Skip to content

change: raise on invalid input in numeric/data builtins (silent-tolerance batch-2)#514

Merged
InauguralPhysicist merged 1 commit into
mainfrom
fix/silent-tolerance-batch-2a
Jul 9, 2026
Merged

change: raise on invalid input in numeric/data builtins (silent-tolerance batch-2)#514
InauguralPhysicist merged 1 commit into
mainfrom
fix/silent-tolerance-batch-2a

Conversation

@InauguralPhysicist

Copy link
Copy Markdown
Collaborator

Second batch of the silent-tolerance audit (#490#512). Builtins that folded bad input to a null / 0 / "" / wrong-order sentinel — the hardest class of bug to spot in a data or numeric pipeline — now raise a catchable error from the closed error-kind set.

Changes

Builtin Bad input Was Now
matmul (#512) incompatible shapes / non-matrix / oversized silent null value / type_mismatch / limit
sha256 md5 *_file hmac_sha256 (#511) non-string (and missing file) "" sentinel (silent wrong digest) type_mismatch (io on open fail)
range (#497, #498) non-numeric arg; past 1M cap silent []; unbounded build → OOM type_mismatch; limit
sort_by (#501) key fn returns non-number coerced to 0.0 (silent wrong order) type_mismatch (mirrors sort #368)
get_at set_at buf_get buf_set (#499, #502) out-of-range / non-list / non-int index silent fold-to-0 / no-op index_range / type_mismatch, matching xs[i]

range's #498 was a genuine latent OOM: the 1M cap sized only the prealloc while the loop still ran to the original bound.

Load-bearing check

No stdlib (lib/) reliance on any silent path. The only reliance was three tests asserting the old buggy behavior, updated to assert the raise:

Tests

New suite section [116]test_raise_on_bad_input.eigs, 21 checks (each raise + a happy-path sanity check).

  • Release suite: 2646/2646
  • ASan + detect_leaks=1: 2646/2646, leak tally 0

Deferred to a batch-2b follow-up (genuine design calls / larger changes): #500 regex invalid-pattern, #508 len, #506 append, #504 substr, #495 json_decode leniency, #507 json_path, #494 parser, #491 for-in, #503 list_truncate.

Closes #497
Closes #498
Closes #499
Closes #501
Closes #502
Closes #511
Closes #512

🤖 Generated with Claude Code

…ance batch-2)

Second batch of the silent-tolerance audit (#490#512). Builtins that
folded bad input to a null/0/""/wrong-order sentinel — the hardest class
of bug to spot in a data or numeric pipeline — now raise a catchable error
from the closed error-kind set:

- matmul (#512): incompatible shapes -> value, non-matrix -> type_mismatch,
  oversized result -> limit.
- sha256/md5/sha256_file/md5_file/hmac_sha256 (#511): non-string ->
  type_mismatch (was the "" sentinel = a silent wrong digest); _file
  variants raise io on open failure.
- range (#497/#498): non-numeric arg -> type_mismatch; past the 1M cap ->
  limit instead of silently building an unbounded list (the cap sized only
  the prealloc while the loop ran to the original bound — an OOM).
- sort_by (#501): non-numeric key -> type_mismatch (was coerced to 0.0);
  mirrors sort (#368).
- get_at/set_at + buf_get/buf_set (#499/#502): out-of-range -> index_range,
  non-list/non-buffer target or non-integer index -> type_mismatch, matching
  the xs[i] operator.

Load-bearing check: no stdlib (lib/) reliance; the only reliance was three
tests asserting the old silent behavior (range-of-string, get_at/buf_get
OOB, sha of null, get_at/set_at past-the-start, matmul overflow) — updated
to assert the raise. The get_at/set_at -4 case was asserting an
inconsistency with [] (which already raises on -4); the change makes them
consistent, which is exactly #312's stated goal.

New regression: suite section [116] (test_raise_on_bad_input.eigs, 21
checks). Release + ASan/leak suites green (2646/2646, leak tally 0).

Closes #497
Closes #498
Closes #499
Closes #501
Closes #502
Closes #511
Closes #512

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@InauguralPhysicist InauguralPhysicist merged commit a46f010 into main Jul 9, 2026
17 checks passed
@InauguralPhysicist InauguralPhysicist deleted the fix/silent-tolerance-batch-2a branch July 9, 2026 05:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment