fix: post wrs qodo-merge agent suggestions fixes

[NadavLevi]

Description

Closes: #XXXX

---

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

• read the contribution guide
• included the correct type prefix in the PR title, you can find examples of the prefixes below:
• confirmed ! in the type prefix if API or client breaking change
• targeted the main branch
• provided a link to the relevant issue or specification
• reviewed "Files changed" and left comments if necessary
• included the necessary unit and integration tests
• updated the relevant documentation or specification, including comments for documenting Go code
• confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

• confirmed the correct type prefix in the PR title
• confirmed all author checklist items have been addressed
• reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

[qodo-code-review]

Review Summary by Qodo

Fix error handling, epoch subscriptions, and optimize debug logging

🐞 Bug fix ✨ Enhancement

Walkthroughs

Description

• Replace panic calls with structured error logging in threadSafeRand
  - Invalid bounds and crypto/rand failures now return safe zero-values
  - Prevents uncontrolled crashes and internal error detail leakage
• Check pairingPurge in IsStaticProvider for epoch-boundary subscriptions
  - Providers in pairingPurge may still serve active WS subscriptions
  - Prevents misclassification after epoch transitions
• Stop ticker in PeriodicProbeProviders to prevent resource leak
  - Add defer ticker.Stop() to release underlying timer
• Skip per-candidate log allocations when debug disabled
  - Gate selectionProbabilities and logAttrs behind utils.IsDebugEnabled()
  - Eliminates O(n) allocations per relay in production

Diagram

flowchart LR
  A["threadSafeRand panic calls"] -->|"Replace with error logging"| B["Structured error handling"]
  C["IsStaticProvider check"] -->|"Add pairingPurge lookup"| D["Correct epoch-boundary classification"]
  E["PeriodicProbeProviders ticker"] -->|"Add defer Stop"| F["Resource leak prevention"]
  G["SelectProviderWithStats logs"] -->|"Gate with IsDebugEnabled"| H["Production allocation optimization"]

Loading

File Changes

1. protocol/lavasession/consumer_session_manager.go 🐞 Bug fix +13/-1

Fix epoch-boundary subscriptions and resource leak

• Extended IsStaticProvider to check pairingPurge map for providers from previous epoch
• Added defer ticker.Stop() in PeriodicProbeProviders to prevent timer resource leak
• Updated documentation to clarify handling of purged providers in subscriptions

protocol/lavasession/consumer_session_manager.go

---

2. protocol/provideroptimizer/weighted_selector.go ✨ Enhancement +34/-34

Gate debug log allocations behind debug flag

• Wrapped selectionProbabilities map and logAttrs slice construction in IsDebugEnabled() check
• Moved expensive per-candidate log payload building behind debug gate
• Eliminates O(n) allocations on every provider selection in production

protocol/provideroptimizer/weighted_selector.go

---

3. utils/lavalog.go ✨ Enhancement +7/-0

Add IsDebugEnabled utility function

• Added IsDebugEnabled() function to check if debug-level logging is active
• Provides utility for guarding expensive computations only needed for debug logs
• Compares defaultGlobalLogLevel against zerolog.DebugLevel

utils/lavalog.go

---

View more (1)

4. utils/rand/rand.go 🐞 Bug fix +18/-8

Replace panics with structured error logging

• Replaced all panic() calls with utils.LavaFormatError() for structured error logging
• Added safe zero-value returns (0 or 0.0) instead of panicking on invalid bounds or crypto/rand
 failures
• Affected methods: Intn, Float64, Uint32, Uint64, Int63, Int63n
• Added import for utils package

utils/rand/rand.go

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (1) 📎 Requirement gaps (0)

1. threadSafeRand swallows RNG errors ☑ 📘 Rule violation ⛯ Reliability

Description

threadSafeRand methods now log and return 0 on invalid bounds or crypto/rand failures, which
can silently produce incorrect/non-random outputs and mask bugs. The logs also omit the underlying
err, reducing debuggability for these failure points.

Code

utils/rand/rand.go[R45-52]

+		utils.LavaFormatError("Intn called with invalid bound", nil, utils.LogAttr("n", n))
+		return 0
  }
  maxVal := big.NewInt(int64(n))
  result, err := cryptorand.Int(cryptorand.Reader, maxVal)
  if err != nil {
-		panic("crypto/rand failed: " + err.Error())
+		utils.LavaFormatError("crypto/rand failure in Intn", nil)
+		return 0

Evidence

Compliance requires handling failure points with meaningful context and without silent failures. The
updated code replaces panics with LavaFormatError(...) and return 0, and for crypto/rand
failures does not include the actual err, making failures both silent to callers and lacking
actionable context.

Rule 3: Generic: Robust Error Handling and Edge Case Management
utils/rand/rand.go[45-52]
utils/rand/rand.go[114-121]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`threadSafeRand` methods (`Intn`, `Int63n`, and other RNG helpers changed similarly) now log errors and return `0`, which silently changes behavior and can cause incorrect randomness-dependent behavior. Additionally, `crypto/rand` failures are logged without the underlying `err`, reducing diagnostic value.
## Issue Context
These methods previously `panic`ed on invalid bounds and `crypto/rand` failures. If callers rely on correct randomness, returning `0` is a silent failure and can bias selection logic or conceal bugs.
## Fix Focus Areas
- utils/rand/rand.go[42-55]
- utils/rand/rand.go[62-66]
- utils/rand/rand.go[75-79]
- utils/rand/rand.go[88-92]
- utils/rand/rand.go[101-105]
- utils/rand/rand.go[111-124]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[codecov]

Codecov Report

❌ Patch coverage is 82.35294% with 6 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
protocol/lavasession/consumer_session_manager.go	20.00%	4 Missing ⚠️
utils/lavalog.go	0.00%	2 Missing ⚠️

Flag	Coverage Δ
consensus	8.71% <0.00%> (-0.01%)	⬇️
protocol	34.47% <87.50%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
protocol/provideroptimizer/weighted_selector.go	72.30% <100.00%> (+0.06%)	⬆️
utils/lavalog.go	14.90% <0.00%> (-0.10%)	⬇️
protocol/lavasession/consumer_session_manager.go	59.33% <20.00%> (-0.20%)	⬇️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Test Results

0 tests  ±0   0 ✅ ±0   0s ⏱️ ±0s
0 suites ±0   0 💤 ±0 
7 files   ±0   0 ❌ ±0 

Results for commit ecf6f5e. ± Comparison against base commit b2961ad.

♻️ This comment has been updated with latest results.