Skip to content

fix: isolate detached command context from parent cancellation#179

Open
mason5052 wants to merge 3 commits intovxcontrol:masterfrom
mason5052:fix/detached-cmd-context-isolation
Open

fix: isolate detached command context from parent cancellation#179
mason5052 wants to merge 3 commits intovxcontrol:masterfrom
mason5052:fix/detached-cmd-context-isolation

Conversation

@mason5052
Copy link
Contributor

@mason5052 mason5052 commented Mar 6, 2026

Description of the Change

Problem

Detached terminal commands (detach=true) inherit the parent context. When the parent context is canceled (e.g., agent delegation timeout after ~2.5 minutes), the detached goroutine's ctx.Done() fires in getExecResult and kills the background command, even though the command has its own timeout (300-1200 seconds).

This makes agent delegation effectively unusable for commands that take more than ~2.5 minutes (which is most penetration testing tasks like nmap scans).

Closes #176

Solution

Use context.WithoutCancel(ctx) (Go 1.21+) for the detached goroutine. This:

  • Preserves context values (tracing spans, logrus fields, observability data)
  • Prevents parent cancellation from propagating to the background command
  • Keeps the command's own timeout working (context.WithTimeout in getExecResult)

Non-detached commands are unchanged -- they still use the original ctx and respect parent cancellation as before.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)

Areas Affected

  • Core Services (Backend API)

Testing and Verification

Test Configuration

  • PentAGI Version: master
  • Go Version: 1.24

Test Steps

  1. Confirmed context.WithoutCancel is available in Go 1.24 (introduced in Go 1.21)
  2. Verified non-detached path (last line of ExecCommand) still uses original ctx
  3. Verified detached goroutine now uses isolated context with own timeout
  4. Confirmed context values (observability, logging via t.tlp.PutMsg) are preserved through WithoutCancel
  5. Verified getExecResult's defer cancel() still prevents goroutine leak

Security Considerations

No security impact. The change only affects context propagation for background commands. Commands still terminate when their own timeout expires.

Checklist

  • My code follows the project's coding standards
  • All new and existing tests pass
  • I have run go fmt and go vet
  • Security implications considered
  • Changes are backward compatible

@mason5052
fix: isolate detached command context from parent cancellation
99c4542 
Detached terminal commands (detach=true) inherit the parent context.
When the parent context is canceled (e.g., agent delegation timeout),
the detached goroutine's ctx.Done() fires and kills the background
command, even though it has its own timeout.

Use context.WithoutCancel(ctx) for the detached goroutine. This
preserves context values (tracing, logging) but prevents parent
cancellation from propagating. The command's own timeout via
context.WithTimeout in getExecResult continues to work.

Non-detached commands are unchanged and still respect parent
cancellation.

Closes vxcontrol#176

Signed-off-by: mason5052 <ehehwnwjs5052@gmail.com>
Copilot AI review requested due to automatic review settings March 6, 2026 00:45
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes detached terminal commands (detach=true) being prematurely canceled when the parent context is canceled (e.g., agent delegation timeout), by isolating the detached goroutine’s context from parent cancellation while preserving context values.

Changes:

  • Create a detached context via context.WithoutCancel(ctx) for background execution.
  • Use the detached context when waiting for exec results in the detached goroutine.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

backend/pkg/tools/terminal.go
Comment on lines 176 to +180
resultChan := make(chan execResult, 1)
detachedCtx := context.WithoutCancel(ctx)

go func() {
output, err := t.getExecResult(ctx, createResp.ID, timeout)
output, err := t.getExecResult(detachedCtx, createResp.ID, timeout)
Copy link

Copilot AI Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new detached execution behavior (using context.WithoutCancel) isn’t covered by tests. Since other tools in this package have unit tests, consider adding a terminal ExecCommand test that cancels the parent ctx and asserts the detached goroutine continues (e.g., via a mock dockerClient that would otherwise abort when ctx.Done() closes), while the command still stops on its own timeout.

Copilot uses AI. Check for mistakes.
Copy link
Contributor Author

@mason5052 mason5052 Mar 6, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Valid suggestion. However, writing a meaningful test for this requires mocking the Docker client (ContainerExecCreate, ContainerExecAttach, etc.) and verifying goroutine behavior under cancellation -- which is fairly involved and would require test infrastructure that does not exist yet in this package. For a 2-line bugfix that uses an idiomatic Go pattern (context.WithoutCancel), I think the current verification (manual code review + go vet + build) is proportionate. Happy to add tests in a follow-up PR if the maintainers prefer.

@mason5052 mason5052 mentioned this pull request Mar 6, 2026
Open
7 tasks
mason5052 added 2 commits March 5, 2026 21:29
@mason5052
test: add context cancellation tests for detached command isolation
d29daba 
Validates the core fix: detached goroutine must survive parent context
cancellation (context.WithoutCancel behavior).

TestExecCommandDetachSurvivesParentCancel:
- Starts detach=true command, cancels parent ctx after quick return
- Asserts goroutine does NOT see cancellation (ctxWasCanceled=false)
- This test would FAIL without context.WithoutCancel

TestExecCommandNonDetachRespectsParentCancel:
- Starts detach=false command, cancels parent ctx after 200ms
- Asserts command DOES fail with context error
- Ensures WithoutCancel was NOT applied to non-detach path

Signed-off-by: mason5052 <ehehwnwjs5052@gmail.com>
@mason5052
Rename mock type to avoid cross-PR symbol collision
018a2fb 
Rename mockTermLogProvider to contextTestTermLogProvider in
terminal_context_test.go to prevent redeclaration error when
both PR vxcontrol#179 and PR vxcontrol#181 are merged into the same package.

Signed-off-by: mason5052 <ehehwnwjs5052@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Agent delegation context canceled — detached commands inherit parent context

2 participants

@mason5052