fix(site-runtime): resolve SiteRuntime-017..019 — isolated attribute snapshot for child actors, corrected dispatcher doc, remove dead lifecycle handlers
This commit is contained in:
Joseph Doherty
@@ -8,7 +8,7 @@
|
||||
| Last reviewed | 2026-05-17 |
|
||||
| Reviewer | claude-agent |
|
||||
| Commit reviewed | `39d737e` |
|
||||
| Open findings | 3 |
|
||||
| Open findings | 0 |
|
||||
|
||||
## Summary
|
||||
|
||||
@@ -44,7 +44,8 @@ dictionary is handed by reference into child `ScriptActor`/`AlarmActor`
|
||||
constructors (SiteRuntime-017, Medium); a stale `ScriptExecutionActor` XML doc
|
||||
that still claims a "dedicated blocking I/O dispatcher" (SiteRuntime-018, Low);
|
||||
and two dead lifecycle handlers in `InstanceActor` that the Deployment Manager
|
||||
never routes to (SiteRuntime-019, Low). Open findings: 3.
|
||||
never routes to (SiteRuntime-019, Low). All three were subsequently resolved on
|
||||
2026-05-17. Open findings: 0.
|
||||
|
||||
## Checklist coverage
|
||||
|
||||
@@ -758,7 +759,7 @@ green.
|
||||
|--|--|
|
||||
| Severity | Medium |
|
||||
| Category | Concurrency & thread safety |
|
||||
| Status | Open |
|
||||
| Status | Resolved |
|
||||
| Location | `src/ScadaLink.SiteRuntime/Actors/InstanceActor.cs:625`, `src/ScadaLink.SiteRuntime/Actors/InstanceActor.cs:675`, `src/ScadaLink.SiteRuntime/Actors/ScriptActor.cs:83`, `src/ScadaLink.SiteRuntime/Actors/AlarmActor.cs:93` |
|
||||
|
||||
**Description**
|
||||
@@ -800,7 +801,18 @@ private dictionary to seed from.
|
||||
|
||||
**Resolution**
|
||||
|
||||
_Unresolved._
|
||||
Resolved 2026-05-17 (`commit pending`): root cause confirmed — `CreateChildActors`
|
||||
captured the live `_attributes` field directly in every child `Props.Create`
|
||||
closure. `CreateChildActors` now takes a single `new Dictionary<string,object?>(_attributes)`
|
||||
snapshot on the Instance Actor thread and hands each `ScriptActor`/`AlarmActor` that
|
||||
private copy, so no child constructor ever enumerates a dictionary the Instance
|
||||
Actor is concurrently mutating. Regression test:
|
||||
`InstanceActorChildAttributeRaceTests.ChildActors_AreSeededFromAnIsolatedCopy_NotTheLiveAttributesDictionary`
|
||||
asserts every child's seed dictionary is a distinct object from the Instance
|
||||
Actor's live `_attributes` (confirmed to fail — "seeded ... by reference" — against
|
||||
the pre-fix code and pass after). `ScriptActor`/`AlarmActor` expose an internal
|
||||
`SeedAttributesReference` for this assertion (`InternalsVisibleTo` added for the
|
||||
test project).
|
||||
|
||||
### SiteRuntime-018 — `ScriptExecutionActor` XML doc still claims a "dedicated blocking I/O dispatcher"
|
||||
|
||||
@@ -808,7 +820,7 @@ _Unresolved._
|
||||
|--|--|
|
||||
| Severity | Low |
|
||||
| Category | Documentation & comments |
|
||||
| Status | Open |
|
||||
| Status | Resolved |
|
||||
| Location | `src/ScadaLink.SiteRuntime/Actors/ScriptExecutionActor.cs:17` |
|
||||
|
||||
**Description**
|
||||
@@ -835,7 +847,13 @@ comment already present at `ScriptExecutionActor.cs:71-73`.
|
||||
|
||||
**Resolution**
|
||||
|
||||
_Unresolved._
|
||||
Resolved 2026-05-17 (`commit pending`): root cause confirmed — the stale
|
||||
"Runs on a dedicated blocking I/O dispatcher" line in the `ScriptExecutionActor`
|
||||
class summary was missed when SiteRuntime-009 was resolved. The summary now states
|
||||
the actual model: the actor and its mailbox run on the default Akka dispatcher and
|
||||
only the script body is dispatched onto the dedicated `ScriptExecutionScheduler`
|
||||
(SiteRuntime-009). Documentation-only change with no observable behaviour, so no
|
||||
regression test was added; the existing suite continues to pass.
|
||||
|
||||
### SiteRuntime-019 — Dead `DisableInstanceCommand` / `EnableInstanceCommand` handlers in `InstanceActor`
|
||||
|
||||
@@ -843,7 +861,7 @@ _Unresolved._
|
||||
|--|--|
|
||||
| Severity | Low |
|
||||
| Category | Correctness & logic bugs |
|
||||
| Status | Open |
|
||||
| Status | Resolved |
|
||||
| Location | `src/ScadaLink.SiteRuntime/Actors/InstanceActor.cs:106`, `src/ScadaLink.SiteRuntime/Actors/InstanceActor.cs:113` |
|
||||
|
||||
**Description**
|
||||
@@ -873,4 +891,14 @@ reserved placeholder — but removal is preferred.
|
||||
|
||||
**Resolution**
|
||||
|
||||
_Unresolved._
|
||||
Resolved 2026-05-17 (`commit pending`): re-verified as genuinely dead code — a
|
||||
codebase-wide search confirms `DisableInstanceCommand`/`EnableInstanceCommand` are
|
||||
only ever sent (from central) to the site `DeploymentManagerActor`, whose
|
||||
`HandleDisable`/`HandleEnable` own the lifecycle entirely (`Context.Stop` /
|
||||
`CreateInstanceActor`) and never `Forward`/`Tell` the command to the Instance
|
||||
Actor. The two unreachable `Receive<...>` registrations and their no-op
|
||||
"success" handler bodies were removed from `InstanceActor`, replaced with a comment
|
||||
stating the Deployment Manager owns this lifecycle. Regression test:
|
||||
`InstanceActorTests.InstanceActor_DoesNotHandleDisableOrEnableCommands` asserts the
|
||||
Instance Actor produces no `InstanceLifecycleResponse` for either command
|
||||
(confirmed to fail against the pre-fix dead handlers and pass after removal).
|
||||
|
||||
Reference in New Issue
Block a user