Leberkas-org
diff --git a/‎.maggus/COMMIT.md‎
Lines changed: 12 additions & 16 deletions b/‎.maggus/COMMIT.md‎
Lines changed: 12 additions & 16 deletions
diff --git a/‎.maggus/features/feature_023_completed.md‎
Lines changed: 0 additions & 399 deletions b/‎.maggus/features/feature_023_completed.md‎
Lines changed: 0 additions & 399 deletions
diff --git a/‎.maggus/features/feature_038.md‎
Lines changed: 227 additions & 0 deletions b/‎.maggus/features/feature_038.md‎
Lines changed: 227 additions & 0 deletions
@@ -1,21 +1,17 @@
-# TASK-023-009: Verification Gate – Integration Test Depth Feature 023
+# TASK-038-001: Fix RedirectBidiStage — Transaction Guard + _inFlightCount Decrement
 
-Fixed `Error-H10-003` test and aligned H10 decoder behavior with RFC 1945 §7.2.2:
-Content-Length mismatch on abrupt close now throws instead of returning truncated body.
+Added `_redirectTransactionActive` guard to `RedirectBidiStage` and corrected `_inFlightCount`
+decrement ordering across redirect hops so that `TryCompleteIfDone` Case 2 fires reliably.
 
-- Updated `Http10Decoder`: added `_pendingContentLength` tracking and `IsWaitingForContentLength`
-  property; `TryDecodeEof` throws `HttpDecoderException` on Content-Length mismatch
-  (only when `body.Length > 0`, preserving HEAD response semantics)
-- Updated `Http10DecoderStage`: abrupt close (`TlsCloseKind.AbruptClose`) with
-  `IsWaitingForContentLength` → `FailStage`; `onUpstreamFinish` catches decoder exceptions
-- Updated `10_DecoderStateTests.cs`: ST-001/ST-004 use HTTP/0.9 (body-until-EOF) pattern;
-  added ST-014 for Content-Length mismatch throw behavior
-- Updated `ErrorHandlingIntegrationTests.cs`: Error-H10-003 updated to expect exception
-  instead of truncated body (new correct behavior)
+- Added `_redirectTransactionActive` bool field to `Logic` (mirrors `RetryBidiStage` pattern)
+- Redirect path in `onPush(InResponse)` now uses atomic transaction:
+  enqueue → TryEmitRedirect → `_inFlightCount--` → TryPullResponse → guard off → TryCompleteIfDone
+- `TryCompleteIfDone()` returns early when `_redirectTransactionActive == true`, preventing
+  premature Out1 completion mid-redirect transaction
+- Catch blocks for `ProtocolDowngrade` and `MaxRedirects` do NOT set the guard (non-redirect paths)
+- Added `BidiFlowFeedbackRaceTests.cs` with 4 regression tests (BidiLoop-001 through BidiLoop-004)
 
 Verified:
 - Build: 0 errors, 0 warnings
-- Unit tests: 3652/3652 pass
-- Stream tests: 810/810 pass
-- H10 ErrorHandling: 17/17 pass
-- H10 Resilience: 8/8 pass
+- Stream tests: 835/835 pass (BidiLoop-001..004 all green)
+- Roslyn get_diagnostics on RedirectBidiStage.cs: 0 errors
@@ -0,0 +1,227 @@
+<!-- maggus-id: c8e2153f-8a3d-4426-9fe3-e1772768458a -->
+# Feature 038: Fix BidiFlow Feedback Race + Http1XCorrelation Back-Pressure
+
+## Introduction
+
+Two correctness bugs in the Streams layer that both cause request-ordering violations under certain conditions.
+
+**Bug A — `RedirectBidiStage` `_inFlightCount` leak:** Every redirect hop inflates `_inFlightCount` by 1 because the redirect path in `onPush(InResponse)` does not decrement the counter for the consumed original request, while `TryEmitRedirect` still increments it for the new redirect request. The result is that `TryCompleteIfDone` Case 2 (all in-flight resolved) never fires — the stream can only complete via Case 1 (InResponse upstream closed). In production, where the response inlet is long-lived, this risks the feature BidiFlow chain not completing cleanly after a redirect chain finishes. No `_retryTransactionActive`-style guard exists to protect the intermediate state.
+
+**Bug C — `Http1XCorrelationStage` back-pressure violation:** `_pipelineUnlocked` is permanently set to `true` after the first request-response pair, allowing unlimited requests to queue in `_pending` without waiting for responses. The `InReset` inlet intended to reset this flag is wired to `Source.Empty<NotUsed>()` in both engines and never fires. This violates RFC 9112 §9 (strictly ordered request-response pairs on a single HTTP/1.x connection).
+
+### Architecture Context
+
+- **Vision alignment:** Correctness is a prerequisite for performance and reliability.
+- **Components involved:** `Streams/Stages/Features/RedirectBidiStage.cs`, `Streams/Stages/Routing/Http1XCorrelationStage.cs`, `Streams/Http10Engine.cs`, `Streams/Http11Engine.cs`, `StreamTests/Concurrency/BidiFlowFeedbackRaceTests.cs` (already written, untracked).
+- **No new components introduced** — pure correctness fixes within existing stages.
+- **Architecture boundary respected:** No changes to Protocol, Transport, or Client layers.
+
+---
+
+## Goals
+
+- `RedirectBidiStage._inFlightCount` stays stable across redirect hops — Case 2 completion works correctly.
+- `RetryBidiStage` and `RedirectBidiStage` share the same transaction-guard pattern for in-flight tracking.
+- `Http1XCorrelationStage` enforces strict one-request-in-flight semantics per RFC 9112 §9.
+- `InReset` inlet and all associated dead code removed from `Http1XCorrelationStage`, `Http10Engine`, `Http11Engine`.
+- `BidiFlowFeedbackRaceTests.cs` (already written) passes and is committed as regression coverage for Bug A.
+- Four new back-pressure tests for Bug C pass deterministically.
+
+---
+
+## Tasks
+
+### TASK-038-001: Fix RedirectBidiStage — Transaction Guard + _inFlightCount Decrement
+
+**Description:** As the HTTP runtime, I want `RedirectBidiStage` to manage `_inFlightCount` correctly across redirect hops so that `TryCompleteIfDone` Case 2 fires reliably and the stage matches the proven `RetryBidiStage` pattern.
+
+**Token Estimate:** ~40k tokens
+**Predecessors:** none
+**Successors:** TASK-038-005
+**Parallel:** yes — can run alongside TASK-038-002
+
+**Acceptance Criteria:**
+- [x] New field `_redirectTransactionActive` (bool) added to `Logic`.
+- [x] Redirect path in `onPush(InResponse)` updated to:
+  ```csharp
+  _redirectTransactionActive = true;
+  _readyRedirects.Enqueue(newRequest);
+  TryEmitRedirect();
+  _inFlightCount--;
+  TryPullResponse();
+  _redirectTransactionActive = false;
+  TryCompleteIfDone();
+  ```
+- [x] `TryCompleteIfDone()` has `if (_redirectTransactionActive) return;` as its first statement.
+- [x] Same guard applied in the `ProtocolDowngrade` and `MaxRedirects` catch blocks (both already call `TryCompleteIfDone` via the non-redirect path — verify no guard needed there, i.e., `_redirectTransactionActive` is only ever `true` in the redirect sub-path).
+- [x] `BidiFlowFeedbackRaceTests.cs` (untracked file at `src/TurboHttp.StreamTests/Concurrency/BidiFlowFeedbackRaceTests.cs`) is included in the `TurboHttp.StreamTests` project and all 4 tests pass:
+  - `BidiLoop-001` — 200 concurrent redirect instances all complete
+  - `BidiLoop-002` — retry storm bounded by MaxRetries
+  - `BidiLoop-003` — In1 closed during retry cycle
+  - `BidiLoop-004` — redirect + slow downstream liveness
+- [x] `Roslyn MCP get_diagnostics` on `RedirectBidiStage.cs` returns zero errors.
+- [x] No changes to `RetryBidiStage.cs`, `CacheBidiStage.cs`, or any other stage.
+
+---
+
+### TASK-038-002: Rewrite Http1XCorrelationStage — Strict One-Request-In-Flight
+
+**Description:** As the HTTP runtime, I want `Http1XCorrelationStage` to enforce strict HTTP/1.x back-pressure so that only one request is in-flight at a time on a connection, matching RFC 9112 §9.
+
+**Token Estimate:** ~80k tokens
+**Predecessors:** none
+**Successors:** TASK-038-003, TASK-038-004
+**Parallel:** yes — can run alongside TASK-038-001
+
+**Acceptance Criteria:**
+- [ ] `Http1XCorrelationShape` loses the `InReset` inlet: shape becomes 2 inlets (`InRequest`, `InResponse`) + 2 outlets (`OutResponse`, `OutControl`).
+- [ ] `_inReset` field removed from `Http1XCorrelationStage`.
+- [ ] Internal `Logic` state simplified to:
+  - `_inFlightRequest`: `HttpRequestMessage?` — the one pending request, or `null`.
+  - `_requestUpstreamFinished`, `_responseUpstreamFinished`: completion booleans (unchanged if present).
+- [ ] `_pending` queue, `_waiting` queue, and `_pipelineUnlocked` flag are all removed.
+- [ ] Back-pressure contract enforced:
+  - A new request is pulled from `InRequest` only when `_inFlightRequest == null`.
+  - When a request arrives on `InRequest`, it is stored in `_inFlightRequest` and `StreamAcquireItem` is emitted on `OutControl`. The stage does NOT pull another request.
+  - When a response arrives on `InResponse`, it is matched to `_inFlightRequest`, pushed on `OutResponse`, and `_inFlightRequest` is set to `null`. Only then is the next request pulled.
+- [ ] `PreStart()` removed (no longer needs to pull `_inReset`).
+- [ ] `onPull(OutResponse)` pulls `InResponse` and pulls `InRequest` only if `_inFlightRequest == null`.
+- [ ] Completion logic: stage completes only when both upstreams finish and `_inFlightRequest == null`.
+- [ ] `Roslyn MCP get_diagnostics` on `Http1XCorrelationStage.cs` returns zero errors.
+- [ ] Existing stream tests that cover correlation still pass (run `dotnet test --project TurboHttp.StreamTests/TurboHttp.StreamTests.csproj`).
+
+---
+
+### TASK-038-003: Remove Dead InReset Wiring from Http10Engine and Http11Engine
+
+**Description:** As a developer, I want the dead `Source.Empty<NotUsed>()` InReset wiring removed from both engine graphs so that no misleading dead code remains.
+
+**Token Estimate:** ~20k tokens
+**Predecessors:** TASK-038-002
+**Successors:** TASK-038-004
+**Parallel:** no
+**Model:** haiku
+
+**Acceptance Criteria:**
+- [ ] `Http10Engine.cs`: `var resetSrc = b.Add(Source.Empty<NotUsed>());` and `b.From(resetSrc).To(correlation.InReset);` removed.
+- [ ] `Http11Engine.cs`: same two lines removed.
+- [ ] `Grep` for `InReset`, `_inReset` across the solution returns zero results.
+- [ ] `dotnet build --configuration Release ./src/TurboHttp.sln` succeeds with zero errors.
+
+---
+
+### TASK-038-004: Add Http1XCorrelation Back-Pressure Stream Tests
+
+**Description:** As a developer, I want deterministic stream tests that verify the one-request-at-a-time back-pressure contract so that regressions are caught in CI.
+
+**Token Estimate:** ~70k tokens
+**Predecessors:** TASK-038-002, TASK-038-003
+**Successors:** TASK-038-005
+**Parallel:** no
+
+**Acceptance Criteria:**
+- [ ] Test file: `TurboHttp.StreamTests/RFC9112/08_Http1XCorrelationBackPressureTests.cs`.
+- [ ] **Test `bp-001` — Serial ordering:** Send 3 requests sequentially. Verify each response is delivered in FIFO order and no second request is pushed to the encoder before the first response arrives.
+- [ ] **Test `bp-002` — Back-pressure gate:** Provide 2 requests simultaneously at `InRequest`. Verify only the first request flows to `OutControl` (`StreamAcquireItem` emitted once). The second request is NOT pulled until the first response is delivered on `InResponse`.
+- [ ] **Test `bp-003` — Upstream completion mid-flight:** Send 1 request, complete `InRequest` upstream before response arrives. Verify stage does not complete prematurely; stage completes only after the response is forwarded.
+- [ ] **Test `bp-004` — Response without in-flight request:** Regression guard — verify defined behavior (error or ignore) when a response arrives with `_inFlightRequest == null`.
+- [ ] Each test uses `DisplayName("RFC9112-correlation-bp-NNN: ...")` and `[Fact(Timeout = 5000)]`.
+- [ ] No `Thread.Sleep`. Akka.Streams test probes used for all synchronization.
+- [ ] All 4 tests green on a clean run.
+
+---
+
+### TASK-038-005: Verification Gate
+
+**Description:** As the build system, I want a full clean build and test run to confirm feature 038 leaves the codebase green.
+
+**Token Estimate:** ~15k tokens
+**Predecessors:** TASK-038-001, TASK-038-003, TASK-038-004
+**Successors:** none
+**Parallel:** no
+**Model:** haiku
+
+**Acceptance Criteria:**
+- [ ] `dotnet build --configuration Release ./src/TurboHttp.sln` — zero errors, zero new warnings.
+- [ ] `dotnet test --project TurboHttp.StreamTests/TurboHttp.StreamTests.csproj` — all tests pass.
+- [ ] `dotnet test --project TurboHttp.Tests/TurboHttp.Tests.csproj` — all tests pass.
+- [ ] `dotnet test --project TurboHttp.IntegrationTests/TurboHttp.IntegrationTests.csproj` — green (pre-existing failures only, documented).
+- [ ] `Grep` for `_pipelineUnlocked`, `_inReset`, `InReset`, `_pending` in `Http1XCorrelationStage.cs` returns zero results.
+- [ ] `Grep` for `Source.Empty<NotUsed>()` in `Http10Engine.cs` and `Http11Engine.cs` returns zero results (or only unrelated usages).
+- [ ] `BidiLoop-001` through `BidiLoop-004` pass in `BidiFlowFeedbackRaceTests`.
+- [ ] `bp-001` through `bp-004` pass in `Http1XCorrelationBackPressureTests`.
+
+---
+
+## Task Dependency Graph
+
+```
+TASK-038-001 ──────────────────────────────────────────────┐
+                                                            ▼
+TASK-038-002 ──→ TASK-038-003 ──→ TASK-038-004 ──→ TASK-038-005
+```
+
+| Task | Estimate | Predecessors | Parallel | Model |
+|------|----------|--------------|----------|-------|
+| TASK-038-001 | ~40k | none | yes (with 002) | — |
+| TASK-038-002 | ~80k | none | yes (with 001) | — |
+| TASK-038-003 | ~20k | 002 | no | haiku |
+| TASK-038-004 | ~70k | 002, 003 | no | — |
+| TASK-038-005 | ~15k | 001, 003, 004 | no | haiku |
+
+**Total estimated tokens:** ~225k
+
+---
+
+## Functional Requirements
+
+- **FR-1:** `RedirectBidiStage._inFlightCount` MUST be decremented exactly once per consumed response (including redirect responses). A redirect response consumed internally must decrement the counter before `TryEmitRedirect` increments it for the outgoing redirect request.
+- **FR-2:** `RedirectBidiStage.TryCompleteIfDone()` MUST return early when `_redirectTransactionActive == true`, matching the `RetryBidiStage._retryTransactionActive` pattern.
+- **FR-3:** `Http1XCorrelationStage` MUST NOT pull a second request from `InRequest` until the first response has been pushed on `OutResponse`.
+- **FR-4:** `Http1XCorrelationStage` shape MUST have exactly 2 inlets and 2 outlets after the fix. `InReset` is removed.
+- **FR-5:** `Http1XCorrelationStage` MUST emit exactly one `StreamAcquireItem` on `OutControl` per in-flight request.
+- **FR-6:** Stage completion: `Http1XCorrelationStage` MAY complete only when both `InRequest` and `InResponse` are finished AND `_inFlightRequest == null`.
+- **FR-7:** No mutable queue collections (`Queue<T>`) remain in `Http1XCorrelationStage.Logic`.
+
+---
+
+## Non-Goals
+
+- No HTTP/1.1 pipelining support — strict serial order is the correct default.
+- No changes to `ConnectionReuseStage`, `ExtractOptionsStage`, or `ConnectionStage`.
+- No changes to `RetryBidiStage`, `CacheBidiStage`, or any other feature stage.
+- No Protocol or Transport layer changes.
+- No performance benchmarks — these are correctness fixes.
+- No changes to HTTP/2 or HTTP/3 correlation stages.
+
+---
+
+## Technical Considerations
+
+- **Akka.Streams single-threaded-per-stage guarantee:** No synchronization primitives needed inside stage logic — `OnPush`/`OnPull` handlers run sequentially.
+- **`_redirectTransactionActive` scope:** The guard only needs to be active during the redirect sub-path of `onPush(InResponse)`. The `ProtocolDowngrade` and `MaxRedirects` catch blocks follow the non-redirect (pass-through) path and do not need the guard.
+- **`StreamAcquireItem` emission:** With the new model, every request arrival emits one `StreamAcquireItem` (one in-flight at a time). Verify this does not break `ConnectionStage` handling — the stage already handles one `StreamAcquireItem` per request, so this is unchanged behavior.
+- **`BidiFlowFeedbackRaceTests.cs`:** Already fully written and untracked at `src/TurboHttp.StreamTests/Concurrency/BidiFlowFeedbackRaceTests.cs`. TASK-038-001 must include it in the project (add to `.csproj` if needed or verify it is auto-included via glob).
+
+**Critical files:**
+- `src/TurboHttp/Streams/Stages/Features/RedirectBidiStage.cs` — Bug A fix
+- `src/TurboHttp/Streams/Stages/Routing/Http1XCorrelationStage.cs` — Bug C rewrite
+- `src/TurboHttp/Streams/Http10Engine.cs` — remove 2 lines
+- `src/TurboHttp/Streams/Http11Engine.cs` — remove 2 lines
+- `src/TurboHttp.StreamTests/Concurrency/BidiFlowFeedbackRaceTests.cs` — commit (already written)
+- `src/TurboHttp.StreamTests/RFC9112/08_Http1XCorrelationBackPressureTests.cs` — new file
+
+---
+
+## Success Metrics
+
+- Zero `_redirectTransactionActive`-unguarded `TryCompleteIfDone` calls in the redirect sub-path.
+- Zero `_pipelineUnlocked` / `InReset` / queue references in `Http1XCorrelationStage.cs` after the fix.
+- All 4 `BidiLoop-*` and all 4 `bp-*` tests pass deterministically on 10 consecutive runs.
+- Full build green with zero new compiler warnings.
+
+---
+
+## Open Questions
+
+*(none — all resolved during brainstorming)*