Prompt
Implement failure handling so recovery is (1) bounded, (2) never hangs indefinitely, and (3) has explicit validation + deterministic fallback.
Apply this when adding retries, polling for readiness, or supporting boundary-specific execution paths:
- Resource-bounded recovery: if you retry after a known quota/limit failure, ensure the retry does not keep consuming the same global budget. Make the retry’s accounting explicit (e.g., disable quota consumption for a bounded-scope retry or pass the correct remaining quota), and add a regression test for the triggering condition.
// Pattern: on known limit failure, retry with bounded cost by adjusting quota. match err { ExceededMaxFileLimit => { // Retry only what’s needed at shallow depth; avoid consuming the global quota again. entry.build_tree(max_depth = 1, remaining_file_quota = None)?; } other => return Err(other.into()), } - Timeout + actionable error: any polling loop / “wait until ready” / session-join wait must have a timeout and surface a clear error state when exceeded.
let ready = tokio::time::timeout(Duration::from_secs(30), wait_for_ready()).await; match ready { Ok(Ok(())) => {} Ok(Err(e)) => return Err(e), Err(_) => return Err(anyhow::anyhow!("Timed out waiting for follow-up session readiness")), } -
Explicit validation and fallback: for boundary-specific spawning (WSL/MSYS2/remote/local) validate required arguments up front and ensure unsupported paths fail predictably (graceful unsupported-shell fallback) rather than relying on implied behavior.
- Test the failure mode: add regression tests that assert the system enters the correct recovered state (or correct failure state) under the exact triggering conditions (quota exceeded, hang/timeout scenario, unsupported-shell spawn path).