fix(protocol): re-solicit A/AAAA for stale cache entries on commissionable discovery (#3695)

Apollon77 · claude · web-flow · commit 638f28984c23 · 2026-05-06T14:01:08.000+02:00
* chore(chip-testing): add discovery diagnostic logs and run matterjs on PRs Intermittent CI failure on the matterjs controller variant of the CHIP Discovery test: step 7 returns 12 commissionables, step 8 (~3s later) returns empty. Insufficient instrumentation to determine whether the mDNS scanner cache was emptied between calls, addresses got pruned, or the Discovery callback chain dropped them. Add INFO logs at the relevant chokepoints: - CommissionableMdnsScanner: log cache size on entry, per-entry match decision (matched / rejected: no addresses / rejected: filter), waiter notifications for new arrivals, cache add and cache delete events, and final result size. - Discovery: log whether the scanner callback reused an existing ClientNode or created a new one (and whether find() hit an already-commissioned node). - LegacyControllerCommandHandler.handleDiscovery: log incoming findBy, raw result count, picked entry, and empty-return. Also temporarily extend the matterjs controller matrix gate in build-test.chip.yml to run on pull_request so this branch can capture fresh logs from CI. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(protocol): avoid BigInt-unsafe JSON.stringify in discovery diagnostic logs Previous logging commit serialized the CommissionableDeviceIdentifiers object via JSON.stringify, which throws "Do not know how to serialize a BigInt" when the identifier carries a BigInt-typed field, breaking every commissionable discovery on the matterjs CHIP test variant. Replace with the field-key list (sufficient to know what was queried) and replace the legacy handler's raw result dump with a slim {id, D, CM} projection so neither path can hit a BigInt at log time. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(protocol): re-solicit A/AAAA for stale cache entries on discovery CHIP Discovery test on the matterjs controller reproducibly returned an empty result on the second discover-commissionables call within a step (step 8 "Check Hostname" failed with hostName: NoneType). Diagnostic logs added in the previous commit showed the scanner cache held all 13 entries but every entry was rejected by the addresses-length filter on the second call: 1st call: matched: 13, rejectedNoAddr: 0, resultSize: 13 2nd call: matched: 0, rejectedNoAddr: 13, resultSize: 0 Cache itself was intact (DnssdName.isDiscovered still true) but each entry's IpService.addresses had been pruned because the A/AAAA TTL on matter commissionable broadcasts is short (~4s) and elapses between unsolicited rebroadcasts. #cacheDevice solicited and armed an onAddresses observer when a device was first cached without addresses, but the observer deregistered itself after the first delivery, so a later expiry could not re-trigger it, and #startDiscovery solicits PTR records only. Extract the "solicit SRV-target A/AAAA + arm onAddresses observer" logic from #cacheDevice into a new idempotent helper #solicitAndArmAddresses, and call it from the cache iteration loop whenever a cached entry matches the identifier but has zero addresses. The current discovery's waiter is already registered, so when A/AAAA records resolve before the discovery timeout fires, #deliverDeviceIfResolved notifies the waiter and the device flows through the callback chain. Idempotent: skips re-arming if the onAddresses observer is already attached, so concurrent overlapping discoveries do not double-register. Diagnostic logs from the previous commit are kept so the next CI run verifies the fix. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * chore: remove diagnostic logs and PR-trigger gate after fix verified Two consecutive matterjs CHIP runs on this branch passed cleanly with the A/AAAA re-solicit fix in place. Drop the diagnostic logs added across CommissionableMdnsScanner, Discovery, and LegacyControllerCommandHandler and revert the temporary pull_request gate in build-test.chip.yml so the branch contains only the surgical fix. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(protocol): add regression for stale-cache A/AAAA re-solicit Cover the path fixed in the parent commit: a cached commissionable device whose A record TTL has elapsed while SRV/TXT remain valid is re-delivered on a subsequent findCommissionableDevicesContinuously call once the responder replies to the re-solicited hostname query. Verified: the test fails on the pre-fix code (expected 1 to equal 0 after the second discovery returns no devices) and passes after the #solicitAndArmAddresses helper is reused from the cache iteration loop. Addresses copilot-pull-request-reviewer review comment on PR #3695. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/packages/protocol/src/mdns/CommissionableMdnsScanner.ts b/packages/protocol/src/mdns/CommissionableMdnsScanner.ts
@@ -190,11 +190,19 @@ export class CommissionableMdnsScanner implements Scanner {
         let callbackInvoked = false;
         for (const cached of this.#cache.values()) {
             const device = refreshAddresses(cached);
-            if (matchesIdentifier(device, identifier) && device.addresses.length > 0) {
+            if (!matchesIdentifier(device, identifier)) {
+                continue;
+            }
+            if (device.addresses.length > 0) {
                 seen.add(device.deviceIdentifier);
                 result.push(device);
                 callbackInvoked = true;
                 callback(device);
+            } else {
+                // Cached entry's A/AAAA records expired since the responder's last unsolicited broadcast
+                // (matter commissionable A/AAAA TTL is short). Solicit fresh records and arm onAddresses
+                // so this discovery's waiter is notified if addresses resolve before the timeout fires.
+                this.#solicitAndArmAddresses(cached);
             }
         }
 
@@ -383,29 +391,44 @@ export class CommissionableMdnsScanner implements Scanner {
         // A/AAAA records may arrive after the initial SRV/TXT discovery;
         // defer notification until addresses become available.
         if (!this.#deliverDeviceIfResolved(cached)) {
-            // SRV target hostname may have lost its A/AAAA records (TTL expired) while the instance
-            // SRV/TXT was still valid.  Solicit address records for all SRV target hostnames so we
-            // don't wait for the next unsolicited broadcast to deliver the device.
-            for (const record of name.records) {
-                if (record.recordType !== DnsRecordType.SRV) {
-                    continue;
-                }
-                const hostname = this.#names.get(record.value.target);
-                this.#names.solicitor.solicit({
-                    name: hostname,
-                    recordTypes: [DnsRecordType.A, DnsRecordType.AAAA],
-                });
+            this.#solicitAndArmAddresses(cached);
+        }
+    }
+
+    /**
+     * Solicit A/AAAA records for the cached device's SRV target hostnames and arm an onAddresses observer
+     * that delivers via {@link #deliverDeviceIfResolved} once addresses resolve.  Used both when a device is
+     * first cached without addresses AND when an active discovery encounters a cached entry whose A/AAAA
+     * records have since expired (matter commissionable A/AAAA TTL is short and may lapse between the device's
+     * unsolicited broadcasts).  Idempotent: skips re-arming if onAddresses observer already attached.
+     */
+    #solicitAndArmAddresses(cached: CachedDevice) {
+        // SRV target hostname may have lost its A/AAAA records (TTL expired) while the instance
+        // SRV/TXT was still valid.  Solicit address records for all SRV target hostnames so we
+        // don't wait for the next unsolicited broadcast to deliver the device.
+        for (const record of cached.name.records) {
+            if (record.recordType !== DnsRecordType.SRV) {
+                continue;
             }
+            const hostname = this.#names.get(record.value.target);
+            this.#names.solicitor.solicit({
+                name: hostname,
+                recordTypes: [DnsRecordType.A, DnsRecordType.AAAA],
+            });
+        }
 
-            const onAddresses = () => {
-                if (this.#deliverDeviceIfResolved(cached)) {
-                    this.#observers.off(ipService.changed, onAddresses);
-                    cached.onAddresses = undefined;
-                }
-            };
-            cached.onAddresses = onAddresses;
-            this.#observers.on(ipService.changed, onAddresses);
+        if (cached.onAddresses !== undefined) {
+            return;
         }
+
+        const onAddresses = () => {
+            if (this.#deliverDeviceIfResolved(cached)) {
+                this.#observers.off(cached.ipService.changed, onAddresses);
+                cached.onAddresses = undefined;
+            }
+        };
+        cached.onAddresses = onAddresses;
+        this.#observers.on(cached.ipService.changed, onAddresses);
     }
 
     #deliverDeviceIfResolved(cached: CachedDevice): boolean {
diff --git a/packages/protocol/test/mdns/CommissionableMdnsScannerTest.ts b/packages/protocol/test/mdns/CommissionableMdnsScannerTest.ts
@@ -823,4 +823,110 @@ describe("CommissionableMdnsScanner", () => {
             await clientSocket.close();
         }
     });
+
+    it("re-solicits A/AAAA when cached entry's addresses expired before next discovery", async () => {
+        // Regression: the matter commissionable A/AAAA TTL is short and may lapse between
+        // a responder's unsolicited rebroadcasts.  When SRV/TXT remain valid the cache entry
+        // persists but its addresses go empty, and a follow-up findCommissionableDevicesContinuously
+        // call must re-solicit A/AAAA so the entry is delivered once addresses come back.
+        const simulator = new NetworkSimulator();
+        const serverNetwork = new MockNetwork(simulator, SERVER_MAC, [SERVER_IPv4, SERVER_IPv6]);
+        const clientNetwork = new MockNetwork(simulator, CLIENT_MAC, [CLIENT_IPv4, CLIENT_IPv6]);
+
+        const serverSocket = await MdnsSocket.create(serverNetwork);
+        const clientSocket = await MdnsSocket.create(clientNetwork);
+        const clientNames = new DnssdNames({
+            socket: clientSocket,
+            entropy: MockCrypto(0x0c),
+            minTtl: Millis(0),
+        });
+        const scanner = new CommissionableMdnsScanner(clientNames);
+
+        try {
+            const instanceQname = `${INSTANCE_ID}._matterc._udp.local`;
+            const longTtl = Seconds(120);
+            const shortAddrTtl = Seconds(2);
+
+            // Initial advertisement: SRV/TXT long-lived, A short-lived to model the real-world
+            // mismatch where instance records survive past hostname A/AAAA TTL.
+            await serverSocket.send({
+                messageType: DnsMessageType.Response,
+                answers: [
+                    {
+                        name: instanceQname,
+                        recordType: DnsRecordType.TXT,
+                        recordClass: DnsRecordClass.IN,
+                        ttl: longTtl,
+                        value: [`D=3840`, `CM=1`, `VP=4996+22`],
+                    },
+                    {
+                        name: instanceQname,
+                        recordType: DnsRecordType.SRV,
+                        recordClass: DnsRecordClass.IN,
+                        ttl: longTtl,
+                        value: { priority: 0, weight: 0, port: PORT, target: HOSTNAME },
+                    },
+                    {
+                        name: HOSTNAME,
+                        recordType: DnsRecordType.A,
+                        recordClass: DnsRecordClass.IN,
+                        ttl: shortAddrTtl,
+                        value: SERVER_IPv4,
+                    },
+                ],
+                additionalRecords: [],
+            });
+            await MockTime.advance(10);
+
+            // Device cached with resolved addresses
+            expect(scanner.getDiscoveredCommissionableDevices({ longDiscriminator: 3840 }).length).equals(1);
+
+            // Advance past A TTL — A pruned, SRV/TXT survive, cache entry stays but addresses empty
+            await MockTime.advance(Seconds(3));
+            await MockTime.advance(10);
+            expect(scanner.getDiscoveredCommissionableDevices({ longDiscriminator: 3840 }).length).equals(0);
+
+            // Responder replies with fresh A when client re-solicits the hostname
+            serverSocket.receipt.on(async message => {
+                if (message.queries.find(q => q.name === HOSTNAME && q.recordType === DnsRecordType.A)) {
+                    await serverSocket.send({
+                        messageType: DnsMessageType.Response,
+                        answers: [
+                            {
+                                name: HOSTNAME,
+                                recordType: DnsRecordType.A,
+                                recordClass: DnsRecordClass.IN,
+                                ttl: longTtl,
+                                value: SERVER_IPv4,
+                            },
+                        ],
+                        additionalRecords: [],
+                    });
+                }
+            });
+
+            // Second discovery: cache iteration encounters the zero-address entry, fires
+            // #solicitAndArmAddresses, the server replies, onAddresses observer delivers the device.
+            const found: CommissionableDevice[] = [];
+            const identifier = { longDiscriminator: 3840 };
+            const discoveryPromise = scanner.findCommissionableDevicesContinuously(
+                identifier,
+                device => found.push(device),
+                Seconds(10),
+            );
+            await MockTime.resolve(Time.sleep("wait for re-solicit", Seconds(5)));
+
+            expect(found.length).equals(1);
+            expect(found[0].deviceIdentifier).equals(INSTANCE_ID);
+            expect(found[0].addresses.length).greaterThan(0);
+
+            scanner.cancelCommissionableDeviceDiscovery(identifier);
+            await MockTime.resolve(discoveryPromise);
+        } finally {
+            await scanner.close();
+            await clientNames.close();
+            await serverSocket.close();
+            await clientSocket.close();
+        }
+    });
 });
