Audit fixes: C-shim NaN guards, checker stray-end-if gate, doc corrections#45
Draft
SethMorrowSoftware wants to merge 1 commit into
Draft
Audit fixes: C-shim NaN guards, checker stray-end-if gate, doc corrections#45SethMorrowSoftware wants to merge 1 commit into
SethMorrowSoftware wants to merge 1 commit into
Conversation
…tions From a full multi-agent audit of the project. No Kit/example source changed, so embedded copies stay in sync; the ABI is unchanged (the guards are behavior-preserving for valid input, so no LC_ABI_VERSION bump). C shim (src/box2d_lc.c): reject NaN/Inf/negative on chain points, chain friction/restitution (create + setters), and the query/raycast radius + endpoints -- matching the finite() discipline the shape paths already use. Build stays warning-clean and all smoke assertions pass. Static checker (tools/check-livecodescript.py): flag a stray/extra 'end if' (more closes than block-if opens). Verified no regression on all 7 .livecodescript files; valid hybrid/nested if-chains stay clean. Docs/comments: b2Version() returns 4 not 3 (kit-guide); the self-test harness is v18 with 177 assertions and the Kit is 300+ handlers (CLAUDE.md, expansion-prep); correct the [f]-vs-command call-style guidance and a paren typo (kit-guide); de-stale the "ABI 3" prose (api-reference, architecture, box2dxt.lcb). Soften gotcha 11 to match the in-use OXT build (a nested local compiles; the checker deliberately does not flag it). https://claude.ai/code/session_01WoWN59TxvPRFSxYXDJ6srV
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
Output of a full multi-agent audit of the whole project (11 parallel Opus agents across the C shim, LCB binding, the Kit, the 6 example stacks, tooling/CI, docs, and assets/security). The audit found zero Critical issues — the foundation layers and cross-layer seams are essentially flawless (370↔370 C↔LCB binding bijection, 6/6 embedded-Kit copies byte-identical, warning-clean C build, 55/55 smoke tests, no secrets, no missing assets). This PR lands the low-risk, agreed-upon fixes.
No Kit/example source changed, so the embedded copies stay in sync. The C guards are behavior-preserving for valid input, so the ABI is unchanged (no
LC_ABI_VERSIONbump).Changes
C shim (
src/box2d_lc.c) — close a NaN/Inf-guard inconsistency flagged by two independent agents. The shape-level paths already reject non-finite/negative input; the chain and query paths did not. Now guarded:b2lc_chain_add_point(NaN/Inf points poison the broadphase AABB)b2lc_chain_createfriction/restitution +b2lc_chain_set_friction/set_restitutionb2lc_query_overlap_circle/overlap_shape/shapecastradius (+ shapecastdx,dy)b2lc_cast_ray_closest/query_raycast_all/shape_raycastendpointsBuild stays warning-clean; all smoke assertions pass.
Static checker (
tools/check-livecodescript.py) — close a gate blind spot: a stray/extraend if(more closes than block-ifopens) now fails the gate. Verified no regression on all 7.livecodescriptfiles, and that valid hybridif/else-if/end ifand nested patterns stay clean.Docs & comments — factual corrections found by the docs/cross-layer agents:
kit-guide.md:b2Version()returns 4, not 3 (a correct library was being described as wrong); fix the[f]-vs-command call-style guidance (the spawn/joint commands are called as statements withthe result, not function-called — per CLAUDE.md gotcha 7); fix a paren typo; complete theb2kPlayerAnimsindex.CLAUDE.md/expansion-prep.md: self-test harness is v18 / 177 assertions (was "v12/~125"); the Kit is 300+ handlers (was "260+").api-reference.md/architecture.md/box2dxt.lcb: de-stale the "as of ABI 3" prose (current ABI is 4).localcompiles in practice (several ship in the contraption builder/demo), so it's documented as house-style rather than a hard compiler rule, and the checker deliberately does not flag it.Verification
cmake --buildwarning-clean;ctest100% passpython3 tools/check-livecodescript.py— all gates pass, embedded Kit in syncsrc/box2dxt-kit.livecodescriptorexamples/changes → embedded copies unaffectedNot included (audit findings deferred for your call)
Higher-effort / additive items the audit surfaced but this PR does not touch: Kit sprite-clock vs sim-clock determinism under hand-step; expanding smoke-test + self-test coverage (notably the force/impulse/torque/explode conversion API); pinning CI action SHAs and running
make-release.py --checkin CI; ~22 unused spritesheets; and the missingCONTRIBUTING.md(referenced byCLAUDE.mdand.gitignore). Happy to follow up on any of these.https://claude.ai/code/session_01WoWN59TxvPRFSxYXDJ6srV
Generated by Claude Code