Concurrent sessions corrupt ~/.claude.json via write race (Windows)

Resolved 💬 3 comments Opened Feb 26, 2026 by dmoorevtedu Closed Feb 26, 2026

Description

Running multiple concurrent Claude Code sessions (common workflow: launching parallel sessions for different tasks) causes repeated corruption of ~/.claude.json. Each session generates its own userID and writes the full file without file locking. When Session B reads what Session A wrote, it sees a different userID and declares the file "corrupted," backing it up and writing a fresh version. This cascades, with sessions overwriting each other dozens of times per minute.

The most impactful consequence is loss of oauthAccount — fresh sessions don't have it cached yet, so when they overwrite the file, the auth data disappears and the user gets logged out.

Evidence

  • 97 corrupted backup files accumulated in ~/.claude/backups/ over 3 days
  • 88 of 97 are missing oauthAccount (the logout trigger)
  • 4+ different userID values across corrupted snapshots from the same time window — each session generates its own
  • 60+ corrupted backups within a 2-minute window — classic write race cascade
  • File sizes grow incrementally during bursts (82→194→253→328→786→921 bytes) as each session rebuilds state, then gets overwritten

Reproduction

  1. Open two or more Claude Code sessions simultaneously (e.g., in different terminal tabs pointing to different projects)
  2. Use both sessions actively (trigger tool calls that update toolUsage counters)
  3. Observe ~/.claude/backups/ filling with .corrupted files
  4. Eventually one session loses oauthAccount → logged out

With a parallel launcher (e.g., launching 3-5 sessions for different handoff tasks), corruption is near-instant and cascading.

Environment

  • OS: Windows 11 Home 10.0.26200
  • Shell: Git Bash
  • Claude Code version: 2.1.59
  • Concurrent sessions: Typically 2-5 via Windows Terminal tabs

Suggested Fix

The shared state file needs concurrency protection. Some options:

  • File locking (mutex/flock) around reads and writes to ~/.claude.json
  • Per-session state files for volatile data (toolUsage, userID) with a shared file only for stable config (oauthAccount, preferences)
  • Atomic read-modify-write with lock file coordination
  • Merge on write instead of overwrite — read existing, merge in changes, write back

Current Workaround

I built a filesystem watchdog that monitors ~/.claude.json and restores oauthAccount from a local cache whenever it disappears. This prevents the logout symptom but doesn't fix the underlying race.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗