fix(terminal): persistent sandbox envs survive between turns#6412
Merged
Conversation
`_cleanup_task_resources` was unconditionally calling `cleanup_vm()` at the end of every `run_conversation` (i.e. every user turn), tearing down the docker/daytona/modal sandbox container regardless of its `persistent_filesystem` setting. This contradicted the documented intent of `terminal.lifetime_seconds` (idle reaper) and `container_persistent`, and caused per-turn loss of `/workspace`, `~/.config`, agent CLI auth state, and any other content living inside the sandbox. The unconditional teardown was introduced in fbd3a2f ("prevent leakage of morph instances between tasks", 2025-11-04) to plug a Morph backend leak, two days after `lifetime_seconds` shipped in faecbdd. It was later refactored into `_cleanup_task_resources` in 70dd3a1 without changing semantics. Code and docs have disagreed since. Fix: introduce `terminal_tool.is_persistent_env(task_id)` and skip the per-turn `cleanup_vm` when the active env is persistent. The idle reaper (`_cleanup_inactive_envs`) still tears persistent envs down once `terminal.lifetime_seconds` is exceeded. Non-persistent backends (Morph) are unchanged — still torn down per turn, preserving the original leak-prevention intent.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Salvage of #6370 by @malaiwah (fixes #6369).
_cleanup_task_resourcesunconditionally calledcleanup_vm(task_id)at the end of everyrun_conversation()turn, tearing down Docker/Daytona/Modal/Singularity containers even whencontainer_persistent: true(the default). This contradictedterminal.lifetime_secondsand caused per-turn loss of/workspace,~/.config, sub-agent CLI auth state, and all in-sandbox content.Root cause: an unconditional teardown added in
fbd3a2fd(Nov 2025) to fix a Morph backend leak was blanket-applied to all backends. The Morph backend has since been removed; the hook outlived it.Fix
terminal_tool.is_persistent_env(task_id)— returnsTruewhen the active env has_persistent=True_cleanup_task_resourcesnow skipscleanup_vmfor persistent envs; the idle reaper (_cleanup_inactive_envs) handles them onlifetime_secondsexpiry36 lines across 2 files. Cherry-picked from @malaiwah's commit with authorship preserved.