Incomex AI Portal
KB-486E rev 2

FIX7 Recheck-9 Packet V2 — strict 10-gate rerun script (R9-B3)

9 min read Revision 2

#!/usr/bin/env bash

============================================================================

FIX7 Canonicalizer — Codex Recheck-9 reproducible rerun, PACKET V3 (R9-B6).

STRICT MODE: set -euo pipefail + ERR trap. EVERY command's exit status is

enforced — any nonzero exit, any diff/cmp mismatch, any hash mismatch, any

unexpected pass of an expected-fail test ABORTS before the final PASS line.

"RERUN_RESULT: PASS" is printed ONLY after every gate below ran and

succeeded in THIS invocation (no pinned log or prose literal is trusted).

V3 (R9-B6): negative CLI behavior is EXECUTED LIVE, never inferred.

- gate 6 runs the ACTUAL canonicalizer CLI as an OS process on four

corrupted corpora and asserts the OBSERVED $? == 4 plus stdout markers

and zero aggregate-digest leakage (SUT black-box, process level);

- gate 7 runs the black-box negative suite (runpy harness: observed

exits for SUT and manifest-tool CLIs vs the static spec oracle);

- gate 8 replays the Codex V2 fail-open attack on a temp copy and FAILS

unless emit/verify/blackbox all reject the mutated SUT (no manifest

laundering: --emit refuses to publish behavior that violates the oracle);

- gate 11 rejects any 'cli_exit_contract' (inferred evidence) in

manifest.json and requires observed-CLI fields to be present.

Gates (all re-executed live):

0 packet completeness (required files + HASH_MANIFEST bidirectional)

1 HASH_MANIFEST cross-tool re-hash (shasum -a 256 -c)

2 materialize .py from SSOT .md -> byte-identical to pinned + extended

3 SSOT selftest (45/45) -> byte-diff vs pinned expected output

4 extended-reference selftest -> byte-diff vs pinned expected output

5 production --produce over the 10 docs -> byte-diff vs pinned expected

output (exit code enforced by strict mode)

6 BLACK-BOX negative CLI checks at OS-process level (observed exit 4 x4)

7 black-box negative suite (SUT + verifier CLIs vs static oracle)

8 fail-open regression (Codex V2 attack must be caught before any PASS)

9 cross-tool frozen-membership check (python hashlib AND shasum agree)

10 forbidden-scope scan (0 hits or abort)

11 manifest verification: ENTIRE authority recomputed fail-closed,

including REAL CLI executions; inferred-evidence fields rejected

12 Codex-adversarial suite: every tamper class must be CAUGHT

SAFE/OFFLINE: stdlib python3 + shasum/diff/cmp/grep only; reads packet

files; writes ONLY ./rerun-out/ and OS temp dirs; no network/DB/production.

============================================================================

set -euo pipefail trap 'echo "RERUN_RESULT: FAIL (command failed at line $LINENO)"; exit 1' ERR cd "$(dirname "$0")" export PYTHONDONTWRITEBYTECODE=1 rm -rf rerun-out && mkdir -p rerun-out

echo "### 0. packet completeness (required files + HASH_MANIFEST coverage, python)" python3 manifest_tool.py --complete

echo "### 1. HASH_MANIFEST cross-tool re-hash (shasum)" shasum -a 256 -c HASH_MANIFEST.txt > rerun-out/hashcheck.log echo "shasum -c: all $(wc -l < rerun-out/hashcheck.log | tr -d ' ') entries OK"

echo "### 2. materialize the .py from the SSOT .md and assert ONE canonical identity" ( cd evidence && python3 materialize_canonicalizer.py canonicalizer-fix7-canon-v1-ssot.md ../rerun-out/materialized.py ) cmp rerun-out/materialized.py evidence/canonicalizer-fix7-canon-v1-ssot.py cmp rerun-out/materialized.py evidence/fix7_canon_v1_ssot_extended.py echo "materialized == pinned .py == extended reference (byte-identical)"

echo "### 3. SSOT selftest (expect 45/45 PASS, exit 0, byte-identical to pinned expected output)" python3 evidence/canonicalizer-fix7-canon-v1-ssot.py --selftest > rerun-out/selftest.log diff rerun-out/selftest.log evidence/selftest-expected-output.txt echo "selftest output == pinned expected output"

echo "### 4. extended-reference selftest (same canonical identity, same output)" python3 evidence/fix7_canon_v1_ssot_extended.py --selftest > rerun-out/ext-selftest.log diff rerun-out/ext-selftest.log evidence/selftest-expected-output.txt echo "extended selftest output == pinned expected output"

echo "### 5. production --produce over the 10 docs (fail-closed; exit enforced)" python3 evidence/canonicalizer-fix7-canon-v1-ssot.py --produce docs evidence/canonicalizer-fix7-canon-v1-ssot.md > rerun-out/produce.log diff rerun-out/produce.log evidence/produce-expected-output.txt echo "produce output == pinned expected output (corpus_ok + membership_frozen_ok)"

echo "### 6. BLACK-BOX negative CLI checks — ACTUAL OS-process exits (R9-B6.2/B6.5)" NEGTMP=$(mktemp -d) cp -R docs "$NEGTMP/missing" && rm "$NEGTMP/missing/05-rollback-blueprint.md" cp -R docs "$NEGTMP/extra" && printf '<!-- DOC_STATUS: ACTIVE_AUTHORITY -->\nx\n' > "$NEGTMP/extra/99-extra-doc.md" cp -R docs "$NEGTMP/invalid" && printf '<!-- DOC_STATUS: ACTIVE_AUTHORITY -->\n<!-- SUPERSEDED_NON_AUTHORITY BEGIN -->\nbroken\n' > "$NEGTMP/invalid/03-gap-classification.md" for CASE in missing extra invalid absentdir; do if [ "$CASE" = "absentdir" ]; then D="$NEGTMP/does-not-exist"; else D="$NEGTMP/$CASE"; fi RC=0 python3 evidence/canonicalizer-fix7-canon-v1-ssot.py --produce "$D" evidence/canonicalizer-fix7-canon-v1-ssot.md > "rerun-out/neg-$CASE.log" 2>&1 || RC=$? if [ "$RC" -ne 4 ]; then echo "NEGATIVE CLI CASE '$CASE': OBSERVED exit $RC != 4 (oracle) — FAIL-OPEN" echo "RERUN_RESULT: FAIL (black-box negative CLI gate)"; exit 1 fi grep -q "ALL CANDIDATE DIGESTS SUPPRESSED" "rerun-out/neg-$CASE.log" grep -q "corpus_ok: False" "rerun-out/neg-$CASE.log" grep -q "membership_frozen_ok: False" "rerun-out/neg-$CASE.log" if grep -E "^(membership_sha256|active_corpus_sha256|marker_fence_registry_sha256|superseded_boundary_sha256|guard_set_sha256|canonicalizer_sha256_cand|envelope_manifest_sha256|detached_seal_sha256) *: *[0-9a-f]{64}" "rerun-out/neg-$CASE.log" >/dev/null; then echo "NEGATIVE CLI CASE '$CASE': aggregate candidate digest LEAKED under corpus_not_ok" echo "RERUN_RESULT: FAIL (black-box negative CLI gate)"; exit 1 fi echo "negative CLI case '$CASE': OBSERVED exit 4 + suppression markers + zero digest leak" done rm -rf "$NEGTMP"

echo "### 7. black-box negative suite (observed CLI exits vs static oracle; live)" python3 blackbox_negative_suite.py > rerun-out/blackbox-negative-suite.log tail -1 rerun-out/blackbox-negative-suite.log grep -q "BLACKBOX_NEGATIVE_SUITE: PASS" rerun-out/blackbox-negative-suite.log

echo "### 8. fail-open regression — the Codex V2 attack must be caught (live)" python3 failopen_regression.py > rerun-out/failopen-regression.log tail -1 rerun-out/failopen-regression.log grep -q "FAILOPEN_REGRESSION: PASS" rerun-out/failopen-regression.log

echo "### 9. cross-tool frozen-membership check (hashlib AND shasum)" python3 - <<'PY' import hashlib P='knowledge/dev/reports/architecture/t1-fix7-existing-system-refactor-execution-blueprint-2026-06-08/' D=sorted(P+d for d in ['00-readme-first.md','01-live-existing-system-inventory.md','02-design-to-live-mapping.md', '03-gap-classification.md','04-dependency-safe-construction-order.md','05-rollback-blueprint.md', '06-test-guard-blueprint.md','07-implementation-package-split.md','08-hard-blocks-do-not-touch-list.md', '12-final-verdict.md']) blob=b'FIX7_ACTIVE_AUTHORITY_MEMBERSHIP_V1\n'+b''.join((i+chr(10)).encode() for i in D) open('rerun-out/membership_input.bin','wb').write(blob) h=hashlib.sha256(blob).hexdigest() assert h=='f2bda8effc7be19b54722828126b82d7d2d48bee5e5e5dc0c8f347ce210fe251', h print('hashlib membership:', h) PY shasum -a 256 rerun-out/membership_input.bin | grep -q '^f2bda8effc7be19b54722828126b82d7d2d48bee5e5e5dc0c8f347ce210fe251 ' echo "shasum membership == hashlib membership == frozen pin f2bda8...fe251"

echo "### 10. forbidden-scope scan (0 hits or abort)" python3 manifest_tool.py --scan

echo "### 11. FAIL-CLOSED manifest verification (ENTIRE authority recomputed, incl." echo "### REAL CLI executions vs static oracle; inferred evidence rejected)" python3 manifest_tool.py --verify | tee rerun-out/manifest-verify.log grep -q "MANIFEST_VERIFY: OK" rerun-out/manifest-verify.log if grep -q "cli_exit_contract" manifest.json; then echo "manifest.json carries an inferred 'cli_exit_contract' field — inferred negative evidence is forbidden (R9-B6)" echo "RERUN_RESULT: FAIL (inferred-evidence field rejected)"; exit 1 fi grep -q '"cli_exit_observed"' manifest.json grep -q '"EXECUTED_CLI_BLACKBOX"' manifest.json

echo "### 12. Codex-adversarial selfcheck suite (every tamper must be caught)" python3 adversarial_suite.py > rerun-out/adversarial-suite.log tail -1 rerun-out/adversarial-suite.log grep -q "ADVERSARIAL_SUITE: PASS" rerun-out/adversarial-suite.log

echo "RERUN_RESULT: PASS (all 13 gates re-executed and enforced in this invocation)"