flow: crash recovery — store export/import + resumable scan + 8 tests (Phase 3 complete)

Records are name-keyed (defflow registers names); flow-store-export nulls live procs to plain data, flow-store-import! restores, flow-resumable-ids scans for paused flows. Resume re-resolves the proc by name, so a flow survives a wiped store (simulated restart). The whole durable model persists only plain data. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-06 17:25:47 +00:00
parent e896deffc8
commit 97c7623743
7 changed files with 108 additions and 22 deletions
--- a/plans/flow-on-sx.md
+++ b/plans/flow-on-sx.md
@@ -16,7 +16,7 @@ federation extension via fed-sx for remote-node execution.

 ## Status (rolling)

-`bash lib/flow/conformance.sh` → **66/66** (Phases 1-2 done; Phase 3 suspend/resume/cancel done, crash-recovery next)
+`bash lib/flow/conformance.sh` → **74/74** (Phases 1-3 done; Phase 4 fed-sx next)

 ## Ground rules

@@ -104,7 +104,11 @@ lib/flow/spec.sx           lib/flow/runtime.sx          lib/flow/store.sx
  result on completion, `(flow-suspended id tag)` on a further suspend.
 - [x] `(flow/cancel id)` — mark cancelled; a later resume is rejected (stale replay
  cannot wake a cancelled flow).
- [ ] crash recovery — on restart, scan store for paused flows, mark resumable
+- [x] crash recovery — `flow-store-export` (procs nulled → plain data),
+  `flow-store-import!`, `flow-resumable-ids`. Records are name-keyed; resume
+  re-resolves the proc by name (defflow registers names), so a flow survives a
+  wiped store. `tests/recovery.sx`, 8 cases (export/wipe/import, resumable scan,
+  restart-at-every-step, replay-log survival).
 - [x] `lib/flow/tests/suspend.sx` — 17 cases: start/resume/cancel, multi-step,
  replay determinism, lifecycle guards, suspend-in-branch
 - Harness: `flow-run` now reuses one env with a per-test reset (building the full