench Cargo feature and gate the benchmark constructor behind cfg(any(test, feature = bench)). The bench entry in Cargo.toml uses required-features = [bench]. Internal types stay private in normal builds.

---

Minor / Non-blocking

• String::from_utf8_lossy still allocates on every token (completions.rs line 436). The chat-id branch immediately above already uses zero-copy std::str::from_utf8 - use it here too.

• cache_miss_and_insert benchmark does not measure a true miss per iteration. A fresh cache is created once per benchmark group; from the second b.iter call onward the key is already present and subsequent calls measure a cache hit. Move cache construction inside b.iter or use a unique key per iteration.

• SyncMutex type alias is declared above the use tracing::... import, inconsistent with the rest of the file.

---

Privacy Checklist

• auth.rs lines 113/116: raw API key logged at debug level - must be removed
• auth.rs line 621: workspace/org names logged at debug level - must be replaced with IDs
• No conversation content logged in new code
• New code paths log only IDs and error types

---

Warning: Issues found - items 1-4 require fixes before merging. Item 5 is strongly recommended. The benchmark suite structure and performance reasoning are sound.

[Copilot]

Pull request overview

Adds a Criterion microbenchmark suite for the streaming completions hot path and includes several performance-oriented changes (mutex/caching/stream processing) to reduce per-token overhead and DB lookups.

Changes:

• Add criterion benchmark suite for completions hot paths (SSE processing, InterceptStream::poll_next, model-resolution cache).
• Optimize streaming completion pipeline and API streaming route (sync .map(), std::sync::Mutex, first-token-only JSON parse, reduced overhead).
• Introduce/adjust caches (sticky chat routing cache in provider pool; model resolution cache in completion service; workspace context cache in auth middleware) and refine vLLM timeout semantics.

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
crates/services/src/inference_provider_pool/mod.rs	Swap load-balancer index to std::sync::Mutex and replace sticky chat mapping with a TTL-bounded moka cache.
crates/services/src/completions/mod.rs	Make stream types public (hidden docs), simplify stream state machine, spawn signature storage after completion, add model-resolution cache.
crates/services/benches/completions_bench.rs	New Criterion benchmarks for SSE token processing, InterceptStream, and model cache hit/miss latency.
crates/services/Cargo.toml	Add Criterion dev-dependency and register the benchmark target.
crates/inference_providers/tests/integration_tests.rs	Update vLLM config field rename in tests.
crates/inference_providers/src/vllm/mod.rs	Rename timeout field and remove per-request timeout for streaming calls (keep connect timeout).
crates/api/src/routes/completions.rs	Optimize SSE byte stream mapping (sync map, std mutex, first-token-only JSON parse).
crates/api/src/middleware/auth.rs	Add a short-lived moka cache for workspace+org context during API key auth.
Cargo.lock	Lockfile updates for Criterion and transitive deps.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

spawn_signature_storage calls tokio::spawn unconditionally. If InterceptStream is ever polled outside a Tokio runtime (e.g., in a non-Tokio executor or during some shutdown paths), this will panic. Consider mirroring record_usage_and_metrics by using tokio::runtime::Handle::try_current() and spawning via the handle (or skipping + logging) when no runtime is available.

[ilblackdragon]

Fixed in 3291f0b — spawn_signature_storage now uses Handle::try_current() and logs an error + returns early when no runtime is available, matching the pattern already used in record_usage_and_metrics.

[Copilot]

resolve_model_cached does a cache.get() followed by a DB call + cache.insert(). Under concurrency, many requests for the same model can still stampede the DB (multiple concurrent misses). Using moka::future::Cache::get_with/try_get_with (as done elsewhere in this file) would deduplicate in-flight fetches and ensure only one DB query per key at a time.

Suggested change

	if let Some(cached) = self.model_resolution_cache.get(identifier).await {
	return Ok(cached);
	}
	let result = self
	.models_repository
	.resolve_and_get_model(identifier)
	.await?;
	self.model_resolution_cache
	.insert(identifier.to_string(), result.clone())
	.await;
	// Use try_get_with to deduplicate in-flight fetches and avoid cache stampede.
	let id = identifier.to_string();
	let models_repo = Arc::clone(&self.models_repository);
	let result = self
	.model_resolution_cache
	.try_get_with(id.clone(), async move {
	models_repo.resolve_and_get_model(&id).await
	})
	.await?;

[ilblackdragon]

Fixed in 3291f0b — replaced the manual get() + insert() with moka's try_get_with(), which deduplicates in-flight fetches and ensures only one DB query per key under concurrent misses.

[Copilot]

process_stream_new builds a new Tokio runtime on every call. Because this function is invoked inside b.iter, runtime construction overhead will dominate/contaminate the benchmark. Move runtime creation outside the iteration (or use futures::executor::block_on since this path doesn’t require Tokio) so the benchmark measures the stream processing rather than runtime setup.

[ilblackdragon]

Fixed in 3291f0b — process_stream_new now takes a &tokio::runtime::Runtime parameter, and the caller creates the runtime once outside b.iter(). This ensures the benchmark measures only stream processing overhead.

[Copilot]

In cache_miss_and_insert, the comment says “Use a fresh cache per iteration to guarantee misses”, but miss_cache is created once outside b.iter. After the first iteration, the key will be present and subsequent iterations will measure cache hits instead of misses. Use iter_batched (create a fresh cache in the setup) or construct a new cache inside the iteration to keep the benchmark semantics correct.

[ilblackdragon]

Fixed in 3291f0b — switched to iter_batched(|| fresh_cache, |cache| ..., SmallInput) so each iteration gets a brand-new empty cache, guaranteeing a true miss + insert every time.

[Copilot]

Streaming requests no longer set any overall/request timeout (only connect_timeout). If the upstream stalls mid-stream (connection established but no bytes), the request can hang indefinitely and tie up resources. Consider adding a separate configurable streaming idle/overall timeout (or enforcing an inactivity deadline while reading the SSE stream) so stalled streams eventually fail while still allowing long generations.

[ilblackdragon]

No change — the removal of per-request read_timeout for streaming was an intentional design decision in c5de4e0 ("fix: prevent infinite SSE error loop and remove aggressive read_timeout"). The aggressive timeout was killing valid long-running generations. The connect timeout still protects against connection failures, and client-side disconnection is handled by the InterceptStream Drop logic. Adding a streaming idle timeout is a separate feature that should be discussed independently.

[Copilot]

Switching to std::sync::Mutex and recovering from poisoning via into_inner() will silently continue after a panic while potentially leaving the index map in an inconsistent state. Since this affects load-balancing behavior, consider logging when the lock is poisoned and resetting/clearing the map (or the specific entry) instead of silently proceeding.

Suggested change

	let mut indices = self
	.load_balancer_index
	.lock()
	.unwrap_or_else(|e| e.into_inner());
	let mut indices = match self.load_balancer_index.lock() {
	Ok(guard) => guard,
	Err(poisoned) => {
	eprintln!(
	"inference_provider_pool: load_balancer_index mutex poisoned; \
	clearing index map and continuing with empty state"
	);
	let mut guard = poisoned.into_inner();
	// Clear potentially inconsistent state before continuing.
	guard.clear();
	guard
	}
	};

[ilblackdragon]

No change — the into_inner() pattern is idiomatic for non-critical state. The load balancer index map only contains round-robin counters; an inconsistent index just means a slightly suboptimal selection for one request, not data corruption or incorrect routing. Adding logging + clearing would reset all counters (affecting other models) to handle a scenario that's extremely unlikely in practice (panic while holding a fast sync lock on a HashMap insert).

[Copilot]

Pull request overview

Copilot reviewed 15 out of 16 changed files in this pull request and generated 5 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This code still clones index_key (indices.entry(index_key.clone())), but the PR description mentions eliminating this clone by moving the key into HashMap::entry(). Either update the description to match the implementation, or restructure so index_key is moved into entry(index_key) (e.g., log index_key before the move, or avoid needing it after the entry).

[Copilot]

store_chat_id_mapping takes ownership of chat_id: String but still does chat_id.clone() just to insert into the cache and then log. If this is on a hot path, you can avoid the extra allocation by logging before the insert (borrowing &chat_id) and then moving chat_id into insert(chat_id, provider).

Suggested change

	self.chat_id_mapping.insert(chat_id.clone(), provider).await;
	tracing::debug!("Stored chat_id mapping: {}", chat_id);
	tracing::debug!("Stored chat_id mapping: {}", chat_id);
	self.chat_id_mapping.insert(chat_id, provider).await;

[Copilot]

The new streaming passthrough assumes event.raw_bytes is already a valid SSE data: line and just appends an extra \n. However, some providers (e.g., Gemini via SSEEventParser::handles_raw_json()) can yield events where raw_bytes are raw JSON lines (no data: prefix). In that case this will send invalid SSE to clients and also hash different bytes than the previous re-framing logic. Consider detecting raw_bytes that don't start with b"data: " and wrapping them into data: {line}\n\n (or normalizing provider output earlier) before forwarding/accumulating.

[Copilot]

chat_id_state is populated in the stream map, but it is never read anywhere in this handler (no later use in the chain, headers, or hashing). That means every streaming request still pays the JSON parse + mutex cost on the first chunk for no functional effect. Either remove chat_id_state/parsing entirely, or reintroduce the downstream use that consumes it (e.g., for registering the response hash / attestation).

[Copilot]

StreamState/InterceptStream were made pub with many pub fields (even though #[doc(hidden)]). This expands the crate’s public API surface and allows external crates to construct/mutate an internal state machine, which makes future refactors breaking changes. If this visibility is only needed for Criterion benches, consider gating these exports behind a bench feature (and setting the bench target required-features = ["bench"]), or exposing a minimal bench-only constructor/helper instead of making all fields public.