vyre-self-substrate 0.6.3

Vyre self-substrate: vyre using its own primitives on its own scheduler problems. The recursion-thesis layer between vyre-primitives and vyre-driver.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429

//! Vyrec parser recovery and semantic invariant safety validation.

use std::collections::BTreeSet;

/// Parser recovery behavior that must be covered.
#[derive(Clone, Copy, Debug, Eq, Ord, PartialEq, PartialOrd)]
pub enum ParserRecoveryCase {
    /// Malformed input emits diagnostics.
    MalformedEmitsDiagnostic,
    /// Malformed input does not produce a fake successful AST.
    NoFakeAstSuccess,
    /// Diagnostic location remains precise after recovery.
    PreciseRecoveryLocation,
}

/// Semantic invariant that must be covered.
#[derive(Clone, Copy, Debug, Eq, Ord, PartialEq, PartialOrd)]
pub enum SemanticInvariantCase {
    /// Invalid lvalue/rvalue state is rejected.
    InvalidLvalueRejected,
    /// Unknown declaration scope is rejected.
    UnknownScopeRejected,
    /// Invalid type conversion state is rejected.
    InvalidConversionRejected,
    /// Conflicting namespace state is rejected.
    ConflictingNamespaceRejected,
}

/// One parser recovery evidence record.
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
pub struct ParserRecoveryRecord<'a> {
    /// Covered case.
    pub case: ParserRecoveryCase,
    /// Exact cargo_full command.
    pub command: &'a str,
    /// Evidence path.
    pub evidence: &'a str,
}

/// One semantic invariant evidence record.
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
pub struct SemanticInvariantRecord<'a> {
    /// Covered invariant.
    pub case: SemanticInvariantCase,
    /// Exact cargo_full command.
    pub command: &'a str,
    /// Evidence path.
    pub evidence: &'a str,
}

/// Parser/semantic safety proof.
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
pub struct ParserSemanticSafetyProof {
    /// Parser recovery case count.
    pub parser_case_count: usize,
    /// Semantic invariant count.
    pub semantic_case_count: usize,
}

/// Committed parser/semantic source-safety proof.
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
pub struct ParserSemanticSourceSafetyProof {
    /// Assertion marker count in committed semantic safety tests.
    pub assertion_marker_count: usize,
}

/// Parser/semantic safety validation errors.
#[derive(Clone, Debug, Eq, PartialEq)]
pub enum ParserSemanticSafetyError {
    /// Parser records are empty.
    EmptyParserRecords,
    /// Semantic records are empty.
    EmptySemanticRecords,
    /// Command/evidence metadata is empty.
    EmptyMetadata {
        /// Field.
        field: &'static str,
    },
    /// Command does not use cargo_full.
    CommandDoesNotUseCargoFull {
        /// Command.
        command: String,
    },
    /// Required parser recovery case is missing.
    MissingParserCase {
        /// Case.
        case: ParserRecoveryCase,
    },
    /// Required semantic invariant is missing.
    MissingSemanticCase {
        /// Case.
        case: SemanticInvariantCase,
    },
    /// Committed source evidence is missing required parser/semantic safety proof.
    SourceMissingEvidence {
        /// Missing evidence.
        evidence: &'static str,
    },
    /// Committed source evidence missed a threshold.
    SourceThresholdMiss {
        /// Field.
        field: &'static str,
        /// Observed value.
        observed: usize,
        /// Required value.
        required: usize,
    },
}

impl std::fmt::Display for ParserSemanticSafetyError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            Self::EmptyParserRecords => write!(
                f,
                "parser recovery evidence is empty. Fix: prove malformed input diagnostics, no fake AST success, and precise recovery locations."
            ),
            Self::EmptySemanticRecords => write!(
                f,
                "semantic invariant evidence is empty. Fix: prove impossible AST/semantic states are rejected before lowering."
            ),
            Self::EmptyMetadata { field } => write!(
                f,
                "parser/semantic safety evidence has empty {field}. Fix: every record needs command and evidence."
            ),
            Self::CommandDoesNotUseCargoFull { command } => write!(
                f,
                "parser/semantic safety command `{command}` does not use ./cargo_full. Fix: run evidence through cargo_full."
            ),
            Self::MissingParserCase { case } => write!(
                f,
                "parser recovery evidence is missing {case:?}. Fix: add explicit recovery evidence for that behavior."
            ),
            Self::MissingSemanticCase { case } => write!(
                f,
                "semantic invariant evidence is missing {case:?}. Fix: add explicit rejection evidence for that impossible state."
            ),
            Self::SourceMissingEvidence { evidence } => write!(
                f,
                "parser/semantic source safety is missing {evidence}. Fix: preserve source-backed rejection tests and validators for malformed semantic objects."
            ),
            Self::SourceThresholdMiss {
                field,
                observed,
                required,
            } => write!(
                f,
                "parser/semantic source safety {field}={observed} missed required {required}. Fix: restore adversarial semantic rejection assertions."
            ),
        }
    }
}

impl std::error::Error for ParserSemanticSafetyError {}

const REQUIRED_PARSER_CASES: &[ParserRecoveryCase] = &[
    ParserRecoveryCase::MalformedEmitsDiagnostic,
    ParserRecoveryCase::NoFakeAstSuccess,
    ParserRecoveryCase::PreciseRecoveryLocation,
];

const REQUIRED_SEMANTIC_CASES: &[SemanticInvariantCase] = &[
    SemanticInvariantCase::InvalidLvalueRejected,
    SemanticInvariantCase::UnknownScopeRejected,
    SemanticInvariantCase::InvalidConversionRejected,
    SemanticInvariantCase::ConflictingNamespaceRejected,
];

/// Validate parser recovery and semantic invariant evidence.
pub fn validate_parser_semantic_safety(
    parser_records: &[ParserRecoveryRecord<'_>],
    semantic_records: &[SemanticInvariantRecord<'_>],
) -> Result<ParserSemanticSafetyProof, ParserSemanticSafetyError> {
    if parser_records.is_empty() {
        return Err(ParserSemanticSafetyError::EmptyParserRecords);
    }
    if semantic_records.is_empty() {
        return Err(ParserSemanticSafetyError::EmptySemanticRecords);
    }

    let mut parser_cases = BTreeSet::new();
    for record in parser_records {
        validate_record(record.command, record.evidence)?;
        parser_cases.insert(record.case);
    }
    let mut semantic_cases = BTreeSet::new();
    for record in semantic_records {
        validate_record(record.command, record.evidence)?;
        semantic_cases.insert(record.case);
    }

    for case in REQUIRED_PARSER_CASES {
        if !parser_cases.contains(case) {
            return Err(ParserSemanticSafetyError::MissingParserCase { case: *case });
        }
    }
    for case in REQUIRED_SEMANTIC_CASES {
        if !semantic_cases.contains(case) {
            return Err(ParserSemanticSafetyError::MissingSemanticCase { case: *case });
        }
    }

    Ok(ParserSemanticSafetyProof {
        parser_case_count: parser_cases.len(),
        semantic_case_count: semantic_cases.len(),
    })
}

fn validate_record(command: &str, evidence: &str) -> Result<(), ParserSemanticSafetyError> {
    if command.trim().is_empty() {
        return Err(ParserSemanticSafetyError::EmptyMetadata { field: "command" });
    }
    if evidence.trim().is_empty() {
        return Err(ParserSemanticSafetyError::EmptyMetadata { field: "evidence" });
    }
    if !command.trim_start().starts_with("./cargo_full ") {
        return Err(ParserSemanticSafetyError::CommandDoesNotUseCargoFull {
            command: command.to_owned(),
        });
    }
    Ok(())
}

/// Validate committed source-backed parser/semantic safety evidence.
pub fn validate_parser_semantic_source_safety(
    object_decode_tests_source: &str,
    semantic_graph_source: &str,
) -> Result<ParserSemanticSourceSafetyProof, ParserSemanticSafetyError> {
    for (evidence, needle) in [
        (
            "out-of-range semantic tree link test",
            "decode_object_semantic_graph_rejects_out_of_range_tree_links",
        ),
        (
            "out-of-range semantic edge test",
            "decode_object_semantic_graph_rejects_out_of_range_edges",
        ),
        (
            "unknown semantic role test",
            "decode_object_semantic_graph_rejects_unknown_node_role",
        ),
        (
            "empty semantic node section test",
            "decode_object_semantic_graph_rejects_empty_node_section",
        ),
        (
            "missing parent scope test",
            "decode_object_sema_scope_rejects_missing_parent_scope",
        ),
        (
            "multiple root scope test",
            "decode_object_sema_scope_rejects_multiple_roots",
        ),
        (
            "unknown declaration kind test",
            "decode_object_sema_scope_rejects_unknown_decl_kind",
        ),
        ("explicit expect_err assertions", "expect_err"),
    ] {
        source_contains(object_decode_tests_source, evidence, needle)?;
    }

    for (evidence, needle) in [
        ("semantic node validator", "validate_semantic_pg_nodes"),
        ("semantic edge validator", "validate_semantic_pg_edges"),
        ("unknown semantic category rejection", "unknown category"),
        ("unknown semantic role rejection", "unknown role"),
        ("inverted source span rejection", "inverted source span"),
        ("semantic parent bounds rejection", "parent"),
        ("semantic child bounds rejection", "outside"),
        ("single root invariant", "expected exactly one"),
        (
            "empty node section rejection",
            "semantic node section is empty",
        ),
        (
            "edge node bounds rejection",
            "outside {node_count} decoded semantic nodes",
        ),
        ("actionable fix messages", "Fix:"),
    ] {
        source_contains(semantic_graph_source, evidence, needle)?;
    }

    let assertion_marker_count = object_decode_tests_source.matches("assert").count();
    if assertion_marker_count < 20 {
        return Err(ParserSemanticSafetyError::SourceThresholdMiss {
            field: "assertion markers",
            observed: assertion_marker_count,
            required: 20,
        });
    }

    Ok(ParserSemanticSourceSafetyProof {
        assertion_marker_count,
    })
}

fn source_contains(
    source: &str,
    evidence: &'static str,
    needle: &str,
) -> Result<(), ParserSemanticSafetyError> {
    if source.contains(needle) {
        Ok(())
    } else {
        Err(ParserSemanticSafetyError::SourceMissingEvidence { evidence })
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn parser_semantic_safety_accepts_required_cases() {
        let proof = validate_parser_semantic_safety(&parser_records(), &semantic_records())
            .expect("Fix: complete parser/semantic safety should pass");

        assert_eq!(proof.parser_case_count, 3);
        assert_eq!(proof.semantic_case_count, 4);
    }

    #[test]
    fn parser_semantic_safety_rejects_missing_no_fake_ast_case() {
        let mut parser_records = parser_records();
        parser_records.remove(1);

        assert_eq!(
            validate_parser_semantic_safety(&parser_records, &semantic_records())
                .expect_err("missing parser recovery case should fail"),
            ParserSemanticSafetyError::MissingParserCase {
                case: ParserRecoveryCase::NoFakeAstSuccess,
            }
        );
    }

    #[test]
    fn parser_semantic_safety_rejects_missing_semantic_case_and_raw_cargo() {
        let mut missing_semantic_records = semantic_records();
        missing_semantic_records.pop();
        assert_eq!(
            validate_parser_semantic_safety(&parser_records(), &missing_semantic_records)
                .expect_err("missing semantic invariant should fail"),
            ParserSemanticSafetyError::MissingSemanticCase {
                case: SemanticInvariantCase::ConflictingNamespaceRejected,
            }
        );

        let mut parser_records = parser_records();
        parser_records[0].command = "cargo test";
        assert_eq!(
            validate_parser_semantic_safety(&parser_records, &semantic_records())
                .expect_err("raw cargo should fail"),
            ParserSemanticSafetyError::CommandDoesNotUseCargoFull {
                command: "cargo test".to_owned(),
            }
        );
    }

    #[test]
    fn parser_semantic_safety_accepts_committed_object_decode_sources() {
        let proof = validate_parser_semantic_source_safety(
            include_str!("../../../../vyre-frontend-c/src/api/object_decode/tests/mod.rs"),
            include_str!("../../../../vyre-frontend-c/src/api/object_decode/semantic_graph.rs"),
        )
        .expect("Fix: committed parser/semantic source safety evidence should pass");

        assert!(proof.assertion_marker_count >= 20);
    }

    #[test]
    fn parser_semantic_safety_rejects_missing_scope_rejection_source() {
        let tests_source = r#"
            fn decode_object_semantic_graph_rejects_out_of_range_tree_links() { expect_err("Fix:"); }
            fn decode_object_semantic_graph_rejects_out_of_range_edges() { expect_err("Fix:"); }
            fn decode_object_semantic_graph_rejects_unknown_node_role() { expect_err("Fix:"); }
            fn decode_object_semantic_graph_rejects_empty_node_section() { expect_err("Fix:"); }
            fn decode_object_sema_scope_rejects_multiple_roots() { expect_err("Fix:"); }
            fn decode_object_sema_scope_rejects_unknown_decl_kind() { expect_err("Fix:"); }
        "#;
        let graph_source = r#"
            fn validate_semantic_pg_nodes() {
                "unknown category"; "unknown role"; "inverted source span"; "parent"; "outside";
                "expected exactly one"; "semantic node section is empty"; "Fix:";
            }
            fn validate_semantic_pg_edges() { "outside {node_count} decoded semantic nodes"; }
        "#;

        assert_eq!(
            validate_parser_semantic_source_safety(tests_source, graph_source)
                .expect_err("missing parent scope test should fail"),
            ParserSemanticSafetyError::SourceMissingEvidence {
                evidence: "missing parent scope test",
            }
        );
    }

    fn parser_records() -> Vec<ParserRecoveryRecord<'static>> {
        REQUIRED_PARSER_CASES
            .iter()
            .copied()
            .map(parser_record)
            .collect()
    }

    fn semantic_records() -> Vec<SemanticInvariantRecord<'static>> {
        REQUIRED_SEMANTIC_CASES
            .iter()
            .copied()
            .map(semantic_record)
            .collect()
    }

    fn parser_record(case: ParserRecoveryCase) -> ParserRecoveryRecord<'static> {
        ParserRecoveryRecord {
            case,
            command: "./cargo_full test -j1 -p vyrec",
            evidence: "release/parity/vyrec-parser-recovery.md",
        }
    }

    fn semantic_record(case: SemanticInvariantCase) -> SemanticInvariantRecord<'static> {
        SemanticInvariantRecord {
            case,
            command: "./cargo_full test -j1 -p vyrec",
            evidence: "release/parity/vyrec-semantic-invariants.md",
        }
    }
}