CHECKPOINT — Birth Explosion Containment / Policy Enforcement / RP Object Hygiene Fix

Date: 2026-06-05 Final status: PARTIAL → BIRTH_EXPLOSION_CONTAINED_AND_POLICY_ENFORCEMENT_APPLIED_WITH_RP_OBJECT_HYGIENE_GUARDS Execution mode: EXECUTION — live mutation YES (3 production fixes B/C/D applied; all reversible; birth-neutral before==after 1,210,724) Supersedes (continues): checkpoint-birth-registry-object-explosion-log-vs-managed-object-audit-2026-06-05 (Codex read-only root-cause SSOT)

Codex finding verification — CONFIRMED, NOT contradicted

Live at 10:28 UTC: this_hour (since 10:00 UTC) = 5,195 births, matching Codex's +5,195 exactly. Sources in the 10:00 run: entity_labels, system_issues, registry_changelog, knowledge_documents. Total stable at 1,210,704→1,210,724 (drift = report uploads, not a new spike). Root chain reverified live end-to-end:

• Schedule: cron 0 */3 * * * in server-local CEST (UTC+2) → fires 12:00 CEST = 10:00 UTC; next 15:00 CEST = 13:00 UTC.
• dot-hc-executor → check H11a (detect_and_fix, auto_fix_action=heal_description_basic, is_active) → autofix_heal_description_basic sets description='' expecting a birth-guard regen; for system_issues rows it never regenerates → NT9 anti-loop logs a NEW NULL-description system_issues row (self-amplifying recursion) + inserts entity_labels PROV-DOT auto-labels (the 4,043) → Directus changelog → fn_birth_registry_auto() births.
• fn_log_issue did a blind INSERT every call; executor header (lines 66-68) specified "Case A: no row same key" idempotency that the function never implemented. 24h: 8,154 issue rows / 1,015 distinct semantic keys; coalesce_key/violation_hash 100% NULL.
• fn_birth_registry_auto() never consulted birth policy (collection_registry.coverage_status).

Spike continued? NO active runaway

The 10:00 run COMPLETED at 10:01:32; no births after except report uploads. v_birth_explosion_active_runaway_gate = NO_ACTIVE_RUNAWAY. State at session = SCHEDULED RISK (next 13:00 UTC) — now contained.

H11a containment status — APPLIED

UPDATE system_health_checks SET check_kind='detect_only', auto_fix_action=NULL WHERE code='H11a' (config row, reversible). v_h11a_containment_status = CONTAINED. Heal/anti-loop/auto-label cascade cannot run on the 13:00 cycle. Executor itself NOT stopped; other checks unaffected.

System issue idempotency status — APPLIED & PROVEN

fn_log_issue rewritten (same signature): Case A insert (first occurrence sets coalesce_key, occurrence_count=1) / Case B coalesce (UPDATE last_seen_at + occurrence_count++, no new row → no birth). Rehearsed live BEGIN..ROLLBACK: 3 identical calls → same id (227319), 1 row, occurrence_count=3; first occurrence birthed once, repeats birthed zero. Optional partial unique index on coalesce_key STAGED.

Birth gateway policy status — APPLIED & PROVEN (BIRTH_EXEMPT subset)

fn_birth_registry_auto() now returns NEW early when collection_registry.coverage_status LIKE 'BIRTH_EXEMPT%' (fail-closed; REQUIRED/DEFERRED/unknown unchanged). Rehearsed live: insert into entity_labels (EXEMPT) → 0 births (before==after); required path byte-identical. DEFERRED (50) enforcement STAGED pending owner review.

Trigger-policy contradictions — reconciled into action plan (STAGED, not applied)

Live recount: 29 EXEMPT-but-trigger-active (+50 DEFERRED-but-trigger-active = 79 ≈ Codex's 78), 5 REQUIRED-but-no-trigger, 18 tables with duplicate triggers (both birth_trigger_* and trg_birth_*), 0 on unregistered tables. Gateway D already neutralizes the 29 exempt (births skipped); trigger DROPs are CLEANUP, staged in STAGED_E_trigger_reconciliation_DO_NOT_APPLY.sql (requires TG_ARGV-parity preflight). Views: v_birth_trigger_policy_contradictions_v2, v_birth_trigger_reconciliation_plan (owner+severity+action each), v_birth_trigger_reconciliation_no_go_guard.

Historical classification — preserved, classified (NO rows deleted)

v_birth_historical_classification over 1,210,724 raw births:

class	births
invalid_exempt_birth	974,243
managed_but_duplicate_noise (system_issues)	224,053
valid_provenance_document (knowledge_documents)	6,582
valid_managed_object	2,926
deferred_unclassified	2,920

RP object hygiene status — contract ready

v_rp_object_hygiene_contract: raw 1,210,724; managed_object_count = 2,926; provenance 6,582; noise (log+duplicate) 1,198,296 = 98.97%. v_rp_clean_managed_object_count_current (clean governed total 9,508), v_rp_birth_pollution_warning_surface. RP must NOT use raw births as managed-object truth.

Monitoring/watch status — ready

v_birth_operational_watch_dashboard, v_birth_spike_alert_guard (last_10m>200=SPIKE_ALERT), v_birth_exempt_trigger_guard, v_birth_duplicate_issue_guard. At session: spike=ELEVATED + dup=ALERT (residue of the 10:00 run inside the 1h/24h windows; expected to clear post-containment), h11a=CONTAINED.

Production verification cycle

v_birth_fix_verification_status = guards pass, scheduled_verification PENDING_13:00_UTC_CYCLE. Acceptance (v_birth_next_cycle_acceptance_criteria): next 13:00 cycle → 0 heal-driven entity_labels births, 0 anti-loop system_issues births, 0 exempt births, repeated detect findings coalesce (no new rows).

Emergency decision

NO emergency action. No active runaway; narrowest containment (H11a config + 2 fail-closed function replacements) sufficient. Executor NOT stopped, no triggers disabled, no rows deleted.

Safety audit — PASS

Birth before==after across ALL DDL (1,210,724, verified at every step). No historical row deletion. No global trigger disable. No source IU edit. No owner/vote/RP/REALRUN/event mutation. trigger_guard_alerts untouched. Rollback staged (99_rollback.sql) restoring B/C/D + dropping views. Rehearsals passed before apply.

Next macro

v_birth_explosion_next_macro_router_v2 = BIRTH_TRIGGER_RECONCILIATION_MIGRATION (apply staged E after 13:00-cycle verification, then RP_OBJECT_HYGIENE_UI_UPDATE_AND_FINAL_ACCEPTANCE).

Exact blocker

No engineering blocker for applied fixes. Remaining = (1) verify 13:00 UTC cycle produces zero new births for unchanged findings; (2) owner/operator authority to apply staged E trigger DROPs + DEFERRED reclassification; (3) RP UI repoint to clean managed-object count.

Artifacts

• SQL (applied + staged + rollback): /opt/incomex/docs/mcp-writes/birth-fix-2026-06-05/ — patch_C_fn_log_issue_idempotency.sql, patch_D_birth_gateway_policy.sql, views_birth_containment_stack.sql, STAGED_E_trigger_reconciliation_DO_NOT_APPLY.sql, 99_rollback.sql.
• Report dir: knowledge/dev/reports/architecture/birth-explosion-containment-policy-object-hygiene-fix-2026-06-05/00..13.