Concurrent sessions corrupt ~/.claude.json via write race (Windows)
Description
Running multiple concurrent Claude Code sessions (common workflow: launching parallel sessions for different tasks) causes repeated corruption of ~/.claude.json. Each session generates its own userID and writes the full file without file locking. When Session B reads what Session A wrote, it sees a different userID and declares the file "corrupted," backing it up and writing a fresh version. This cascades, with sessions overwriting each other dozens of times per minute.
The most impactful consequence is loss of oauthAccount — fresh sessions don't have it cached yet, so when they overwrite the file, the auth data disappears and the user gets logged out.
Evidence
- 97 corrupted backup files accumulated in
~/.claude/backups/over 3 days - 88 of 97 are missing
oauthAccount(the logout trigger) - 4+ different
userIDvalues across corrupted snapshots from the same time window — each session generates its own - 60+ corrupted backups within a 2-minute window — classic write race cascade
- File sizes grow incrementally during bursts (82→194→253→328→786→921 bytes) as each session rebuilds state, then gets overwritten
Reproduction
- Open two or more Claude Code sessions simultaneously (e.g., in different terminal tabs pointing to different projects)
- Use both sessions actively (trigger tool calls that update
toolUsagecounters) - Observe
~/.claude/backups/filling with.corruptedfiles - Eventually one session loses
oauthAccount→ logged out
With a parallel launcher (e.g., launching 3-5 sessions for different handoff tasks), corruption is near-instant and cascading.
Environment
- OS: Windows 11 Home 10.0.26200
- Shell: Git Bash
- Claude Code version: 2.1.59
- Concurrent sessions: Typically 2-5 via Windows Terminal tabs
Suggested Fix
The shared state file needs concurrency protection. Some options:
- File locking (mutex/flock) around reads and writes to
~/.claude.json - Per-session state files for volatile data (toolUsage, userID) with a shared file only for stable config (oauthAccount, preferences)
- Atomic read-modify-write with lock file coordination
- Merge on write instead of overwrite — read existing, merge in changes, write back
Current Workaround
I built a filesystem watchdog that monitors ~/.claude.json and restores oauthAccount from a local cache whenever it disappears. This prevents the logout symptom but doesn't fix the underlying race.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗