patchrelay 0.75.3 → 0.77.0

package/dist/run-launcher.js

@@ -4,6 +4,7 @@ import { buildRunFailureActivity } from "./linear-session-reporting.js";
 import { loadPatchRelayRepoPrompting } from "./patchrelay-customization.js";
 import { buildRunPrompt as buildPatchRelayRunPrompt, findDisallowedPatchRelayPromptSectionIds, findUnknownPatchRelayPromptSectionIds, mergePromptCustomizationLayers, resolvePromptLayers, } from "./prompting/patchrelay.js";
 import { sanitizeDiagnosticText } from "./utils.js";
+const WRITER = "run-launcher";
 function slugify(value) {
     return value.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 60);
 }
@@ -128,7 +129,7 @@ export class RunLauncher {
                     ? params.effectiveContext.failureHeadSha
                     : typeof params.effectiveContext?.headSha === "string" ? params.effectiveContext.headSha : undefined;
                 const failureSignature = typeof params.effectiveContext?.failureSignature === "string" ? params.effectiveContext.failureSignature : undefined;
-                this.db.issues.upsertIssue({
+                const claimUpdate = {
                     projectId: params.item.projectId,
                     linearIssueId: params.item.issueId,
                     pendingRunType: null,
@@ -148,7 +149,18 @@ export class RunLauncher {
                             lastAttemptedFailureAt: new Date().toISOString(),
                         }
                         : {}),
+                };
+                const claimCommit = this.db.issueSessions.commitIssueState({
+                    writer: WRITER,
+                    // `wakeIssue` is the freshest row this claim transaction has seen
+                    // (materializeLegacyPendingWake may have bumped the version).
+                    expectedVersion: wakeIssue.version,
+                    update: claimUpdate,
+                    // Never steal a slot another writer claimed concurrently.
+                    onConflict: (current) => (current.activeRunId == null ? claimUpdate : undefined),
                 });
+                if (claimCommit.outcome !== "applied")
+                    return undefined;
                 this.db.issueSessions.consumeIssueSessionEvents(params.item.projectId, params.item.issueId, freshWake.eventIds, created.id);
                 this.db.issueSessions.setIssueSessionLastWakeReason(params.item.projectId, params.item.issueId, freshWake.wakeReason ?? null);
                 return created;
@@ -201,8 +213,17 @@ export class RunLauncher {
                 const thread = await this.codex.startThread({ cwd: params.worktreePath });
                 threadId = thread.id;
                 createdThreadForRun = true;
-                this.db.issueSessions.upsertIssueWithLease({ projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId }, { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, threadId });
+                this.db.issueSessions.commitIssueState({
+                    writer: WRITER,
+                    lease: { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId },
+                    update: { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, threadId },
+                });
             }
+            // Plan §B5: persist the thread id on the run row BEFORE startTurn is
+            // awaited, so a turn/completed notification arriving while the turn is
+            // starting can already resolve the run by thread id. The orchestrator
+            // re-records it (with the turn id) after the launch returns.
+            this.recordRunThread(params, threadId, parentThreadId);
             this.db.runs.updateLaunchPhase(params.run.id, "thread_started");
             try {
                 const turn = await this.codex.startTurn({ threadId, cwd: params.worktreePath, input: params.prompt });
@@ -216,7 +237,14 @@ export class RunLauncher {
                     const thread = await this.codex.startThread({ cwd: params.worktreePath });
                     threadId = thread.id;
                     createdThreadForRun = true;
-                    this.db.issueSessions.upsertIssueWithLease({ projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId }, { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, threadId });
+                    this.db.issueSessions.commitIssueState({
+                        writer: WRITER,
+                        lease: { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId },
+                        update: { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, threadId },
+                    });
+                    // Plan §B5: re-point the run row at the fresh thread before the
+                    // retried startTurn, for the same notification race.
+                    this.recordRunThread(params, threadId, parentThreadId);
                     const turn = await this.codex.startTurn({ threadId, cwd: params.worktreePath, input: params.prompt });
                     turnId = turn.turnId;
                     this.db.runs.updateLaunchPhase(params.run.id, "turn_started");
@@ -236,15 +264,25 @@ export class RunLauncher {
             const lostLease = error instanceof Error && error.name === "IssueSessionLeaseLostError";
             if (!lostLease) {
                 const nextState = resolveFailureFactoryState(params.runType);
-                this.db.issueSessions.finishRunWithLease({ projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId }, params.run.id, {
-                    status: "failed",
-                    failureReason: message,
-                });
-                this.db.issueSessions.upsertIssueWithLease({ projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId }, {
-                    projectId: params.project.id,
-                    linearIssueId: params.issue.linearIssueId,
-                    activeRunId: null,
-                    factoryState: nextState,
+                // Issue clear + run-terminal write ride in one transaction; the run
+                // finish is gated on the issue commit so a lost lease skips both.
+                this.db.transaction(() => {
+                    const commit = this.db.issueSessions.commitIssueState({
+                        writer: WRITER,
+                        lease: { projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId },
+                        update: {
+                            projectId: params.project.id,
+                            linearIssueId: params.issue.linearIssueId,
+                            activeRunId: null,
+                            factoryState: nextState,
+                        },
+                    });
+                    if (commit.outcome !== "applied")
+                        return;
+                    this.db.runs.finishRun(params.run.id, {
+                        status: "failed",
+                        failureReason: message,
+                    });
                 });
             }
             this.logger.error({ issueKey: params.issue.issueKey, runType: params.runType, error: message }, `Failed to launch ${params.runType} run`);
@@ -255,6 +293,19 @@ export class RunLauncher {
             throw error;
         }
     }
+    // Persist the Codex thread id on the run row under the launch lease.
+    // Losing the lease here aborts the launch the same way assertLaunchLease
+    // does — the run row must not be touched by a worker that no longer owns
+    // the session.
+    recordRunThread(params, threadId, parentThreadId) {
+        const recorded = this.db.issueSessions.updateRunThreadWithLease({ projectId: params.project.id, linearIssueId: params.issue.linearIssueId, leaseId: params.leaseId }, params.run.id, { threadId, ...(parentThreadId ? { parentThreadId } : {}) });
+        if (recorded)
+            return;
+        const error = new Error("Lost issue-session lease while recording the Codex thread id");
+        error.name = "IssueSessionLeaseLostError";
+        this.logger.warn({ runId: params.run.id, issueId: params.issue.linearIssueId }, "Aborting run launch after losing issue-session lease while recording the Codex thread id");
+        throw error;
+    }
     async setInitialImplementationGoal(threadId, issue) {
         const goalSetter = this.codex.setThreadGoal;
         if (typeof goalSetter !== "function") {

package/dist/run-notification-handler.js

@@ -1,7 +1,7 @@
 import { buildRunFailureActivity } from "./linear-session-reporting.js";
 import { extractTurnId, resolveRunCompletionStatus } from "./run-reporting.js";
-import { resolveRecoverablePostRunState } from "./interrupted-run-recovery.js";
 import { resolveFailureFactoryState } from "./reactive-pr-state.js";
+const WRITER = "run-notification-handler";
 const DEFAULT_PUBLISH_COMMAND_TIMEOUT_MS = 10 * 60 * 1000;
 export class RunNotificationHandler {
     config;
@@ -90,19 +90,30 @@ export class RunNotificationHandler {
                 return;
             }
             const nextState = resolveFailureFactoryState(run.runType);
+            const failureUpdate = {
+                projectId: run.projectId,
+                linearIssueId: run.linearIssueId,
+                activeRunId: null,
+                factoryState: nextState,
+            };
             const updated = this.withHeldIssueSessionLease(run.projectId, run.linearIssueId, (lease) => {
-                this.db.issueSessions.finishRunWithLease(lease, run.id, {
+                const commit = this.db.issueSessions.commitIssueState({
+                    writer: WRITER,
+                    lease,
+                    // The issue row was read before awaiting the failed-run recovery;
+                    // only clear the slot if it still belongs to this run.
+                    expectedVersion: issue.version,
+                    update: failureUpdate,
+                    onConflict: (current) => (current.activeRunId === run.id ? failureUpdate : undefined),
+                });
+                if (commit.outcome !== "applied")
+                    return false;
+                this.db.runs.finishRun(run.id, {
                     status: "failed",
                     threadId,
                     ...(completedTurnId ? { turnId: completedTurnId } : {}),
                     failureReason,
                 });
-                this.db.issueSessions.upsertIssueWithLease(lease, {
-                    projectId: run.projectId,
-                    linearIssueId: run.linearIssueId,
-                    activeRunId: null,
-                    factoryState: nextState,
-                });
                 return true;
             });
             if (!updated) {
@@ -134,7 +145,6 @@ export class RunNotificationHandler {
             thread,
             threadId,
             ...(completedTurnId ? { completedTurnId } : {}),
-            resolveRecoverableRunState: resolveRecoverablePostRunState,
         });
         this.activeThreadId = undefined;
     }

package/dist/run-orchestrator.js

@@ -9,16 +9,16 @@ import { IdleIssueReconciler } from "./idle-reconciliation.js";
 import { LinearSessionSync } from "./linear-session-sync.js";
 import { recoverLinearAgentActivityContext } from "./linear-agent-activity-recovery.js";
 import { IssueSessionLeaseService } from "./issue-session-lease-service.js";
-import { InterruptedRunRecovery } from "./interrupted-run-recovery.js";
 import { RunCompletionPolicy } from "./run-completion-policy.js";
+import { RunFailurePolicy } from "./run-failure-policy.js";
 import { RunFinalizer } from "./run-finalizer.js";
 import { RunLauncher } from "./run-launcher.js";
 import { RunNotificationHandler } from "./run-notification-handler.js";
 import { RunReconciler } from "./run-reconciler.js";
-import { RunRecoveryService } from "./run-recovery-service.js";
 import { RunWakePlanner } from "./run-wake-planner.js";
 import { WakeDispatcher } from "./wake-dispatcher.js";
-import { getRemainingZombieRecoveryDelayMs } from "./zombie-recovery.js";
+import { settleRun } from "./run-settlement.js";
+import { getRemainingZombieRecoveryDelayMs } from "./run-budgets.js";
 import { classifyIssue } from "./issue-class.js";
 import { buildIssueTriageHash, IssueTriageService } from "./issue-triage.js";
 import { loadConfig } from "./config.js";
@@ -26,10 +26,7 @@ import { CodexThreadMaterializingError, isThreadMaterializingError } from "./cod
 import { emitTelemetry, noopTelemetry } from "./telemetry.js";
 import { LinearIssueProjectionService } from "./linear-issue-projection.js";
 import { RunAdmissionController } from "./run-admission-controller.js";
-// A terminal run must hold the active slot for at least this long before
-// the orchestrator force-clears it, so we never race the normal
-// notification-driven finalize that runs within seconds of completion.
-const DANGLING_ACTIVE_RUN_MIN_AGE_MS = 2 * 60_000;
+const WRITER = "run-orchestrator";
 function lowerCaseFirst(value) {
     return value ? `${value.slice(0, 1).toLowerCase()}${value.slice(1)}` : value;
 }
@@ -61,9 +58,8 @@ export class RunOrchestrator {
     leaseService;
     runFinalizer;
     runLauncher;
-    runRecovery;
+    runFailurePolicy;
     runWakePlanner;
-    interruptedRunRecovery;
     runCompletionPolicy;
     completionCheck;
     issueTriage;
@@ -85,7 +81,6 @@ export class RunOrchestrator {
     recoveryPorts = {
         failRunAndClear: (run, message, nextState) => this.failRunAndClear(run, message, nextState),
         restoreIdleWorktree: (issue) => this.restoreIdleWorktree(issue),
-        recoverOrEscalate: (issue, runType, reason) => this.recoverOrEscalate(issue, runType, reason),
     };
     activeSessionLeases;
     botIdentity;
@@ -137,9 +132,8 @@ export class RunOrchestrator {
         this.runFinalizer = new RunFinalizer(db, logger, this.linearSync, this.wakeDispatcher, this.leasePorts.withHeldLease, this.leasePorts.releaseLease, (lease, issue, runType, context, dedupeScope) => this.appendWakeEventWithLease(lease, issue, runType, context, dedupeScope), this.recoveryPorts.failRunAndClear, this.runCompletionPolicy, this.completionCheck, feed);
         this.runLauncher = new RunLauncher(config, db, codex, logger, this.worktreeManager);
         this.runNotificationHandler = new RunNotificationHandler(config, db, logger, this.linearSync, this.runFinalizer, this.threadPorts.readThreadWithRetry, this.leasePorts.withHeldLease, this.leasePorts.heartbeatLease, this.leasePorts.releaseLease, feed, { interruptTurn: (options) => codex.interruptTurn(options) });
-        this.runRecovery = new RunRecoveryService(db, logger, this.linearSync, this.leasePorts.withHeldLease, this.leasePorts.getHeldLease, (lease, issue, runType, context, dedupeScope) => this.appendWakeEventWithLease(lease, issue, runType, context, dedupeScope), this.leasePorts.releaseLease, (projectId, issueId) => this.enqueueIssue(projectId, issueId), feed);
-        this.interruptedRunRecovery = new InterruptedRunRecovery(db, logger, this.linearSync, this.leasePorts.withHeldLease, this.leasePorts.releaseLease, this.recoveryPorts.failRunAndClear, this.recoveryPorts.restoreIdleWorktree, this.runCompletionPolicy, (projectId, issueId) => this.enqueueIssue(projectId, issueId), feed);
-        this.runReconciler = new RunReconciler(db, logger, linearProvider, this.linearSync, this.interruptedRunRecovery, this.runFinalizer, this.leasePorts.withHeldLease, this.leasePorts.releaseLease, this.threadPorts.readThreadWithRetry, this.recoveryPorts.recoverOrEscalate, (projectId) => this.config.projects.find((project) => project.id === projectId)?.github?.repoFullName, feed);
+        this.runFailurePolicy = new RunFailurePolicy(db, logger, this.linearSync, this.leasePorts.withHeldLease, this.leasePorts.releaseLease, (lease, issue, runType, context, dedupeScope) => this.appendWakeEventWithLease(lease, issue, runType, context, dedupeScope), this.wakeDispatcher, this.recoveryPorts.restoreIdleWorktree, this.runCompletionPolicy, (projectId) => this.config.projects.find((project) => project.id === projectId), feed);
+        this.runReconciler = new RunReconciler(db, logger, linearProvider, this.linearSync, this.runFailurePolicy, this.runFinalizer, this.leasePorts.withHeldLease, this.leasePorts.releaseLease, this.threadPorts.readThreadWithRetry, (projectId) => this.config.projects.find((project) => project.id === projectId)?.github?.repoFullName, feed, telemetry);
         this.runWakePlanner = new RunWakePlanner(db);
         this.linearIssueProjection = new LinearIssueProjectionService(db, linearProvider, logger);
         this.runAdmission = new RunAdmissionController(db, this.linearIssueProjection);
@@ -224,14 +218,21 @@ export class RunOrchestrator {
             try {
                 const triage = await this.issueTriage.classify({ issue, childIssues });
                 if (triage) {
-                    return this.db.issues.upsertIssue({
-                        projectId: issue.projectId,
-                        linearIssueId: issue.linearIssueId,
-                        issueClass: triage.issueClass,
-                        issueClassSource: "triage",
-                        issueTriageHash: triageHash,
-                        issueTriageResultJson: JSON.stringify(triage),
+                    // The triage verdict is an external classifier response; persist it
+                    // unconditionally so a benign version bump during the (slow) triage
+                    // call cannot discard the result.
+                    const triageCommit = this.db.issueSessions.commitIssueState({
+                        writer: WRITER,
+                        update: {
+                            projectId: issue.projectId,
+                            linearIssueId: issue.linearIssueId,
+                            issueClass: triage.issueClass,
+                            issueClassSource: "triage",
+                            issueTriageHash: triageHash,
+                            issueTriageResultJson: JSON.stringify(triage),
+                        },
                     });
+                    return triageCommit.outcome === "applied" ? triageCommit.issue : issue;
                 }
             }
             catch (error) {
@@ -242,12 +243,22 @@ export class RunOrchestrator {
         const fallbackClassification = classification.issueClassSource === "triage" && !triageCacheFresh
             ? { issueClass: "implementation", issueClassSource: "heuristic" }
             : classification;
-        return this.db.issues.upsertIssue({
-            projectId: issue.projectId,
-            linearIssueId: issue.linearIssueId,
-            issueClass: fallbackClassification.issueClass,
-            issueClassSource: fallbackClassification.issueClassSource,
+        const fallbackCommit = this.db.issueSessions.commitIssueState({
+            writer: WRITER,
+            expectedVersion: issue.version,
+            update: {
+                projectId: issue.projectId,
+                linearIssueId: issue.linearIssueId,
+                issueClass: fallbackClassification.issueClass,
+                issueClassSource: fallbackClassification.issueClassSource,
+            },
+            // A concurrent writer is newer truth; the next pass reclassifies.
+            onConflict: () => undefined,
         });
+        if (fallbackCommit.outcome === "applied") {
+            return fallbackCommit.issue;
+        }
+        return (fallbackCommit.outcome === "conflict_skipped" ? fallbackCommit.issue : undefined) ?? issue;
     }
     // ─── Run ────────────────────────────────────────────────────────
     async run(item) {
@@ -309,7 +320,11 @@ export class RunOrchestrator {
             return;
         }
         if (issue.prState === "merged") {
-            this.db.issueSessions.upsertIssueWithLease({ projectId: issue.projectId, linearIssueId: issue.linearIssueId, leaseId }, { projectId: issue.projectId, linearIssueId: issue.linearIssueId, pendingRunType: null, factoryState: "done" });
+            this.db.issueSessions.commitIssueState({
+                writer: WRITER,
+                lease: { projectId: issue.projectId, linearIssueId: issue.linearIssueId, leaseId },
+                update: { projectId: issue.projectId, linearIssueId: issue.linearIssueId, pendingRunType: null, factoryState: "done" },
+            });
             this.leaseService.release(item.projectId, item.issueId);
             return;
         }
@@ -479,11 +494,15 @@ export class RunOrchestrator {
         }
         // Reset zombie recovery counter — this run started successfully
         if (issue.zombieRecoveryAttempts > 0) {
-            this.db.issueSessions.upsertIssueWithLease({ projectId: item.projectId, linearIssueId: item.issueId, leaseId }, {
-                projectId: item.projectId,
-                linearIssueId: item.issueId,
-                zombieRecoveryAttempts: 0,
-                lastZombieRecoveryAt: null,
+            this.db.issueSessions.commitIssueState({
+                writer: WRITER,
+                lease: { projectId: item.projectId, linearIssueId: item.issueId, leaseId },
+                update: {
+                    projectId: item.projectId,
+                    linearIssueId: item.issueId,
+                    zombieRecoveryAttempts: 0,
+                    lastZombieRecoveryAt: null,
+                },
             });
         }
         this.logger.info({ issueKey: issue.issueKey, runType, threadId, turnId }, `Started ${runType} run`);
@@ -563,10 +582,10 @@ export class RunOrchestrator {
         for (const run of this.db.runs.listRunningRuns()) {
             await this.reconcileRun(run);
         }
-        // Free any issue whose active slot is pinned to an already-terminal
+        // Settle any issue whose active slot is pinned to an already-terminal
         // run (post-run finalize interrupted by restart). Must run before the
         // idle reconciler so the freed issue is routed in this same pass.
-        this.finalizeDanglingActiveRuns();
+        this.settleDanglingActiveRuns();
         // Preemptively detect stuck merge-queue PRs (conflicts visible on
         // GitHub) and dispatch queue_repair before the Steward evicts.
         await this.queueHealthMonitor.reconcile();
@@ -579,62 +598,35 @@ export class RunOrchestrator {
     advanceIdleIssue(issue, newState, options) {
         this.idleReconciler.advanceIdleIssue(issue, newState, options);
     }
-    /**
-     * After a zombie/stale run is cleared, decide whether to re-enqueue
-     * or escalate. Checks: PR already merged → done; budget exhausted →
-     * escalate; backoff delay not elapsed → skip.
-     */
-    recoverOrEscalate(issue, runType, reason) {
-        this.runRecovery.recoverOrEscalate({
-            issue,
-            runType,
-            reason,
-            isRequestedChangesRunType,
-        });
-    }
-    // Clear a dangling active slot: an issue still pointing at an
+    // Settle a dangling active slot: an issue still pointing at an
     // already-terminal run via `activeRunId`. The post-run finalize was
     // interrupted (almost always a restart between marking the run
     // terminal and clearing the slot), so the run can never drive the
     // session forward, yet every idle/recovery pass skips the issue
-    // because `activeRunId` is set. We re-read under the issue-session
-    // lease and null the slot; the idle reconciler then routes the issue
-    // from GitHub truth (e.g. a missed changes_requested → review_fix).
-    finalizeDanglingActiveRuns() {
+    // because `activeRunId` is set. settleRun is idempotent and its slot
+    // clear is a predicate-guarded versioned commit, so no age gate is
+    // needed — it cannot destructively race the notification finalizer.
+    // The idle reconciler then routes the issue from GitHub truth (e.g. a
+    // missed changes_requested → review_fix).
+    settleDanglingActiveRuns() {
         for (const issue of this.db.issues.listIssuesWithTerminalActiveRun()) {
             if (issue.activeRunId === undefined)
                 continue;
             const run = this.db.runs.getRunById(issue.activeRunId);
-            // The query already filters to terminal runs; this guards against a
-            // race where the run advanced back to active between query and read.
-            if (!run || run.status === "running" || run.status === "queued")
-                continue;
-            // Hold off until the run has been terminal long enough that the
-            // normal notification-driven finalize has demonstrably not run —
-            // avoids racing a live completion that is milliseconds from clearing
-            // the slot itself.
-            const endedAtMs = run.endedAt ? Date.parse(run.endedAt) : Number.NaN;
-            if (Number.isFinite(endedAtMs) && Date.now() - endedAtMs < DANGLING_ACTIVE_RUN_MIN_AGE_MS)
+            if (!run)
                 continue;
             const lease = this.claimLeaseForReconciliation(run.projectId, run.linearIssueId);
-            // "skip" → a live lease owns the session (a real run is in flight);
-            // leave it alone. "owned" → an outer local scope holds it, so we
-            // must not release it here.
+            // "skip" → a live lease owns the session (a worker is mid-finalize or
+            // mid-launch); settleRun could not corrupt its writes, but deferring
+            // lets the owner land its richer post-run state first. "owned" → an
+            // outer local scope holds it, so we must not release it here.
             if (lease === "skip")
                 continue;
             try {
-                const cleared = this.withHeldIssueSessionLease(run.projectId, run.linearIssueId, (held) => {
-                    const fresh = this.db.issues.getIssue(run.projectId, run.linearIssueId);
-                    if (!fresh || fresh.activeRunId !== run.id)
-                        return false;
-                    this.db.issueSessions.upsertIssueWithLease(held, {
-                        projectId: run.projectId,
-                        linearIssueId: run.linearIssueId,
-                        activeRunId: null,
-                    });
-                    return true;
-                });
-                if (cleared) {
+                // No `finish` outcome: the run is already terminal, and settleRun
+                // leaves a run that raced back to non-terminal status untouched.
+                const settled = this.withHeldIssueSessionLease(run.projectId, run.linearIssueId, (held) => settleRun({ db: this.db, run, lease: held }));
+                if (settled?.slotCleared) {
                     this.logger.warn({ issueKey: issue.issueKey, runId: run.id, runType: run.runType, runStatus: run.status }, "Cleared dangling active-run slot left by a terminal run; idle reconcile will resume the issue");
                     this.feed?.publish({
                         level: "warn",
@@ -667,14 +659,14 @@ export class RunOrchestrator {
     }
     // ─── Internal helpers ─────────────────────────────────────────────
     escalate(issue, runType, reason) {
-        this.runRecovery.escalate({
+        this.runFailurePolicy.escalate({
             issue,
             runType,
             reason,
         });
     }
     failRunAndClear(run, message, nextState = "failed") {
-        this.runRecovery.failRunAndClear({
+        this.runFailurePolicy.failRunAndClear({
             run,
             message,
             nextState,