Improve error handling and logging across worker services (#528)

* fix: prevent memory_session_id from equaling content_session_id

The bug: memory_session_id was initialized to contentSessionId as a
"placeholder for FK purposes". This caused the SDK resume logic to
inject memory agent messages into the USER's Claude Code transcript,
corrupting their conversation history.

Root cause:
- SessionStore.createSDKSession initialized memory_session_id = contentSessionId
- SDKAgent checked memorySessionId !== contentSessionId but this check
  only worked if the session was fetched fresh from DB

The fix:
- SessionStore: Initialize memory_session_id as NULL, not contentSessionId
- SDKAgent: Simple truthy check !!session.memorySessionId (NULL = fresh start)
- Database migration: Ran UPDATE to set memory_session_id = NULL for 1807
  existing sessions that had the bug

Also adds [ALIGNMENT] logging across the session lifecycle to help debug
session continuity issues:
- Hook entry: contentSessionId + promptNumber
- DB lookup: contentSessionId → memorySessionId mapping proof
- Resume decision: shows which memorySessionId will be used for resume
- Capture: logs when memorySessionId is captured from first SDK response

UI: Added "Alignment" quick filter button in LogsModal to show only
alignment logs for debugging session continuity.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* refactor: improve error handling in worker-service.ts

- Fix GENERIC_CATCH anti-patterns by logging full error objects instead of just messages
- Add [ANTI-PATTERN IGNORED] markers for legitimate cases (cleanup, hot paths)
- Simplify error handling comments to be more concise
- Improve httpShutdown() error discrimination for ECONNREFUSED
- Reduce LARGE_TRY_BLOCK issues in initialization code

Part of anti-pattern cleanup plan (132 total issues)

* refactor: improve error logging in SearchManager.ts

- Pass full error objects to logger instead of just error.message
- Fixes PARTIAL_ERROR_LOGGING anti-patterns (10 instances)
- Better debugging visibility when Chroma queries fail

Part of anti-pattern cleanup (133 remaining)

* refactor: improve error logging across SessionStore and mcp-server

- SessionStore.ts: Fix error logging in column rename utility
- mcp-server.ts: Log full error objects instead of just error.message
- Improve error handling in Worker API calls and tool execution

Part of anti-pattern cleanup (133 remaining)

* Refactor hooks to streamline error handling and loading states

- Simplified error handling in useContextPreview by removing try-catch and directly checking response status.
- Refactored usePagination to eliminate try-catch, improving readability and maintaining error handling through response checks.
- Cleaned up useSSE by removing unnecessary try-catch around JSON parsing, ensuring clarity in message handling.
- Enhanced useSettings by streamlining the saving process, removing try-catch, and directly checking the result for success.

* refactor: add error handling back to SearchManager Chroma calls

- Wrap queryChroma calls in try-catch to prevent generator crashes
- Log Chroma errors as warnings and fall back gracefully
- Fixes generator failures when Chroma has issues
- Part of anti-pattern cleanup recovery

* feat: Add generator failure investigation report and observation duplication regression report

- Created a comprehensive investigation report detailing the root cause of generator failures during anti-pattern cleanup, including the impact, investigation process, and implemented fixes.
- Documented the critical regression causing observation duplication due to race conditions in the SDK agent, outlining symptoms, root cause analysis, and proposed fixes.

* fix: address PR #528 review comments - atomic cleanup and detector improvements

This commit addresses critical review feedback from PR #528:

## 1. Atomic Message Cleanup (Fix Race Condition)

**Problem**: SessionRoutes.ts generator error handler had race condition
- Queried messages then marked failed in loop
- If crash during loop → partial marking → inconsistent state

**Solution**:
- Added `markSessionMessagesFailed()` to PendingMessageStore.ts
- Single atomic UPDATE statement replaces loop
- Follows existing pattern from `resetProcessingToPending()`

**Files**:
- src/services/sqlite/PendingMessageStore.ts (new method)
- src/services/worker/http/routes/SessionRoutes.ts (use new method)

## 2. Anti-Pattern Detector Improvements

**Problem**: Detector didn't recognize logger.failure() method
- Lines 212 & 335 already included "failure"
- Lines 112-113 (PARTIAL_ERROR_LOGGING detection) did not

**Solution**: Updated regex patterns to include "failure" for consistency

**Files**:
- scripts/anti-pattern-test/detect-error-handling-antipatterns.ts

## 3. Documentation

**PR Comment**: Added clarification on memory_session_id fix location
- Points to SessionStore.ts:1155
- Explains why NULL initialization prevents message injection bug

## Review Response

Addresses "Must Address Before Merge" items from review:
✅ Clarified memory_session_id bug fix location (via PR comment)
✅ Made generator error handler message cleanup atomic
❌ Deferred comprehensive test suite to follow-up PR (keeps PR focused)

## Testing

- Build passes with no errors
- Anti-pattern detector runs successfully
- Atomic cleanup follows proven pattern from existing methods

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: FOREIGN KEY constraint and missing failed_at_epoch column

Two critical bugs fixed:

1. Missing failed_at_epoch column in pending_messages table
   - Added migration 20 to create the column
   - Fixes error when trying to mark messages as failed

2. FOREIGN KEY constraint failed when storing observations
   - All three agents (SDK, Gemini, OpenRouter) were passing
     session.contentSessionId instead of session.memorySessionId
   - storeObservationsAndMarkComplete expects memorySessionId
   - Added null check and clear error message

However, observations still not saving - see investigation report.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Refactor hook input parsing to improve error handling

- Added a nested try-catch block in new-hook.ts, save-hook.ts, and summary-hook.ts to handle JSON parsing errors more gracefully.
- Replaced direct error throwing with logging of the error details using logger.error.
- Ensured that the process exits cleanly after handling input in all three hooks.

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

src/services/worker-service.ts

@@ -53,21 +53,24 @@ function writePidFile(info: PidInfo): void {
 }
 
 function readPidFile(): PidInfo | null {
+  if (!existsSync(PID_FILE)) return null;
+
   try {
-    if (!existsSync(PID_FILE)) return null;
     return JSON.parse(readFileSync(PID_FILE, 'utf-8'));
   } catch (error) {
-    logger.warn('SYSTEM', 'Failed to read PID file', { path: PID_FILE, error: (error as Error).message });
+    logger.warn('SYSTEM', 'Failed to parse PID file', { path: PID_FILE }, error as Error);
     return null;
   }
 }
 
 function removePidFile(): void {
+  if (!existsSync(PID_FILE)) return;
+
   try {
-    if (existsSync(PID_FILE)) unlinkSync(PID_FILE);
+    unlinkSync(PID_FILE);
   } catch (error) {
+    // [ANTI-PATTERN IGNORED]: Cleanup function - PID file removal failure is non-critical
     logger.warn('SYSTEM', 'Failed to remove PID file', { path: PID_FILE }, error as Error);
-    return; // Non-critical cleanup, OK to fail
   }
 }
 
@@ -129,8 +132,8 @@ export async function updateCursorContextForProject(projectName: string, port: n
     writeContextFile(entry.workspacePath, context);
     logger.debug('CURSOR', 'Updated context file', { projectName, workspacePath: entry.workspacePath });
   } catch (error) {
+    // [ANTI-PATTERN IGNORED]: Background context update - failure is non-critical, user workflow continues
     logger.warn('CURSOR', 'Failed to update context file', { projectName }, error as Error);
-    return; // Non-critical context update, OK to fail
   }
 }
 
@@ -184,10 +187,12 @@ async function httpShutdown(port: number): Promise<boolean> {
     return true;
   } catch (error) {
     // Connection refused is expected if worker already stopped
-    const isConnectionRefused = (error as Error).message?.includes('ECONNREFUSED');
-    if (!isConnectionRefused) {
-      logger.warn('SYSTEM', 'Shutdown request failed', { port, error: (error as Error).message });
+    if (error instanceof Error && error.message?.includes('ECONNREFUSED')) {
+      logger.debug('SYSTEM', 'Worker already stopped', { port }, error);
+      return false;
     }
+    // Unexpected error - log full details
+    logger.warn('SYSTEM', 'Shutdown request failed unexpectedly', { port }, error as Error);
     return false;
   }
 }
@@ -366,8 +371,9 @@ export class WorkerService {
         await this.shutdown();
         process.exit(0);
       } catch (error) {
+        // Top-level signal handler - log any shutdown error and exit
         logger.error('SYSTEM', 'Error during shutdown', {}, error as Error);
-        process.exit(1); // Exit with error code - this terminates execution
+        process.exit(1);
       }
     };
 
@@ -434,38 +440,20 @@ export class WorkerService {
       // SKILL.md is at plugin/skills/mem-search/SKILL.md
       // Operations are at plugin/skills/mem-search/operations/*.md
 
-      try {
-        let content: string;
+      let content: string;
 
-        if (operation) {
-          // Load specific operation file
-          const operationPath = path.join(__dirname, '../skills/mem-search/operations', `${operation}.md`);
-          content = await fs.promises.readFile(operationPath, 'utf-8');
-        } else {
-          // Load SKILL.md and extract section based on topic (backward compatibility)
-          const skillPath = path.join(__dirname, '../skills/mem-search/SKILL.md');
-          const fullContent = await fs.promises.readFile(skillPath, 'utf-8');
-          content = this.extractInstructionSection(fullContent, topic);
-        }
-
-        // Return in MCP format
-        res.json({
-          content: [{
-            type: 'text',
-            text: content
-          }]
-        });
-      } catch (error) {
-        // [POSSIBLY RELEVANT]: API must respond even on error, log full error and return error response
-        logger.error('WORKER', 'Failed to load instructions', { topic, operation }, error as Error);
-        res.status(500).json({
-          content: [{
-            type: 'text',
-            text: `Error loading instructions: ${error instanceof Error ? error.message : 'Unknown error'}`
-          }],
-          isError: true
-        });
+      if (operation) {
+        const operationPath = path.join(__dirname, '../skills/mem-search/operations', `${operation}.md`);
+        content = await fs.promises.readFile(operationPath, 'utf-8');
+      } else {
+        const skillPath = path.join(__dirname, '../skills/mem-search/SKILL.md');
+        const fullContent = await fs.promises.readFile(skillPath, 'utf-8');
+        content = this.extractInstructionSection(fullContent, topic);
       }
+
+      res.json({
+        content: [{ type: 'text', text: content }]
+      });
     });
 
     // Admin endpoints for process management (localhost-only)
@@ -522,31 +510,19 @@ export class WorkerService {
     // NOTE: This duplicates logic from SearchRoutes.handleContextInject by design,
     // as we need the route available immediately before SearchRoutes is initialized
     this.app.get('/api/context/inject', async (req, res, next) => {
-      try {
-        // Wait for initialization to complete (with timeout)
-        const timeoutMs = 300000; // 5 minute timeout for slow systems
-        const timeoutPromise = new Promise((_, reject) => 
-          setTimeout(() => reject(new Error('Initialization timeout')), timeoutMs)
-        );
-        
-        await Promise.race([this.initializationComplete, timeoutPromise]);
+      const timeoutMs = 300000; // 5 minute timeout for slow systems
+      const timeoutPromise = new Promise((_, reject) =>
+        setTimeout(() => reject(new Error('Initialization timeout')), timeoutMs)
+      );
 
-        // If searchRoutes is still null after initialization, something went wrong
-        if (!this.searchRoutes) {
-          res.status(503).json({ error: 'Search routes not initialized' });
-          return;
-        }
+      await Promise.race([this.initializationComplete, timeoutPromise]);
 
-        // Delegate to the SearchRoutes handler which is registered after this one
-        // This avoids code duplication and "headers already sent" errors
-        next();
-      } catch (error) {
-        // [POSSIBLY RELEVANT]: API must respond even on error, log full error and return error response
-        logger.error('WORKER', 'Context inject handler failed', {}, error as Error);
-        if (!res.headersSent) {
-          res.status(500).json({ error: error instanceof Error ? error.message : 'Internal server error' });
-        }
+      if (!this.searchRoutes) {
+        res.status(503).json({ error: 'Search routes not initialized' });
+        return;
       }
+
+      next(); // Delegate to SearchRoutes handler
     });
   }
 
@@ -663,10 +639,9 @@ export class WorkerService {
    */
   private async initializeBackground(): Promise<void> {
     try {
-      // Clean up any orphaned chroma-mcp processes BEFORE starting our own
       await this.cleanupOrphanedProcesses();
 
-      // Load mode configuration (must happen before database to set observation types)
+      // Load mode configuration
       const { ModeManager } = await import('./domain/ModeManager.js');
       const { SettingsDefaultsManager } = await import('../shared/SettingsDefaultsManager.js');
       const { USER_SETTINGS_PATH } = await import('../shared/paths.js');
@@ -676,20 +651,18 @@ export class WorkerService {
       ModeManager.getInstance().loadMode(modeId);
       logger.info('SYSTEM', `Mode loaded: ${modeId}`);
 
-      // Initialize database (once, stays open)
       await this.dbManager.initialize();
 
       // Recover stuck messages from previous crashes
-      // Messages stuck in 'processing' state are reset to 'pending' for reprocessing
       const { PendingMessageStore } = await import('./sqlite/PendingMessageStore.js');
       const pendingStore = new PendingMessageStore(this.dbManager.getSessionStore().db, 3);
-      const STUCK_THRESHOLD_MS = 5 * 60 * 1000; // 5 minutes
+      const STUCK_THRESHOLD_MS = 5 * 60 * 1000;
       const resetCount = pendingStore.resetStuckMessages(STUCK_THRESHOLD_MS);
       if (resetCount > 0) {
         logger.info('SYSTEM', `Recovered ${resetCount} stuck messages from previous session`, { thresholdMinutes: 5 });
       }
 
-      // Initialize search services (requires initialized database)
+      // Initialize search services
       const formattingService = new FormattingService();
       const timelineService = new TimelineService();
       const searchManager = new SearchManager(
@@ -700,10 +673,10 @@ export class WorkerService {
         timelineService
       );
       this.searchRoutes = new SearchRoutes(searchManager);
-      this.searchRoutes.setupRoutes(this.app); // Setup search routes now that SearchManager is ready
+      this.searchRoutes.setupRoutes(this.app);
       logger.info('WORKER', 'SearchManager initialized and search routes registered');
 
-      // Connect to MCP server with timeout guard
+      // Connect to MCP server
       const mcpServerPath = path.join(__dirname, 'mcp-server.cjs');
       const transport = new StdioClientTransport({
         command: 'node',
@@ -711,7 +684,6 @@ export class WorkerService {
         env: process.env
       });
 
-      // Add timeout guard to prevent hanging on MCP connection (5 minutes for slow systems)
       const MCP_INIT_TIMEOUT_MS = 300000;
       const mcpConnectionPromise = this.mcpClient.connect(transport);
       const timeoutPromise = new Promise<never>((_, reject) =>
@@ -722,12 +694,11 @@ export class WorkerService {
       this.mcpReady = true;
       logger.success('WORKER', 'Connected to MCP server');
 
-      // Signal that initialization is complete
       this.initializationCompleteFlag = true;
       this.resolveInitialization();
       logger.info('SYSTEM', 'Background initialization complete');
 
-      // Auto-recover orphaned queues on startup (process pending work from previous sessions)
+      // Auto-recover orphaned queues (fire-and-forget with error logging)
       this.processPendingQueues(50).then(result => {
         if (result.sessionsStarted > 0) {
           logger.info('SYSTEM', `Auto-recovered ${result.sessionsStarted} sessions with pending work`, {
@@ -740,8 +711,8 @@ export class WorkerService {
         logger.warn('SYSTEM', 'Auto-recovery of pending queues failed', {}, error as Error);
       });
     } catch (error) {
+      // Initialization failure - log and rethrow to keep readiness check failing
       logger.error('SYSTEM', 'Background initialization failed', {}, error as Error);
-      // Don't resolve - let the promise remain pending so readiness check continues to fail
       throw error;
     }
   }
@@ -958,10 +929,11 @@ export class WorkerService {
         .trim()
         .split('\n')
         .map(s => parseInt(s.trim(), 10))
-        .filter(n => !isNaN(n) && Number.isInteger(n) && n > 0); // SECURITY: Validate each PID
+        .filter(n => !isNaN(n) && Number.isInteger(n) && n > 0);
     } catch (error) {
-      logger.warn('SYSTEM', 'Failed to enumerate child processes', { parentPid, error: (error as Error).message });
-      return []; // Fail safely - continue shutdown without child process cleanup
+      // Shutdown cleanup - failure is non-critical, continue without child process cleanup
+      logger.warn('SYSTEM', 'Failed to enumerate child processes', { parentPid }, error as Error);
+      return [];
     }
   }