Skip to content

fix(session,bulk): clean up failed engine init, concurrent create, and bulk batch memory#600

Merged
rmyndharis merged 1 commit into
mainfrom
fix/session-availability-hardening
Jul 2, 2026
Merged

fix(session,bulk): clean up failed engine init, concurrent create, and bulk batch memory#600
rmyndharis merged 1 commit into
mainfrom
fix/session-availability-hardening

Conversation

@rmyndharis

Copy link
Copy Markdown
Owner

Summary

Three availability / resource-exhaustion fixes in session lifecycle and bulk send.

Changes

  • Orphan engine on failed init. initializeEngine registers the engine in the map before calling engine.initialize(). If that rejected, the engine was left behind: the session wedged at "already started", a Chromium/socket leaked, and a concurrency slot was consumed forever. start() now catches an init failure, evicts the engine, tears it down (destroyEngineSafely), records the reason, and marks the session FAILED before rethrowing.
  • Concurrent create → 409, not 500. create()'s name check was a check-then-insert TOCTOU; two concurrent same-name creates both passed it and the second hit the DB name UNIQUE constraint, surfacing as a raw 500. The insert is now wrapped so a unique-violation maps to the same 409 Conflict as the pre-check.
  • Bulk batch memory cap. Bulk batches were dispatched fire-and-forget with no ceiling, each holding its full message set (base64 media included) in memory. A per-process cap (BULK_MAX_CONCURRENT_BATCHES, 0 = unlimited, generous default) now rejects a new batch before persisting a row when too many are in flight.

Verification

npm run build ✓ · npm run lint ✓ · npm test ✓ (1886/1886). Tests: init-failure evicts + tears down the engine; a unique-violation on create maps to 409; the bulk cap rejects before persisting.

…d bulk batch memory

- On engine.initialize() failure, evict the half-built engine from the map and tear it down instead of
  leaving an orphan: previously a failed start wedged the session at 'already started' with a leaked
  Chromium/socket permanently holding a concurrency slot.
- Translate a name UNIQUE-constraint violation on session create to 409 Conflict (matching the
  pre-check) instead of leaking a raw 500 when two concurrent same-name creates race past the check.
- Cap concurrently-processing bulk batches per process (BULK_MAX_CONCURRENT_BATCHES, 0=unlimited,
  generous default), rejecting before a row is persisted so a burst can't hold an unbounded number of
  full message sets in memory.
@rmyndharis rmyndharis merged commit fc2b56c into main Jul 2, 2026
3 checks passed
@rmyndharis rmyndharis deleted the fix/session-availability-hardening branch July 2, 2026 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant