Goal
Add fuzz and property-based testing for WorkIt's core runtime invariants after the current 0.1.2 release hardening work is complete.
Candidate invariants
- cancellation is idempotent
- cancelled scopes do not admit new owned children
- sibling failure cancels owned siblings under fail-fast policy
- retries stop after cancellation
- timeout reasons remain typed and observable
run.race losers receive race_lost- pool concurrency never exceeds the configured cap
- stream backpressure does not over-pull beyond the asserted bound
Discipline
- use public runtime paths, not private helper-only paths
- keep generators bounded and self-terminating
- run in CI only if deterministic enough for normal pull requests
- map any promoted proof to
evidence/claims.json
Goal
Add fuzz and property-based testing for WorkIt's core runtime invariants after the current 0.1.2 release hardening work is complete.
Candidate invariants
run.racelosers receiverace_lostDiscipline
evidence/claims.json