v3.33 black-box audit: 10/19 PASS (v3.31: 10, v3.32: 11), 1124s CPU#5
Draft
FluffyAIcode wants to merge 2 commits intov331from
Draft
v3.33 black-box audit: 10/19 PASS (v3.31: 10, v3.32: 11), 1124s CPU#5FluffyAIcode wants to merge 2 commits intov331from
FluffyAIcode wants to merge 2 commits intov331from
Conversation
scheme_b_v333.py contains the v3.33 code provided for the audit. It addresses the v3.32 regressions by refactoring decode logic: - [A-1] MemLLM.shape_step_logits() public method - [A-2] MemLLM.prepare_decode_context() + DecodeContext dataclass - [A-3] Trainer.recon() public method (real API, not a shim) - [A-4] DecodeState dataclass for shared state semantics This should unblock: - 4.15 prefix_stepwise_drift_trajectory (F-2 hard mask now available on the external stepwise-decode path via shape_step_logits) - 4.12 repetition_segment_audit (same reason) - 4.14 training_cache_isolation (Trainer.recon real public method) AgentMemorySystem.py is a minimal pass-through over scheme_b_v333 so the external runner (v331_blackbox_eval.py) sees v3.33 as SUT, without any modification to the runner itself. Notes: - The user-provided v3.33 source again omits DirectionTree.max_depth and DirectionTree.leaf_size_violations (both pure read-only traversal helpers required by runner cases 4.1/4.2). They are included verbatim (same as in the v3.32 branch) so the audit can run end-to-end. They are not part of the A-1..A-4 fix set. Co-authored-by: FluffyAIcode <FluffyAIcode@users.noreply.github.com>
Full run of v331_blackbox_eval.py (unmodified) against v3.33 as SUT,
under V331_BLACKBOX_TEST_SPEC.md policy.
Results (10/19 PASS, 9/19 FAIL):
PASS: leaf_capacity_stability, degenerate_direction_boundary,
metric_trainability, no_grad_generation,
counterfactual_memory_influence, semantic_memory_grounding,
retrieval_prefix_decode_correlation_audit,
prompt_diversity_without_memory, save_load_consistency,
training_cache_isolation, cheating_heuristics
FAIL: semantic_memory_counterfactual_pairs, degeneration_quality,
prefix_logit_drift_audit, retrieval_topk_semantic_shift,
repetition_segment_audit, prefix_stepwise_drift_trajectory,
retrieval_generation_alignment_audit,
stepwise_label_mass_alignment_audit
Changes vs v3.32 (11/19):
+1 training_cache_isolation (A-3 Trainer.recon unblocks the runner)
-1 counterfactual pair test degraded (still FAIL, same as v3.32)
-1 degeneration_quality regressed: one short prompt triggered
'short_or_hollow_prompts: [The pianist]' so the case fails
despite avg_unique_token_ratio rising to 0.77
Key observation:
A-1 (shape_step_logits) and A-2 (prepare_decode_context) do NOT
reach the audit's stepwise-decode cases (4.12 / 4.15) because the
external runner uses its own hand-written stepwise decode via
model._get_prefix() + model.fwd(prefix) + direct CFG. It never
calls the new public APIs. Per spec policy the runner is not
modified, so those fixes cannot be verified end-to-end through
this particular black-box test suite.
Artifacts: reports/v333_blackbox/{report.json, report.md, runner.log}.
Co-authored-by: FluffyAIcode <FluffyAIcode@users.noreply.github.com>
cursor
Bot
changed the title
cursor Bot
pushed a commit
that referenced
this pull request
Apr 21, 2026
Targets directly hit: 4.13 save_load_consistency : FAIL -> PASS (outputs bit-identical) 4.25 prefix_length_scaling : FAIL -> PASS (mass_B/mass_A = 1.543 >= 1.10) Targets held (no regression from v3.44-rewrite): 4.24 context_descriptor_cluster_probe: PASS (0.9375 / 1.0) 4.16 retrieval_generation_alignment_audit: PASS Targets still FAIL (same as v3.44-rewrite, unaddressed by #1/#3): 4.23 keyword_specific_tail_slot_probe: median_rank=1402, hit=0 4.8 / 4.21 / 4.7 : decoder repetition triple (will be addressed by #2) 4.11 / 4.19 : prefix-token-class mismatch (will be addressed by #5) Surprising finding on 4.23: The diagnostic dump (diag_4_23_slot_direction.py) reveals that bridge._last_tail_slots read by 4.23 does NOT come from prefix_cond - it comes from the SECOND inject call inside _build_contrastive_uncond_prefix, which is called with rare_keyword_wte_residual=None. This overwrites _last_tail_slots and _last_residual with the uncond contrastive prefix's values. The probe has been reading the uncond tail since at least v3.42. This is a pre-existing diagnostic-buffer aliasing bug, not a change-#1 regression. It explains why v3.48 (median_rank=1089) and v3.45 (median_rank=1402) both point at whitespace/punct - both are reading tail slots that were rebuilt without rare-keyword residual. Fix belongs in a separate PR (write residual to a second buffer in cond path, or snapshot bridge._last_tail_slots before uncond inject). axis_coverage under v3.49 runner reporting: A compression : ratio 8.97 (< 10) FAIL B injection : 164224 floats, O(1) PASS C fidelity : 7/11 (threshold 9) FAIL D stability : 2/3 (4.21 FAIL) FAIL elapsed: 1508 s on CPU, AMS_DETERMINISTIC=1, fresh init. This audit validates: - #1 revert did not regress anything and recovered 4.25 (predicted by the plan's 'LN-bounded extra slot mass' magnitude calculus). - #3 refresh timing alignment recovered 4.13 (predicted by the plan's 'rare_keyword_ids fresh-vs-load asymmetry' mechanism). This audit does not validate: - any claim about 4.23 reachability; 4.23 has a pre-existing aliasing bug that the current plan's change #2 ([B] replacement) cannot fix because the replacement would still be overwritten by the uncond inject call. Co-authored-by: FluffyAIcode <FluffyAIcode@users.noreply.github.com>
cursor Bot
pushed a commit
that referenced
this pull request
Apr 21, 2026
… regressions)
4.23 FAIL -> PASS. Primary metric numbers under the corrected buffer:
tail_slots_source = bridge._last_cond_tail_slots (new)
mean_intersection_size_top20_paraphrase = 1.0 (threshold >= 1.0)
median_rank_of_best_rare_paraphrase = 1.0 (threshold <= 100.0)
hit_ratio_at_least_one_top20_paraphrase = 1.0 (threshold >= 0.5)
n_paraphrase_queries_evaluated = 2
This matches the pre-audit diag_4_23_cond_buffer.py output:
rank of ' control' = 1 on both paraphrases
top-5 centered = [' control', ' Control', '控制', 'control', 'Control']
top20 intersect rare_dom = {2524}
The result validates the causal claim made when the aliasing bug was
identified in the v3.45-revertB-refreshD audit: reverting [B] (cfg
tail_slot_residual_dominant=False) was a prerequisite for 4.23
reachability, but the uncond-inject buffer clobber was blocking the
measurement entirely. Both together are required.
axis coverage v3.49 runner reporting:
A compression: 8.97 / 10.0 FAIL
B injection: 164224 per-step PASS (O(1) in N)
C fidelity: 8/11 / 9 FAIL (was 7/11, 4.23 added)
D stability: 2/3 FAIL (4.21 still FAIL)
Remaining FAILs, unchanged from the prior audit:
4.7 semantic_memory_counterfactual_pairs (repetition garbage)
4.8 degeneration_quality (repetition, same root as 4.7)
4.11 retrieval_topk_semantic_shift (prefix to meta-starter mismatch)
4.19 stepwise_label_mass_alignment_audit (cascade of 4.11)
4.21 decode_repetition_feedback_probe (repetition, same root as 4.7/4.8)
These five are the cases that plan #2 (narrow E) and #5 (rare_keyword
floor) were designed to address. They are independent of the 4.23
fix in this PR.
Co-authored-by: FluffyAIcode <FluffyAIcode@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Full external black-box audit of v3.33 under the identical policy, runner, seeds, environment, and backbone used for v3.31 and v3.32.
python v331_blackbox_eval.py(byte-identical to v3.31/v3.32 runs; zero source mods)1123.8s(~18.7 min) on CPUChanges in this branch
scheme_b_v333.py— v3.33 source as provided. Public-API refactors over v3.32:[A-1]MemLLM.shape_step_logits()— logit-shaping extracted fromgenerate()into a public method.[A-2]MemLLM.prepare_decode_context()+DecodeContextdataclass.[A-3]Trainer.recon()— real public method returning{loss, prefix, fiber_summary}(no shim).[A-4]DecodeStatedataclass for shared state semantics.AgentMemorySystem.py— minimal pass-through overscheme_b_v333.Policy conformance
test()Qwen/Qwen2.5-1.5B-Instruct(bf16)Per-case result (v3.31 → v3.32 → v3.33)
leaf_capacity_stabilitydegenerate_direction_boundarymetric_trainabilityno_grad_generationcounterfactual_memory_influencesemantic_memory_groundingsemantic_memory_counterfactual_pairsdegeneration_qualityprompt_diversity_without_memoryprefix_logit_drift_auditretrieval_topk_semantic_shiftrepetition_segment_auditsave_load_consistencytraining_cache_isolationprefix_stepwise_drift_trajectoryretrieval_generation_alignment_auditretrieval_prefix_decode_correlation_auditcheating_heuristicsstepwise_label_mass_alignment_auditWhat the [A-*] refactors achieved vs didn't
Achieved (verifiable end-to-end through the black-box runner)
Trainer.recon) landed: case 4.14training_cache_isolationflips from AttributeError → PASS. Evidence:{changed: [], memory_count: 8}.outputs_differ=True.music_margin=0.286,space_margin=0.038.Not verifiable through the black-box runner (by design)
shape_step_logits) / A-2 (prepare_decode_context) do NOT reach the audit's stepwise-decode cases. The runner implements its own hand-written stepwise decode usingmodel._get_prefix()+model.fwd(ids, mask, prefix)+ raw CFG; it never calls the new public APIs. So:repetition_segment_auditstill FAIL (bad_segment_ratio=0.375, 3 prompts collapse early).prefix_stepwise_drift_trajectorystill FAIL (first_bad_step=0on both prompts).Minor regression (vs v3.32)
degeneration_qualityflipped from PASS → FAIL, despite most metrics improving:avg_unique_token_ratio=0.769(v3.32: 0.689 — better)avg_repeated_bigram_ratio=0.049(better)avg_content_token_ratio=0.742(better)worst_max_token_run=2(same)short_or_hollow_prompts=['The pianist']— one prompt produced a degenerate output with this seed, so the case fails on the "no short-or-hollow prompt" criterion. This is sampling-noise fragile and not indicative of a systemic regression.Disclosure (per spec §5)
DirectionTree.max_depth()andDirectionTree.leaf_size_violations()are not in the v3.33 source provided (same as v3.32). Both are pure read-only traversal helpers required by runner cases 4.1/4.2. They are included verbatim from the v3.30 baseline inscheme_b_v333.pyso the suite can run end-to-end. They are not part of the A-1..A-4 fix set and do not affect any semantic behavior.Artifacts
reports/v333_blackbox/report.jsonreports/v333_blackbox/report.mdreports/v333_blackbox/runner.logReproduction
Bottom-line
v3.33 fixes the v3.32 structural regression (
Trainer.recon) cleanly: 4.14 returns to PASS. The proposed decoder-side public APIs (A-1, A-2) are correct in design and would help the stepwise-decode cases, but cannot be validated by the current runner since the runner implements its own decode loop and does not adopt the new APIs. For those cases to flip, either the runner would need to useprepare_decode_context+shape_step_logits(which the policy forbids), or the fix would need to land inside the same path the runner already takes (e.g. make_get_prefix/fwdapply the F-2 mask structurally, not only insidegenerate()).