When an LLM 'calls a function,' the arguments can be perfectly valid JSON yet semantically wrong — like a plausible but nonexistent order ID. Why does constrained decoding not catch this, and what would you put in place to handle it?

technical-conceptual · Mid level · data-ml

What the interviewer is really asking

Tests a precise understanding that constrained/schema-guided decoding guarantees syntactic validity but not semantic correctness, and that the candidate knows the real safeguards — application-side validation, error feedback and retry loops, idempotency/confirmation for side-effecting tools — not just 'trust the schema.'

What to say

What to avoid

Example answers

Strong: Constrained decoding only enforces shape — it guarantees the JSON parses and the fields match the schema's types, but it can't know whether order ID 88231 actually exists, so the model can emit a perfectly valid hallucinated value. So I treat tool arguments as untrusted: validate them against real state and business rules before executing. If validation or the tool call fails, I feed the specific error back to the model and let it retry within a step budget. And for anything with side effects I add idempotency keys or a confirmation step, so a wrong call can't double-charge or double-act.

Weak: I'd use the provider's strict structured-output mode so the function arguments always match the schema. Once the JSON is guaranteed valid against the schema, the model can't really pass bad arguments, so the tool just runs.

Want questions matched to your role? Paste a job title, job description, or CV and get a personalized set, or go Pro to unlock the full bank.