Summary
Track deferred correctness work for Group B.
Problem
Several file/log write paths intentionally swallow exceptions, which can mask data-loss conditions. Log-size capping is checked before append, but not atomically under lock, so concurrent writers can overshoot configured caps and fail silently.
Scope
- Replace silent exception swallowing in critical write paths with structured error surfacing (API error, lifecycle event, or error telemetry), while retaining best-effort semantics only for non-critical telemetry.
- Make append_trace_event cap enforcement atomic under file lock.
- Add dropped-event accounting (counter and/or metric) when cap reached.
- Add concurrency tests for append/cap correctness under parallel writers.
Acceptance criteria
- No critical write path silently discards failures without a surfaced signal.
- Log caps are enforced deterministically under concurrent writes.
- Tests cover contention path and dropped-event reporting.
Notes
Deferred intentionally to keep current change focused on Group A race/idempotency fixes.
Summary
Track deferred correctness work for Group B.
Problem
Several file/log write paths intentionally swallow exceptions, which can mask data-loss conditions. Log-size capping is checked before append, but not atomically under lock, so concurrent writers can overshoot configured caps and fail silently.
Scope
Acceptance criteria
Notes
Deferred intentionally to keep current change focused on Group A race/idempotency fixes.