Implement the following plan:
bin/plumb/main.ml SwitchoverSteps 0–4 and 5a of PLMB-037 are complete and merged to main.
The fabric runs inline morphisms and agent subprocesses end-to-end
over ZMQ. The plumb binary still uses Exec.execute (pipe-based,
thread-based). This step switches it to use Fabric.execute +
Bridge.make_handler.
The binary goes from being "the executor" to being "the I/O adapter for the fabric" — a thin shell that reads stdin, pushes to ZMQ boundary sockets, pulls from ZMQ output sockets, and writes to stdout.
| File | Change |
|---|---|
bin/plumb/main.ml |
Rewrite to use Fabric + Bridge instead of Exec |
bin/plumb/dune |
Add fabric, spawn_lib, eio_main, eio.unix deps |
lib/fabric/bridge.ml |
Expand make_handler to accept tool dispatch params |
lib/fabric/bridge.ml |
Fix: MCP temp file cleanup, fork in run_in_systhread |
Reviews identified two blockers and several medium issues. All are addressed in this plan.
Sys.catch_break true installs an async signal handler that raises
Sys.Break at arbitrary allocation points. Inside Eio_main.run,
this can fire in Eio scheduler internals and skip cleanup
(fabric.cancel(), Fabric.shutdown, IPC file cleanup).
Fix: Remove Sys.catch_break true. Instead, set a SIGINT
handler before Eio_main.run that sets a shared Atomic.t flag.
The reader loop checks this flag (or catches the exception if it
propagates). On SIGINT, call fabric.cancel() to trigger orderly
shutdown.
Concretely: use Sys.set_signal Sys.sigint (Signal_handle ...).
The handler sets an atomic flag and calls fabric.cancel() (which
is safe to call from a signal handler — it just iterates a hashtable
and closes ZMQ sockets via C FFI). The reader loop's T.recv will
fail with Transport_error once the socket is closed, causing the
switch to exit. Entry.main catches Sys.Break at line 73 for
exit code 130 — we raise Sys.Break after shutdown to preserve
this.
run_in_systhread(input_line) not cancellableThe bridge demux runs Eio_unix.run_in_systhread (fun () ->
input_line ic). This blocks in a thread pool thread until the
child writes to stdout. fabric.cancel() closes ZMQ sockets but
not child stdout pipes. The switch cannot exit while a
run_in_systhread is outstanding.
Fix: The bridge demux already handles this correctly in practice
— when the child process exits (from receiving EOF on stdin via the
mux path), its stdout pipe closes, and input_line raises
End_of_file. The key ordering: stdin writer sends EOF sentinel →
bridge mux writes __eof to child stdin → child processes and
exits → child stdout closes → demux input_line gets EOF →
demux sends EOF sentinels on output sockets → demux reaps child.
For the SIGINT path: fabric.cancel() closes ZMQ sockets. The mux
fibres' T.recv calls fail → mux fibres exit → mux_source_done
→ child stdin closes → child gets EOF → child exits → stdout
closes → demux unblocks. This chain works but may take a few
seconds. If the child hangs, waitpid_timed sends SIGTERM after
the timeout.
No code change needed — the existing ordering is correct. But the
plumb binary's shutdown must not call Fabric.shutdown inside the
switch scope (the Unix.sleepf 1.5 would block the scheduler).
Call it after the switch exits.
Fork under Eio (M1): spawn_subprocess calls Unix.fork()
from an Eio fibre. Wrap the spawn call in run_in_systhread in
bridge.ml to avoid scheduler state corruption.
Tool dispatch thread not joined (M2): Bridge creates a dispatch
thread (Thread.create) that is never joined. Track it and join
in the demux cleanup block.
MCP temp file leak (M3): Bridge writes MCP tool schemas to a temp file but only cleans up the spec file. Add cleanup for the MCP file.
Tool dispatch boundary (M4): The bridge's tool_dispatch type
takes only req_fd, resp_fd, agent_name. But
Tool_dispatch.tool_dispatch_loop needs search_path, tool_env,
on_oitl_request, call_pipeline, base_dir, etc. Two options:
make_handler to accept ~search_path,
~tool_env, ~on_oitl_request, ~base_dir. The bridge
constructs the full dispatch loop internally. Cleaner boundary.tool_dispatch_fn as-is — the caller captures
everything except fds and agent name in a closure.Decision: (A). The bridge already resolves tool bindings and MCP
connections per-agent. Adding search_path, tool_env,
on_oitl_request, and base_dir lets it construct the complete
dispatch loop. The tool_dispatch_fn parameter is removed.
For call_pipeline: stub with an error for now. Recursive pipeline
invocation through the fabric is a separate concern.
Entry.main → load_main → validate → compile routing table
→ Eio_main.run → Eio.Switch.run
→ Install SIGINT handler (sets flag, calls fabric.cancel)
→ Build Bridge.make_handler (prog, type_env, search_path,
tool_env, on_oitl_request, bin_dir, resource_find)
→ Fabric.execute ~process_handler
→ Fork writer daemon: run_in_systhread(input_line stdin)
→ T.send boundary_input → on EOF: send_eof
→ Reader (main fibre): T.recv boundary_output
→ run_in_systhread(print_endline) → on EOF: break
→ fabric.cancel() → switch exits
→ Fabric.shutdown (outside switch scope)
Before calling Fabric.execute, compile the routing table:
let ports, pb = match main.impl with
| Plumb (ports, pb) -> (ports, pb)
| _ -> Error.raise_ Config "config_error" "main must be plumb"
in
let type_env = Validate.build_type_env prog.prog_types in
let routing_table = Routing.compile ~prog ~ports ~pb
~type_env ~main_binding:main ~seeded:pb.pb_seeded in
let handler = Fabric.Bridge.make_handler
~prog ~type_env
~bin_dir:(Lazy.force Prefix_path.bin_dir)
~resource_find:Resource_path.find
~search_path
~tool_env
~base_dir:(Filename.dirname spec_path)
~on_oitl_request
() in
(* Writer daemon: stdin → boundary input *)
Eio.Fiber.fork_daemon ~sw (fun () ->
let push = Fabric.boundary_input fabric input_port in
(try while true do
let line = Eio_unix.run_in_systhread (fun () ->
input_line stdin) in
T.send push ~topic:input_port line
done with End_of_file | Sys_error _ -> ());
Fabric.Bridge.send_eof push ~topic:input_port;
`Stop_daemon);
(* Reader: boundary output → stdout (main fibre) *)
let pull = Fabric.boundary_output fabric output_port in
(try while true do
let (_topic, payload) = T.recv pull in
if Fabric.Bridge.is_eof payload then raise Exit;
Eio_unix.run_in_systhread (fun () ->
print_endline payload)
done with
| Exit | Transport.Transport_error _ -> ());
fabric.cancel ()
Port names from the main binding:
- input_port = List.nth ports 0
- output_port = List.nth ports n_in
(* Before Eio_main.run — fabric ref for signal handler *)
let fabric_ref = ref None in
Sys.set_signal Sys.sigint (Sys.Signal_handle (fun _ ->
match !fabric_ref with
| Some f -> f.Fabric.cancel ()
| None -> raise Sys.Break));
Inside the switch, set fabric_ref := Some fabric after
Fabric.execute. On SIGINT, the handler calls fabric.cancel(),
which closes all sockets, causing the reader's T.recv to fail
with Transport_error, breaking the loop. After the switch exits,
call Fabric.shutdown. If no fabric is running yet, the handler
raises Sys.Break which Entry.main catches for exit code 130.
Eio_main.run (fun _env ->
let fabric = ref None in
Eio.Switch.run (fun sw ->
let f = Fabric.execute ~sw ~routing_table ~type_env
~process_handler:handler () in
fabric := Some f;
fabric_ref := Some f;
(* ... boundary I/O fibres ... *)
f.cancel ())); (* reader loop exits here *)
(* Outside switch — safe to sleep/block *)
match !fabric with
| Some f -> Fabric.shutdown f
| None -> ()
bridge.ml Changesmake_handler signature:~search_path, ~tool_env, ~base_dir,
~on_oitl_request parameters~tool_dispatch_fn parameterBridge constructs tool_dispatch_loop closure internally
Fork safety (M1): Wrap spawn_subprocess call in
Eio_unix.run_in_systhread
Join dispatch thread (M2): Store thread handle, join in demux cleanup
MCP file cleanup (M3): Track and remove MCP temp file
bin/plumb/dune Changes(executable
(name main)
(public_name plumb)
(libraries plumb fabric language runtime spawn_lib
eio_main eio.unix unix threads.posix yojson))
nix develop --command dune build --root=. in worktreenix develop --command dune test --root=. — all tests passecho '"hello"' | ./plumb test/fixtures/agent_eliza.plumb
→ ELIZA responseecho '{"text":"hi"}' | ./plumb test/fixtures/identity.plumb
→ echo input (inline-only pipeline)test_plumb.ml integration tests still pass/tmp/plumb-* directories)--auto-approve flag works through bridgeIf you need specific details from before exiting plan mode (like exact code snippets, error messages, or content you generated), read the full transcript at: /Users/ww/.claude/projects/-Users-ww-src-plumbing/1c8917b0-bf01-4f55-891a-9c2f55a120ca.jsonl
1→(** Plumb runtime — general-purpose executor for plumb programs.
2→
3→ Parses a plumb program, finds the main binding, creates channels,
4→ spawns processes, wires boundary ports, and forwards stdin/stdout
5→ through the pipeline. Concurrent streaming forwarding — handles
6→ arbitrary n:m message ratios (copy, merge, etc.). *)
7→
8→let () =
9→ (* Default to Info; PIPELINE_DEBUG=1 wins (already set to Debug in Log
10→ module initialiser). --verbose lowers to Debug explicitly. *)
11→ let verbose = Array.exists (fun s -> s = "--verbose") Sys.argv in
12→ if verbose then Runtime.Log.set_level Runtime.Log.Debug
13→ else if Sys.getenv_opt "PIPELINE_DEBUG" <> Some "1" then
14→ Runtime.Log.set_level Runtime.Log.Info;
15→ (* Extract --provider/--model/--auto-approve from argv and set env vars.
16→ Entry.main strips these from argv before extracting the spec path. *)
17→ (match Runtime.Entry.resolve_flag Sys.argv "--provider" with
18→ | Some p -> Unix.putenv "PLUMB_PROVIDER" p | None -> ());
19→ (match Runtime.Entry.resolve_flag Sys.argv "--model" with
20→ | Some m -> Unix.putenv "PLUMB_MODEL" m | None -> ());
21→ let auto_approve = Array.exists (fun s -> s = "--auto-approve") Sys.argv in
22→ let docroot = Runtime.Entry.resolve_docroot Sys.argv in
23→ let search_path = Plumb.Stdlib_path.search_path () in
24→ let tool_env = { Plumb.Exec.docroot } in
25→ Sys.catch_break true;
26→ Runtime.Entry.main
27→ ~usage:"Usage: plumb [--verbose] [--docroot DIR] [--provider NAME] [--model NAME] [--auto-approve] <spec.plumb>"
28→ ~run:(fun spec_path ->
29→ let prog, main = Runtime.Spec.load_main_from_file ~search_path spec_path in
30→ let on_oitl_request =
31→ if auto_approve then
32→ fun (_req : Plumb.Exec.oitl_request) ->
33→ Plumb.Exec.{ oitl_approved = true; oitl_policy = Some "always" }
34→ else
35→ fun (req : Plumb.Exec.oitl_request) ->
36→ Printf.eprintf "plumb: denied tool call '%s' by agent '%s' \
37→ (use --auto-approve)\n%!" req.oitl_tool req.oitl_agent;
38→ Plumb.Exec.{ oitl_approved = false; oitl_policy = None }
39→ in
40→ let running = Plumb.Exec.execute ~search_path ~tool_env
41→ ~on_oitl_request prog main spec_path in
42→ let oc = Plumb.Exec.input running in
43→ let ic = Plumb.Exec.output running in
44→ (* Writer thread: stdin → pipeline input.
45→ release_ctrl sends stop to agents and closes ctrl fds.
46→ On normal EOF the executor's mux thread does this too
47→ (after data processing) — double-close is idempotent.
48→ On Ctrl-C, release_ctrl is the only path that sends stop. *)
49→ let writer = Thread.create (fun () ->
50→ (try while true do
51→ let line = input_line stdin in
52→ Printf.fprintf oc "%s\n%!" line
53→ done with _ -> ());
54→ close_out_noerr oc;
55→ Plumb.Exec.release_ctrl running
56→ ) () in
57→ (* Main thread: pipeline output → stdout *)
58→ (try while true do
59→ let resp = input_line ic in
60→ print_endline resp
61→ done with
62→ | End_of_file -> ()
63→ | Sys.Break -> close_in_noerr stdin);
64→ Thread.join writer;
65→ ignore (Plumb.Exec.shutdown running))
66→ 1→(executable
2→ (name main)
3→ (public_name plumb)
4→ (libraries plumb language runtime unix threads.posix))
5→ 1→(** Bridge — stdio mux/demux adapter for agent subprocesses.
2→
3→ Natural transformation between ZMQ topic-framed sockets and the
4→ agent binary's port-multiplexed stdin/stdout protocol. The agent
5→ sees the same [{"__port":...,"msg":...}] envelopes as under exec.ml.
6→
7→ All pipe writes use [Mutex] + [Eio_unix.run_in_systhread] (R2).
8→
9→ The [__port] envelope protocol is confined to this module and the
10→ agent binary — it must never appear in [fabric.ml] or [inline.ml]
11→ (R7: the bridge is NOT a morphism, it is a natural transformation
12→ between two concrete stream representations). *)
13→
14→open Language
15→
16→module T = Transport.Zmq
17→
18→(** {1 EOF Sentinel}
19→
20→ An empty-payload message on a PUSH socket signals end-of-stream.
21→ The receiver exits its recv loop on seeing this sentinel. *)
22→
23→let send_eof sock ~topic =
24→ T.send sock ~topic ""
25→
26→let is_eof payload =
27→ String.length payload = 0
28→
29→(** {1 Process Handler Type}
30→
31→ The fabric calls a process handler for each subprocess entry.
32→ The handler receives the process's ZMQ socket endpoints and starts
33→ the subprocess. The fabric does not know how. *)
34→
35→type process_handler =
36→ sw:Eio.Switch.t ->
37→ proc_entry:Runtime.Routing.process_entry ->
38→ push_sockets:(string * [`Push] T.socket) list ->
39→ pull_sockets:(string * [`Pull] T.socket) list ->
40→ unit
41→
42→(** {1 Tool Dispatch Callback}
43→
44→ The bridge accepts an optional tool dispatch callback rather than
45→ depending on [Tool_dispatch] directly. The caller constructs
46→ this from [Tool_dispatch.tool_dispatch_loop]. *)
47→
48→type tool_dispatch =
49→ req_fd:Unix.file_descr ->
50→ resp_fd:Unix.file_descr ->
51→ agent_name:string ->
52→ unit
53→
54→(** {1 Observation Callback} *)
55→
56→type observation = {
57→ agent : string;
58→ payload : Yojson.Safe.t;
59→}
60→
61→(** {1 Pipe Write Helpers}
62→
63→ All writes to child stdin go through mux_envelope / mux_eof,
64→ protected by an OCaml [Mutex]. These MUST be called from within
65→ [Eio_unix.run_in_systhread] — [Mutex.lock] is not safe from
66→ Eio fibres. *)
67→
68→(** Write a port-tagged envelope to the child stdin.
69→ Caller must hold (or be inside run_in_systhread for) the mux mutex. *)
70→let write_envelope mux_m oc port json_str =
71→ match Yojson.Safe.from_string json_str with
72→ | _ ->
73→ let s = Printf.sprintf
74→ "{\"__port\":%S,\"msg\":%s}\n" port json_str in
75→ Mutex.lock mux_m;
76→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
77→ output_string oc s; flush oc)
78→ | exception Yojson.Json_error msg ->
79→ Runtime.Log.warn "bridge_mux"
80→ [("port", `String port); ("error", `String msg)]
81→
82→(** Write an EOF marker for a port. *)
83→let write_eof mux_m oc port =
84→ let s = Printf.sprintf
85→ "{\"__port\":%S,\"__eof\":true}\n" port in
86→ Mutex.lock mux_m;
87→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
88→ output_string oc s; flush oc)
89→
90→(** {1 Bridge Construction} *)
91→
92→(** Construct a process handler that spawns agent subprocesses with
93→ stdio bridge. *)
94→let make_handler
95→ ~(prog : program)
96→ ~type_env
97→ ~(bin_dir : string option)
98→ ~(resource_find : string -> string)
99→ ?(resolve_bin : (string -> string) option)
100→ ?(tool_dispatch_fn : tool_dispatch option)
101→ ?(on_observe : (observation -> unit) option)
102→ ()
103→ : process_handler =
104→ fun ~sw ~proc_entry ~push_sockets ~pull_sockets ->
105→ let pe = proc_entry in
106→ let binding = pe.Runtime.Routing.proc_binding in
107→ let config = match binding.impl with
108→ | Agent config -> config
109→ | _ -> failwith "bridge: expected Agent impl"
110→ in
111→
112→ (* Resolve prompt paths *)
113→ let config = Spawn_lib.resolve_prompts_config
114→ ~resource_find ~base_dir:(Sys.getcwd ()) config in
115→ let binding = { binding with impl = Agent config } in
116→
117→ (* Decompose input/output types *)
118→ let decomp_in = Spawn_lib.agent_input_decomposition type_env binding.input in
119→ let decomp_out = Spawn_lib.agent_output_decomposition type_env binding.output in
120→ let has_control = decomp_in <> None in
121→ let has_telemetry = decomp_out <> None in
122→
123→ (* Synthesize child spec with simple types (no products) *)
124→ let child_binding =
125→ let b = match decomp_in with
126→ | Some (data_t, _) -> { binding with input = Stream data_t }
127→ | None -> binding
128→ in
129→ match decomp_out with
130→ | Some (result_t, _) -> { b with output = Stream result_t }
131→ | None -> b
132→ in
133→
134→ (* Find tool bindings *)
135→ let tool_names = match List.assoc_opt "tools" config with
136→ | Some (Arr items) ->
137→ List.filter_map (fun item ->
138→ match item with Ident name -> Some name | _ -> None
139→ ) items
140→ | _ -> []
141→ in
142→ let tool_bindings = List.filter_map (fun name ->
143→ List.find_opt (fun (b : binding) ->
144→ b.bd_name = name && Validate.is_tool_binding b
145→ ) prog.prog_bindings
146→ ) tool_names in
147→ let has_tools = tool_bindings <> [] || tool_dispatch_fn <> None in
148→
149→ (* Synthesize spec *)
150→ let spec_source =
151→ if tool_bindings <> [] then
152→ Spawn_lib.synthesize_agent_spec prog child_binding tool_bindings
153→ else
154→ Spawn_lib.synthesize_spec prog child_binding
155→ in
156→ let spec_path = Spawn_lib.write_temp_spec spec_source in
157→
158→ (* Resolve binary *)
159→ let resolve = match resolve_bin with
160→ | Some f -> f
161→ | None -> Spawn_lib.resolve_binary ~bin_dir
162→ in
163→ let bin_path = resolve "plumb-agent" in
164→
165→ (* Create child stdin/stdout pipes *)
166→ let child_in_r, child_in_w = Unix.pipe ~cloexec:true () in
167→ let child_out_r, child_out_w = Unix.pipe ~cloexec:true () in
168→ let child_in_oc = Unix.out_channel_of_descr child_in_w in
169→
170→ (* MCP connections and env *)
171→ let mcp_connections = match List.assoc_opt "mcp" config with
172→ | Some (Arr items) ->
173→ List.filter_map (fun item ->
174→ match item with
175→ | Obj kvs ->
176→ (match Spawn_lib.connect_mcp_server kvs with
177→ | Ok conn -> Some conn
178→ | Error msg ->
179→ Runtime.Log.warn "mcp_connect_failed"
180→ [("detail", `String msg)];
181→ None)
182→ | _ -> None
183→ ) items
184→ | _ -> []
185→ in
186→ let mcp_env = if mcp_connections <> [] then begin
187→ let mcp_schemas = List.concat_map (fun conn ->
188→ List.map Mcp_client.tool_schema (Mcp_client.tools conn)
189→ ) mcp_connections in
190→ let mcp_path = Filename.temp_file "agentpi_mcp_" ".json" in
191→ let mcp_oc = open_out_gen
192→ [Open_wronly; Open_creat; Open_trunc] 0o600 mcp_path in
193→ Fun.protect ~finally:(fun () -> close_out mcp_oc) (fun () ->
194→ output_string mcp_oc
195→ (Yojson.Safe.to_string (`List mcp_schemas)));
196→ [("PLUMB_MCP_TOOLS", mcp_path)]
197→ end else [] in
198→
199→ (* Agent children need LLM credentials, docroot, and name *)
200→ let env = Spawn_lib.credential_env () @ Spawn_lib.provider_env ()
201→ @ [("PLUMB_AGENT_NAME", binding.bd_name)]
202→ @ mcp_env in
203→
204→ (* Spawn child — closes child_in_r and child_out_w in parent *)
205→ let pid = Spawn_lib.spawn_subprocess ~bin_path ~spec_path
206→ ~stdin_fd:child_in_r ~stdout_fd:child_out_w
207→ ~env () in
208→ Runtime.Log.info "bridge"
209→ ["event", `String "spawned";
210→ "agent", `String binding.bd_name;
211→ "pid", `Int pid;
212→ "has_control", `Bool has_control;
213→ "has_telemetry", `Bool has_telemetry;
214→ "has_tools", `Bool has_tools];
215→
216→ (* Mux: OCaml Mutex for system-thread safety (R2) *)
217→ let mux_m = Mutex.create () in
218→
219→ (* Track active mux sources; close child stdin when last exits *)
220→ let n_sources = 2 + (if has_tools && tool_dispatch_fn <> None then 1 else 0) in
221→ let mux_remaining = ref n_sources in
222→ let mux_rem_m = Mutex.create () in
223→ let mux_source_done () =
224→ Mutex.lock mux_rem_m;
225→ decr mux_remaining;
226→ let n = !mux_remaining in
227→ Mutex.unlock mux_rem_m;
228→ if n = 0 then close_out_noerr child_in_oc
229→ in
230→
231→ (* Find sockets by port name *)
232→ let find_pull port = List.assoc_opt port pull_sockets in
233→ let find_push port = List.assoc_opt port push_sockets in
234→
235→ (* === Tool dispatch setup === *)
236→ let tool_req_oc = ref None in
237→ let tool_resp_r = ref None in
238→ (match tool_dispatch_fn with
239→ | Some dispatch when has_tools ->
240→ let req_r, req_w = Unix.pipe ~cloexec:true () in
241→ let resp_r', resp_w = Unix.pipe ~cloexec:true () in
242→ tool_req_oc := Some (Unix.out_channel_of_descr req_w);
243→ tool_resp_r := Some resp_r';
244→ let _dispatch_thread = Thread.create (fun () ->
245→ dispatch ~req_fd:req_r ~resp_fd:resp_w
246→ ~agent_name:binding.bd_name
247→ ) () in
248→ ()
249→ | _ -> ());
250→
251→ (* === Mux: data input (ZMQ PULL → child stdin) ===
252→
253→ T.recv runs in Eio fibre context (uses Eio_unix.await_readable).
254→ Pipe writes use Eio_unix.run_in_systhread + Mutex. *)
255→ (match find_pull "data_in" with
256→ | Some data_in_sock ->
257→ Eio.Fiber.fork_daemon ~sw (fun () ->
258→ (try
259→ while true do
260→ let (_topic, payload) = T.recv data_in_sock in
261→ if is_eof payload then begin
262→ Eio_unix.run_in_systhread (fun () ->
263→ (try write_eof mux_m child_in_oc "input"
264→ with Sys_error _ -> ()));
265→ raise Exit
266→ end;
267→ Eio_unix.run_in_systhread (fun () ->
268→ try write_envelope mux_m child_in_oc "input" payload
269→ with Sys_error _ -> raise Exit)
270→ done
271→ with
272→ | Exit -> ()
273→ | Transport.Transport_error (_, _msg) -> ());
274→ (* After data EOF, send ctrl stop (R4) *)
275→ if has_control then
276→ Eio_unix.run_in_systhread (fun () ->
277→ try
278→ let s = "{\"__port\":\"ctrl_in\",\"msg\":{\"stop\":true}}\n" in
279→ Mutex.lock mux_m;
280→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
281→ output_string child_in_oc s; flush child_in_oc)
282→ with Sys_error _ -> ());
283→ Eio_unix.run_in_systhread (fun () -> mux_source_done ());
284→ `Stop_daemon)
285→ | None ->
286→ (* No data input socket — mux source done immediately *)
287→ mux_source_done ());
288→
289→ (* === Mux: control input (ZMQ PULL → child stdin) === *)
290→ (match find_pull "ctrl_in" with
291→ | Some ctrl_in_sock ->
292→ Eio.Fiber.fork_daemon ~sw (fun () ->
293→ (try
294→ while true do
295→ let (_topic, payload) = T.recv ctrl_in_sock in
296→ if is_eof payload then begin
297→ Eio_unix.run_in_systhread (fun () ->
298→ (try write_eof mux_m child_in_oc "ctrl_in"
299→ with Sys_error _ -> ()));
300→ raise Exit
301→ end;
302→ Eio_unix.run_in_systhread (fun () ->
303→ try write_envelope mux_m child_in_oc "ctrl_in" payload
304→ with Sys_error _ -> raise Exit)
305→ done
306→ with
307→ | Exit -> ()
308→ | Transport.Transport_error (_, _msg) -> ());
309→ Eio_unix.run_in_systhread (fun () -> mux_source_done ());
310→ `Stop_daemon)
311→ | None ->
312→ (* No control socket — mux source done immediately *)
313→ mux_source_done ());
314→
315→ (* === Mux: tool responses (pipe → child stdin) === *)
316→ (match !tool_resp_r with
317→ | Some resp_r' ->
318→ Eio.Fiber.fork_daemon ~sw (fun () ->
319→ Eio_unix.run_in_systhread (fun () ->
320→ let ic = Unix.in_channel_of_descr resp_r' in
321→ (try while true do
322→ let line = input_line ic in
323→ write_envelope mux_m child_in_oc "tool_resp" line
324→ done with End_of_file | Sys_error _ -> ());
325→ close_in_noerr ic;
326→ mux_source_done ());
327→ `Stop_daemon)
328→ | None -> ());
329→
330→ (* === Demux: child stdout → ZMQ PUSH sockets ===
331→
332→ Pipe reads use Eio_unix.run_in_systhread (blocking input_line).
333→ ZMQ sends run in Eio fibre context. *)
334→ let data_out_sock = find_push "data_out" in
335→ let ctrl_out_sock = find_push "ctrl_out" in
336→ let telemetry_sock = find_push "telemetry" in
337→
338→ Eio.Fiber.fork_daemon ~sw (fun () ->
339→ let ic = Unix.in_channel_of_descr child_out_r in
340→ (try while true do
341→ let line = Eio_unix.run_in_systhread (fun () ->
342→ input_line ic) in
343→ if String.length (String.trim line) > 0 then
344→ match Yojson.Safe.from_string line with
345→ | `Assoc fields ->
346→ let port = match List.assoc_opt "__port" fields with
347→ | Some (`String s) -> s | _ -> "output" in
348→ let msg = match List.assoc_opt "msg" fields with
349→ | Some m -> Yojson.Safe.to_string m
350→ | None -> line in
351→ (match port with
352→ | "output" ->
353→ Option.iter (fun sock ->
354→ T.send sock ~topic:binding.bd_name msg
355→ ) data_out_sock
356→ | "ctrl_out" ->
357→ Option.iter (fun sock ->
358→ T.send sock ~topic:binding.bd_name msg
359→ ) ctrl_out_sock
360→ | "telemetry" ->
361→ Option.iter (fun sock ->
362→ T.send sock ~topic:binding.bd_name msg
363→ ) telemetry_sock;
364→ (match on_observe with
365→ | Some cb ->
366→ (try
367→ let json = Yojson.Safe.from_string msg in
368→ cb { agent = binding.bd_name; payload = json }
369→ with _ -> ())
370→ | None -> ())
371→ | "tool_req" ->
372→ Eio_unix.run_in_systhread (fun () ->
373→ match !tool_req_oc with
374→ | Some oc ->
375→ output_string oc msg;
376→ output_char oc '\n';
377→ flush oc
378→ | None ->
379→ Runtime.Log.warn "bridge_demux"
380→ [("event", `String "tool_req_no_dispatch");
381→ ("agent", `String binding.bd_name)])
382→ | _ ->
383→ Runtime.Log.warn "bridge_demux"
384→ [("port", `String port);
385→ ("agent", `String binding.bd_name)])
386→ | _ ->
387→ (* Not an envelope — treat as raw output *)
388→ Option.iter (fun sock ->
389→ T.send sock ~topic:binding.bd_name line
390→ ) data_out_sock
391→ | exception exn ->
392→ Runtime.Log.debug "bridge_demux"
393→ ["agent", `String binding.bd_name;
394→ "event", `String "json_parse_failed";
395→ "error", `String (Printexc.to_string exn)];
396→ Option.iter (fun sock ->
397→ T.send sock ~topic:binding.bd_name line
398→ ) data_out_sock
399→ done with
400→ | End_of_file -> ()
401→ | Sys_error msg ->
402→ Runtime.Log.debug "bridge_demux"
403→ ["agent", `String binding.bd_name;
404→ "event", `String "pipe_closed";
405→ "detail", `String msg]);
406→ close_in_noerr ic;
407→ (* Send EOF sentinel on all output ZMQ sockets (R5) *)
408→ Option.iter (fun sock ->
409→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
410→ ) data_out_sock;
411→ Option.iter (fun sock ->
412→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
413→ ) ctrl_out_sock;
414→ Option.iter (fun sock ->
415→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
416→ ) telemetry_sock;
417→ (* Close tool_req write-end to terminate dispatch loop *)
418→ Eio_unix.run_in_systhread (fun () ->
419→ (match !tool_req_oc with
420→ | Some oc -> close_out_noerr oc
421→ | None -> ());
422→ (* Reap child process (R6) *)
423→ let timeout_s = match Spawn_lib.timeout_of_binding binding with
424→ | Some t -> t | None -> 60.0 in
425→ let status, timed_out =
426→ Spawn_lib.waitpid_timed ~timeout_seconds:timeout_s pid in
427→ if timed_out then
428→ Runtime.Log.warn "bridge_timeout"
429→ ["agent", `String binding.bd_name;
430→ "timeout_seconds", `Float timeout_s];
431→ (match status with
432→ | Unix.WEXITED 0 -> ()
433→ | Unix.WEXITED code ->
434→ Runtime.Log.warn "bridge_exit"
435→ ["agent", `String binding.bd_name;
436→ "code", `Int code]
437→ | Unix.WSIGNALED sig_ ->
438→ Runtime.Log.warn "bridge_signal"
439→ ["agent", `String binding.bd_name;
440→ "signal", `Int sig_]
441→ | Unix.WSTOPPED _ -> ());
442→ (* Clean up temp files *)
443→ (try Sys.remove spec_path with Sys_error _ -> ()));
444→ `Stop_daemon);
445→
446→ ignore has_telemetry
447→ 1→(** Fabric — wire ZMQ sockets from a routing table and run the pipeline.
2→
3→ The fabric is the runtime core. It:
4→ 1. Creates ZMQ sockets for all routes in the routing table
5→ 2. Binds and connects sockets per the wiring instructions
6→ 3. Seeds channels with initial tokens (D7)
7→ 4. Starts inline morphism fibres
8→ 5. Coordinates subprocess spawning via the supervisor
9→
10→ Startup sequence (D7, bind-before-connect for inproc://):
11→ 1. Create ZMQ context
12→ 2. Bind phase: create and bind all sockets, seed channels
13→ 3. Connect phase: connect all consumer sockets
14→ 4. Start phase: start inline fibres, supervisor spawns subprocesses
15→
16→ See PLMB-037 Step 4, design decisions D6–D9. *)
17→
18→open Language
19→
20→module T = Transport.Zmq
21→
22→(** A running pipeline handle. *)
23→type t = {
24→ ctx : T.context;
25→ supervisor : Supervisor.t;
26→ push_sockets : (string, [`Push] T.socket) Hashtbl.t;
27→ pull_sockets : (string, [`Pull] T.socket) Hashtbl.t;
28→ pipeline_id : string;
29→ cancel : unit -> unit;
30→ (** Cancel function: fails the inner switch, causing all socket
31→ fibres and morphism fibres to terminate. *)
32→}
33→
34→(** Endpoint naming for ipc:// transport.
35→ Format: ipc:///tmp/plumb-{pid}/{process}/{port} *)
36→let endpoint ~pipeline_id proc_name port_name =
37→ Printf.sprintf "ipc:///tmp/plumb-%s/%s/%s" pipeline_id proc_name port_name
38→
39→(** Get the PUSH socket for writing to a boundary input port.
40→ The caller sends data on this socket to feed the pipeline. *)
41→let boundary_input t port_name =
42→ let ep = endpoint ~pipeline_id:t.pipeline_id port_name "out" in
43→ Hashtbl.find t.push_sockets ep
44→
45→(** Get the PULL socket for reading from a boundary output port.
46→ The caller receives data from this socket. *)
47→let boundary_output t port_name =
48→ let ep = endpoint ~pipeline_id:t.pipeline_id port_name "in" in
49→ Hashtbl.find t.pull_sockets ep
50→
51→(** Create the fabric directory for ipc:// endpoints. *)
52→let ensure_fabric_dir pipeline_id =
53→ let dir = Printf.sprintf "/tmp/plumb-%s" pipeline_id in
54→ (try Unix.mkdir dir 0o700 with Unix.Unix_error (Unix.EEXIST, _, _) -> ());
55→ dir
56→
57→(** Clean up the fabric directory. *)
58→let cleanup_fabric_dir pipeline_id =
59→ let dir = Printf.sprintf "/tmp/plumb-%s" pipeline_id in
60→ let cleanup_dir d =
61→ try
62→ let entries = Sys.readdir d in
63→ Array.iter (fun f ->
64→ try Sys.remove (Filename.concat d f) with Sys_error _ -> ()
65→ ) entries;
66→ (try Unix.rmdir d with Unix.Unix_error _ -> ())
67→ with Sys_error _ -> ()
68→ in
69→ (* Remove per-process subdirectories *)
70→ (try
71→ let entries = Sys.readdir dir in
72→ Array.iter (fun sub ->
73→ let path = Filename.concat dir sub in
74→ if Sys.is_directory path then cleanup_dir path
75→ ) entries
76→ with Sys_error _ -> ());
77→ cleanup_dir dir
78→
79→(** Execute a pipeline from a routing table.
80→
81→ This is the main entry point. It replaces [Exec.execute]. *)
82→let execute ~sw ~routing_table ~type_env
83→ ?(pipeline_id = string_of_int (Unix.getpid ()))
84→ ?process_handler () =
85→ let ctx = T.create_context () in
86→ let _fabric_dir = ensure_fabric_dir pipeline_id in
87→ let sup = Supervisor.create () in
88→
89→ (* Create subdirectories for all endpoints (processes and channels) *)
90→ let all_names = Hashtbl.create 16 in
91→ List.iter (fun (r : Runtime.Routing.route) ->
92→ Hashtbl.replace all_names r.src ();
93→ Hashtbl.replace all_names r.dst ()
94→ ) routing_table.Runtime.Routing.routes;
95→ Hashtbl.iter (fun name () ->
96→ let dir = Printf.sprintf "/tmp/plumb-%s/%s" pipeline_id name in
97→ (try Unix.mkdir dir 0o700 with Unix.Unix_error (Unix.EEXIST, _, _) -> ())
98→ ) all_names;
99→
100→ (* === Phase 1: Create and bind sockets ===
101→
102→ For each route, create a socket pair (sender, receiver).
103→ The sender binds; the receiver connects.
104→ Routes are keyed by (src, src_port) → sender socket,
105→ and (dst, dst_port) → receiver socket. *)
106→
107→ (* Socket tables: endpoint → socket *)
108→ let push_sockets : (string, [`Push] T.socket) Hashtbl.t = Hashtbl.create 16 in
109→ let pull_sockets : (string, [`Pull] T.socket) Hashtbl.t = Hashtbl.create 16 in
110→
111→ (* For each route, ensure sender and receiver sockets exist *)
112→ List.iter (fun (r : Runtime.Routing.route) ->
113→ let ep = endpoint ~pipeline_id r.src r.src_port in
114→ if not (Hashtbl.mem push_sockets ep) then begin
115→ let sock = match r.kind with
116→ | Runtime.Routing.Fan_out ->
117→ (* PUB/SUB for copy — but we use PUSH/PULL per-destination
118→ since our single-frame encoding doesn't support ZMQ topic
119→ filtering. The routing table handles fan-out by creating
120→ multiple routes from the same source. *)
121→ let s = T.push_socket ctx ~sw in
122→ T.bind s ep;
123→ s
124→ | _ ->
125→ let s = T.push_socket ctx ~sw in
126→ T.bind s ep;
127→ s
128→ in
129→ Hashtbl.replace push_sockets ep sock
130→ end;
131→ let ep_dst = endpoint ~pipeline_id r.dst r.dst_port in
132→ if not (Hashtbl.mem pull_sockets ep_dst) then begin
133→ let sock = T.pull_socket ctx ~sw in
134→ Hashtbl.replace pull_sockets ep_dst sock
135→ end
136→ ) routing_table.Runtime.Routing.routes;
137→
138→ (* === Phase 2: Connect sockets === *)
139→
140→ List.iter (fun (r : Runtime.Routing.route) ->
141→ let ep = endpoint ~pipeline_id r.src r.src_port in
142→ let ep_dst = endpoint ~pipeline_id r.dst r.dst_port in
143→ match Hashtbl.find_opt pull_sockets ep_dst with
144→ | Some pull_sock -> T.connect pull_sock ep
145→ | None ->
146→ Runtime.Log.warn "fabric"
147→ ["event", `String "no_pull_socket";
148→ "dst", `String r.dst;
149→ "dst_port", `String r.dst_port]
150→ ) routing_table.Runtime.Routing.routes;
151→
152→ (* === Phase 3: Seed channels (D7) ===
153→ Send null token on seeded channels before starting fibres. *)
154→
155→ List.iter (fun ch_name ->
156→ (* Find the PUSH socket that writes to this channel *)
157→ let matching_routes = List.filter (fun (r : Runtime.Routing.route) ->
158→ r.topic = ch_name && r.src <> ch_name
159→ ) routing_table.Runtime.Routing.routes in
160→ match matching_routes with
161→ | r :: _ ->
162→ let ep = endpoint ~pipeline_id r.src r.src_port in
163→ (match Hashtbl.find_opt push_sockets ep with
164→ | Some sock -> T.send sock ~topic:ch_name "null"
165→ | None ->
166→ Runtime.Log.warn "fabric"
167→ ["event", `String "seed_no_socket";
168→ "channel", `String ch_name])
169→ | [] ->
170→ Runtime.Log.warn "fabric"
171→ ["event", `String "seed_no_route";
172→ "channel", `String ch_name]
173→ ) routing_table.Runtime.Routing.seeded_channels;
174→
175→ (* === Phase 4: Start inline morphism fibres ===
176→
177→ Each inline morphism reads from its input PULL socket(s) and
178→ writes to its output PUSH socket(s). Subprocess-boundary
179→ processes are handled by the supervisor (deferred — agents
180→ need the agent binary rewrite from Step 5). *)
181→
182→ let find_push proc_name port =
183→ let ep = endpoint ~pipeline_id proc_name port in
184→ match Hashtbl.find_opt push_sockets ep with
185→ | Some s -> s
186→ | None -> failwith (Printf.sprintf "fabric: no PUSH socket for %s:%s" proc_name port)
187→ in
188→ let find_pull proc_name port =
189→ let ep = endpoint ~pipeline_id proc_name port in
190→ match Hashtbl.find_opt pull_sockets ep with
191→ | Some s -> s
192→ | None -> failwith (Printf.sprintf "fabric: no PULL socket for %s:%s" proc_name port)
193→ in
194→
195→ List.iter (fun (pe : Runtime.Routing.process_entry) ->
196→ match pe.proc_kind with
197→ | Runtime.Routing.Subprocess ->
198→ (match process_handler with
199→ | Some handler ->
200→ (* Collect sockets for this subprocess.
201→ PUSH sockets: routes where src = proc_name (process writes)
202→ PULL sockets: routes where dst = proc_name (process reads) *)
203→ let proc_push = List.filter_map (fun (r : Runtime.Routing.route) ->
204→ if r.src = pe.proc_name then
205→ let ep = endpoint ~pipeline_id r.src r.src_port in
206→ match Hashtbl.find_opt push_sockets ep with
207→ | Some s -> Some (r.src_port, s)
208→ | None -> None
209→ else None
210→ ) routing_table.Runtime.Routing.routes in
211→ let proc_pull = List.filter_map (fun (r : Runtime.Routing.route) ->
212→ if r.dst = pe.proc_name then
213→ let ep = endpoint ~pipeline_id r.dst r.dst_port in
214→ match Hashtbl.find_opt pull_sockets ep with
215→ | Some s -> Some (r.dst_port, s)
216→ | None -> None
217→ else None
218→ ) routing_table.Runtime.Routing.routes in
219→ handler ~sw ~proc_entry:pe
220→ ~push_sockets:proc_push ~pull_sockets:proc_pull
221→ | None ->
222→ Runtime.Log.info "fabric"
223→ ["event", `String "subprocess_deferred";
224→ "name", `String pe.proc_name])
225→ | Runtime.Routing.Inline ->
226→ Eio.Fiber.fork_daemon ~sw (fun () ->
227→ (try match pe.proc_impl with
228→ | Id ->
229→ let msg_type = Validate.unwrap_stream pe.proc_binding.input in
230→ Inline.forward_id ~name:pe.proc_name type_env msg_type
231→ (find_pull pe.proc_name "in")
232→ (find_push pe.proc_name "out")
233→ | Copy ->
234→ let msg_type = Validate.unwrap_stream pe.proc_binding.input in
235→ Inline.forward_copy ~name:pe.proc_name type_env msg_type
236→ (find_pull pe.proc_name "in")
237→ (find_push pe.proc_name "out0")
238→ (find_push pe.proc_name "out1")
239→ | Merge ->
240→ let inp = Validate.unwrap_stream pe.proc_binding.input in
241→ let in0_t, in1_t = match Validate.resolve type_env inp with
242→ | Product [t0; t1] -> (t0, t1)
243→ | t -> (t, t)
244→ in
245→ Inline.forward_merge ~name:pe.proc_name type_env in0_t in1_t
246→ (find_pull pe.proc_name "in0")
247→ (find_pull pe.proc_name "in1")
248→ (find_push pe.proc_name "out")
249→ | MergeAny ->
250→ let inp = Validate.unwrap_stream pe.proc_binding.input in
251→ let in0_t, in1_t = match Validate.resolve type_env inp with
252→ | Product [t0; t1] -> (t0, t1)
253→ | t -> (t, t)
254→ in
255→ Inline.forward_merge_any ~name:pe.proc_name type_env in0_t in1_t
256→ (find_pull pe.proc_name "in0")
257→ (find_pull pe.proc_name "in1")
258→ (find_push pe.proc_name "out")
259→ | Barrier ->
260→ let inp = Validate.unwrap_stream pe.proc_binding.input in
261→ let in_types = match Validate.resolve type_env inp with
262→ | Product ts -> ts
263→ | _ -> failwith "barrier: expected product input"
264→ in
265→ let n = List.length in_types in
266→ let recv_socks = List.init n (fun i ->
267→ find_pull pe.proc_name (Printf.sprintf "in%d" i)) in
268→ Inline.forward_barrier ~name:pe.proc_name type_env
269→ in_types recv_socks
270→ (find_push pe.proc_name "out")
271→ | Discard ->
272→ let msg_type = Validate.unwrap_stream pe.proc_binding.input in
273→ Inline.drain_discard ~name:pe.proc_name type_env msg_type
274→ (find_pull pe.proc_name "in")
275→ | Log label ->
276→ Inline.forward_log label
277→ (find_pull pe.proc_name "in")
278→ | FormatJson ->
279→ Inline.forward_format_json ~name:pe.proc_name
280→ (find_pull pe.proc_name "in")
281→ (find_push pe.proc_name "out")
282→ | ParseJson ->
283→ Inline.forward_parse_json ~name:pe.proc_name
284→ (find_pull pe.proc_name "in")
285→ (find_push pe.proc_name "out")
286→ | Map expr ->
287→ let in_type = Validate.unwrap_stream pe.proc_binding.input in
288→ let out_type = Validate.unwrap_stream pe.proc_binding.output in
289→ Inline.forward_map ~name:pe.proc_name type_env
290→ in_type out_type expr
291→ (find_pull pe.proc_name "in")
292→ (find_push pe.proc_name "out")
293→ | Filter expr ->
294→ let msg_type = Validate.unwrap_stream pe.proc_binding.input in
295→ Inline.forward_filter ~name:pe.proc_name type_env msg_type expr
296→ (find_pull pe.proc_name "in")
297→ (find_push pe.proc_name "out")
298→ | Project n ->
299→ Inline.forward_project ~name:pe.proc_name n
300→ (find_pull pe.proc_name "in")
301→ (find_push pe.proc_name "out")
302→ | Tagger (indices, label) ->
303→ Inline.forward_tagger ~name:pe.proc_name indices label
304→ (find_pull pe.proc_name "in")
305→ (find_push pe.proc_name "out")
306→ | Agent _ | Plumb _ ->
307→ (* Should not reach here — filtered by proc_kind *)
308→ failwith "unreachable: subprocess in inline dispatch"
309→ | Tool _ | Lower _ | Builtin _ ->
310→ failwith "unreachable: tool binding in inline dispatch"
311→ with
312→ | Inline.Morphism_fatal (label, _extras) ->
313→ Runtime.Log.error "fabric"
314→ ["event", `String "morphism_fatal";
315→ "morphism", `String label]
316→ | Transport.Transport_error (_, msg) ->
317→ Runtime.Log.debug "fabric"
318→ ["event", `String "transport_closed";
319→ "morphism", `String pe.proc_name;
320→ "detail", `String msg]);
321→ `Stop_daemon)
322→ ) routing_table.Runtime.Routing.processes;
323→
324→ (* The cancel function: force-close all sockets. This closes the
325→ underlying ZMQ sockets directly, bypassing zmq-eio's close
326→ protocol. The zmq-eio event loops will fail on their next
327→ operation and terminate, allowing the Eio switch to exit. *)
328→ let cancel () =
329→ Hashtbl.iter (fun _ s ->
330→ (try T.force_close s with _ -> ())) push_sockets;
331→ Hashtbl.iter (fun _ s ->
332→ (try T.force_close s with _ -> ())) pull_sockets
333→ in
334→ { ctx; supervisor = sup; push_sockets; pull_sockets; pipeline_id; cancel }
335→
336→(** Re-export Bridge for external access. *)
337→module Bridge = Bridge
338→
339→(** Shut down the pipeline.
340→ Closes all sockets (triggering recv timeout/failure in system
341→ threads), then destroys the ZMQ context and cleans up. *)
342→let shutdown t =
343→ let _ = Supervisor.shutdown t.supervisor in
344→ t.cancel ();
345→ (* Wait for system threads blocked in recv to notice the socket
346→ closure (up to the 1s receive timeout) *)
347→ Unix.sleepf 1.5;
348→ T.destroy_context t.ctx;
349→ cleanup_fabric_dir t.pipeline_id
350→ 1→(** Plumb execution — create channels, spawn processes.
2→
3→ The plumb interpreter: takes a program and a main binding (with Plumb impl),
4→ creates Unix pipes for boundary ports and declared channels, executes
5→ process bindings, and returns handles to the pipeline's boundary ports.
6→
7→ Structural morphisms (id, copy, merge, discard) execute inline as
8→ forwarding threads. Only agents and nested plumbs spawn subprocesses —
9→ they need isolation for API credentials, file permissions, and failure
10→ domains.
11→
12→ Structural morphisms can be spawned directly by keyword without a
13→ named binding: [spawn copy(ch_in, ch_a, ch_b)]. Types are inferred
14→ from the channel declarations and checked for consistency.
15→
16→ Each spawned child receives a synthesized minimal spec containing only its
17→ own binding and the type declarations it depends on. This gives proper
18→ lexical scoping — children see only their own binding, regardless of where
19→ it was defined (top-level or plumb-local). *)
20→
21→open Language
22→open Forward
23→open Spawn
24→
25→(** Re-export types for external callers (e.g. bin/plumb, bin/chat). *)
26→type tool_env = Tool_dispatch.tool_env = { docroot : string option }
27→let default_tool_env = Tool_dispatch.default_tool_env
28→type observation = Tool_dispatch.observation = { agent : string; payload : Yojson.Safe.t }
29→type oitl_request = Tool_dispatch.oitl_request = {
30→ oitl_id : string;
31→ oitl_tool : string;
32→ oitl_input : Yojson.Safe.t;
33→ oitl_agent : string;
34→}
35→type oitl_response = Tool_dispatch.oitl_response = {
36→ oitl_approved : bool;
37→ oitl_policy : string option;
38→}
39→
40→(** Re-export functions from Spawn and Tool_dispatch for backward compatibility. *)
41→let synthesize_agent_spec = Spawn.synthesize_agent_spec
42→let required_types_multi = Spawn.required_types_multi
43→let timeout_of_binding = Spawn.timeout_of_binding
44→let waitpid_timed = Spawn.waitpid_timed
45→let dispatch_tool = Tool_dispatch.dispatch_tool
46→let tool_dispatch_loop = Tool_dispatch.tool_dispatch_loop
47→let tool_error_response = Tool_dispatch.tool_error_response
48→
49→(** {1 Running Pipeline} *)
50→ 1→(** CLI envelope for processes. *)
2→
3→let read_file path =
4→ try
5→ let ic = open_in path in
6→ let n = in_channel_length ic in
7→ let s = Bytes.create n in
8→ really_input ic s 0 n;
9→ close_in ic;
10→ Bytes.to_string s
11→ with Sys_error msg ->
12→ Error.raise_ Config "config_error" msg
13→
14→(** Resolve docroot from CLI args or environment.
15→ [--docroot DIR] takes priority over [PLUMB_DOCROOT].
16→ Returns [None] if neither is set (runtime defaults to cwd). *)
17→let resolve_docroot args =
18→ let rec scan = function
19→ | "--docroot" :: dir :: _ -> Some dir
20→ | _ :: rest -> scan rest
21→ | [] -> None
22→ in
23→ match scan (Array.to_list args) with
24→ | Some _ as v -> v
25→ | None -> Sys.getenv_opt "PLUMB_DOCROOT"
26→
27→(** Flags that take a value argument. *)
28→let flags_with_value = ["--docroot"; "--provider"; "--model"]
29→
30→(** Boolean flags (no value argument). *)
31→let bool_flags = ["--auto-approve"; "--verbose"]
32→
33→(** Strip known flags from argv, returning remaining args. *)
34→let strip_docroot args =
35→ let rec go acc = function
36→ | x :: _ :: rest when List.mem x flags_with_value -> go acc rest
37→ | x :: rest when List.mem x bool_flags -> go acc rest
38→ | x :: rest -> go (x :: acc) rest
39→ | [] -> List.rev acc
40→ in
41→ go [] (Array.to_list args) |> Array.of_list
42→
43→(** Resolve a flag value from CLI args.
44→ Returns [Some value] if [--flag value] is found, [None] otherwise. *)
45→let resolve_flag args flag =
46→ let rec scan = function
47→ | x :: v :: _ when x = flag -> Some v
48→ | _ :: rest -> scan rest
49→ | [] -> None
50→ in
51→ scan (Array.to_list args)
52→
53→let main ~usage ~run =
54→ if Array.exists (fun s -> s = "--version") Sys.argv then begin
55→ print_endline Version.string;
56→ exit 0
57→ end;
58→ let args = strip_docroot Sys.argv in
59→ if Array.length args >= 2 && args.(1) = "--help" then begin
60→ print_endline usage;
61→ exit 0
62→ end;
63→ if Array.length args < 2 then begin
64→ Printf.eprintf "%s\n" usage;
65→ exit 2
66→ end;
67→ let spec_path = args.(1) in
68→ try run spec_path
69→ with
70→ | Error.Process_error err ->
71→ Printf.eprintf "%s\n" (Error.to_string err);
72→ exit (Error.exit_code err)
73→ | Sys.Break -> exit 130
74→ | exn ->
75→ Printf.eprintf "{\"error\":\"internal\",\"detail\":\"%s\"}\n"
76→ (String.escaped (Printexc.to_string exn));
77→ exit 1
78→ 1→(** Routing table — compiler output for the ZMQ fabric.
2→
3→ Two-phase compilation:
4→ 1. The compiler walks the plumb body's spawn list and emits
5→ intermediate routes that reference channel names as nodes.
6→ 2. [resolve_channels] eliminates channel intermediaries by
7→ cross-joining writer and reader routes into direct
8→ process-to-process routes. This is the operational realisation
9→ of ν-restriction in composition (f ; g = (νc)(f(in,c) | g(c,out))).
10→
11→ The fabric reads the resolved routing table to create ZMQ sockets.
12→
13→ Design decisions D1 (types in lib/runtime) and D10 (routing_table
14→ terminology). See PLMB-037. *)
15→
16→open Language
17→
18→(** Channel transport pattern, determined statically by the compiler. *)
19→type channel_kind =
20→ | Point_to_point
21→ (** PUSH/PULL — reliable, blocking backpressure. Default for all
22→ algebraic channels except copy fan-out. *)
23→ | Fan_out
24→ (** PUB/SUB — copy morphism only. HWM set to unlimited. *)
25→ | Bidirectional
26→ (** PAIR — control channels between supervisor and inline morphisms. *)
27→
28→(** Whether a process runs inline (Eio fibre) or as a subprocess. *)
29→type process_kind =
30→ | Inline
31→ (** Structural morphisms: id, copy, merge, barrier, map, filter, etc.
32→ Run as Eio fibres within the fabric. *)
33→ | Subprocess
34→ (** Agents and nested plumb pipelines. Fork/exec'd by the supervisor. *)
35→
36→(** A route: one directional connection between two processes. *)
37→type route = {
38→ src : string; (** source process name *)
39→ src_port : string; (** source port name *)
40→ dst : string; (** destination process name *)
41→ dst_port : string; (** destination port name *)
42→ kind : channel_kind; (** transport pattern *)
43→ topic : string; (** provenance tag for PUB/SUB filtering *)
44→ via : string option; (** original channel name, if resolved *)
45→}
46→
47→(** A process entry in the routing table. *)
48→type process_entry = {
49→ proc_name : string;
50→ proc_kind : process_kind;
51→ proc_impl : process_impl;
52→ proc_binding : binding;
53→}
54→
55→(** The routing table: compiler output consumed by the fabric.
56→
57→ Invariant: all process names are unique within a table.
58→ The compiler guarantees this via per-binding instance numbering
59→ (e.g. [copy0], [copy1], [merge0]). *)
60→type routing_table = { 1→(** Spec loading — parse a plumb program, find a binding by impl kind,
2→ build a type environment.
3→
4→ Spawned children receive synthesized minimal specs (one binding + its
5→ type dependencies), so the search here only needs to match by impl kind
6→ among top-level bindings. *)
7→
8→open Language
9→
10→type loaded_binding = {
11→ binding : binding;
12→ type_env : Validate.type_env;
13→}
14→
15→(** Structural morphism names are reserved — they cannot be used as
16→ binding names because their meaning in spawn position must be
17→ unambiguous. Use a different name: [let passthrough : A -> A = id]. *)
18→let reserved_names = ["id"; "copy"; "merge"; "discard"; "map"; "filter"; "barrier"; "tool"]
19→
20→let check_reserved_names bindings =
21→ List.iter (fun (b : binding) ->
22→ if List.mem b.bd_name reserved_names then
23→ Error.raise_ Config "config_error"
24→ (Printf.sprintf
25→ "%s is a structural morphism and cannot be used as a binding name"
26→ b.bd_name)
27→ ) bindings
28→
29→(** Totality determines which impl kinds admit bare types (base category).
30→ Total morphisms produce exactly one output per input — they can
31→ operate at either categorical level. Non-total morphisms (filter,
32→ merge, barrier) and stateful processes (agent, plumb) are Kleisli-only. *)
33→let admits_bare_type = function
34→ | Id | Map _ | Copy | Discard | Tool _ | Lower _ | Builtin _
35→ | FormatJson | ParseJson -> true
36→ | Filter _ | Merge | MergeAny | Barrier | Project _ | Agent _ | Plumb _
37→ | Tagger _ | Log _ -> false
38→
39→(** Whether a stream morphism can be lowered to a tool via η ; f ; ε.
40→ Requires totality: the process must always produce at least one output. *) 1→(** Process spawning, spec synthesis, and subprocess infrastructure.
2→
3→ Extracted from [lib/plumb/spawn.ml] to break the dependency between
4→ the fabric and the plumb library. Dune-site paths (bin_dir,
5→ resource_find) are injected by callers — this library stays
6→ dune-site-free. *)
7→
8→open Language
9→
10→(** {1 Binary Resolution} *)
11→
12→let binary_of_impl = function
13→ | Agent _ -> "plumb-agent"
14→ | Plumb _ -> "plumb"
15→ | Tool _ | Lower _ | Builtin _ -> failwith "tools are not spawned as pipeline nodes"
16→ | Id | Copy | Merge | MergeAny | Discard | Barrier | Project _ | Map _
17→ | Filter _ | Tagger _ | Log _ | FormatJson | ParseJson ->
18→ failwith "structural morphisms do not need binaries"
19→
20→(** Resolve a sibling process binary. Tries two strategies:
21→ 1. Sibling in the same directory (works after [dune install])
22→ 2. Sibling in the dune _build tree (swaps the binary's subdirectory)
23→ Falls back to bare name for PATH lookup.
24→
25→ [~bin_dir] is the directory containing the current binary. Pass
26→ [Prefix_path.bin_dir] from the plumb library, or a test fixture. *)
27→let resolve_binary ~bin_dir name =
28→ let dir = match bin_dir with
29→ | Some d -> d
30→ | None -> Filename.dirname Sys.executable_name
31→ in
32→ let installed = Filename.concat dir name in
33→ if Sys.file_exists installed then installed
34→ else
35→ let parent = Filename.dirname dir in
36→ let base = Filename.basename Sys.executable_name in
37→ let build = Filename.concat (Filename.concat parent name) base in
38→ if Sys.file_exists build then build
39→ else
40→ (* In the dune build tree, directories use the short name (e.g. "agent") 60→type routing_table = {
61→ processes : process_entry list;
62→ (** All processes, in dependency order (leaves first). *)
63→ routes : route list;
64→ (** All wiring instructions. *)
65→ seeded_channels : string list;
66→ (** Channels pre-loaded with a null token (Petri net initial markings). *)
67→}
68→
69→(** Classify a process implementation as inline or subprocess. *)
70→let process_kind_of_impl = function
71→ | Agent _ | Plumb _ -> Subprocess
72→ | _ -> Inline
73→
74→(** Determine the channel kind for a (src, src_port) pair.
75→ If the same source port appears in multiple routes, it's Fan_out
76→ (copy morphism). Control channels are Bidirectional. Otherwise
77→ Point_to_point. *)
78→let classify_channel_kinds routes =
79→ (* Count how many routes share each (src, src_port) pair *)
80→ let tbl = Hashtbl.create 16 in
81→ List.iter (fun r ->
82→ let key = (r.src, r.src_port) in
83→ let n = try Hashtbl.find tbl key with Not_found -> 0 in
84→ Hashtbl.replace tbl key (n + 1)
85→ ) routes;
86→ List.map (fun r ->
87→ if r.kind = Bidirectional then r
88→ else
89→ let key = (r.src, r.src_port) in
90→ let n = try Hashtbl.find tbl key with Not_found -> 1 in
91→ if n > 1 then { r with kind = Fan_out }
92→ else r
93→ ) routes
94→
95→(** Look up the per-message type for a channel by name.
96→ Checks boundary ports first, then declared channels. *)
97→let find_channel_type ~ports ~boundary_in_types ~boundary_out_types
98→ ~n_in ~pb ch_name =
99→ match List.find_index (fun p -> p = ch_name) ports with
100→ | Some i when i < n_in -> Some (List.nth boundary_in_types i)
101→ | Some i -> Some (List.nth boundary_out_types (i - n_in))
102→ | None ->
103→ match List.find_opt (fun (ch : channel_decl) ->
104→ ch.ch_name = ch_name) pb.pb_channels with
105→ | Some ch -> Some ch.ch_type
106→ | None -> None
107→
108→(** Resolve channel intermediaries into direct process-to-process routes.
109→
110→ Channels are bound names (ν-restriction). In the intermediate routing
111→ table, they appear as route endpoints — but they are not processes and
112→ have no state. This pass eliminates them by cross-joining writers and
113→ readers through each channel, producing direct routes.
114→
115→ After resolution, no declared channel name appears as a route src or dst.
116→ The original channel name is preserved in the [via] field for debugging. *)
117→let resolve_channels ~processes ~boundary_ports routes ~channels =
118→ let channel_names =
119→ List.map (fun (ch : Language.channel_decl) -> ch.ch_name) channels in
120→ let is_channel name =
121→ List.mem name channel_names in
122→ let is_process name =
123→ List.exists (fun (pe : process_entry) -> pe.proc_name = name) processes in
124→ let is_boundary name =
125→ List.mem name boundary_ports in
126→ let is_real_node name =
127→ is_process name || is_boundary name in
128→
129→ (* Partition routes *)
130→ let direct = ref [] in
131→ let writers = Hashtbl.create 8 in (* channel → routes writing to it *)
132→ let readers = Hashtbl.create 8 in (* channel → routes reading from it *)
133→
134→ List.iter (fun r ->
135→ let dst_is_ch = is_channel r.dst in
136→ let src_is_ch = is_channel r.src in
137→ match dst_is_ch, src_is_ch with
138→ | false, false ->
139→ (* Both endpoints are real nodes — keep as-is *)
140→ direct := r :: !direct
141→ | true, false ->
142→ (* Process writes to channel *)
143→ let ch = r.dst in
144→ let existing = try Hashtbl.find writers ch with Not_found -> [] in
145→ Hashtbl.replace writers ch (r :: existing)
146→ | false, true ->
147→ (* Process reads from channel *)
148→ let ch = r.src in
149→ let existing = try Hashtbl.find readers ch with Not_found -> [] in
150→ Hashtbl.replace readers ch (r :: existing)
151→ | true, true ->
152→ (* Channel-to-channel: should not happen *)
153→ failwith (Printf.sprintf
154→ "resolve_channels: channel-to-channel route %s → %s" r.src r.dst)
155→ ) routes;
156→
157→ (* Cross-join writers and readers for each channel *)
158→ let resolved = ref (List.rev !direct) in
159→ List.iter (fun ch_name ->
160→ let ch_writers = try Hashtbl.find writers ch_name with Not_found -> [] in
161→ let ch_readers = try Hashtbl.find readers ch_name with Not_found -> [] in
162→ let n_writers = List.length ch_writers in
163→ let n_readers = List.length ch_readers in
164→
165→ match n_writers, n_readers with
166→ | 0, 0 -> () (* unused channel *)
167→ | _, 0 ->
168→ (* Writers with no readers — telemetry sinks. Re-emit unchanged. *)
169→ List.iter (fun w -> resolved := w :: !resolved) ch_writers
170→ | 0, _ ->
171→ (* Readers with no writers — likely compiler bug. *)
172→ Log.warn "routing"
173→ ["event", `String "channel_no_writers";
174→ "channel", `String ch_name]
175→ | _ when n_writers > 1 && n_readers > 1 ->
176→ failwith (Printf.sprintf
177→ "resolve_channels: channel %s has %d writers and %d readers \
178→ — no categorical meaning" ch_name n_writers n_readers)
179→ | _ ->
180→ List.iter (fun w ->
181→ List.iter (fun rd ->
182→ resolved := {
183→ src = w.src;
184→ src_port = w.src_port;
185→ dst = rd.dst;
186→ dst_port = rd.dst_port;
187→ kind = Point_to_point;
188→ topic = rd.topic;
189→ via = Some ch_name;
190→ } :: !resolved
191→ ) ch_readers
192→ ) ch_writers
193→ ) channel_names;
194→
195→ (* Validate: no channel names remain as src or dst *)
196→ List.iter (fun r ->
197→ if is_channel r.src && is_real_node r.dst then
198→ failwith (Printf.sprintf
199→ "resolve_channels: channel %s still appears as route src" r.src);
200→ if is_channel r.dst && is_real_node r.src then
201→ failwith (Printf.sprintf
202→ "resolve_channels: channel %s still appears as route dst" r.dst)
203→ ) !resolved;
204→
205→ List.rev !resolved
206→
207→let compile ~prog ~ports ~pb ~type_env ~main_binding ~seeded =
208→ let boundary_in_types = Validate.port_element_types type_env main_binding.input in
209→ let boundary_out_types = Validate.port_element_types type_env main_binding.output in
210→ let n_in = List.length boundary_in_types in
211→
212→ let ch_type name =
213→ match find_channel_type ~ports ~boundary_in_types ~boundary_out_types
214→ ~n_in ~pb name with
215→ | Some t -> t
216→ | None -> Unit
217→ in
218→
219→ let find_binding name =
220→ match List.find_opt (fun (b : binding) -> b.bd_name = name) pb.pb_bindings with
221→ | Some b -> Some b
222→ | None ->
223→ List.find_opt (fun (b : binding) -> b.bd_name = name) prog.prog_bindings
224→ in
225→
226→ (* Synthesise a binding for a direct structural morphism spawn
227→ with proper types inferred from channel declarations. *)
228→ let synthesise_structural sp_process channels =
229→ let impl = match sp_process with
230→ | "id" -> Id | "copy" -> Copy | "merge" -> Merge
231→ | "discard" -> Discard | "barrier" -> Barrier
232→ | "_format_json" -> FormatJson | "_parse_json" -> ParseJson
233→ | name -> failwith (Printf.sprintf "unknown structural morphism: %s" name)
234→ in
235→ match impl with
236→ | Id ->
237→ let t = ch_type (List.nth channels 0) in
238→ { bd_name = sp_process; bd_attrs = [];
239→ input = Stream t; output = Stream t; impl }
240→ | Copy ->
241→ let t = ch_type (List.nth channels 0) in
242→ { bd_name = sp_process; bd_attrs = [];
243→ input = Stream t;
244→ output = Stream (Product [t; t]); impl }
245→ | Merge ->
246→ let t0 = ch_type (List.nth channels 0) in
247→ let t1 = ch_type (List.nth channels 1) in
248→ let out_t = if Validate.type_eq type_env t0 t1 then t0 else Sum [t0; t1] in
249→ { bd_name = sp_process; bd_attrs = [];
250→ input = Stream (Product [t0; t1]);
251→ output = Stream out_t; impl }
252→ | Barrier ->
253→ let n = List.length channels - 1 in
254→ let in_types = List.init n (fun i -> ch_type (List.nth channels i)) in
255→ { bd_name = sp_process; bd_attrs = [];
256→ input = Stream (Product in_types);
257→ output = Stream (Product in_types); impl }
258→ | Discard ->
259→ let t = ch_type (List.nth channels 0) in
260→ { bd_name = sp_process; bd_attrs = [];
261→ input = Stream t; output = Stream Unit; impl }
262→ | FormatJson ->
263→ { bd_name = sp_process; bd_attrs = [];
264→ input = Stream (Primitive Json);
265→ output = Stream (Primitive String); impl }
266→ | ParseJson ->
267→ { bd_name = sp_process; bd_attrs = [];
268→ input = Stream (Primitive String);
269→ output = Stream (Primitive Json); impl }
270→ | _ ->
271→ { bd_name = sp_process; bd_attrs = [];
272→ input = Unit; output = Unit; impl }
273→ in
274→
275→ let processes = ref [] in
276→ let routes = ref [] in
277→
278→ (* Per-binding-name counter for unique instance names.
279→ Every spawn gets a numbered name: copy0, copy1, merge0, etc. *)
280→ let name_counters = Hashtbl.create 8 in
281→ let fresh_proc_name base =
282→ let n = try Hashtbl.find name_counters base with Not_found -> 0 in
283→ Hashtbl.replace name_counters base (n + 1);
284→ Printf.sprintf "%s%d" base n
285→ in
286→
287→ List.iter (fun (sp : spawn_stmt) ->
288→ let channels = List.map (function
289→ | Positional ch -> ch
290→ | Labeled (_, ch) -> ch
291→ ) sp.sp_args in
292→
293→ let binding = match find_binding sp.sp_process with
294→ | Some b -> b
295→ | None -> synthesise_structural sp.sp_process channels
296→ in
297→
298→ let proc_name = fresh_proc_name sp.sp_process in
299→ let binding = { binding with bd_name = proc_name } in
300→ let kind = process_kind_of_impl binding.impl in
301→
302→ processes := {
303→ proc_name;
304→ proc_kind = kind;
305→ proc_impl = binding.impl;
306→ proc_binding = binding;
307→ } :: !processes;
308→
309→ (* Determine port layout from the implementation kind.
310→ Each channel argument maps to a port. Convention:
311→ - Input ports: read from the named channel
312→ - Output ports: write to the named channel
313→
314→ A route is created for each channel connecting it to the
315→ process. The src/dst naming follows the data flow direction:
316→ the channel's writer is the src, the reader is the dst. *)
317→ let add_route ~src ~src_port ~dst ~dst_port ~channel_name =
318→ routes := {
319→ src; src_port; dst; dst_port;
320→ kind = Point_to_point;
321→ topic = channel_name;
322→ via = None;
323→ } :: !routes
324→ in
325→
326→ (* For inline morphisms, the process reads from input channels and
327→ writes to output channels. We model this as:
328→ - Input channel: route from channel → process (process reads)
329→ - Output channel: route from process → channel (process writes)
330→
331→ Since channels are named entities shared between processes, the
332→ route connects the producing process's output to the consuming
333→ process's input via the channel name. *)
334→ match binding.impl with
335→ | Id | FormatJson | ParseJson | Map _ | Filter _ | Tagger _ ->
336→ (* 2 channels: [input, output] *)
337→ let ch_in = List.nth channels 0 in
338→ let ch_out = List.nth channels 1 in
339→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"in"
340→ ~channel_name:ch_in;
341→ add_route ~src:proc_name ~src_port:"out" ~dst:ch_out ~dst_port:"in"
342→ ~channel_name:ch_out
343→
344→ | Discard ->
345→ (* 2 channels: [input, output(unit)] *)
346→ let ch_in = List.nth channels 0 in
347→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"in"
348→ ~channel_name:ch_in
349→
350→ | Log _ ->
351→ (* 1 channel: [input] *)
352→ let ch_in = List.nth channels 0 in
353→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"in"
354→ ~channel_name:ch_in
355→
356→ | Copy ->
357→ (* 3 channels: [input, output0, output1] *)
358→ let ch_in = List.nth channels 0 in
359→ let ch_out0 = List.nth channels 1 in
360→ let ch_out1 = List.nth channels 2 in
361→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"in"
362→ ~channel_name:ch_in;
363→ add_route ~src:proc_name ~src_port:"out0" ~dst:ch_out0 ~dst_port:"in"
364→ ~channel_name:ch_out0;
365→ add_route ~src:proc_name ~src_port:"out1" ~dst:ch_out1 ~dst_port:"in"
366→ ~channel_name:ch_out1
367→
368→ | Merge | MergeAny ->
369→ (* 3 channels: [input0, input1, output] *)
370→ let ch_in0 = List.nth channels 0 in
371→ let ch_in1 = List.nth channels 1 in
372→ let ch_out = List.nth channels 2 in
373→ add_route ~src:ch_in0 ~src_port:"out" ~dst:proc_name ~dst_port:"in0"
374→ ~channel_name:ch_in0;
375→ add_route ~src:ch_in1 ~src_port:"out" ~dst:proc_name ~dst_port:"in1"
376→ ~channel_name:ch_in1;
377→ add_route ~src:proc_name ~src_port:"out" ~dst:ch_out ~dst_port:"in"
378→ ~channel_name:ch_out
379→
380→ | Barrier ->
381→ (* N+1 channels: [input0..inputN-1, output] *)
382→ let n = List.length channels - 1 in
383→ for i = 0 to n - 1 do
384→ let ch = List.nth channels i in
385→ add_route ~src:ch ~src_port:"out" ~dst:proc_name
386→ ~dst_port:(Printf.sprintf "in%d" i)
387→ ~channel_name:ch
388→ done;
389→ let ch_out = List.nth channels n in
390→ add_route ~src:proc_name ~src_port:"out" ~dst:ch_out ~dst_port:"in"
391→ ~channel_name:ch_out
392→
393→ | Project n_proj ->
394→ (* 2 channels: [input, output] *)
395→ ignore n_proj;
396→ let ch_in = List.nth channels 0 in
397→ let ch_out = List.nth channels 1 in
398→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"in"
399→ ~channel_name:ch_in;
400→ add_route ~src:proc_name ~src_port:"out" ~dst:ch_out ~dst_port:"in"
401→ ~channel_name:ch_out
402→
403→ | Agent _ ->
404→ (* Variable channels: data_in, [ctrl_in], data_out, [ctrl_out], [telemetry] *)
405→ let n = List.length channels in
406→ (* Minimum: input, output (2 channels)
407→ With control: input, ctrl_in, output, ctrl_out (4)
408→ With telemetry: +1 *)
409→ if n >= 2 then begin
410→ let ch_in = List.nth channels 0 in
411→ add_route ~src:ch_in ~src_port:"out" ~dst:proc_name ~dst_port:"data_in"
412→ ~channel_name:ch_in;
413→ (* The output channel is at index 1 (no ctrl) or 2 (with ctrl) *)
414→ let out_idx = if n >= 4 then 2 else 1 in
415→ let ch_out = List.nth channels out_idx in
416→ add_route ~src:proc_name ~src_port:"data_out" ~dst:ch_out ~dst_port:"in"
417→ ~channel_name:ch_out;
418→ (* Control channels if present *)
419→ if n >= 4 then begin
420→ let ch_ctrl_in = List.nth channels 1 in
421→ let ch_ctrl_out = List.nth channels 3 in
422→ add_route ~src:ch_ctrl_in ~src_port:"out" ~dst:proc_name ~dst_port:"ctrl_in"
423→ ~channel_name:ch_ctrl_in;
424→ add_route ~src:proc_name ~src_port:"ctrl_out" ~dst:ch_ctrl_out ~dst_port:"in"
425→ ~channel_name:ch_ctrl_out
426→ end;
427→ (* Telemetry if present *)
428→ let telem_idx = if n >= 4 then 4 else 2 in
429→ if telem_idx < n then begin
430→ let ch_telem = List.nth channels telem_idx in
431→ add_route ~src:proc_name ~src_port:"telemetry" ~dst:ch_telem ~dst_port:"in"
432→ ~channel_name:ch_telem
433→ end
434→ end
435→
436→ | Plumb (plumb_ports, _) ->
437→ (* N port channels, matching the plumb body's port list *)
438→ List.iteri (fun i ch ->
439→ let port = List.nth plumb_ports i in
440→ (* Determine direction from port index relative to input/output *)
441→ add_route ~src:ch ~src_port:"out" ~dst:proc_name ~dst_port:port
442→ ~channel_name:ch
443→ ) channels
444→
445→ | Tool _ | Lower _ | Builtin _ ->
446→ (* These are not spawned directly — they're invoked via tool dispatch *)
447→ ()
448→ ) pb.pb_spawns;
449→
450→ (* Channel-node routes are intermediate — resolve them into direct
451→ process-to-process routes before the fabric sees them. *)
452→ let intermediate_routes = List.rev !routes in
453→ let resolved = resolve_channels
454→ ~processes:(List.rev !processes)
455→ ~boundary_ports:ports
456→ ~channels:pb.pb_channels
457→ intermediate_routes in
458→ let routes = classify_channel_kinds resolved in
459→ {
460→ processes = List.rev !processes;
461→ routes;
462→ seeded_channels = seeded;
463→ }
464→
465→(** Pretty-print a resolved routing table for debugging.
466→ Expects channel intermediaries to be resolved; prints the [via]
467→ field when present to show channel provenance. *)
468→let pp_routing_table rt =
469→ let buf = Buffer.create 256 in
470→ Buffer.add_string buf "Processes:\n";
471→ List.iter (fun pe ->
472→ let impl_str = match pe.proc_impl with
473→ | Id -> "id" | Copy -> "copy" | Merge -> "merge"
474→ | MergeAny -> "merge_any" | Discard -> "discard"
475→ | Barrier -> "barrier" | Map _ -> "map" | Filter _ -> "filter"
476→ | Tagger _ -> "tagger" | Log _ -> "log" | FormatJson -> "format_json"
477→ | ParseJson -> "parse_json" | Project n -> Printf.sprintf "project(%d)" n
478→ | Agent _ -> "agent" | Plumb _ -> "plumb" | Tool _ -> "tool"
479→ | Lower _ -> "lower" | Builtin _ -> "builtin"
480→ in
481→ Buffer.add_string buf (Printf.sprintf " %s (%s, %s)\n" pe.proc_name
482→ (match pe.proc_kind with Inline -> "inline" | Subprocess -> "subprocess")
483→ impl_str)
484→ ) rt.processes;
485→ Buffer.add_string buf "Routes:\n";
486→ List.iter (fun r ->
487→ let via_str = match r.via with
488→ | Some ch -> Printf.sprintf " via=%s" ch
489→ | None -> ""
490→ in
491→ Buffer.add_string buf (Printf.sprintf " %s:%s -> %s:%s [%s] topic=%s%s\n"
492→ r.src r.src_port r.dst r.dst_port
493→ (match r.kind with
494→ | Point_to_point -> "push/pull"
495→ | Fan_out -> "pub/sub"
496→ | Bidirectional -> "pair")
497→ r.topic via_str)
498→ ) rt.routes;
499→ if rt.seeded_channels <> [] then begin
500→ Buffer.add_string buf "Seeded: ";
501→ Buffer.add_string buf (String.concat ", " rt.seeded_channels);
502→ Buffer.add_char buf '\n'
503→ end;
504→ Buffer.contents buf
505→<persisted-output>
Output too large (72KB). Full output saved to: /Users/ww/.claude/projects/-Users-ww-src-plumbing/d438378e-8111-4168-abaf-ad446f02709d/tool-results/toolu_01FQYw4rLJW7yqJKZJWps4eg.txt
Preview (first 2KB):
50→
51→type t = {
52→ pids : (int * string) list;
53→ threads : Thread.t list;
54→ input_oc : out_channel;
55→ output_ic : in_channel;
56→ boundary_fds : (string * Unix.file_descr * Unix.file_descr) list;
57→ (** All boundary ports: (port_name, read_fd, write_fd).
58→ Input ports: runtime writes to write_fd, morphisms read from read_fd.
59→ Output ports: morphisms write to write_fd, runtime reads from read_fd.
60→
61→ TODO: leaky abstraction — raw fds on a public type. Only needed
62→ by recursive N-port Plumb execution. Consider returning a richer
63→ internal type and projecting to a public surface that exposes only
64→ input_oc / output_ic + send_control / shutdown functions. *)
65→ stderr_reader : (Thread.t * Buffer.t) option;
66→ ctrl_write_fds : Unix.file_descr list;
67→ (** TODO: same concern — callers should use send_control_all / shutdown,
68→ not reach into the fd list directly. *)
69→ tmp_files : string list;
70→}
71→
72→let input t = t.input_oc
73→let output t = t.output_ic
74→
75→(** Send a control message to a single agent's control input fd.
76→ Silences EPIPE (agent already exited); logs other errors. *)
77→let send_control fd msg =
78→ let line = Yojson.Safe.to_string msg ^ "\n" in
79→ let b = Bytes.of_string line in
80→ let len = Bytes.length b in
81→ let rec write_all off =
82→ if off < len then
83→ let n = Unix.write fd b off (len - off) in
84→ write_all (off + n)
85→ in
86→ try write_all 0
87→ with
88→ | Unix.Unix_error ((Unix.EPIPE | Unix.EBADF), _, _) -> ()
89→ | Unix.Unix_error (e, fn, _) ->
90→ Runtime.Log.warn "send_control"
91→ [("error", `String (Unix.error_message e));
92→ ("fn", `String fn)]
93→
94→(** Send a control message to all agents in the pipeline. *)
...
</persisted-output>{
"pattern": "tool_dispatch_loop",
"path": "/Users/ww/src/plumbing/lib",
"output_mode": "files_with_matches"
} 1→(** Tool dispatch: execution, OITL approval, and MCP connection management. *)
2→
3→open Language
4→open Spawn
5→
6→(** Runtime environment for tool dispatch. Threaded through
7→ execute → tool_dispatch_loop → dispatch_tool → execute_builtin. *)
8→type tool_env = {
9→ docroot : string option;
10→ (** Sandbox root for builtin document operations.
11→ [None] means use [Sys.getcwd ()] at dispatch time. *)
12→}
13→
14→let default_tool_env = { docroot = None }
15→
16→type observation = {
17→ agent : string;
18→ payload : Yojson.Safe.t;
19→}
20→
21→(** OITL (operator-in-the-loop) request/response types.
22→ Used for tool confirmation: the dispatch loop asks the operator
23→ before executing a tool call. Types match the OITL wire protocol
24→ JSON schema for future fd 8/9 migration. *)
25→type oitl_request = {
26→ oitl_id : string;
27→ oitl_tool : string;
28→ oitl_input : Yojson.Safe.t;
29→ oitl_agent : string;
30→}
31→
32→(* TODO: oitl_policy could be a variant [Once | Always] with [None] for
33→ denial, catching typos at compile time. Deferred because the string
34→ values match the wire protocol schema — changing to a variant now means
35→ adding serialisation when fd 8/9 lands. Do both together.
36→ Smart constructors (approve_once, approve_always, deny) would also
37→ collapse the ~6 repeated record literals across exec/chat/tests. *)
38→type oitl_response = {
39→ oitl_approved : bool;
40→ oitl_policy : string option; (** "once" | "always" | None=denied *)
41→}
42→
43→(** {1 Tool Dispatch}
44→
45→ The plumb runtime mediates tool calls between agents and their
46→ tool bindings. When an agent has tools, the runtime creates a
47→ tool dispatch pipe pair and runs a dispatch loop in a thread.
48→ The agent sends tool requests via __port envelopes on stdout;
49→ the demux routes them to the dispatch loop. Responses flow back
50→ through a mux forwarder as tool_resp envelopes on stdin.
51→
52→ Tool = lowering: [(A → B) ← (!A → !B)] via [η_A ; f ; ε_B].
53→ Any total morphism can serve as a tool — the discriminant is totality
54→ (exactly one output per input). See [Spec.is_lowerable]. *)
55→
56→(** Fork a subprocess (agent or plumb) for tool execution: one message
57→ in, one message out. This is the Kleisli counit ε applied after
58→ the unit η — tool is the categorical lowering operation. *)
59→let fork_tool_subprocess ~tool_call_id ~base_dir type_env prog (tool_binding : binding)
60→ (process_binding : binding) (input : Yojson.Safe.t) =
61→ let impl_name = match process_binding.impl with
62→ | Agent _ -> "plumb-agent" | Plumb _ -> "plumb"
63→ | _ -> failwith "fork_tool_subprocess: not a subprocess impl"
64→ in
65→ (* Resolve prompt paths before spec synthesis *)
66→ let process_binding = match process_binding.impl with
67→ | Agent config ->
68→ { process_binding with impl = Agent (resolve_prompts_config ~base_dir config) }
69→ | _ -> process_binding
70→ in
71→ (* Handle product output: if agent has (!B, !T), use { output = Stream B } *)
72→ let child_binding =
73→ if impl_name = "plumb-agent" then
74→ match agent_output_decomposition type_env process_binding.output with
75→ | Some (result_t, _) -> { process_binding with output = Stream result_t }
76→ | None -> process_binding
77→ else process_binding
78→ in
79→ let spec_source = synthesize_spec prog child_binding in
80→ let spec_path = write_temp_spec spec_source in{
"pattern": "Prefix_path|resource_find",
"path": "/Users/ww/src/plumbing/lib/plumb",
"output_mode": "files_with_matches"
} 1→(library
2→ (name fabric)
3→ (public_name plumbing.fabric)
4→ (libraries transport supervisor runtime language spawn_lib yojson eio eio.unix unix threads.posix))
5→ 80→ let spec_path = write_temp_spec spec_source in
81→ let bin_path = resolve_binary impl_name in
82→ (* Create pipes for child stdin/stdout/stderr *)
83→ let child_in_r, child_in_w = Unix.pipe ~cloexec:true () in
84→ let child_out_r, child_out_w = Unix.pipe ~cloexec:true () in
85→ let child_err_r, child_err_w = Unix.pipe ~cloexec:true () in
86→ let err_buf = Buffer.create 256 in
87→ let pid = spawn_subprocess ~bin_path ~spec_path
88→ ~stdin_fd:child_in_r ~stdout_fd:child_out_w ~stderr_fd:child_err_w
89→ ~env:(credential_env () @ provider_env ()) () in
90→ (* spawn_subprocess closes child_in_r, child_out_w, child_err_w in parent *)
91→ Runtime.Log.debug "fork_tool_subprocess"
92→ ["pid", `Int pid;
93→ "tool", `String tool_binding.bd_name;
94→ "process", `String process_binding.bd_name;
95→ "tool_call_id", `String tool_call_id];
96→ (* Start stderr reader thread to avoid pipe buffer deadlock *)
97→ let err_thread = Thread.create (fun () ->
98→ let ic = Unix.in_channel_of_descr child_err_r in
99→ (try while true do
100→ Buffer.add_string err_buf (input_line ic);
101→ Buffer.add_char err_buf '\n'
102→ done with End_of_file -> ());
103→ close_in_noerr ic
104→ ) () in
105→ (* Write input as JSON line, close stdin *)
106→ let oc = Unix.out_channel_of_descr child_in_w in
107→ output_string oc (Yojson.Safe.to_string input);
108→ output_char oc '\n';
109→ close_out oc;
110→ (* Read one JSON line from stdout *)
111→ let ic = Unix.in_channel_of_descr child_out_r in
112→ let result =
113→ try
114→ let line = input_line ic in
115→ close_in ic;
116→ let json = Yojson.Safe.from_string line in
117→ (* Validate output against tool's output type *)
118→ (match Validate.check type_env tool_binding.output json with
119→ | Ok cleaned -> Ok cleaned
120→ | Error errs ->
121→ Error (Printf.sprintf "output validation failed:\n%s"
122→ (Validate.error_string errs)))
123→ with
124→ | End_of_file ->
125→ close_in_noerr ic;
126→ Error "" (* placeholder — stderr content added below *)
127→ | exn ->
128→ close_in_noerr ic;
129→ Error (Printf.sprintf "tool %s (process %s): %s"
130→ tool_binding.bd_name process_binding.bd_name
131→ (Printexc.to_string exn))
132→ in
133→ (* Wait for child to exit (with optional timeout), then collect stderr *)
134→ let timeout_s = match Spawn.timeout_of_binding tool_binding with
135→ | Some t -> t | None -> 0.0 in
136→ let status, timed_out = Spawn.waitpid_timed ~timeout_seconds:timeout_s pid in
137→ Thread.join err_thread;
138→ let stderr_msg = String.trim (Buffer.contents err_buf) in
139→ (try Sys.remove spec_path with Sys_error _ -> ());
140→ if timed_out then
141→ Runtime.Log.warn "tool_timeout"
142→ ["tool", `String tool_binding.bd_name;
143→ "process", `String process_binding.bd_name;
144→ "timeout_seconds", `Float timeout_s;
145→ "tool_call_id", `String tool_call_id];
146→ (* Use stderr content for empty error messages *)
147→ let result = if timed_out then
148→ Error (Printf.sprintf "tool %s (process %s): timed out after %.0fs"
149→ tool_binding.bd_name process_binding.bd_name timeout_s)
150→ else match result with
151→ | Error "" ->
152→ let msg = if stderr_msg <> "" then
153→ Printf.sprintf "tool %s (process %s): %s"
154→ tool_binding.bd_name process_binding.bd_name stderr_msg
155→ else
156→ Printf.sprintf "tool %s (process %s): process produced no output"
157→ tool_binding.bd_name process_binding.bd_name
158→ in
159→ Error msg
160→ | other -> other
161→ in
162→ let is_error = match status with
163→ | Unix.WEXITED 0 -> Result.is_error result
164→ | _ -> true
165→ in
166→ let content = match result with
167→ | Ok json -> Yojson.Safe.to_string json
168→ | Error msg -> Runtime.Error.(to_string (make Unavailable "process_error" msg))
169→ in
170→ (content, is_error)
171→
172→(** Execute a builtin operation. Dispatches on the [builtin_op]
173→ variant. Document ops use a [Docstore.t] from the tool_env docroot.
174→ [call_pipeline] is a callback for the [Call] builtin — breaks the
175→ forward reference with [execute]. *)
176→let execute_builtin ~tool_call_id ~call_pipeline ~search_path tool_env type_env
177→ (tool_binding : binding) (op : builtin_op) (input : Yojson.Safe.t) =
178→ let open Yojson.Safe.Util in
179→ let t0 = Unix.gettimeofday () in
180→ let root = match tool_env.docroot with
181→ | Some r -> r
182→ | None -> Sys.getcwd ()
183→ in
184→ let store =
185→ try Docstore.create ~root
186→ with Invalid_argument msg ->
187→ Runtime.Log.error "builtin_tool"
188→ ["error", `String msg; "tool_call_id", `String tool_call_id];
189→ failwith msg
190→ in
191→ let docstore_error e =
192→ let open Runtime.Error in
193→ let category, code = match e with
194→ | Docstore.Path_traversal _ -> (Denied, "docstore_denied")
195→ | Docstore.Not_found _ -> (Not_found, "docstore_not_found")
196→ | Docstore.Permission_denied _ -> (Denied, "docstore_denied")
197→ | Docstore.Invalid_pattern _ -> (Invalid, "docstore_invalid")
198→ | Docstore.Io_error _ -> (Unavailable, "docstore_io_error")
199→ in
200→ (to_string (make category code (Docstore.error_to_string e)), true)
201→ in
202→ let result = match op with
203→ | Doc_read ->
204→ let path = input |> member "path" |> to_string in
205→ let offset = try Some (input |> member "offset" |> to_int)
206→ with Type_error _ -> None in
207→ let count = try Some (input |> member "count" |> to_int)
208→ with Type_error _ -> None in
209→ (match Docstore.read store ~path ?offset ?count () with
210→ | Ok content ->
211→ (Yojson.Safe.to_string (`Assoc [("content", `String content)]), false)
212→ | Error e ->
213→ docstore_error e)
214→ | Doc_write ->
215→ let path = input |> member "path" |> to_string in
216→ let content = input |> member "content" |> to_string in
217→ (match Docstore.write store ~path ~content with
218→ | Ok () ->
219→ (Yojson.Safe.to_string (`Assoc [("ok", `Bool true)]), false)
220→ | Error e ->
221→ docstore_error e)
222→ | Doc_edit ->
223→ let path = input |> member "path" |> to_string in
224→ let pattern = input |> member "pattern" |> to_string in
225→ let replacement = input |> member "replacement" |> to_string in
226→ (match Docstore.edit store ~path ~pattern ~replacement with
227→ | Ok n ->
228→ (Yojson.Safe.to_string (`Assoc [("replacements", `Int n)]), false)
229→ | Error e ->
230→ docstore_error e)
231→ | Doc_grep ->
232→ let pattern = input |> member "pattern" |> to_string in
233→ let path = try Some (input |> member "path" |> to_string)
234→ with Type_error _ -> None in
235→ let max_results = try Some (input |> member "max_results" |> to_int)
236→ with Type_error _ -> None in
237→ (match Docstore.grep store ~pattern ?path ?max_results () with
238→ | Ok matches ->
239→ let json_matches = List.map (fun (m : Docstore.match_result) ->
240→ `Assoc [
241→ ("file", `String m.file);
242→ ("line_number", `Int m.line_number);
243→ ("line", `String m.line);
244→ ]
245→ ) matches in
246→ (Yojson.Safe.to_string (`Assoc [("matches", `List json_matches)]), false)
247→ | Error e ->
248→ docstore_error e)
249→ | Doc_list ->
250→ let prefix = try Some (input |> member "prefix" |> to_string)
251→ with Type_error _ -> None in
252→ let max_results = try Some (input |> member "max_results" |> to_int)
253→ with Type_error _ -> None in
254→ (match Docstore.list store ?prefix ?max_results () with
255→ | Ok (paths, truncated) ->
256→ (Yojson.Safe.to_string (`Assoc [
257→ ("paths", `List (List.map (fun p -> `String p) paths));
258→ ("truncated", `Bool truncated);
259→ ]), false)
260→ | Error e ->
261→ docstore_error e)
262→ | Doc_delete ->
263→ let path = input |> member "path" |> to_string in
264→ Runtime.Log.info "builtin_tool"
265→ ["op", `String "delete"; "path", `String path;
266→ "tool_call_id", `String tool_call_id];
267→ (match Docstore.delete store ~path with
268→ | Ok () ->
269→ (Yojson.Safe.to_string (`Assoc [("ok", `Bool true)]), false)
270→ | Error e ->
271→ docstore_error e)
272→ | Exec ->
273→ let command = input |> member "command" |> to_string in
274→ Runtime.Log.info "builtin_tool"
275→ ["op", `String "exec"; "command", `String command;
276→ "tool_call_id", `String tool_call_id];
277→ (* Create pipes for stdout and stderr capture *)
278→ let out_r, out_w = Unix.pipe ~cloexec:true () in
279→ let err_r, err_w = Unix.pipe ~cloexec:true () in
280→ let env_array = build_env [] in
281→ let pid = Unix.fork () in
282→ if pid = 0 then begin
283→ (* Child: set cwd, wire fds, exec shell. _exit on all failure
284→ paths — never run at_exit handlers in forked child. *)
285→ (try Unix.chdir root
286→ with Unix.Unix_error (err, _, _) ->
287→ Runtime.Log.error "builtin_exec"
288→ ["event", `String "chdir_failed";
289→ "path", `String root;
290→ "detail", `String (Unix.error_message err)];
291→ Unix._exit 2);
292→ Unix.dup2 out_w Unix.stdout; Unix.close out_w; Unix.close out_r;
293→ Unix.dup2 err_w Unix.stderr; Unix.close err_w; Unix.close err_r;
294→ (* Close stdin — exec commands do not read from it *)
295→ Unix.close Unix.stdin;
296→ (try Unix.execve "/bin/sh" [| "/bin/sh"; "-c"; command |] env_array
297→ with exn ->
298→ Runtime.Log.error "builtin_exec"
299→ ["event", `String "execve_failed";
300→ "binary", `String "/bin/sh";
301→ "detail", `String (Printexc.to_string exn)];
302→ Unix._exit 127)
303→ end else begin
304→ (* Parent: close write ends, read with cap *)
305→ Unix.close out_w;
306→ Unix.close err_w;
307→ (* Two reader threads to avoid deadlock *)
308→ let out_result = ref ("", false) in
309→ let err_result = ref ("", false) in
310→ let out_thread = Thread.create (fun () ->
311→ out_result := read_capped out_r max_exec_output_bytes;
312→ Unix.close out_r
313→ ) () in
314→ let err_thread = Thread.create (fun () ->
315→ err_result := read_capped err_r max_exec_output_bytes;
316→ Unix.close err_r
317→ ) () in
318→ (* Timeout: wait with select on a timer *)
319→ let timed_out = ref false in
320→ let deadline = Unix.gettimeofday () +. exec_timeout_seconds in
321→ let rec wait_child () =
322→ let now = Unix.gettimeofday () in
323→ if now >= deadline then begin
324→ timed_out := true;
325→ (try Unix.kill pid Sys.sigkill with Unix.Unix_error _ -> ());
326→ snd (Unix.waitpid [] pid)
327→ end else
328→ match Unix.waitpid [Unix.WNOHANG] pid with
329→ | 0, _ ->
330→ ignore (Unix.select [] [] [] 0.1);
331→ wait_child ()
332→ | _, status -> status
333→ in
334→ let status = wait_child () in
335→ Thread.join out_thread;
336→ Thread.join err_thread;
337→ let stdout_s, stdout_trunc = !out_result in
338→ let stderr_s, stderr_trunc = !err_result in
339→ let exit_code = match status with
340→ | Unix.WEXITED c -> c
341→ | Unix.WSIGNALED s -> 128 + s
342→ | Unix.WSTOPPED s -> 128 + s
343→ in
344→ let fields = [
345→ ("stdout", `String stdout_s);
346→ ("stderr", `String stderr_s);
347→ ("exit_code", `Int exit_code);
348→ ] @ (if stdout_trunc || stderr_trunc then
349→ [("truncated", `Bool true)] else [])
350→ @ (if !timed_out then
351→ [("timed_out", `Bool true)] else [])
352→ in
353→ (Yojson.Safe.to_string (`Assoc fields), false)
354→ end
355→ | Check ->
356→ let source = input |> member "source" |> to_string in
357→ (try
358→ let prog = Language.Loader.load_string ~search_path
359→ ~importing_dir:root source in
360→ let _prog, _type_env =
361→ Runtime.Spec.validate_program prog in
362→ (Yojson.Safe.to_string (`Assoc [("ok", `Bool true)]), false)
363→ with
364→ | Language.Loader.Load_error msg ->
365→ (Yojson.Safe.to_string (`Assoc [
366→ ("ok", `Bool false); ("error", `String msg)
367→ ]), true)
368→ | Language.Parse_error msg ->
369→ (Yojson.Safe.to_string (`Assoc [
370→ ("ok", `Bool false); ("error", `String msg)
371→ ]), true)
372→ | Runtime.Error.Process_error e ->
373→ (Yojson.Safe.to_string (`Assoc [
374→ ("ok", `Bool false);
375→ ("error", `String (e.Runtime.Error.detail))
376→ ]), true)
377→ | exn ->
378→ (Yojson.Safe.to_string (`Assoc [
379→ ("ok", `Bool false);
380→ ("error", `String (Printexc.to_string exn))
381→ ]), true))
382→ | Call ->
383→ let source = input |> member "source" |> to_string in
384→ let call_input = input |> member "input" in
385→ call_pipeline source call_input
386→ in
387→ let duration_ms = (Unix.gettimeofday () -. t0) *. 1000.0 in
388→ let op_name = Language.Pp.string_of_builtin_op op in
389→ let _, is_error = result in
390→ Runtime.Log.info "builtin_tool"
391→ [ "op", `String op_name;
392→ "duration_ms", `Float duration_ms;
393→ "ok", `Bool (not is_error);
394→ "tool_call_id", `String tool_call_id ];
395→ ignore type_env; ignore tool_binding;
396→ result
397→
398→(** Execute a tool by dispatching on the process binding's impl kind.
399→ Inline morphisms (id, map, copy, discard) execute directly.
400→ Agents and plumbs fork a subprocess. *)
401→let execute_tool ~tool_call_id ~base_dir type_env prog (tool_binding : binding)
402→ (process_binding : binding) (input : Yojson.Safe.t) =
403→ match process_binding.impl with
404→ | Agent _ | Plumb _ ->
405→ fork_tool_subprocess ~tool_call_id ~base_dir type_env prog tool_binding process_binding input
406→ | Id ->
407→ (Yojson.Safe.to_string input, false)
408→ | Map expr ->
409→ let result = Expr.eval input expr in
410→ (match Validate.check type_env tool_binding.output result with
411→ | Ok cleaned -> (Yojson.Safe.to_string cleaned, false)
412→ | Error errs ->
413→ (Runtime.Error.(to_string (make Invalid "validation_error"
414→ (Printf.sprintf "output validation failed:\n%s"
415→ (Validate.error_string errs)))), true))
416→ | Copy ->
417→ (Yojson.Safe.to_string (`List [input; input]), false)
418→ | Discard ->
419→ (Yojson.Safe.to_string `Null, false)
420→ | Filter _ | Merge | MergeAny | Barrier | Project _ ->
421→ let impl_name = match process_binding.impl with
422→ | Filter _ -> "filter" | Merge | MergeAny -> "merge"
423→ | Barrier -> "barrier" | Project _ -> "project"
424→ | _ -> "unknown"
425→ in
426→ (Runtime.Error.(to_string (make Invalid "tool_not_lowerable"
427→ (Printf.sprintf "cannot lower %s to a tool (not total)" impl_name))), true)
428→ | Builtin _ ->
429→ (* Builtins are handled by execute_builtin before reaching here *)
430→ failwith "unreachable: Builtin should be dispatched by execute_builtin"
431→ | Tool _ | Lower _ ->
432→ (Runtime.Error.(to_string (make Invalid "tool_nesting_error"
433→ "cannot nest tool inside tool")), true)
434→ | FormatJson ->
435→ (Yojson.Safe.to_string (`String (Yojson.Safe.to_string input)), false)
436→ | ParseJson ->
437→ let s = match input with
438→ | `String s -> s
439→ | _ -> Yojson.Safe.to_string input
440→ in
441→ (match
442→ try Ok (Yojson.Safe.from_string s)
443→ with Yojson.Json_error msg -> Error msg
444→ with
445→ | Ok json -> (Yojson.Safe.to_string json, false)
446→ | Error msg ->
447→ (Runtime.Error.(to_string (make Invalid "parse_error"
448→ (Printf.sprintf "parse_json: %s" msg))), true))
449→ | Tagger _ | Log _ ->
450→ (Runtime.Error.(to_string (make Internal "internal_error"
451→ "compiler-internal morphism, not a tool")), true)
452→
453→(** Build an error response for tool dispatch. *)
454→let tool_error_response ?source id category code msg =
455→ let extras = match source with
456→ | Some src -> [("source", `String src)]
457→ | None -> []
458→ in
459→ let error_json = Runtime.Error.(to_string (make ~extras category code msg)) in
460→ `Assoc [
461→ ("id", `String id);
462→ ("content", `String error_json);
463→ ("is_error", `Bool true);
464→ ]
465→
466→(** Raised when a tool binding has an MCP config — escapes the nested
467→ match to be caught by [dispatch_tool]'s top-level handler. *)
468→exception Mcp_tool_dispatch of (string * config_value) list * string * Yojson.Safe.t
469→
470→(** Normalise an MCP server config to a cache key string. *)
471→let mcp_config_cache_key config =
472→ let get_str key =
473→ List.assoc_opt key config |> Option.map (function
474→ | Str s -> s | _ -> "") |> Option.value ~default:""
475→ in
476→ match get_str "url" with
477→ | "" -> Printf.sprintf "stdio:%s" (get_str "command")
478→ | url -> Printf.sprintf "http:%s" url
479→
480→(** Normalise an MCP tool config value into a flat key-value list.
481→ Handles [Str] (URL shorthand) and [Obj] (full config). *)
482→let normalise_mcp_tool_config config =
483→ match List.assoc_opt "mcp" config with
484→ | Some (Str url) -> [("url", Str url)]
485→ | Some (Obj kvs) -> kvs
486→ | Some _ -> failwith "tool mcp config must be a string URL or an object"
487→ | None -> failwith "tool mcp config not found"
488→
489→(** Get or create a cached MCP connection for a tool's MCP config. *)
490→let get_or_create_mcp_connection mcp_cache config =
491→ let config = normalise_mcp_tool_config config in
492→ let key = mcp_config_cache_key config in
493→ match List.assoc_opt key !mcp_cache with
494→ | Some conn -> conn
495→ | None ->
496→ let conn = match Spawn.connect_mcp_server config with
497→ | Ok c -> c
498→ | Error msg -> failwith msg
499→ in
500→ mcp_cache := (key, conn) :: !mcp_cache;
501→ conn
502→
503→(** Dispatch a single tool request. Resolves the process binding
504→ (for [Tool {process: name}]) or uses the tool binding itself
505→ (for bare-typed morphisms like [map], [id]).
506→ [~mcp_cache] is a mutable assoc list of MCP connections keyed by
507→ normalised server config string, used for per-tool MCP dispatch. *)
508→let dispatch_tool ~tool_call_id ~base_dir ~call_pipeline ~search_path tool_env type_env prog
509→ tool_bindings ~mcp_cache id name (input : Yojson.Safe.t) =
510→ match List.find_opt (fun (b : binding) -> short_name b.bd_name = name) tool_bindings with
511→ | None ->
512→ tool_error_response id Not_found "unknown_tool" (Printf.sprintf "unknown tool: %s" name)
513→ | Some tool_binding ->
514→ try
515→ let validated_input = match Validate.check type_env tool_binding.input input with
516→ | Ok v -> v
517→ | Error errs ->
518→ failwith (Printf.sprintf "input validation failed: %s"
519→ (Validate.error_string errs))
520→ in
521→ let content, is_error = match tool_binding.impl with
522→ | Builtin op ->
523→ execute_builtin ~tool_call_id ~call_pipeline ~search_path tool_env type_env tool_binding op validated_input
524→ | _ ->
525→ let process_binding = match tool_binding.impl with
526→ | Lower process_name ->
527→ (match List.find_opt (fun b ->
528→ b.bd_name = process_name
529→ ) prog.prog_bindings with
530→ | Some pb -> pb
531→ | None ->
532→ failwith (Printf.sprintf "tool %s: process '%s' not found"
533→ tool_binding.bd_name process_name))
534→ | Tool config ->
535→ (match List.find_map (fun (k, v) ->
536→ if k = "process" then
537→ (match v with Ident pname -> Some pname | _ -> None)
538→ else None
539→ ) config with
540→ | Some process_name ->
541→ (match List.find_opt (fun b ->
542→ b.bd_name = process_name
543→ ) prog.prog_bindings with
544→ | Some pb -> pb
545→ | None ->
546→ failwith (Printf.sprintf "tool %s: process '%s' not found"
547→ tool_binding.bd_name process_name))
548→ | None ->
549→ (* Check for MCP-backed tool *)
550→ match List.assoc_opt "mcp" config, List.assoc_opt "name" config with
551→ | Some _, Some (Str tool_name) ->
552→ (* MCP dispatch handled below *)
553→ raise (Mcp_tool_dispatch (config, tool_name, validated_input))
554→ | Some _, None ->
555→ failwith (Printf.sprintf "tool %s: mcp config requires 'name' key"
556→ tool_binding.bd_name)
557→ | Some _, Some _ ->
558→ failwith (Printf.sprintf "tool %s: 'name' must be a string"
559→ tool_binding.bd_name)
560→ | None, _ ->
561→ failwith "tool requires 'process', 'mcp', or structural impl")
562→ | _ -> tool_binding (* self-backing: id, map, copy, discard *)
563→ in
564→ execute_tool ~tool_call_id ~base_dir type_env prog tool_binding process_binding validated_input
565→ in
566→ `Assoc [
567→ ("id", `String id);
568→ ("content", `String content);
569→ ("is_error", `Bool is_error);
570→ ]
571→ with
572→ | Mcp_tool_dispatch (config, tool_name, validated_input) ->
573→ (try
574→ let conn = get_or_create_mcp_connection mcp_cache config in
575→ let (content, is_error) =
576→ Mcp_client.call_tool conn ~name:tool_name ~input:validated_input in
577→ `Assoc [
578→ ("id", `String id);
579→ ("content", `String content);
580→ ("is_error", `Bool is_error);
581→ ]
582→ with
583→ | Failure msg -> tool_error_response ~source:name id Unavailable "mcp_error" msg
584→ | exn -> tool_error_response ~source:name id Unavailable "mcp_error" (Printexc.to_string exn))
585→ | Failure msg -> tool_error_response ~source:name id Unavailable "mcp_error" msg
586→ | exn -> tool_error_response ~source:name id Unavailable "mcp_error" (Printexc.to_string exn)
587→
588→(** Dispatch a tool call to an MCP server connection.
589→ Searches each connection's tool list for a matching name
590→ (qualified or raw). Strips the prefix before calling the server.
591→ Returns the standard response JSON. *)
592→let dispatch_mcp_tool ~tool_call_id mcp_connections id name input =
593→ let result = List.find_map (fun conn ->
594→ let tools = Mcp_client.tools conn in
595→ match List.find_opt (fun (t : Mcp_client.mcp_tool) ->
596→ t.qualified_name = name || t.name = name
597→ ) tools with
598→ | Some tool ->
599→ (* Warn if unqualified name is ambiguous across servers *)
600→ if tool.qualified_name <> name then begin
601→ let other_matches = List.exists (fun other_conn ->
602→ other_conn != conn &&
603→ List.exists (fun (t : Mcp_client.mcp_tool) ->
604→ t.name = name) (Mcp_client.tools other_conn)
605→ ) mcp_connections in
606→ if other_matches then
607→ Runtime.Log.warn "mcp_tool_ambiguous"
608→ [("name", `String name);
609→ ("matched", `String tool.qualified_name);
610→ ("tool_call_id", `String tool_call_id)]
611→ end;
612→ Some (Mcp_client.call_tool conn ~name:tool.name ~input)
613→ | None -> None
614→ ) mcp_connections in
615→ match result with
616→ | Some (content, is_error) ->
617→ `Assoc [
618→ ("id", `String id);
619→ ("content", `String content);
620→ ("is_error", `Bool is_error);
621→ ]
622→ | None ->
623→ tool_error_response ~source:name id Not_found "unknown_tool"
624→ (Printf.sprintf "unknown tool: %s (not found in any MCP server)" name)
625→
626→(** Tool dispatch loop: reads JSON requests from req_fd, writes
627→ responses to resp_fd. Runs in a thread. Exits on EOF.
628→
629→ Plumbing tool bindings are checked first; MCP connections are
630→ the fallback for dynamically discovered tools. *)
631→(* TODO: parameter sprawl — ~base_dir, ~call_pipeline, ~search_path,
632→ tool_env, type_env, prog, tool_bindings, ~mcp_connections are always
633→ passed together. Bundle into a dispatch_context record. Same for
634→ the callback params (?on_observe, ?on_oitl_request) on execute —
635→ group into a hooks record. *)
636→let tool_dispatch_loop ~base_dir ~call_pipeline ~search_path tool_env type_env prog
637→ tool_bindings ~mcp_connections ?on_oitl_request ~agent_name req_fd resp_fd =
638→ let ic = Unix.in_channel_of_descr req_fd in
639→ let oc = Unix.out_channel_of_descr resp_fd in
640→ let mcp_cache = ref [] in
641→ let session_approvals = Hashtbl.create 8 in
642→ let request_counter = ref 0 in
643→ (try
644→ while true do
645→ let line = input_line ic in
646→ let req = Yojson.Safe.from_string line in
647→ let open Yojson.Safe.Util in
648→ let id = req |> member "id" |> to_string in
649→ let name = req |> member "name" |> to_string in
650→ let input = req |> member "input" in
651→ (* OITL: check operator approval before dispatching *)
652→ let approved = match on_oitl_request with
653→ | None -> true
654→ | Some _ when Hashtbl.mem session_approvals name -> true
655→ | Some cb ->
656→ incr request_counter;
657→ let oitl_req = {
658→ oitl_id = Printf.sprintf "tc-%s-%d" agent_name !request_counter;
659→ oitl_tool = name;
660→ oitl_input = input;
661→ oitl_agent = agent_name;
662→ } in
663→ let oitl_resp = cb oitl_req in
664→ if oitl_resp.oitl_approved then begin
665→ (match oitl_resp.oitl_policy with
666→ | Some "always" -> Hashtbl.replace session_approvals name ()
667→ | _ -> ());
668→ true
669→ end else false
670→ in
671→ let resp =
672→ if not approved then
673→ tool_error_response id Denied "tool_denied" "tool call denied by operator"
674→ else if List.exists (fun (b : binding) ->
675→ short_name b.bd_name = name
676→ ) tool_bindings then
677→ dispatch_tool ~tool_call_id:id ~base_dir ~call_pipeline ~search_path tool_env type_env
678→ prog tool_bindings ~mcp_cache id name input
679→ else
680→ dispatch_mcp_tool ~tool_call_id:id mcp_connections id name input
681→ in
682→ output_string oc (Yojson.Safe.to_string resp);
683→ output_char oc '\n';
684→ flush oc
685→ done
686→ with End_of_file -> ());
687→ (* Shut down MCP connections when the dispatch loop ends. *)
688→ List.iter (fun c ->
689→ try Mcp_client.shutdown c
690→ with exn ->
691→ Runtime.Log.warn "mcp_shutdown"
692→ ["error", `String (Printexc.to_string exn)]
693→ ) mcp_connections;
694→ List.iter (fun (_, c) ->
695→ try Mcp_client.shutdown c
696→ with exn ->
697→ Runtime.Log.warn "mcp_shutdown"
698→ ["error", `String (Printexc.to_string exn)]
699→ ) !mcp_cache;
700→ close_in_noerr ic;
701→ close_out_noerr oc
702→{
"pattern": "Prefix_path\\.bin_dir",
"path": "/Users/ww/src/plumbing/lib/plumb",
"output_mode": "content"
} 1→(** Resource file search path assembly.
2→
3→ Builds the search path for runtime resource files (system prompts,
4→ grammar) from:
5→ 1. [PLUMB_RESOURCES] environment variable (colon-separated directories)
6→ 2. Binary-relative [../share/plumbing/resources] (tarball / install prefix)
7→ 3. Installed resource directories discovered via dune sites *)
8→
9→let search_path () =
10→ let from_env = match Sys.getenv_opt "PLUMB_RESOURCES" with
11→ | None -> []
12→ | Some s ->
13→ String.split_on_char ':' s
14→ |> List.filter (fun s -> s <> "")
15→ in
16→ from_env @ Prefix_path.share_subdir "resources" @ Sites.Sites.resources
17→
18→let find ?(paths = search_path ()) name =
19→ if String.length name = 0 then
20→ Runtime.Error.raise_ Config "config_error" "empty string in prompts array";
21→ match List.find_opt (fun dir ->
22→ Sys.file_exists (Filename.concat dir name)
23→ ) paths with
24→ | Some dir -> Filename.concat dir name
25→ | None ->
26→ let dirs = String.concat ":" paths in
27→ Runtime.Error.raise_ Config "config_error"
28→ (Printf.sprintf "cannot find resource file %s (searched: %s)" name dirs)
29→{
"pattern": "val build_type_env|let build_type_env",
"path": "/Users/ww/src/plumbing/lib/runtime",
"output_mode": "content"
} 1→(** Installation prefix discovery.
2→
3→ Given a binary at [prefix/bin/plumb], derives
4→ [prefix/share/plumbing/subdir]. Uses {!Unix.realpath} to resolve
5→ symlinks (Nix result links, user symlinks into [/usr/local/bin]). *)
6→
7→let bin_dir =
8→ lazy begin
9→ let exe =
10→ try Unix.realpath Sys.executable_name
11→ with Unix.Unix_error _ | Invalid_argument _ -> Sys.executable_name
12→ in
13→ if Filename.is_relative exe then None
14→ else Some (Filename.dirname exe)
15→ end
16→
17→let share_subdir subdir =
18→ match Lazy.force bin_dir with
19→ | None -> []
20→ | Some dir ->
21→ let prefix = Filename.dirname dir in
22→ let candidate =
23→ Filename.concat prefix
24→ (Filename.concat "share"
25→ (Filename.concat "plumbing" subdir))
26→ in
27→ if Sys.file_exists candidate
28→ && (try Sys.is_directory candidate with Sys_error _ -> false)
29→ then [candidate]
30→ else []
31→{
"file_path": "/Users/ww/src/plumbing/lib/plumb/exec.ml",
"offset": 50,
"limit": 50
} 50→
51→type t = {
52→ pids : (int * string) list;
53→ threads : Thread.t list;
54→ input_oc : out_channel;
55→ output_ic : in_channel;
56→ boundary_fds : (string * Unix.file_descr * Unix.file_descr) list;
57→ (** All boundary ports: (port_name, read_fd, write_fd).
58→ Input ports: runtime writes to write_fd, morphisms read from read_fd.
59→ Output ports: morphisms write to write_fd, runtime reads from read_fd.
60→
61→ TODO: leaky abstraction — raw fds on a public type. Only needed
62→ by recursive N-port Plumb execution. Consider returning a richer
63→ internal type and projecting to a public surface that exposes only
64→ input_oc / output_ic + send_control / shutdown functions. *)
65→ stderr_reader : (Thread.t * Buffer.t) option;
66→ ctrl_write_fds : Unix.file_descr list;
67→ (** TODO: same concern — callers should use send_control_all / shutdown,
68→ not reach into the fd list directly. *)
69→ tmp_files : string list;
70→}
71→
72→let input t = t.input_oc
73→let output t = t.output_ic
74→
75→(** Send a control message to a single agent's control input fd.
76→ Silences EPIPE (agent already exited); logs other errors. *)
77→let send_control fd msg =
78→ let line = Yojson.Safe.to_string msg ^ "\n" in
79→ let b = Bytes.of_string line in
80→ let len = Bytes.length b in
81→ let rec write_all off =
82→ if off < len then
83→ let n = Unix.write fd b off (len - off) in
84→ write_all (off + n)
85→ in
86→ try write_all 0
87→ with
88→ | Unix.Unix_error ((Unix.EPIPE | Unix.EBADF), _, _) -> ()
89→ | Unix.Unix_error (e, fn, _) ->
90→ Runtime.Log.warn "send_control"
91→ [("error", `String (Unix.error_message e));
92→ ("fn", `String fn)]
93→
94→(** Send a control message to all agents in the pipeline. *)
95→let send_control_all t msg =
96→ List.iter (fun fd -> send_control fd msg) t.ctrl_write_fds
97→
98→let release_ctrl t =
99→ (* Send stop to each agent then close executor's control write-fds.{
"file_path": "/Users/ww/src/plumbing/lib/runtime/spec.ml",
"offset": 40,
"limit": 60
} 40→ Requires totality: the process must always produce at least one output. *)
41→let is_lowerable = function
42→ | Agent _ | Plumb _ | Id | Map _ | Copy | Discard -> true
43→ | Filter _ -> false (* not total: may produce 0 outputs *)
44→ | Merge | MergeAny -> false (* requires interleaving *)
45→ | Barrier -> false (* requires synchronisation *)
46→ | Project _ -> false (* requires product stream *)
47→ | Tool _ -> false (* already base: nesting is nonsensical *)
48→ | Lower _ -> false (* already lowered: lowering a lowering is nonsensical *)
49→ | Builtin _ -> false (* already base: OS-level primitive *)
50→ | Tagger _ -> false (* stateful: protocol-boundary counter *)
51→ | Log _ -> false (* compiler-internal: debug tap *)
52→ | FormatJson -> true (* total: one output per input *)
53→ | ParseJson -> true (* total: one output per input *)
54→
55→(** Validate categorical level consistency.
56→ - Tool impl: must have bare types (A -> B)
57→ - Id, Map, Copy, Discard: may have bare or stream types
58→ - All other impls: must have stream types (!A -> !B) *)
59→let has_stream = function
60→ | Stream _ -> true
61→ | Product ts -> List.exists (function Stream _ -> true | _ -> false) ts
62→ | _ -> false
63→
64→let check_categorical_types bindings =
65→ List.iter (fun (b : binding) ->
66→ let is_bare = not (has_stream b.input) && not (has_stream b.output) in
67→ if is_bare && not (admits_bare_type b.impl) then
68→ Error.raise_ Config "config_error"
69→ (Printf.sprintf "%s: %s requires stream types !A -> !B"
70→ b.bd_name (match b.impl with
71→ | Agent _ -> "agent" | Plumb _ -> "plumb"
72→ | Filter _ -> "filter" | Merge | MergeAny -> "merge"
73→ | Barrier -> "barrier" | Project _ -> "project"
74→ | _ -> "this impl kind"));
75→ if not is_bare && (match b.impl with Tool _ | Lower _ | Builtin _ -> true | _ -> false) then
76→ Error.raise_ Config "config_error"
77→ (Printf.sprintf "%s: tool must use bare types A -> B, not streams"
78→ b.bd_name)
79→ ) bindings
80→
81→(** Validate that a named process is lowerable and its types match the
82→ tool binding's types (after stripping streams). *)
83→let check_lower_types b process_name bindings =
84→ match List.find_opt (fun pb -> pb.bd_name = process_name) bindings with
85→ | Some pb ->
86→ if not (is_lowerable pb.impl) then
87→ Error.raise_ Config "config_error"
88→ (Printf.sprintf
89→ "%s: cannot lower %s to a tool (%s is not total)"
90→ b.bd_name process_name process_name);
91→ let strip = function Stream t -> t | t -> t in
92→ let proc_in = strip pb.input in
93→ let proc_out = strip pb.output in
94→ if not (Validate.type_eq [] b.input proc_in) then
95→ Error.raise_ Config "config_error"
96→ (Printf.sprintf
97→ "%s: tool input type %s does not match process %s input %s"
98→ b.bd_name (pp_type_expr [] b.input)
99→ process_name (pp_type_expr [] proc_in));{
"pattern": "let build_type_env|build_type_env",
"path": "/Users/ww/src/plumbing",
"output_mode": "content",
"glob": "*.ml"
}<persisted-output> Output too large (44.5KB). Full output saved to: /Users/ww/.claude/projects/-Users-ww-src-plumbing/d438378e-8111-4168-abaf-ad446f02709d/tool-results/toolu_01Q7rTF2Phvd2uDNerS1KqwJ.txt Preview (first 2KB): bin/chat/main.ml:219: let type_env = Language.Validate.build_type_env prog.prog_types in test/test_routing.ml:13: let type_env = Validate.build_type_env prog.prog_types in test/test_routing.ml:103: let type_env = Validate.build_type_env prog.prog_types in test/test_routing.ml:219: let type_env = Validate.build_type_env prog.prog_types in test/test_session_compile.ml:518: let type_env = Validate.build_type_env prog.prog_types in test/test_session_compile.ml:615: let type_env = Validate.build_type_env prog.prog_types in test/test_session_compile.ml:683: let type_env = Validate.build_type_env prog.prog_types in parser.ml:132: let type_env = Validate.build_type_env (List.rev !types) in test/test_fabric.ml:22: try Validate.build_type_env prog.prog_types test/test_session_exec.ml:401: let type_env = Validate.build_type_env prog.prog_types in test/test_validate.ml:91: let env = build_type_env [ test/test_validate.ml:107: let _ = build_type_env [ test/test_validate.ml:148: let env = build_type_env [ test/test_validate.ml:171: let env = build_type_env [] in test/test_validate.ml:178: let env = build_type_env [] in test/test_validate.ml:188: let env = build_type_env [] in test/test_validate.ml:200: let env = build_type_env [] in test/test_validate.ml:210: let env = build_type_env [] in test/test_validate.ml:216: let env = build_type_env [] in test/test_validate.ml:227: let env = build_type_env [] in test/test_validate.ml:242: let env = build_type_env [] in test/test_validate.ml:254: let env = build_type_env [ test/test_validate.ml:269: let env = build_type_env [] in test/test_validate.ml:281: let env = build_type_env [] in test/test_validate.ml:299: let env = build_type_env [ test/test_validate.ml:308: let env = build_type_env [] in test/test_validate.ml:317: let env = build_type_env [] in test/test_validate.ml:325: let env = build_type_env [ test/test_validate.ml:360: let env = build_type_env [] in ... </persisted-output>
{
"file_path": "/Users/ww/src/plumbing/lib/runtime/spec.ml",
"offset": 98,
"limit": 60
} 98→ b.bd_name (pp_type_expr [] b.input)
99→ process_name (pp_type_expr [] proc_in));
100→ if not (Validate.type_eq [] b.output proc_out) then
101→ Error.raise_ Config "config_error"
102→ (Printf.sprintf
103→ "%s: tool output type %s does not match process %s output %s"
104→ b.bd_name (pp_type_expr [] b.output)
105→ process_name (pp_type_expr [] proc_out))
106→ | None -> () (* process not in scope here; runtime will catch it *)
107→
108→let check_tool_process_types bindings =
109→ List.iter (fun (b : binding) ->
110→ match b.impl with
111→ | Lower process_name ->
112→ check_lower_types b process_name bindings
113→ | Tool config ->
114→ (match List.find_map (fun (k, v) ->
115→ if k = "process" then
116→ (match v with Ident name -> Some name | _ -> None)
117→ else None
118→ ) config with
119→ | Some process_name -> check_lower_types b process_name bindings
120→ | None ->
121→ (* Check MCP tool config: if mcp is present, name is required *)
122→ let has_mcp = List.exists (fun (k, _) -> k = "mcp") config in
123→ let has_name = List.exists (fun (k, _) -> k = "name") config in
124→ if has_mcp && not has_name then
125→ raise (Error.Process_error (Error.make Config "config_error"
126→ (Printf.sprintf "%s: tool with 'mcp' config requires 'name' key"
127→ b.bd_name)))
128→ )
129→ | _ -> ()
130→ ) bindings
131→
132→(** Validate filter/map expression types at declaration site.
133→ Inline filter/map in wiring bodies are checked in the desugarer;
134→ top-level bindings bypass it so need an explicit check here. *)
135→let check_expr_types type_env bindings =
136→ List.iter (fun (b : binding) ->
137→ let strip_stream = function Stream t -> t | t -> t in
138→ match b.impl with
139→ | Filter expr ->
140→ (* Filter requires stream types — check_categorical_types
141→ guarantees this, so unwrap_stream is safe. *)
142→ let inp_t = Validate.unwrap_stream b.input in
143→ (* Filter is an endomorphism: input = output. *)
144→ let out_t = Validate.unwrap_stream b.output in
145→ if not (Validate.type_eq type_env inp_t out_t) then
146→ Error.raise_ Config "config_error"
147→ (Printf.sprintf
148→ "%s: filter must have equal input and output types, \
149→ got %s -> %s"
150→ b.bd_name (pp_type_expr type_env inp_t)
151→ (pp_type_expr type_env out_t));
152→ let result_t =
153→ (try Validate.infer_type type_env inp_t expr
154→ with Validate.Schema_error msg ->
155→ Error.raise_ Config "config_error"
156→ (Printf.sprintf "%s: filter type error: %s"
157→ b.bd_name msg))Now let me look at validate_program and load_main_from_file to understand the full loading pipeline.
{
"pattern": "let validate_program|let load_main_from_file",
"path": "/Users/ww/src/plumbing/lib/runtime/spec.ml",
"output_mode": "content",
"-A": 20
}276:let validate_program prog = 277- let type_env = 278- try Validate.build_type_env prog.prog_types 279- with Validate.Schema_error msg -> 280- raise (Error.Process_error (Error.make Config "config_error" msg)) 281- in 282- (try 283- List.iter (fun td -> Validate.check_sums type_env td.td_type) prog.prog_types; 284- List.iter (fun b -> 285- Validate.check_sums type_env b.input; 286- Validate.check_sums type_env b.output 287- ) prog.prog_bindings 288- with Validate.Schema_error msg -> 289- raise (Error.Process_error (Error.make Config "config_error" msg))); 290- check_reserved_names prog.prog_bindings; 291- check_categorical_types prog.prog_bindings; 292- check_tool_process_types prog.prog_bindings; 293- check_expr_types type_env prog.prog_bindings; 294- (prog, type_env) 295- 296-(** Load a plumb program from a file path, resolving [use] declarations, -- 298:let load_main_from_file ?(search_path = []) path = 299- let prog = 300- try Language.Loader.load_file ~search_path path 301- with Language.Loader.Load_error msg -> 302- raise (Error.Process_error (Error.make Config "config_error" msg)) 303- in 304- let prog, type_env = validate_program prog in 305- let prog = desugar_plumbs type_env prog in 306- let main = find_main prog in 307- (prog, main) 308- 309-(** Load a plumb program from source text, resolving [use] declarations, 310- and find its [main] binding. *) 311-let load_main_from_string ?(search_path = []) ?(importing_dir = Sys.getcwd ()) 312- ?source_name source = 313- let prog = 314- try Language.Loader.load_string ~search_path ~importing_dir 315- ?source_name source 316- with Language.Loader.Load_error msg -> 317- raise (Error.Process_error (Error.make Config "config_error" msg)) 318- in
Good, load_main_from_file returns (prog, main) but doesn't return type_env. I need to rebuild it. Let me also check the find_main function and what it returns.
{
"pattern": "let find_main",
"path": "/Users/ww/src/plumbing/lib/runtime/spec.ml",
"output_mode": "content",
"-A": 20
}205:let find_main prog = 206- match List.find_opt (fun b -> b.bd_name = "main") prog.prog_bindings with 207- | Some b -> b 208- | None -> Error.raise_ Config "config_error" "no main binding" 209- 210-(** Load a plumb program and find its [main] binding. *) 211-let load_main source = 212- let prog = 213- try parse source 214- with Parse_error msg -> 215- raise (Error.Process_error (Error.make Config "config_error" msg)) 216- in 217- let type_env = 218- try Validate.build_type_env prog.prog_types 219- with Validate.Schema_error msg -> 220- raise (Error.Process_error (Error.make Config "config_error" msg)) 221- in 222- (* Check disjointness of sum types in declarations and bindings *) 223- (try 224- List.iter (fun td -> Validate.check_sums type_env td.td_type) prog.prog_types; 225- List.iter (fun b ->
{
"pattern": "spawn_subprocess",
"path": "/Users/ww/src/plumbing/lib/spawn/spawn_lib.ml",
"output_mode": "content",
"-A": 30
}137:let spawn_subprocess ~bin_path ~spec_path
138- ~stdin_fd ~stdout_fd ?stderr_fd
139- ?(env=[]) ?cwd () =
140- let env_array = build_env env in
141- let pid = Unix.fork () in
142- if pid = 0 then begin
143- (* Child process: wire fds and exec. Use _exit (not exit) on all
144- failure paths to avoid running at_exit handlers in the child. *)
145- (match cwd with
146- | Some d ->
147- (try Unix.chdir d
148- with Unix.Unix_error (err, _, _) ->
149: Runtime.Log.error "spawn_subprocess"
150- ["event", `String "chdir_failed";
151- "path", `String d;
152- "detail", `String (Unix.error_message err)];
153- Unix._exit 2)
154- | None -> ());
155- Unix.dup2 stdin_fd Unix.stdin;
156- Unix.close stdin_fd;
157- Unix.dup2 stdout_fd Unix.stdout;
158- Unix.close stdout_fd;
159- (match stderr_fd with
160- | Some fd -> Unix.dup2 fd Unix.stderr; Unix.close fd
161- | None -> ());
162- (try Unix.execve bin_path [| bin_path; spec_path |] env_array
163- with exn ->
164: Runtime.Log.error "spawn_subprocess"
165- ["event", `String "execve_failed";
166- "binary", `String bin_path;
167- "detail", `String (Printexc.to_string exn)];
168- Unix._exit 2)
169- end else begin
170- Unix.close stdin_fd;
171- Unix.close stdout_fd;
172- (match stderr_fd with Some fd -> Unix.close fd | None -> ());
173- pid
174- end
175-
176-(** {1 Type Dependency Collection} *)
177-
178-module StringSet = Set.Make(String)
179-
180-(** Collect all Named type references from a type expression. *)
181-let rec collect_named acc = function
182- | Named name -> StringSet.add name acc
183- | Record fields -> List.fold_left (fun a f -> collect_named a f.typ) acc fields
184- | List t -> collect_named acc t
185- | Stream t -> collect_named acc t
186- | Sum variants -> List.fold_left collect_named acc variants
187- | Product components -> List.fold_left collect_named acc components
188- | Primitive _ | Unit -> acc
189-
190-(** Find the type declarations a binding depends on, transitively.
191- Walks the binding's input/output types, then chases Named references
192- through type declarations until reaching a fixed point. *)
193-let required_types (prog : program) (binding : binding) =
194- let all_type_decls = prog.prog_types ingit worktree add /tmp/plmb-037-step5b plmb-037-step5b 2>/dev/null || (git branch plmb-037-step5b main 2>/dev/null; git worktree add /tmp/plmb-037-step5b plmb-037-step5b)
Preparing worktree (checking out 'plmb-037-step5b') HEAD is now at f09eec8 Merge plmb-037-step5a: agent subprocess bridge (Step 5a)
Good. Now let me implement the changes. I'll start with all the files in parallel since I understand the full picture.
(executable
(name main)
(public_name plumb)
(libraries plumb fabric language runtime spawn_lib
eio_main eio.unix unix threads.posix yojson))
<tool_use_error>File has not been read yet. Read it first before writing to it.</tool_use_error>
(** Plumb runtime — fabric-based executor for plumb programs.
Parses a plumb program, compiles a routing table, starts the ZMQ
fabric, and bridges boundary ports to stdin/stdout. The binary is
a thin I/O adapter — all process orchestration happens in the
fabric via ZMQ sockets. *)
open Language
let () =
(* Default to Info; PIPELINE_DEBUG=1 wins (already set to Debug in Log
module initialiser). --verbose lowers to Debug explicitly. *)
let verbose = Array.exists (fun s -> s = "--verbose") Sys.argv in
if verbose then Runtime.Log.set_level Runtime.Log.Debug
else if Sys.getenv_opt "PIPELINE_DEBUG" <> Some "1" then
Runtime.Log.set_level Runtime.Log.Info;
(* Extract --provider/--model/--auto-approve from argv and set env vars.
Entry.main strips these from argv before extracting the spec path. *)
(match Runtime.Entry.resolve_flag Sys.argv "--provider" with
| Some p -> Unix.putenv "PLUMB_PROVIDER" p | None -> ());
(match Runtime.Entry.resolve_flag Sys.argv "--model" with
| Some m -> Unix.putenv "PLUMB_MODEL" m | None -> ());
let auto_approve = Array.exists (fun s -> s = "--auto-approve") Sys.argv in
let docroot = Runtime.Entry.resolve_docroot Sys.argv in
let search_path = Plumb.Stdlib_path.search_path () in
let tool_env = { Plumb.Tool_dispatch.docroot } in
(* Signal handling: set a SIGINT handler that cancels the fabric.
The handler sets an atomic flag and calls fabric.cancel() if a
fabric is running; otherwise raises Sys.Break for Entry.main to
catch at exit code 130. *)
let fabric_ref : Fabric.t option ref = ref None in
Sys.set_signal Sys.sigint (Sys.Signal_handle (fun _signo ->
match !fabric_ref with
| Some f -> f.Fabric.cancel ()
| None -> raise Sys.Break));
Runtime.Entry.main
~usage:"Usage: plumb [--verbose] [--docroot DIR] [--provider NAME] \
[--model NAME] [--auto-approve] <spec.plumb>"
~run:(fun spec_path ->
let prog, main = Runtime.Spec.load_main_from_file ~search_path spec_path in
let on_oitl_request =
if auto_approve then
fun (_req : Plumb.Tool_dispatch.oitl_request) ->
Plumb.Tool_dispatch.{ oitl_approved = true; oitl_policy = Some "always" }
else
fun (req : Plumb.Tool_dispatch.oitl_request) ->
Printf.eprintf "plumb: denied tool call '%s' by agent '%s' \
(use --auto-approve)\n%!" req.oitl_tool req.oitl_agent;
Plumb.Tool_dispatch.{ oitl_approved = false; oitl_policy = None }
in
(* Extract plumb body from main binding *)
let ports, pb = match main.impl with
| Plumb (ports, pb) -> (ports, pb)
| _ -> Runtime.Error.raise_ Config "config_error"
"main binding must be a plumb"
in
let type_env = Validate.build_type_env prog.prog_types in
let routing_table = Runtime.Routing.compile ~prog ~ports ~pb
~type_env ~main_binding:main ~seeded:pb.pb_seeded in
Runtime.Log.debug "plumb"
["event", `String "routing_table";
"detail", `String (Runtime.Routing.pp_routing_table routing_table)];
(* Build the bridge process handler for agent subprocesses *)
let handler = Fabric.Bridge.make_handler
~prog ~type_env
~bin_dir:(Lazy.force Plumb.Prefix_path.bin_dir)
~resource_find:Plumb.Resource_path.find
~search_path
~tool_env
~base_dir:(Filename.dirname spec_path)
~on_oitl_request
() in
(* Determine boundary port names from the main binding's port list.
Convention: first n_in ports are inputs, rest are outputs. *)
let n_in = List.length
(Validate.port_element_types type_env main.input) in
let input_port = List.nth ports 0 in
let output_port = List.nth ports n_in in
(* Run the fabric under Eio *)
let fabric_handle = ref None in
Eio_main.run (fun _env ->
Eio.Switch.run (fun sw ->
let f = Fabric.execute ~sw ~routing_table ~type_env
~process_handler:handler () in
fabric_handle := Some f;
fabric_ref := Some f;
(* Writer daemon: stdin → boundary input socket *)
let push = Fabric.boundary_input f input_port in
Eio.Fiber.fork_daemon ~sw (fun () ->
(try while true do
let line = Eio_unix.run_in_systhread (fun () ->
input_line stdin) in
Transport.Zmq.send push ~topic:input_port line
done with End_of_file | Sys_error _ -> ());
Fabric.Bridge.send_eof push ~topic:input_port;
`Stop_daemon);
(* Reader: boundary output socket → stdout (main fibre) *)
let pull = Fabric.boundary_output f output_port in
(try while true do
let (_topic, payload) = Transport.Zmq.recv pull in
if Fabric.Bridge.is_eof payload then raise Exit;
Eio_unix.run_in_systhread (fun () ->
print_endline payload)
done with
| Exit -> ()
| Transport.Transport_error _ -> ());
(* Reader exited — cancel the fabric to unwind all fibres *)
f.cancel ()));
(* Outside switch scope — safe to call shutdown (may sleep) *)
match !fabric_handle with
| Some f -> Fabric.shutdown f
| None -> ())
<tool_use_error>File has not been read yet. Read it first before writing to it.</tool_use_error>
1→(** Plumb runtime — general-purpose executor for plumb programs.
2→
3→ Parses a plumb program, finds the main binding, creates channels,
4→ spawns processes, wires boundary ports, and forwards stdin/stdout
5→ through the pipeline. Concurrent streaming forwarding — handles
6→ arbitrary n:m message ratios (copy, merge, etc.). *)
7→
8→let () =
9→ (* Default to Info; PIPELINE_DEBUG=1 wins (already set to Debug in Log
10→ module initialiser). --verbose lowers to Debug explicitly. *)
11→ let verbose = Array.exists (fun s -> s = "--verbose") Sys.argv in
12→ if verbose then Runtime.Log.set_level Runtime.Log.Debug
13→ else if Sys.getenv_opt "PIPELINE_DEBUG" <> Some "1" then
14→ Runtime.Log.set_level Runtime.Log.Info;
15→ (* Extract --provider/--model/--auto-approve from argv and set env vars.
16→ Entry.main strips these from argv before extracting the spec path. *)
17→ (match Runtime.Entry.resolve_flag Sys.argv "--provider" with
18→ | Some p -> Unix.putenv "PLUMB_PROVIDER" p | None -> ());
19→ (match Runtime.Entry.resolve_flag Sys.argv "--model" with
20→ | Some m -> Unix.putenv "PLUMB_MODEL" m | None -> ());
21→ let auto_approve = Array.exists (fun s -> s = "--auto-approve") Sys.argv in
22→ let docroot = Runtime.Entry.resolve_docroot Sys.argv in
23→ let search_path = Plumb.Stdlib_path.search_path () in
24→ let tool_env = { Plumb.Exec.docroot } in
25→ Sys.catch_break true;
26→ Runtime.Entry.main
27→ ~usage:"Usage: plumb [--verbose] [--docroot DIR] [--provider NAME] [--model NAME] [--auto-approve] <spec.plumb>"
28→ ~run:(fun spec_path ->
29→ let prog, main = Runtime.Spec.load_main_from_file ~search_path spec_path in
30→ let on_oitl_request =
31→ if auto_approve then
32→ fun (_req : Plumb.Exec.oitl_request) ->
33→ Plumb.Exec.{ oitl_approved = true; oitl_policy = Some "always" }
34→ else
35→ fun (req : Plumb.Exec.oitl_request) ->
36→ Printf.eprintf "plumb: denied tool call '%s' by agent '%s' \
37→ (use --auto-approve)\n%!" req.oitl_tool req.oitl_agent;
38→ Plumb.Exec.{ oitl_approved = false; oitl_policy = None }
39→ in
40→ let running = Plumb.Exec.execute ~search_path ~tool_env
41→ ~on_oitl_request prog main spec_path in
42→ let oc = Plumb.Exec.input running in
43→ let ic = Plumb.Exec.output running in
44→ (* Writer thread: stdin → pipeline input.
45→ release_ctrl sends stop to agents and closes ctrl fds.
46→ On normal EOF the executor's mux thread does this too
47→ (after data processing) — double-close is idempotent.
48→ On Ctrl-C, release_ctrl is the only path that sends stop. *)
49→ let writer = Thread.create (fun () ->
50→ (try while true do
51→ let line = input_line stdin in
52→ Printf.fprintf oc "%s\n%!" line
53→ done with _ -> ());
54→ close_out_noerr oc;
55→ Plumb.Exec.release_ctrl running
56→ ) () in
57→ (* Main thread: pipeline output → stdout *)
58→ (try while true do
59→ let resp = input_line ic in
60→ print_endline resp
61→ done with
62→ | End_of_file -> ()
63→ | Sys.Break -> close_in_noerr stdin);
64→ Thread.join writer;
65→ ignore (Plumb.Exec.shutdown running))
66→ 1→(executable
2→ (name main)
3→ (public_name plumb)
4→ (libraries plumb language runtime unix threads.posix))
5→ 1→(** Bridge — stdio mux/demux adapter for agent subprocesses.
2→
3→ Natural transformation between ZMQ topic-framed sockets and the
4→ agent binary's port-multiplexed stdin/stdout protocol. The agent
5→ sees the same [{"__port":...,"msg":...}] envelopes as under exec.ml.
6→
7→ All pipe writes use [Mutex] + [Eio_unix.run_in_systhread] (R2).
8→
9→ The [__port] envelope protocol is confined to this module and the
10→ agent binary — it must never appear in [fabric.ml] or [inline.ml]
11→ (R7: the bridge is NOT a morphism, it is a natural transformation
12→ between two concrete stream representations). *)
13→
14→open Language
15→
16→module T = Transport.Zmq
17→
18→(** {1 EOF Sentinel}
19→
20→ An empty-payload message on a PUSH socket signals end-of-stream.
21→ The receiver exits its recv loop on seeing this sentinel. *)
22→
23→let send_eof sock ~topic =
24→ T.send sock ~topic ""
25→
26→let is_eof payload =
27→ String.length payload = 0
28→
29→(** {1 Process Handler Type}
30→
31→ The fabric calls a process handler for each subprocess entry.
32→ The handler receives the process's ZMQ socket endpoints and starts
33→ the subprocess. The fabric does not know how. *)
34→
35→type process_handler =
36→ sw:Eio.Switch.t ->
37→ proc_entry:Runtime.Routing.process_entry ->
38→ push_sockets:(string * [`Push] T.socket) list ->
39→ pull_sockets:(string * [`Pull] T.socket) list ->
40→ unit
41→
42→(** {1 Tool Dispatch Callback}
43→
44→ The bridge accepts an optional tool dispatch callback rather than
45→ depending on [Tool_dispatch] directly. The caller constructs
46→ this from [Tool_dispatch.tool_dispatch_loop]. *)
47→
48→type tool_dispatch =
49→ req_fd:Unix.file_descr ->
50→ resp_fd:Unix.file_descr ->
51→ agent_name:string ->
52→ unit
53→
54→(** {1 Observation Callback} *)
55→
56→type observation = {
57→ agent : string;
58→ payload : Yojson.Safe.t;
59→}
60→
61→(** {1 Pipe Write Helpers}
62→
63→ All writes to child stdin go through mux_envelope / mux_eof,
64→ protected by an OCaml [Mutex]. These MUST be called from within
65→ [Eio_unix.run_in_systhread] — [Mutex.lock] is not safe from
66→ Eio fibres. *)
67→
68→(** Write a port-tagged envelope to the child stdin.
69→ Caller must hold (or be inside run_in_systhread for) the mux mutex. *)
70→let write_envelope mux_m oc port json_str =
71→ match Yojson.Safe.from_string json_str with
72→ | _ ->
73→ let s = Printf.sprintf
74→ "{\"__port\":%S,\"msg\":%s}\n" port json_str in
75→ Mutex.lock mux_m;
76→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
77→ output_string oc s; flush oc)
78→ | exception Yojson.Json_error msg ->
79→ Runtime.Log.warn "bridge_mux"
80→ [("port", `String port); ("error", `String msg)]
81→
82→(** Write an EOF marker for a port. *)
83→let write_eof mux_m oc port =
84→ let s = Printf.sprintf
85→ "{\"__port\":%S,\"__eof\":true}\n" port in
86→ Mutex.lock mux_m;
87→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
88→ output_string oc s; flush oc)
89→
90→(** {1 Bridge Construction} *)
91→
92→(** Construct a process handler that spawns agent subprocesses with
93→ stdio bridge. *)
94→let make_handler
95→ ~(prog : program)
96→ ~type_env
97→ ~(bin_dir : string option)
98→ ~(resource_find : string -> string)
99→ ?(resolve_bin : (string -> string) option)
100→ ?(tool_dispatch_fn : tool_dispatch option)
101→ ?(on_observe : (observation -> unit) option)
102→ ()
103→ : process_handler =
104→ fun ~sw ~proc_entry ~push_sockets ~pull_sockets ->
105→ let pe = proc_entry in
106→ let binding = pe.Runtime.Routing.proc_binding in
107→ let config = match binding.impl with
108→ | Agent config -> config
109→ | _ -> failwith "bridge: expected Agent impl"
110→ in
111→
112→ (* Resolve prompt paths *)
113→ let config = Spawn_lib.resolve_prompts_config
114→ ~resource_find ~base_dir:(Sys.getcwd ()) config in
115→ let binding = { binding with impl = Agent config } in
116→
117→ (* Decompose input/output types *)
118→ let decomp_in = Spawn_lib.agent_input_decomposition type_env binding.input in
119→ let decomp_out = Spawn_lib.agent_output_decomposition type_env binding.output in
120→ let has_control = decomp_in <> None in
121→ let has_telemetry = decomp_out <> None in
122→
123→ (* Synthesize child spec with simple types (no products) *)
124→ let child_binding =
125→ let b = match decomp_in with
126→ | Some (data_t, _) -> { binding with input = Stream data_t }
127→ | None -> binding
128→ in
129→ match decomp_out with
130→ | Some (result_t, _) -> { b with output = Stream result_t }
131→ | None -> b
132→ in
133→
134→ (* Find tool bindings *)
135→ let tool_names = match List.assoc_opt "tools" config with
136→ | Some (Arr items) ->
137→ List.filter_map (fun item ->
138→ match item with Ident name -> Some name | _ -> None
139→ ) items
140→ | _ -> []
141→ in
142→ let tool_bindings = List.filter_map (fun name ->
143→ List.find_opt (fun (b : binding) ->
144→ b.bd_name = name && Validate.is_tool_binding b
145→ ) prog.prog_bindings
146→ ) tool_names in
147→ let has_tools = tool_bindings <> [] || tool_dispatch_fn <> None in
148→
149→ (* Synthesize spec *)
150→ let spec_source =
151→ if tool_bindings <> [] then
152→ Spawn_lib.synthesize_agent_spec prog child_binding tool_bindings
153→ else
154→ Spawn_lib.synthesize_spec prog child_binding
155→ in
156→ let spec_path = Spawn_lib.write_temp_spec spec_source in
157→
158→ (* Resolve binary *)
159→ let resolve = match resolve_bin with
160→ | Some f -> f
161→ | None -> Spawn_lib.resolve_binary ~bin_dir
162→ in
163→ let bin_path = resolve "plumb-agent" in
164→
165→ (* Create child stdin/stdout pipes *)
166→ let child_in_r, child_in_w = Unix.pipe ~cloexec:true () in
167→ let child_out_r, child_out_w = Unix.pipe ~cloexec:true () in
168→ let child_in_oc = Unix.out_channel_of_descr child_in_w in
169→
170→ (* MCP connections and env *)
171→ let mcp_connections = match List.assoc_opt "mcp" config with
172→ | Some (Arr items) ->
173→ List.filter_map (fun item ->
174→ match item with
175→ | Obj kvs ->
176→ (match Spawn_lib.connect_mcp_server kvs with
177→ | Ok conn -> Some conn
178→ | Error msg ->
179→ Runtime.Log.warn "mcp_connect_failed"
180→ [("detail", `String msg)];
181→ None)
182→ | _ -> None
183→ ) items
184→ | _ -> []
185→ in
186→ let mcp_env = if mcp_connections <> [] then begin
187→ let mcp_schemas = List.concat_map (fun conn ->
188→ List.map Mcp_client.tool_schema (Mcp_client.tools conn)
189→ ) mcp_connections in
190→ let mcp_path = Filename.temp_file "agentpi_mcp_" ".json" in
191→ let mcp_oc = open_out_gen
192→ [Open_wronly; Open_creat; Open_trunc] 0o600 mcp_path in
193→ Fun.protect ~finally:(fun () -> close_out mcp_oc) (fun () ->
194→ output_string mcp_oc
195→ (Yojson.Safe.to_string (`List mcp_schemas)));
196→ [("PLUMB_MCP_TOOLS", mcp_path)]
197→ end else [] in
198→
199→ (* Agent children need LLM credentials, docroot, and name *)
200→ let env = Spawn_lib.credential_env () @ Spawn_lib.provider_env ()
201→ @ [("PLUMB_AGENT_NAME", binding.bd_name)]
202→ @ mcp_env in
203→
204→ (* Spawn child — closes child_in_r and child_out_w in parent *)
205→ let pid = Spawn_lib.spawn_subprocess ~bin_path ~spec_path
206→ ~stdin_fd:child_in_r ~stdout_fd:child_out_w
207→ ~env () in
208→ Runtime.Log.info "bridge"
209→ ["event", `String "spawned";
210→ "agent", `String binding.bd_name;
211→ "pid", `Int pid;
212→ "has_control", `Bool has_control;
213→ "has_telemetry", `Bool has_telemetry;
214→ "has_tools", `Bool has_tools];
215→
216→ (* Mux: OCaml Mutex for system-thread safety (R2) *)
217→ let mux_m = Mutex.create () in
218→
219→ (* Track active mux sources; close child stdin when last exits *)
220→ let n_sources = 2 + (if has_tools && tool_dispatch_fn <> None then 1 else 0) in
221→ let mux_remaining = ref n_sources in
222→ let mux_rem_m = Mutex.create () in
223→ let mux_source_done () =
224→ Mutex.lock mux_rem_m;
225→ decr mux_remaining;
226→ let n = !mux_remaining in
227→ Mutex.unlock mux_rem_m;
228→ if n = 0 then close_out_noerr child_in_oc
229→ in
230→
231→ (* Find sockets by port name *)
232→ let find_pull port = List.assoc_opt port pull_sockets in
233→ let find_push port = List.assoc_opt port push_sockets in
234→
235→ (* === Tool dispatch setup === *)
236→ let tool_req_oc = ref None in
237→ let tool_resp_r = ref None in
238→ (match tool_dispatch_fn with
239→ | Some dispatch when has_tools ->
240→ let req_r, req_w = Unix.pipe ~cloexec:true () in
241→ let resp_r', resp_w = Unix.pipe ~cloexec:true () in
242→ tool_req_oc := Some (Unix.out_channel_of_descr req_w);
243→ tool_resp_r := Some resp_r';
244→ let _dispatch_thread = Thread.create (fun () ->
245→ dispatch ~req_fd:req_r ~resp_fd:resp_w
246→ ~agent_name:binding.bd_name
247→ ) () in
248→ ()
249→ | _ -> ());
250→
251→ (* === Mux: data input (ZMQ PULL → child stdin) ===
252→
253→ T.recv runs in Eio fibre context (uses Eio_unix.await_readable).
254→ Pipe writes use Eio_unix.run_in_systhread + Mutex. *)
255→ (match find_pull "data_in" with
256→ | Some data_in_sock ->
257→ Eio.Fiber.fork_daemon ~sw (fun () ->
258→ (try
259→ while true do
260→ let (_topic, payload) = T.recv data_in_sock in
261→ if is_eof payload then begin
262→ Eio_unix.run_in_systhread (fun () ->
263→ (try write_eof mux_m child_in_oc "input"
264→ with Sys_error _ -> ()));
265→ raise Exit
266→ end;
267→ Eio_unix.run_in_systhread (fun () ->
268→ try write_envelope mux_m child_in_oc "input" payload
269→ with Sys_error _ -> raise Exit)
270→ done
271→ with
272→ | Exit -> ()
273→ | Transport.Transport_error (_, _msg) -> ());
274→ (* After data EOF, send ctrl stop (R4) *)
275→ if has_control then
276→ Eio_unix.run_in_systhread (fun () ->
277→ try
278→ let s = "{\"__port\":\"ctrl_in\",\"msg\":{\"stop\":true}}\n" in
279→ Mutex.lock mux_m;
280→ Fun.protect ~finally:(fun () -> Mutex.unlock mux_m) (fun () ->
281→ output_string child_in_oc s; flush child_in_oc)
282→ with Sys_error _ -> ());
283→ Eio_unix.run_in_systhread (fun () -> mux_source_done ());
284→ `Stop_daemon)
285→ | None ->
286→ (* No data input socket — mux source done immediately *)
287→ mux_source_done ());
288→
289→ (* === Mux: control input (ZMQ PULL → child stdin) === *)
290→ (match find_pull "ctrl_in" with
291→ | Some ctrl_in_sock ->
292→ Eio.Fiber.fork_daemon ~sw (fun () ->
293→ (try
294→ while true do
295→ let (_topic, payload) = T.recv ctrl_in_sock in
296→ if is_eof payload then begin
297→ Eio_unix.run_in_systhread (fun () ->
298→ (try write_eof mux_m child_in_oc "ctrl_in"
299→ with Sys_error _ -> ()));
300→ raise Exit
301→ end;
302→ Eio_unix.run_in_systhread (fun () ->
303→ try write_envelope mux_m child_in_oc "ctrl_in" payload
304→ with Sys_error _ -> raise Exit)
305→ done
306→ with
307→ | Exit -> ()
308→ | Transport.Transport_error (_, _msg) -> ());
309→ Eio_unix.run_in_systhread (fun () -> mux_source_done ());
310→ `Stop_daemon)
311→ | None ->
312→ (* No control socket — mux source done immediately *)
313→ mux_source_done ());
314→
315→ (* === Mux: tool responses (pipe → child stdin) === *)
316→ (match !tool_resp_r with
317→ | Some resp_r' ->
318→ Eio.Fiber.fork_daemon ~sw (fun () ->
319→ Eio_unix.run_in_systhread (fun () ->
320→ let ic = Unix.in_channel_of_descr resp_r' in
321→ (try while true do
322→ let line = input_line ic in
323→ write_envelope mux_m child_in_oc "tool_resp" line
324→ done with End_of_file | Sys_error _ -> ());
325→ close_in_noerr ic;
326→ mux_source_done ());
327→ `Stop_daemon)
328→ | None -> ());
329→
330→ (* === Demux: child stdout → ZMQ PUSH sockets ===
331→
332→ Pipe reads use Eio_unix.run_in_systhread (blocking input_line).
333→ ZMQ sends run in Eio fibre context. *)
334→ let data_out_sock = find_push "data_out" in
335→ let ctrl_out_sock = find_push "ctrl_out" in
336→ let telemetry_sock = find_push "telemetry" in
337→
338→ Eio.Fiber.fork_daemon ~sw (fun () ->
339→ let ic = Unix.in_channel_of_descr child_out_r in
340→ (try while true do
341→ let line = Eio_unix.run_in_systhread (fun () ->
342→ input_line ic) in
343→ if String.length (String.trim line) > 0 then
344→ match Yojson.Safe.from_string line with
345→ | `Assoc fields ->
346→ let port = match List.assoc_opt "__port" fields with
347→ | Some (`String s) -> s | _ -> "output" in
348→ let msg = match List.assoc_opt "msg" fields with
349→ | Some m -> Yojson.Safe.to_string m
350→ | None -> line in
351→ (match port with
352→ | "output" ->
353→ Option.iter (fun sock ->
354→ T.send sock ~topic:binding.bd_name msg
355→ ) data_out_sock
356→ | "ctrl_out" ->
357→ Option.iter (fun sock ->
358→ T.send sock ~topic:binding.bd_name msg
359→ ) ctrl_out_sock
360→ | "telemetry" ->
361→ Option.iter (fun sock ->
362→ T.send sock ~topic:binding.bd_name msg
363→ ) telemetry_sock;
364→ (match on_observe with
365→ | Some cb ->
366→ (try
367→ let json = Yojson.Safe.from_string msg in
368→ cb { agent = binding.bd_name; payload = json }
369→ with _ -> ())
370→ | None -> ())
371→ | "tool_req" ->
372→ Eio_unix.run_in_systhread (fun () ->
373→ match !tool_req_oc with
374→ | Some oc ->
375→ output_string oc msg;
376→ output_char oc '\n';
377→ flush oc
378→ | None ->
379→ Runtime.Log.warn "bridge_demux"
380→ [("event", `String "tool_req_no_dispatch");
381→ ("agent", `String binding.bd_name)])
382→ | _ ->
383→ Runtime.Log.warn "bridge_demux"
384→ [("port", `String port);
385→ ("agent", `String binding.bd_name)])
386→ | _ ->
387→ (* Not an envelope — treat as raw output *)
388→ Option.iter (fun sock ->
389→ T.send sock ~topic:binding.bd_name line
390→ ) data_out_sock
391→ | exception exn ->
392→ Runtime.Log.debug "bridge_demux"
393→ ["agent", `String binding.bd_name;
394→ "event", `String "json_parse_failed";
395→ "error", `String (Printexc.to_string exn)];
396→ Option.iter (fun sock ->
397→ T.send sock ~topic:binding.bd_name line
398→ ) data_out_sock
399→ done with
400→ | End_of_file -> ()
401→ | Sys_error msg ->
402→ Runtime.Log.debug "bridge_demux"
403→ ["agent", `String binding.bd_name;
404→ "event", `String "pipe_closed";
405→ "detail", `String msg]);
406→ close_in_noerr ic;
407→ (* Send EOF sentinel on all output ZMQ sockets (R5) *)
408→ Option.iter (fun sock ->
409→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
410→ ) data_out_sock;
411→ Option.iter (fun sock ->
412→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
413→ ) ctrl_out_sock;
414→ Option.iter (fun sock ->
415→ (try send_eof sock ~topic:binding.bd_name with _ -> ())
416→ ) telemetry_sock;
417→ (* Close tool_req write-end to terminate dispatch loop *)
418→ Eio_unix.run_in_systhread (fun () ->
419→ (match !tool_req_oc with
420→ | Some oc -> close_out_noerr oc
421→ | None -> ());
422→ (* Reap child process (R6) *)
423→ let timeout_s = match Spawn_lib.timeout_of_binding binding with
424→ | Some t -> t | None -> 60.0 in
425→ let status, timed_out =
426→ Spawn_lib.waitpid_timed ~timeout_seconds:timeout_s pid in
427→ if timed_out then
428→ Runtime.Log.warn "bridge_timeout"
429→ ["agent", `String binding.bd_name;
430→ "timeout_seconds", `Float timeout_s];
431→ (match status with
432→ | Unix.WEXITED 0 -> ()
433→ | Unix.WEXITED code ->
434→ Runtime.Log.warn "bridge_exit"
435→ ["agent", `String binding.bd_name;
436→ "code", `Int code]
437→ | Unix.WSIGNALED sig_ ->
438→ Runtime.Log.warn "bridge_signal"
439→ ["agent", `String binding.bd_name;
440→ "signal", `Int sig_]
441→ | Unix.WSTOPPED _ -> ());
442→ (* Clean up temp files *)
443→ (try Sys.remove spec_path with Sys_error _ -> ()));
444→ `Stop_daemon);
445→
446→ ignore has_telemetry
447→Now let me check how tool_dispatch_loop is used in bridge vs how it needs Plumb.Tool_dispatch — I need to understand if the bridge can depend on Plumb.Tool_dispatch directly or if it needs the callback approach. Let me check the dependency structure.
1→(library
2→ (name fabric)
3→ (public_name plumbing.fabric)
4→ (libraries transport supervisor runtime language spawn_lib yojson eio eio.unix unix threads.posix))
5→ 1→(library
2→ (name plumb)
3→ (public_name plumbing)
4→ (libraries language runtime spawn_lib docstore mcp_client unix threads.posix dune-site))
5→
6→(generate_sites_module
7→ (module sites)
8→ (sites plumbing))
9→ 1→(library
2→ (name spawn_lib)
3→ (public_name plumbing.spawn)
4→ (libraries language runtime mcp_client unix))
5→{
"pattern": "Mcp_client",
"path": "/tmp/plmb-037-step5b/lib/fabric/bridge.ml",
"output_mode": "content"
}(executable
(name main)
(public_name plumb)
(libraries plumb fabric language runtime spawn_lib
eio_main eio.unix unix threads.posix yojson))
Now the bridge — expand tool_dispatch type, fix M1 (fork safety), M2 (join dispatch thread), M3 (MCP temp file cleanup):
(** {1 Tool Dispatch Callback}
The bridge accepts an optional tool dispatch callback rather than
depending on [Tool_dispatch] directly. The caller constructs
this from [Tool_dispatch.tool_dispatch_loop]. *)
type tool_dispatch =
req_fd:Unix.file_descr ->
resp_fd:Unix.file_descr ->
agent_name:string ->
unit(** {1 Tool Dispatch Callback}
The bridge accepts an optional tool dispatch callback rather than
depending on [Tool_dispatch] directly. The caller constructs
this from [Tool_dispatch.tool_dispatch_loop], capturing search_path,
tool_env, prog, type_env, etc. in the closure. The bridge passes
the per-agent [tool_bindings] and [mcp_connections] it resolves
internally. *)
type tool_dispatch =
req_fd:Unix.file_descr ->
resp_fd:Unix.file_descr ->
agent_name:string ->
tool_bindings:binding list ->
mcp_connections:Mcp_client.t list ->
unit (* Spawn child — closes child_in_r and child_out_w in parent *)
let pid = Spawn_lib.spawn_subprocess ~bin_path ~spec_path
~stdin_fd:child_in_r ~stdout_fd:child_out_w
~env () in (* Spawn child — closes child_in_r and child_out_w in parent.
Wrapped in run_in_systhread to avoid forking from an Eio fibre
(M1: scheduler state corruption). *)
let pid = Eio_unix.run_in_systhread (fun () ->
Spawn_lib.spawn_subprocess ~bin_path ~spec_path
~stdin_fd:child_in_r ~stdout_fd:child_out_w
~env ()) inNow fix has_tools check and track the MCP temp file path for cleanup (M3), and update the dispatch thread to pass new args and track it (M2):
let mcp_env = if mcp_connections <> [] then begin
let mcp_schemas = List.concat_map (fun conn ->
List.map Mcp_client.tool_schema (Mcp_client.tools conn)
) mcp_connections in
let mcp_path = Filename.temp_file "agentpi_mcp_" ".json" in
let mcp_oc = open_out_gen
[Open_wronly; Open_creat; Open_trunc] 0o600 mcp_path in
Fun.protect ~finally:(fun () -> close_out mcp_oc) (fun () ->
output_string mcp_oc
(Yojson.Safe.to_string (`List mcp_schemas)));
[("PLUMB_MCP_TOOLS", mcp_path)]
end else [] in let mcp_temp_path = ref None in
let mcp_env = if mcp_connections <> [] then begin
let mcp_schemas = List.concat_map (fun conn ->
List.map Mcp_client.tool_schema (Mcp_client.tools conn)
) mcp_connections in
let mcp_path = Filename.temp_file "agentpi_mcp_" ".json" in
mcp_temp_path := Some mcp_path;
let mcp_oc = open_out_gen
[Open_wronly; Open_creat; Open_trunc] 0o600 mcp_path in
Fun.protect ~finally:(fun () -> close_out mcp_oc) (fun () ->
output_string mcp_oc
(Yojson.Safe.to_string (`List mcp_schemas)));
[("PLUMB_MCP_TOOLS", mcp_path)]
end else [] in (* === Tool dispatch setup === *)
let tool_req_oc = ref None in
let tool_resp_r = ref None in
(match tool_dispatch_fn with
| Some dispatch when has_tools ->
let req_r, req_w = Unix.pipe ~cloexec:true () in
let resp_r', resp_w = Unix.pipe ~cloexec:true () in
tool_req_oc := Some (Unix.out_channel_of_descr req_w);
tool_resp_r := Some resp_r';
let _dispatch_thread = Thread.create (fun () ->
dispatch ~req_fd:req_r ~resp_fd:resp_w
~agent_name:binding.bd_name
) () in
()
| _ -> ()); (* === Tool dispatch setup === *)
let tool_req_oc = ref None in
let tool_resp_r = ref None in
let dispatch_thread = ref None in
(match tool_dispatch_fn with
| Some dispatch when has_tools ->
let req_r, req_w = Unix.pipe ~cloexec:true () in
let resp_r', resp_w = Unix.pipe ~cloexec:true () in
tool_req_oc := Some (Unix.out_channel_of_descr req_w);
tool_resp_r := Some resp_r';
dispatch_thread := Some (Thread.create (fun () ->
dispatch ~req_fd:req_r ~resp_fd:resp_w
~agent_name:binding.bd_name
~tool_bindings ~mcp_connections
) ())
| _ -> ());Now update the cleanup section in the demux to join the dispatch thread (M2) and clean up the MCP temp file (M3):
(* Close tool_req write-end to terminate dispatch loop *)
Eio_unix.run_in_systhread (fun () ->
(match !tool_req_oc with
| Some oc -> close_out_noerr oc
| None -> ());
(* Reap child process (R6) *)
let timeout_s = match Spawn_lib.timeout_of_binding binding with
| Some t -> t | None -> 60.0 in
let status, timed_out =
Spawn_lib.waitpid_timed ~timeout_seconds:timeout_s pid in
if timed_out then
Runtime.Log.warn "bridge_timeout"
["agent", `String binding.bd_name;
"timeout_seconds", `Float timeout_s];
(match status with
| Unix.WEXITED 0 -> ()
| Unix.WEXITED code ->
Runtime.Log.warn "bridge_exit"
["agent", `String binding.bd_name;
"code", `Int code]
| Unix.WSIGNALED sig_ ->
Runtime.Log.warn "bridge_signal"
["agent", `String binding.bd_name;
"signal", `Int sig_]
| Unix.WSTOPPED _ -> ());
(* Clean up temp files *)
(try Sys.remove spec_path with Sys_error _ -> ()));
`Stop_daemon); (* Close tool_req write-end to terminate dispatch loop *)
Eio_unix.run_in_systhread (fun () ->
(match !tool_req_oc with
| Some oc -> close_out_noerr oc
| None -> ());
(* Join dispatch thread (M2) *)
(match !dispatch_thread with
| Some t -> Thread.join t
| None -> ());
(* Reap child process (R6) *)
let timeout_s = match Spawn_lib.timeout_of_binding binding with
| Some t -> t | None -> 60.0 in
let status, timed_out =
Spawn_lib.waitpid_timed ~timeout_seconds:timeout_s pid in
if timed_out then
Runtime.Log.warn "bridge_timeout"
["agent", `String binding.bd_name;
"timeout_seconds", `Float timeout_s];
(match status with
| Unix.WEXITED 0 -> ()
| Unix.WEXITED code ->
Runtime.Log.warn "bridge_exit"
["agent", `String binding.bd_name;
"code", `Int code]
| Unix.WSIGNALED sig_ ->
Runtime.Log.warn "bridge_signal"
["agent", `String binding.bd_name;
"signal", `Int sig_]
| Unix.WSTOPPED _ -> ());
(* Clean up temp files (M3: also clean MCP temp file) *)
(try Sys.remove spec_path with Sys_error _ -> ());
(match !mcp_temp_path with
| Some p -> (try Sys.remove p with Sys_error _ -> ())
| None -> ()));
`Stop_daemon);(** Plumb runtime — fabric-based executor for plumb programs.
Parses a plumb program, compiles a routing table, starts the ZMQ
fabric, and bridges boundary ports to stdin/stdout. The binary is
a thin I/O adapter — all process orchestration happens in the
fabric via ZMQ sockets. *)
open Language
let () =
(* Default to Info; PIPELINE_DEBUG=1 wins (already set to Debug in Log
module initialiser). --verbose lowers to Debug explicitly. *)
let verbose = Array.exists (fun s -> s = "--verbose") Sys.argv in
if verbose then Runtime.Log.set_level Runtime.Log.Debug
else if Sys.getenv_opt "PIPELINE_DEBUG" <> Some "1" then
Runtime.Log.set_level Runtime.Log.Info;
(* Extract --provider/--model/--auto-approve from argv and set env vars.
Entry.main strips these from argv before extracting the spec path. *)
(match Runtime.Entry.resolve_flag Sys.argv "--provider" with
| Some p -> Unix.putenv "PLUMB_PROVIDER" p | None -> ());
(match Runtime.Entry.resolve_flag Sys.argv "--model" with
| Some m -> Unix.putenv "PLUMB_MODEL" m | None -> ());
let auto_approve = Array.exists (fun s -> s = "--auto-approve") Sys.argv in
let docroot = Runtime.Entry.resolve_docroot Sys.argv in
let search_path = Plumb.Stdlib_path.search_path () in
let tool_env = { Plumb.Tool_dispatch.docroot } in
(* Signal handling: install SIGINT handler before Eio_main.run.
When a fabric is running, the handler calls fabric.cancel() to
trigger orderly shutdown. When no fabric is running, it raises
Sys.Break for Entry.main to catch at exit code 130. *)
let fabric_ref : Fabric.t option ref = ref None in
Sys.set_signal Sys.sigint (Sys.Signal_handle (fun _signo ->
match !fabric_ref with
| Some f -> f.Fabric.cancel ()
| None -> raise Sys.Break));
Runtime.Entry.main
~usage:"Usage: plumb [--verbose] [--docroot DIR] [--provider NAME] \
[--model NAME] [--auto-approve] <spec.plumb>"
~run:(fun spec_path ->
let prog, main = Runtime.Spec.load_main_from_file ~search_path spec_path in
let on_oitl_request =
if auto_approve then
fun (_req : Plumb.Tool_dispatch.oitl_request) ->
Plumb.Tool_dispatch.{ oitl_approved = true; oitl_policy = Some "always" }
else
fun (req : Plumb.Tool_dispatch.oitl_request) ->
Printf.eprintf "plumb: denied tool call '%s' by agent '%s' \
(use --auto-approve)\n%!" req.oitl_tool req.oitl_agent;
Plumb.Tool_dispatch.{ oitl_approved = false; oitl_policy = None }
in
(* Extract plumb body from main binding *)
let ports, pb = match main.impl with
| Plumb (ports, pb) -> (ports, pb)
| _ -> Runtime.Error.raise_ Config "config_error"
"main binding must be a plumb"
in
let type_env = Validate.build_type_env prog.prog_types in
let routing_table = Runtime.Routing.compile ~prog ~ports ~pb
~type_env ~main_binding:main ~seeded:pb.pb_seeded in
Runtime.Log.debug "plumb"
["event", `String "routing_table";
"detail", `String (Runtime.Routing.pp_routing_table routing_table)];
(* Tool dispatch callback — captures search_path, tool_env, prog,
type_env, on_oitl_request, base_dir in the closure. The bridge
passes per-agent tool_bindings and mcp_connections. *)
let base_dir = Filename.dirname spec_path in
let tool_dispatch_fn
~req_fd ~resp_fd ~agent_name ~tool_bindings ~mcp_connections =
let call_pipeline _source _input =
(Runtime.Error.(to_string (make Unavailable "not_implemented"
"recursive pipeline invocation not available in fabric mode")),
true)
in
Plumb.Tool_dispatch.tool_dispatch_loop
~base_dir ~call_pipeline ~search_path tool_env type_env prog
tool_bindings ~mcp_connections ~on_oitl_request
~agent_name req_fd resp_fd
in
(* Build the bridge process handler for agent subprocesses *)
let handler = Fabric.Bridge.make_handler
~prog ~type_env
~bin_dir:(Lazy.force Plumb.Prefix_path.bin_dir)
~resource_find:Plumb.Resource_path.find
~tool_dispatch_fn:(Some tool_dispatch_fn)
() in
(* Determine boundary port names from the main binding's port list.
Convention: first n_in ports are inputs, rest are outputs. *)
let n_in = List.length
(Validate.port_element_types type_env main.input) in
let input_port = List.nth ports 0 in
let output_port = List.nth ports n_in in
(* Run the fabric under Eio *)
let fabric_handle = ref None in
Eio_main.run (fun _env ->
Eio.Switch.run (fun sw ->
let f = Fabric.execute ~sw ~routing_table ~type_env
~process_handler:handler () in
fabric_handle := Some f;
fabric_ref := Some f;
(* Writer daemon: stdin → boundary input socket *)
let push = Fabric.boundary_input f input_port in
Eio.Fiber.fork_daemon ~sw (fun () ->
(try while true do
let line = Eio_unix.run_in_systhread (fun () ->
input_line stdin) in
Transport.Zmq.send push ~topic:input_port line
done with End_of_file | Sys_error _ -> ());
Fabric.Bridge.send_eof push ~topic:input_port;
`Stop_daemon);
(* Reader: boundary output socket → stdout (main fibre) *)
let pull = Fabric.boundary_output f output_port in
(try while true do
let (_topic, payload) = Transport.Zmq.recv pull in
if Fabric.Bridge.is_eof payload then raise Exit;
Eio_unix.run_in_systhread (fun () ->
print_endline payload)
done with
| Exit -> ()
| Transport.Transport_error _ -> ());
(* Reader exited — cancel the fabric to unwind all fibres *)
f.cancel ()));
(* Outside switch scope — safe to call shutdown (may sleep) *)
(match !fabric_handle with
| Some f -> Fabric.shutdown f
| None -> ()))
cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -80
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
Warning: 15 states have shift/reduce conflicts.
Warning: 16 shift/reduce conflicts were arbitrarily resolved.
File "bin/plumb/main.ml", line 26, characters 19-38:
26 | let tool_env = { Plumb.Tool_dispatch.docroot } in
^^^^^^^^^^^^^^^^^^^
Error: Unbound module Plumb.Tool_dispatch{
"pattern": "module Tool_dispatch|Tool_dispatch",
"path": "/tmp/plmb-037-step5b/lib/plumb",
"glob": "*.ml",
"output_mode": "files_with_matches"
}So Tool_dispatch is not directly exposed through Plumb — it's in lib/plumb/tool_dispatch.ml but the plumb library wraps it through exec.ml. Let me check what's re-exported.
{
"pattern": "^type|^let.*=.*Tool_dispatch",
"path": "/tmp/plmb-037-step5b/lib/plumb/exec.ml",
"output_mode": "content",
"limit": 20
}<tool_use_error>InputValidationError: Grep failed due to the following issue: An unexpected parameter `limit` was provided</tool_use_error>
{
"pattern": "Tool_dispatch",
"path": "/tmp/plmb-037-step5b/lib/plumb/exec.ml",
"output_mode": "content"
}26:type tool_env = Tool_dispatch.tool_env = { docroot : string option }
27:let default_tool_env = Tool_dispatch.default_tool_env
28:type observation = Tool_dispatch.observation = { agent : string; payload : Yojson.Safe.t }
29:type oitl_request = Tool_dispatch.oitl_request = {
35:type oitl_response = Tool_dispatch.oitl_response = {
40:(** Re-export functions from Spawn and Tool_dispatch for backward compatibility. *)
45:let dispatch_tool = Tool_dispatch.dispatch_tool
46:let tool_dispatch_loop = Tool_dispatch.tool_dispatch_loop
47:let tool_error_response = Tool_dispatch.tool_error_response
1054: Some (fun (obs : Tool_dispatch.observation) ->
1118: Tool_dispatch.tool_dispatch_loop ~base_dir ~call_pipeline ~search_path tool_env type_envSo Exec re-exports these types. I need to use Plumb.Exec.tool_env, Plumb.Exec.oitl_request, etc. Or I could use Plumb.Exec.tool_dispatch_loop. Let me update the main.ml to use the correct module paths.
Plumb.Tool_dispatch
Plumb.Exec
The file /tmp/plmb-037-step5b/bin/plumb/main.ml has been updated. All occurrences of 'Plumb.Tool_dispatch' were successfully replaced with 'Plumb.Exec'.
cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -80
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
File "bin/plumb/main.ml", line 82, characters 29-46:
82 | ~bin_dir:(Lazy.force Plumb.Prefix_path.bin_dir)
^^^^^^^^^^^^^^^^^
Error: Unbound module Plumb.Prefix_path{
"pattern": "Prefix_path|Resource_path",
"path": "/tmp/plmb-037-step5b/lib/plumb",
"glob": "*.mli",
"output_mode": "files_with_matches"
}/tmp/plmb-037-step5b/lib/plumb/exec.ml /tmp/plmb-037-step5b/lib/plumb/forward.ml /tmp/plmb-037-step5b/lib/plumb/plumb.ml /tmp/plmb-037-step5b/lib/plumb/prefix_path.ml /tmp/plmb-037-step5b/lib/plumb/resource_path.ml /tmp/plmb-037-step5b/lib/plumb/spawn.ml /tmp/plmb-037-step5b/lib/plumb/stdlib_path.ml /tmp/plmb-037-step5b/lib/plumb/tool_dispatch.ml
1→(** Plumb — interpreter for the plumbing language.
2→
3→ Creates channels, spawns processes, wires boundary ports. *)
4→
5→module Exec = Exec
6→module Stdlib_path = Stdlib_path
7→Plumb only re-exports Exec and Stdlib_path. Prefix_path and Resource_path are in the plumb library but not re-exported through the wrapper module. I can access them as Prefix_path and Resource_path directly since they're in the same library, or use them without the Plumb. prefix since bin/plumb depends on the plumb library.
Wait — dune libraries wrap all modules under the library name unless (wrapped false) is set. The library name is plumb. So the modules are Plumb.Prefix_path, Plumb.Resource_path, etc. But the plumb.ml file acts as the library's main module and only re-exports Exec and Stdlib_path.
I need to add re-exports for Prefix_path and Resource_path too, or use a different approach.
(** Plumb — interpreter for the plumbing language.
Creates channels, spawns processes, wires boundary ports. *)
module Exec = Exec
module Stdlib_path = Stdlib_path(** Plumb — interpreter for the plumbing language.
Creates channels, spawns processes, wires boundary ports. *)
module Exec = Exec
module Stdlib_path = Stdlib_path
module Prefix_path = Prefix_path
module Resource_path = Resource_path
module Tool_dispatch = Tool_dispatchNow update main.ml to use Plumb.Tool_dispatch for the dispatch loop call (since it's now exposed), and keep Plumb.Exec for the types that are already re-exported through Exec:
1→(** Plumb runtime — fabric-based executor for plumb programs.
2→
3→ Parses a plumb program, compiles a routing table, starts the ZMQ
4→ fabric, and bridges boundary ports to stdin/stdout. The binary is
5→ a thin I/O adapter — all process orchestration happens in the
6→ fabric via ZMQ sockets. *)
7→
8→open Language
9→
10→let () =
11→ (* Default to Info; PIPELINE_DEBUG=1 wins (already set to Debug in Log
12→ module initialiser). --verbose lowers to Debug explicitly. *)
13→ let verbose = Array.exists (fun s -> s = "--verbose") Sys.argv in
14→ if verbose then Runtime.Log.set_level Runtime.Log.Debug
15→ else if Sys.getenv_opt "PIPELINE_DEBUG" <> Some "1" then
16→ Runtime.Log.set_level Runtime.Log.Info;
17→ (* Extract --provider/--model/--auto-approve from argv and set env vars.
18→ Entry.main strips these from argv before extracting the spec path. *)
19→ (match Runtime.Entry.resolve_flag Sys.argv "--provider" with
20→ | Some p -> Unix.putenv "PLUMB_PROVIDER" p | None -> ());
21→ (match Runtime.Entry.resolve_flag Sys.argv "--model" with
22→ | Some m -> Unix.putenv "PLUMB_MODEL" m | None -> ());
23→ let auto_approve = Array.exists (fun s -> s = "--auto-approve") Sys.argv in
24→ let docroot = Runtime.Entry.resolve_docroot Sys.argv in
25→ let search_path = Plumb.Stdlib_path.search_path () in
26→ let tool_env = { Plumb.Exec.docroot } in
27→ (* Signal handling: install SIGINT handler before Eio_main.run.
28→ When a fabric is running, the handler calls fabric.cancel() to
29→ trigger orderly shutdown. When no fabric is running, it raises
30→ Sys.Break for Entry.main to catch at exit code 130. *)
31→ let fabric_ref : Fabric.t option ref = ref None in
32→ Sys.set_signal Sys.sigint (Sys.Signal_handle (fun _signo ->
33→ match !fabric_ref with
34→ | Some f -> f.Fabric.cancel ()
35→ | None -> raise Sys.Break));
36→ Runtime.Entry.main
37→ ~usage:"Usage: plumb [--verbose] [--docroot DIR] [--provider NAME] \
38→ [--model NAME] [--auto-approve] <spec.plumb>"
39→ ~run:(fun spec_path ->
40→ let prog, main = Runtime.Spec.load_main_from_file ~search_path spec_path in
41→ let on_oitl_request =
42→ if auto_approve then
43→ fun (_req : Plumb.Exec.oitl_request) ->
44→ Plumb.Exec.{ oitl_approved = true; oitl_policy = Some "always" }
45→ else
46→ fun (req : Plumb.Exec.oitl_request) ->
47→ Printf.eprintf "plumb: denied tool call '%s' by agent '%s' \
48→ (use --auto-approve)\n%!" req.oitl_tool req.oitl_agent;
49→ Plumb.Exec.{ oitl_approved = false; oitl_policy = None }
50→ in
51→ (* Extract plumb body from main binding *)
52→ let ports, pb = match main.impl with
53→ | Plumb (ports, pb) -> (ports, pb)
54→ | _ -> Runtime.Error.raise_ Config "config_error"
55→ "main binding must be a plumb"
56→ in
57→ let type_env = Validate.build_type_env prog.prog_types in
58→ let routing_table = Runtime.Routing.compile ~prog ~ports ~pb
59→ ~type_env ~main_binding:main ~seeded:pb.pb_seeded in
60→ Runtime.Log.debug "plumb"
61→ ["event", `String "routing_table";
62→ "detail", `String (Runtime.Routing.pp_routing_table routing_table)];
63→ (* Tool dispatch callback — captures search_path, tool_env, prog,
64→ type_env, on_oitl_request, base_dir in the closure. The bridge
65→ passes per-agent tool_bindings and mcp_connections. *)
66→ let base_dir = Filename.dirname spec_path in
67→ let tool_dispatch_fn
68→ ~req_fd ~resp_fd ~agent_name ~tool_bindings ~mcp_connections =
69→ let call_pipeline _source _input =
70→ (Runtime.Error.(to_string (make Unavailable "not_implemented"
71→ "recursive pipeline invocation not available in fabric mode")),
72→ true)
73→ in
74→ Plumb.Exec.tool_dispatch_loop
75→ ~base_dir ~call_pipeline ~search_path tool_env type_env prog
76→ tool_bindings ~mcp_connections ~on_oitl_request
77→ ~agent_name req_fd resp_fd
78→ in
79→ (* Build the bridge process handler for agent subprocesses *)
80→ let handler = Fabric.Bridge.make_handler
81→ ~prog ~type_env
82→ ~bin_dir:(Lazy.force Plumb.Prefix_path.bin_dir)
83→ ~resource_find:Plumb.Resource_path.find
84→ ~tool_dispatch_fn:(Some tool_dispatch_fn)
85→ () in
86→ (* Determine boundary port names from the main binding's port list.
87→ Convention: first n_in ports are inputs, rest are outputs. *)
88→ let n_in = List.length
89→ (Validate.port_element_types type_env main.input) in
90→ let input_port = List.nth ports 0 in
91→ let output_port = List.nth ports n_in in
92→ (* Run the fabric under Eio *)
93→ let fabric_handle = ref None in
94→ Eio_main.run (fun _env ->
95→ Eio.Switch.run (fun sw ->
96→ let f = Fabric.execute ~sw ~routing_table ~type_env
97→ ~process_handler:handler () in
98→ fabric_handle := Some f;
99→ fabric_ref := Some f;
100→ (* Writer daemon: stdin → boundary input socket *)
101→ let push = Fabric.boundary_input f input_port in
102→ Eio.Fiber.fork_daemon ~sw (fun () ->
103→ (try while true do
104→ let line = Eio_unix.run_in_systhread (fun () ->
105→ input_line stdin) in
106→ Transport.Zmq.send push ~topic:input_port line
107→ done with End_of_file | Sys_error _ -> ());
108→ Fabric.Bridge.send_eof push ~topic:input_port;
109→ `Stop_daemon);
110→ (* Reader: boundary output socket → stdout (main fibre) *)
111→ let pull = Fabric.boundary_output f output_port in
112→ (try while true do
113→ let (_topic, payload) = Transport.Zmq.recv pull in
114→ if Fabric.Bridge.is_eof payload then raise Exit;
115→ Eio_unix.run_in_systhread (fun () ->
116→ print_endline payload)
117→ done with
118→ | Exit -> ()
119→ | Transport.Transport_error _ -> ());
120→ (* Reader exited — cancel the fabric to unwind all fibres *)
121→ f.cancel ()));
122→ (* Outside switch scope — safe to call shutdown (may sleep) *)
123→ (match !fabric_handle with
124→ | Some f -> Fabric.shutdown f
125→ | None -> ()))
126→cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -80
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
File "bin/plumb/main.ml", line 84, characters 26-49:
84 | ~tool_dispatch_fn:(Some tool_dispatch_fn)
^^^^^^^^^^^^^^^^^^^^^^^
Error: This expression should not be a constructor, the expected type is
Fabric.Bridge.tool_dispatchThe tool_dispatch_fn parameter is ?(tool_dispatch_fn : tool_dispatch option), so I should pass the value directly (it's already optional):
~tool_dispatch_fn:(Some tool_dispatch_fn)
~tool_dispatch_fn
cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -80
cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1 | tail -40
Command running in background with ID: be6qc8b25. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output
cat /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null | tail -40
Tests are still running. Let me also check if there are any test files that reference Fabric.Bridge.tool_dispatch type and might need updating.
{
"pattern": "tool_dispatch_fn|tool_dispatch",
"path": "/tmp/plmb-037-step5b/test",
"output_mode": "content"
}/tmp/plmb-037-step5b/test/test_tool.ml:88:(* ── tool_dispatch_loop protocol tests ────────────────────── *) /tmp/plmb-037-step5b/test/test_tool.ml:96: Plumb.Exec.tool_dispatch_loop ~base_dir:"." ~call_pipeline:(fun _ _ -> failwith "no call") ~search_path:[] Plumb.Exec.default_tool_env [] prog [] ~mcp_connections:[] ~agent_name:"test" req_r resp_w /tmp/plmb-037-step5b/test/test_tool.ml:128: Plumb.Exec.tool_dispatch_loop ~base_dir:"." ~call_pipeline:(fun _ _ -> failwith "no call") ~search_path:[] Plumb.Exec.default_tool_env [] prog [] ~mcp_connections:[] ~agent_name:"test" req_r resp_w /tmp/plmb-037-step5b/test/test_tool.ml:158: Plumb.Exec.tool_dispatch_loop ~base_dir:"." ~call_pipeline:(fun _ _ -> failwith "no call") ~search_path:[] Plumb.Exec.default_tool_env [] prog [] ~mcp_connections:[] ~agent_name:"test" req_r resp_w /tmp/plmb-037-step5b/test/test_tool.ml:523:(** Helper: run tool_dispatch_loop with on_oitl_request and send a request *) /tmp/plmb-037-step5b/test/test_tool.ml:528: Plumb.Exec.tool_dispatch_loop ~base_dir:"." /tmp/plmb-037-step5b/test/test_tool.ml:781: "tool_dispatch_loop", [
The test files use Plumb.Exec.tool_dispatch_loop directly — they don't use Fabric.Bridge.tool_dispatch type. Good, those should be unaffected.
Let me check the fabric test:
{
"pattern": "tool_dispatch|make_handler",
"path": "/tmp/plmb-037-step5b/test/test_fabric.ml",
"output_mode": "content"
}{
"file_path": "/tmp/plmb-037-step5b/test/test_fabric.ml",
"offset": 55,
"limit": 20
} 55→(** Run a fabric pipeline with agent bridge, execute [f] with boundary sockets. *)
56→let with_fabric_agent src f =
57→ let prog, routing_table, type_env = parse_and_compile src in
58→ let pipeline_id = fresh_id () in
59→ Eio_main.run (fun _env ->
60→ Eio.Switch.run (fun sw ->
61→ let handler = Fabric.Bridge.make_handler
62→ ~prog ~type_env
63→ ~bin_dir:None
64→ ~resource_find:(fun name ->
65→ failwith ("resource_find not available in test: " ^ name))
66→ ~resolve_bin:find_agent_binary
67→ () in
68→ let fabric = Fabric.execute ~sw ~routing_table ~type_env
69→ ~pipeline_id ~process_handler:handler () in
70→ Unix.sleepf 0.2;
71→ let push_in = Fabric.boundary_input fabric "input" in
72→ let pull_out = Fabric.boundary_output fabric "output" in
73→ f push_in pull_out;
74→ fabric.cancel ()))Good — the test doesn't pass tool_dispatch_fn, so it uses the default None. This should still compile fine since we didn't change the parameter name or its optional nature.
Let me wait for the tests:
cat /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null | tail -50
wc -l /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null; tail -5 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null
0 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output
sleep 30 && cat /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null | tail -50
ls -la /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null
-rw-r--r--@ 1 ww wheel 0 Mar 14 09:23 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output
sleep 60 && wc -l /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null && tail -60 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output 2>/dev/null
0 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/be6qc8b25.output
cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1 | tail -60
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty Error: A running dune (pid: 3826) instance has locked the build directory. If this is not the case, please delete "_build/.lock".
kill 3826 2>/dev/null; sleep 2; rm -f /tmp/plmb-037-step5b/_build/.lock 2>/dev/null; cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1 | tail -60
Command running in background with ID: b79q4s635. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output
sleep 90 && tail -60 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output 2>/dev/null
ls -la /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output
-rw-r--r--@ 1 ww wheel 0 Mar 14 09:30 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output
The test output file is empty after 90s. The test might still be compiling/running. Let me check what's happening:
ww 5502 0.0 0.0 435299568 1312 ?? S 9:37AM 0:00.00 grep -i dune ww 5499 0.0 0.0 435307952 2560 ?? Ss 9:37AM 0:00.01 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'ps aux < /dev/null | grep -i dune | head -5' && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-3e31-cwd ww 5412 0.0 0.1 435620080 11952 ?? S 9:30AM 0:00.60 dune test --root=. ww 5408 0.0 0.0 435307760 1184 ?? Ss 9:30AM 0:00.01 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'kill 3826 2>/dev/null ; sleep 2 ; rm -f /tmp/plmb-037-step5b/_build/.lock 2>/dev/null ; cd /tmp/plmb-037-step5b && nix develop --command dune test --root\=. 2>&1 < /dev/null | tail -60' && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-1248-cwd
Dune test is still running (pid 5412). The tests are likely running fine but taking time (some tests involve subprocess spawning, ZMQ, etc.). Let me wait more:
sleep 120 && tail -60 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output 2>/dev/null && echo "=== exit ===" && wc -l /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.output 2>/dev/null
=== exit ===
0 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b79q4s635.outputww 5412 0.0 0.1 435620080 11952 ?? S 9:30AM 0:00.64 dune test --root=. ww 5408 0.0 0.0 435307760 1184 ?? Ss 9:30AM 0:00.01 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'kill 3826 2>/dev/null ; sleep 2 ; rm -f /tmp/plmb-037-step5b/_build/.lock 2>/dev/null ; cd /tmp/plmb-037-step5b && nix develop --command dune test --root\=. 2>&1 < /dev/null | tail -60' && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-1248-cwd
Dune is still running but with only 0.64s CPU time after 7+ minutes — it's stuck. Likely waiting on a subprocess. Let me check for children:
ps -p 5420 -o command= 2>/dev/null; ps -p 5413 -o command= 2>/dev/null
test_plumb.exe is hanging. This is likely an integration test that uses the old Exec.execute path or the new fabric path. Let me kill it and check what's different:
kill 5420 5412 5408 2>/dev/null; sleep 1; rm -f /tmp/plmb-037-step5b/_build/.lock 2>/dev/null
/tmp/plmb-037-step5b/test/test_agent_config.ml /tmp/plmb-037-step5b/test/test_agent_control.ml /tmp/plmb-037-step5b/test/test_agent_eliza.ml /tmp/plmb-037-step5b/test/test_docstore.ml /tmp/plmb-037-step5b/test/test_error.ml /tmp/plmb-037-step5b/test/test_expr.ml /tmp/plmb-037-step5b/test/test_fabric.ml /tmp/plmb-037-step5b/test/test_parser.ml /tmp/plmb-037-step5b/test/test_pinning.ml /tmp/plmb-037-step5b/test/test_plumb.ml /tmp/plmb-037-step5b/test/test_render_group.ml /tmp/plmb-037-step5b/test/test_routing.ml /tmp/plmb-037-step5b/test/test_session_compile.ml /tmp/plmb-037-step5b/test/test_session_exec.ml /tmp/plmb-037-step5b/test/test_supervisor.ml /tmp/plmb-037-step5b/test/test_tool.ml /tmp/plmb-037-step5b/test/test_transport.ml /tmp/plmb-037-step5b/test/test_validate.ml
1→(** Integration tests for the plumb runtime.
2→
3→ Runs the plumb binary as a subprocess, testing identity passthrough,
4→ copy (fan-out), merge (fan-in), and copy-merge composition. *)
5→
6→let plumb_bin = "../bin/plumb/main.exe"
7→let fixture path = "fixtures/" ^ path
8→
9→(** Run the plumb binary with given fixture and input,
10→ return (stdout, stderr, exit_code). *)
11→let run_plumb spec input =
12→ let spec_path = fixture spec in
13→ let stdout_read, stdout_write = Unix.pipe ~cloexec:true () in
14→ let stderr_read, stderr_write = Unix.pipe ~cloexec:true () in
15→ let stdin_read, stdin_write = Unix.pipe ~cloexec:true () in
16→ let pid = Unix.create_process plumb_bin
17→ [| plumb_bin; spec_path |]
18→ stdin_read stdout_write stderr_write in
19→ Unix.close stdin_read;
20→ Unix.close stdout_write;
21→ Unix.close stderr_write;
22→ (* Write input *)
23→ let oc = Unix.out_channel_of_descr stdin_write in
24→ output_string oc input;
25→ close_out oc;
26→ (* Read output *)
27→ let ic_out = Unix.in_channel_of_descr stdout_read in
28→ let ic_err = Unix.in_channel_of_descr stderr_read in
29→ let stdout = In_channel.input_all ic_out in
30→ let stderr = In_channel.input_all ic_err in
31→ close_in ic_out;
32→ close_in ic_err;
33→ let _, status = Unix.waitpid [] pid in
34→ let exit_code = match status with
35→ | Unix.WEXITED c -> c
36→ | Unix.WSIGNALED _ -> 128
37→ | Unix.WSTOPPED _ -> 128
38→ in
39→ (stdout, stderr, exit_code)
40→
41→(** Split output into non-empty lines. *)
42→let output_lines stdout =
43→ String.split_on_char '\n' stdout
44→ |> List.filter (fun s -> String.length (String.trim s) > 0)
45→
46→(** {1 Identity via plumb} *)
47→
48→let test_identity_passthrough () =
49→ let input = "{\"name\":\"Alice\",\"age\":30}\n" in
50→ let stdout, _stderr, code = run_plumb "identity.plumb" input inThis test runs the plumb binary. The binary now uses the fabric. The test is hanging which means there's likely a deadlock or the fabric isn't shutting down correctly. Let me check what fixtures look like and trace the issue.
(* The standard identity spec — used by most tests. *)
type Person = { name: string, age: int }
let passthrough : !Person -> !Person = id
let main : !Person -> !Person = plumb(input, output) {
spawn passthrough(input, output)
}This is an inline-only pipeline (id morphism, no agents). The fabric should handle this fine. Let me test it manually:
cd /tmp/plmb-037-step5b && echo '{"name":"Alice","age":30}' | timeout 10 nix develop --command ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb 2>&1; echo "exit: $?"cd /tmp/plmb-037-step5b && echo '{"name":"Alice","age":30}' | nix develop --command gtimeout 10 ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb 2>&1; echo "exit: $?"warning: Git tree '/private/tmp/plmb-037-step5b' is dirty /tmp/nix-shell.h7ZPy1: line 2200: exec: gtimeout: not found exit:
cd /tmp/plmb-037-step5b && (echo '{"name":"Alice","age":30}' | nix develop --command sh -c 'timeout 10 ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb' 2>/dev/null); echo "exit: $?"The output is correct but let me check if the binary exits cleanly. Let me look at how the inline id morphism handles EOF:
{
"pattern": "forward_id",
"path": "/tmp/plmb-037-step5b/lib/fabric/inline.ml",
"output_mode": "content",
"-A": 25
}67:let forward_id ~name type_env input_type recv_sock send_sock = 68- let label = Printf.sprintf "id[%s]" name in 69- recv_loop ~label recv_sock (fun json -> 70- match Validate.check type_env input_type json with 71- | Ok cleaned -> send_json send_sock ~topic:name cleaned 72- | Error errs -> 73- Runtime.Log.error label 74- ["error", `String (Validate.error_string errs)]; 75- raise Exit) 76- 77-(** Discard: validate and drop. *) 78-let drain_discard ~name type_env input_type recv_sock = 79- let label = Printf.sprintf "discard[%s]" name in 80- recv_loop ~label recv_sock (fun json -> 81- match Validate.check type_env input_type json with 82- | Ok _ -> () 83- | Error errs -> 84- Runtime.Log.error label 85- ["error", `String (Validate.error_string errs)]; 86- raise Exit) 87- 88-(** Debug tap: log and drop. *) 89-let forward_log label recv_sock = 90- let debug = Runtime.Log.get_level () = Runtime.Log.Debug in 91- recv_loop ~label recv_sock (fun json -> 92- if debug then
{
"pattern": "recv_loop",
"path": "/tmp/plmb-037-step5b/lib/fabric/inline.ml",
"output_mode": "content",
"-A": 25,
"head_limit": 30
}42:let recv_loop ~label sock f =
43- try while true do
44- let (_topic, payload) = T.recv sock in
45- if String.length payload > 0 then begin
46- let json =
47- try Yojson.Safe.from_string payload
48- with Yojson.Json_error msg ->
49- Runtime.Log.error label ["error", `String msg];
50- raise Exit
51- in
52- f json
53- end
54- done with
55- | Exit -> ()
56- | Transport.Transport_error (_, msg) ->
57- Runtime.Log.debug label
58- ["event", `String "transport_closed"; "detail", `String msg]
59-
60-(** Send a JSON value on a transport socket. *)
61-let send_json sock ~topic json =
62- T.send sock ~topic (Yojson.Safe.to_string json)
63-
64-(** {1 Simple Forwarding Morphisms} *)
65-
66-(** Identity: validate and forward. *)
67-let forward_id ~name type_env input_type recv_sock send_sock =
--
69: recv_loop ~label recv_sock (fun json ->
70- match Validate.check type_env input_type json with
71- | Ok cleaned -> send_json send_sock ~topic:name cleaned
[Showing results with pagination = limit: 30, offset: 0]I see the issue. The recv_loop receives an empty payload (which is the EOF sentinel) and just ignores it (String.length payload > 0 guard). It continues to loop, waiting for the next message. But there won't be any more messages — it should exit.
Wait, actually looking again: when an empty payload is received, recv_loop doesn't call f, but it doesn't raise Exit either — it just loops back to T.recv. Since no more messages come, it blocks on T.recv forever.
But this is existing code from before this step — the existing tests on main should have the same issue. Unless... the old plumb binary (using Exec) doesn't go through the fabric. The tests call run_plumb which runs the plumb binary. With my change, the binary now uses the fabric, so the inline morphisms need to handle EOF.
The inline morphism's recv_loop doesn't propagate EOF — it just ignores empty payloads. This means the id morphism never sends EOF downstream, so the reader in main.ml never gets EOF and never exits.
I need to fix the inline morphisms to propagate EOF. Let me check how send_eof works:
1→(** Inline morphism fibres — structural stream transformations over ZMQ.
2→
3→ Adapted from [Forward] (lib/plumb/forward.ml) to use the transport
4→ layer instead of Unix file descriptors. Each morphism runs as an
5→ Eio fibre, reading from PULL sockets and writing to PUSH sockets.
6→
7→ Fatal errors raise [Morphism_fatal] instead of calling [exit 1].
8→ The supervisor catches this at the fibre boundary. *)
9→
10→open Language
11→
12→exception Morphism_fatal of string * (string * Yojson.Safe.t) list
13→
14→(** Truncate a JSON value for logging. *)
15→let truncate_json ?(max_str=200) ?(max_items=5) json =
16→ let rec trunc = function
17→ | `String s when String.length s > max_str ->
18→ `String (String.sub s 0 max_str ^ "...")
19→ | `List items when List.length items > max_items ->
20→ let kept = List.filteri (fun i _ -> i < max_items) items in
21→ `List (List.map trunc kept @
22→ [`String (Printf.sprintf "...(%d more)" (List.length items - max_items))])
23→ | `List items -> `List (List.map trunc items)
24→ | `Assoc fields -> `Assoc (List.map (fun (k, v) -> (k, trunc v)) fields)
25→ | other -> other
26→ in
27→ trunc json
28→
29→let morphism_fatal label extras =
30→ Runtime.Log.error label extras;
31→ raise (Morphism_fatal (label, extras))
32→
33→(** {1 Transport-based message loop}
34→
35→ Common skeleton: receive JSON from a transport socket, parse,
36→ call handler, repeat until the socket closes or an error occurs. *)
37→
38→module T = Transport.Zmq
39→
40→(** Receive JSON messages from a socket, parse, and call [f].
41→ Exits on transport error (disconnect/close). *)
42→let recv_loop ~label sock f =The recv_loop ignores empty payloads but doesn't exit on them. For the fabric EOF protocol to work, inline morphisms need to:
1. Detect the EOF sentinel (empty payload)
2. Send EOF on their output socket(s)
3. Exit
Let me fix recv_loop to exit on EOF:
(** Receive JSON messages from a socket, parse, and call [f].
Exits on transport error (disconnect/close). *)
let recv_loop ~label sock f =
try while true do
let (_topic, payload) = T.recv sock in
if String.length payload > 0 then begin
let json =
try Yojson.Safe.from_string payload
with Yojson.Json_error msg ->
Runtime.Log.error label ["error", `String msg];
raise Exit
in
f json
end
done with
| Exit -> ()
| Transport.Transport_error (_, msg) ->
Runtime.Log.debug label
["event", `String "transport_closed"; "detail", `String msg](** Raised when an EOF sentinel (empty payload) is received. *)
exception Eof_received
(** Receive JSON messages from a socket, parse, and call [f].
Exits on transport error (disconnect/close) or EOF sentinel. *)
let recv_loop ~label sock f =
try while true do
let (_topic, payload) = T.recv sock in
if String.length payload = 0 then
raise Eof_received;
let json =
try Yojson.Safe.from_string payload
with Yojson.Json_error msg ->
Runtime.Log.error label ["error", `String msg];
raise Exit
in
f json
done with
| Exit | Eof_received -> ()
| Transport.Transport_error (_, msg) ->
Runtime.Log.debug label
["event", `String "transport_closed"; "detail", `String msg]But the inline morphisms also need to send EOF on their output sockets after the recv_loop exits. Currently forward_id doesn't do this. The recv_loop just returns and the daemon fibre exits without sending EOF downstream.
Looking at the fabric's main loop in fabric.ml, the inline morphism fibres are fork_daemon — they just return Stop_daemon. They don't send EOF on their output sockets. The bridge's demux does send EOF, but inline morphisms don't.
I need to add EOF propagation to all inline morphisms. The simplest approach: change recv_loop to return whether it received EOF, and have each morphism send EOF on its output socket(s) after the loop.
Actually, a cleaner approach: make a wrapper that handles it. Let me refactor:
1→(** Inline morphism fibres — structural stream transformations over ZMQ.
2→
3→ Adapted from [Forward] (lib/plumb/forward.ml) to use the transport
4→ layer instead of Unix file descriptors. Each morphism runs as an
5→ Eio fibre, reading from PULL sockets and writing to PUSH sockets.
6→
7→ Fatal errors raise [Morphism_fatal] instead of calling [exit 1].
8→ The supervisor catches this at the fibre boundary. *)
9→
10→open Language
11→
12→exception Morphism_fatal of string * (string * Yojson.Safe.t) list
13→
14→(** Truncate a JSON value for logging. *)
15→let truncate_json ?(max_str=200) ?(max_items=5) json =
16→ let rec trunc = function
17→ | `String s when String.length s > max_str ->
18→ `String (String.sub s 0 max_str ^ "...")
19→ | `List items when List.length items > max_items ->
20→ let kept = List.filteri (fun i _ -> i < max_items) items in
21→ `List (List.map trunc kept @
22→ [`String (Printf.sprintf "...(%d more)" (List.length items - max_items))])
23→ | `List items -> `List (List.map trunc items)
24→ | `Assoc fields -> `Assoc (List.map (fun (k, v) -> (k, trunc v)) fields)
25→ | other -> other
26→ in
27→ trunc json
28→
29→let morphism_fatal label extras =
30→ Runtime.Log.error label extras;
31→ raise (Morphism_fatal (label, extras))
32→
33→(** {1 Transport-based message loop}
34→
35→ Common skeleton: receive JSON from a transport socket, parse,
36→ call handler, repeat until the socket closes or an error occurs. *)
37→
38→module T = Transport.Zmq
39→
40→(** Raised when an EOF sentinel (empty payload) is received. *)
41→exception Eof_received
42→
43→(** Receive JSON messages from a socket, parse, and call [f].
44→ Exits on transport error (disconnect/close) or EOF sentinel. *)
45→let recv_loop ~label sock f =
46→ try while true do
47→ let (_topic, payload) = T.recv sock in
48→ if String.length payload = 0 then
49→ raise Eof_received;
50→ let json =
51→ try Yojson.Safe.from_string payload
52→ with Yojson.Json_error msg ->
53→ Runtime.Log.error label ["error", `String msg];
54→ raise Exit
55→ in
56→ f json
57→ done with
58→ | Exit | Eof_received -> ()
59→ | Transport.Transport_error (_, msg) ->
60→ Runtime.Log.debug label
61→ ["event", `String "transport_closed"; "detail", `String msg]
62→
63→(** Send a JSON value on a transport socket. *)
64→let send_json sock ~topic json =
65→ T.send sock ~topic (Yojson.Safe.to_string json)
66→
67→(** {1 Simple Forwarding Morphisms} *)
68→
69→(** Identity: validate and forward. *)
70→let forward_id ~name type_env input_type recv_sock send_sock =
71→ let label = Printf.sprintf "id[%s]" name in
72→ recv_loop ~label recv_sock (fun json ->
73→ match Validate.check type_env input_type json with
74→ | Ok cleaned -> send_json send_sock ~topic:name cleaned
75→ | Error errs ->
76→ Runtime.Log.error label
77→ ["error", `String (Validate.error_string errs)];
78→ raise Exit)
79→
80→(** Discard: validate and drop. *)
81→let drain_discard ~name type_env input_type recv_sock =
82→ let label = Printf.sprintf "discard[%s]" name in
83→ recv_loop ~label recv_sock (fun json ->
84→ match Validate.check type_env input_type json with
85→ | Ok _ -> ()
86→ | Error errs ->
87→ Runtime.Log.error label
88→ ["error", `String (Validate.error_string errs)];
89→ raise Exit)
90→
91→(** Debug tap: log and drop. *)
92→let forward_log label recv_sock =
93→ let debug = Runtime.Log.get_level () = Runtime.Log.Debug in
94→ recv_loop ~label recv_sock (fun json ->
95→ if debug then
96→ Runtime.Log.debug label ["value", truncate_json json])
97→
98→(** JSON serialisation: !json -> !string. *)
99→let forward_format_json ~name recv_sock send_sock =
100→ let label = Printf.sprintf "format_json[%s]" name in
101→ recv_loop ~label recv_sock (fun json ->
102→ let s = Yojson.Safe.to_string json in
103→ send_json send_sock ~topic:name (`String s))
104→
105→(** JSON deserialisation: !string -> !json. *)
106→let forward_parse_json ~name recv_sock send_sock =
107→ let label = Printf.sprintf "parse_json[%s]" name in
108→ recv_loop ~label recv_sock (fun json ->
109→ let s = match json with
110→ | `String s -> s
111→ | _ ->
112→ Runtime.Log.error label ["error", `String "expected JSON string"];
113→ raise Exit
114→ in
115→ let parsed =
116→ try Yojson.Safe.from_string s
117→ with Yojson.Json_error msg ->
118→ Runtime.Log.error label ["error", `String msg];
119→ raise Exit
120→ in
121→ send_json send_sock ~topic:name parsed)
122→
123→(** {1 Fan-out Morphisms} *)
124→
125→(** Copy: validate and send to two output sockets. *)
126→let forward_copy ~name type_env input_type recv_sock send_sock0 send_sock1 =
127→ let label = Printf.sprintf "copy[%s]" name in
128→ recv_loop ~label recv_sock (fun json ->
129→ match Validate.check type_env input_type json with
130→ | Ok cleaned ->
131→ let s = Yojson.Safe.to_string cleaned in
132→ (try T.send send_sock0 ~topic:name s with
133→ | Transport.Transport_error _ ->
134→ Runtime.Log.debug label ["event", `String "output0_closed"]);
135→ (try T.send send_sock1 ~topic:name s with
136→ | Transport.Transport_error _ ->
137→ Runtime.Log.debug label ["event", `String "output1_closed"])
138→ | Error errs ->
139→ Runtime.Log.error label
140→ ["error", `String (Validate.error_string errs)];
141→ raise Exit)
142→
143→(** {1 Fan-in Morphisms} *)
144→
145→(** Merge: read from two input sockets, validate per source, write to output.
146→ Uses Eio.Fiber.first to read from whichever socket has data. *)
147→let forward_merge ~name type_env input_type0 input_type1
148→ recv_sock0 recv_sock1 send_sock =
149→ let label = Printf.sprintf "merge[%s]" name in
150→ let reader recv_sock input_type sub_label =
151→ recv_loop ~label:sub_label recv_sock (fun json ->
152→ match Validate.check type_env input_type json with
153→ | Ok cleaned -> send_json send_sock ~topic:name cleaned
154→ | Error errs ->
155→ morphism_fatal sub_label
156→ ["error", `String (Validate.error_string errs);
157→ "value", truncate_json json])
158→ in
159→ Eio.Fiber.both
160→ (fun () -> reader recv_sock0 input_type0 (label ^ "/0"))
161→ (fun () -> reader recv_sock1 input_type1 (label ^ "/1"))
162→
163→(** Merge-any: same as merge but the output closes when the first
164→ input closes. Under ZMQ, this means cancelling the other fibre
165→ when one finishes. *)
166→let forward_merge_any ~name type_env input_type0 input_type1
167→ recv_sock0 recv_sock1 send_sock =
168→ let label = Printf.sprintf "merge_any[%s]" name in
169→ let reader recv_sock input_type sub_label () =
170→ recv_loop ~label:sub_label recv_sock (fun json ->
171→ match Validate.check type_env input_type json with
172→ | Ok cleaned -> send_json send_sock ~topic:name cleaned
173→ | Error errs ->
174→ morphism_fatal sub_label
175→ ["error", `String (Validate.error_string errs);
176→ "value", truncate_json json])
177→ in
178→ (* Eio.Fiber.first cancels the other fibre when one completes *)
179→ Eio.Fiber.first
180→ (reader recv_sock0 input_type0 (label ^ "/0"))
181→ (reader recv_sock1 input_type1 (label ^ "/1"))
182→
183→(** {1 Barrier (Synchronised N-ary Fan-in)} *)
184→
185→(** Barrier: wait for one message from each of N inputs, emit the
186→ product, repeat. Uses Eio.Mutex for synchronisation. *)
187→let forward_barrier ~name type_env input_types recv_socks send_sock =
188→ let n = List.length input_types in
189→ let barrier_label = Printf.sprintf "barrier[%s]" name in
190→ let m = Eio.Mutex.create () in
191→ let slots = Array.make n None in
192→ let filled = ref 0 in
193→ let eof = ref false in
194→ let cond = Eio.Condition.create () in
195→ let reader idx in_type recv_sock =
196→ let sub_label = Printf.sprintf "barrier[%s]/%d" name idx in
197→ recv_loop ~label:sub_label recv_sock (fun json ->
198→ match Validate.check type_env in_type json with
199→ | Error errs ->
200→ Runtime.Log.error sub_label
201→ ["error", `String (Validate.error_string errs)];
202→ raise Exit
203→ | Ok cleaned ->
204→ Eio.Mutex.use_rw ~protect:false m (fun () ->
205→ (* Wait if our slot is still occupied from previous round *)
206→ while slots.(idx) <> None do
207→ if !eof then raise Exit;
208→ Eio.Condition.await cond m
209→ done;
210→ slots.(idx) <- Some cleaned;
211→ filled := !filled + 1;
212→ if !filled = n then begin
213→ let values = Array.map
214→ (function Some v -> v | None -> assert false) slots in
215→ let product = `List (Array.to_list values) in
216→ Array.fill slots 0 n None;
217→ filled := 0;
218→ Eio.Condition.broadcast cond;
219→ (* Send outside the critical section would be cleaner but
220→ we need to hold the lock to prevent re-entry. The send
221→ yields to Eio which is fine with Eio.Mutex. *)
222→ (try send_json send_sock ~topic:barrier_label product
223→ with Transport.Transport_error (_, msg) ->
224→ Runtime.Log.debug barrier_label
225→ ["event", `String "output_closed"; "detail", `String msg])
226→ end));
227→ (* Mark EOF *)
228→ Eio.Mutex.use_rw ~protect:false m (fun () ->
229→ eof := true;
230→ Eio.Condition.broadcast cond)
231→ in
232→ let indexed = List.combine
233→ (List.combine input_types recv_socks)
234→ (List.init n Fun.id) in
235→ Eio.Fiber.all (List.map (fun ((in_type, recv_sock), idx) ->
236→ fun () -> reader idx in_type recv_sock
237→ ) indexed)
238→
239→(** {1 Expression Morphisms} *)
240→
241→(** Map: per-message pure transform. *)
242→let forward_map ~name type_env in_type out_type expr recv_sock send_sock =
243→ let label = Printf.sprintf "map[%s]" name in
244→ recv_loop ~label recv_sock (fun json ->
245→ let value = match Validate.check type_env in_type json with
246→ | Ok cleaned -> cleaned
247→ | Error errs ->
248→ Runtime.Log.warn label
249→ ["event", `String "input_type_mismatch";
250→ "error", `String (Validate.error_string errs);
251→ "value", truncate_json json];
252→ json
253→ in
254→ let result =
255→ try Expr.eval value expr
256→ with Expr.Eval_error msg ->
257→ morphism_fatal label
258→ ["error", `String msg; "value", truncate_json value]
259→ in
260→ match Validate.check type_env out_type result with
261→ | Ok validated -> send_json send_sock ~topic:name validated
262→ | Error errs ->
263→ morphism_fatal label
264→ ["error", `String (Validate.error_string errs);
265→ "value", truncate_json result])
266→
267→(** Filter: predicate-based stream filtering. *)
268→let forward_filter ~name type_env msg_type expr recv_sock send_sock =
269→ let label = Printf.sprintf "inline_filter[%s]" name in
270→ recv_loop ~label recv_sock (fun json ->
271→ let value = match Validate.check type_env msg_type json with
272→ | Ok cleaned -> cleaned
273→ | Error _ -> json
274→ in
275→ let result =
276→ try Expr.eval value expr
277→ with Expr.Eval_error _ -> `Bool false
278→ in
279→ match Expr.to_bool result with
280→ | b -> if b then send_json send_sock ~topic:name value
281→ | exception Expr.Eval_error _ -> ())
282→
283→(** Project: product projection. *)
284→let forward_project ~name n recv_sock send_sock =
285→ let label = Printf.sprintf "project[%s]" name in
286→ recv_loop ~label recv_sock (fun json ->
287→ match json with
288→ | `List items ->
289→ (match List.nth_opt items n with
290→ | Some v -> send_json send_sock ~topic:name v
291→ | None ->
292→ Runtime.Log.error label
293→ ["error", `String (Printf.sprintf
294→ "index %d out of bounds (length %d)" n (List.length items))];
295→ raise Exit)
296→ | _ ->
297→ Runtime.Log.error label ["error", `String "expected JSON array"];
298→ raise Exit)
299→
300→(** Tagger: stateful envelope tagger for session protocols. *)
301→let forward_tagger ~name indices label_opt recv_sock send_sock =
302→ let tag_label = Printf.sprintf "tagger[%s]" name in
303→ let step = ref 0 in
304→ recv_loop ~label:tag_label recv_sock (fun json ->
305→ let idx = match indices with
306→ | [] -> let s = !step in incr step; s
307→ | _ ->
308→ let s = List.nth indices (!step mod List.length indices) in
309→ incr step; s
310→ in
311→ let envelope = match label_opt with
312→ | None ->
313→ `Assoc [("__step", `Int idx); ("payload", json)]
314→ | Some lbl ->
315→ `Assoc [("__label", `String lbl); ("__step", `Int idx); ("payload", json)]
316→ in
317→ send_json send_sock ~topic:name envelope)
318→I need to add EOF propagation to inline morphisms. After recv_loop exits, each morphism should send an EOF sentinel (empty payload) on its output socket(s). Let me add this:
(** Send a JSON value on a transport socket. *) let send_json sock ~topic json = T.send sock ~topic (Yojson.Safe.to_string json)
(** Send a JSON value on a transport socket. *) let send_json sock ~topic json = T.send sock ~topic (Yojson.Safe.to_string json) (** Send an EOF sentinel (empty payload) on a transport socket. *) let send_eof sock ~topic = try T.send sock ~topic "" with _ -> ()
let forward_id ~name type_env input_type recv_sock send_sock =
let label = Printf.sprintf "id[%s]" name in
recv_loop ~label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned -> send_json send_sock ~topic:name cleaned
| Error errs ->
Runtime.Log.error label
["error", `String (Validate.error_string errs)];
raise Exit)let forward_id ~name type_env input_type recv_sock send_sock =
let label = Printf.sprintf "id[%s]" name in
recv_loop ~label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned -> send_json send_sock ~topic:name cleaned
| Error errs ->
Runtime.Log.error label
["error", `String (Validate.error_string errs)];
raise Exit);
send_eof send_sock ~topic:namelet forward_format_json ~name recv_sock send_sock =
let label = Printf.sprintf "format_json[%s]" name in
recv_loop ~label recv_sock (fun json ->
let s = Yojson.Safe.to_string json in
send_json send_sock ~topic:name (`String s))let forward_format_json ~name recv_sock send_sock =
let label = Printf.sprintf "format_json[%s]" name in
recv_loop ~label recv_sock (fun json ->
let s = Yojson.Safe.to_string json in
send_json send_sock ~topic:name (`String s));
send_eof send_sock ~topic:namelet forward_parse_json ~name recv_sock send_sock =
let label = Printf.sprintf "parse_json[%s]" name in
recv_loop ~label recv_sock (fun json ->
let s = match json with
| `String s -> s
| _ ->
Runtime.Log.error label ["error", `String "expected JSON string"];
raise Exit
in
let parsed =
try Yojson.Safe.from_string s
with Yojson.Json_error msg ->
Runtime.Log.error label ["error", `String msg];
raise Exit
in
send_json send_sock ~topic:name parsed)let forward_parse_json ~name recv_sock send_sock =
let label = Printf.sprintf "parse_json[%s]" name in
recv_loop ~label recv_sock (fun json ->
let s = match json with
| `String s -> s
| _ ->
Runtime.Log.error label ["error", `String "expected JSON string"];
raise Exit
in
let parsed =
try Yojson.Safe.from_string s
with Yojson.Json_error msg ->
Runtime.Log.error label ["error", `String msg];
raise Exit
in
send_json send_sock ~topic:name parsed);
send_eof send_sock ~topic:namelet forward_copy ~name type_env input_type recv_sock send_sock0 send_sock1 =
let label = Printf.sprintf "copy[%s]" name in
recv_loop ~label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned ->
let s = Yojson.Safe.to_string cleaned in
(try T.send send_sock0 ~topic:name s with
| Transport.Transport_error _ ->
Runtime.Log.debug label ["event", `String "output0_closed"]);
(try T.send send_sock1 ~topic:name s with
| Transport.Transport_error _ ->
Runtime.Log.debug label ["event", `String "output1_closed"])
| Error errs ->
Runtime.Log.error label
["error", `String (Validate.error_string errs)];
raise Exit)let forward_copy ~name type_env input_type recv_sock send_sock0 send_sock1 =
let label = Printf.sprintf "copy[%s]" name in
recv_loop ~label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned ->
let s = Yojson.Safe.to_string cleaned in
(try T.send send_sock0 ~topic:name s with
| Transport.Transport_error _ ->
Runtime.Log.debug label ["event", `String "output0_closed"]);
(try T.send send_sock1 ~topic:name s with
| Transport.Transport_error _ ->
Runtime.Log.debug label ["event", `String "output1_closed"])
| Error errs ->
Runtime.Log.error label
["error", `String (Validate.error_string errs)];
raise Exit);
send_eof send_sock0 ~topic:name;
send_eof send_sock1 ~topic:namelet forward_merge ~name type_env input_type0 input_type1
recv_sock0 recv_sock1 send_sock =
let label = Printf.sprintf "merge[%s]" name in
let reader recv_sock input_type sub_label =
recv_loop ~label:sub_label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned -> send_json send_sock ~topic:name cleaned
| Error errs ->
morphism_fatal sub_label
["error", `String (Validate.error_string errs);
"value", truncate_json json])
in
Eio.Fiber.both
(fun () -> reader recv_sock0 input_type0 (label ^ "/0"))
(fun () -> reader recv_sock1 input_type1 (label ^ "/1"))let forward_merge ~name type_env input_type0 input_type1
recv_sock0 recv_sock1 send_sock =
let label = Printf.sprintf "merge[%s]" name in
let reader recv_sock input_type sub_label =
recv_loop ~label:sub_label recv_sock (fun json ->
match Validate.check type_env input_type json with
| Ok cleaned -> send_json send_sock ~topic:name cleaned
| Error errs ->
morphism_fatal sub_label
["error", `String (Validate.error_string errs);
"value", truncate_json json])
in
Eio.Fiber.both
(fun () -> reader recv_sock0 input_type0 (label ^ "/0"))
(fun () -> reader recv_sock1 input_type1 (label ^ "/1"));
send_eof send_sock ~topic:name (* Eio.Fiber.first cancels the other fibre when one completes *)
Eio.Fiber.first
(reader recv_sock0 input_type0 (label ^ "/0"))
(reader recv_sock1 input_type1 (label ^ "/1")) (* Eio.Fiber.first cancels the other fibre when one completes *)
Eio.Fiber.first
(reader recv_sock0 input_type0 (label ^ "/0"))
(reader recv_sock1 input_type1 (label ^ "/1"));
send_eof send_sock ~topic:name Eio.Fiber.all (List.map (fun ((in_type, recv_sock), idx) ->
fun () -> reader idx in_type recv_sock
) indexed) Eio.Fiber.all (List.map (fun ((in_type, recv_sock), idx) ->
fun () -> reader idx in_type recv_sock
) indexed);
send_eof send_sock ~topic:(Printf.sprintf "barrier[%s]" name) match Validate.check type_env out_type result with
| Ok validated -> send_json send_sock ~topic:name validated
| Error errs ->
morphism_fatal label
["error", `String (Validate.error_string errs);
"value", truncate_json result])
(** Filter: predicate-based stream filtering. *) match Validate.check type_env out_type result with
| Ok validated -> send_json send_sock ~topic:name validated
| Error errs ->
morphism_fatal label
["error", `String (Validate.error_string errs);
"value", truncate_json result]);
send_eof send_sock ~topic:name
(** Filter: predicate-based stream filtering. *) match Expr.to_bool result with
| b -> if b then send_json send_sock ~topic:name value
| exception Expr.Eval_error _ -> ())
(** Project: product projection. *) match Expr.to_bool result with
| b -> if b then send_json send_sock ~topic:name value
| exception Expr.Eval_error _ -> ());
send_eof send_sock ~topic:name
(** Project: product projection. *) | _ ->
Runtime.Log.error label ["error", `String "expected JSON array"];
raise Exit)
(** Tagger: stateful envelope tagger for session protocols. *) | _ ->
Runtime.Log.error label ["error", `String "expected JSON array"];
raise Exit);
send_eof send_sock ~topic:name
(** Tagger: stateful envelope tagger for session protocols. *)send_json send_sock ~topic:name envelope)
send_json send_sock ~topic:name envelope); send_eof send_sock ~topic:name
cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -20
cd /tmp/plmb-037-step5b && echo '{"name":"Alice","age":30}' | nix develop --command sh -c './_build/default/bin/plumb/main.exe test/fixtures/identity.plumb' 2>/dev/null; echo "exit: $?"cd /tmp/plmb-037-step5b && echo '{"name":"Alice","age":30}' | nix develop --command sh -c './_build/default/bin/plumb/main.exe test/fixtures/identity.plumb; echo "code=$?"' 2>/dev/nullcd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1
Command was manually backgrounded by user with ID: b4muvrx1s. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b4muvrx1s.output
/tmp/plmb-037-step5b/test/fixtures/agent.plumb /tmp/plmb-037-step5b/test/fixtures/agent_control.plumb /tmp/plmb-037-step5b/test/fixtures/agent_control_arity.plumb /tmp/plmb-037-step5b/test/fixtures/agent_control_mismatch.plumb /tmp/plmb-037-step5b/test/fixtures/agent_control_telemetry.plumb /tmp/plmb-037-step5b/test/fixtures/agent_eliza.plumb /tmp/plmb-037-step5b/test/fixtures/agent_explicit_provider.plumb /tmp/plmb-037-step5b/test/fixtures/agent_no_provider.plumb /tmp/plmb-037-step5b/test/fixtures/agent_nonproduct_three.plumb /tmp/plmb-037-step5b/test/fixtures/agent_openai_provider.plumb
wc -l /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b4muvrx1s.output 2>/dev/null && tail -20 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b4muvrx1s.output 2>/dev/null
381 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b4muvrx1s.output [OK] serialisation 1 multi-trigger send/recv. [OK] loop 0 send/recv loop exec. [OK] <-> integration 0 full pipeline. [OK] <-> integration 1 bare alias error. [OK] <-> integration 2 multi-step channels. [OK] select 0 select exec. [OK] select 1 select + loop exec. Full test results in `/private/tmp/plmb-037-step5b/_build/default/test/_build/_tests/session_exec'. Test Successful in 0.010s. 10 tests run. Testing `fabric'. This run has ID `V2YZBKHR'. [OK] inline 0 identity. [OK] inline 1 copy + merge. [OK] agent 0 agent identity. [OK] agent 1 agent EOF. Full test results in `/private/tmp/plmb-037-step5b/_build/default/test/_build/_tests/fabric'. Test Successful in 3.663s. 4 tests run.
ww 5797 0.0 0.1 435619408 11952 ?? S 9:50AM 0:00.50 dune test --root=. ww 5795 0.0 0.0 435308672 1184 ?? Ss 9:50AM 0:00.00 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1' \< /dev/null && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-333d-cwd
pgrep -P 5797 2>/dev/null | xargs -I{} ps -p {} -o pid=,command= 2>/dev/nullIt's been running for 8 minutes — it's hanging. The identity pipeline works manually, so it must be a different test case. Let me check what test_plumb tests:
kill 5806 5797 5795 2>/dev/null; sleep 1; rm -f /tmp/plmb-037-step5b/_build/.lock
40→
41→(** Split output into non-empty lines. *)
42→let output_lines stdout =
43→ String.split_on_char '\n' stdout
44→ |> List.filter (fun s -> String.length (String.trim s) > 0)
45→
46→(** {1 Identity via plumb} *)
47→
48→let test_identity_passthrough () =
49→ let input = "{\"name\":\"Alice\",\"age\":30}\n" in
50→ let stdout, _stderr, code = run_plumb "identity.plumb" input in
51→ Alcotest.(check int) "exit 0" 0 code;
52→ Alcotest.(check string) "output" "{\"name\":\"Alice\",\"age\":30}\n" stdout
53→
54→let test_identity_multiple () =
55→ let input = "{\"name\":\"Alice\",\"age\":30}\n{\"name\":\"Bob\",\"age\":25}\n" in
56→ let stdout, _stderr, code = run_plumb "identity.plumb" input in
57→ Alcotest.(check int) "exit 0" 0 code;
58→ let lines = output_lines stdout in
59→ Alcotest.(check int) "two output lines" 2 (List.length lines)
60→
61→let test_identity_empty () =
62→ let stdout, _stderr, code = run_plumb "identity.plumb" "" in
63→ Alcotest.(check int) "exit 0" 0 code;
64→ Alcotest.(check string) "no output" "" stdout
65→
66→(** {1 Copy-merge} *)
67→
68→let test_copy_merge_doubles () =
69→ let input = "{\"text\":\"hello\"}\n" in
70→ let stdout, _stderr, code = run_plumb "copy.plumb" input in
71→ Alcotest.(check int) "exit 0" 0 code;
72→ let lines = output_lines stdout in
73→ Alcotest.(check int) "two output lines" 2 (List.length lines)
74→
75→let test_copy_merge_content () =
76→ let input = "{\"text\":\"hello\"}\n" in
77→ let stdout, _stderr, code = run_plumb "copy.plumb" input in
78→ Alcotest.(check int) "exit 0" 0 code;
79→ let lines = output_lines stdout in
80→ List.iter (fun line ->
81→ Alcotest.(check string) "content preserved" "{\"text\":\"hello\"}" line
82→ ) lines
83→
84→let test_copy_merge_multiple () =
85→ let input = "{\"text\":\"a\"}\n{\"text\":\"b\"}\n{\"text\":\"c\"}\n" in
86→ let stdout, _stderr, code = run_plumb "copy.plumb" input in
87→ Alcotest.(check int) "exit 0" 0 code;
88→ let lines = output_lines stdout in
89→ Alcotest.(check int) "six output lines" 6 (List.length lines);
90→ (* Each message should appear exactly twice *)
91→ let count msg = List.length (List.filter (fun l -> l = msg) lines) in
92→ Alcotest.(check int) "a appears twice" 2 (count "{\"text\":\"a\"}");
93→ Alcotest.(check int) "b appears twice" 2 (count "{\"text\":\"b\"}");
94→ Alcotest.(check int) "c appears twice" 2 (count "{\"text\":\"c\"}")
95→
96→let test_copy_merge_empty () =
97→ let stdout, _stderr, code = run_plumb "copy.plumb" "" in
98→ Alcotest.(check int) "exit 0" 0 code;
99→ Alcotest.(check string) "no output" "" stdout
100→
101→(** {1 Barrier} *)
102→
103→let test_barrier_basic () =
104→ let input = "{\"text\":\"hello\"}\n" in
105→ let stdout, _stderr, code = run_plumb "barrier.plumb" input in
106→ Alcotest.(check int) "exit 0" 0 code;
107→ let lines = output_lines stdout in
108→ Alcotest.(check int) "one output line" 1 (List.length lines);
109→ Alcotest.(check string) "product"
110→ "[{\"text\":\"hello\"},{\"text\":\"hello\"}]" (List.hd lines)
111→
112→let test_barrier_multiple () =
113→ let input = "{\"text\":\"a\"}\n{\"text\":\"b\"}\n{\"text\":\"c\"}\n" in
114→ let stdout, _stderr, code = run_plumb "barrier.plumb" input in
115→ Alcotest.(check int) "exit 0" 0 code;
116→ let lines = output_lines stdout in
117→ Alcotest.(check int) "three output lines" 3 (List.length lines);
118→ List.iter (fun line ->
119→ let json = Yojson.Safe.from_string line in
120→ match json with
121→ | `List [a; b] ->
122→ Alcotest.(check string) "pair elements equal"
123→ (Yojson.Safe.to_string a) (Yojson.Safe.to_string b)
124→ | _ -> Alcotest.fail "expected JSON array of 2 elements"
125→ ) lines
126→
127→let test_barrier_empty () =
128→ let stdout, _stderr, code = run_plumb "barrier.plumb" "" in
129→ Alcotest.(check int) "exit 0" 0 code;
130→ Alcotest.(check string) "no output" "" stdout
131→
132→let test_barrier_named () =
133→ let input = "{\"text\":\"hello\"}\n" in
134→ let stdout, _stderr, code = run_plumb "barrier_named.plumb" input in
135→ Alcotest.(check int) "exit 0" 0 code;
136→ let lines = output_lines stdout in
137→ Alcotest.(check int) "one output line" 1 (List.length lines);
138→ Alcotest.(check string) "product"
139→ "[{\"text\":\"hello\"},{\"text\":\"hello\"}]" (List.hd lines)
140→
141→let test_barrier_type_mismatch () =
142→ let _stdout, _stderr, code = run_plumb "barrier_type_mismatch.plumb" "" in
143→ Alcotest.(check int) "exit 2" 2 code
144→
145→let test_barrier_homogeneous () =
146→ let input = "{\"text\":\"hello\"}\n" in
147→ let stdout, _stderr, code = run_plumb "barrier_homogeneous.plumb" input in
148→ Alcotest.(check int) "exit 0" 0 code;
149→ let lines = output_lines stdout in
150→ Alcotest.(check int) "one output line" 1 (List.length lines);
151→ Alcotest.(check string) "product"
152→ "[{\"text\":\"hello\"},{\"text\":\"hello\"}]" (List.hd lines)
153→
154→let test_barrier_3way () =
155→ let input = "{\"text\":\"hello\"}\n" in
156→ let stdout, _stderr, code = run_plumb "barrier_3way.plumb" input in
157→ Alcotest.(check int) "exit 0" 0 code;
158→ let lines = output_lines stdout in
159→ Alcotest.(check int) "one output line" 1 (List.length lines);
160→ (* 3-way barrier produces flat 3-element JSON array *)
161→ Alcotest.(check string) "3-way product"
162→ "[{\"text\":\"hello\"},{\"text\":\"hello\"},{\"text\":\"hello\"}]"
163→ (List.hd lines)
164→
165→let test_barrier_3way_multiple () =
166→ let input = "{\"text\":\"a\"}\n{\"text\":\"b\"}\n" in
167→ let stdout, _stderr, code = run_plumb "barrier_3way.plumb" input in
168→ Alcotest.(check int) "exit 0" 0 code;
169→ let lines = output_lines stdout in
170→ Alcotest.(check int) "two output lines" 2 (List.length lines);
171→ List.iter (fun line ->
172→ let json = Yojson.Safe.from_string line in
173→ match json with
174→ | `List [a; b; c] ->
175→ Alcotest.(check string) "triple elements equal"
176→ (Yojson.Safe.to_string a) (Yojson.Safe.to_string b);
177→ Alcotest.(check string) "triple elements equal"
178→ (Yojson.Safe.to_string b) (Yojson.Safe.to_string c)
179→ | _ -> Alcotest.fail "expected JSON array of 3 elements"
180→ ) lines
181→
182→(** {1 Project tests} *)
183→
184→let test_project_second () =
185→ let input = "{\"text\":\"hello\"}\n" in
186→ let stdout, _stderr, code = run_plumb "project.plumb" input in
187→ Alcotest.(check int) "exit 0" 0 code;
188→ let lines = output_lines stdout in
189→ Alcotest.(check int) "one output line" 1 (List.length lines);
190→ Alcotest.(check string) "project(1) extracts second element"
191→ "{\"text\":\"hello\"}" (List.hd lines)
192→
193→let test_project_first () =
194→ let input = "{\"text\":\"hello\"}\n" in
195→ let stdout, _stderr, code = run_plumb "project_first.plumb" input in
196→ Alcotest.(check int) "exit 0" 0 code;
197→ let lines = output_lines stdout in
198→ Alcotest.(check int) "one output line" 1 (List.length lines);
199→ Alcotest.(check string) "project(0) extracts first element"
200→ "{\"text\":\"hello\"}" (List.hd lines)
201→
202→let test_project_oob () =
203→ let _stdout, _stderr, code = run_plumb "project_oob.plumb" "" in
204→ Alcotest.(check int) "exit 2 (config error)" 2 code
205→
206→(** {1 Direct structural morphism spawn} *)
207→
208→let test_direct_copy_merge () =
209→ let input = "{\"text\":\"hello\"}\n" in
210→ let stdout, _stderr, code = run_plumb "direct.plumb" input in
211→ Alcotest.(check int) "exit 0" 0 code;
212→ let lines = output_lines stdout in
213→ Alcotest.(check int) "two output lines" 2 (List.length lines);
214→ List.iter (fun line ->
215→ Alcotest.(check string) "content preserved" "{\"text\":\"hello\"}" line
216→ ) lines
217→
218→let test_direct_identity () =
219→ let input = "{\"name\":\"Alice\",\"age\":30}\n" in
220→ let stdout, _stderr, code = run_plumb "direct_id.plumb" input in
221→ Alcotest.(check int) "exit 0" 0 code;
222→ Alcotest.(check string) "output" "{\"name\":\"Alice\",\"age\":30}\n" stdout
223→
224→(** {1 Type checking at spawn boundaries} *)
225→
226→let test_type_mismatch_direct () =
227→ let _stdout, _stderr, code = run_plumb "type_mismatch.plumb" "" in
228→ Alcotest.(check int) "exit 2" 2 code
229→
230→let test_type_mismatch_named () =
231→ let _stdout, _stderr, code = run_plumb "named_mismatch.plumb" "" in
232→ Alcotest.(check int) "exit 2" 2 code
233→
234→let test_reserved_name_rejected () =
235→ let _stdout, _stderr, code = run_plumb "reserved_name.plumb" "" in
236→ Alcotest.(check int) "exit 2" 2 code
237→
238→(** {1 Heterogeneous merge} *)
239→
240→let test_heterogeneous_merge () =
241→ (* Only one arm exercised — ch_b has no writer, so merge reader 1
242→ gets immediate EOF from fd cleanup. Testing both arms without
243→ an agent is impractical since structural morphisms can't
244→ transform types. *)
245→ let input = "{\"text\":\"hello\"}\n" in
246→ let stdout, _stderr, code = run_plumb "hetero_merge.plumb" input in
247→ Alcotest.(check int) "exit 0" 0 code;
248→ let lines = output_lines stdout in
249→ Alcotest.(check int) "one line" 1 (List.length lines);
250→ Alcotest.(check string) "content" "{\"text\":\"hello\"}" (List.hd lines)
251→
252→let test_heterogeneous_merge_mismatch () =
253→ let _stdout, _stderr, code = run_plumb "hetero_mismatch.plumb" "" in
254→ Alcotest.(check int) "exit 2" 2 code
255→
256→(** {1 Product type checking} *)
257→
258→let test_copy_product_mismatch () =
259→ let _stdout, _stderr, code = run_plumb "copy_mismatch.plumb" "" in
260→ Alcotest.(check int) "exit 2" 2 code
261→
262→let test_copy_product_arity () =
263→ let _stdout, _stderr, code = run_plumb "copy_arity.plumb" "" in
264→ Alcotest.(check int) "exit 2" 2 code
265→
266→(** {1 Named spawn} *)
267→
268→let test_named_spawn_identity () =
269→ let input = "{\"name\":\"Alice\",\"age\":30}\n" in
270→ let stdout, _stderr, code = run_plumb "named_identity.plumb" input in
271→ Alcotest.(check int) "exit 0" 0 code;
272→ Alcotest.(check string) "output" "{\"name\":\"Alice\",\"age\":30}\n" stdout
273→
274→let test_named_spawn_copy_merge () =
275→ let input = "{\"text\":\"hello\"}\n" in
276→ let stdout, _stderr, code = run_plumb "named_copy.plumb" input in
277→ Alcotest.(check int) "exit 0" 0 code;
278→ let lines = output_lines stdout in
279→ Alcotest.(check int) "two output lines" 2 (List.length lines);
280→ List.iter (fun line ->
281→ Alcotest.(check string) "content preserved" "{\"text\":\"hello\"}" line
282→ ) lines
283→
284→let test_named_spawn_unknown_port () =
285→ let _stdout, _stderr, code = run_plumb "named_unknown.plumb" "" in
286→ Alcotest.(check int) "exit 2" 2 code
287→
288→let test_named_spawn_missing_port () =
289→ let _stdout, _stderr, code = run_plumb "named_missing.plumb" "" in
290→ Alcotest.(check int) "exit 2" 2 code
291→
292→(** {1 Agent telemetry port type checking} *)
293→
294→let test_agent_nonproduct_rejects_three () =
295→ let _stdout, _stderr, code = run_plumb "agent_nonproduct_three.plumb" "" in
296→ Alcotest.(check int) "exit 2" 2 code
297→
298→let test_agent_product_type_mismatch () =
299→ let _stdout, _stderr, code = run_plumb "agent_product_mismatch.plumb" "" in
300→ Alcotest.(check int) "exit 2" 2 code
301→
302→let test_agent_product_arity () =
303→ let _stdout, _stderr, code = run_plumb "agent_product_arity.plumb" "" in
304→ Alcotest.(check int) "exit 2" 2 code
305→
306→(** {1 Agent control port type checking} *)
307→
308→let test_agent_control_accepted () =
309→ (* Product input (!A, !C) with correct types — passes type-checking.
310→ With empty stdin, agent exits cleanly (exit 0). *)
311→ let _stdout, _stderr, code = run_plumb "agent_control.plumb" "" in
312→ Alcotest.(check int) "exit 0" 0 code
313→
314→let test_agent_control_mismatch () =
315→ let _stdout, _stderr, code = run_plumb "agent_control_mismatch.plumb" "" in
316→ Alcotest.(check int) "exit 2" 2 code
317→
318→let test_agent_control_arity () =
319→ let _stdout, _stderr, code = run_plumb "agent_control_arity.plumb" "" in
320→ Alcotest.(check int) "exit 2" 2 code
321→
322→let test_agent_control_telemetry () =
323→ (* 4-port agent — both control and telemetry *)
324→ let _stdout, _stderr, code = run_plumb "agent_control_telemetry.plumb" "" in
325→ Alcotest.(check int) "exit 0" 0 code
326→
327→let test_wiring_control () =
328→ (* Wiring with control-input agent — desugarer creates implicit channel. *)
329→ let _stdout, _stderr, code = run_plumb "wiring_control.plumb" "" in
330→ Alcotest.(check int) "exit 0" 0 code
331→
332→let test_wiring_telemetry_source () =
333→ (* Regression for PLMB-040 follow-up: agent@telemetry as chain source.
334→ Before the fix, the pre-allocated wsp channel was treated as a phantom
335→ process and raised "has no input channel". *)
336→ let _stdout, _stderr, code = run_plumb "wiring_telemetry_source.plumb" "" in
337→ Alcotest.(check int) "exit 0" 0 code
338→
339→(** {1 Filter} *)
340→
341→let test_filter_passes () =
342→ let input = "{\"score\":90,\"text\":\"great\"}\n" in
343→ let stdout, _stderr, code = run_plumb "filter.plumb" input in
344→ Alcotest.(check int) "exit 0" 0 code;
345→ let lines = output_lines stdout in
346→ Alcotest.(check int) "one output" 1 (List.length lines);
347→ Alcotest.(check string) "content" "{\"score\":90,\"text\":\"great\"}" (List.hd lines)
348→
349→let test_filter_drops () =
350→ let input = "{\"score\":50,\"text\":\"poor\"}\n" in
351→ let stdout, _stderr, code = run_plumb "filter.plumb" input in
352→ Alcotest.(check int) "exit 0" 0 code;
353→ Alcotest.(check string) "no output" "" stdout
354→
355→let test_filter_mixed () =
356→ let input =
357→ "{\"score\":90,\"text\":\"a\"}\n\
358→ {\"score\":50,\"text\":\"b\"}\n\
359→ {\"score\":85,\"text\":\"c\"}\n\
360→ {\"score\":10,\"text\":\"d\"}\n" in
361→ let stdout, _stderr, code = run_plumb "filter.plumb" input in
362→ Alcotest.(check int) "exit 0" 0 code;
363→ let lines = output_lines stdout in
364→ Alcotest.(check int) "two pass" 2 (List.length lines)
365→
366→let test_filter_empty () =
367→ let stdout, _stderr, code = run_plumb "filter.plumb" "" in
368→ Alcotest.(check int) "exit 0" 0 code;
369→ Alcotest.(check string) "no output" "" stdout
370→
371→let test_filter_type_mismatch () =
372→ let _stdout, _stderr, code = run_plumb "filter_mismatch.plumb" "" in
373→ Alcotest.(check int) "exit 2" 2 code
374→
375→(** Regression tests for BUG-160: filter expressions must be type-checked
376→ at compile time. *)
377→
378→let test_filter_field_on_string () =
379→ (* Field access on string type must fail — strings have no fields. *)
380→ let _stdout, stderr, code =
381→ run_plumb "filter_field_on_string.plumb" "" in
382→ Alcotest.(check int) "exit 2" 2 code;
383→ Alcotest.(check bool) "mentions type error" true
384→ (String.length stderr > 0)
385→
386→let test_filter_nonbool_predicate () =
387→ (* filter(score + 1) returns int, not bool — must fail. *)
388→ let _stdout, stderr, code =
389→ run_plumb "filter_nonbool_predicate.plumb" "" in
390→ Alcotest.(check int) "exit 2" 2 code;
391→ Alcotest.(check bool) "mentions type error" true
392→ (String.length stderr > 0)
393→
394→let test_filter_json_field () =
395→ (* Field access on json type should compile — json is dynamically typed. *)
396→ let _stdout, _stderr, code = run_plumb "filter_json_field.plumb" "" in
397→ Alcotest.(check int) "exit 0" 0 code
398→
399→let test_filter_json_compound () =
400→ (* Compound boolean on json fields should compile. *)
401→ let _stdout, _stderr, code =
402→ run_plumb "filter_json_compound.plumb" "" in
403→ Alcotest.(check int) "exit 0" 0 code
404→
405→(** {1 Top-level filter/map expression type checking}
406→
407→ Regression tests for BUG-160: top-level [let f = filter(expr)]
408→ and [let f = map(expr)] must have their expressions type-checked
409→ at compile time, not just inline forms in wiring bodies. *)
410→
411→let test_toplevel_filter_field_on_string () =
412→ let _stdout, stderr, code =
413→ run_plumb "toplevel_filter_field_on_string.plumb" "" in
414→ Alcotest.(check int) "exit 2" 2 code;
415→ Alcotest.(check bool) "mentions type error" true
416→ (String.length stderr > 0)
417→
418→let test_toplevel_filter_nonbool_predicate () =
419→ let _stdout, stderr, code =
420→ run_plumb "toplevel_filter_nonbool_predicate.plumb" "" in
421→ Alcotest.(check int) "exit 2" 2 code;
422→ Alcotest.(check bool) "mentions type error" true
423→ (String.length stderr > 0)
424→
425→let test_toplevel_filter_json_field () =
426→ let _stdout, _stderr, code =
427→ run_plumb "toplevel_filter_json_field.plumb" "" in
428→ Alcotest.(check int) "exit 0" 0 code
429→
430→let test_toplevel_filter_json_compound () =
431→ let _stdout, _stderr, code =
432→ run_plumb "toplevel_filter_json_compound.plumb" "" in
433→ Alcotest.(check int) "exit 0" 0 code
434→
435→let test_toplevel_filter_valid_record () =
436→ let input =
437→ "{\"score\":80,\"text\":\"a\"}\n\
438→ {\"score\":30,\"text\":\"b\"}\n" in
439→ let stdout, _stderr, code =
440→ run_plumb "toplevel_filter_valid_record.plumb" input in
441→ Alcotest.(check int) "exit 0" 0 code;
442→ let lines = output_lines stdout in
443→ Alcotest.(check int) "one passes filter" 1 (List.length lines)
444→
445→let test_toplevel_map_field_on_string () =
446→ let _stdout, stderr, code =
447→ run_plumb "toplevel_map_field_on_string.plumb" "" in
448→ Alcotest.(check int) "exit 2" 2 code;
449→ Alcotest.(check bool) "mentions type error" true
450→ (String.length stderr > 0)
451→
452→let test_toplevel_map_output_type_mismatch () =
453→ let _stdout, stderr, code =
454→ run_plumb "toplevel_map_output_type_mismatch.plumb" "" in
455→ Alcotest.(check int) "exit 2" 2 code;
456→ Alcotest.(check bool) "mentions type error" true
457→ (String.length stderr > 0)
458→
459→let test_toplevel_map_valid_expr () =
460→ let input = "{\"score\":5,\"text\":\"hi\"}\n" in
461→ let stdout, _stderr, code =
462→ run_plumb "toplevel_map_valid_expr.plumb" input in
463→ Alcotest.(check int) "exit 0" 0 code;
464→ let lines = output_lines stdout in
465→ Alcotest.(check int) "one output" 1 (List.length lines);
466→ Alcotest.(check string) "doubled score" "10" (List.hd lines)
467→
468→let test_toplevel_map_json_field () =
469→ let _stdout, _stderr, code =
470→ run_plumb "toplevel_map_json_field.plumb" "" in
471→ Alcotest.(check int) "exit 0" 0 code
472→
473→(** {1 Map} *)
474→
475→let test_map_transform () =
476→ let input = "{\"score\":90,\"text\":\"great\"}\n" in
477→ let stdout, _stderr, code = run_plumb "map.plumb" input in
478→ Alcotest.(check int) "exit 0" 0 code;
479→ let lines = output_lines stdout in
480→ Alcotest.(check int) "one output" 1 (List.length lines);
481→ Alcotest.(check string) "content" "{\"doubled\":180,\"pass\":true}" (List.hd lines)
482→
483→let test_map_below_threshold () =
484→ let input = "{\"score\":40,\"text\":\"poor\"}\n" in
485→ let stdout, _stderr, code = run_plumb "map.plumb" input in
486→ Alcotest.(check int) "exit 0" 0 code;
487→ let lines = output_lines stdout in
488→ Alcotest.(check int) "one output" 1 (List.length lines);
489→ Alcotest.(check string) "content" "{\"doubled\":80,\"pass\":false}" (List.hd lines)
490→
491→let test_map_projection () =
492→ let input = "{\"draft\":\"hello\",\"verdict\":true}\n" in
493→ let stdout, _stderr, code = run_plumb "map_project.plumb" input in
494→ Alcotest.(check int) "exit 0" 0 code;
495→ let lines = output_lines stdout in
496→ Alcotest.(check int) "one output" 1 (List.length lines);
497→ Alcotest.(check string) "content" "true" (List.hd lines)
498→
499→let test_map_empty () =
500→ let stdout, _stderr, code = run_plumb "map.plumb" "" in
501→ Alcotest.(check int) "exit 0" 0 code;
502→ Alcotest.(check string) "no output" "" stdout
503→
504→(** {1 Wiring (static form)} *)
505→
506→let test_wiring_linear () =
507→ let input = "{\"text\":\"hello\"}\n" in
508→ let stdout, _stderr, code = run_plumb "wiring_linear.plumb" input in
509→ Alcotest.(check int) "exit 0" 0 code;
510→ Alcotest.(check string) "passthrough" "{\"text\":\"hello\"}\n" stdout
511→
512→let test_wiring_copy () =
513→ let input = "{\"text\":\"hello\"}\n" in
514→ let stdout, _stderr, code = run_plumb "wiring_copy.plumb" input in
515→ Alcotest.(check int) "exit 0" 0 code;
516→ let lines = output_lines stdout in
517→ Alcotest.(check int) "doubled output" 2 (List.length lines);
518→ List.iter (fun line ->
519→ Alcotest.(check string) "content" "{\"text\":\"hello\"}" line
520→ ) lines
521→
522→let test_wiring_filter () =
523→ let input =
524→ "{\"score\":80,\"text\":\"good\"}\n\
525→ {\"score\":30,\"text\":\"bad\"}\n\
526→ {\"score\":50,\"text\":\"ok\"}\n" in
527→ let stdout, _stderr, code = run_plumb "wiring_filter.plumb" input in
528→ Alcotest.(check int) "exit 0" 0 code;
529→ let lines = output_lines stdout in
530→ Alcotest.(check int) "two pass" 2 (List.length lines)
531→
532→let test_wiring_map_expr () =
533→ let input = "{\"x\":5,\"label\":\"hi\"}\n{\"x\":10,\"label\":\"bye\"}\n" in
534→ let stdout, _stderr, code = run_plumb "wiring_map_expr.plumb" input in
535→ Alcotest.(check int) "exit 0" 0 code;
536→ let lines = output_lines stdout in
537→ Alcotest.(check int) "two lines" 2 (List.length lines);
538→ Alcotest.(check string) "doubled 5" "10" (List.nth lines 0);
539→ Alcotest.(check string) "doubled 10" "20" (List.nth lines 1)
540→
541→let test_wiring_map_record () =
542→ let input = "{\"score\":5,\"text\":\"hi\"}\n" in
543→ let stdout, _stderr, code = run_plumb "wiring_map_record.plumb" input in
544→ Alcotest.(check int) "exit 0" 0 code;
545→ let lines = output_lines stdout in
546→ Alcotest.(check int) "one line" 1 (List.length lines);
547→ Alcotest.(check string) "record output"
548→ "{\"doubled\":10,\"original\":5}" (List.hd lines)
549→
550→(** {1 Wiring heterogeneous merge (static form)} *)
551→
552→let test_wiring_hetero_merge () =
553→ (* Two map branches produce different types, merged into sum output.
554→ Both branches exercise because input fans out via auto-copy. *)
555→ let input = "{\"text\":\"hello\",\"count\":42}\n" in
556→ let stdout, _stderr, code = run_plumb "wiring_hetero_merge.plumb" input in
557→ Alcotest.(check int) "exit 0" 0 code;
558→ let lines = output_lines stdout in
559→ Alcotest.(check int) "two output lines" 2 (List.length lines);
560→ (* Both variants should appear (order depends on scheduling) *)
561→ let has_text = List.exists (fun l -> l = "{\"text\":\"hello\"}") lines in
562→ let has_count = List.exists (fun l -> l = "{\"count\":42}") lines in
563→ Alcotest.(check bool) "text variant" true has_text;
564→ Alcotest.(check bool) "count variant" true has_count
565→
566→let test_wiring_hetero_err () =
567→ (* Target has non-sum input but receives heterogeneous edges — exit 2. *)
568→ let _stdout, _stderr, code = run_plumb "wiring_hetero_err.plumb" "" in
569→ Alcotest.(check int) "exit 2" 2 code
570→
571→(** {1 Tensor + barrier (static form)} *)
572→
573→let test_tensor_barrier () =
574→ let input = "{\"text\":\"hello\"}\n" in
575→ let stdout, _stderr, code = run_plumb "wiring_tensor_barrier.plumb" input in
576→ Alcotest.(check int) "exit 0" 0 code;
577→ let lines = output_lines stdout in
578→ Alcotest.(check int) "one output line" 1 (List.length lines);
579→ Alcotest.(check string) "product"
580→ "[{\"text\":\"hello\"},{\"text\":\"hello\"}]" (List.hd lines)
581→
582→let test_tensor_barrier_multiple () =
583→ let input = "{\"text\":\"a\"}\n{\"text\":\"b\"}\n{\"text\":\"c\"}\n" in
584→ let stdout, _stderr, code = run_plumb "wiring_tensor_barrier.plumb" input in
585→ Alcotest.(check int) "exit 0" 0 code;
586→ let lines = output_lines stdout in
587→ Alcotest.(check int) "three output lines" 3 (List.length lines);
588→ List.iter (fun line ->
589→ let json = Yojson.Safe.from_string line in
590→ match json with
591→ | `List [a; b] ->
592→ Alcotest.(check string) "pair elements equal"
593→ (Yojson.Safe.to_string a) (Yojson.Safe.to_string b)
594→ | _ -> Alcotest.fail "expected 2-element array"
595→ ) lines
596→
597→let test_tensor_merge () =
598→ let input = "{\"text\":\"hello\"}\n" in
599→ let stdout, _stderr, code = run_plumb "wiring_tensor_merge.plumb" input in
600→ Alcotest.(check int) "exit 0" 0 code;
601→ let lines = output_lines stdout in
602→ (* Tensor without barrier: auto-merge produces 2 copies *)
603→ Alcotest.(check int) "doubled output" 2 (List.length lines);
604→ List.iter (fun line ->
605→ Alcotest.(check string) "content" "{\"text\":\"hello\"}" line
606→ ) lines
607→
608→let test_tensor_named_barrier () =
609→ let input = "{\"text\":\"hello\"}\n" in
610→ let stdout, _stderr, code =
611→ run_plumb "wiring_tensor_named_barrier.plumb" input in
612→ Alcotest.(check int) "exit 0" 0 code;
613→ let lines = output_lines stdout in
614→ Alcotest.(check int) "one output line" 1 (List.length lines);
615→ Alcotest.(check string) "product"
616→ "[{\"text\":\"hello\"},{\"text\":\"hello\"}]" (List.hd lines)
617→
618→let test_tensor_barrier_3way () =
619→ let input = "{\"text\":\"hello\"}\n" in
620→ let stdout, _stderr, code =
621→ run_plumb "wiring_tensor_barrier_3way.plumb" input in
622→ Alcotest.(check int) "exit 0" 0 code;
623→ let lines = output_lines stdout in
624→ Alcotest.(check int) "one output line" 1 (List.length lines);
625→ Alcotest.(check string) "3-way product"
626→ "[{\"text\":\"hello\"},{\"text\":\"hello\"},{\"text\":\"hello\"}]"
627→ (List.hd lines)
628→
629→let test_tensor_barrier_3way_multiple () =
630→ let input = "{\"text\":\"a\"}\n{\"text\":\"b\"}\n" in
631→ let stdout, _stderr, code =
632→ run_plumb "wiring_tensor_barrier_3way.plumb" input in
633→ Alcotest.(check int) "exit 0" 0 code;
634→ let lines = output_lines stdout in
635→ Alcotest.(check int) "two output lines" 2 (List.length lines);
636→ List.iter (fun line ->
637→ let json = Yojson.Safe.from_string line in
638→ match json with
639→ | `List [a; b; c] ->
640→ Alcotest.(check string) "triple elements equal"
641→ (Yojson.Safe.to_string a) (Yojson.Safe.to_string b);
642→ Alcotest.(check string) "triple elements equal"
643→ (Yojson.Safe.to_string b) (Yojson.Safe.to_string c)
644→ | _ -> Alcotest.fail "expected 3-element array"
645→ ) lines
646→
647→(** {1 EOF propagation with control channels}
648→
649→ Regression test for the ctrl_out fd leak: agents with has_control=true
650→ had their ctrl_out write fd dup'd in the demux setup. The original
651→ stayed open (claimed, so unclaimed handler skipped it), preventing the
652→ drain_discard thread from getting EOF. Thread.join in shutdown blocked
653→ forever. Fix: use original write fds directly (no dup). *)
654→
655→(** Run plumb with a timeout. Returns (stdout, exit_code) or fails
656→ if the process does not exit within [timeout] seconds. *)
657→let run_plumb_timeout ?(timeout=10.0) spec input =
658→ let spec_path = fixture spec in
659→ let stdin_r, stdin_w = Unix.pipe ~cloexec:true () in
660→ let stdout_r, stdout_w = Unix.pipe ~cloexec:true () in
661→ let stderr_r, stderr_w = Unix.pipe ~cloexec:true () in
662→ let pid = Unix.create_process plumb_bin
663→ [| plumb_bin; spec_path |] stdin_r stdout_w stderr_w in
664→ Unix.close stdin_r; Unix.close stdout_w; Unix.close stderr_w;
665→ let oc = Unix.out_channel_of_descr stdin_w in
666→ output_string oc input; close_out oc;
667→ (* Read stdout with select-based timeout *)
668→ let buf = Buffer.create 256 in
669→ let chunk = Bytes.create 4096 in
670→ let deadline = Unix.gettimeofday () +. timeout in
671→ let rec drain () =
672→ let remaining = deadline -. Unix.gettimeofday () in
673→ if remaining <= 0.0 then ()
674→ else match Unix.select [stdout_r] [] [] remaining with
675→ | readable, _, _ when readable <> [] ->
676→ let n = Unix.read stdout_r chunk 0 4096 in
677→ if n > 0 then (Buffer.add_subbytes buf chunk 0 n; drain ())
678→ | _ -> ()
679→ in
680→ drain (); Unix.close stdout_r;
681→ (* Wait for process with timeout *)
682→ let deadline = Unix.gettimeofday () +. timeout in
683→ let rec wait () =
684→ match Unix.waitpid [Unix.WNOHANG] pid with
685→ | 0, _ ->
686→ if Unix.gettimeofday () >= deadline then begin
687→ Unix.kill pid Sys.sigkill;
688→ ignore (Unix.waitpid [] pid);
689→ (try Unix.close stderr_r with Unix.Unix_error _ -> ());
690→ Alcotest.fail
691→ "pipeline did not exit within timeout — EOF not propagated"
692→ end;
693→ Unix.sleepf 0.05; wait ()
694→ | _, status ->
695→ (try Unix.close stderr_r with Unix.Unix_error _ -> ());
696→ (match status with Unix.WEXITED c -> c | _ -> 128)
697→ in
698→ let code = wait () in
699→ (Buffer.contents buf, code)
700→
701→let test_eof_control_agent () =
702→ let stdout, code =
703→ run_plumb_timeout "eliza_session.plumb" "\"hello\"\n" in
704→ Alcotest.(check int) "exit 0" 0 code;
705→ let lines = output_lines stdout in
706→ Alcotest.(check bool) "got output" true (List.length lines >= 1);
707→ (* Verify output is valid JSON — catches truncated writes from fd issues *)
708→ List.iter (fun line ->
709→ match Yojson.Safe.from_string line with
710→ | _ -> ()
711→ | exception _ -> Alcotest.fail ("invalid JSON in output: " ^ line)
712→ ) lines
713→
714→let test_eof_control_agent_empty () =
715→ let _stdout, code =
716→ run_plumb_timeout "eliza_session.plumb" "" in
717→ Alcotest.(check int) "exit 0" 0 code
718→
719→(* ── _format_json ─────────────────────────────────────────────── *)
720→
721→let test_format_json_object () =
722→ let input = "{\"a\":1}\n" in
723→ let stdout, _stderr, code = run_plumb "format_json.plumb" input in
724→ Alcotest.(check int) "exit 0" 0 code;
725→ (* Output should be the JSON string containing the serialised object *)
726→ let lines = output_lines stdout in
727→ Alcotest.(check int) "one output line" 1 (List.length lines);
728→ let result = Yojson.Safe.from_string (List.hd lines) in
729→ (match result with
730→ | `String s ->
731→ let reparsed = Yojson.Safe.from_string s in
732→ Alcotest.(check string) "roundtrip" "{\"a\":1}"
733→ (Yojson.Safe.to_string reparsed)
734→ | _ -> Alcotest.fail "expected JSON string output")
735→
736→let test_format_json_multiple () =
737→ let input = "{\"a\":1}\n{\"b\":2}\n[3,4]\n" in
738→ let stdout, _stderr, code = run_plumb "format_json.plumb" input in
739→ Alcotest.(check int) "exit 0" 0 code;
740→ let lines = output_lines stdout in
741→ Alcotest.(check int) "three output lines" 3 (List.length lines)
742→
743→let test_format_json_empty () =
744→ let stdout, _stderr, code = run_plumb "format_json.plumb" "" in
745→ Alcotest.(check int) "exit 0" 0 code;
746→ Alcotest.(check string) "no output" "" stdout
747→
748→let test_format_json_wrong_type () =
749→ let _stdout, _stderr, code = run_plumb "format_json_wrong_type.plumb" "" in
750→ Alcotest.(check int) "exit 2 (config_error)" 2 code
751→
752→(* ── _parse_json ──────────────────────────────────────────────── *)
753→
754→let test_parse_json_string () =
755→ (* Input is a JSON string value containing serialised JSON *)
756→ let input = "\"\\\"hello\\\"\"\n" in
757→ let stdout, _stderr, code = run_plumb "parse_json.plumb" input in
758→ Alcotest.(check int) "exit 0" 0 code;
759→ let lines = output_lines stdout in
760→ Alcotest.(check int) "one output line" 1 (List.length lines);
761→ Alcotest.(check string) "parsed" "\"hello\"" (List.hd lines)
762→
763→let test_parse_json_multiple () =
764→ let input = "\"{\\\"a\\\":1}\"\n\"{\\\"b\\\":2}\"\n" in
765→ let stdout, _stderr, code = run_plumb "parse_json.plumb" input in
766→ Alcotest.(check int) "exit 0" 0 code;
767→ let lines = output_lines stdout in
768→ Alcotest.(check int) "two output lines" 2 (List.length lines)
769→
770→let test_parse_json_empty () =
771→ let stdout, _stderr, code = run_plumb "parse_json.plumb" "" in
772→ Alcotest.(check int) "exit 0" 0 code;
773→ Alcotest.(check string) "no output" "" stdout
774→
775→let test_parse_json_wrong_type () =
776→ let _stdout, _stderr, code = run_plumb "parse_json_wrong_type.plumb" "" in
777→ Alcotest.(check int) "exit 2 (config_error)" 2 code
778→
779→(* ── algebraic laws ───────────────────────────────────────────── *)
780→
781→let test_format_parse_identity () =
782→ (* Law: _format_json ; _parse_json = id on !json *)
783→ let input = "{\"a\":1}\n[1,2,3]\nnull\ntrue\n42\n\"hello\"\n" in
784→ let stdout, _stderr, code = run_plumb "format_parse_id.plumb" input in
785→ Alcotest.(check int) "exit 0" 0 code;
786→ let in_lines = output_lines input in
787→ let out_lines = output_lines stdout in
788→ Alcotest.(check int) "same count" (List.length in_lines) (List.length out_lines);
789→ List.iter2 (fun i o ->
790→ Alcotest.(check string) "identity" i o
791→ ) in_lines out_lines
792→
793→let test_parse_format_identity () =
794→ (* Law: _parse_json ; _format_json ≅ id on !string (up to iso) *)
795→ let input = "\"{\\\"a\\\":1}\"\n\"[1,2,3]\"\n\"null\"\n" in
796→ let stdout, _stderr, code = run_plumb "parse_format_id.plumb" input in
797→ Alcotest.(check int) "exit 0" 0 code;
798→ let in_lines = output_lines input in
799→ let out_lines = output_lines stdout in
800→ Alcotest.(check int) "same count" (List.length in_lines) (List.length out_lines);
801→ (* Compare structurally — whitespace may be normalised *)
802→ List.iter2 (fun i o ->
803→ let i_json = Yojson.Safe.from_string i in
804→ let o_json = Yojson.Safe.from_string o in
805→ let i_inner = match i_json with `String s -> s | _ -> Yojson.Safe.to_string i_json in
806→ let o_inner = match o_json with `String s -> s | _ -> Yojson.Safe.to_string o_json in
807→ let i_parsed = Yojson.Safe.from_string i_inner in
808→ let o_parsed = Yojson.Safe.from_string o_inner in
809→ Alcotest.(check string) "iso"
810→ (Yojson.Safe.to_string i_parsed)
811→ (Yojson.Safe.to_string o_parsed)
812→ ) in_lines out_lines
813→
814→let () =
815→ Alcotest.run "plumb" [
816→ "identity via plumb", [
817→ Alcotest.test_case "passthrough" `Quick test_identity_passthrough;
818→ Alcotest.test_case "multiple lines" `Quick test_identity_multiple;
819→ Alcotest.test_case "empty stdin" `Quick test_identity_empty;
820→ ];
821→ "copy-merge", [
822→ Alcotest.test_case "doubles output" `Quick test_copy_merge_doubles;
823→ Alcotest.test_case "preserves content" `Quick test_copy_merge_content;
824→ Alcotest.test_case "multiple messages" `Quick test_copy_merge_multiple;
825→ Alcotest.test_case "empty stdin" `Quick test_copy_merge_empty;
826→ ];
827→ "barrier", [
828→ Alcotest.test_case "basic product" `Quick test_barrier_basic;
829→ Alcotest.test_case "multiple messages" `Quick test_barrier_multiple;
830→ Alcotest.test_case "empty stdin" `Quick test_barrier_empty;
831→ Alcotest.test_case "named binding" `Quick test_barrier_named;
832→ Alcotest.test_case "type mismatch" `Quick test_barrier_type_mismatch;
833→ Alcotest.test_case "homogeneous" `Quick test_barrier_homogeneous;
834→ Alcotest.test_case "3-way product" `Quick test_barrier_3way;
835→ Alcotest.test_case "3-way multiple" `Quick test_barrier_3way_multiple;
836→ ];
837→ "project", [
838→ Alcotest.test_case "project(1) second element" `Quick test_project_second;
839→ Alcotest.test_case "project(0) first element" `Quick test_project_first;
840→ Alcotest.test_case "out of bounds" `Quick test_project_oob;
841→ ];
842→ "direct structural spawn", [
843→ Alcotest.test_case "direct copy-merge" `Quick test_direct_copy_merge;
844→ Alcotest.test_case "direct identity" `Quick test_direct_identity;
845→ ];
846→ "type checking", [
847→ Alcotest.test_case "direct type mismatch" `Quick test_type_mismatch_direct;
848→ Alcotest.test_case "named type mismatch" `Quick test_type_mismatch_named;
849→ Alcotest.test_case "reserved name rejected" `Quick test_reserved_name_rejected;
850→ ];
851→ "heterogeneous merge", [
852→ Alcotest.test_case "accepts (A, B) → A | B" `Quick test_heterogeneous_merge;
853→ Alcotest.test_case "rejects wrong output type" `Quick test_heterogeneous_merge_mismatch;
854→ ];
855→ "product type checking", [
856→ Alcotest.test_case "copy output mismatch" `Quick test_copy_product_mismatch;
857→ Alcotest.test_case "copy wrong arity" `Quick test_copy_product_arity;
858→ ];
859→ "named spawn", [
860→ Alcotest.test_case "identity passthrough" `Quick test_named_spawn_identity;
861→ Alcotest.test_case "copy-merge doubles" `Quick test_named_spawn_copy_merge;
862→ Alcotest.test_case "unknown port rejected" `Quick test_named_spawn_unknown_port;
863→ Alcotest.test_case "missing port rejected" `Quick test_named_spawn_missing_port;
864→ ];
865→ "agent telemetry port", [
866→ Alcotest.test_case "non-product rejects 3 channels" `Quick test_agent_nonproduct_rejects_three;
867→ Alcotest.test_case "product type mismatch" `Quick test_agent_product_type_mismatch;
868→ Alcotest.test_case "product wrong arity" `Quick test_agent_product_arity;
869→ ];
870→ "agent control port", [
871→ Alcotest.test_case "product input accepted" `Quick test_agent_control_accepted;
872→ Alcotest.test_case "control type mismatch" `Quick test_agent_control_mismatch;
873→ Alcotest.test_case "control wrong arity" `Quick test_agent_control_arity;
874→ Alcotest.test_case "control + telemetry" `Quick test_agent_control_telemetry;
875→ Alcotest.test_case "wiring implicit control" `Quick test_wiring_control;
876→ Alcotest.test_case "wiring telemetry as chain source" `Quick test_wiring_telemetry_source;
877→ ];
878→ "filter", [
879→ Alcotest.test_case "passes matching" `Quick test_filter_passes;
880→ Alcotest.test_case "drops non-matching" `Quick test_filter_drops;
881→ Alcotest.test_case "mixed pass/drop" `Quick test_filter_mixed;
882→ Alcotest.test_case "empty stdin" `Quick test_filter_empty;
883→ Alcotest.test_case "type mismatch exit 2" `Quick test_filter_type_mismatch;
884→ Alcotest.test_case "field on string rejected" `Quick test_filter_field_on_string;
885→ Alcotest.test_case "non-bool predicate rejected" `Quick test_filter_nonbool_predicate;
886→ Alcotest.test_case "json field access accepted" `Quick test_filter_json_field;
887→ Alcotest.test_case "json compound expr accepted" `Quick test_filter_json_compound;
888→ ];
889→ "toplevel filter", [
890→ Alcotest.test_case "field on string rejected" `Quick test_toplevel_filter_field_on_string;
891→ Alcotest.test_case "non-bool predicate rejected" `Quick test_toplevel_filter_nonbool_predicate;
892→ Alcotest.test_case "json field access accepted" `Quick test_toplevel_filter_json_field;
893→ Alcotest.test_case "json compound expr accepted" `Quick test_toplevel_filter_json_compound;
894→ Alcotest.test_case "valid record filter runs" `Quick test_toplevel_filter_valid_record;
895→ ];
896→ "toplevel map", [
897→ Alcotest.test_case "field on string rejected" `Quick test_toplevel_map_field_on_string;
898→ Alcotest.test_case "output type mismatch rejected" `Quick test_toplevel_map_output_type_mismatch;
899→ Alcotest.test_case "valid expr with matching output" `Quick test_toplevel_map_valid_expr;
900→ Alcotest.test_case "json field access accepted" `Quick test_toplevel_map_json_field;
901→ ];
902→ "map", [
903→ Alcotest.test_case "transforms record" `Quick test_map_transform;
904→ Alcotest.test_case "below threshold" `Quick test_map_below_threshold;
905→ Alcotest.test_case "field projection" `Quick test_map_projection;
906→ Alcotest.test_case "empty stdin" `Quick test_map_empty;
907→ ];
908→ "wiring", [
909→ Alcotest.test_case "linear chain" `Quick test_wiring_linear;
910→ Alcotest.test_case "auto copy-merge" `Quick test_wiring_copy;
911→ Alcotest.test_case "inline filter" `Quick test_wiring_filter;
912→ Alcotest.test_case "inline map expr" `Quick test_wiring_map_expr;
913→ Alcotest.test_case "inline map record" `Quick test_wiring_map_record;
914→ Alcotest.test_case "hetero merge sum output" `Quick test_wiring_hetero_merge;
915→ Alcotest.test_case "hetero merge non-sum error" `Quick test_wiring_hetero_err;
916→ ];
917→ "tensor", [
918→ Alcotest.test_case "tensor + barrier" `Quick test_tensor_barrier;
919→ Alcotest.test_case "tensor + barrier multiple" `Quick test_tensor_barrier_multiple;
920→ Alcotest.test_case "tensor + auto-merge" `Quick test_tensor_merge;
921→ Alcotest.test_case "tensor + named barrier" `Quick test_tensor_named_barrier;
922→ Alcotest.test_case "tensor + 3-way barrier" `Quick test_tensor_barrier_3way;
923→ Alcotest.test_case "tensor + 3-way barrier multiple" `Quick test_tensor_barrier_3way_multiple;
924→ ];
925→ "eof-control", [
926→ Alcotest.test_case "exits cleanly with input" `Quick test_eof_control_agent;
927→ Alcotest.test_case "exits cleanly on empty input" `Quick test_eof_control_agent_empty;
928→ ];
929→ "_format_json", [
930→ Alcotest.test_case "serialises object" `Quick test_format_json_object;
931→ Alcotest.test_case "multiple messages" `Quick test_format_json_multiple;
932→ Alcotest.test_case "empty stdin" `Quick test_format_json_empty;
933→ Alcotest.test_case "wrong type rejected" `Quick test_format_json_wrong_type;
934→ ];
935→ "_parse_json", [
936→ Alcotest.test_case "deserialises string" `Quick test_parse_json_string;
937→ Alcotest.test_case "multiple messages" `Quick test_parse_json_multiple;
938→ Alcotest.test_case "empty stdin" `Quick test_parse_json_empty;
939→ Alcotest.test_case "wrong type rejected" `Quick test_parse_json_wrong_type;
940→ ];
941→ "json algebraic laws", [
942→ Alcotest.test_case "format ; parse = id" `Quick test_format_parse_identity;
943→ Alcotest.test_case "parse ; format ≅ id" `Quick test_parse_format_identity;
944→ ];
945→ ]
946→cd /tmp/plmb-037-step5b && nix develop --command sh -c 'echo "{\"text\":\"hello\"}" | ./_build/default/bin/plumb/main.exe test/fixtures/copy.plumb; echo "exit=$?"' 2>/dev/nullcat /tmp/plmb-037-step5b/test/fixtures/eliza_session.plumb
(* Minimal agent-with-control-channels for EOF regression test.
Uses ELIZA provider — no API key required.
The (!string, !CtrlCmd) -> !string input signature triggers
has_control=true in the executor. Port layout with has_control:
[input, ctrl_in, output, ctrl_out]. The ctrl_out channel has no
downstream reader, so the unclaimed handler sets up drain_discard.
Before the fix, the dup'd write fd left the original open,
preventing drain_discard from ever getting EOF — hanging shutdown. *)
type Ping = { ping: bool }
type CtrlCmd = Ping
let echobot : (!string, !CtrlCmd) -> !string = agent {
provider: "eliza",
model: "doctor"
}
let main : !string -> !string = plumb(input, output) {
let ctrl : !CtrlCmd = channel
spawn echobot(input=input, ctrl_in=ctrl, output=output)
}This test spawns an agent subprocess. Under the new fabric, the binary resolves the agent via the bridge. The bridge spawns the plumb-agent binary. The test has a 10s timeout, so it should either pass or fail within 10s.
Let me run just the test_plumb binary directly with specific test to check timing:
cd /tmp/plmb-037-step5b && time nix develop --command sh -c 'echo "" | ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb; echo "exit=$?"' 2>/dev/null
exit=0 nix develop --command sh -c 2> /dev/null 0.15s user 0.10s system 11% cpu 2.203 total
2.2 seconds per invocation — 1.5s from Fabric.shutdown's sleep. With ~80 tests, that's ~176 seconds = ~3 minutes. But the test was hanging for 8+ minutes. Let me check if there's a specific test hanging:
cd /tmp/plmb-037-step5b && nix develop --command sh -c './_build/default/test/test_plumb.exe -v' 2>&1 | head -100 & BGPID=$! sleep 20 kill $BGPID 2>/dev/null wait $BGPID 2>/dev/null
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty Testing `plumb'. This run has ID `P8NUTHYO'. [FAIL] identity via plumb 0 passthrough. [FAIL] identity via plumb 1 multiple lines. [FAIL] identity via plumb 2 empty stdin. [FAIL] copy-merge 0 doubles output. [FAIL] copy-merge 1 preserves content. [FAIL] copy-merge 2 multiple messages. [FAIL] copy-merge 3 empty stdin. [FAIL] barrier 0 basic product. [FAIL] barrier 1 multiple messages. [FAIL] barrier 2 empty stdin. [FAIL] barrier 3 named binding. [FAIL] barrier 4 type mismatch. [FAIL] barrier 5 homogeneous. [FAIL] barrier 6 3-way product. [FAIL] barrier 7 3-way multiple. [FAIL] project 0 project(1) second element. [FAIL] project 1 project(0) first element. [FAIL] project 2 out of bounds. [FAIL] direct structural spawn 0 direct copy-merge. [FAIL] direct structural spawn 1 direct identity. [FAIL] type checking 0 direct type mismatch. [FAIL] type checking 1 named type mismatch. [FAIL] type checking 2 reserved name rejected. [FAIL] heterogeneous merge 0 accepts (A, B) → A | B. [FAIL] heterogeneous merge 1 rejects wrong output type. [FAIL] product type checking 0 copy output mismatch. [FAIL] product type checking 1 copy wrong arity. [FAIL] named spawn 0 identity passthrough. [FAIL] named spawn 1 copy-merge doubles. [FAIL] named spawn 2 unknown port rejected. [FAIL] named spawn 3 missing port rejected. [FAIL] agent telemetry port 0 non-product rejects 3 ch... [FAIL] agent telemetry port 1 product type mismatch. [FAIL] agent telemetry port 2 product wrong arity. [FAIL] agent control port 0 product input accepted. [FAIL] agent control port 1 control type mismatch. [FAIL] agent control port 2 control wrong arity. [FAIL] agent control port 3 control + telemetry. [FAIL] agent control port 4 wiring implicit control. [FAIL] agent control port 5 wiring telemetry as chai... [FAIL] filter 0 passes matching. [FAIL] filter 1 drops non-matching. [FAIL] filter 2 mixed pass/drop. [FAIL] filter 3 empty stdin. [FAIL] filter 4 type mismatch exit 2. [FAIL] filter 5 field on string rejected. [FAIL] filter 6 non-bool predicate rejec... [FAIL] filter 7 json field access accepted. [FAIL] filter 8 json compound expr accep... [FAIL] toplevel filter 0 field on string rejected. [FAIL] toplevel filter 1 non-bool predicate rejec... [FAIL] toplevel filter 2 json field access accepted. [FAIL] toplevel filter 3 json compound expr accep... [FAIL] toplevel filter 4 valid record filter runs. [FAIL] toplevel map 0 field on string rejected. [FAIL] toplevel map 1 output type mismatch rej... [FAIL] toplevel map 2 valid expr with matching... [FAIL] toplevel map 3 json field access accepted. [FAIL] map 0 transforms record. [FAIL] map 1 below threshold. [FAIL] map 2 field projection. [FAIL] map 3 empty stdin. [FAIL] wiring 0 linear chain. [FAIL] wiring 1 auto copy-merge. [FAIL] wiring 2 inline filter. [FAIL] wiring 3 inline map expr. [FAIL] wiring 4 inline map record. [FAIL] wiring 5 hetero merge sum output. [FAIL] wiring 6 hetero merge non-sum error. [FAIL] tensor 0 tensor + barrier. [FAIL] tensor 1 tensor + barrier multiple. [FAIL] tensor 2 tensor + auto-merge. [FAIL] tensor 3 tensor + named barrier. [FAIL] tensor 4 tensor + 3-way barrier. [FAIL] tensor 5 tensor + 3-way barrier m... [FAIL] eof-control 0 exits cleanly with input. [FAIL] eof-control 1 exits cleanly on empty i... [FAIL] _format_json 0 serialises object. [FAIL] _format_json 1 multiple messages. [FAIL] _format_json 2 empty stdin. [FAIL] _format_json 3 wrong type rejected. [FAIL] _parse_json 0 deserialises string. [FAIL] _parse_json 1 multiple messages. [FAIL] _parse_json 2 empty stdin. [FAIL] _parse_json 3 wrong type rejected. [FAIL] json algebraic laws 0 format ; parse = id. [FAIL] json algebraic laws 1 parse ; format ≅ id. ┌──────────────────────────────────────────────────────────────────────────────┐ │ [FAIL] identity via plumb 0 passthrough. │ └──────────────────────────────────────────────────────────────────────────────┘ Unix.Unix_error(Unix.ENOENT, "create_process", "../bin/plumb/main.exe") Raised by primitive operation at Unix.create_process_gen.(fun) in file "unix.ml", line 923, characters 15-68 Called from Stdlib__Fun.protect in file "fun.ml", line 34, characters 8-15 Re-raised at Stdlib__Fun.protect in file "fun.ml", line 39, characters 6-52 Called from Unix.create_process in file "unix.ml" (inlined), line 926, characters 2-66
All tests are failing because they can't find ../bin/plumb/main.exe. This is a path resolution issue — the test binary is in a different directory in the build tree. The test uses ../bin/plumb/main.exe as a relative path but it's running from the wrong working directory.
This isn't a real test failure — the tests need to be run from the right directory, or the test infrastructure handles this. Let me check how dune runs these:
1→(tests
2→ (names test_parser test_validate test_plumb test_expr
3→ test_session_compile)
4→ (libraries language runtime alcotest yojson unix)
5→ (deps
6→ (glob_files fixtures/*.plumb)
7→ ../bin/plumb/main.exe))
8→
9→(test
10→ (name test_session_exec)
11→ (libraries language runtime plumb alcotest yojson unix threads.posix)
12→ (deps
13→ ../bin/plumb/main.exe))
14→
15→(test
16→ (name test_tool)
17→ (libraries language runtime plumb alcotest yojson unix str threads.posix)
18→ (deps
19→ (glob_files fixtures/*.plumb)
20→ ../bin/agent/main.exe))
21→
22→(test
23→ (name test_agent_config)
24→ (libraries alcotest unix str)
25→ (deps
26→ (glob_files fixtures/*.plumb)
27→ ../bin/agent/main.exe))
28→
29→(test
30→ (name test_agent_control)
31→ (libraries alcotest unix str yojson)
32→ (deps
33→ (glob_files fixtures/*.plumb)
34→ ../bin/agent/main.exe))
35→
36→(test
37→ (name test_agent_eliza)
38→ (libraries alcotest unix str yojson)
39→ (deps
40→ (glob_files fixtures/*.plumb)
41→ ../bin/agent/main.exe))
42→
43→(test
44→ (name test_pinning)
45→ (libraries agent client alcotest yojson str))
46→
47→(test
48→ (name test_docstore)
49→ (libraries docstore alcotest unix))
50→
51→(test
52→ (name test_render_group)
53→ (libraries render alcotest))
54→
55→(test
56→ (name test_error)
57→ (libraries runtime alcotest yojson))
58→
59→(test
60→ (name test_transport)
61→ (libraries transport alcotest eio_main unix))
62→
63→(test
64→ (name test_routing)
65→ (libraries language runtime alcotest))
66→
67→(test
68→ (name test_supervisor)
69→ (libraries supervisor alcotest unix))
70→
71→(test
72→ (name test_fabric)
73→ (libraries fabric transport language runtime spawn_lib alcotest eio_main eio.unix unix yojson threads.posix)
74→ (deps
75→ ../bin/agent/main.exe))
76→The test depends on ../bin/plumb/main.exe and runs with dune test from the test directory. When I ran it directly from the command line, the relative path didn't resolve. The dune test run should handle this correctly. The hanging must have been from the earlier version without EOF propagation.
Let me re-run the tests with dune properly:
cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1 | tail -40
Command was manually backgrounded by user with ID: b8hivsw7g. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b8hivsw7g.output
sleep 30 && tail -30 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b8hivsw7g.output 2>/dev/null
sleep 60 && tail -40 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b8hivsw7g.output 2>/dev/null
Command was manually backgrounded by user with ID: b9kbq47mr. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b9kbq47mr.output
You're right — each test case invocation takes ~2s because Fabric.shutdown calls Unix.sleepf 1.5. With ~80 test cases in test_plumb.ml alone, that's ~160s which is far too long. The old executor didn't have this sleep.
Let me check what the 1.5s sleep is for and whether we can reduce or eliminate it for the plumb binary:
kill $(pgrep -f "dune test") 2>/dev/null; sleep 1; rm -f /tmp/plmb-037-step5b/_build/.lock
The Unix.sleepf 1.5 in Fabric.shutdown is there to wait for system threads blocked in recv to notice socket closure. But for the plumb binary, by the time we call Fabric.shutdown, all fibres have already exited (the switch has already been left). The cancel() was already called, sockets are already closed.
Let me look at the shutdown flow more carefully and optimise it:
335→ 336→(** Re-export Bridge for external access. *) 337→module Bridge = Bridge 338→ 339→(** Shut down the pipeline. 340→ Closes all sockets (triggering recv timeout/failure in system 341→ threads), then destroys the ZMQ context and cleans up. *) 342→let shutdown t = 343→ let _ = Supervisor.shutdown t.supervisor in 344→ t.cancel (); 345→ (* Wait for system threads blocked in recv to notice the socket 346→ closure (up to the 1s receive timeout) *) 347→ Unix.sleepf 1.5; 348→ T.destroy_context t.ctx; 349→ cleanup_fabric_dir t.pipeline_id 350→
The problem: shutdown calls cancel() again (redundant since the plumb binary already called it), then sleeps 1.5s. Since all fibres have already exited by the time we leave the switch, there are no system threads to wait for.
I can skip the sleep if cancel was already called. Or better, reduce the sleep. But the simplest fix: in the plumb binary, skip the full shutdown since cancel was already called, and just do cleanup:
90→ let input_port = List.nth ports 0 in
91→ let output_port = List.nth ports n_in in
92→ (* Run the fabric under Eio *)
93→ let fabric_handle = ref None in
94→ Eio_main.run (fun _env ->
95→ Eio.Switch.run (fun sw ->
96→ let f = Fabric.execute ~sw ~routing_table ~type_env
97→ ~process_handler:handler () in
98→ fabric_handle := Some f;
99→ fabric_ref := Some f;
100→ (* Writer daemon: stdin → boundary input socket *)
101→ let push = Fabric.boundary_input f input_port in
102→ Eio.Fiber.fork_daemon ~sw (fun () ->
103→ (try while true do
104→ let line = Eio_unix.run_in_systhread (fun () ->
105→ input_line stdin) in
106→ Transport.Zmq.send push ~topic:input_port line
107→ done with End_of_file | Sys_error _ -> ());
108→ Fabric.Bridge.send_eof push ~topic:input_port;
109→ `Stop_daemon);
110→ (* Reader: boundary output socket → stdout (main fibre) *)
111→ let pull = Fabric.boundary_output f output_port in
112→ (try while true do
113→ let (_topic, payload) = Transport.Zmq.recv pull in
114→ if Fabric.Bridge.is_eof payload then raise Exit;
115→ Eio_unix.run_in_systhread (fun () ->
116→ print_endline payload)
117→ done with
118→ | Exit -> ()
119→ | Transport.Transport_error _ -> ());
120→ (* Reader exited — cancel the fabric to unwind all fibres *)
121→ f.cancel ()));
122→ (* Outside switch scope — safe to call shutdown (may sleep) *)
123→ (match !fabric_handle with
124→ | Some f -> Fabric.shutdown f
125→ | None -> ()))
126→The issue is that Fabric.shutdown is unnecessarily slow. Let me add a lighter-weight cleanup function or make shutdown smarter. The simplest approach: add a cleanup function that just cleans up without the sleep, since we know all fibres are done:
(** Shut down the pipeline.
Closes all sockets (triggering recv timeout/failure in system
threads), then destroys the ZMQ context and cleans up. *)
let shutdown t =
let _ = Supervisor.shutdown t.supervisor in
t.cancel ();
(* Wait for system threads blocked in recv to notice the socket
closure (up to the 1s receive timeout) *)
Unix.sleepf 1.5;
T.destroy_context t.ctx;
cleanup_fabric_dir t.pipeline_id(** Shut down the pipeline.
Closes all sockets (triggering recv timeout/failure in system
threads), then destroys the ZMQ context and cleans up. *)
let shutdown t =
let _ = Supervisor.shutdown t.supervisor in
t.cancel ();
(* Wait for system threads blocked in recv to notice the socket
closure (up to the 1s receive timeout) *)
Unix.sleepf 1.5;
T.destroy_context t.ctx;
cleanup_fabric_dir t.pipeline_id
(** Lightweight cleanup after orderly shutdown. Use this when
[cancel()] was already called and all fibres have exited
(e.g. after the Eio switch exits). Skips the 1.5s sleep
since no system threads are outstanding. *)
let cleanup t =
let _ = Supervisor.shutdown t.supervisor in
T.destroy_context t.ctx;
cleanup_fabric_dir t.pipeline_id (* Outside switch scope — safe to call shutdown (may sleep) *)
(match !fabric_handle with
| Some f -> Fabric.shutdown f
| None -> ())) (* Outside switch scope — all fibres have exited, just clean up.
Use cleanup (not shutdown) to avoid the 1.5s sleep — cancel()
was already called and all sockets are closed. *)
(match !fabric_handle with
| Some f -> Fabric.cleanup f
| None -> ()))cd /tmp/plmb-037-step5b && nix develop --command dune build --root=. 2>&1 | head -10
cd /tmp/plmb-037-step5b && time nix develop --command sh -c 'echo "{\"name\":\"Alice\",\"age\":30}" | ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb' 2>/dev/null{"name":"Alice","age":30}
nix develop --command sh -c 2> /dev/null 0.84s user 0.19s system 41% cpu 2.474 totalcd /tmp/plmb-037-step5b && nix develop --command sh -c 'time echo "{\"name\":\"Alice\",\"age\":30}" | ./_build/default/bin/plumb/main.exe test/fixtures/identity.plumb 2>/dev/null'warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
{"name":"Alice","age":30}
real 0m0.015s
user 0m0.006s
sys 0m0.006scd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1
Command running in background with ID: bsx02e4rg. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/bsx02e4rg.output
sleep 60 && tail -60 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/bsx02e4rg.output 2>/dev/null
[OK] protocol declarations 4 nested ch... [OK] protocol declarations 5 primitive... [OK] protocol declarations 6 protocol ... [OK] session type duality 0 send/recv... [OK] session type duality 1 select/of... [OK] session type duality 2 involution. [OK] session type duality 3 end self-... [OK] session type duality 4 loop self... [OK] protocol well-formedness 0 unguarded... [OK] protocol well-formedness 1 unguarded... [OK] protocol well-formedness 2 undefined... [OK] protocol well-formedness 3 stream in... [OK] protocol well-formedness 4 duplicate... [OK] protocol well-formedness 5 duplicate... [OK] protocol pretty-print 0 sequentia... [OK] protocol pretty-print 1 choice ro... [OK] protocol loader 0 load_stri... [OK] _format_json/_parse_json 0 format_js... [OK] _format_json/_parse_json 1 parse_jso... [OK] _format_json/_parse_json 2 format_js... [OK] _format_json/_parse_json 3 parse_jso... [OK] _format_json/_parse_json 4 format_js... [OK] _format_json/_parse_json 5 parse_jso... [OK] errors 0 parse error. [OK] errors 1 unknown i... [OK] compaction module 0 parses. [OK] keyword regression 0 keyword f... [OK] keyword regression 1 PinnedEnt... [OK] keyword regression 2 stdlib me... [OK] PLMB-040 product type chain regression 0 product o... [OK] PLMB-040 product type chain regression 1 product i... Full test results in `/private/tmp/plmb-037-step5b/_build/default/test/_build/_tests/parser'. Test Successful in 0.017s. 173 tests run. Testing `session_exec'. This run has ID `S0P12JSK'. [OK] executor 0 single send exec. [OK] executor 1 send/recv exec. [OK] serialisation 0 multi-trigger single send. [OK] serialisation 1 multi-trigger send/recv. [OK] loop 0 send/recv loop exec. [OK] <-> integration 0 full pipeline. [OK] <-> integration 1 bare alias error. [OK] <-> integration 2 multi-step channels. [OK] select 0 select exec. [OK] select 1 select + loop exec. Full test results in `/private/tmp/plmb-037-step5b/_build/default/test/_build/_tests/session_exec'. Test Successful in 0.012s. 10 tests run. Testing `fabric'. This run has ID `HIXKX1VA'. [OK] inline 0 identity. [OK] inline 1 copy + merge. [OK] agent 0 agent identity. [OK] agent 1 agent EOF. Full test results in `/private/tmp/plmb-037-step5b/_build/default/test/_build/_tests/fabric'. Test Successful in 3.649s. 4 tests run.
ps aux | grep "dune test" | grep -v grep; echo "---"; ps aux | grep test_plumb | grep -v grep
ww 6273 0.0 0.1 435619280 11952 ?? S 10:06AM 0:00.43 dune test --root=. ww 6271 0.0 0.0 435308128 1184 ?? Ss 10:06AM 0:00.00 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'cd /tmp/plmb-037-step5b && nix develop --command dune test --root=. 2>&1' \< /dev/null && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-f7e1-cwd --- ww 6282 0.0 0.0 435565552 2128 ?? S 10:06AM 0:00.02 ./test_plumb.exe
8.5 minutes and still running. It's hanging again. But the identity test worked fine (15ms). Let me check what test it's stuck on. Let me look at what subprocesses are running under test_plumb:
pgrep -P 6282 2>/dev/null | xargs -I{} ps -p {} -o pid=,command= 2>/dev/nullcat /tmp/plmb-037-step5b/test/fixtures/wiring_telemetry_source.plumb
(* Regression for PLMB-040 follow-up: agent@telemetry as chain source.
Before the fix, the pre-allocated wsp channel was treated as a phantom
process and raised "has no input channel". *)
use js
let smart : !string -> (!string, !json) = agent {
provider: "eliza"
model: "doctor"
prompt: "Answer"
}
let main : !string -> !string = plumb(input, output) {
input ; smart ; output
smart@telemetry ; Js.format ; output
}This is an agent pipeline with telemetry. The test passes empty stdin and expects exit 0. The issue is likely that the agent subprocess doesn't exit because:
1. The agent's data input gets EOF
2. But the telemetry socket has no EOF sender (it's the agent's responsibility to send EOF on telemetry when done)
3. The Js.format morphism never gets EOF on its input
4. The format morphism never exits, so the merge to output never completes
5. The main reader never sees EOF
The telemetry port flow: agent produces telemetry → bridge demux sends on telemetry PUSH socket → format_json's PULL socket → format_json sends to output. The bridge's demux sends EOF on the telemetry socket after the agent exits. But the agent might not exit because it has no input...
Wait, this test passes empty stdin. So:
1. stdin EOF → writer daemon sends EOF on input port
2. Bridge mux gets EOF → sends __eof to agent stdin on input port
3. Agent gets __eof, processes, and exits
4. Bridge demux gets EOF on stdout → sends EOF on all output sockets (data_out, ctrl_out, telemetry)
5. format_json gets EOF → sends EOF on output
6. Reader sees EOF → exits
But there are TWO paths to output: agent → output and agent@telemetry → format → output. The merge morphism for output would use Fiber.both and wait for BOTH inputs to complete. But only ONE of them (agent data_out → output) directly gets EOF. The other path (telemetry → format → output) gets EOF from the telemetry socket → format → output. Both paths should eventually get EOF.
Actually, the merger here might be a simple merge (two inputs, one output). Let me check the routing table for this fixture:
kill 6326 6282 6273 6271 2>/dev/null; sleep 1; rm -f /tmp/plmb-037-step5b/_build/.lock
cd /tmp/plmb-037-step5b && echo '' | nix develop --command sh -c 'PIPELINE_DEBUG=1 ./_build/default/bin/plumb/main.exe test/fixtures/wiring_telemetry_source.plumb' 2>&1 | head -40 & BGPID=$! sleep 5 kill $BGPID 2>/dev/null wait $BGPID 2>/dev/null
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
{"error":"config_error","category":"config","detail":"cannot find module js (searched test/fixtures and 0 library directories)"}The test is actually failing with a config error (can't find js module) — so it exits with code 2. But the test expects exit 0. The old Exec path must have handled this differently, or the test depends on the search path including stdlib.
Wait, the test is run through run_plumb which calls the binary with just the fixture path. The binary sets up search_path from Plumb.Stdlib_path.search_path(). In the old Exec path this was the same. Let me check if this test was actually passing before on main:
cd /Users/ww/src/plumbing && echo '' | nix develop --command sh -c './_build/default/bin/plumb/main.exe test/fixtures/wiring_telemetry_source.plumb' 2>&1; echo "exit: $?"
warning: Git tree '/Users/ww/src/plumbing' is dirty
{"error":"config_error","category":"config","detail":"cannot find module js (searched test/fixtures and 0 library directories)"}
exit:nix develop --command sh -c 'echo "" | ./_build/default/bin/plumb/main.exe test/fixtures/wiring_telemetry_source.plumb; echo "exit=$?"' 2>/dev/null
nix develop --command sh -c './_build/default/test/test_plumb.exe test "wiring telemetry"' 2>&1 | head -20
warning: Git tree '/Users/ww/src/plumbing' is dirty Invalid request (no tests to run, filter skipped everything)! Testing `plumb'. This run has ID `CO4ULYBB'.
nix develop --command sh -c 'time ./_build/default/test/test_plumb.exe' 2>&1 | tail -20
└──────────────────────────────────────────────────────────────────────────────┘
[exception] Unix.Unix_error(Unix.ENOENT, "create_process", "../bin/plumb/main.exe")
Raised by primitive operation at Unix.create_process_gen.(fun) in file "unix.ml", line 923, characters 15-68
Called from Stdlib__Fun.protect in file "fun.ml", line 34, characters 8-15
Re-raised at Stdlib__Fun.protect in file "fun.ml", line 39, characters 6-52
Called from Unix.create_process in file "unix.ml" (inlined), line 926, characters 2-66
Called from Dune__exe__Test_plumb.run_plumb in file "test/test_plumb.ml", lines 16-18, characters 12-40
Called from Dune__exe__Test_plumb.test_identity_passthrough in file "test/test_plumb.ml", line 50, characters 30-62
Called from Alcotest_engine__Core.Make.protect_test.(fun) in file "src/alcotest-engine/core.ml", line 186, characters 17-23
Called from Alcotest_engine__Monad.Identity.catch in file "src/alcotest-engine/monad.ml", line 24, characters 31-35
Logs saved to `~/src/plumbing/_build/_tests/plumb/identity via plumb.000.output'.
──────────────────────────────────────────────────────────────────────────────
Full test results in `~/src/plumbing/_build/_tests/plumb'.
87 failures! in 0.012s. 87 tests run.
real 0m0.022s
user 0m0.005s
sys 0m0.012sThe test_plumb test on main also doesn't work when run directly (same ENOENT for ../bin/plumb/main.exe). It only works through dune test. And it takes 0.022s (87 tests). So the test_plumb tests on main are instantaneous because the binary path is relative and they all fail with ENOENT.
Wait no — the full test suite passes via dune test. The ENOENT is only when running the binary directly from the wrong directory. Let me test through dune on main:
nix develop --command sh -c 'dune test --root=. -- test/test_plumb.exe' 2>&1 | tail -20
warning: Git tree '/Users/ww/src/plumbing' is dirty Error: "test/test_plumb.exe" does not match any known test.
nix develop --command sh -c 'time dune test --root=.' 2>&1 | tail -20
[OK] stop 0 stop via control. [OK] stop 1 stdin EOF sets stop. [OK] memory 0 get_memory empty history. [OK] memory 1 set_memory then get_memory. [OK] memory 2 set_memory empty clears history. [OK] memory 3 set_memory malformed rejected. [OK] pause 0 pause get set resume flow. [OK] pause 1 resume without pause is no-op. [OK] pause 2 stop while paused. [OK] pause 3 stdin EOF while paused. [OK] drain 0 drain completes protocol. [OK] drain 1 drain exits on stdin EOF. [OK] drain 2 drain handles memory without pause. Full test results in `~/src/plumbing/_build/default/test/_build/_tests/agent-control'. Test Successful in 9.414s. 13 tests run. real 0m14.365s user 0m19.814s sys 0m6.551s
14s on main for the full test suite. Now let me check if test_plumb runs in the worktree when the binary is in the right location. Let me run the tests via dune from the worktree:
cd /tmp/plmb-037-step5b && nix develop --command sh -c 'time dune test --root=.' 2>&1 | tail -30
Command running in background with ID: b797syoxw. Output is being written to: /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b797syoxw.output
sleep 120 && wc -l /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b797syoxw.output 2>/dev/null && tail -40 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b797syoxw.output 2>/dev/null
0 /private/tmp/claude-501/-Users-ww-src-plumbing/0e6b86b5-3d3c-4483-9c52-ce740324d2d9/tasks/b797syoxw.output
ww 9289 0.0 0.0 435308192 4864 ?? S 10:17AM 0:00.20 sh -c time dune test --root=. ww 9287 0.0 0.0 435308208 1184 ?? Ss 10:17AM 0:00.00 /bin/zsh -c source /Users/ww/.claude/shell-snapshots/snapshot-zsh-1773431411965-vq5jw6.sh && setopt NO_EXTENDED_GLOB 2>/dev/null || true && eval 'cd /tmp/plmb-037-step5b && nix develop --command sh -c '"'"'time dune test --root=.'"'"' 2>&1 < /dev/null | tail -30' && pwd -P >| /var/folders/s3/yz2d7zf14wq_rf8sm0xg6mkm0000gn/T/claude-b8fd-cwd ww 9339 0.0 0.0 435578432 4656 ?? S 10:17AM 0:00.08 /private/tmp/plmb-037-step5b/_build/default/bin/agent/main.exe /tmp/nix-shell.WDvAEn/build_f362ee_dune/agentpi_6bee64.plumb ww 9338 0.0 0.0 435582992 6080 ?? S 10:17AM 0:00.08 ../bin/plumb/main.exe fixtures/wiring_telemetry_source.plumb ww 9298 0.0 0.0 435565360 2128 ?? S 10:17AM 0:00.02 ./test_plumb.exe ww 9295 0.0 0.1 435620144 11952 ?? S 10:17AM 0:00.23 dune test --root=.
It's stuck on wiring_telemetry_source.plumb again. The binary is running and has spawned an agent subprocess (plumb-agent). The agent is alive.
The problem: this is an agent-based test and with the fabric, the agent subprocess hangs because it doesn't get properly shut down. Let me trace the issue:
input port__eof envelope to agent stdin on "input" portWait — the merge to output might use Fiber.both (regular merge) instead of first (merge_any). With regular merge, BOTH fibres must complete. But the data_out path and the telemetry → format → output path should both get EOF.
Actually, the test that hangs is wiring_telemetry_source.plumb which has empty input. With empty input, the agent gets EOF immediately and exits. The telemetry path might not produce any output but should still propagate EOF.
Let me check: does the bridge demux send EOF on the telemetry socket when the agent exits? Looking at the bridge code, the demux sends EOF on all output sockets after child stdout EOF:
Option.iter (fun sock ->
(try send_eof sock ~topic:binding.bd_name with _ -> ())
) telemetry_sock;
So yes, it sends EOF on telemetry. The format_json morphism should get this EOF and send EOF on its output. The merge to output should get EOF from both paths and exit.
But wait — let me check the routing table. The wiring smart@telemetry ; Js.format ; output creates a chain. The desugarer creates intermediate channels. Let me look at what process names get generated.
Actually, the issue might be that the agent subprocess is spawned but the bridge's stdin write thread is still blocking because stdin hasn't been closed. Let me look more carefully at what happens when empty input is provided.
With empty input:
- Writer daemon reads EOF from stdin → sends EOF on boundary input
- Bridge mux for data_in gets EOF → writes __eof to agent stdin on "input" port, sends ctrl stop
- Bridge mux_source_done decrements counter
- But: ctrl_in mux_source_done decrements counter (no ctrl socket → immediate)
Wait, the agent has has_control=true because the input type is (!string, !CtrlCmd). So there IS a ctrl_in socket. The routing table will have a ctrl_in route.
Actually no — looking at the wiring:
input ; smart ; output
smart@telemetry ; Js.format ; output
The desugarer creates: spawn smart(input, output) with telemetry. The smart agent has input type (!string, !CtrlCmd), so it expects 4+ channel arguments (input, ctrl_in, output, ctrl_out, telemetry). But the wiring only provides input and output plus smart@telemetry.
Hmm, the control channel is declared as let ctrl : !CtrlCmd = channel. Let me look at the actual main binding in the fixture:
let main : !string -> !string = plumb(input, output) {
input ; smart ; output
smart@telemetry ; Js.format ; output
}
This uses the use js which requires stdlib. But we saw it fails with "cannot find module js". So the binary should exit with error code 2 immediately. Why is it hanging?
Wait — let me check again. Earlier when I ran it manually from the wrong directory, it failed with the js error. But when dune runs it, the working directory is set to the test directory where the fixtures are. And use js might resolve if the stdlib is available.
kill $(pgrep -P 9298) 2>/dev/null; kill 9298 9295 9287 2>/dev/null; sleep 1; rm -f /tmp/plmb-037-step5b/_build/.lock
Let me check how this test runs under the old binary on main — it might also hang but we never noticed because the test suite happens to run other tests first:
nix develop --command sh -c 'cd _build/default/test && echo "" | ../bin/plumb/main.exe fixtures/wiring_telemetry_source.plumb; echo "exit=$?"' 2>/dev/null
On main, it exits with code 2 (error) immediately. Let me try the same with the worktree binary:
cd /tmp/plmb-037-step5b && nix develop --command sh -c 'cd _build/default/test && echo "" | ../bin/plumb/main.exe fixtures/wiring_telemetry_source.plumb 2>/dev/null; echo "exit=$?"'
It exits with code 2 immediately! So the test should pass (it expects exit 0, but the actual exit is 2). Wait, let me re-read the test:
let test_wiring_telemetry_source () =
let _stdout, _stderr, code = run_plumb "wiring_telemetry_source.plumb" "" in
Alcotest.(check int) "exit 0" 0 code
This expects exit 0 but gets exit 2. So the test should FAIL (not hang). But earlier, the process was running with an agent child.
Oh wait — I think the issue is that when run through dune, the stdlib path IS available (dune-site finds the stdlib). So use js resolves, the program loads, and then it actually runs the agent. On main, the old Exec executor handles shutdown properly. On my branch, the fabric-based executor hangs.
Let me check by running with the full dune test context:
cd /tmp/plmb-037-step5b && nix develop --command sh -c 'cd _build/default/test && echo "" | timeout 10 ../bin/plumb/main.exe fixtures/wiring_telemetry_source.plumb 2>&1; echo "exit=$?"'
warning: Git tree '/private/tmp/plmb-037-step5b' is dirty
{"error":"config_error","category":"config","detail":"cannot find module js (searched fixtures and 0 library directories)"}
exit=2Let me investigate the specific hanging test. Let me check which tests pass before the hang:
cd /tmp/plmb-037-step5b && nix develop --command sh -c 'cd _build/default/test && timeout 30 ./test_plumb.exe -v --filter "identity|copy-merge|barrier|project|direct|type|hetero|product|named|filter|map|wiring|tensor|_format|_parse|json algebraic"' 2>&1 | tail -30