Hoist withOwnedSessionTranscriptWrites ALS scope to span agent.prompt() to fix vanilla-openclaw same-lane fence trip

[ubehera]

Summary

Same-lane EmbeddedAttemptSessionTakeoverError race in vanilla openclaw / pi caused by pi's listener-driven session writes happening outside the withOwnedSessionTranscriptWrites AsyncLocalStorage scope. The current ALS context only wraps agent.streamFn(...), but pi's session-event listeners (_handleAgentEvent → _persist → appendFileSync) iterate the constructed stream after streamFn resolves, so their writes never publish to ownedSessionFileWrites. The next withSessionWriteLock call (e.g., a beforeToolCall hook) then trips assertSessionFileFence because the file changed without a matching owned-write record.

Why this is separate from #86067

#86067 closes two specific races:

1. Cross-lane same-file race — file-scoped prompt-window guard (commit 65705d8c39)
2. Same-lane post-stream drain — for deployments that populate _agentEventQueue (commit 4254386508, reported by @kesslerio for AlphaClaw)

Neither change touches the ALS scope. In vanilla openclaw both fixes are either narrow (case 1) or no-op (case 2 — _agentEventQueue isn't populated by the upstream session manager). The case described above is what vanilla openclaw users (e.g. @cby2k's deterministic repro on session UUID 4f181fe9-…) are likely hitting.

Proposed fix shape

Hoist the withOwnedSessionTranscriptWrites wrapper from installPromptSubmissionLockRelease (currently src/agents/pi-embedded-runner/run/attempt.session-lock.ts:1015-1041, wrapping only originalStreamFn) up to span the entire agent.prompt(...) call. This requires composing the wrapper at src/agents/pi-embedded-runner/run/attempt.ts:3243-3249 (or equivalent) so pi's listener-driven writes during the for-await loop also see the ALS context, get published as owned writes, and the fence accepts them on subsequent checks.

Alternative shape: instrument pi's _handleAgentEvent listener wrapper to publish writes directly into ownedSessionFileWrites regardless of ALS state. Less elegant but avoids touching the call composition above.

What this would address

• @cby2k's deterministic repro on session 4f181fe9-… (long inbound turns hanging ~22s then dropping; gateway-fallback fresh-session takeover path)
• The kesslerio post-fence trip path that the fix(agents): file-scoped prompt-window guard for same-session embedded races #86067 drain doesn't reach
• The 122-event/3-day burst pattern documented in EmbeddedAttemptSessionTakeoverError races between heartbeat lane and channel/direct lane on same session file (internal ref #83510) #85913's live-repro comment

Acceptance criteria (suggested)

• Reproduce one of @cby2k's deterministic cases on a patched build
• Confirm cuobjdump-equivalent for the embedded-runner path: writes during the for-await loop appear in ownedSessionFileWrites after the patch
• A regression test that drives a synthetic prompt-emitted-during-streaming write and asserts no fence trip on the subsequent withSessionWriteLock

Risk

Hoisting the ALS scope means anything pi's listener machinery writes during the prompt window will be classified as an "owned write." Need to verify no spurious classifications (e.g., from extension code that legitimately writes external data inside a listener). Test surface should cover the corner case where a session listener also touches a file outside the trusted scope.

Related

• EmbeddedAttemptSessionTakeoverError races between heartbeat lane and channel/direct lane on same session file (internal ref #83510) #85913 — root issue tracking EmbeddedAttemptSessionTakeoverError
• fix(agents): file-scoped prompt-window guard for same-session embedded races #86067 — fixes cross-lane race + AlphaClaw drain case (not vanilla pi root cause)
• fix(agents): tolerate in-process session writes during prompt release #84250 — earlier partial fix referenced by @cby2k
• fix(agents): guard session prompt ownership #85955 — TurboTheTurtle's parallel attempt (rated 🧂 unranked krab, waiting on author)

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed June 11, 2026, 3:32 AM ET / 07:32 UTC.

Summary
Codex review failed: codex execution failed.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.
• Include redacted logs or terminal output.

Next step
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Remaining risk / open question:

• No close action taken because the review did not complete.

Codex review notes: model internal, reasoning high; reviewed against 418d7e1e83c5.

Label changes

Label changes:

• add issue-rating: 🦪 silver shellfish: Current issue advisory state selects this label.
• add clawsweeper:needs-info: Current issue advisory state selects this label.
• remove P1: Current review triage priority is none.
• remove clawsweeper:no-new-fix-pr: Current issue advisory state no longer selects this label.
• remove clawsweeper:source-repro: Current issue advisory state no longer selects this label.
• remove clawsweeper:linked-pr-open: Current issue advisory state no longer selects this label.
• remove impact:session-state: Current review selected no impact labels.
• remove impact:message-loss: Current review selected no impact labels.
• remove issue-rating: 🦞 diamond lobster: Current issue advisory state no longer selects this label.

Evidence reviewed

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this issue with exit 1.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[ubehera]

@clawsweeper re-review

The initial review at 16:47Z appears to have stalled at the placeholder ('ClawSweeper status: review started...') and never published a verdict or applied classification labels. No completed workflow run found in the last ~800 clawsweeper actions. Asking for a fresh pass — there are now four linked PRs (#86067, #86584, #86585, #85955) that would benefit from the bot's consolidated tracking labels on this issue.

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26422827632
• Updated: 2026-05-25T22:59:57.475Z