dohertj2/lmxopcua
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(scripted-alarms): resolve Medium code-review finding (Core.ScriptedAlarms-007)

Browse Source 
Reorder persist/update in ApplyAsync, ReevaluateAsync, and ShelvingCheckAsync:
SaveAsync is now called before the in-memory _alarms entry is advanced. A store
failure therefore leaves both the persisted and in-memory views at the prior state
rather than diverging, maintaining the invariant that startup recovery reflects
actual persisted state.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
2026-05-22 08:18:42 -04:00
parent cdaa0da45d
commit a0b3a4c8a7
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/Core/ZB.MOM.WW.OtOpcUa.Core.ScriptedAlarms/ScriptedAlarmEngine.cs
View File

@@ -238,8 +238,12 @@ public sealed class ScriptedAlarmEngine : IDisposable
try try
{ {
var result = op(state.Condition); var result = op(state.Condition);
_alarms[alarmId] = state with { Condition = result.State }; // Persist BEFORE updating in-memory so a store failure leaves both
// in-memory and persisted at the prior state rather than diverging.
// If SaveAsync throws the in-memory _alarms entry stays unchanged and
// the exception propagates to the caller. (Core.ScriptedAlarms-007)
await _store.SaveAsync(result.State, ct).ConfigureAwait(false); await _store.SaveAsync(result.State, ct).ConfigureAwait(false);
_alarms[alarmId] = state with { Condition = result.State };
if (result.Emission != EmissionKind.None) EmitEvent(state, result.State, result.Emission); if (result.Emission != EmissionKind.None) EmitEvent(state, result.State, result.Emission);
} }
finally { _evalGate.Release(); } finally { _evalGate.Release(); }
@@ -279,8 +283,10 @@ public sealed class ScriptedAlarmEngine : IDisposable
state, state.Condition, _clock(), ct).ConfigureAwait(false); state, state.Condition, _clock(), ct).ConfigureAwait(false);
if (!ReferenceEquals(newState, state.Condition)) if (!ReferenceEquals(newState, state.Condition))
{ {
_alarms[id] = state with { Condition = newState }; // Persist before updating in-memory so a store failure leaves
// both sides at the prior state. (Core.ScriptedAlarms-007)
await _store.SaveAsync(newState, ct).ConfigureAwait(false); await _store.SaveAsync(newState, ct).ConfigureAwait(false);
_alarms[id] = state with { Condition = newState };
} }
} }
} }
@@ -422,8 +428,10 @@ public sealed class ScriptedAlarmEngine : IDisposable
var result = Part9StateMachine.ApplyShelvingCheck(state.Condition, now); var result = Part9StateMachine.ApplyShelvingCheck(state.Condition, now);
if (!ReferenceEquals(result.State, state.Condition)) if (!ReferenceEquals(result.State, state.Condition))
{ {
_alarms[id] = state with { Condition = result.State }; // Persist before updating in-memory so a store failure leaves
// both sides at the prior state. (Core.ScriptedAlarms-007)
await _store.SaveAsync(result.State, ct).ConfigureAwait(false); await _store.SaveAsync(result.State, ct).ConfigureAwait(false);
_alarms[id] = state with { Condition = result.State };
if (result.Emission != EmissionKind.None) if (result.Emission != EmissionKind.None)
EmitEvent(state, result.State, result.Emission); EmitEvent(state, result.State, result.Emission);
} }