fix(agents): bound plugin-owned context-engine compaction with a safety timeout

[100yenadmin]

Summary

A plugin context engine that advertises ownsCompaction: true (e.g. the
lossless-claw LCM plugin) had its ContextEngine.compact() awaited by the
host with no timeout, no watchdog, and no abort signal on every
engine-owned compaction lane — both the built-in pi-embedded runner and the
codex agent harness:

• queued /compact (compact.queued.ts)
• context-overflow / force-compaction recovery (run.ts)
• timeout recovery (run.ts)
• context-engine-owned Codex compaction (extensions/codex/.../compact.ts)
• Codex force-compaction-on-overflow recovery (extensions/codex/.../run-attempt.ts)

The 900 s compactWithSafetyTimeout safety net (EMBEDDED_COMPACTION_TIMEOUT_MS)
that protects native pi-agent-core compaction was only ever applied to the
native activeSession.compact() call. A slow or hung plugin compact() would
hang the agent turn indefinitely — the only backstop was the 48 h default run
timeout, which could not even interrupt the plugin call. The two codex-harness
sites already had a try/catch that converts a thrown compact() error to a
clean { ok: false } result, but a hung promise that never settles was not
caught.

Changes

• Add a compactContextEngineWithSafetyTimeout helper that wraps a plugin
  ContextEngine.compact() in the same finite, host-resolved safety timeout
  used for native compaction.
• Wire it into all five engine-owned contextEngine.compact() call sites:
  • pi-embedded runner — queued /compact (compact.queued.ts),
    context-overflow recovery and timeout recovery (run.ts).
  • codex agent harness — compactOwningContextEngine
    (extensions/codex/src/app-server/compact.ts) and
    forceContextEngineCompactionForCodexOverflow
    (extensions/codex/src/app-server/run-attempt.ts). These are the lanes a
    codex-harness agent with an ownsCompaction plugin actually uses.
• Export compactContextEngineWithSafetyTimeout (+ resolveCompactionTimeoutMs)
  through the existing openclaw/plugin-sdk/agent-harness-runtime surface that
  the codex extension already imports, so the host and the codex harness share
  one implementation rather than copy-pasting the watchdog across the package
  boundary.
• Add an optional abortSignal to the ContextEngine.compact() contract. The
  run's abort signal is both raced against the call (so a non-cooperating
  engine is still bounded) and threaded into the compact() params (so
  cooperating engines can cancel their own in-flight work). The codex sites
  thread params.abortSignal (compact.ts) and the run-level
  runAbortController.signal (run-attempt.ts).
• On timeout/abort the queued lane and both codex-harness lanes surface a clean
  { ok: false } result — matching how the overflow/timeout run lanes already
  convert a thrown compact() — instead of hanging or throwing a raw rejection
  at callers.

This is additive to feat/context-engine-intercept-compaction, which covers
the separate codex session_before_compact intercept lane (interceptsCompaction);
this PR covers the ownsCompaction queued/overflow/timeout lanes across both
the pi-embedded runner and the codex harness.

Fixes #84077

Test plan

• pnpm tsgo:core + pnpm tsgo:core:test clean
• pnpm tsgo:extensions + pnpm tsgo:extensions:test clean
• oxlint clean on all changed files; plugin-sdk boundary checks pass
• New unit tests: a plugin compact() exceeding the timeout is bounded and rejects with a timeout error; the abort signal is threaded into compact() params; abort fires before timeout and rejects promptly
• New integration tests: queued lane converts a hung/throwing compact() to a clean ok:false; run abort signal reaches engine-owned overflow compaction
• New codex-harness tests: a hung owning-engine compact() in the Codex compaction lane is bounded and surfaces as ok:false; a hung compact() during Codex overflow recovery is bounded so the run still proceeds; the caller / run-level abort signal is threaded into the codex-harness compact()
• Existing pi-embedded compaction suites pass (118 tests across the 5 affected files); existing codex compaction suites pass

Real behavior proof

Behavior addressed: hung ownsCompaction context-engine compaction no longer waits forever. The host timeout now both bounds the await and aborts the signal passed into contextEngine.compact(), then returns a clean failed compaction result.

Real environment tested: local OpenClaw checkout /Volumes/LEXAR/repos/openclaw-fix-owns-compaction-timeout, branch fix/owns-compaction-safety-timeout, head b5a35b16b55, Node via node --import tsx, actual extensions/codex/src/app-server/compact.ts and src/agents/pi-embedded-runner/compaction-safety-timeout.ts.

Exact steps or command run after the patch: created a real Codex app-server session binding under /Volumes/LEXAR/Codex/pr-84083-proof, supplied an owning context engine whose compact() never settles, configured agents.defaults.compaction.timeoutSeconds=1, invoked maybeCompactCodexAppServerSession(), and captured whether the signal delivered to compact() aborted when the safety timeout fired.

Evidence after fix:

{
  "branch": "fix/owns-compaction-safety-timeout",
  "head": "b5a35b16b55",
  "behavior": "hung ownsCompaction contextEngine.compact() receives a host timeout abort signal and returns bounded failure",
  "elapsedMs": 1088,
  "compactCalls": 1,
  "receivedAbortSignal": true,
  "signalAborted": true,
  "signalReason": "Compaction timed out",
  "result": {
    "ok": false,
    "compacted": false,
    "reason": "context engine compaction failed: Compaction timed out"
  }
}

Observed result after fix: the hung owning engine returned through the host safety timeout in about 1.1 seconds, the engine saw an AbortSignal, that signal aborted with Compaction timed out, and the caller received { ok: false, compacted: false } instead of hanging.

What was not tested: a real third-party plugin process wedged in production; this proof uses the in-process context-engine interface with an intentionally never-settling compact() implementation.

[clawsweeper]

Codex review: needs real behavior proof before merge.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Review failed before ClawSweeper could summarize the requested change.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

PR rating
Overall: 🌊 off-meta tidepool
Proof: 🌊 off-meta tidepool
Patch quality: 🌊 off-meta tidepool
Summary: PR readiness rating was not assessed because the Codex review failed.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

PR egg
✨ Hatched: 💎 rare Frosted Patch Peep

        /\     /\            
      _/  \___/  \_          
     /  ( o   o )  \         
    |      \_/      |        
    |   /\  ===  /\ |        
     \_/  \_____/  \_/       
        _/|_| |_|\_          
       /__| | | |__\         
          ' ' ' '            
         /_/     \_\         
       `-----------'         
 *===================*       

Rarity: 💎 rare.
Trait: hums during re-review.
Image traits: location green-check meadow; accessory miniature diff map; palette coral, mint, and warm cream; mood curious; pose leaning over a miniature review desk; shell woven fiber shell; lighting tiny status-light glow; background delicate sparkle particles.
How to hatch it: once this PR reaches status: 👀 ready for maintainer look or status: 🚀 automerge armed, the PR author or a maintainer can comment @clawsweeper hatch to turn this ASCII egg into its generated creature image.
Share on X: post this hatch
Copy: My PR egg hatched a 💎 rare Frosted Patch Peep in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchable usually means sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

Real behavior proof
Not applicable: Real behavior proof was not assessed because the Codex review failed.

Risk before merge
Why this matters: - No close action taken because the review did not complete.

Maintainer options:

1. Decide the mitigation before merge
   Retry the Codex review after fixing the execution failure.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

What I checked:

• failure reason: timeout.
• codex failure detail: Codex review failed for this PR: spawnSync codex ETIMEDOUT.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 3bc728eaa993.

[100yenadmin]

Companion plugin-side PR: Martian-Engineering/lossless-claw#712 — it bounds compactFullSweep in the lossless-claw plugin (shared iteration cap + wall-clock deadline) so an individual compaction sweep stays short. This PR is the host-side half: OpenClaw bounds its await on a plugin-owned compaction regardless of how the plugin behaves. Together they close the stall (issues #84077 / lossless-claw#711).

[clawsweeper]

🦞✅
ClawSweeper is pausing this repair loop for human review.

Source: clawsweeper[bot]
Reason: Review did not complete, so no work-lane recommendation was made. (sha=631363a585d5628d644a7c62ca29a434995cbdde)

Why human review is needed:
ClawSweeper found a blocker that should be resolved or accepted by a maintainer before the repair or automerge loop continues.

Recommended next action:
Review the reason above, resolve the blocker or explicitly accept the risk, then ask ClawSweeper to continue if automation is still appropriate.

I added clawsweeper:human-review and left the final call with a maintainer.

[jalehman]

Merged via squash.

• Prepared head SHA: 9121a1a5ea3a782da1a0346265e25c907a76519c
• Merge commit: a059309a9f9a7aeab9f476b6debe68674f60d631

Thanks @100yenadmin!