fix(sessions): reduce session-store memory retention

[efpiva]

Summary

This PR addresses the dominant session-store memory-retention issue observed in a high-load CodeClaw/OpenClaw triage deployment. It keeps loadSessionStore() compatibility intact, adds safer immutable read APIs, bounds serialized cache state, and migrates several read-only paths away from mutable full-store clones.

Changes:

• Intern repeated large SessionEntry.skillsSnapshot.prompt strings after session-store parse/clone.
• Add immutable session-store read APIs:
  • readSessionStoreSnapshot(storePath)
  • readSessionEntry(storePath, sessionKey)
  • readSessionEntries(storePath)
• Export the snapshot read APIs through plugin SDK/runtime session helpers.
• Bound SESSION_STORE_SERIALIZED_CACHE by store-path count and total bytes.
• Migrate safe read-only paths to snapshot/entry reads:
  • cron isolated delivery target lookup
  • delivery-info lookup
  • readSessionUpdatedAt()
  • auto-reply verbose progress refresh
  • cron timer delivery context lookup
  • subagent announce output token/stat lookup
• Isolate small agent-attempt lifecycle callbacks to reduce unnecessary active-run closure capture.

Problem / RCA

I have been dealing with an unstable OpenClaw instance under a high load of sessions, tasks, and sessions_spawn activity. After several memory dump analyses, I traced the dominant issue to session-store clone amplification: repeated full-store reads were duplicating large skillsSnapshot.prompt strings across hundreds of retained session-store clones.

The important workload characteristic is not raw request volume; it is session-store shape plus repeated access. CodeClaw had accumulated hundreds of session entries, especially agent:main subagent/topic sessions, each carrying a large skillsSnapshot.prompt. Before this fix, every compatible loadSessionStore() clone parsed/cloned the full store and created fresh copies of those large prompt strings. Active runs and gateway/session paths then retained enough clones for V8 old-space to fill.

Real behavior proof

• Behavior or issue addressed: reduce retained session-store clone/prompt memory in a real high-session OpenClaw deployment while preserving loadSessionStore() compatibility and adding immutable read APIs for safer read paths.

• Real environment tested: live codeclaw-triage container running OpenClaw/CodeClaw with triage cron enabled, real persistent session stores, and normal cron/subagent review activity.

• Exact steps or command run after this patch: captured and analyzed pre-fix OOM/near-OOM heap snapshots, deployed the session-store fix stack into codeclaw-triage, let triage cron run for about 20 minutes with the real session registry loaded, then captured a fresh SIGUSR2 heap snapshot and analyzed exact prompt strings/session-store map retainers.

• Evidence after fix: copied live heap-analysis output from the CodeClaw triage container is below; artifacts are saved under /tmp/openclaw-session-store-evidence/sigusr2-capture-20260520T171954Z.

  Pre-fix captured heaps reached 4.1-4.5 GB.
  First analyzed OOM heap:
    heap nodes: ~50.6M
    exact skills prompt string nodes: ~389,465
    exact skills prompt bytes: ~1.5 GiB
    full-store clone-like maps: ~925
  
  Post-fix live codeclaw-triage SIGUSR2 heap after ~20 min cron/subagent load:
    heap snapshot size: 387,801,524 bytes (~370 MiB)
    heap nodes: 3.63M
    exact skills prompt string nodes: 8
    exact skills prompt bytes: 55,312 bytes
    full-store clone-like maps: 25 fingerprint / 14 strong candidates
    container restart=0
    OOMKilled=false
    serialized session-cache strings: ~11.35 MiB under 64 MiB cap
  

• Observed result after fix: the container stayed healthy during validation (restart=0, OOMKilled=false), and the catastrophic skillsSnapshot.prompt clone multiplier was gone; serialized session-cache strings were ~11.35 MiB under the new 64 MiB default cap.

• What was not tested: this does not claim all OpenClaw memory pressure is gone; remaining pressure includes active-run state, task registry retention, serialized session-state strings, and normal Node/runtime caches. Further locking down/deprecating mutable full-store reads is left for follow-up API discussion.

Compatibility / open question

This PR intentionally preserves loadSessionStore() as a mutable-clone compatibility API. The new snapshot APIs provide a safer read path, and this PR migrates several known hot read-only consumers, but existing callers and plugins can still call loadSessionStore().

Open question for reviewers: should we keep this non-breaking compatibility path and migrate call sites gradually, or start a deprecation/guardrail plan for mutable full-store reads? The stricter long-term model would reserve mutable access for explicit writer/maintenance paths and require snapshot/entry APIs for reads.

Validation

Worktree:

/home/edpiva/repos/openclaw-worktrees/session-store-cache-read-paths

Commands/results:

node scripts/run-vitest.mjs \
  src/config/sessions.test.ts \
  src/config/sessions.cache.test.ts \
  src/config/sessions/store.skills-stripping.test.ts \
  src/config/sessions/store-read.test.ts \
  src/config/sessions/store-writer.test.ts \
  src/plugins/runtime/index.test.ts \
  src/config/sessions/delivery-info.test.ts \
  src/cron/isolated-agent/delivery-target.test.ts \
  src/auto-reply/reply/dispatch-from-config.test.ts \
  src/auto-reply/reply/dispatch-from-config.reply-dispatch.test.ts \
  src/auto-reply/reply/dispatch-from-config.acp-abort.test.ts \
  src/cron/service/timer.test.ts \
  src/agents/subagent-announce-output.test.ts \
  src/agents/subagent-announce.test.ts \
  src/agents/subagent-announce.timeout.test.ts \
  src/agents/command/attempt-callbacks.test.ts \
  src/agents/auth-profile-runtime-contract.test.ts \
  --run

Test Files 21 passed
Tests 394 passed

./node_modules/.bin/tsgo -p tsconfig.core.json --noEmit --pretty false --incremental false
PIPE_EXIT:0

corepack pnpm plugin-sdk:api:check
OK docs/.generated/plugin-sdk-api-baseline.sha256

corepack pnpm build
PIPE_EXIT:0

git diff --check
# no output

codex review --base origin/main
# First full combined pass found three issues:
#   1. readonly snapshot entry passed to deliveryContextFromSession in cron timer
#   2. plugin SDK API baseline hash drift
#   3. writer snapshot publication caused an extra JSON.parse in an existing cache test
# All were fixed.
# Final pass EXIT:0 — no actionable correctness issues found.

Evidence logs:

/tmp/openclaw-session-store-evidence/split-prs/combined-targeted-tests-after-ci-fix.log
/tmp/openclaw-session-store-evidence/split-prs/combined-tsgo-core-after-ci-fix.log
/tmp/openclaw-session-store-evidence/split-prs/combined-plugin-sdk-api-check-after-ci-fix.log
/tmp/openclaw-session-store-evidence/split-prs/combined-pnpm-build-after-ci-fix.log
/tmp/openclaw-session-store-evidence/split-prs/combined-pr-codex-review-after-ci-fix.log

[clawsweeper]

Codex review: needs maintainer review before merge.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR adds immutable session-store snapshot and entry helpers, bounds serialized session cache retention, interns repeated large skill prompt strings, migrates several hot read paths, and exposes row-level session workflow APIs through the plugin runtime/SDK.

Reproducibility: no. I did not run a high-load current-main reproduction in this read-only review. Source inspection shows current main still has whole-store clone/cache behavior, and the PR body supplies credible live before/after heap logs for the observed deployment.

PR rating
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Summary: Strong real deployment proof and no blocking code finding, with merge confidence still gated on API owner acceptance and current-head validation.

Rank-up moves:

• Rerun the targeted session/cache/plugin SDK validation commands on the current head after the latest force-push.
• Get explicit session/cache and plugin SDK owner acceptance for the new helper API and loadSessionStore deprecation wording.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Sufficient (logs): The PR body includes copied live heap-analysis logs from a real high-session CodeClaw triage deployment showing substantially reduced prompt-string and full-store clone retention after the patch.

Risk before merge

• The PR changes cache invalidation, frozen snapshot publication, and read/write helper semantics across session routing, cron, auto-reply, subagent stats, active-memory, talk, voice-call, and plugin runtime paths; stale or mismatched reads could affect session routing metadata under load.
• The new plugin SDK session workflow helpers and loadSessionStore deprecation wording are public API direction changes that need maintainer-visible acceptance even though the old compatibility path remains.
• The supplied live heap logs are strong, but this read-only review did not independently run a high-load current-main reproduction or PR-head load test.
• Related open memory reports point to cron runtime context retention as a separate mechanism, so maintainers should not treat this PR as the complete OOM fix program.

Maintainer options:

1. Revalidate And Owner-Accept API Direction (recommended)
   Rerun the targeted session/cache/SDK checks on the current head and have the session/cache plus plugin SDK owners explicitly accept the compatibility-preserving helper API before merge.
2. Ask For PR-Head Load Proof
   If maintainers want proof beyond the supplied deployment logs, request a representative high-session PR-head run that exercises snapshot reads, writer snapshot publication, and delivery lookups under load.
3. Split Long-Term Deprecation Policy
   Keep this PR non-breaking and move any stricter loadSessionStore guardrail or deprecation timeline into a separate maintainer-owned SDK discussion.

Next step before merge
The remaining blocker is maintainer review of cache/session semantics and public plugin SDK API direction, not a narrow automated repair.

Security
Cleared: No dependency, workflow, lockfile, package-resolution, secret-handling, permission, or external code-execution changes were found in the reviewed diff.

Review details

Best possible solution:

Land the compatibility-preserving snapshot-read and capped-cache approach after session/cache and plugin SDK acceptance, while keeping loadSessionStore as a compatibility escape hatch and tracking stricter deprecation plus cron runtime context cleanup separately.

Do we have a high-confidence way to reproduce the issue?

No, I did not run a high-load current-main reproduction in this read-only review. Source inspection shows current main still has whole-store clone/cache behavior, and the PR body supplies credible live before/after heap logs for the observed deployment.

Is this the best way to solve the issue?

Unclear until owner review, but the compatibility-preserving direction looks maintainable. The best path is to accept or adjust the public SDK helper API explicitly, keep loadSessionStore compatibility for now, and handle stricter deprecation/runtime-context cleanup separately.

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live heap-analysis logs from a real high-session CodeClaw triage deployment showing substantially reduced prompt-string and full-store clone retention after the patch.

Label justifications:

• P1: The PR targets high-load gateway heap exhaustion that can make agents, cron, and channel workflows unavailable for real deployments.
• merge-risk: 🚨 compatibility: The diff adds public plugin SDK session workflow helpers and deprecates the legacy whole-store helper in docs/types.
• merge-risk: 🚨 session-state: The diff changes session-store read, snapshot, cache, and row-level write semantics used by routing and plugin session workflows.
• merge-risk: 🚨 availability: The change is intended to prevent OOMs, but cache or snapshot mistakes in this hot path could affect long-running gateway availability.
• rating: 🐚 platinum hermit: Current PR rating is 🐚 platinum hermit because proof is 🦞 diamond lobster, patch quality is 🐚 platinum hermit, and Strong real deployment proof and no blocking code finding, with merge confidence still gated on API owner acceptance and current-head validation.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (logs): The PR body includes copied live heap-analysis logs from a real high-session CodeClaw triage deployment showing substantially reduced prompt-string and full-store clone retention after the patch.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live heap-analysis logs from a real high-session CodeClaw triage deployment showing substantially reduced prompt-string and full-store clone retention after the patch.

Acceptance criteria:

• node scripts/run-vitest.mjs src/config/sessions.test.ts src/config/sessions.cache.test.ts src/config/sessions/store.skills-stripping.test.ts src/config/sessions/store-read.test.ts src/config/sessions/store-writer.test.ts src/plugins/runtime/index.test.ts src/config/sessions/delivery-info.test.ts src/cron/isolated-agent/delivery-target.test.ts src/auto-reply/reply/dispatch-from-config.test.ts src/auto-reply/reply/dispatch-from-config.reply-dispatch.test.ts src/auto-reply/reply/dispatch-from-config.acp-abort.test.ts src/cron/service/timer.test.ts src/agents/subagent-announce-output.test.ts src/agents/subagent-announce.test.ts src/agents/subagent-announce.timeout.test.ts src/agents/command/attempt-callbacks.test.ts src/agents/auth-profile-runtime-contract.test.ts --run
• corepack pnpm plugin-sdk:api:check
• corepack pnpm build
• git diff --check

What I checked:

• Current-main retention surface: Current main keeps a process-wide SESSION_STORE_SERIALIZED_CACHE and cloneSessionStoreRecord performs a fresh JSON parse/stringify clone without string interning, which matches the PR's claimed clone-amplification target. (src/config/sessions/store-cache.ts:16, 26e64bda1485)
• PR bounds cache and interns large prompt strings: The PR head adds a 64-entry/64 MiB serialized cache cap plus a bounded large-string intern pool used by cloneSessionStoreRecord and snapshot cloning. (src/config/sessions/store-cache.ts:41, 9b4313ea8e96)
• PR preserves loadSessionStore and adds read APIs: The PR keeps loadSessionStore as the mutable compatibility API and adds readSessionStoreSnapshot, readSessionEntry, and readSessionEntries backed by frozen snapshots. (src/config/sessions/store-load.ts:355, 9b4313ea8e96)
• PR changes public plugin runtime surface: The PR exposes getSessionEntry, listSessionEntries, patchSessionEntry, and upsertSessionEntry on api.runtime.agent.session and marks loadSessionStore deprecated, making this compatibility-sensitive plugin SDK work. (src/plugins/runtime/types-core.ts:204, 9b4313ea8e96)
• Real behavior proof supplied: The PR body includes copied live before/after heap analysis from a high-session CodeClaw triage deployment, reporting prompt string nodes dropping from about 389k to 8 and no container restart/OOMKilled after the patched run. (9b4313ea8e96)
• Related memory work remains separate: Related open items describe session-store growth and cron runtime context retention as adjacent mechanisms, so this PR can reduce clone/cache retention without being the entire memory-pressure program.

Likely related people:

• steipete: Authored the current PR head and has multiple recent main-history commits in session-store cache, session maintenance, plugin SDK runtime exposure, and related docs/API surfaces. (role: recent area contributor; confidence: high; commits: 9b4313ea8e96, a71b810e43f8, 2937fe03513b; files: src/config/sessions/store-cache.ts, src/config/sessions/store-load.ts, src/config/sessions/store.ts)
• shakkernerd: Main history shows Shakker carrying the session-store loader split and nearby outbound/session seam follow-ups in the central files this PR changes. (role: session-store refactor contributor; confidence: medium; commits: c2e93c76bd43, 6395336454e0; files: src/config/sessions/store-load.ts, src/config/sessions/store.ts)
• vincentkoc: Recent plugin runtime and SDK contract extraction commits touched the same public runtime type and SDK boundary affected by the new session workflow helpers. (role: plugin SDK/runtime contract contributor; confidence: medium; commits: 43a2156d1f50, 97d1b88e3faa, 9702d941969b; files: src/plugins/runtime/types-core.ts, src/plugin-sdk/session-store-runtime.ts)
• Takhoffman: The PR migrates active-memory session reads, and main history shows Tak Hoffman added and repeatedly repaired the active-memory plugin behavior this touches. (role: adjacent active-memory owner; confidence: medium; commits: b83726d13e33, f94d6778b1d5, 9d126dc64584; files: extensions/active-memory/index.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 26e64bda1485.

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 🥚 common Frosted Branchling

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 🥚 common.
Trait: collects tiny proofs.
Image traits: location green-check meadow; accessory proof snapshot camera; palette rose quartz and slate; mood focused; pose nestled inside a glowing shell; shell soft velvet shell; lighting cool dashboard glow; background smooth stones and checkmarks.
Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Frosted Branchling in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[galiniliev]

PR #84693 reduces session-store memory retention by adding immutable snapshot reads, interning repeated skillsSnapshot.prompt strings, bounding serialized cache state, and moving hot read-only cron/agent paths off mutable full-store clones. This is the right fix shape for the reported high-session OOM pattern: compatibility stays intact for loadSessionStore(), while new read APIs give hot paths a cheaper contract.

By: Eduardo Piva (@efpiva, acct 2014-01-13) | OpenClaw: 21 PRs, 1 issue, 11 commits/12mo | GitHub: 12 commits, 21 PRs, 1 issue, 0 reviews. Assigned to galiniliev on 2026-05-20 21:23 UTC.

Findings

• [P3] Document the new public session snapshot helpers: src/plugin-sdk/session-store-runtime.ts:3.
  The PR exports readSessionStoreSnapshot, readSessionEntry, readSessionEntries, and related types through the plugin SDK/runtime surface, and also exposes them on api.runtime.agent.session in src/plugins/runtime/types-core.ts:204. docs/plugins/sdk-runtime.md still only shows loadSessionStore() plus write helpers, and docs/plugins/sdk-subpaths.md still summarizes the subpath as path/key/updated-at/mutation helpers. This will keep plugin authors on the expensive mutable clone path even though the API addition is meant to give them the safer read path.

No blocking runtime correctness findings from the code paths I reviewed.

Verdict
Best fix: land this compatible snapshot-read/cache-bound approach after adding the SDK docs note. Keep any stricter loadSessionStore() deprecation or guardrail plan as follow-up.

Provenance: clear. Current main's session store cache clone behavior is from the session-store cache implementation carried forward through 694ca50e97 after the SQLite revert; an earlier ae57eb635c already targeted session-store clone memory growth, and this PR addresses the remaining prompt/string clone amplification.

Proof checked: git diff --check origin/main...FETCH_HEAD passed. I also ran pnpm docs:list and read the relevant SDK docs; the command had to reconcile dependencies first, but the worktree stayed clean. I did not run the full PR test matrix locally; the PR body includes targeted tests, tsgo, SDK API check, build, and live heap proof, and live check rollup shows the relevant CI/build/docs/security lanes succeeding on head 202deb399466.

[steipete]

Landed via rebase onto main.

• Land commit: 1900b175f7b038a250537f0ab65d6e3eb655a1c5
• Merge commit: cabb55380f84fe745ef23d2f980c8a4a2748da21
• Local proof: pnpm plugin-sdk:api:check; pnpm plugin-sdk:check-exports; pnpm test src/config/sessions.test.ts src/config/sessions.cache.test.ts src/talk/agent-consult-runtime.test.ts extensions/voice-call/src/response-generator.test.ts
• Review proof: codex review --commit HEAD reported no actionable correctness issues.
• CI proof: PR checks green on 1900b175f7b038a250537f0ab65d6e3eb655a1c5, including Real behavior proof and check-guards.

Thanks @efpiva!