Generalize post-timeout compaction completion reconciliation across session state

[jackal092927]

Summary

OpenClaw now has a narrow fix for one specific state mismatch: compaction can succeed after the runner stops waiting, and sessions.json.compactionCount needs to be reconciled afterward.

That solves a real bug, but it likely points to a broader design gap:

• compaction completion can become known after run-finalization logic has already moved on
• multiple user-visible surfaces depend on run-finalization snapshots instead of post-compaction truth
• timeout handling and state convergence are still only loosely coupled

This follow-up issue is about making that completion/reconciliation model more general.

Motivation

Current state propagation is fragmented:

• transcript/session history persistence has one source of truth
• session-store counters and cached token snapshots are updated elsewhere
• channel/session recovery logic has its own timeout and abort semantics

That means timeout-late-success cases can leave different parts of the system disagreeing about what actually happened.

What This Is Not

This is not a duplicate of narrower or adjacent issues such as:

• timeout/channel races
• session freeze / lane stall bugs
• /compact UX failures
• subagent-specific stats aggregation bugs

Those are related, but this follow-up is specifically about a more unified model for post-timeout compaction completion semantics and state convergence.

Proposed Direction

Consider introducing a more explicit compaction completion reconciliation path that becomes the authoritative place to converge state after compaction finishes, even if the enclosing run already timed out or stopped waiting.

Potential scope:

• session-store counters (compactionCount)
• token/context snapshots used by /status and UI surfaces
• optional internal lifecycle/completion event for downstream consumers
• best-effort state repair after timeout-late-success outcomes

Desirable Properties

Any generalized solution should preserve:

• current timeout bounds
• non-blocking conversation flow
• low resource usage
• monotonic/idempotent updates

Possible Shape

A possible design direction:

1. Make compaction success/completion a first-class reconciliation event.
2. Route all post-compaction state convergence through that event.
3. Use monotonic updates (max(...) / compare-and-set style semantics) so late or duplicated signals do not corrupt counters.
4. Keep transcript scans off the hot path except as targeted fallback/recovery.

Why A Separate Follow-Up

The current merged fix should stay narrow and low-risk.

A broader design would touch:

• runner completion semantics
• session-store persistence strategy
• /status and related state readers
• potentially channel/session recovery behavior

That deserves separate discussion and review.

Related

• Compaction late success leaves /status compactionCount stale after timeout #45492
• fix: reconcile session compaction count after late compaction success #45493
• Subagents: stabilize announce/compaction stats and cap impossible context usage tokens #11551
• Compaction timeout races against channel timeout, causing stale-response loop #25272
• [Bug] Compaction timeout still freezes sessions in 2026.3.2 (manual + automatic paths) #38233
• [Bug]: /compact intermittently does nothing in TUI; logs show compaction wait aborted #30116

[GMTekAI]

I dug through the current compaction/accounting path, and I think this follow-up is pointing at a real architectural seam.

What exists today is already a fairly specific reconciliation path:

• compaction completion is detected down in the embedded runner subscribe layer, not in the top-level reply finalizer

  • src/agents/pi-embedded-subscribe.handlers.compaction.ts increments an in-memory compaction counter when compaction actually produced a result
  • the subscribe stack tracks that through getCompactionCount() / incrementCompactionCount() in src/agents/pi-embedded-subscribe.ts

• the top-level reply path then does a narrow, post-run repair if autoCompactionCompleted is true

  • src/auto-reply/reply/agent-runner.ts calls incrementRunCompactionCount(...)
  • that flows into src/auto-reply/reply/session-run-accounting.ts
  • which currently just patches sessionEntry.compactionCount and, if available, totalTokens/totalTokensFresh via incrementCompactionCount(...) in src/auto-reply/reply/session-updates.ts

So today’s model is basically:

1. compaction finishes in the runner,
2. a narrow completion signal bubbles up,
3. reply finalization patches a couple of session-store fields afterward.

That supports the issue’s main point: there is already a post-compaction reconciliation mechanism, but it is intentionally very narrow.

A few reasons I think the “generalize this” framing is valid:

• the current convergence target is session-store accounting only
  • mainly compactionCount
  • optionally totalTokens and freshness flags
• other session-facing state is still finalized elsewhere on different timing paths
  • response usage formatting / UI payload decoration in agent-runner.ts
  • memory flush gating depends on compactionCount vs memoryFlushCompactionCount
  • auth-profile override invalidation also keys off compactionCount in src/agents/auth-profiles/session-override.ts
• the reconciliation write is additive and local, not a first-class “compaction completion event” that downstream state readers subscribe to

That said, I would scope the follow-up pretty carefully.

I do not think the best first step is a broad “unify all timeout-late-success state everywhere” redesign. The current code already has a usable seam: compaction completion is observed in one place, and agent-runner.ts is where the narrow repair is applied.

So the smallest maintainable next step seems more like:

1. define a single compaction-completion reconciliation helper/boundary

   • probably one layer above incrementRunCompactionCount(...), not spread across reply finalization callsites

2. make that helper own all monotonic post-compaction state updates

   • compactionCount
   • post-compaction token snapshot / freshness
   • any other fields that are semantically “derived from successful compaction completion”

3. keep it idempotent and monotonic

   • current incrementCompactionCount(...) is still an increment-style mutation, not a compare-and-set against a compaction identity
   • if this gets generalized further, a compaction run/sequence identity may become important so duplicated late signals cannot over-advance counters

One caution for maintainers: some state probably should not be folded into the same reconciliation bucket unless its semantics are clearly “compaction completion truth.”
For example, UI/run-finalization notices and delivery timing are not the same category as durable session accounting.

So overall I think this issue is valid, and the most code-aligned version is:

• not “invent a brand-new timeout convergence framework,”
• but “promote the existing narrow post-compaction repair path into a single authoritative compaction-completion reconciliation layer, then move other monotonic compaction-derived state into it deliberately.”

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed June 11, 2026, 1:00 AM ET / 05:00 UTC.

Summary
Codex review failed: codex execution failed.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.

Next step
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Remaining risk / open question:

• No close action taken because the review did not complete.

Codex review notes: model internal, reasoning high; reviewed against 418d7e1e83c5.

Label changes

Label changes:

• add issue-rating: 🦪 silver shellfish: Current issue advisory state selects this label.
• add clawsweeper:needs-info: Current issue advisory state selects this label.
• remove P2: Current review triage priority is none.
• remove clawsweeper:no-new-fix-pr: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-maintainer-review: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-product-decision: Current issue advisory state no longer selects this label.
• remove clawsweeper:source-repro: Current issue advisory state no longer selects this label.
• remove impact:session-state: Current review selected no impact labels.
• remove issue-rating: 🦞 diamond lobster: Current issue advisory state no longer selects this label.

Evidence reviewed

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this issue with exit 1.
• codex stdout: Per-item Codex failure; continuing with the rest of the shard.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.