Two hardening gaps in Store.appendVersion (src/store.zig:94-108):
log.lock(io, .exclusive) catch break :blk false; — on lock failure the write proceeds without the advisory lock; two processes can compute the same end_pos and interleave writePositionalAll, corrupting both diffs. Failing to acquire should either retry or skip the diff persist (versions still record, data_offset = null).- The diff data log is append-only forever: versions trimmed by
max_versions leave their diff bytes in the file, so the log grows monotonically across daemon lifetimes. A compaction pass (rewrite live ranges, fix offsets) or size-triggered truncation of orphaned ranges would bound it.
No deterministic failing test for either (cross-process lock contention / disk-growth-over-time) — enhancement filed per #550/#564 precedent.
Two hardening gaps in
Store.appendVersion(src/store.zig:94-108):log.lock(io, .exclusive) catch break :blk false;— on lock failure the write proceeds without the advisory lock; two processes can compute the sameend_posand interleavewritePositionalAll, corrupting both diffs. Failing to acquire should either retry or skip the diff persist (versions still record,data_offset = null).max_versionsleave their diff bytes in the file, so the log grows monotonically across daemon lifetimes. A compaction pass (rewrite live ranges, fix offsets) or size-triggered truncation of orphaned ranges would bound it.No deterministic failing test for either (cross-process lock contention / disk-growth-over-time) — enhancement filed per #550/#564 precedent.