Incomex AI Portal
KB-6FC5

dot-iu-cutter v0.5 — First Controlled CUT Rerun · CUT Execution Log (G7 R-2 ATOMIC ROLLBACK — Gateway trigger blocked direct INSERT) (doc 4 of 7)

10 min read Revision 1
dot-iu-cutterv0.5first-controlled-cut-production-execution-reruncut-execution-logg7-r-2-atomic-rollbackiu-gateway-trigger-blockedfn-iu-gateway-write-guardarchitecture-driftpack-22-p3-p2-rev7stop-route-gpt-userdieu442026-05-20

dot-iu-cutter v0.5 — First Controlled CUT Rerun · CUT Execution Log

doc 4 of 7 · 2026-05-20

phase              : execute production leg-A CUT (G7) + final pre-CUT (G6)
outcome            : G6 PASS · G7 R-2 ATOMIC ROLLBACK
exit_code          : 1
production_mutation: NONE persisted (atomic ROLLBACK; zero rows committed)

1. G6 — final pre-CUT check after GRANT — PASS

verified_via_query_pg (read-only context_pack_readonly role) immediately after G5:
  iu_cols                    : 19           == PIN_IU_COLS
  uv_cols                    : 16           == PIN_UV_COLS
  L1 md5                     : f38c94d0…    == PIN_L1_MD5
  L2 md5                     : 078ba005…    == PIN_L2_MD5
  ICX-CONST existing rows    : 0            (G-CUT-ONCE still met)
  IU total                   : 98           (unchanged — GRANT does not change rows)
  UV total                   : 105          (unchanged)
  vocab present              : 6 / 6
provider verified            : YES (G3 live cutter_exec connection test)
credentials                  : trust auth — no password in play
approval id                  : KB doc id of GPT ruling 2026-05-20
backup sha256                : 17093a7a9cf6b671545919857ec4478273d5332143daf96957549ba657228043
                                (~7 min 20 sec old at CUT attempt — within ≤60 min window)

2. G7 — production leg-A CUT execution — R-2 ATOMIC ROLLBACK

2.1 Command issued (byte-match doc 3 §3.1 R1 of production-legA package)

docker run --rm \
  --network container:postgres \
  -v /tmp/iu-cutter-cut-f20c79c-20260520T031054Z:/work \
  -v /opt/incomex/dot/specs:/specs:ro \
  -w /work -e PYTHONPATH=/work:/specs \
  python:3.12-slim bash -c '
    pip install --quiet psycopg2-binary
    python -m cutter_agent.cutprod \
      --mode production-leg-a-only \
      --fail-closed --exclude-dieu-44 \
      --manifest /work/manifest.json \
      --snapshot-artifact /work/tests/fixtures/constitution-normalized-17660443e0f23e99.md \
      --expect-manifest-digest 9d908a62fcf01bb88e05a1af4335b960710006ddcfd21c811ca63efb33dd324f \
      --expect-manifest-file-sha 7d56f3ce066950ccef3de4156c5afeea81b2450b8e38393205b52c1fca012179 \
      --expect-candidate-count 60 \
      --expect-region-sha 17660443e0f23e994e1807cf8e22920951a9e70c598956dbd0e752f4f5cae80c \
      --source-version-id icxconst-008a06ace23a96ea6cd456146e805c97 \
      --expect-writer-digest d99a31d4a4be907c510ae15965e9f7bb3387e9e28676e9f32adf463828b1aa28 \
      --i-have-sovereign-production-write-approval <ruling-kb-doc-id> \
      --i-have-grant-execution-approval-kb-id     <ruling-kb-doc-id> \
      --production-intent CONFIRM-LEG-A-ONLY-CONSTITUTION-CUT \
      --fresh-backup-sha256 17093a7a9cf6b671545919857ec4478273d5332143daf96957549ba657228043 \
      --connection-provider-module cutter_legA_provider_20260520T031054Z:get_provider
  '

2.2 Verbatim STDOUT/STDERR capture (key lines)

=== G7: production leg-A CUT BEGIN 2026-05-20T03:18:14Z ===
[notice] A new release of pip is available: 25.0.1 -> 26.1.1
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/work/cutter_agent/cutprod.py", line 269, in <module>
    raise SystemExit(main())
                     ^^^^^^
  File "/work/cutter_agent/cutprod.py", line 245, in main
    summary = adapter.execute_leg_a_only(args)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/work/cutter_agent/prod_iu_adapter.py", line 384, in execute_leg_a_only
    result = self.leg_a_in_txn(conn, iu, uv)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/work/cutter_agent/prod_iu_adapter.py", line 407, in leg_a_in_txn
    self._iu_insert(conn, iu)
  File "/work/cutter_agent/prod_iu_adapter.py", line 293, in _iu_insert
    self._insert(conn, _IU_TABLE, _IU_COLS, row)
  File "/work/cutter_agent/prod_iu_adapter.py", line 319, in _insert
    conn.execute(
  File "/specs/cutter_legA_provider_20260520T031054Z.py", line 93, in execute
    cur.execute(sql2, params2)
psycopg2.errors.RaiseException: IU Gateway blocked: direct write to information_unit not allowed. Use canonical functions (fn_iu_create, fn_iu_apply_edit_draft). See README: knowledge/dev/laws/dieu44-trien-khai/readme/iu-create-gateway-readme.md
CONTEXT:  PL/pgSQL function fn_iu_gateway_write_guard() line 39 at RAISE

=== G7: cutprod_exit_code=1 at 2026-05-20T03:18:24Z ===

2.3 Failure regime classification — R-2 (pre-commit ROLLBACK)

Per rollback doctrine doc 5 §1:

R-2 pre-commit failure : connection opened ; guard G4/G5/G6 fails OR birth-gate
                         L1 raises OR FK/UNIQUE/birth-gate L2 raises at COMMIT.
                         ⇒ atomic ROLLBACK ; zero rows persisted.

This run:

  • G1/G2/G3/G7 (no-connect) : PASSED
  • G4 (current_user == cutter_exec) : PASSED (verified current_user=cutter_exec)
  • G5 (in-txn drift) : PASSED (catalog drift = ZERO)
  • G6 (G-CUT-ONCE) : PASSED (ICX-CONST=0)
  • INSERT into information_unit : BLOCKED by trg_aa_iu_gateway_write_guard BEFORE-INSERT trigger calling fn_iu_gateway_write_guard() (SECURITY DEFINER) which raises IU Gateway blocked: …
  • adapter's try/except : caught the exception, called conn.rollback(), re-raised
  • cutprod : returned exit 3 BLOCKED (per fail-closed map) actually exit 1 because the inner Python exception bubbled up through bash shell before reaching cutprod's BLOCKED: print — either way, atomic ROLLBACK occurred

2.4 Trigger that blocked the write

Discovered post-mortem (read-only catalog probe):

SELECT tgname, pg_get_triggerdef(t.oid)
FROM pg_trigger t JOIN pg_class c ON c.oid=t.tgrelid JOIN pg_namespace n ON n.oid=c.relnamespace
WHERE n.nspname='public' AND c.relname='information_unit' AND NOT t.tgisinternal;
-- yields, in order:
trg_aa_iu_gateway_write_guard  BEFORE INSERT OR UPDATE  ON public.information_unit FOR EACH ROW EXECUTE FUNCTION fn_iu_gateway_write_guard()
trg_iu_birth_gate_layer1        BEFORE INSERT             ON public.information_unit FOR EACH ROW EXECUTE FUNCTION fn_iu_birth_gate_layer1()
trg_iu_birth_gate_layer2        CONSTRAINT … DEFERRABLE INITIALLY DEFERRED AFTER INSERT OR UPDATE
trg_iu_updated_at               BEFORE UPDATE
trg_birth_information_unit      AFTER INSERT

trg_aa_iu_gateway_write_guard runs first (alphabetical aa prefix) and short-circuits direct writes with RAISE. The function is SECURITY DEFINER ⇒ it overrides cutter_exec's INSERT privilege.

Canonical write path (per knowledge/dev/laws/dieu44-trien-khai/readme/ iu-create-gateway-readme.md, enforced 2026-05-06 via Pack 22-P3-P2 rev7):

fn_iu_create_plan(p_canonical_address, p_title, p_body, p_actor) -> jsonb  # dry-run
fn_iu_create     (p_canonical_address, p_title, p_body, p_actor,
                  p_unit_kind=NULL, p_section_type=NULL, p_owner_ref=NULL,
                  p_publication_type=NULL, p_parent_ref=NULL) -> jsonb       # SECURITY DEFINER
fn_iu_apply_edit_draft(p_draft_id, p_actor, p_review_note=NULL)  -> jsonb   # SECURITY DEFINER

These functions are SECURITY DEFINER → they bypass the gateway trigger (the trigger likely uses current_setting('iu.gateway.allow', true) or a session context flag to differentiate canonical-function-driven writes from direct ones; or — more likely — the SECURITY DEFINER function sets a session context that the trigger checks).

3. State at end of G7

DB connection             : closed (ephemeral, ended with the exception)
transaction               : ROLLED BACK (atomic; psycopg2.connection.rollback())
rows_persisted_on_IU      : 0 (zero new rows)
rows_persisted_on_UV      : 0 (zero new rows)
anchor_updates            : 0
public.information_unit row count : 98   (== pre-execution baseline)
public.unit_version    row count  : 105  (== pre-execution baseline)
ICX-CONST count           : 0    (G-CUT-ONCE still met — no rows ever born)
max(updated_at) on IU     : 2026-05-14 14:46:49+00  (UNCHANGED — confirms no
                                                     row touch)
max(created_at) on UV     : 2026-05-14 14:46:49+00  (UNCHANGED)
relacl                    : unchanged from end-of-G5 (GRANTs still in place;
                            REVOKE was NOT issued — see doc 6)
no DDL / DROP / TRUNCATE  : honored
source_document / source_document_version : NOT touched
Directus / vector / NoSQL : NOT touched

4. Disposition

G7 outcome           : R-2 ATOMIC ROLLBACK
gate_mapping_to_prompt_final_outcome :
  D. CUT_FAILED_ROLLED_BACK_OR_COMPENSATION_REQUIRED
  (failure type = rolled-back; NO compensation needed since no commit)
production_mutation_persisted : NONE
next_action          : STOP — write reports + route → GPT/User per prompt
                       "if any gate fails: STOP, upload BLOCKED/FAIL, no
                       improvisation"

doc 4 of 7.

Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.5-first-controlled-cut-production-execution-rerun/dot-iu-cutter-v0.5-04-cut-execution-log-2026-05-20.md