1use super::*;
25
26#[async_trait::async_trait]
27impl RuntimePersistence for Store {
28 fn durability_tier(&self) -> DurabilityTier {
29 DurabilityTier::Durable
30 }
31
32 async fn load_session(
33 &self,
34 scope: SessionReadScope,
35 ) -> Result<Option<PersistedSessionRead>, StoreError> {
36 self.conn
37 .call(move |conn| {
38 let outcome: Result<Option<PersistedSessionRead>, StoreError> = (|| {
39 let Some(meta) = try_load_session_head_meta_from_conn(conn)? else {
40 return Ok(None);
41 };
42 let leaf_node_id = match &scope {
43 SessionReadScope::FullGraph => meta.leaf_node_id.clone(),
44 SessionReadScope::ActivePath { leaf_node_id } => {
45 leaf_node_id.clone().or_else(|| meta.leaf_node_id.clone())
46 }
47 };
48 let mut graph = match scope {
49 SessionReadScope::FullGraph => {
50 Self::load_session_graph_from_conn(conn, meta.leaf_node_id.clone())
51 }
52 SessionReadScope::ActivePath { .. } => {
53 Self::load_active_path_session_graph_from_conn(
54 conn,
55 leaf_node_id.clone(),
56 )
57 .map_err(sqlite_error)?
58 }
59 };
60 graph.set_leaf_node_id(leaf_node_id);
61 let checkpoint = meta
62 .checkpoint_ref
63 .as_ref()
64 .and_then(|blob_ref| Self::get_checkpoint_conn(conn, blob_ref));
65 Ok(Some(PersistedSessionRead {
66 session_id: meta.session_id,
67 head_revision: meta.head_revision,
68 config: meta.config,
69 agent_frames: meta.agent_frames,
70 current_agent_frame_id: meta.current_agent_frame_id,
71 graph,
72 checkpoint_ref: meta.checkpoint_ref,
73 checkpoint,
74 token_ledger: merge_token_ledger_entries(Self::load_usage_deltas_conn(
75 conn,
76 )),
77 }))
78 })(
79 );
80 Ok(outcome)
81 })
82 .await
83 .map_err(sqlite_error)?
84 }
85
86 async fn load_node(
87 &self,
88 node_id: &str,
89 ) -> Result<Option<lash_core::SessionNodeRecord>, StoreError> {
90 let node_id = node_id.to_string();
91 let row: Option<String> = self
92 .conn
93 .call(move |conn| {
94 conn.query_row(
95 "SELECT node_json FROM graph_nodes WHERE node_id = ?1 AND tombstoned = 0",
96 params![node_id],
97 |row| row.get(0),
98 )
99 .optional()
100 })
101 .await
102 .map_err(sqlite_error)?;
103 Ok(row.and_then(|json| serde_json::from_str(&json).ok()))
104 }
105
106 async fn commit_runtime_state(
107 &self,
108 commit: RuntimeCommit,
109 ) -> Result<RuntimeCommitResult, StoreError> {
110 let blob_profile = self.options.blob_profile;
111 let result = self
112 .conn
113 .write_flow(move |tx| {
114 let outcome: Result<RuntimeCommitResult, StoreError> = (|| {
115 let existing = try_load_session_head_meta_from_conn(tx)?;
116 if let Some(bound_session_id) =
117 existing.as_ref().map(|meta| meta.session_id.as_str())
118 && bound_session_id != commit.session_id
119 {
120 return Err(StoreError::SessionBindingMismatch {
121 bound_session_id: bound_session_id.to_string(),
122 attempted_session_id: commit.session_id.clone(),
123 });
124 }
125 if let Some(completed) = &commit.turn_commit {
126 if completed.session_id != commit.session_id {
127 return Err(StoreError::RuntimeTurnCommitConflict {
128 session_id: completed.session_id.clone(),
129 turn_id: completed.turn_id.clone(),
130 });
131 }
132 let prior: Option<(String, String)> = tx
133 .query_row(
134 "SELECT turn_commit_hash, result_json FROM runtime_turn_commits
135 WHERE session_id = ?1 AND turn_id = ?2",
136 params![completed.session_id, completed.turn_id],
137 |row| Ok((row.get(0)?, row.get(1)?)),
138 )
139 .optional()
140 .map_err(sqlite_error)?;
141 if let Some((turn_commit_hash, result_json)) = prior {
142 if turn_commit_hash == completed.turn_commit_hash {
143 let result: RuntimeCommitResult =
144 serde_json::from_str(&result_json).map_err(|err| {
145 StoreError::Backend(format!(
146 "failed to decode runtime turn commit result: {err}"
147 ))
148 })?;
149 if let Some(completion) =
150 commit.release_session_execution_lease.as_ref()
151 {
152 release_session_execution_lease_conn(tx, completion)?;
153 }
154 return Ok(result);
155 }
156 return Err(StoreError::RuntimeTurnCommitConflict {
157 session_id: completed.session_id.clone(),
158 turn_id: completed.turn_id.clone(),
159 });
160 }
161 }
162 let Some(session_execution_lease) = commit.session_execution_lease.as_ref()
163 else {
164 return Err(StoreError::SessionExecutionLeaseExpired {
165 session_id: commit.session_id.clone(),
166 });
167 };
168 ensure_session_execution_lease_conn(
169 tx,
170 &commit.session_id,
171 session_execution_lease,
172 )?;
173 let actual_revision = existing.as_ref().map_or(0, |meta| meta.head_revision);
174 if commit.expected_head_revision.is_some()
175 && commit.expected_head_revision != Some(actual_revision)
176 {
177 return Err(StoreError::HeadRevisionConflict {
178 expected: commit.expected_head_revision,
179 actual: actual_revision,
180 });
181 }
182 for completed in &commit.completed_queue_claims {
183 if completed.session_id != commit.session_id {
184 return Err(StoreError::QueuedWorkClaimExpired {
185 session_id: completed.session_id.clone(),
186 claim_id: completed.claim_id.clone(),
187 });
188 }
189 ensure_queued_work_completion_conn(tx, completed)?;
190 }
191
192 let stored_checkpoint =
193 Self::put_checkpoint_conn(tx, &commit.checkpoint, blob_profile)
194 .map_err(sqlite_error)?;
195
196 if !commit.usage_deltas.is_empty() {
197 let mut stmt = tx
198 .prepare(
199 "INSERT INTO usage_deltas (
200 source, model, input_tokens, output_tokens, cached_input_tokens, reasoning_tokens
201 ) VALUES (?1, ?2, ?3, ?4, ?5, ?6)",
202 )
203 .map_err(sqlite_error)?;
204 for entry in &commit.usage_deltas {
205 stmt.execute(params![
206 entry.source,
207 entry.model,
208 entry.usage.input_tokens,
209 entry.usage.output_tokens,
210 entry.usage.cached_input_tokens,
211 entry.usage.reasoning_tokens,
212 ])
213 .map_err(sqlite_error)?;
214 }
215 }
216
217 let leaf_node_id = match &commit.graph {
218 GraphCommitDelta::Unchanged { leaf_node_id } => leaf_node_id.clone(),
219 GraphCommitDelta::Append {
220 nodes,
221 leaf_node_id,
222 } => {
223 for node in nodes {
224 let node_json = encode_json(node);
225 tx.execute(
226 "INSERT INTO graph_nodes (node_id, node_json) VALUES (?1, ?2)",
227 params![node.node_id, node_json],
228 )
229 .map_err(sqlite_error)?;
230 }
231 leaf_node_id.clone()
232 }
233 GraphCommitDelta::ReplaceFull(graph) => {
234 tx.execute("DELETE FROM graph_nodes", [])
235 .map_err(sqlite_error)?;
236 for node in &graph.nodes {
237 let node_json = encode_json(node);
238 tx.execute(
239 "INSERT INTO graph_nodes (node_id, node_json) VALUES (?1, ?2)",
240 params![node.node_id, node_json],
241 )
242 .map_err(sqlite_error)?;
243 }
244 graph.leaf_node_id.clone()
245 }
246 };
247 let graph_node_count: usize = tx
248 .query_row(
249 "SELECT COUNT(*) FROM graph_nodes WHERE tombstoned = 0",
250 [],
251 |row| row.get::<_, i64>(0),
252 )
253 .map_err(sqlite_error)? as usize;
254 let next_revision = actual_revision + 1;
255 let meta = SessionHeadMeta {
256 session_id: commit.session_id.clone(),
257 head_revision: next_revision,
258 config: commit.config.clone(),
259 agent_frames: commit.agent_frames.clone(),
260 current_agent_frame_id: commit.current_agent_frame_id.clone(),
261 checkpoint_ref: Some(stored_checkpoint.checkpoint_ref.clone()),
262 leaf_node_id,
263 graph_node_count,
264 token_ledger: Vec::new(),
265 };
266 tx.execute(
267 "INSERT OR REPLACE INTO session_head (singleton, session_id, head_json, head_revision)
268 VALUES (1, ?1, ?2, ?3)",
269 params![
270 meta.session_id,
271 encode_json(&meta),
272 meta.head_revision as i64
273 ],
274 )
275 .map_err(sqlite_error)?;
276 for completed in &commit.completed_queue_claims {
277 for batch_id in &completed.batch_ids {
278 tx.execute(
279 "DELETE FROM queued_work_batches
280 WHERE session_id = ?1
281 AND batch_id = ?2
282 AND claim_id = ?3
283 AND claim_token = ?4",
284 params![
285 completed.session_id,
286 batch_id,
287 completed.claim_id,
288 completed.lease_token
289 ],
290 )
291 .map_err(sqlite_error)?;
292 }
293 }
294 if !commit.committed_attachment_ids.is_empty() {
295 let now = current_epoch_ms() as i64;
296 let mut stmt = tx
297 .prepare(
298 "UPDATE attachment_manifest
299 SET committed_at_ms = COALESCE(committed_at_ms, ?1)
300 WHERE attachment_id = ?2 AND session_id = ?3",
301 )
302 .map_err(sqlite_error)?;
303 for id in &commit.committed_attachment_ids {
304 stmt.execute(params![now, id.as_str(), commit.session_id])
305 .map_err(sqlite_error)?;
306 }
307 }
308 let result = RuntimeCommitResult {
309 head_revision: next_revision,
310 checkpoint_ref: stored_checkpoint.checkpoint_ref,
311 manifest: stored_checkpoint.manifest,
312 };
313 if let Some(completed) = &commit.turn_commit {
314 tx.execute(
315 "INSERT INTO runtime_turn_commits (
316 session_id, turn_id, turn_commit_hash, result_json, committed_at_ms
317 )
318 VALUES (?1, ?2, ?3, ?4, ?5)",
319 params![
320 completed.session_id,
321 completed.turn_id,
322 completed.turn_commit_hash,
323 encode_json(&result),
324 current_epoch_ms() as i64
325 ],
326 )
327 .map_err(sqlite_error)?;
328 }
329 if let Some(completion) = commit.release_session_execution_lease.as_ref() {
330 release_session_execution_lease_conn(tx, completion)?;
331 }
332 Ok(result)
333 })();
334 match outcome {
339 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
340 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
341 }
342 })
343 .await
344 .map_err(sqlite_error)??;
345 self.maybe_auto_gc().await;
346 Ok(result)
347 }
348
349 async fn try_claim_session_execution_lease(
350 &self,
351 session_id: &str,
352 owner: &LeaseOwnerIdentity,
353 lease_ttl_ms: u64,
354 ) -> Result<SessionExecutionLeaseClaimOutcome, StoreError> {
355 let session_id = session_id.to_string();
356 let owner = owner.clone();
357 self.conn
358 .write_flow(move |tx| {
359 let outcome: Result<SessionExecutionLeaseClaimOutcome, StoreError> = (|| {
360 let now = current_epoch_ms();
361 let current = load_session_execution_lease_row_conn(tx, &session_id)?;
362 if current.as_ref().is_some_and(|lease| {
363 lease.lease_token.is_some() && lease.expires_at_ms > now
364 }) {
365 let current = current.expect("checked current lease is present");
366 if current
367 .owner
368 .as_ref()
369 .is_some_and(|current_owner| current_owner.same_incarnation(&owner))
370 {
371 let expires_at = now.saturating_add(lease_ttl_ms);
372 tx.execute(
373 "UPDATE session_execution_leases
374 SET lease_expires_at_ms = ?2
375 WHERE session_id = ?1",
376 params![session_id, expires_at as i64],
377 )
378 .map_err(sqlite_error)?;
379 return Ok(SessionExecutionLeaseClaimOutcome::Acquired(
380 SessionExecutionLease {
381 session_id,
382 owner,
383 lease_token: current.lease_token.expect("live lease token set"),
384 fencing_token: current.fencing_token,
385 claimed_at_epoch_ms: current.claimed_at_ms,
386 expires_at_epoch_ms: expires_at,
387 },
388 ));
389 }
390 return Ok(SessionExecutionLeaseClaimOutcome::Busy {
391 holder: row_to_session_execution_lease(&session_id, current)?,
392 });
393 }
394 Ok(SessionExecutionLeaseClaimOutcome::Acquired(
395 acquire_session_execution_lease_conn(
396 tx,
397 &session_id,
398 &owner,
399 current.as_ref().map_or(0, |lease| lease.fencing_token),
400 now,
401 lease_ttl_ms,
402 )?,
403 ))
404 })(
405 );
406 match outcome {
407 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
408 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
409 }
410 })
411 .await
412 .map_err(sqlite_error)?
413 }
414
415 async fn reclaim_session_execution_lease(
416 &self,
417 session_id: &str,
418 owner: &LeaseOwnerIdentity,
419 observed_holder: &SessionExecutionLeaseFence,
420 lease_ttl_ms: u64,
421 ) -> Result<SessionExecutionLeaseClaimOutcome, StoreError> {
422 let session_id = session_id.to_string();
423 let owner = owner.clone();
424 let observed_holder = observed_holder.clone();
425 self.conn
426 .write_flow(move |tx| {
427 let outcome: Result<SessionExecutionLeaseClaimOutcome, StoreError> = (|| {
428 let now = current_epoch_ms();
429 let current = load_session_execution_lease_row_conn(tx, &session_id)?;
430 let Some(current) = current else {
431 return Ok(SessionExecutionLeaseClaimOutcome::Acquired(
432 acquire_session_execution_lease_conn(
433 tx,
434 &session_id,
435 &owner,
436 0,
437 now,
438 lease_ttl_ms,
439 )?,
440 ));
441 };
442 if current.lease_token.is_none() || current.expires_at_ms <= now {
443 return Ok(SessionExecutionLeaseClaimOutcome::Acquired(
444 acquire_session_execution_lease_conn(
445 tx,
446 &session_id,
447 &owner,
448 current.fencing_token,
449 now,
450 lease_ttl_ms,
451 )?,
452 ));
453 }
454 let holder = row_to_session_execution_lease(&session_id, current)?;
455 if observed_holder.session_id == session_id
456 && holder.owner.same_incarnation(&observed_holder.owner)
457 && holder.lease_token == observed_holder.lease_token
458 && holder.fencing_token == observed_holder.fencing_token
459 && holder.owner.is_definitely_dead_for_claimant(&owner)
460 {
461 let fencing_token = holder.fencing_token.saturating_add(1);
462 let lease_token = format!(
463 "{}:{}:{}:{now}:{fencing_token}",
464 session_id, owner.owner_id, owner.incarnation_id
465 );
466 let expires_at = now.saturating_add(lease_ttl_ms);
467 let liveness_json = encode_liveness(&owner.liveness)?;
468 let changed = tx
469 .execute(
470 "UPDATE session_execution_leases
471 SET lease_owner_id = ?1,
472 lease_owner_incarnation_id = ?2,
473 lease_owner_liveness_json = ?3,
474 lease_token = ?4,
475 lease_fencing_token = ?5,
476 lease_claimed_at_ms = ?6,
477 lease_expires_at_ms = ?7
478 WHERE session_id = ?8
479 AND lease_owner_id = ?9
480 AND lease_owner_incarnation_id = ?10
481 AND lease_token = ?11
482 AND lease_fencing_token = ?12",
483 params![
484 owner.owner_id,
485 owner.incarnation_id,
486 liveness_json,
487 lease_token,
488 fencing_token as i64,
489 now as i64,
490 expires_at as i64,
491 session_id,
492 observed_holder.owner.owner_id,
493 observed_holder.owner.incarnation_id,
494 observed_holder.lease_token,
495 observed_holder.fencing_token as i64,
496 ],
497 )
498 .map_err(sqlite_error)?;
499 if changed == 1 {
500 return Ok(SessionExecutionLeaseClaimOutcome::Acquired(
501 SessionExecutionLease {
502 session_id,
503 owner,
504 lease_token,
505 fencing_token,
506 claimed_at_epoch_ms: now,
507 expires_at_epoch_ms: expires_at,
508 },
509 ));
510 }
511 let current = load_session_execution_lease_row_conn(tx, &session_id)?;
512 if current.as_ref().is_some_and(|lease| {
513 lease.lease_token.is_some() && lease.expires_at_ms > now
514 }) {
515 let current = current.expect("checked current lease is present");
516 return Ok(SessionExecutionLeaseClaimOutcome::Busy {
517 holder: row_to_session_execution_lease(&session_id, current)?,
518 });
519 }
520 let previous_fencing_token =
521 current.as_ref().map_or(0, |lease| lease.fencing_token);
522 return Ok(SessionExecutionLeaseClaimOutcome::Acquired(
523 acquire_session_execution_lease_conn(
524 tx,
525 &session_id,
526 &owner,
527 previous_fencing_token,
528 now,
529 lease_ttl_ms,
530 )?,
531 ));
532 }
533 Ok(SessionExecutionLeaseClaimOutcome::Busy { holder })
534 })(
535 );
536 match outcome {
537 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
538 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
539 }
540 })
541 .await
542 .map_err(sqlite_error)?
543 }
544
545 async fn renew_session_execution_lease(
546 &self,
547 fence: &SessionExecutionLeaseFence,
548 lease_ttl_ms: u64,
549 ) -> Result<SessionExecutionLease, StoreError> {
550 let fence = fence.clone();
551 self.conn
552 .write_flow(move |tx| {
553 let outcome: Result<SessionExecutionLease, StoreError> = (|| {
554 let now = current_epoch_ms();
555 let current = load_session_execution_lease_row_conn(tx, &fence.session_id)?;
556 let Some(current) = current else {
557 return Err(StoreError::SessionExecutionLeaseExpired {
558 session_id: fence.session_id.clone(),
559 });
560 };
561 if !current
562 .owner
563 .as_ref()
564 .is_some_and(|owner| owner.same_incarnation(&fence.owner))
565 || current.lease_token.as_deref() != Some(fence.lease_token.as_str())
566 || current.fencing_token != fence.fencing_token
567 || current.expires_at_ms <= now
568 {
569 return Err(StoreError::SessionExecutionLeaseExpired {
570 session_id: fence.session_id.clone(),
571 });
572 }
573 let expires_at = now.saturating_add(lease_ttl_ms);
574 tx.execute(
575 "UPDATE session_execution_leases
576 SET lease_expires_at_ms = ?5
577 WHERE session_id = ?1
578 AND lease_owner_id = ?2
579 AND lease_owner_incarnation_id = ?3
580 AND lease_token = ?4
581 AND lease_fencing_token = ?6",
582 params![
583 fence.session_id,
584 fence.owner.owner_id,
585 fence.owner.incarnation_id,
586 fence.lease_token,
587 expires_at as i64,
588 fence.fencing_token as i64
589 ],
590 )
591 .map_err(sqlite_error)?;
592 Ok(SessionExecutionLease {
593 session_id: fence.session_id,
594 owner: fence.owner,
595 lease_token: fence.lease_token,
596 fencing_token: fence.fencing_token,
597 claimed_at_epoch_ms: current.claimed_at_ms,
598 expires_at_epoch_ms: expires_at,
599 })
600 })();
601 match outcome {
602 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
603 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
604 }
605 })
606 .await
607 .map_err(sqlite_error)?
608 }
609
610 async fn release_session_execution_lease(
611 &self,
612 completion: &SessionExecutionLeaseCompletion,
613 ) -> Result<(), StoreError> {
614 let completion = completion.clone();
615 self.conn
616 .write_flow(move |tx| {
617 let outcome = release_session_execution_lease_conn(tx, &completion);
618 match outcome {
619 Ok(()) => Ok(TxOutcome::Commit(Ok(()))),
620 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
621 }
622 })
623 .await
624 .map_err(sqlite_error)?
625 }
626
627 async fn enqueue_queued_work(
628 &self,
629 batch: QueuedWorkBatchDraft,
630 ) -> Result<QueuedWorkBatch, StoreError> {
631 let nonce = self.commit_count.fetch_add(1, AtomicOrdering::Relaxed);
632 self.conn
633 .write_flow(move |tx| {
634 let outcome: Result<QueuedWorkBatch, StoreError> = (|| {
635 if let Some(source_key) = batch.source_key.as_deref() {
636 let existing_id: Option<String> = tx
637 .query_row(
638 "SELECT batch_id
639 FROM queued_work_batches
640 WHERE session_id = ?1 AND source_key = ?2",
641 params![batch.session_id, source_key],
642 |row| row.get(0),
643 )
644 .optional()
645 .map_err(sqlite_error)?;
646 if let Some(batch_id) = existing_id {
647 let existing = load_queued_batch_by_id_conn(tx, &batch_id)?
648 .ok_or_else(|| {
649 StoreError::Backend(
650 "queued work source row disappeared".to_string(),
651 )
652 })?;
653 return Ok(existing);
654 }
655 }
656 let now = current_epoch_ms();
657 let batch_id =
658 derive_batch_id(&batch.session_id, batch.source_key.as_deref(), now, Some(nonce));
659 tx.execute(
660 "INSERT INTO queued_work_batches (
661 batch_id, session_id, source_key, delivery_policy, slot_policy,
662 merge_key_json, available_at_ms, enqueued_at_ms
663 )
664 VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8)",
665 params![
666 batch_id,
667 batch.session_id,
668 batch.source_key.as_deref(),
669 batch.delivery_policy.as_str(),
670 batch.slot_policy.as_str(),
671 encode_json(&batch.merge_key),
672 batch.available_at_ms as i64,
673 now as i64,
674 ],
675 )
676 .map_err(sqlite_error)?;
677 for (index, payload) in batch.payloads.iter().enumerate() {
678 let item_id = format!("{batch_id}:item:{index}");
679 tx.execute(
680 "INSERT INTO queued_work_items (batch_id, item_index, item_id, payload_json)
681 VALUES (?1, ?2, ?3, ?4)",
682 params![batch_id, index as i64, item_id, encode_json(payload)],
683 )
684 .map_err(sqlite_error)?;
685 }
686 load_queued_batch_by_id_conn(tx, &batch_id)?.ok_or_else(|| {
687 StoreError::Backend("queued work insert disappeared".to_string())
688 })
689 })();
690 match outcome {
693 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
694 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
695 }
696 })
697 .await
698 .map_err(sqlite_error)?
699 }
700
701 async fn claim_ready_queued_work(
702 &self,
703 session_id: &str,
704 session_execution_lease: &SessionExecutionLeaseFence,
705 owner: &LeaseOwnerIdentity,
706 boundary: QueuedWorkClaimBoundary,
707 lease_ttl_ms: u64,
708 max_batches: usize,
709 ) -> Result<Option<QueuedWorkClaim>, StoreError> {
710 if max_batches == 0 {
711 return Ok(None);
712 }
713 let session_id = session_id.to_string();
714 let session_execution_lease = session_execution_lease.clone();
715 let owner = owner.clone();
716 self.conn
717 .write_flow(move |tx| {
718 let outcome: Result<TxOutcome<Option<QueuedWorkClaim>>, StoreError> = (|| {
719 ensure_session_execution_lease_conn(
720 tx,
721 &session_id,
722 &session_execution_lease,
723 )?;
724 let now = current_epoch_ms();
725 let candidate_rows = {
726 let mut stmt = tx
727 .prepare(
728 "SELECT enqueue_seq, batch_id, session_id, source_key, delivery_policy,
729 slot_policy, merge_key_json, available_at_ms, enqueued_at_ms,
730 claim_fencing_token, claim_owner_id, claim_owner_incarnation_id,
731 claim_owner_liveness_json, claim_token, claim_expires_at_ms
732 FROM queued_work_batches
733 WHERE session_id = ?1
734 AND available_at_ms <= ?2
735 ORDER BY enqueue_seq ASC
736 LIMIT ?3",
737 )
738 .map_err(sqlite_error)?;
739 let rows = stmt
740 .query_map(
741 params![session_id, now as i64, claim_scan_limit(max_batches)],
742 queued_batch_row_from_sql,
743 )
744 .map_err(sqlite_error)?;
745 rows.collect::<Result<Vec<_>, _>>().map_err(sqlite_error)?
746 };
747 let candidate_rows = candidate_rows
748 .into_iter()
749 .filter(|row| {
750 row.claim_token.is_none()
751 || row.claim_expires_at_ms <= now
752 || row
753 .claim_owner
754 .as_ref()
755 .is_some_and(|holder| holder.is_definitely_dead_for_claimant(&owner))
756 })
757 .collect::<Vec<_>>();
758 let candidates = candidate_rows
759 .iter()
760 .map(|row| {
761 Ok(ClaimCandidate {
762 enqueue_seq: row.enqueue_seq,
763 claim_fencing_token: row.claim_fencing_token,
764 delivery_policy: decode_delivery_policy(
765 row.delivery_policy.clone(),
766 )?,
767 slot_policy: decode_slot_policy(row.slot_policy.clone())?,
768 merge_key: decode_merge_key(row.merge_key_json.clone())?,
769 })
770 })
771 .collect::<Result<Vec<_>, StoreError>>()?;
772 let selected_len = select_claim_prefix(&candidates, boundary, max_batches);
773 if selected_len == 0 {
774 return Ok(TxOutcome::Commit(None));
775 }
776 let mut selected = candidate_rows;
777 selected.truncate(selected_len);
778 let lease = QueuedWorkClaimLease::derive(
779 &candidates[0],
780 &session_id,
781 &owner,
782 now,
783 lease_ttl_ms,
784 );
785 let liveness_json = encode_liveness(&owner.liveness)?;
786 for row in &selected {
787 let claimed = tx
796 .execute(
797 "UPDATE queued_work_batches
798 SET claim_id = ?3,
799 claim_owner_id = ?4,
800 claim_owner_incarnation_id = ?5,
801 claim_owner_liveness_json = ?6,
802 claim_token = ?7,
803 claim_fencing_token = claim_fencing_token + 1,
804 claim_claimed_at_ms = ?8,
805 claim_expires_at_ms = ?9
806 WHERE session_id = ?1
807 AND batch_id = ?2
808 AND (
809 claim_token IS NULL
810 OR claim_expires_at_ms <= ?8
811 OR (
812 claim_token = ?10
813 AND claim_owner_id = ?11
814 AND claim_owner_incarnation_id = ?12
815 )
816 )",
817 params![
818 session_id,
819 row.batch_id,
820 lease.claim_id,
821 owner.owner_id.as_str(),
822 owner.incarnation_id.as_str(),
823 liveness_json.as_str(),
824 lease.lease_token,
825 now as i64,
826 lease.expires_at_epoch_ms as i64,
827 row.claim_token,
828 row.claim_owner.as_ref().map(|owner| owner.owner_id.as_str()),
829 row.claim_owner
830 .as_ref()
831 .map(|owner| owner.incarnation_id.as_str())
832 ],
833 )
834 .map_err(sqlite_error)?;
835 if claimed == 0 {
836 return Ok(TxOutcome::Rollback(None));
840 }
841 }
842 let mut batches = Vec::new();
843 for row in selected {
844 batches.push(queued_work_batch_from_conn(tx, row)?);
845 }
846 Ok(TxOutcome::Commit(Some(QueuedWorkClaim {
847 session_id: session_id.clone(),
848 claim_id: lease.claim_id,
849 owner: owner.clone(),
850 lease_token: lease.lease_token,
851 fencing_token: lease.fencing_token,
852 claimed_at_epoch_ms: lease.claimed_at_epoch_ms,
853 expires_at_epoch_ms: lease.expires_at_epoch_ms,
854 batches,
855 })))
856 })();
857 match outcome {
861 Ok(TxOutcome::Commit(value)) => Ok(TxOutcome::Commit(Ok(value))),
862 Ok(TxOutcome::Rollback(value)) => Ok(TxOutcome::Rollback(Ok(value))),
863 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
864 }
865 })
866 .await
867 .map_err(sqlite_error)?
868 }
869
870 async fn renew_queued_work_claim(
871 &self,
872 claim: &QueuedWorkClaim,
873 lease_ttl_ms: u64,
874 ) -> Result<QueuedWorkClaim, StoreError> {
875 let now = current_epoch_ms();
876 let expires_at = now.saturating_add(lease_ttl_ms);
877 let session_id = claim.session_id.clone();
878 let claim_id = claim.claim_id.clone();
879 let lease_token = claim.lease_token.clone();
880 let changed = self
881 .conn
882 .write(move |tx| {
883 tx.execute(
884 "UPDATE queued_work_batches
885 SET claim_expires_at_ms = ?4
886 WHERE session_id = ?1 AND claim_id = ?2 AND claim_token = ?3",
887 params![session_id, claim_id, lease_token, expires_at as i64],
888 )
889 })
890 .await
891 .map_err(sqlite_error)?;
892 renewed_claim(claim, changed, expires_at)
893 }
894
895 async fn abandon_queued_work_claim(&self, claim: &QueuedWorkClaim) -> Result<(), StoreError> {
896 let session_id = claim.session_id.clone();
897 let claim_id = claim.claim_id.clone();
898 let lease_token = claim.lease_token.clone();
899 self.conn
900 .write(move |tx| {
901 tx.execute(
902 "UPDATE queued_work_batches
903 SET claim_id = NULL,
904 claim_owner_id = NULL,
905 claim_owner_incarnation_id = NULL,
906 claim_owner_liveness_json = NULL,
907 claim_token = NULL,
908 claim_claimed_at_ms = 0,
909 claim_expires_at_ms = 0
910 WHERE session_id = ?1 AND claim_id = ?2 AND claim_token = ?3",
911 params![session_id, claim_id, lease_token],
912 )
913 })
914 .await
915 .map_err(sqlite_error)?;
916 Ok(())
917 }
918
919 async fn cancel_queued_work_batch(
920 &self,
921 session_id: &str,
922 batch_id: &str,
923 ) -> Result<Option<QueuedWorkBatch>, StoreError> {
924 let session_id = session_id.to_string();
925 let batch_id = batch_id.to_string();
926 self.conn
927 .write_flow(move |tx| {
928 let outcome: Result<Option<QueuedWorkBatch>, StoreError> = (|| {
929 let now = current_epoch_ms() as i64;
930 let row = tx
931 .query_row(
932 "SELECT enqueue_seq, batch_id, session_id, source_key, delivery_policy,
933 slot_policy, merge_key_json, available_at_ms, enqueued_at_ms,
934 claim_fencing_token, claim_owner_id, claim_owner_incarnation_id,
935 claim_owner_liveness_json, claim_token, claim_expires_at_ms
936 FROM queued_work_batches
937 WHERE session_id = ?1
938 AND batch_id = ?2
939 AND (claim_token IS NULL OR claim_expires_at_ms <= ?3)",
940 params![session_id, batch_id, now],
941 queued_batch_row_from_sql,
942 )
943 .optional()
944 .map_err(sqlite_error)?;
945 let Some(row) = row else {
946 return Ok(None);
947 };
948 let batch = queued_work_batch_from_conn(tx, row)?;
949 tx.execute(
950 "DELETE FROM queued_work_batches
951 WHERE session_id = ?1
952 AND batch_id = ?2
953 AND (claim_token IS NULL OR claim_expires_at_ms <= ?3)",
954 params![session_id, batch_id, now],
955 )
956 .map_err(sqlite_error)?;
957 Ok(Some(batch))
958 })();
959 match outcome {
960 Ok(value) => Ok(TxOutcome::Commit(Ok(value))),
961 Err(err) => Ok(TxOutcome::Rollback(Err(err))),
962 }
963 })
964 .await
965 .map_err(sqlite_error)?
966 }
967
968 async fn list_queued_work(&self, session_id: &str) -> Result<Vec<QueuedWorkBatch>, StoreError> {
969 let session_id = session_id.to_string();
970 self.conn
971 .call(move |conn| {
972 let outcome: Result<Vec<QueuedWorkBatch>, StoreError> = (|| {
973 let rows = {
974 let mut stmt = conn
975 .prepare(
976 "SELECT enqueue_seq, batch_id, session_id, source_key, delivery_policy,
977 slot_policy, merge_key_json, available_at_ms, enqueued_at_ms,
978 claim_fencing_token, claim_owner_id, claim_owner_incarnation_id,
979 claim_owner_liveness_json, claim_token, claim_expires_at_ms
980 FROM queued_work_batches
981 WHERE session_id = ?1
982 ORDER BY enqueue_seq ASC",
983 )
984 .map_err(sqlite_error)?;
985 let rows = stmt
986 .query_map(params![session_id], queued_batch_row_from_sql)
987 .map_err(sqlite_error)?;
988 rows.collect::<Result<Vec<_>, _>>().map_err(sqlite_error)?
989 };
990 rows.into_iter()
991 .map(|row| queued_work_batch_from_conn(conn, row))
992 .collect()
993 })();
994 Ok(outcome)
995 })
996 .await
997 .map_err(sqlite_error)?
998 }
999
1000 async fn list_pending_queued_work(
1001 &self,
1002 session_id: &str,
1003 ) -> Result<Vec<QueuedWorkBatch>, StoreError> {
1004 let session_id = session_id.to_string();
1005 self.conn
1006 .call(move |conn| {
1007 let outcome: Result<Vec<QueuedWorkBatch>, StoreError> = (|| {
1008 let now = current_epoch_ms();
1009 let rows = {
1010 let mut stmt = conn
1011 .prepare(
1012 "SELECT enqueue_seq, batch_id, session_id, source_key, delivery_policy,
1013 slot_policy, merge_key_json, available_at_ms, enqueued_at_ms,
1014 claim_fencing_token, claim_owner_id, claim_owner_incarnation_id,
1015 claim_owner_liveness_json, claim_token, claim_expires_at_ms
1016 FROM queued_work_batches
1017 WHERE session_id = ?1
1018 AND (claim_token IS NULL OR claim_expires_at_ms <= ?2)
1019 ORDER BY enqueue_seq ASC",
1020 )
1021 .map_err(sqlite_error)?;
1022 let rows = stmt
1023 .query_map(
1024 params![session_id, now as i64],
1025 queued_batch_row_from_sql,
1026 )
1027 .map_err(sqlite_error)?;
1028 rows.collect::<Result<Vec<_>, _>>().map_err(sqlite_error)?
1029 };
1030 rows.into_iter()
1031 .map(|row| queued_work_batch_from_conn(conn, row))
1032 .collect()
1033 })();
1034 Ok(outcome)
1035 })
1036 .await
1037 .map_err(sqlite_error)?
1038 }
1039
1040 async fn save_session_meta(&self, meta: SessionMeta) -> Result<(), StoreError> {
1041 Store::save_session_meta(self, meta).await;
1042 Ok(())
1043 }
1044
1045 async fn load_session_meta(&self) -> Result<Option<SessionMeta>, StoreError> {
1046 Ok(Store::load_session_meta(self).await)
1047 }
1048
1049 async fn tombstone_nodes(&self, ids: &[String]) -> Result<(), StoreError> {
1050 if ids.is_empty() {
1051 return Ok(());
1052 }
1053 let ids = ids.to_vec();
1054 self.conn
1055 .write(move |tx| {
1056 let mut stmt =
1057 tx.prepare("UPDATE graph_nodes SET tombstoned = 1 WHERE node_id = ?1")?;
1058 for id in &ids {
1059 stmt.execute(params![id])?;
1060 }
1061 Ok(())
1062 })
1063 .await
1064 .map_err(sqlite_error)
1065 }
1066
1067 async fn vacuum(&self) -> Result<VacuumReport, StoreError> {
1068 let removed = self
1069 .conn
1070 .write(move |tx| tx.execute("DELETE FROM graph_nodes WHERE tombstoned = 1", []))
1071 .await
1072 .map_err(sqlite_error)?;
1073 Ok(VacuumReport {
1074 removed_node_count: removed,
1075 })
1076 }
1077
1078 async fn gc_unreachable(&self) -> Result<GcReport, StoreError> {
1079 Ok(Store::gc_unreachable(self).await)
1080 }
1081}
1082
1083struct SessionExecutionLeaseRow {
1084 owner: Option<LeaseOwnerIdentity>,
1085 lease_token: Option<String>,
1086 fencing_token: u64,
1087 claimed_at_ms: u64,
1088 expires_at_ms: u64,
1089}
1090
1091fn load_session_execution_lease_row_conn(
1092 conn: &Connection,
1093 session_id: &str,
1094) -> Result<Option<SessionExecutionLeaseRow>, StoreError> {
1095 let row = conn
1096 .query_row(
1097 "SELECT lease_owner_id, lease_token, lease_fencing_token,
1098 lease_claimed_at_ms, lease_expires_at_ms,
1099 lease_owner_incarnation_id, lease_owner_liveness_json
1100 FROM session_execution_leases
1101 WHERE session_id = ?1",
1102 params![session_id],
1103 |row| {
1104 let owner_id: Option<String> = row.get(0)?;
1105 let incarnation_id: Option<String> = row.get(5)?;
1106 let liveness_json: Option<String> = row.get(6)?;
1107 Ok(SessionExecutionLeaseRow {
1108 owner: lease_owner_from_columns(owner_id, incarnation_id, liveness_json),
1109 lease_token: row.get(1)?,
1110 fencing_token: row.get::<_, i64>(2)? as u64,
1111 claimed_at_ms: row.get::<_, i64>(3)? as u64,
1112 expires_at_ms: row.get::<_, i64>(4)? as u64,
1113 })
1114 },
1115 )
1116 .optional()
1117 .map_err(sqlite_error)?;
1118 Ok(row)
1119}
1120
1121fn lease_owner_from_columns(
1122 owner_id: Option<String>,
1123 incarnation_id: Option<String>,
1124 liveness_json: Option<String>,
1125) -> Option<LeaseOwnerIdentity> {
1126 owner_id.map(|owner_id| LeaseOwnerIdentity {
1127 incarnation_id: incarnation_id.unwrap_or_else(|| owner_id.clone()),
1128 owner_id,
1129 liveness: liveness_json
1130 .as_deref()
1131 .and_then(|json| serde_json::from_str(json).ok())
1132 .unwrap_or(LeaseOwnerLiveness::Opaque),
1133 })
1134}
1135
1136fn encode_liveness(liveness: &LeaseOwnerLiveness) -> Result<String, StoreError> {
1137 serde_json::to_string(liveness)
1138 .map_err(|err| StoreError::Backend(format!("failed to encode lease liveness: {err}")))
1139}
1140
1141fn row_to_session_execution_lease(
1142 session_id: &str,
1143 row: SessionExecutionLeaseRow,
1144) -> Result<SessionExecutionLease, StoreError> {
1145 Ok(SessionExecutionLease {
1146 session_id: session_id.to_string(),
1147 owner: row
1148 .owner
1149 .ok_or_else(|| StoreError::Backend("live session lease missing owner".to_string()))?,
1150 lease_token: row.lease_token.ok_or_else(|| {
1151 StoreError::Backend("live session lease missing lease token".to_string())
1152 })?,
1153 fencing_token: row.fencing_token,
1154 claimed_at_epoch_ms: row.claimed_at_ms,
1155 expires_at_epoch_ms: row.expires_at_ms,
1156 })
1157}
1158
1159fn acquire_session_execution_lease_conn(
1160 conn: &Connection,
1161 session_id: &str,
1162 owner: &LeaseOwnerIdentity,
1163 previous_fencing_token: u64,
1164 now: u64,
1165 lease_ttl_ms: u64,
1166) -> Result<SessionExecutionLease, StoreError> {
1167 let fencing_token = previous_fencing_token.saturating_add(1);
1168 let lease_token = format!(
1169 "{}:{}:{}:{now}:{fencing_token}",
1170 session_id, owner.owner_id, owner.incarnation_id
1171 );
1172 let expires_at = now.saturating_add(lease_ttl_ms);
1173 let liveness_json = encode_liveness(&owner.liveness)?;
1174 conn.execute(
1175 "INSERT INTO session_execution_leases (
1176 session_id, lease_owner_id, lease_owner_incarnation_id, lease_owner_liveness_json,
1177 lease_token, lease_fencing_token, lease_claimed_at_ms, lease_expires_at_ms
1178 )
1179 VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8)
1180 ON CONFLICT(session_id) DO UPDATE SET
1181 lease_owner_id = excluded.lease_owner_id,
1182 lease_owner_incarnation_id = excluded.lease_owner_incarnation_id,
1183 lease_owner_liveness_json = excluded.lease_owner_liveness_json,
1184 lease_token = excluded.lease_token,
1185 lease_fencing_token = excluded.lease_fencing_token,
1186 lease_claimed_at_ms = excluded.lease_claimed_at_ms,
1187 lease_expires_at_ms = excluded.lease_expires_at_ms",
1188 params![
1189 session_id,
1190 owner.owner_id,
1191 owner.incarnation_id,
1192 liveness_json,
1193 lease_token,
1194 fencing_token as i64,
1195 now as i64,
1196 expires_at as i64
1197 ],
1198 )
1199 .map_err(sqlite_error)?;
1200 Ok(SessionExecutionLease {
1201 session_id: session_id.to_string(),
1202 owner: owner.clone(),
1203 lease_token,
1204 fencing_token,
1205 claimed_at_epoch_ms: now,
1206 expires_at_epoch_ms: expires_at,
1207 })
1208}
1209
1210fn ensure_session_execution_lease_conn(
1211 conn: &Connection,
1212 session_id: &str,
1213 fence: &SessionExecutionLeaseFence,
1214) -> Result<(), StoreError> {
1215 if fence.session_id != session_id {
1216 return Err(StoreError::SessionExecutionLeaseExpired {
1217 session_id: session_id.to_string(),
1218 });
1219 }
1220 let now = current_epoch_ms();
1221 let current = load_session_execution_lease_row_conn(conn, session_id)?;
1222 let Some(current) = current else {
1223 return Err(StoreError::SessionExecutionLeaseExpired {
1224 session_id: session_id.to_string(),
1225 });
1226 };
1227 if current
1228 .owner
1229 .as_ref()
1230 .is_some_and(|owner| owner.same_incarnation(&fence.owner))
1231 && current.lease_token.as_deref() == Some(fence.lease_token.as_str())
1232 && current.fencing_token == fence.fencing_token
1233 && current.expires_at_ms > now
1234 {
1235 Ok(())
1236 } else {
1237 Err(StoreError::SessionExecutionLeaseExpired {
1238 session_id: session_id.to_string(),
1239 })
1240 }
1241}
1242
1243fn release_session_execution_lease_conn(
1244 conn: &Connection,
1245 completion: &SessionExecutionLeaseCompletion,
1246) -> Result<(), StoreError> {
1247 conn.execute(
1248 "UPDATE session_execution_leases
1249 SET lease_owner_id = NULL,
1250 lease_owner_incarnation_id = NULL,
1251 lease_owner_liveness_json = NULL,
1252 lease_token = NULL,
1253 lease_claimed_at_ms = 0,
1254 lease_expires_at_ms = 0
1255 WHERE session_id = ?1
1256 AND lease_owner_id = ?2
1257 AND lease_owner_incarnation_id = ?3
1258 AND lease_token = ?4
1259 AND lease_fencing_token = ?5",
1260 params![
1261 completion.session_id,
1262 completion.owner.owner_id,
1263 completion.owner.incarnation_id,
1264 completion.lease_token,
1265 completion.fencing_token as i64
1266 ],
1267 )
1268 .map_err(sqlite_error)?;
1269 Ok(())
1270}