feat(ontology): VulkanMod #755 investigation + PHANTOM-EDIT-001 failure log + ACU protocol#91
Conversation
Original prompt from Tony
|
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
devin-ai-integration
Bot
changed the title
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
devin-ai-integration
Bot
force-pushed
the
devin/1775289890-vulkanmod-755-investigation
branch
from
083134a to
279d279
Compare
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
… + investigation report - Updated D_GRAPHICS domain with new categories: dynamic-state, coordinate-transform, mixin-interception, scissor-pipeline - Added new invariant: Scissor rect covariance with PoseStack (S_vulkan = M_pose * S_vanilla) - Added OI_GRAPHICS_002: Vulkan dynamic scissor lacks PoseStack topological awareness - Added CS_GRAPHICS_002: VulkanMod #755 case study - Added F_GRAPHICS_002: Scissor rect covariance falsification test - Created failure_log/PHANTOM_EDIT_001.json documenting Zed IDE session failures - Created automation/zed_commit_gate.py for PHANTOM-EDIT-001 prevention - Created VulkanMod_755_Investigation_Report.json with full gap analysis (confidence: high) Co-Authored-By: Tony Ha <aidoruao@gmail.com>
Adds rules/ACU_SOVEREIGNTY_PROTOCOL.md — a mathematical protocol for optimizing Devin AI agent ACU consumption. Includes pre-flight hashing, atomic task budgets, mock compilation protocol, deterministic retry limits, and the ACU sovereignty formula. Co-Authored-By: Tony Ha <aidoruao@gmail.com>
…sts count - check_uncommitted() now validates git status returncode before parsing output - Updated metadata.total_tests from 115 to 116 to reflect F_GRAPHICS_002 addition Co-Authored-By: Tony Ha <aidoruao@gmail.com>
…t gate Co-Authored-By: Tony Ha <aidoruao@gmail.com>
… present on main Main already contains these entries from a prior commit. Removing the duplicates inserted by this branch to avoid conflicting IDs and statuses. Co-Authored-By: Tony Ha <aidoruao@gmail.com>
devin-ai-integration
Bot
force-pushed
the
devin/1775289890-vulkanmod-755-investigation
branch
from
0f6afae to
742ca2f
Compare
|
Stage E housekeeping: rebased onto current PR is now mergeable with no conflicts. Ready for owner review / merge. |
| if result.returncode != 0: | ||
| print(f"COMMIT GATE: ERROR - git status failed (exit code {result.returncode})") | ||
| print(f"stderr: {result.stderr.strip()}") | ||
| sys.exit(2) |
There was a problem hiding this comment.
📝 Info: Exit code 2 used for both git failure and uncommitted changes
The script documents two exit codes: 0 (all committed) and 2 (boundary violation). At automation/zed_commit_gate.py:28, when git status itself fails (e.g., not in a git repo, git not installed), the script also exits with code 2. This is fail-closed behavior (safe for a security gate), but an external caller cannot distinguish 'git is broken' from 'uncommitted changes exist'. The printed message does distinguish them, so this only affects programmatic callers. Consider using a distinct exit code (e.g., 1) for infrastructure failures vs. actual violations.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Good point. Using exit code 2 for both is intentional fail-closed behavior (security gate should never silently pass), but adding a distinct exit code (e.g., 1 for infrastructure failure vs 2 for boundary violation) would help programmatic callers. Worth a follow-up.
| log_dir = Path("failure_log") | ||
| log_dir.mkdir(exist_ok=True) | ||
| now = datetime.now() | ||
| violation = { | ||
| "timestamp": now.isoformat(), | ||
| "type": "PHANTOM-EDIT-PREVENTION", | ||
| "uncommitted_files": uncommitted, | ||
| "action": "Session blocked until committed" | ||
| } | ||
| log_file = log_dir / f"commit_gate_{now.strftime('%Y%m%d_%H%M%S')}.json" | ||
| log_file.write_text(json.dumps(violation, indent=2)) |
There was a problem hiding this comment.
📝 Info: Commit gate failure logging creates new uncommitted file — potential footgun
When the commit gate detects uncommitted changes (lines 49-59), it writes a new JSON log file to failure_log/. This file itself becomes an uncommitted change. If a developer re-runs the gate after committing only their original changes (e.g., git add myfile && git commit), the gate will fail again because of the new log file — and each failure creates yet another log file. The instructions on line 46 say git add + git commit + git push without specifying which files, so a git add . would capture the log too, but this self-referential behavior could confuse users who selectively stage files. Not a bug per se (the design intent is that all files including logs get committed), but worth documenting explicitly.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Correct — this is by design. The intent is that the violation log itself gets committed in the "fix" commit (i.e., git add . && git commit). The self-referential behavior is a feature: it forces the agent to acknowledge the violation in the commit history. Could add a note to the docstring to make this explicit.
| from pathlib import Path | ||
|
|
||
|
|
||
| def check_uncommitted(): |
There was a problem hiding this comment.
📝 Info: Missing type annotations — not mypy --strict compatible
Both check_uncommitted() (line 20) and main() (line 35) lack return type annotations and parameter type annotations. The repository's rule files (.windsurfrules, .cursorrules, CLAUDE.md) require mypy --strict compatible type annotations. However, the existing automation/ directory files (pr49_guard.py, fallback_light_audit.py, verify_extreme_work.py, zed_incremental_hook.py, etc.) also lack full strict typing, so this is consistent with existing practice in the directory. The strict typing rules appear to be enforced primarily in src/domains/ and axioms/.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Acknowledged. Consistent with existing automation/ scripts which also lack strict typing. The mypy --strict requirement applies to src/domains/ and axioms/ as noted. Can add type annotations in a follow-up if desired.
| log_dir = Path("failure_log") | ||
| log_dir.mkdir(exist_ok=True) | ||
| now = datetime.now() | ||
| violation = { | ||
| "timestamp": now.isoformat(), | ||
| "type": "PHANTOM-EDIT-PREVENTION", | ||
| "uncommitted_files": uncommitted, | ||
| "action": "Session blocked until committed" | ||
| } | ||
| log_file = log_dir / f"commit_gate_{now.strftime('%Y%m%d_%H%M%S')}.json" | ||
| log_file.write_text(json.dumps(violation, indent=2)) | ||
| sys.exit(2) |
There was a problem hiding this comment.
📝 Info: Unhandled I/O exceptions in failure logging could yield unexpected exit code
Lines 49-59 perform file I/O (Path.mkdir, Path.write_text) without any try/except. If the script lacks write permissions to the working directory (e.g., read-only filesystem, restricted CI environment), an unhandled PermissionError or OSError will cause a Python traceback with exit code 1. The documented exit codes are only 0 and 2 (automation/zed_commit_gate.py:9-11), so callers checking for exit code 2 specifically would not detect the failure correctly. The printed FAIL message on lines 41-47 would still appear, so the human-readable output is fine — but automated consumers relying on exit codes would be affected. In practice this is low-risk since the script is typically run inside its own repo where write access exists, but wrapping lines 49-59 in a try/except would make this more robust.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Agreed — wrapping the file I/O in try/except and ensuring exit code 2 on PermissionError/OSError would make this more robust. Low risk in practice (always runs inside its own repo), but a good hardening improvement for a follow-up.
| print("ACTION REQUIRED: git add + git commit + git push before ending session.") | ||
| print("FAILURE CLASS: PHANTOM-EDIT-001") | ||
|
|
||
| log_dir = Path("failure_log") |
There was a problem hiding this comment.
📝 Info: Commit gate writes to failure_log/ using relative path
The commit gate script at automation/zed_commit_gate.py:49 creates failure_log/ relative to the current working directory. If run from a subdirectory (e.g., cd automation && python zed_commit_gate.py), the failure log would be written to automation/failure_log/ instead of the repo root's failure_log/. The script could use Path(__file__).parent.parent / 'failure_log' to anchor to the repo root regardless of CWD. Minor concern for a utility script, but worth noting since the repo already has a failure_log/ directory at root.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Good catch. Using Path(__file__).parent.parent / 'failure_log' to anchor to repo root regardless of CWD would be more robust. The docstring does say "run from repo root" but anchoring to __file__ is safer. Can fix in a follow-up.
| log_dir = Path("failure_log") | ||
| log_dir.mkdir(exist_ok=True) | ||
| now = datetime.now() | ||
| violation = { | ||
| "timestamp": now.isoformat(), | ||
| "type": "PHANTOM-EDIT-PREVENTION", | ||
| "uncommitted_files": uncommitted, | ||
| "action": "Session blocked until committed" | ||
| } | ||
| log_file = log_dir / f"commit_gate_{now.strftime('%Y%m%d_%H%M%S')}.json" | ||
| log_file.write_text(json.dumps(violation, indent=2)) |
There was a problem hiding this comment.
📝 Info: Commit gate log directory (failure_log/) will accumulate files without cleanup
Each time the commit gate fails, a new JSON file is written to failure_log/ with a timestamped filename (automation/zed_commit_gate.py:53). There's no rotation or cleanup mechanism, so repeated failures will accumulate files indefinitely. In an automated agent workflow where this runs frequently, this could create a large number of small files. Not a bug per se, but worth noting for operational hygiene.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
Noted. In practice, each AI session that violates the gate should only produce one log file (the session then commits it). But adding a max-files or rotation policy would be good operational hygiene for edge cases. Can add in a follow-up.
…n fix CHECKPOINT_STAGES_A_THROUGH_G.md documents the full state of the 'finish everything' campaign for cross-session continuity: - Stage A (#141), B (#142), C (#143), F (#148), G (#149) — complete - Stage D (housekeeping, 14 stale PRs + 13 bot issues) — pending - Stage E (non-draft PR review for #91, #85, #26) — pending The checkpoint lists exact resume commands, open threads, and the five-command verification quartet that every resumed session should run before taking new action. STANDARDS_REGISTRY.json: drop a pre-existing duplicate 'total_standards' key at lines 8-9 (59 vs 58) — broken JSON blocked standards_check --verify. Kept the later value (58), which matched the most recent authoring intent. Appended consent-log entry for this change. Not enacting stages D/E in this session; resume from the checkpoint. Co-Authored-By: Tony Ha <aidoruao@gmail.com>
1 participant
Summary
Completes the VulkanMod #755 task schema (Peano gates S0–S19) that two prior Zed IDE AI sessions failed to deliver. Adds ontology entries, a failure audit log, a commit enforcement gate, a full investigation report based on direct source inspection of
xCollateral/VulkanMod, and an ACU optimization protocol.Ontology updates (insertions into existing rich files, no overwrites):
ontology/ontology.json: ExpandedD_GRAPHICSdomain with 4 new categories (dynamic-state,coordinate-transform,mixin-interception,scissor-pipeline) and a new invariant (S_vulkan = M_pose * S_vanilla). AddedOI_GRAPHICS_002issue entry afterOI_GRAPHICS_001.ontology/case_studies.json: AddedCS_GRAPHICS_002documenting the VulkanMod #755 bug, inserted afterCS_GRAPHICS_001.ontology/falsification_tests.json: AddedF_GRAPHICS_002for scissor/PoseStack covariance testing, inserted afterF_GRAPHICS_001. Updatedmetadata.total_testsfrom 115 → 116.New files:
failure_log/PHANTOM_EDIT_001.json— Audit log of two failed Zed IDE sessions (DeepSeek, GPT-o mini) that made edits but never committed.automation/zed_commit_gate.py— Script to detect uncommitted changes at end of AI sessions (exit 2 = boundary violation).VulkanMod_755_Investigation_Report.json— Full gap analysis with call chain, PoseStack availability, and proposed fix (confidence: high).rules/ACU_SOVEREIGNTY_PROTOCOL.md— ACU Sovereignty Protocol v1.0.0 for optimizing Devin agent compute usage (pre-flight indexing, mock compilation, deterministic retry limits, off-chain reasoning bridge, per-gate budgets).Updates since last revision
main, entriesOI_GRAPHICS_002,CS_GRAPHICS_002, andF_GRAPHICS_002existed twice — once from this branch's insertion and once from a prior commit already onmain. Removed the branch's duplicates (which had less complete statuses:Open/investigation/pending) in favor of the pre-existing entries (statuses:Implemented_Pending_Testing/validated/implemented).check_uncommitted()now validatesgit statusreturncode before parsing stdout. Previously, running outside a git repo would silently pass the gate.total_testsmetadata mismatch (Devin Review): Updated count from 115 to 116 to reflect the addition ofF_GRAPHICS_002.zed_commit_gate.pynow capturesdatetime.now()once and reuses it for both the JSON content and the log filename, avoiding possible mismatch across a second boundary.Review & Testing Checklist for Human
OI_GRAPHICS_002,CS_GRAPHICS_002, andF_GRAPHICS_002across all three ontology files. Each ID should appear exactly once. The rebase-introduced duplicates were removed, but verify none slipped through.Kimi Code 2a 4-4-26.txtline-ending change is acceptable — This file shows a full-file diff (1224 lines changed) but the content is unchanged; it's a CRLF → LF line-ending normalization. This was picked up during the rebase. Confirm this is intentional and doesn't affect anything downstream.OI_GRAPHICS_002↔CS_GRAPHICS_002↔F_GRAPHICS_002). Confirm IDs match across all three files and thatmetadata.total_tests(116) matches the actual array length infalsification_tests.json.Renderer.java:806–821,VkRenderPass.java:117–119). These are snapshots from 2026-04-04 and may drift. Spot-check a few against the actual VulkanMod repo.automation/zed_commit_gate.pywrites a violation log tofailure_log/on failure, which itself becomes an uncommitted file. Decide if this is acceptable or if the violation log should go elsewhere (e.g.,/tmp).Suggested test plan: Run
python -m json.toolon each modified JSON file to confirm validity. Runpython automation/zed_commit_gate.pyfrom the repo root (should exit 0 on a clean working tree) and from a non-git directory (should exit 2). Grep for each new ID (OI_GRAPHICS_002,CS_GRAPHICS_002,F_GRAPHICS_002) across the three ontology files to confirm each appears exactly once.Notes
scripts/sanitize_pii.py --dry-run --ci) timed out during local commit (full-repo scan). PII check was run manually on all changed files — no PII found. CI ran the full check and passed.grep/catinspection of VulkanMod'smainbranch as of 2026-04-04.D_GRAPHICSdomain block.Kimi Code 2a 4-4-26.txtline-ending normalization was a side effect of the rebase, not an intentional change in this PR.Link to Devin session: https://app.devin.ai/sessions/d5f71fdef08d44f19bcc36b4e7a00731
Requested by: @aidoruao