Invalidate underlying connection on sync-timeout

antoineleclair · claude · antoineleclair · commit 6c9c8f9efb38 · 2026-04-18T00:55:05.000-04:00
ISSUE-12 — _run_sync now schedules _async_conn._invalidate() on the
loop thread before raising OperationalError on sync-side timeout.
The coroutine may have already written bytes to the socket before
observing the cancel; without invalidation the next operation reuses
a wire in unknown state, causing mysterious protocol errors later.
Fire-and-forget via call_soon_threadsafe so we don't need to wait
for the event loop.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/src/dqlitedbapi/connection.py b/src/dqlitedbapi/connection.py
@@ -71,6 +71,12 @@ def _run_sync(self, coro: Any) -> Any:
         and blocks until the result is available. The operation lock
         ensures only one operation runs at a time, preventing wire
         protocol corruption from concurrent access.
+
+        On sync-side timeout we cancel the future AND invalidate the
+        underlying connection. The coroutine may have already written
+        partial bytes to the socket before observing the cancel;
+        invalidation poisons the wire stream so the next operation
+        reconnects instead of reusing a torn protocol state.
         """
         with self._op_lock:
             loop = self._ensure_loop()
@@ -81,6 +87,17 @@ def _run_sync(self, coro: Any) -> Any:
                 return future.result(timeout=self._timeout)
             except TimeoutError as e:
                 future.cancel()
+                # Poison the underlying connection. The coroutine may have
+                # half-written a request; the wire is in unknown state.
+                # Fire-and-forget on the loop thread (don't await).
+                if self._async_conn is not None:
+                    try:
+                        loop.call_soon_threadsafe(
+                            self._async_conn._invalidate,
+                            OperationalError(f"sync timeout after {self._timeout}s"),
+                        )
+                    except RuntimeError:
+                        pass  # loop already shutting down
                 raise OperationalError(f"Operation timed out after {self._timeout} seconds") from e
 
     async def _get_async_connection(self) -> DqliteConnection:
