fix(command): retry claude-cli transcript probe to close flush race

[benjamin1492]

Summary

Closes #81042.

claudeCliSessionTranscriptHasContent in src/agents/command/attempt-execution.helpers.ts decides whether the runtime can resume a claude-cli session via --resume or has to start cold. The probe does a single-pass scan of the project JSONL for at least one assistant message. The problem is that claude-cli flushes the user-message header to the transcript before the assistant turn lands — there is a sub-100ms window where the JSONL exists on disk but lacks an assistant message. The current single-pass probe races that flush, returns false, the runtime decides "no transcript, cold start," and the prior turn's context is lost. The negative path was also fully silent, so gateway logs gave no signal that a transcript-missing reset was actually a flush race rather than a genuine missing-session.

Two small changes:

1. Scan with one short retry. The scan now records per-project fileExists and hasAssistant. If the first scan finds the JSONL exists but lacks an assistant message, the probe sleeps 150ms and re-scans once. The sleep is gated on fileExists so the genuinely-no-session path doesn't pay the latency.
2. Diagnostic warn on the negative path. Both negative outcomes (retry exhausted with file still empty; no matching JSONL in any project dir) emit cliBackendLog.warn with sessionId, homeDir, and the per-project diagnostic. This makes the failure mode visible instead of silent.

Closes

Closes #81042

Test plan

src/agents/command/attempt-execution.test.ts is the established home for these helpers; new tests extend that file:

1. JSONL with assistant message present from t=0 → returns true immediately, no retry sleep observed. Spies on globalThis.setTimeout and asserts no 150ms delay was scheduled.
2. JSONL exists but empty at t=0, then assistant message appears during the 150ms window → returns true. Mocks setTimeout(_, 150) so that the test appends the assistant message to the file before firing the continuation, exercising the rescan path.
3. JSONL exists, never gains an assistant message → returns false, warn fires once with "after 150ms retry" and includes the sessionId.
4. No matching JSONL in any project dir → returns false, warn fires with "no matching jsonl" and projectCount=<n>.

pnpm test src/agents/command/attempt-execution.test.ts
 Test Files  1 passed (1)
      Tests  38 passed (38)

pnpm tsgo and pnpm check:test-types both pass.

Affected scope

• claude-cli backend only, on the resume path. First-turn / cold-start callers never hit this probe.
• API backends are unaffected — they don't use a transcript-based reuse check.

Risk

• Adds at most one 150ms wait on the negative-but-file-exists path; that path is already a prelude to transcript-missing recovery, so the latency budget is essentially free. The truly-no-session path (no .claude/projects/*/sessionId.jsonl anywhere) keeps its current latency.
• cliBackendLog was previously imported only from inside src/agents/cli-runner/. The new import in src/agents/command/attempt-execution.helpers.ts is a one-line cross-module reference into ../cli-runner/log.js — log.ts has no transitive imports from command/ so there's no cycle. (Verified with pnpm tsgo and tests.)
• The new diagnostic log lines fire only on the negative path; on healthy resumes there is no log churn.

---

Real Behavior Proof

Behavior or issue addressed: Closes #81042. claudeCliSessionTranscriptHasContent was returning false in the sub-100ms window where the claude-cli session JSONL existed on disk but had not yet been flushed with an assistant message. The runtime read this as transcript-missing and forced a cold session restart, losing all cross-turn context. The race fired most often immediately after a session-id rotation when the next inbound turn arrived before claude-cli completed its async transcript flush.

Real environment tested: Live OpenClaw 2026.5.7 install on Ubuntu 24.04 (Linux 6.17.0-23-generic x86_64), Node v22.22.0, claude-cli backend (Claude Max subscription), Telegram bot channel. Same scan-with-retry refactor as proposed in this PR was first applied as a runtime patch to the bundled dist/attempt-execution.helpers-CENmB56f.js so the comparison was made against actual runtime behavior, not staged simulations.

Exact steps or command run after this patch:

1. Apply the scan-with-retry refactor directly to the bundled claudeCliSessionTranscriptHasContent (matches this PR's diff: split scan into a helper returning { hasAssistant, fileExists, ... } per project, retry once after 150ms when fileExists && !hasAssistant, log a cliBackendLog.warn diagnostic on the negative path).
2. systemctl --user restart openclaw-gateway
3. Resume normal Telegram chat use with the agent for ~75 minutes spanning ~30 turns including session rotations triggered by config changes and natural idle timeouts.
4. After the patch window, query the gateway journal for any missing-transcript or restart events:

journalctl --user -u openclaw-gateway --since "2026-05-12 09:11" \
  | grep -E "(cli-backend|claude-live|live session)" \
  | grep -E "reset|close|restart|rotate|reason="

Evidence after fix: Redacted live runtime journal output captured directly from journalctl --user -u openclaw-gateway on the actual install.

Pre-patch window (08:00–09:11 EDT) — three missing-transcript resets in 38 minutes of normal use, each cascading into a session restart. Post-hoc inspection of the JSONL files for these session ids confirmed they did exist on disk; the probe was racing the flush:

2026-05-12T08:13:06.295-04:00 [agent/cli-backend] cli session reset: provider=claude-cli reason=missing-transcript
2026-05-12T08:13:06.327-04:00 [agent/cli-backend] claude live session close: provider=claude-cli model=claude-opus-4-7 reason=restart
2026-05-12T08:45:08.710-04:00 [agent/cli-backend] cli session reset: provider=claude-cli reason=missing-transcript
2026-05-12T08:46:26.340-04:00 [agent/cli-backend] claude live session close: provider=claude-cli model=claude-opus-4-7 reason=restart
2026-05-12T08:51:32.073-04:00 [agent/cli-backend] cli session reset: provider=claude-cli reason=missing-transcript
2026-05-12T08:51:32.099-04:00 [agent/cli-backend] claude live session close: provider=claude-cli model=claude-opus-4-7 reason=restart

User-visible Telegram conversation excerpt at the moment of the 08:45:08 reset, showing the cross-turn amnesia symptom from the user's perspective:

[8:39 AM] Leonard: Watcher is armed — I'll page you as soon as the sentinel appears.
[8:44 AM] User:    still working on it?
[8:45 AM] Leonard: Nothing's actively in flight on my side… What's "it" referring to?

Post-patch window (09:11+ EDT) — full output of the same journal query:

$ journalctl --user -u openclaw-gateway --since "2026-05-12 09:11" \
    | grep -E "(cli-backend|claude-live|live session)" \
    | grep -E "reset|close|restart|rotate|reason="
(no matches)

Live Telegram screenshot from the affected install, captured pre-patch on 2026-05-12. The user asks "still working on it?" 5 minutes after the agent's earlier reply describing in-flight work; the agent denies anything is in flight and asks "What's 'it' referring to?". The user's next message quote-backs the agent's own prior message (with a hand-drawn arrow connecting the two). Two unrelated project names in the parenthetical have been redacted; the bug demonstration is not affected. This is the user-visible symptom of the runtime events shown in the journal log above.

Observed result after fix: Zero missing-transcript resets in the post-patch window. Cross-turn context survives the resume path through transcript flushes that previously raced. The 150ms retry is gated on fileExists, so the no-session path takes the same time as before — verified by spot-checking gateway timing logs across cold-start invocations.

What was not tested: API-backend providers were not tested because they don't use claudeCliSessionTranscriptHasContent. The race was reproduced on Linux only; the same flush behavior in claude-cli should apply on macOS, but it was not exercised here. The companion fingerprint bug #81041 remained patched throughout these runs to keep session lifetimes long enough for the transcript probe to be exercised.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 29, 2026, 1:21 PM ET / 17:21 UTC.

Summary
This PR changes Claude CLI resume validation to probe a deterministic cwd/session JSONL path with a short grace rescan, threads cwd/workspace context into the probe, and captures the last Claude JSONL session_id.

PR surface: Source +40, Tests +415. Total +455 across 11 files.

Reproducibility: yes. The source path is clear from the current transcript probe and the PR discussion includes live missing-transcript logs; I did not rerun the live Claude CLI/Telegram scenario in this read-only review.

Review metrics: none identified.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Risk before merge

• [P1] The deterministic path is now fail-closed for session reuse; if the resolver or cwd choice disagrees with Claude CLI's actual project path, existing valid bindings could be cleared and users would get cold starts.
• [P1] The adjacent write-side session-state PR remains open, so maintainers should choose merge order and resolver assumptions deliberately before landing both changes.

Maintainer options:

1. Land with session-state risk acknowledged (recommended)
   Accept the fail-closed session-state risk once required checks are green because the branch has targeted coverage and live proof for the core read-side failure.
2. Ask for a latest-head live soak
   Before merge, require a short maintainer or contributor log proof on the current head if reviewers want runtime evidence for the final cwd/resolver commits too.
3. Sequence with the write-side PR
   Hold this PR until maintainers decide whether the companion write-side work should land first or be reviewed as one coordinated session-state rollout.

Next step before merge

• [P2] No narrow automated repair remains; maintainer review should decide merge timing and session-state rollout with the adjacent write-side PR.

Security
Cleared: No concrete security or supply-chain concern found; the diff changes local transcript probing, parser behavior, tests, and an e2e diagnostic helper without new dependencies, workflow permissions, downloads, or secret handling.

Review details

Best possible solution:

Land this read-side Claude CLI transcript probe fix after maintainer review and green checks, while coordinating with #84234 for the write-side recovery path.

Do we have a high-confidence way to reproduce the issue?

Yes. The source path is clear from the current transcript probe and the PR discussion includes live missing-transcript logs; I did not rerun the live Claude CLI/Telegram scenario in this read-only review.

Is this the best way to solve the issue?

Yes. The deterministic cwd-based transcript path plus last-wins session id capture is a narrow read-side repair; the separate write-side binding/orphan handling should remain coordinated in the companion PR.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 5620229f9f92.

Label changes

Label changes:

• add P1: The PR targets user-visible Claude CLI context loss in active chat sessions, which is a broken agent workflow affecting real users.
• add merge-risk: 🚨 session-state: The diff changes how saved Claude CLI session ids are validated and when bindings are cleared, so a resolver mismatch could drop native session continuity.
• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body and comments include live runtime logs, a Telegram-visible symptom excerpt, and later v5 journalctl output showing zero missing-transcript resets after the updated patch soak.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (logs): The PR body and comments include live runtime logs, a Telegram-visible symptom excerpt, and later v5 journalctl output showing zero missing-transcript resets after the updated patch soak.

Label justifications:

• P1: The PR targets user-visible Claude CLI context loss in active chat sessions, which is a broken agent workflow affecting real users.
• merge-risk: 🚨 session-state: The diff changes how saved Claude CLI session ids are validated and when bindings are cleared, so a resolver mismatch could drop native session continuity.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (logs): The PR body and comments include live runtime logs, a Telegram-visible symptom excerpt, and later v5 journalctl output showing zero missing-transcript resets after the updated patch soak.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body and comments include live runtime logs, a Telegram-visible symptom excerpt, and later v5 journalctl output showing zero missing-transcript resets after the updated patch soak.

Evidence reviewed

PR surface:

Source +40, Tests +415. Total +455 across 11 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	6	112	72	+40
Tests	5	429	14	+415
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	11	541	86	+455

Acceptance criteria:

• [P1] node scripts/run-vitest.mjs src/agents/command/attempt-execution.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/cli-runner/prepare.test.ts src/agents/cli-output.test.ts.
• [P1] pnpm tsgo:core.
• [P1] pnpm check:test-types.

What I checked:

• Repository policy applied: Read the full root AGENTS.md and the scoped src/agents/AGENTS.md; session-state compatibility, proof requirements, and agent-test guidance shaped the review. (AGENTS.md:1, 5620229f9f92)
• Current main behavior: Current main uses a single scan over Claude project dirs for the saved session id and returns false when no assistant message is found, which matches the reported false missing-transcript surface. (src/agents/command/attempt-execution.helpers.ts:80, 3654ea32a972)
• Deterministic probe on PR head: The PR head derives the expected Claude JSONL path from session id plus workspace/cwd, scans it, waits 250 ms on a miss, rescans, and logs a structured v4 miss before failing closed. (src/agents/command/attempt-execution.helpers.ts:85, e3df84ab09b6)
• cwd threading on PR head: The command path now passes the CLI process cwd into the transcript probe, and the prepare path passes its resolved cwd, avoiding the prior workspace-only mismatch. (src/agents/command/attempt-execution.ts:508, e3df84ab09b6)
• Session id parser fix on PR head: parseCliJsonl now keeps the last backend session id, matching the PR discussion's v5 root cause around ephemeral Claude session ids preceding the canonical id. (src/agents/cli-output.ts:753, e3df84ab09b6)
• Regression coverage: The branch adds tests for the grace-window rescan, missing/header-only warnings, canonical resolver use, cwd threading, and last-wins Claude session id parsing. (src/agents/command/attempt-execution.test.ts:573, e3df84ab09b6)

Likely related people:

• steipete: The available current-main blame in this shallow checkout attributes the existing transcript probe and parseCliJsonl implementation to commit 3654ea3; deeper history is not available locally. (role: recent area contributor; confidence: medium; commits: 3654ea32a972; files: src/agents/command/attempt-execution.helpers.ts, src/agents/cli-output.ts)
• obviyus: The latest force-pushed commits on this PR share the Claude project-dir resolver and thread the CLI cwd into the probe, directly addressing the prior review concern. (role: recent branch maintainer; confidence: medium; commits: 7409717ac30e, e3df84ab09b6; files: src/agents/command/claude-cli-project-dir.ts, src/agents/command/attempt-execution.ts, src/commands/doctor-claude-cli.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[benjamin1492]

Update: probe widened to 5 attempts / 3250ms after live evidence v1 + v2 were both insufficient

The single-retry shape from the PR body (one 150ms wait, gated on fileExists) closed the within-file flush race in synthetic tests but kept missing the second window in the field — the file-creation race, where the JSONL itself has not yet been created when the runtime probes after a session-id rotation.

Evolution after PR submission

• v2 (intermediate, not pushed to this branch). Three attempts at 0/200/400ms (600ms total wait), retry on both branches (file-missing AND file-exists-no-asst), and a branch-specific warn message so the diagnostic tells us which window we lost. Applied as a runtime patch only; never landed upstream because field telemetry from the next day showed even 600ms was short.
• v3 (this push, 15b6626de0). Five attempts at 0/250/500/1000/1500ms (3250ms total worst-case wait), same dual-branch retry shape. Sized to the slowest file-creation lag we observed in production.

Field evidence driving the change (2026-05-13 EDT)

Three live transcript probe negative after 600ms (no matching jsonl) events in a single morning, all on the file-creation branch — meaning v2's 600ms window expired before claude-cli wrote the JSONL at all:

Time (EDT)	Session ID prefix	Outcome
08:09	(logged)	cli session reset reason=missing-transcript → cold start
11:37	d6b7c900…3ef136	cli session reset reason=missing-transcript → cold start
11:54:41	f1b5e368…29fb39	User-visible amnesia: a multi-screen pfBlockerNG fix delivered at 11:54 was not in context when the user followed up at 11:56 in the same Telegram session

All three hit the no-matching-jsonl branch, not the within-file branch. v1 didn't retry at all on that branch (it was gated on fileExists), and v2's 0/200/400ms back-off was still too short to catch the lag. v3 mirrors the dual-branch retry from v2 but extends the ladder so a slow flush has room to land before the runtime declares transcript-missing.

What changed in this commit

src/agents/command/attempt-execution.helpers.ts:

• CLAUDE_CLI_TRANSCRIPT_FLUSH_RETRY_MS = 150 → CLAUDE_CLI_TRANSCRIPT_FLUSH_DELAYS_MS = [0, 250, 500, 1000, 1500] (with a derived _TOTAL_MS = 3250).
• The claudeCliSessionTranscriptHasContent body becomes a back-off loop. The fast path is unchanged: if the first scan finds an assistant message, it returns immediately without touching setTimeout.
• The if (first.fileExists) gate is gone — the loop retries uniformly on both branches, because production data shows the file-creation window is the one we were losing.
• Two warn variants on exhaustion: after 3250ms (file exists, no asst) (carries projects=[…]) and after 3250ms (no matching jsonl) (carries projectCount=N). Operators can tell from one log line which window blew the budget — important if a future field event needs us to widen the ladder again.

src/agents/command/attempt-execution.test.ts:

• Existing fast-path test extended to assert no back-off sleep fires when the assistant message is already present.
• The previous "lands during 150ms window" test is replaced by two: one for the within-file branch (assistant message lands during the 500ms slot) and one for the file-creation branch (the JSONL itself materializes during the 1000ms slot). Both verify the loop traversed the right number of back-offs (backOffsObserved).
• The two negative-path warn tests now mock all four back-off delays ([250, 500, 1000, 1500]) and assert the v3 messages (after 3250ms (file exists, no asst) and after 3250ms (no matching jsonl) respectively).

39/39 in attempt-execution.test.ts pass; pnpm tsgo:core and pnpm check:test-types both clean.

Risk note

Worst-case probe latency on the genuinely-no-session path is now 3250ms instead of 0ms. That path always feeds into transcript-missing recovery anyway, so the latency budget is still essentially free vs. losing context — but reviewers should weigh whether the "negative path is a prelude to recovery" assumption from the original PR still holds at this magnitude. If a tighter cap is preferred, a 3-step [0, 500, 1500] (2000ms) ladder still beats v2 by ~3.3× and would have caught at least the 11:37 and 11:54 events from today's log if the timing distribution we've sampled is representative.

PR is left at its current status; this is a follow-up commit only.

[benjamin1492]

v3 still raced.

Live amnesia event on this branch's running gateway at 12:37:58 EDT today
(2026-05-13). The 3250 ms back-off ladder ran end-to-end and never saw the
JSONL appear — same no matching jsonl branch v2 was hitting at 600 ms,
just at a longer timeout:

2026-05-13T16:37:58.700Z  WARN  claude-cli transcript probe negative after 3250ms (no matching jsonl)
                                  sessionId=da349eb3-5357-4657-bbbf-2a5582ec8c3a projectCount=6
2026-05-13T16:37:58.708Z  INFO  cli session reset: provider=claude-cli reason=missing-transcript
2026-05-13T16:37:58.830Z  INFO  cli exec: ... reuse=invalidated:missing-transcript

That's a clean repro of the failure mode v3's narrative warned about, and
the n=1 datapoint after one full ladder budget. Continuing to widen the
ladder isn't viable: claude-cli decides on its own clock when to flush the
JSONL, the orchestrator probe is open-loop relative to that clock, and the
race is unbounded — picking a 6 s ladder just moves the next field failure
to whatever the next outlier flush takes. The probe needs a deterministic
reference, not a longer back-off.

v4: orchestrator owns the path

The orchestrator already mints --session-id <uuid> for new Claude CLI
sessions (claude-live-session.ts:154), and claude is spawned with
cwd: workspaceDir (claude-live-session.ts:701, execute.ts:553). Those
two facts together fully determine the on-disk JSONL location:

<homeDir>/.claude/projects/<encoded(workspaceDir)>/<sessionId>.jsonl

The encoding rule was live-verified against claude-cli 2.1.140: every non-
alphanumeric character in the absolute cwd is rewritten to - (so
/home/faris/.openclaw/workspace → -home-faris--openclaw-workspace,
/tmp/foo_bar.baz → -tmp-foo-bar-baz). v4 lifts that rule into
claudeCliSessionTranscriptPath() and replaces the previous scan-every-
project-dir loop with a single scanJsonlFile(expectedPath). Because the
path is now derived from data the orchestrator already controls, the only
remaining race window is local FS flush latency on the prior turn's exit;
a 250 ms one-shot grace is plenty for that and any miss past it is a real
signal worth surfacing.

On miss, v4 emits a structured claude-cli transcript probe v4 miss (sessionId-deterministic path, grace 250ms): sessionId=… expectedPath=… fileExists=… warn — distinct prefix from v1/v2/v3 so log readers can see
at a glance which strategy is live and which window failed. Downstream
behavior is unchanged: a miss still produces cli session reset reason=missing-transcript and the turn resumes fresh, but the warn line
ahead of it now points at the exact file that should have been there.

Why this is the last call site change

If v4 ever misses, it isn't "we picked the wrong filename" or "we probed
too early" — both of those are pinned. A v4 miss means either (a) the prior
turn's claude-cli legitimately failed to flush the JSONL (real crash / FS
failure) or (b) upstream Claude Code changed the cwd-encoding rule. Those
need investigating individually instead of being masked by a wider ladder,
which is what "fail loud" buys us.

Tests

src/agents/command/attempt-execution.test.ts adds a
claudeCliSessionTranscriptPath describe block (null on malformed sessionId
/ empty workspace, path encoding for both the openclaw workspace and an
underscore/dot synthetic case) and rewrites the
claudeCliSessionTranscriptHasContent block end-to-end:

• happy path: assistant already flushed → no grace sleep fires
• FS-latency: first scan miss, JSONL lands during the 250 ms grace, second
  scan succeeds (asserts exactly one grace-window sleep)
• miss with fileExists=false (JSONL never appeared) — asserts the v4 warn
  prefix, sessionId, grace, encoded workspace dir
• miss with fileExists=true (header-only JSONL stayed headerless) —
  asserts fileExists=true lands in the warn payload
• malformed sessionId / undefined workspaceDir still resolve to false

prepare.test.ts and attempt-execution.cli.test.ts were updated for the
new workspaceDir argument and the deterministic path the pre-seeded
fixtures now write to. Local: pnpm test src/agents/command/ src/agents/cli-runner/ src/agents/cli-session.test.ts → 167/167 passed,
pnpm tsgo:core && pnpm check:test-types clean.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/25888263468
• Updated: 2026-05-14T22:13:09.528Z

[benjamin1492]

v5 — parseCliJsonl last-wins (commit e628d42)

Pushed a follow-up that closes the last context-loss gap we've been able to reproduce locally. Even with v4's deterministic-path probe, we observed cli session reset reason=missing-transcript on --resume turns where claude-cli rotated its session_id mid-stream.

Root cause. parseCliJsonl was first-wins on session_id:

if (!sessionId) {
  sessionId = pickCliSessionId(parsed, backend);
}

parseCliJson (line 294) and createCliJsonlStreamingParser (line 395) had already moved to last-wins (pickCliSessionId(parsed, backend) ?? sessionId), so parseCliJsonl was the lone first-wins capture path. claude-cli 2.1.141 emits ephemeral session_ids from SessionStart hooks before the canonical resumed session_id surfaces in the init event and all subsequent records (including the terminal result). First-wins bound cliSessionBinding.sessionId to the ephemeral id, whose JSONL never lands on the path the v4 probe checks → probe miss → fresh session → continuous context loss.

Fix. Flip parseCliJsonl to last-wins, matching the two sibling parsers. Regression test feeds [ephemeral init, canonical init, result] and asserts the captured sessionId is canonical.

Local stability. Patches 1–5 (systemPromptHash removal, v4 deterministic probe, v4-hotfix workspaceDir threading, v5 last-wins) have been live on my Telegram-facing gateway since 12:25:53 EDT 2026-05-14 (~5h soak at the time of this comment). Zero missing-transcript or transcript probe v4 miss events in the log post-restart; main-session model prefix is steady at claude-cli/claude-opus-4-7 across consecutive turns. Two of my downstream users running 2026.5.7 (one of whom has been reporting amnesia symptoms) are next in line for this rev.

Also dropped a redundant as string cast in attempt-execution.test.ts:641 (oxlint warning surfaced after rebase).

Pinging maintainers — this is the third revision of the PR and the gap-finding has converged. Happy to split the v5 commit into its own PR if that's preferred for review surface.

[benjamin1492]

Overnight soak update — v5 holding clean

Quick follow-up with fresh data on top of yesterday's comment.

Soak window: v5 deployed at 12:25:53 EDT 2026-05-14, gateway restarted at 01:11:32 EDT 2026-05-15 (unrelated overnight cycle, patches re-applied automatically), now at 08:05 EDT 2026-05-15 — ~20h total, ~7h on the post-restart leg.

Result: zero cli session reset reason=missing-transcript events, zero transcript probe v[0-9]+ miss events across the entire window. The last reset of any kind was the pre-v5 12:04 EDT 2026-05-14 event that motivated this revision.

$ journalctl --user -u openclaw-gateway --since "2026-05-14 12:25:53" \
    | grep -cE "cli session reset.*missing-transcript"
0

Main session has stayed bound to a single sessionId across heartbeats, scheduled compaction cycles, and the 04:00 daily rotation. Context continuity from the user's perspective: intact.

Lesson learned on this PR

In hindsight I shipped the initial PR (commit ebbb2627, the retry-with-back-off probe) too early — it addressed the surface symptom but missed two underlying issues that needed four follow-up commits to fully close:

1. The probe was checking the wrong path family because workspaceDir wasn't threaded through every call site (v4-hotfix, commit dc429bef precursor work).
2. The deterministic-path probe alone wasn't enough because parseCliJsonl was first-wins on session_id and was binding to ephemeral SessionStart-hook ids before the canonical resumed id surfaced (v5, commit e628d42a).

Going forward I'll hold a similar PR until I have at least 24h of clean soak before opening, rather than treating "passes locally + reproducer no longer fires" as ready. Apologies for the review-cycle churn.

Happy to split v5 into its own PR for a cleaner review surface if maintainers prefer — or land as-is.

[obviyus]

Landed via squash onto main.

• Scoped tests: git diff --check; pnpm exec oxfmt --check --threads=1 src/agents/command/claude-cli-project-dir.ts src/commands/doctor-claude-cli.ts src/commands/doctor-claude-cli.test.ts src/agents/command/attempt-execution.helpers.ts src/agents/command/attempt-execution.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/command/attempt-execution.ts src/agents/cli-output.ts src/agents/cli-output.test.ts src/agents/cli-runner/prepare.ts src/agents/cli-runner/prepare.test.ts; node scripts/run-oxlint.mjs src/agents/command/claude-cli-project-dir.ts src/commands/doctor-claude-cli.ts src/commands/doctor-claude-cli.test.ts src/agents/command/attempt-execution.helpers.ts src/agents/command/attempt-execution.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/command/attempt-execution.ts src/agents/cli-output.ts src/agents/cli-output.test.ts src/agents/cli-runner/prepare.ts src/agents/cli-runner/prepare.test.ts; CI=1 pnpm tsgo:core && CI=1 pnpm tsgo:core:test; CI=1 OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs run src/agents/cli-output.test.ts src/agents/cli-runner/prepare.test.ts src/agents/command/attempt-execution.test.ts src/agents/command/attempt-execution.cli.test.ts src/commands/doctor-claude-cli.test.ts; CI=1 OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs run src/agents/embedded-agent-runner/run/attempt.cwd-split.test.ts
• Autoreview: .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main clean after fixes.
• Changelog: not edited; release-note context is in the PR body and squash commit message per repo policy.
• CI notes: check-additional-boundaries-bcd failed on pre-existing extensions/minimax/oauth.ts raw fetch() hits already present on origin/main; checks-node-core-fast failed attempt.cwd-split.test.ts once in CI but passed locally on this exact head.
• Land commit: bf260ae
• Merge commit: de45530

Thanks @benjamin1492!