Bug: Preemptive context overflow silently kills embedded sessions without notifying user

[najef1979-code]

Bug: Preemptive context overflow silently kills embedded sessions without notifying user

OpenClaw version: 2026.5.19-beta.1 (ba9034b)
Gateway: running (systemd)
Affected agent(s): agent:marcus:main, agent:jordan:main, agent:neon (multiple agents same day)
Channel: webchat
First seen: 2026-05-19 08:45 UTC
Last seen: 2026-05-20 12:20 UTC

---

Description

Embedded agent sessions enter a terminal error state (Context overflow: estimated context size exceeds safe threshold during tool loop) during tool loops. The session silently dies with no user notification. The error is logged but never delivered to the user's channel. Sessions remain stuck in a processing state for hours until manually restarted.

Expected: user sees Context overflow: prompt too large for the model. Try /reset immediately.
Actual: silence, frozen session, no message delivered, no self-healing.

---

Steps to Reproduce

1. Have an embedded agent session engaged in a long tool-heavy task
2. Session accumulates messages in a tool loop (context at ~50%, well within 200K token window)
3. Preemptive context overflow check fires — before any model call
4. Session enters embedded_run_agent_end with error
5. Error is logged but never delivered to the channel
6. Session stays frozen in processing state
7. Stuck-session recovery fires hours later but only releases the lane, no notification
8. User must manually restart gateway

---

Expected Behavior

1. Error message delivered to the user's channel immediately
2. Session auto-resets or clearly signals the user to reset
3. No silently dead sessions for hours without notification

---

Actual Behavior

1. Session ends with embedded_run_agent_end + error
2. compactionAttempts=0 — preemptive check short-circuits before in-attempt compaction
3. Error never reaches the channel
4. Session stays frozen in processing state
5. Stuck-session recovery fires hours later but only releases the lane
6. No self-healing

---

Environment

Field	Value
OS	Linux 7.0.0-15-generic (x64)
Node.js	v24.15.0
OpenClaw	2026.5.19-beta.1 (ba9034b)
Install location	/usr/local/bin/openclaw
Gateway bind	loopback (127.0.0.1:18789)
Provider	minimax
Model	minimax/MiniMax-M2.7
Fallbacks	yes (MiniMax-M2.5)
Compaction mode	safeguard

---

Relevant Logs

// PREEMPTIVE OVERFLOW — fires before model call, no token count measured
{"subsystem":"agent/embedded","1":"[context-overflow-diag] sessionKey=agent:marcus:main provider=minimax/MiniMax-M2.7 compactionAttempts=0 observedTokens=unknown error=Context overflow: estimated context size exceeds safe threshold during tool loop."}

// SESSION ENDS
{"subsystem":"agent/embedded","1":{"event":"embedded_run_agent_end","isError":true,"error":"Context overflow: prompt too large for the model. Try /reset (or /new) to start a fresh session, or use a larger-context model."}}

// COMPACTION RUNS BUT SESSION NEVER RESUMES
{"subsystem":"agent/embedded","1":"[compaction] rotated active transcript after compaction (sessionKey=agent:marcus:main)"}

// HOURS LATER — stuck session detected but recovery is insufficient
{"subsystem":"diagnostic","1":"stuck session: ...lastProgressAge=29351s terminalProgressStale=true recovery=checking"}
{"subsystem":"diagnostic","1":"stuck session recovery outcome: status=released action=release_lane ... released=0"}

---

Root Cause Analysis

The issue is in the embedded Pi runner's preemptive context overflow handling (selection-BpjGe-Y0.js):

1. PREEMPTIVE_OVERFLOW_RATIO = 0.9 is hardcoded — no config path, not tunable
2. For MiniMax-M2.7 (200K token context): maxContextChars = 200,000 × 4 × 0.9 = 720,000 chars
3. The preemptive check fires during a tool loop before sending to the model, even when actual token count is well within limits
4. compactionAttempts=0 — preemptive check short-circuits before the in-attempt compaction path is reached
5. Error is not delivered to the channel
6. Session never resumes

Code locations:

• selection-BpjGe-Y0.js:9325 — PREEMPTIVE_OVERFLOW_RATIO = .9 hardcoded
• selection-BpjGe-Y0.js:9495 — maxContextChars = Math.floor(contextWindowTokens * 4 * 0.9)
• selection-BpjGe-Y0.js:9537-9538 — throws error without running compaction
• pi-embedded-BpxGOwmb.js — in-attempt compaction never reached

---

Additional Context

Multiple agents hit this on 2026-05-19:

Time (UTC)	Agent	Channel
08:45	neon:telegram:direct	telegram
17:44	jordan:main	webchat
18:09	neon:telegram:direct	telegram
22:52	marcus:main	webchat

Key evidence this is NOT actual context exhaustion:

• compactionAttempts=0 — pre-emptive check fired, not model rejection
• observedTokens=unknown — no token count was measured
• Session at ~50% context — well within 200K token window
• Error fires during tool loop, before model call

---

Severity

High — agents silently die, no user notification, requires manual restart. No self-healing. Recurring across multiple agents.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Latest ClawSweeper review: 2026-05-22 06:53 UTC / May 22, 2026, 2:53 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Keep open: current main still has the implicated silent terminal-delivery and stuck-recovery paths, and an open linked repair PR with closing syntax is the right implementation path to review before this issue can close.

Reproducibility: no. not as a high-confidence live end-to-end reproduction in this read-only review. The issue logs, independent confirmation, and current source make the overflow/stuck silent-delivery path credible enough to keep open and route through the linked fix PR.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.

Next step
A direct open fix PR already owns the implementation path, so ClawSweeper should not queue a separate repair job unless that PR is closed or abandoned.

Review details

Best possible solution:

Review and repair #84602 so terminal overflow and stuck-recovery paths reliably deliver one clear channel error while clearing processing/lane state, then close this issue after merged proof.

Do we have a high-confidence way to reproduce the issue?

No, not as a high-confidence live end-to-end reproduction in this read-only review. The issue logs, independent confirmation, and current source make the overflow/stuck silent-delivery path credible enough to keep open and route through the linked fix PR.

Is this the best way to solve the issue?

Unclear as implemented until the linked PR is corrected and proved. The maintainable direction is to fix terminal delivery and liveness cleanup in the embedded/reply runner boundary, not to solve this primarily by adding a threshold config knob.

Label justifications:

• P1: The report describes recurring broken agent/channel workflows where sessions silently stop responding until manual recovery.
• impact:message-loss: The core symptom is a logged terminal error that does not reach the user's webchat or Telegram channel.
• impact:session-state: The issue centers on embedded session liveness, processing-state drift, and stuck lane recovery after tool-loop failures.
• impact:crash-loop: Affected sessions can remain hung for hours and require manual gateway restart or recovery to become usable again.

What I checked:

• Current main overflow fallback is still payload-gated: The auto-reply fallback only converts an embedded context-overflow error into a final user-visible reply when finalEmbeddedError && !hasPayloadText, while the embedded runner's terminal overflow path already returns an error payload, matching the linked PR's claimed dead branch. (src/auto-reply/reply/agent-runner-execution.ts:2480, 170f72d5a161)
• Preemptive tool-loop guard remains present: The tool-result context guard still uses a hardcoded PREEMPTIVE_OVERFLOW_RATIO = 0.9 and can throw PREEMPTIVE_CONTEXT_OVERFLOW_MESSAGE from the mid-tool-loop transform path. (src/agents/pi-embedded-runner/tool-result-context-guard.ts:23, 170f72d5a161)
• Terminal overflow payload exists before reply delivery: The embedded run loop returns an error payload and blocked liveness metadata for unrecovered context overflow, so the remaining user-visible failure is in delivery/liveness handling rather than absence of a runner-level error object. (src/agents/pi-embedded-runner/run.ts:2116, 170f72d5a161)
• Stuck recovery still aborts without threading reason through the handle: recoverStuckDiagnosticSession passes reason: "stuck_recovery", but current abortAndDrainEmbeddedPiRun calls abortEmbeddedPiRun, and abortEmbeddedPiRun invokes handle.abort() without passing a reason. (src/agents/pi-embedded-runner/runs.ts:294, 170f72d5a161)
• Open linked PR owns the requested fix: The open PR at fix(agents): surface user-visible error when embedded session is stuck or overflows context (#84536) #84602 uses closing syntax for this issue and changes the embedded abort/error-delivery paths; it is not merged and currently has ClawSweeper review feedback requiring code correction and real behavior proof. (facafffb0b47)
• Canonical search found the linked PR as the direct fix path: GitHub search found the direct open repair PR first, plus related but broader stuck-session and compaction items; none supersede this issue as a merged fix.

Likely related people:

• @keshav55: Authored the merged preemptive context overflow detection work for tool loops, which is the guard the report names as the initial failure trigger. (role: introduced behavior; confidence: high; commits: 3aa4199ef098; files: src/agents/pi-embedded-runner/tool-result-context-guard.ts, src/agents/pi-embedded-runner/run/preemptive-compaction.ts)
• @vincentkoc: Current blame on the central overflow fallback, abort/drain helper, and tool-result guard lines points to recent source-package update work, and recent PR history shows adjacent timeout final-text recovery. (role: recent area contributor; confidence: medium; commits: 15a0156a8cda, a4c81c6f3583; files: src/auto-reply/reply/agent-runner-execution.ts, src/agents/pi-embedded-runner/runs.ts, src/agents/pi-embedded-runner/run.ts)
• @steipete: History search shows repeated adjacent work on tool-result overflow recovery, timeout aborts, and related reply/session recovery surfaces. (role: recent adjacent owner; confidence: medium; commits: a42ee69ad4a7, e510042870cf, ec27c813cc99; files: src/agents/pi-embedded-runner/tool-result-context-guard.ts, src/agents/pi-embedded-runner/runs.ts, src/auto-reply/reply/agent-runner-execution.ts)
• @Takhoffman: Related merged history shows tool-result truncation and overflow compatibility work in the same preemptive overflow area. (role: overflow recovery contributor; confidence: medium; commits: cbc294511726, 4a91b4f3a526; files: src/agents/pi-embedded-runner/tool-result-context-guard.ts, src/agents/pi-embedded-runner/run/preemptive-compaction.ts)

Remaining risk / open question:

• The latest independent report broadens the symptom from MiniMax/webchat preemptive overflow to claude-cli/Telegram Bash tool-result deaths, so the linked fix needs proof against the visible channel-delivery path, not only unit-level overflow handling.
• The direct repair PR is still open with review feedback and missing real behavior proof, so closing this issue before that PR lands would lose the active implementation checkpoint.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 170f72d5a161.

[najef1979-code]

Update — Expected vs Actual + Reproducibility

Expected Behavior

• User sends a message via webchat to agent:marcus:main
• Agent processes and returns reply to webchat
• If context overflow occurs: user sees "Context overflow: prompt too large for the model. Try /reset"

Actual Behavior

• User sends a message via webchat
• Agent begins processing (long tool loop, ~50% context usage)
• Preemptive overflow check fires mid-tool-loop
• Session enters embedded_run_agent_end with error
• Compaction runs, but session never resumes
• No reply ever delivered to webchat — session stays frozen
• Session remains in "processing" state for hours
• No error message reaches webchat channel
• Only recovery: manual gateway restart

Concrete Reproduction Steps

1. Open webchat and start a session with agent:marcus:main
2. Ask Marcus to perform a long tool-heavy task (e.g., "scan all recent gateway logs for errors")
3. Marcus begins a long sequence of exec + grep operations in one turn
4. At ~50% context (well within 200K limit), preemptive overflow check fires
5. Session dies silently — webchat shows no reply
6. Wait, ask again — still no reply
7. Manual gateway restart required

Key evidence this is NOT actual context exhaustion:

• compactionAttempts=0 + observedTokens=unknown = preemptive check fired, not model rejection
• Session at ~50% context — nowhere near actual 200K token limit
• Same pattern across 4 agents on the same day

Screenshot

Current session (agent:marcus:main) has been stuck in "processing" state since 10:34 CEST with no reply delivered — visible in Control UI.

[rafiki270]

INVALID

This issue was reviewed by a 5-agent swarm consensus. The issue describes a serious bug (P1) but lacks sufficient detail for an auto-fix agent to proceed:

• No concrete reproduction steps
• No stack traces, logs, or error excerpts
• No code pointers or affected subsystem identified
• "Preemptive context overflow" is vague — could be gateway, agent runtime, or session manager
• clawsweeper:needs-live-repro label indicates this needs human investigation first

Please add:

1. Steps to reproduce
2. Expected vs actual behavior
3. Relevant logs or stack traces
4. Affected OpenClaw version and environment
5. Code pointers if known

Once the issue body is fleshed out, re-triage can be requested.

[najef1979-code]

I am not sure what other information you want me to add; I feel like I have given the steps to reproduce
Expected vs. actual behavior and affected OpenClaw version and environment.

If you need more specific logs, I would like to provide them. Can you guide me on what you need?

[dankorotin]

Independent reporter confirming the same bug class on a separate setup — 8 incidents over 3 days on macOS with claude-cli backend.

Environment:

• OpenClaw 2026.5.18, 2026.5.19-beta.2, and 2026.5.19 stable — bug survived all three versions
• macOS 26.5 (Apple Silicon)
• agents.defaults.models.<model>.agentRuntime.id = "claude-cli" backend
• Model: anthropic/claude-opus-4-7
• Single agent on the long-lived Telegram session agent:<agent>:telegram:<account>:direct:<chat-id>

Incidents (same agent, different work each time):

#	Date/Time	Version	Last action before death
1	2026-05-20 09:34 ICT	2026.5.18	Bash gh api ...contents/... returned, no next assistant turn
2	2026-05-20 15:24 ICT	2026.5.19-beta.2	Bash gh pr view 1 26 2 25 returned (chained 4 PRs), no next turn
3	2026-05-20 20:17 ICT	2026.5.19-beta.2	Bash workspace survey returned, no next turn
4	2026-05-21 19:08 ICT	2026.5.19-beta.2	Mid-tool-call Bash result returned, no next turn
5	2026-05-21 19:42 ICT	2026.5.19-beta.2	Bash result returned during user-msg processing, no next turn
6	2026-05-22 08:55 ICT	2026.5.19 stable	Bash grep result returned (small output), no next turn
7	2026-05-22 10:42 ICT	2026.5.19 stable	Final Bash return after PR open, no next turn
8	2026-05-22 12:05 ICT	2026.5.19 stable	Bash git commit + push returned cleanly, no next turn

Strongest correlation: every single death point is immediately after a Bash tool_result returns. Not concurrency-bound (incidents 2-8 had no concurrent spawn pressure). Not session-length-bound (incident 6 was a fresh ~6-min session). Not output-size-bound (incident 6's result was <500 chars; incident 2's was ~10KB). Zero observed deaths after Read, Edit, Grep, or other MCP tool returns in this period — only Bash.

What we ruled out locally:

• Compaction settings (rolled back agents.defaults.compaction.midTurnPrecheck.enabled + related to defaults — no change in death rate)
• Beta-vs-stable (bug present in all three versions tested)
• Concurrent-spawn contention (agents.defaults.maxConcurrent not exceeded for incidents 2-8; only incident 1 had any concurrent-spawn signal)
• Process getting OOM-killed (no kernel/system messages, no swap pressure, gateway log shows no warnings)

Symptom match with this issue:

• Session jsonl shows the Bash tool_result entry, then NO subsequent assistant entry. No final text, no error, no NO_REPLY sentinel.
• OpenClaw session metadata transitions running → failed (or done with truncated transcript on a couple of incidents).
• Channel sees no further delivery — the next mcp__openclaw__message call (which the agent was about to make) never fires.
• Lane only recovers when the user sends a fresh inbound message (spawning a new claude --resume).

The "preemptive context overflow" framing in the original report may be one symptom; what we observe matches more broadly as a silent-process-death class triggered by something in the Bash tool-result return path. Happy to share any of the 8 sanitized session jsonls if useful — let me know which incident shape would help most. Local diagnostic file at ~/Projects/Tools/openclaw-config/openclaw-issues/process-death-mid-investigation.md (private) has per-incident jsonl paths.

cc @najef1979-code — looks like we're hitting the same bug from a different surface (Telegram + claude-cli backend instead of webchat + embedded agent).