fix(p3-async): mixed-mode stackful, type classification, stream-write over-count#153
Open
avrabe wants to merge 1 commit into
Open
fix(p3-async): mixed-mode stackful, type classification, stream-write over-count#153avrabe wants to merge 1 commit into
avrabe wants to merge 1 commit into
Conversation
avrabe
added
the
mythos-pass-done
Contributor
Author
|
Mythos delta-pass evidence Tier-5 file touched: A fresh agent ran The agent also verified-and-rejected 3 priors (PAYLOAD_SHIFT docstring vs emitter, missing intrinsic variants, name typos) — those checks remain in the agent transcript and are NOT defects. Adjacent findings not in this PR:
|
Mythos delta-pass requiredThis PR modifies one or more Tier-5 source files (per Before merge, run the Mythos discover protocol on the
Why this gate exists: LS-A-10 The gate check on this PR will pass once the label is |
… over-count Three independent defects in meld-core/src/p3_async.rs surfaced by the post-v0.8.0 Mythos delta-pass on the file. 1. LS-A-12 — P3AsyncFeatures::uses_stackful_lift mis-classifies mixed-mode uses_stackful_lift() was derived as `uses_async_lift && !uses_callback_lift`, a conjunction of two component-wide existential flags. A component that declares one callback-mode async lift AND one stackful-mode async lift sets both flags to true, so the derived predicate returned false even though a stackful lift was present. Fix: new independent field `uses_stackful_lift_internal: bool` set per-lift in detect_features. uses_callback_lift remains "any lift has callback"; uses_stackful_lift_internal is "any lift is stackful". The dispatcher in adapter/fact.rs already routes per-site based on the merged module's [callback]<export> companion, so this never reached the emitter — but downstream consumers following the public API would misroute. Bug shipped in #146 / v0.8.0. 2. LS-A-13 — StreamWriteResult::decode folds over-count into Complete decode(ret, requested) classified any non-negative ret with `written >= requested` as Complete, including the out-of-contract `written > requested` case. A buggy or hostile runtime returning n > data_len would silently drive callers to advance their producer cursor past the source buffer. Fix: split into three explicit arms — `==` => Complete, `<` => Partial, `>` => Unknown(ret). 3. LS-A-14 — detect_features substring matching misclassifies future<stream<...>> detect_features classified P3Async types via desc.contains("stream") / desc.contains("future"). A nested type future<stream<u8>> matched "stream" first and landed in stream_types instead of future_types. Fix: classify on the root constructor of the description (the prefix up to the first '<'), not on substring containment. Tests (4 new): - stackful_lift_is_existential_over_lifts (replaces single-lift test) - ls_a_12_mixed_mode_component_reports_stackful - ls_a_13_stream_write_over_count_is_unknown_not_complete - ls_a_14_future_of_stream_classifies_as_future LS-A-12 / LS-A-13 / LS-A-14 added to safety/stpa/loss-scenarios.yaml. Discovered by the post-v0.8.0 Mythos delta-pass sweep (gate from #151). Refs: LS-A-12, LS-A-13, LS-A-14 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
avrabe
force-pushed
the
fix/p3-async-detection-bugs
branch
from
f7dc651 to
7941f3e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Second fix from the post-v0.8.0 Mythos delta-pass sweep. Three independent
defects in `meld-core/src/p3_async.rs`, all silent (no trap, no validator
catch).
The bugs
Fixes
LS-A-12 — New independent field `uses_stackful_lift_internal: bool`
set per-lift in `detect_features`. `uses_callback_lift` (any lift has
callback) and `uses_stackful_lift_internal` (any lift is stackful) are
now independent. The dispatcher in `adapter/fact.rs` already routes
per-site based on the merged module's `[callback]` companion,
so this never reached the emitter — but downstream consumers following
the public API would misroute. Bug shipped in feat(p3-async): stackful lifting ABI foundation (#140 phase 1) #146 / v0.8.0.
LS-A-13 — Split `>=` check into three explicit arms:
`==` → `Complete`, `<` → `Partial`, `>` → `Unknown(ret)`.
LS-A-14 — Classify on the root constructor (prefix up to first `<`),
not on substring containment.
Tests (4 new)
single-lift truth-table test; covers the mixed-mode case
`detect_features` with both lift kinds
Tier-5 gate
This PR touches `p3_async.rs` (Tier-5). The Mythos gate will fire and
request the `mythos-pass-done` label. The pass IS the work in this PR.
Test plan
Note on overlap with #152
This PR is independent of #152 (extended-const fix). Both add entries
to `safety/stpa/loss-scenarios.yaml` and `CHANGELOG.md` Fixed section.
Whichever merges first wins; the other will need a small textual rebase
(additive only, no real semantic conflict).
Refs
🤖 Generated with Claude Code