Skip to content

fix(database): drop .failed state so clean health-monitor teardown stops alerting connection lost#1147

Merged
datlechin merged 1 commit into
mainfrom
fix/health-monitor-clean-cancellation
May 9, 2026
Merged

fix(database): drop .failed state so clean health-monitor teardown stops alerting connection lost#1147
datlechin merged 1 commit into
mainfrom
fix/health-monitor-clean-cancellation

Conversation

@datlechin

@datlechin datlechin commented May 9, 2026

Copy link
Copy Markdown
Member

Summary

  • ConnectionHealthMonitor.attemptReconnect no longer transitions to .failed after the while !Task.isCancelled loop exits. Loop exit means cancellation, which is clean teardown initiated by stopMonitoring(). The post-loop transition is replaced with a debug log and a plain return.
  • HealthState.failed is removed entirely. It was unreachable through any non-cancellation code path.
  • resetAfterManualReconnect() is removed: zero callers, and its only purpose was resetting from .failed.
  • DatabaseManager+Health.swift drops the case .failed: arm that wrote session.status = .error("Connection lost") and called clearCachedData().
  • The logLevel(for:) helper drops its dead .failed branch.

Net diff: +8 / -26.

Why this matters

This is bug R1 from the full-app audit. When the user closes the last window for a connection while the health monitor is in reconnect backoff, stopMonitoring() cancels the task. The reconnect loop exits cleanly, falls past the loop body, and unconditionally transitions to .failed. The session-level observer treats .failed as a real error, alerts the user that the connection was lost, and wipes cached schema/result data. The user's window-close action looks like a connection failure, and any concurrent session reuse can lose its cached data.

Removing .failed rather than guarding the transition is the correct cleanup: there is no path in the current code that produces a "real failure" distinct from cancellation. Adding a Task.isCancelled check before the transition would leave a dead state behind.

Test plan

  • Open a connection, force a network outage so the monitor enters backoff, then close the window. Confirm no "Connection lost" alert and no cached-data clear.
  • Cause a real ping failure followed by a successful reconnect handler call. Confirm the monitor still transitions through .reconnecting(attempt: N) and lands on .healthy.
  • swiftlint --strict clean.

@chatgpt-codex-connector

chatgpt-codex-connector Bot commented May 9, 2026

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@datlechin datlechin merged commit 0da4b71 into main May 9, 2026
1 check passed
@datlechin datlechin deleted the fix/health-monitor-clean-cancellation branch May 10, 2026 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@datlechin