niklas/amduat
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
90 commits 6 branches 0 tags 824 KiB
Commit graph

90 commits

This branch
This branch
All branches
Author SHA1 Message Date
Carl Niklas Rydberg b3d776adb4 audit: kernel params bound and docgraph removal 2025-12-22 12:40:06 +01:00
Carl Niklas Rydberg a932363ad0 pel: require params for pel.bytes.params and add test 2025-12-22 12:17:40 +01:00
Carl Niklas Rydberg d0005e54c3 Fix TGK store conflict error mapping and add regression test 2025-12-22 11:50:00 +01:00
Carl Niklas Rydberg 222fe2f84e tgk1-edge: accept unknown hash ids and add regression test 2025-12-22 11:42:41 +01:00
Carl Niklas Rydberg 5b7d07e033 Fix trace DAG EncodedRef validation and test unknown hash ids 2025-12-22 11:24:43 +01:00
Carl Niklas Rydberg a4932b1217 PEL/TRACE-DAG: wire exec_result_ref + node failure diagnostics 
Persist pre-trace ExecutionResult to embed exec_result_ref in traces
Capture node-level runtime diagnostics and clone into trace artifacts
Clarify trace spec for pre-trace result linkage
Add tests for exec_result_ref and node-failure diagnostics
 2025-12-22 11:16:23 +01:00
Carl Niklas Rydberg 85b37e1701 Added an audit template and verification notes to AUDITS.md. 2025-12-22 09:30:15 +01:00
Carl Niklas Rydberg b9de21df20 Added an Audit Plan section to AUDITS.md 2025-12-22 09:26:14 +01:00
Carl Niklas Rydberg b00f2c8575 Enforce PEL1 result invariants and add regression test 2025-12-22 09:15:15 +01:00
Carl Niklas Rydberg dd537f9eb9 Documented the audit in a new AUDITS.md at the repo root with scope, findings, resolutions, and test status 2025-12-22 09:13:07 +01:00
Carl Niklas Rydberg f02be17d6c Patched overflow checks in the encoder and added regression tests. 
Changes:

Added early bounds checks for nodes_len/roots_len against UINT32_MAX, plus safe guards for order allocation and roots_len * 8 overflow. pel_program_dag.c
New tests for oversized counts: test_pel_program_dag_encode.c
Wired the new test into CMake: CMakeLists.txt
 2025-12-22 08:46:03 +01:00
Carl Niklas Rydberg d301823c12 Added scheme-aware dispatch for in‑memory exec so non‑SchemeRef_DAG_1 refs are rejected, and exposed it via the CLI. 2025-12-22 08:34:40 +01:00
Carl Niklas Rydberg 6dfcb2bfc6 Implemented descriptor-aware program binding checks so program interpretation now consults the descriptor’s program_type_tag and program_enc_profile before decoding or tagging artifacts. 2025-12-22 08:27:41 +01:00
Carl Niklas Rydberg db3eb98b83 Added a concrete recognition path for TYPE_TAG_PEL_SCHEME_DESC_1 Artifacts by exposing canonical checks and wiring them into amduat-pel validate. 2025-12-22 08:19:39 +01:00
Carl Niklas Rydberg f5e1ab8801 Add PEL DAG scheme descriptor codec and validation 
If you want a longer one:
Add codec + tests for PEL DAG scheme descriptor
 2025-12-22 08:16:58 +01:00
Carl Niklas Rydberg 4583b1cfd3 Support program artifacts in exec 2025-12-22 07:34:49 +01:00
Carl Niklas Rydberg 5438b93efd Expose diagnostic messages in formatters 2025-12-22 07:27:30 +01:00
Carl Niklas Rydberg ef3edc7762 Refine DAG structural diagnostics 2025-12-22 07:03:36 +01:00
Carl Niklas Rydberg ef2fd955f1 Hide DAG exec entrypoints 2025-12-22 07:01:11 +01:00
Carl Niklas Rydberg e838e2c977 Add deterministic diagnostics and OOM handling 2025-12-22 06:55:29 +01:00
Carl Niklas Rydberg b891b588ee Demote PEL exec bytes helper 2025-12-22 06:31:53 +01:00
Carl Niklas Rydberg 92edd06642 Fix PEL DAG params plumbing and surface IO 2025-12-22 06:25:52 +01:00
Carl Niklas Rydberg 7c19c04dc4 Added an explicit OOM status for kernel ops and routed it as out‑of‑model 2025-12-22 00:41:18 +01:00
Carl Niklas Rydberg 3333b577ff Implemented an OOM-aware decode path for PEL/PROGRAM-DAG and plumbed it through the core entrypoints so OOM is treated as out‑of‑model (returns false) while invalid bytes still map to INVALID_PROGRAM. 2025-12-22 00:36:10 +01:00
Carl Niklas Rydberg 503ad05061 Adjusted PEL core execution to treat allocation failures as out‑of‑model (return false without a core result) and made amduat_pel_exec_program_bytes return deterministic ExecutionResultValue for invalid program bytes or missing inputs, as required by PEL/1‑CORE totality. Updates are in program_dag.c and run.c. 2025-12-22 00:31:31 +01:00
Carl Niklas Rydberg 87c8bcc799 Align HASH/ASL1 registry and codecs with spec constraints 
- reject reserved HashId values across lookup/parse/encode paths
- add reserved-range registry table and remove 0x0000 from runtime list
- forbid SHA-256 impl overrides; add streaming hash API
- update tgk_store_mem test to use unsupported but non-reserved hash id
- document ASL store digest-length constraint in README
 2025-12-22 00:21:16 +01:00
Carl Niklas Rydberg abf5b5d5f2 Added the hash_id == 0 guard in the codec and documented the FS store digest length constraint in the README. 2025-12-21 23:54:42 +01:00
Carl Niklas Rydberg 88cde5c243 Added the explicit hash_id == 0 guard in the codec. This rejects reserved 0x0000 in both encode and decode paths 2025-12-21 23:48:45 +01:00
Carl Niklas Rydberg ab36856833 Updated the ReferenceBytes codec to be spec‑true: it now treats the digest as “remaining bytes” and only enforces digest length when the registry provides a non‑zero expected length. This keeps strictness where hashing/verification happens while allowing unknown hash IDs for pure transport/framing. Changes are in asl1_core_codec.c. 2025-12-21 23:46:07 +01:00
Carl Niklas Rydberg 9754582ae7 Implement store error IO class, optional config validation, and ops init helper 2025-12-21 23:29:24 +01:00
Carl Niklas Rydberg a992e89766 Made StoreConfig enforcement pluggable at the amduat_asl_store_t boundary by adding a validate_config hook to store ops. validate_config is now optional, get rejects refs whose hash_id doesn’t match the store config, and put verifies the returned Reference matches the configured hash_id. This uses the StoreConfig at the boundary without forcing every store to implement the hook. 2025-12-21 23:18:12 +01:00
Carl Niklas Rydberg 5443ad041c Enforced StoreConfig at the wrapper boundary by validating the configured encoding/hash and rejecting mismatched hash IDs before delegating to backend ops. This makes the amduat_asl_store_t wrapper actively use/validate its config instead of just storing it. 2025-12-21 23:09:44 +01:00
Carl Niklas Rydberg 3dda32b62c Adjusted malformed reference handling so a digest length mismatch (or missing digest data) returns AMDUAT_ASL_STORE_ERR_INTEGRITY instead of AMDUAT_ASL_STORE_ERR_UNSUPPORTED in asl_store_fs.c 2025-12-21 23:00:45 +01:00
Carl Niklas Rydberg 24ad51ff46 Added AMDUAT_ASL_STORE_ERR_IO and used it in the FS store path so I/O/internal failures no longer surface as integrity errors; updated CLI/error mappings so the new error is visible and gets the IO exit code. This keeps integrity reserved for actual content/hash/collision issues while still preserving existing semantics for not-found/unsupported. 2025-12-21 22:59:31 +01:00
Carl Niklas Rydberg fe9acea94b Updated amduat_asl_store_fs_put_impl so fsync failure cleanup only unlinks when this call actually created the object, preventing deletion of pre-existing mappings. Change is in asl_store_fs.c. 2025-12-21 22:49:24 +01:00
Carl Niklas Rydberg 8e26d11e3b Fixed the test include so AMDUAT_ENC_ASL1_CORE_V1 is visible. Re-run: 
cmake --build build --target amduat_test_asl_ref_derive && ./build/amduat_test_asl_ref_derive
 2025-12-21 22:39:11 +01:00
Carl Niklas Rydberg 0188e10cee Add ASL ref-derive test and use central derivation 2025-12-21 22:36:08 +01:00
Carl Niklas Rydberg 5a002b2a1d Added a safety check in amduat_octets_eq so it rejects invalid octet views (len>0 with NULL data) before comparing. 2025-12-21 22:23:12 +01:00
Carl Niklas Rydberg 39712f7b70 Added a central ASL reference-derivation API and wired the filesystem store (plus the PEL stub store) to use it, so all reference creation now goes through the canonical encode+hash path. 2025-12-21 22:22:17 +01:00
Carl Niklas Rydberg 71d2303c3c Moved EncodingProfileId into ASL core and decoupled the encoder header from STORE, so ASL/1-CORE stands alone as required. 2025-12-21 22:12:09 +01:00
Carl Niklas Rydberg dd429ed6f1 Implemented immutable ownership helpers for core ASL values and routed internal clone/free paths through them so stored artifacts/references are deep-copied and no longer depend on caller-owned buffers. 2025-12-21 22:09:58 +01:00
Carl Niklas Rydberg e391e55150 Added snapshot consistency guidance in the spec and clarified the intended use of snapshot views vs. direct store calls in the public header. 2025-12-21 21:54:29 +01:00
Carl Niklas Rydberg a945a117f6 Added a read‑only snapshot view API so callers can pin queries to a single immutable snapshot; mem/fs adapters now return a snapshot store backed by a cloned mem state, and tests verify snapshot stability across mutations. 2025-12-21 21:52:06 +01:00
Carl Niklas Rydberg f83dc9c2bd Implemented batch ingest API and tests 2025-12-21 21:31:55 +01:00
Carl Niklas Rydberg d3224b26ac Added targeted ingest/remove + epoch tests in test_tgk_store_mem.c 
Added the FS ingest/remove + epoch test in test_tgk_store_fs.c and fixed the missing ref_edge initialization
 2025-12-21 21:23:55 +01:00
Carl Niklas Rydberg 8bbadd602c Added ingest/remove APIs and wired epoch bumps on mutation, plus made the mem store truly mutable/owning 2025-12-21 21:20:12 +01:00
Carl Niklas Rydberg 456e899b50 Added the snapshot/epoch type and getter in the public API, plus the store wrapper implementation: 2025-12-21 21:11:36 +01:00
Carl Niklas Rydberg 12e2a91ca7 Added the snapshot/epoch type and getter in the public API, plus the store wrapper implementation: 2025-12-21 21:09:01 +01:00
Carl Niklas Rydberg 9be82c64be TGK: harden store adapters and cleanup gaps 
Enforce strict type filter matching for NULL lists
FS store skips missing manifest refs to align with error model
Drop empty tgk1_edge stack stub
 2025-12-21 20:53:44 +01:00
Carl Niklas Rydberg ea57e79c41 Added a short cursor‑format note in store.h documenting that the in‑memory adapter uses ReferenceBytes (hash_id + digest) of the last edge_ref as the scan_edges page token. 2025-12-21 20:44:48 +01:00