v2.5.8: revert CosmoKvConnection RW lock — keep Executor AsyncLocal

The v2.5.7 attempt at allowing concurrent reads on CosmoKvConnection
backfired badly on marivil:

  - First design ("drain N reader slots" for writes) starved writers
    under sustained read load. Marivil stress run: 252 audit-write
    failures, 21 RelayWorker failures, 16 WebhookWorker failures,
    nearly all "txn_busy" or 30s timeout. Throughput collapsed to ~0.
  - Second attempt (writer-priority gate) deadlocked subtly under
    xUnit's parallel-test harness — fine in isolation, intermittent
    failures under load.

A correct async RW lock with bounded fairness needs more care than
this session can give it. Revert CosmoKvConnection to its prior
single SemaphoreSlim(1, 1). The Executor-side AsyncLocal<IKvAccess?>
change stays: it's harmless under serial access (the connection lock
already serialises everything) and removes the "shared mutable
_kv field" hazard that would otherwise need re-doing whenever the RW
lock returns. Same with the ConcurrentDictionary swap for
_defaultExprCache — pure safety, no behaviour change under serial.

Marivil is back on cosmokvd v0.3.4 + CosmoSQLClient 2.5.6 (the
known-good combo); v2.5.7 + v0.3.5 stay on NuGet/Docker Hub as
"known-bad — do not deploy".

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: vkuttyp

Directory.Build.props

@@ -7,6 +7,6 @@
     <Authors>vkuttyp</Authors>
     <PackageLicenseExpression>MIT</PackageLicenseExpression>
     <RepositoryUrl>https://github.com/vkuttyp/CosmoSQLClient-Dotnet</RepositoryUrl>
-    <Version>2.5.7</Version>
+    <Version>2.5.8</Version>
   </PropertyGroup>
 </Project>

src/CosmoSQLClient.CosmoKv/AsyncReaderWriterLock.cs

@@ -36,15 +36,18 @@ public sealed class CosmoKvConnection : ISqlDatabase
     private CosmoKvTxn? _txn;
 
     /// <summary>
-    /// Reader-writer lock — multiple QueryAsync calls run concurrently
-    /// (CosmoKv's MVCC already gives them snapshot isolation; the
-    /// Executor's per-call state is now AsyncLocal so concurrent reads
-    /// don't trample each other). ExecuteAsync and Begin/Commit/Rollback
-    /// take the write lock for exclusive access — they mutate <see cref="_txn"/>
-    /// and the underlying writer task. Replaces the prior single
-    /// SemaphoreSlim(1,1) that serialised everything.
+    /// Connection-level serialisation lock. The v2.5.7 attempt at an
+    /// AsyncReaderWriterLock here regressed marivil's stress run badly —
+    /// the "drain N slots" writer pattern starved under sustained read
+    /// load (audit/RelayWorker writes blocked indefinitely), and a
+    /// "writer-priority gate" rewrite hit subtler timing issues under
+    /// the .NET test suite's parallel-test load. Reverted to the single
+    /// SemaphoreSlim until a properly-engineered async RW lock can be
+    /// designed; the <see cref="Execution.Executor"/>-side AsyncLocal
+    /// change stays (it's harmless under serial access and enables the
+    /// eventual RW-lock work without another driver-side refactor).
     /// </summary>
-    private readonly AsyncReaderWriterLock _rwLock = new();
+    private readonly SemaphoreSlim _lock = new(1, 1);
     private bool _disposed;
 
     /// <summary>
@@ -182,7 +185,7 @@ public static Task<CosmoKvConnection> OpenAsync(
     public async Task<IReadOnlyList<SqlRow>> QueryAsync(
         string sql, IReadOnlyList<SqlParameter>? parameters = null, CancellationToken ct = default)
     {
-        await _rwLock.AcquireReadAsync(ct).ConfigureAwait(false);
+        await _lock.WaitAsync(ct);
         try
         {
             EnsureOpen();
@@ -203,7 +206,7 @@ public async Task<IReadOnlyList<SqlRow>> QueryAsync(
         finally
         {
             _executor?.SetActiveAccess(null);
-            _rwLock.ReleaseRead();
+            _lock.Release();
         }
     }
 
@@ -231,7 +234,7 @@ public async IAsyncEnumerable<SqlRow> QueryStreamAsync(
     public async Task<int> ExecuteAsync(
         string sql, IReadOnlyList<SqlParameter>? parameters = null, CancellationToken ct = default)
     {
-        await _rwLock.AcquireWriteAsync(ct).ConfigureAwait(false);
+        await _lock.WaitAsync(ct);
         try
         {
             EnsureOpen();
@@ -283,7 +286,7 @@ public async Task<int> ExecuteAsync(
         finally
         {
             _executor?.SetActiveAccess(null);
-            _rwLock.ReleaseWrite();
+            _lock.Release();
         }
     }
 
@@ -333,23 +336,23 @@ private static IReadOnlyList<SqlRow> MaterializeRows(
 
     public async Task BeginTransactionAsync(CancellationToken ct = default)
     {
-        await _rwLock.AcquireWriteAsync(ct).ConfigureAwait(false);
+        await _lock.WaitAsync(ct);
         try { await BeginTransactionAsyncLocked(ct); }
-        finally { _rwLock.ReleaseWrite(); }
+        finally { _lock.Release(); }
     }
 
     public async Task CommitAsync(CancellationToken ct = default)
     {
-        await _rwLock.AcquireWriteAsync(ct).ConfigureAwait(false);
+        await _lock.WaitAsync(ct);
         try { await CommitAsyncLocked(ct); }
-        finally { _rwLock.ReleaseWrite(); }
+        finally { _lock.Release(); }
     }
 
     public async Task RollbackAsync(CancellationToken ct = default)
     {
-        await _rwLock.AcquireWriteAsync(ct).ConfigureAwait(false);
+        await _lock.WaitAsync(ct);
         try { await RollbackAsyncLocked(ct); }
-        finally { _rwLock.ReleaseWrite(); }
+        finally { _lock.Release(); }
     }
 
     // ── Transaction internals (lock already held by caller) ─────────────────
@@ -418,9 +421,7 @@ public async ValueTask DisposeAsync()
         if (_disposed) return;
         _disposed = true;
         await CloseAsync();
-        // _rwLock holds a SemaphoreSlim; .NET will reclaim it on GC.
-        // We don't expose a hard-disposal hook because outstanding async
-        // operations might still be holding slots when DisposeAsync runs.
+        _lock.Dispose();
     }
 
     private void EnsureOpen()