Critical fixes to code review findings:
1. Remove global state access from flushToJSONLWithState
- FlushManager now has true single ownership of flush state
- No more race conditions from concurrent global state access
- flushToJSONLWithState trusts only the flushState parameter
- Legacy wrapper handles success detection via failure count
2. Fix shutdown timeout data loss risk
- Increased timeout from 5s → 30s to prevent data loss
- Added detailed comments explaining the timeout rationale
- Better error message indicates potential data loss scenario
Implementation details:
- New FlushManager uses event-driven single-owner pattern
- Channels eliminate shared mutable state (markDirtyCh, flushNowCh, etc.)
- Comprehensive race detector tests verify concurrency safety
- Backward compatible with existing tests via legacy code path
- ARCHITECTURE.md documents design principles and guarantees
Test results:
- All race detector tests pass (TestFlushManager*)
- Legacy API compatibility verified (TestMarkDirtyAndScheduleFlush*)
- No race conditions detected under concurrent load
Future improvements tracked as beads:
- bd-gdn: Add functional tests for flush correctness verification
- bd-5xt: Log errors from timer-triggered flushes
- bd-i00: Convert magic numbers to named constants
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
