OpenClaw merged a session lifecycle fix today that closes a subtle but important reliability hole: a deleted session row could be recreated later by stale post-run persistence. The fix landed in PR #94138, titled "fix(session): prevent stale finalizer from recreating deleted session rows."
This is the kind of bug that matters most in long-running agent environments. Users may delete, reset, or rotate a session because they want a clean boundary. If a lingering finalizer writes metadata after that boundary, the runtime can bring old state back into view.
The merged change fences those writes by the session identity observed at run start. That gives OpenClaw a cleaner rule: old writers can finish, but they cannot resurrect a session after a newer lifecycle decision has already won.
What Changed
The PR summary says the fix stops stale post-run finalizers from recreating a row after sessions.delete removes it. It also fences metadata, transcript persistence, CLI compaction, and post-delivery cleanup writes by session identity.
That scope is broader than one delete path. OpenClaw has several places where a run can leave behind useful bookkeeping:
- Metadata updates after an agent turn
- Transcript persistence
- CLI compaction state
- Post-delivery cleanup
- Session accessor updates
Each of those writes is normal while the session is still current. The risk appears when the session has been deleted or reset before the writer gets its turn. PR #94138 keeps normal rotation working while rejecting stale writers with the old identity.
Why Operators Should Care
Session lifecycle bugs are easy to underestimate because they rarely look dramatic. They tend to show up as confusing state: an old row returns, a transcript seems to reappear, or an agent session looks alive after cleanup.
For personal OpenClaw installs, that is annoying. For shared or automated deployments, it becomes an auditability problem. Session deletion and reset are control-plane operations. They should be durable, visible, and difficult for unrelated post-run cleanup work to undo.
This patch is especially relevant because OpenClaw has been moving more session state behind storage-neutral accessors. PR #93659, also merged today, adds a reset/delete lifecycle boundary so persisted entry changes and transcript transitions can be represented as one backend-owned operation.
Taken together, the two PRs point in the same direction: OpenClaw is preparing session lifecycle behavior for more transactional storage without breaking the current file-backed runtime.
Tested With Focused Session Suites
The PR includes concrete validation. Its verification list reports 235 focused tests across session-store, post-run metadata, transcript, compaction, CLI, ACP, and command paths.
It also cites a Blacksmith Testbox run for gateway delete lifecycle and session lifecycle suites, with 98 passing tests. The behavior proof says stale writers with the old session identity are rejected after deletion or a competing reset, while valid new sessions and normal rotation remain writable.
That proof is worth calling out because this is not only a unit-level cleanup. The test target is the actual gateway and session lifecycle code path where stale post-run persistence would have caused real operational confusion.
The Takeaway
OpenClaw's session model is getting stricter around ownership and timing. That is good news for anyone using agents across daily sessions, reset flows, Mission Control-style dashboards, or long-running automations.
The immediate win is simple: when a session is deleted, stale finalizers should not bring it back. The longer-term win is architectural. Session reset, delete, transcript archive, and storage migration work now have a clearer boundary to build on.
Sources: OpenClaw PR #94138, OpenClaw PR #93659, and the OpenClaw repository.