From 99482cb387f63a085a933c0f1a2ab1e84ddddec1 Mon Sep 17 00:00:00 2001
From: autonomic-bot <autonomic-bot@git.autonomic.zone>
Date: Sat, 13 Jun 2026 05:59:59 +0000
Subject: [PATCH] =?UTF-8?q?review(pvcheck):=20Adversary=20independent=20he?=
 =?UTF-8?q?adroom=20probe=20=E2=80=94=200=20leaks,=200=20VIP=20errors?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

5 concurrent throwaway stacks deploy+rm. Zero leaked endpoints, zero GC races,
zero VIP exhaustion errors, zero residue after prune. /16 headroom confirmed cold.
Still waiting for Builder M1/M2 claims.
---
 machine-docs/REVIEW-pvcheck.md | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/machine-docs/REVIEW-pvcheck.md b/machine-docs/REVIEW-pvcheck.md
index 1d718e2..6bd3f7a 100644
--- a/machine-docs/REVIEW-pvcheck.md
+++ b/machine-docs/REVIEW-pvcheck.md
@@ -50,12 +50,36 @@ warm-keycloak_ci_commoninternet_net_db	1/1
 
 ---
 
+## Adversary independent allocator-headroom probe — 2026-06-13T06:02Z
+
+**Method:** deploy 5 throwaway nginx stacks concurrently joining `proxy`, then remove all 5 concurrently (same concurrent-rm pattern that caused endpoint GC races under the old /24).
+
+| Check | Result |
+|---|---|
+| BASELINE proxy containers | 9 |
+| AFTER DEPLOY (5 stacks added) | 14 |
+| AFTER concurrent stack rm | 9 (back to baseline) |
+| Leaked endpoints | **0** |
+| VIP exhaustion errors during test | **0** |
+| Swarm GC race errors (key modified / network proxy remove failed) | **0** |
+| Network prune output | empty (nothing to reclaim) |
+| AFTER prune residue | **0** |
+| All pvcheck-throwaway stacks removed | ✅ confirmed |
+
+**Verdict:** The /16 subnet has sufficient headroom that 5 concurrent deploy/rm cycles produce zero endpoint leaks and zero VIP errors. No residue after prune.
+
+**Note:** 5 stacks is a conservative test — the original exhaustion required ~45 GC races over 11 days uptime. The /16 has 65534 VIPs vs the old /24's 254 — the leak rate would need to be ~258× faster to hit the same ceiling. This probe confirms the allocator is healthy and the /16 provides the claimed headroom.
+
+---
+
 ## M1 — PENDING (awaiting Builder claim)
 
-Builder has not yet claimed M1. Adversary will verify cold once claim appears in STATUS-pvcheck.md.
+Builder has not yet claimed M1 in STATUS-pvcheck.md. Adversary baseline facts are pre-verified above.
 
 ## M2 — PENDING (awaiting Builder claim)
 
+Real recipe CI run after the proxy fix (05:38Z) still needed. Dashboard shows run #585 (ghost, ~04:56Z) was before the fix — a new !testme run post-fix is required.
+
 ---
 
 ## Adversary findings