fix(client-shared): resolve High code-review findings (Client.Shared-005, Client.Shared-006)
Client.Shared-005: _activeDataSubscriptions (a plain Dictionary) and the _activeAlarmSubscription tuple were mutated from the caller thread, the keep-alive failover path, and DisconnectAsync with no synchronization, risking bucket corrosion / InvalidOperationException / lost entries. Added a dedicated _subscriptionLock and wrapped every read/write of that bookkeeping state inside it (Subscribe/Unsubscribe[Alarms]Async, Disconnect, Dispose, and the snapshot/clear/re-record steps of ReplaySubscriptionsAsync). Awaited adapter calls stay outside the lock so it is never held across I/O. Client.Shared-006: HandleKeepAliveFailureAsync had only a non-atomic state check guarding re-entry, so two bad keep-alives could each start a failover loop, racing to dispose/replace _session and double-replaying subscriptions. It now claims an atomic _failoverInProgress slot via Interlocked.CompareExchange; a re-entrant call returns immediately. The loop body moved to RunFailoverAsync, wrapped in try/finally that resets the flag. Tests: added KeepAliveFailure_ReentrantWhileFailoverInFlight_RunsFailoverOnce and SubscribeAndUnsubscribe_ConcurrentCalls_DoNotCorruptState regression tests; made the FakeSubscriptionAdapter / FakeSessionAdapter / FakeSessionFactory test doubles thread-safe (and added a CreateGate hook) so the concurrency tests exercise production locking rather than fake state. All 138 Client.Shared tests pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
@@ -12,15 +12,24 @@ internal sealed class FakeSessionFactory : ISessionFactory
|
||||
public bool ThrowOnCreate { get; set; }
|
||||
public string? LastEndpointUrl { get; private set; }
|
||||
|
||||
/// <summary>
|
||||
/// Optional gate that, when set, blocks <see cref="CreateSessionAsync" /> until completed.
|
||||
/// Lets tests hold a failover loop in-flight to exercise re-entrancy.
|
||||
/// </summary>
|
||||
public TaskCompletionSource? CreateGate { get; set; }
|
||||
|
||||
public IReadOnlyList<FakeSessionAdapter> CreatedSessions => _createdSessions;
|
||||
|
||||
public Task<ISessionAdapter> CreateSessionAsync(
|
||||
public async Task<ISessionAdapter> CreateSessionAsync(
|
||||
ApplicationConfiguration config, EndpointDescription endpoint, string sessionName,
|
||||
uint sessionTimeoutMs, UserIdentity identity, CancellationToken ct)
|
||||
{
|
||||
CreateCallCount++;
|
||||
LastEndpointUrl = endpoint.EndpointUrl;
|
||||
|
||||
if (CreateGate != null)
|
||||
await CreateGate.Task;
|
||||
|
||||
if (ThrowOnCreate)
|
||||
throw new InvalidOperationException("FakeSessionFactory configured to fail.");
|
||||
|
||||
@@ -39,7 +48,7 @@ internal sealed class FakeSessionFactory : ISessionFactory
|
||||
// Ensure endpoint URL matches
|
||||
session.EndpointUrl = endpoint.EndpointUrl;
|
||||
_createdSessions.Add(session);
|
||||
return Task.FromResult<ISessionAdapter>(session);
|
||||
return session;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
Reference in New Issue
Block a user