[CLAUDE] Docs: S71 session-end §L closeout — E-009/AS-13 custom-workflow race + user-memory count 21->28 + H2/H1 GATE PASS
Session-end 2 monitor: H2 harvest-GATE 5/5 PASS CLOSE-ELIGIBLE (5 run-folder harvest+ledger CLOSED, curate G1 0-byte-loss verified) + H1 tooling-CHOT 3-mat CLEAN + 1 drift fixed (user-memory 21->28). §L.a: AS-13 NEW (custom-workflow same-role MEMORY race) + E-009 RCA + Active-Guard + AS-1 recurrence note (2x git-add-A mitigated by pre-stage status-audit). 0 production code. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
pqhuy1987
@ -31,6 +31,7 @@ Detect by **action-signature** (NOT "AI tự phán có vi phạm không"). Scan
|
||||
| AS-10 | sub-agent writes a tracked file (MEMORY.md / code) despite **R1 return-only** (Write/Bash residual) | R1 return-only (HMW) — prompt-rule, NOT mechanized (G-015) | git-diff post-P2 catch → lead VERIFY benign+accurate+placement → keep or revert (NOT a bug if correct; chunk-count for RAG-write) |
|
||||
| AS-11 | cross-stack feature: BE validator/nullability ≠ FE required-marker for the SAME field | em-main shared-contract consistency (E-007) | RCA + align FE↔BE + reviewer-gate (held S51) |
|
||||
| AS-12 | identifier-based data op trên prod (lock/seed/migrate-by-email/code) viết theo population đọc từ CODE/Dev, KHÔNG dump bảng env đích | gotcha #60 (E-008) — assertion 0-row/`-1` ⟹ nghi data-mismatch TRƯỚC code-bug | RCA + dump env-đích trước khi viết list + seed-password thỏa policy nghiêm nhất mọi env |
|
||||
| AS-13 | **custom Workflow script (≠ hmw.js DEFAULT-mode)** chạy parallel **same-role** agents giữ Write → agents tự-ghi shared `agent-memory/<role>/MEMORY.md` → "file modified since read" race + verbose-append over-cap | E-009 — hmw.js DEFAULT có return-delta-guard, custom script KHÔNG kế-thừa | RCA + curate L1→L2 + custom workflow PHẢI copy return-delta-guard HOẶC file-disjoint 1-sub/file |
|
||||
|
||||
## 🛡️ Active-Guards index (2-strike promote: episodic → procedural)
|
||||
|
||||
@ -50,11 +51,20 @@ Detect by **action-signature** (NOT "AI tự phán có vi phạm không"). Scan
|
||||
| heavy spawn → `run_in_background` | looks-frozen | **procedural** (2-strike met) | 2 (S45, S48) | ✅ S48 (FD bg) + S50 (all 4 monitor+wave spawns bg) | + |
|
||||
| RAG glob `**/`-anchored (not root) | gotcha #10 node_modules leak | procedural | 1 (S41) | ✅ (2406 clean) | ++ |
|
||||
| dump bảng env-đích TRƯỚC identifier-based data op (lock/seed-by-email) | gotcha #60 (AS-12) | episodic | 1 (S57bis lock NO-OP) | ✅ S58 (recon dump → fix `5998163` → Run #382 đo 34 locked) | ++ |
|
||||
| custom Workflow same-role → copy return-delta-guard HOẶC file-disjoint 1-sub/file | E-009 (AS-13) | episodic | 1 (S71 invest/review race) | ✅ S71 (curate workflow `wf_f32987b8` file-disjoint 1-sub/file = 0 race; finalize curate đóng over-cap) | ++ |
|
||||
|
||||
## 📋 RCA entries (blameless — newest on top)
|
||||
|
||||
> Format: `E-NNN | date | rule | what | 5-why root | fix (prod-bug = 2-fix: code + guard) | prevention | tags[TYPE/ACTOR/COMPONENT]`
|
||||
|
||||
### E-009 — AS-13 custom-workflow same-role MEMORY write-race → over-cap (S71, finalize-review-caught, curated same-session)
|
||||
- **rule (AS-13 NEW):** custom Workflow script (≠ hmw.js DEFAULT-mode) chạy parallel **same-role** agents giữ Write → mỗi agent chạy frontmatter "update MEMORY before return" → concurrent writes shared `agent-memory/<role>/MEMORY.md` → "file modified since read" race + verbose-append over-cap. hmw.js DEFAULT-mode inject return-delta-only writeGuard; custom script KHÔNG kế-thừa.
|
||||
- **what:** S71 Harness-10 adop chạy custom workflow (h10-invest 4× investigator-codebase · h10-review + h910-finalize 3× reviewer). Agents tự-ghi diary → 4 investigator ghi `investigator-codebase/MEMORY.md` đồng-thời + 3 reviewer ghi `reviewer/MEMORY.md`. Kết quả: reviewer 24.8→**36.7KB** (harness silent-truncate ~8KB HOT lúc spawn), investigator 24→29.8KB — cả 2 over auto-inject cap 25600. Content HỢP-LỆ (additive, 0 corruption, git numstat +N -0) nhưng P1 curate-debt (claimed CLOSED S70) re-opened.
|
||||
- **5-why:** custom invest/review/finalize workflow author KHÔNG inject return-delta-guard mà hmw.js DEFAULT có → same-role agents mỗi con chạy "update MEMORY before return" → concurrent write cùng file → race + bloat tích-lũy → over-cap → harness silent HOT-truncate. Caught: finalize-review R3 (`wc -c`) + budget-audit-by-hand S71 (KHÔNG phải runtime-error — silent).
|
||||
- **fix (KHÔNG prod-bug — 0 production code):** (process) curate L1→L2 `wf_f32987b8-03f` **file-disjoint 1-sub/file** (reviewer 36.7→24.8 + inv 29.8→23.2, 0-byte-loss numstat +N -0 + grep-Fxf 10/10 + md5sum) + budget.json re-measure + reviewer-gist gen:2. (guard) AS-13 + Active-Guard episodic + `feedback_harness10_run_trace` #2 lesson.
|
||||
- **prevention/guard:** custom Workflow parallel same-role → (a) inject return-delta-only writeGuard (mirror hmw.js DEFAULT), HOẶC (b) file-disjoint 1-agent/memory-file (curate S71 dùng = 0 race). Budget-audit @session-start re-measure bắt re-accumulation. hmw.js RUN-TRACE mode (S71) đã guard.
|
||||
- **tags:** [memory-race-overcap / custom-workflow-agents / agent-memory reviewer+investigator-codebase]
|
||||
|
||||
### E-008 — AS-12 lock-demo-user prod NO-OP: population Dev ≠ prod + seed silent-fail (S57bis ship, S58 fix, cicd-caught)
|
||||
- **rule (AS-12 NEW):** thao tác data theo-identifier trên prod (lock/seed/migrate-by-email) mà list viết từ CODE/Dev population, KHÔNG dump bảng env đích → silent NO-OP/sai-target. Assertion trả 0-row/`-1` ⟹ nghi data-mismatch TRƯỚC khi nghi code.
|
||||
- **what:** S57bis ship `LockDemoSampleUsersAsync` 14 email named-person (đọc từ seed code = population Dev-only). Demo prod thật = 20 UAT-matrix (`bod.1@`, `pm.nv@`… tạo TAY 05-13, chưa từng trong code). Run #381 deploy PASS + health 200 + code RAN — locked=0, hoàn toàn silent. Tầng 2 ẩn sâu hơn: `DemoUserPassword` 11 ký tự < prod `Identity:Password:RequiredLength=12` → `CreateAsync` trả `IdentityResult.Failed` (LogWarning-only, by-design 1-fail-không-abort) **mọi startup từ trước tới giờ** → named-person + `nv.cao`/`nv.truong` (IT pool — root cause "helpdesk inert" S56!) + 5 real staff KHÔNG BAO GIỜ tồn tại trên prod.
|
||||
@ -85,6 +95,7 @@ Detect by **action-signature** (NOT "AI tự phán có vi phạm không"). Scan
|
||||
- **5-why:** 37-file batch → `-A` convenient → habit → skipped specific-stage → AS-1 signature fired.
|
||||
- **fix:** (process) MITIGATED pre-commit — `git add -A --dry-run` verified exact 37-file scope + wave-folder-leak=0 + 0 unintended files BEFORE commit; no concurrent SE session running. Scope was correct → no retroactive re-stage needed. (guard) next multi-file commit → `git add <list>` OR dry-run-verify-first (this session did dry-run = acceptable mitigation).
|
||||
- **prevention/guard:** Active-Guard AS-1 "add-specific or dry-run-verify-first". Blameless: outcome clean, but signature logged for honesty (§L.a = catch signature, not excuse it).
|
||||
- **recurrence S71:** 2× `git add -A` (commits `8c47bd0` + `7875b39`) — mitigated y hệt: `git status --short` containment-audit review FULL scope TRƯỚC mỗi stage (verify-first = mitigation hợp-lệ per guard); 0 unintended file (run-trace tracked + agent-memory curate = đúng tập dự kiến). Pattern ổn định: `-A` + pre-stage-status-review acceptable khi scope đã audit.
|
||||
- **tags:** [git-hygiene / em-main / commit]
|
||||
|
||||
### E-004 — gotcha #53 agent truncation mid-MEMORY (recurring S35-S42)
|
||||
|
||||
Reference in New Issue
Block a user