메뉴
Audit the adaptive window hill-climber and region-resize logic for implementation defects (not algorithm quality)
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
JSR-107 (JCache) spec-conformance audit
Audit explicit state machines (drain status, node lifecycle, async-value lifecycle) for illegal or missed transitions
Heavyweight history-mining bug audit. Walks the caffeine module's git history chronologically (oldest to HEAD), maintains a forward-tracked issue database, and surfaces concerns introduced by past commits that were never resolved. Catches bugs that snapshot mining cannot — half-fixes invisible from current state, latent+trigger pairs across multi-commit interactions, and partial refactors. Slow (model/effort-dependent; ~24h on Opus + max effort) and rare-run (every several months or before a major release).
Differential audit comparing matched code paths that should behave identically. Spawns one auditor per sibling pair (sync/async, bounded/unbounded, view consistency, bulk vs single, generated node variants, read fast vs slow, adapter conformance) and requires a concrete witness scenario where the two paths diverge observably.
Find places where documented API contracts and the implementation diverge
Audit exception safety and failure atomicity across all throw sites
| name | audit-adaptivity |
| description | Audit the adaptive window hill-climber and region-resize logic for implementation defects (not algorithm quality) |
| context | fork |
| agent | auditor |
| disable-model-invocation | true |
Audit the adaptive W-TinyLFU control loop and the admission-window / main-region
resize logic for IMPLEMENTATION defects. This is the one eviction subsystem not in
/audit-subsystem-safety's scope, and its small-cache path was recently reworked
(SMALL_CACHE_THRESHOLD / SMALL_CACHE_SAMPLE_RATIO_CAP), so it has elevated
bug density.
The adaptation policy itself is at its tuned frontier. Out of scope: convergence rate, hit-rate, oscillation-as-a-design-tradeoff, and the choice of the tuning constants. Do NOT report "the climber could converge faster / oscillates / constant X should be Y." Report only defects: arithmetic that yields a wrong value, a sign error, a state that violates a structural invariant, a race, a NaN, or an overflow.
climb, determineAdjustment — the feedback step (hit-rate delta → step → adjustment)increaseWindow, decreaseWindow, demoteFromMainProtected — region transfersetMaximumSize — initial window/main split and the SMALL_CACHE_THRESHOLD step-sign flipevictFromWindow / evictFromMain — they consume the region maxima the climber setsFields/constants: windowMaximum, mainProtectedMaximum, windowWeightedSize,
mainProtectedWeightedSize, stepSize, adjustment, hitsInSample,
missesInSample, previousSampleHitRate; HILL_CLIMBER_STEP_PERCENT,
HILL_CLIMBER_STEP_DECAY_RATE, HILL_CLIMBER_RESTART_THRESHOLD,
HILL_CLIMBER_MIN_INITIAL_STEP, SMALL_CACHE_THRESHOLD,
SMALL_CACHE_SAMPLE_RATIO_CAP, QUEUE_TRANSFER_THRESHOLD.
windowMaximum + mainMaximum (probation + protected)
must equal maximum() after every climb and every resize. Can any single transfer,
or a sequence capped by QUEUE_TRANSFER_THRESHOLD, drift the sum?windowMaximum or mainProtectedMaximum go negative
— a quota larger than the donor region, or repeated decreaseWindow at the floor?increaseWindow/decreaseWindow the quota is decremented
per transferred node by policyWeight. With weighted entries, can quota underflow,
skip/over-run the loop, or transfer the wrong count? Does the
QUEUE_TRANSFER_THRESHOLD cap leave the regions half-adjusted such that the next
climb mis-reads them?determineAdjustment math:
requestCount = hits + misses; the early return guards requestCount < effectiveSampleSize. Is the hitRate division ever reachable with
requestCount == 0?effectiveSampleSize = (long)(sampleSize * ratio), where
ratio = clamp(initialStep / magnitude). Can initialStep be 0 (maximum 0 or
tiny) making magnitude 0 → division by zero? Can the (long) cast truncate
ratio so it defeats the intended sample-period growth?nextStepSize uses Math.copySign(max(...), amount). For amount == 0.0 / -0.0,
does copySign choose the intended direction? Can stepSize become NaN or 0 and
permanently stall adaptation (a stuck-window bug, distinct from slow convergence)?setMaximumSize at boundaries: the step-sign flip at max <= SMALL_CACHE_THRESHOLD
plus a runtime maximum change via Policy.eviction().setMaximum — when maximum
crosses SMALL_CACHE_THRESHOLD in either direction, do the window/main split, the
stepSize sign, and the sample state stay mutually consistent?adjustment consumption: climb calls determineAdjustment then
increaseWindow/decreaseWindow off adjustment(). When determineAdjustment
early-returns (uninitialized sketch, sub-sample request count), can a stale
adjustment from a prior cycle be re-applied?For each defect: give concrete maximum/weight/access values, trace the arithmetic
step by step, show the resulting invariant violation or wrong region size, and a
Verification (a BoundedLocalCacheTest white-box method plus the required -P flags).
Everything here runs under evictionLock (single-writer), so most findings will be
arithmetic / state-corruption, not races — but explicitly check whether any
climber-written field (adjustment, stepSize, the region maxima) is also read
off-lock by a concurrent reader before concluding "single-writer, cannot race."