feat(mapper): add CUDA support

[danielbrodie]

Summary

• Recognize CUDA .cu/.cuh sources across standalone main() files, CMake add_executable/add_library (including the legacy FindCUDA cuda_add_executable/cuda_add_library commands), and autotools targets. Repositories containing CUDA sources are detected as cuda projects.
• Map source files that no build target owns into bounded, per-directory source groups, so loose C/C++/CUDA code is no longer skipped.
• Map CMakeLists.txt, CMakePresets.json, and configure.ac as config features.
• Emit conservative C/C++/CUDA validation commands only when the project declares them: a root Makefile check/test target, or a CMakePresets.json build workflow. No build command is invented.
• Derive a target's language tag from all of its owned sources so a mixed CMake or autotools target that lists both .cpp and .cu sources is tagged cuda with the concurrency trust boundary, even when its entry point is the host .cpp.
• Tag CUDA build targets and source groups with the concurrency trust boundary.
• When a reviewed feature owns .cu/.cuh sources, add a CUDA hazard checklist to the review prompt (default mode only) and the fix prompt: kernel races and synchronization, unchecked CUDA runtime calls, host/device pointer confusion, memory-access hazards, and device-memory leaks. Detection is by file extension so mixed host/device targets are covered.
• Findings map to the existing category enum; no schema change. Deslopify mode and --prompt-file are unaffected, and non-CUDA prompts are unchanged.
• Update README.md, docs/feature-mapping.md, and docs/code-review.md; add changelog entries under 0.4.1 - Unreleased.

Why

clawpatch's C/C++ mapper handles generic project shapes, and CUDA was not covered. This change maps CUDA projects and makes the review aware of CUDA-specific bug classes. The mapper updates follow the existing C/C++ patterns; the review prompt change reuses the reviewModeInstructions injection style with extension-based triggering so mixed host/device targets are caught.

Validation

• pnpm typecheck
• pnpm lint
• pnpm format:check
• pnpm test (736 passed, 1 skipped)
• pnpm build
• pnpm pack:smoke

Demonstration

To make the CUDA-aware mapping and review inspectable, here is the locally-built clawpatch run against a small demo CUDA project (one CMakeLists.txt plus src/main.cu, src/kernels.cu, src/kernels.cuh). The CMake target lists .cu and .cuh sources, and the demo carries deliberate textbook CUDA hazards.

clawpatch map and clawpatch review --provider codex output

$ clawpatch map
clawpatch map mapper-done mapper=c-cpp seeds=1 elapsed=0s
clawpatch map heuristic-done features=2 new=2 changed=0 stale=0
clawpatch map done features=2 usedAgent=false elapsed=0s
features: 2
new: 2
source: heuristic

$ clawpatch review --provider codex --limit 5 --jobs 2
clawpatch review feature-start index=1 total=2 feature=feat_cli-command_880f7190ad title=CMake binary saxpy_demo
clawpatch review feature-start index=2 total=2 feature=feat_config_f4646e3d82 title=Project config CMakeLists.txt
clawpatch review feature-done index=2 total=2 feature=feat_config_f4646e3d82 findings=1 elapsed=24s
clawpatch review feature-done index=1 total=2 feature=feat_cli-command_880f7190ad findings=4 elapsed=41s
clawpatch review done reviewed=2 findings=5

The four findings produced by codex on the CUDA binary feature, excerpted from clawpatch report:

• category: bug, confidence: high, evidence src/main.cu:30-32 and src/kernels.cu:3-5. "Kernel writes past the end for non-multiple block sizes. The launch rounds block count up for any n that is not an exact multiple of 256, but the kernel writes y[i] without checking i < n."
• category: bug, confidence: high, evidence src/main.cu:24-34. "CUDA runtime failures are ignored. cudaMalloc, cudaMemcpy, and the kernel launch are all used without checking return status or launch errors. Check every CUDA runtime call, check cudaGetLastError() immediately after the kernel launch, and call cudaDeviceSynchronize() before consuming results."
• category: bug, confidence: high, evidence src/main.cu:12-17 and src/main.cu:24-31. "User supplied n is not validated before size calculations. std::atoi silently accepts non-numeric input as 0 and negative values as negative integers."
• category: performance, confidence: high, evidence src/main.cu:22-25 and src/main.cu:40-42. "Device allocations are never freed. d_x and d_y are allocated with cudaMalloc but there are no matching cudaFree calls before the program returns."

Each finding maps to the existing category enum (bug, build-release, performance), and the binary feature carries the cuda tag with the concurrency trust boundary because its CMake target owns .cu and .cuh sources.

[clawsweeper]

Codex review: needs maintainer review before merge.

Latest ClawSweeper review: 2026-05-22 23:14 UTC / May 22, 2026, 7:14 PM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR adds CUDA-aware C/C++ mapping, loose C/C++/CUDA source groups, declared C/C++ validation defaults, CUDA prompt guidance, tests, docs, and changelog entries.

Reproducibility: not applicable. as a bug reproduction: this is a feature PR. Source inspection confirms current main lacks .cu/.cuh mapping and CUDA prompt guidance, and the PR body includes copied CLI output from a CUDA demo run.

PR rating
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Summary: Normal good PR quality: the patch is focused and tested, and the copied runtime output is enough proof, with validation-default policy risk left for maintainers.

Rank-up moves:

• Have maintainers explicitly accept or narrow the new C/C++ validation defaults before merge.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Sufficient (live_output): The PR body includes copied live CLI output from a locally built clawpatch run that maps and reviews a demo CUDA project and shows CUDA-aware findings.

Risk before merge

• Fresh or forced init for C/C++/CUDA projects can now persist make check, make test, ctest, or CMake preset validation commands, so existing projects may see new validation failures or long-running local commands during clawpatch fix after upgrade.
• The CUDA feature itself looks coherent, but accepting CUDA as a core mapper/review capability and accepting the declared C/C++ validation defaults are maintainer product decisions.

Maintainer options:

1. Accept declared validation defaults
   Maintainers can explicitly accept that C/C++/CUDA init may persist project-declared make or CMake preset commands for fix validation.
2. Gate or split validation defaults
   If that upgrade behavior is too broad, split CUDA mapping/prompt support from C/C++ validation defaults or add a narrower policy before merge.

Next step before merge
Maintainers need to decide whether the new declared C/C++ validation defaults are acceptable before ordinary merge; no automated repair is currently needed.

Security
Cleared: No dependency, workflow, secret, or supply-chain changes were found; the added local validation execution is bounded to project-declared commands.

Review details

Best possible solution:

Land the PR after maintainers explicitly accept or narrow the declared C/C++ validation defaults, preserving the all-owned-source CUDA tagging and narrowed Makefile behavior.

Do we have a high-confidence way to reproduce the issue?

Not applicable as a bug reproduction: this is a feature PR. Source inspection confirms current main lacks .cu/.cuh mapping and CUDA prompt guidance, and the PR body includes copied CLI output from a CUDA demo run.

Is this the best way to solve the issue?

Yes, with one maintainer policy decision. The implementation follows the existing mapper and prompt patterns, and the latest commits fix the mixed-target metadata path and narrow Makefile validation to declared targets.

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live CLI output from a locally built clawpatch run that maps and reviews a demo CUDA project and shows CUDA-aware findings.
• add rating: 🐚 platinum hermit: Current PR rating is 🐚 platinum hermit because proof is 🐚 platinum hermit, patch quality is 🐚 platinum hermit, and Normal good PR quality: the patch is focused and tested, and the copied runtime output is enough proof, with validation-default policy risk left for maintainers.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live CLI output from a locally built clawpatch run that maps and reviews a demo CUDA project and shows CUDA-aware findings.
• remove rating: 🦪 silver shellfish: Current PR rating is rating: 🐚 platinum hermit, so this older rating label is no longer current.
• remove status: 📣 needs proof: Current PR status label is status: 👀 ready for maintainer look.

Label justifications:

• P2: This is a normal-priority feature PR with focused mapper, prompt, docs, and test coverage but limited blast radius.
• merge-risk: 🚨 compatibility: The PR changes detected validation defaults for C/C++/CUDA projects, which can change upgrade behavior for existing workspaces.
• merge-risk: 🚨 availability: New detected validation commands can make fix validation fail, run slowly, or stall on projects whose declared build/test targets are expensive.
• rating: 🐚 platinum hermit: Current PR rating is 🐚 platinum hermit because proof is 🐚 platinum hermit, patch quality is 🐚 platinum hermit, and Normal good PR quality: the patch is focused and tested, and the copied runtime output is enough proof, with validation-default policy risk left for maintainers.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live CLI output from a locally built clawpatch run that maps and reviews a demo CUDA project and shows CUDA-aware findings.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live CLI output from a locally built clawpatch run that maps and reviews a demo CUDA project and shows CUDA-aware findings.

What I checked:

• Current main lacks CUDA source mapping: The current C/C++ mapper only recognizes .c/.cc/.cpp/.cxx and header extensions, so .cu/.cuh files are outside the existing mapper surface. (src/mappers/c-cpp.ts:35, 857d854ac8d0)
• Current main lacks CUDA prompt guidance: The current review prompt injects only the generic review-mode instructions; there is no CUDA-specific feature check or hazard block on main. (src/prompt.ts:207, 857d854ac8d0)
• PR head implements CUDA tags from all target sources: The PR head adds cuda to C/C++ path detection and targetLanguageTag returns cuda when any owned source is .cu or .cuh, covering mixed host/device targets. (src/mappers/shared.ts:421, eace83d36573)
• PR head narrows C/C++ validation defaults: The latest PR head only emits make check/make test when declared, or single CMake preset workflows, rather than inventing a generic build command. (src/detect.ts:697, eace83d36573)
• Regression coverage was added: The PR includes focused tests for legacy FindCUDA commands, CUDA language detection, concurrency tagging, mixed CMake targets, and declared Makefile validation behavior. (src/mapper.test.ts:11834, eace83d36573)
• Feature history provenance: git log --all --follow shows the generic C/C++ mapper originated in 5c94a30, with later current-main release/refactor history by Peter Steinberger around the mapper, detection, and prompt surfaces. (src/mappers/c-cpp.ts, 5c94a30cee9f)

Likely related people:

• Ilia Alshanetsky: Introduced the generic C/C++ feature mapper that this PR extends, based on git history for src/mappers/c-cpp.ts. (role: introduced behavior; confidence: high; commits: 5c94a30cee9f; files: src/mappers/c-cpp.ts, src/detect.ts)
• Peter Steinberger: Current line blame and file history show broad recent ownership of the released mapper, detection, and prompt implementation surfaces. (role: recent area contributor; confidence: high; commits: cdd58ac59213, 87c2da709a56, 709f6b5ac9e3; files: src/mappers/c-cpp.ts, src/detect.ts, src/prompt.ts)
• Daniel Pittman: Recently changed the prompt customization surface that this PR extends with CUDA-specific guidance. (role: adjacent owner; confidence: medium; commits: ea5d3b7a774a; files: src/prompt.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 857d854ac8d0.

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 🥚 common Sunspot Lint Imp

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 🥚 common.
Trait: polishes edge cases.
Image traits: location green-check meadow; accessory release bell; palette rose quartz and slate; mood patient; pose leaning over a miniature review desk; shell soft velvet shell; lighting clean product lighting; background quiet workflow signs.
Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Sunspot Lint Imp in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[danielbrodie]

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26316328315
• Updated: 2026-05-22T23:16:40.864Z