fix: reject in-flight task promises when worker crashes (#146)

* fix: reject in-flight task promises when worker crashes

When a worker crashes (onerror event), tasks already dispatched to it had
their promises stored in promiseResponseMap but were never settled. The
error handler only restarted the worker and redistributed queued tasks —
in-flight tasks were silently dropped, causing pool.execute() callers to
hang indefinitely.

The fix iterates promiseResponseMap on worker error, finds all entries
targeting the crashed worker by stable workerId, and rejects them with a
descriptive error before termination.

Changes:
- Replace workerNodeKey (array index) with stable workerId in
  PromiseResponseWrapper — indices become stale after removeWorkerNode
- Add handleWorkerNodeCrash() to unify crash recovery logic
- Add rejectInFlightTaskPromises() and rejectRemainingQueuedTaskPromises()
- Add updatePromiseResponseWorkerId() for task steal/redistribute tracking
- Resolve workerNodeKey dynamically from message.workerId at response time
- Gate exit handler worker restart on restartWorkerOnError option
- Add crash worker test and regression test for promise rejection

Port of poolifier/poolifier#3211

* [autofix.ci] apply automated fixes

* fix: add crashHandled flag, improve rejection logic and harden guards

- Add crashHandled flag to WorkerInfo to prevent double crash handling
  between onerror and exit handlers
- Move rejectRemainingQueuedTaskPromises outside started/destroying guard
  (queued promises must always be settled regardless of pool state)
- Handle workerId == null case in rejectInFlightTaskPromises (crash before
  worker ID assignment)
- Add { cause } to crash Error constructors for error chain traceability
- Update task statistics (executing/failed) on crash rejection
- Add workerNodeKey === -1 guards in updatePromiseResponseWorkerId and
  handleWorkerReadyResponse
- Exit handler: detect unexpected exit via crashHandled flag, condition
  restart on restartWorkerOnError or normal exit
- Tighten test bounds for stolen/sequentiallyStolen task counts

Aligns with poolifier/poolifier#3211 latest changes

* fix: harden crash-handling guards and eliminate DRY violations

- Guard getWorkerNodeKeyByWorkerId against undefined workerId to prevent
  erroneous matching of uninitialized worker nodes
- Call updatePromiseResponseWorkerId BEFORE handleTask in redistribute
  and stealTask for correctness-by-construction (prevents stale workerId
  if task response arrives synchronously)
- Construct crashError once in handleWorkerNodeCrash and pass as param
  to rejectInFlightTaskPromises/rejectRemainingQueuedTaskPromises (DRY)
- Add executing--/failed++ stats in rejectInFlightTaskPromises null-path
  for consistency with the non-null path
- Fix handleWorkerNodeCrash JSDoc to accurately describe behavior

* fix: add flushWorkerNodePromises catch-all for unsettled promises on exit

Add flushWorkerNodePromises() method as a catch-all to reject any
unsettled promises when a worker node exits without crash handling
(e.g., unexpected exit without onerror, or termination during pool
destroy).

The exit handler now has three distinct blocks:
1. Crash detection: handleWorkerNodeCrash if ready && !crashHandled
2. Promise flush: flushWorkerNodePromises for remaining unsettled
   promises (guarded by ready && !crashHandled to skip intentional exits)
3. Cleanup: removeWorkerNode + conditional restart

Aligns with poolifier/poolifier#3211 latest changes (flushWorkerNodePromises
catch-all pattern)

* fix: add crashHandled to WorkerInfo test expectations

* [autofix.ci] apply automated fixes

* refactor: address review findings — DRY helper, fallback workerId, simplify null-path

- Extract rejectTaskPromise() helper to eliminate duplicated reject +
  delete + stats + taskFinished pattern across 3 methods
- Add fallback to promiseResponse.workerId in handleTaskExecutionResponse
  when message.workerId lookup fails (worker already removed)
- Simplify rejectInFlightTaskPromises null-ID path to early-return
- Keep flush guard as workerNode.info.ready (not this.destroying) since
  synchronous terminate in web workers causes unhandled rejections during
  pool.destroy() — destroyWorkerNode already handles graceful shutdown

* [autofix.ci] apply automated fixes

* chore: remove unrelated config files added by mistake

* docs: fix flushWorkerNodePromises JSDoc to match actual behavior

The JSDoc was copied from upstream where exitCode !== 0 allows flush
during pool destroy. In our web worker adaptation, synchronous terminate
causes unhandled rejections if flush runs during destroy, so the guard
uses workerNode.info.ready instead. Updated doc to reflect this.

* fix: resolve abort target dynamically via promiseResponseMap

The abort signal handler captured workerNodeKey at task submission time.
After steal/redistribute, the stale index dispatches abortTask to the
wrong worker node. Resolve the current worker dynamically from the
stored workerId (kept up-to-date by updatePromiseResponseWorkerId).

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

Author: jerome-benoit

src/pools/abstract-pool.ts

@@ -559,6 +559,9 @@ export abstract class AbstractPool<
    * @returns The worker node key if the worker id is found in the pool worker nodes, `-1` otherwise.
    */
   private getWorkerNodeKeyByWorkerId(workerId: string | undefined): number {
+    if (workerId == null) {
+      return -1
+    }
     return this.workerNodes.findIndex(
       (workerNode) => workerNode.info.id === workerId,
     )
@@ -1173,11 +1176,21 @@ export abstract class AbstractPool<
       abortSignal?.addEventListener(
         'abort',
         () => {
-          this.workerNodes[workerNodeKey]?.dispatchEvent(
+          const promiseResponse = this.promiseResponseMap.get(task.taskId!)
+          if (promiseResponse == null) {
+            return
+          }
+          const currentWorkerNodeKey = this.getWorkerNodeKeyByWorkerId(
+            promiseResponse.workerId,
+          )
+          if (currentWorkerNodeKey === -1) {
+            return
+          }
+          this.workerNodes[currentWorkerNodeKey]?.dispatchEvent(
             new CustomEvent<WorkerNodeEventDetail>('abortTask', {
               detail: {
                 taskId: task.taskId,
-                workerId: this.getWorkerInfo(workerNodeKey)!.id!,
+                workerId: promiseResponse.workerId,
               },
             }),
           )
@@ -1187,7 +1200,7 @@ export abstract class AbstractPool<
       this.promiseResponseMap.set(task.taskId!, {
         reject,
         resolve,
-        workerNodeKey,
+        workerId: this.workerNodes[workerNodeKey].info.id,
         abortSignal,
       })
       if (
@@ -1672,22 +1685,8 @@ export abstract class AbstractPool<
       )
     }
     workerNode.worker.onerror = (errorEvent) => {
-      workerNode.info.ready = false
-      this.eventTarget?.dispatchEvent(
-        new ErrorEvent(PoolEvents.error, errorEvent),
-      )
-      if (this.started && !this.destroying) {
-        if (this.opts.restartWorkerOnError === true) {
-          if (workerNode.info.dynamic) {
-            this.createAndSetupDynamicWorkerNode()
-          } else if (!this.startingMinimumNumberOfWorkers) {
-            this.startMinimumNumberOfWorkers(true)
-          }
-        }
-        if (this.opts.enableTasksQueue === true) {
-          this.redistributeQueuedTasks(this.workerNodes.indexOf(workerNode))
-        }
-      }
+      errorEvent.preventDefault()
+      this.handleWorkerNodeCrash(workerNode, errorEvent)
       workerNode?.terminate()
     }
     workerNode.worker.addEventListener(
@@ -1701,11 +1700,41 @@ export abstract class AbstractPool<
     workerNode.addEventListener(
       'exit',
       () => {
+        const workerNodeKey = this.workerNodes.indexOf(workerNode)
+        const exitError = new Error('Worker node exited unexpectedly')
+        if (
+          workerNode.info.ready &&
+          !workerNode.info.crashHandled &&
+          workerNodeKey !== -1 &&
+          !this.destroying
+        ) {
+          this.handleWorkerNodeCrash(
+            workerNode,
+            new ErrorEvent('error', {
+              message: exitError.message,
+              error: exitError,
+            }),
+          )
+        }
+        if (
+          workerNodeKey !== -1 &&
+          !workerNode.info.crashHandled &&
+          workerNode.info.ready
+        ) {
+          this.flushWorkerNodePromises(
+            workerNode,
+            this.destroying
+              ? new Error('Worker node terminated during pool destroy')
+              : exitError,
+          )
+        }
         this.removeWorkerNode(workerNode)
         if (
           this.started &&
           !this.startingMinimumNumberOfWorkers &&
-          !this.destroying
+          !this.destroying &&
+          (this.opts.restartWorkerOnError === true ||
+            !workerNode.info.crashHandled)
         ) {
           this.startMinimumNumberOfWorkers(true)
         }
@@ -1916,10 +1945,143 @@ export abstract class AbstractPool<
       if (destinationWorkerNodeKey === -1) {
         break
       }
-      this.handleTask(
-        destinationWorkerNodeKey,
-        this.dequeueTask(sourceWorkerNodeKey)!,
-      )
+      const task = this.dequeueTask(sourceWorkerNodeKey)!
+      this.updatePromiseResponseWorkerId(task.taskId, destinationWorkerNodeKey)
+      this.handleTask(destinationWorkerNodeKey, task)
+    }
+  }
+
+  /**
+   * Rejects in-flight task promises for the given crashed worker node key.
+   * @param workerNodeKey - The worker node key.
+   * @param crashError - The crash error to reject promises with.
+   */
+  private rejectInFlightTaskPromises(
+    workerNodeKey: number,
+    crashError: Error,
+  ): void {
+    if (workerNodeKey === -1) {
+      return
+    }
+    const workerNode = this.workerNodes[workerNodeKey]
+    const crashedWorkerId = workerNode.info.id
+    if (crashedWorkerId == null) {
+      return
+    }
+    const queuedTaskIds = new Set<
+      `${string}-${string}-${string}-${string}-${string}`
+    >()
+    for (const task of workerNode.tasksQueue) {
+      queuedTaskIds.add(task.taskId!)
+    }
+    for (const [taskId, promiseResponse] of this.promiseResponseMap) {
+      if (
+        promiseResponse.workerId === crashedWorkerId &&
+        !queuedTaskIds.has(taskId)
+      ) {
+        this.rejectTaskPromise(taskId, promiseResponse, workerNode, crashError)
+      }
+    }
+    this.checkAndEmitTaskExecutionFinishedEvents()
+  }
+
+  /**
+   * Rejects remaining queued task promises for the given crashed worker node key.
+   * @param workerNodeKey - The worker node key.
+   * @param crashError - The crash error to reject promises with.
+   */
+  private rejectRemainingQueuedTaskPromises(
+    workerNodeKey: number,
+    crashError: Error,
+  ): void {
+    if (workerNodeKey === -1) {
+      return
+    }
+    const workerNode = this.workerNodes[workerNodeKey]
+    if (this.tasksQueueSize(workerNodeKey) === 0) {
+      return
+    }
+    while (this.tasksQueueSize(workerNodeKey) > 0) {
+      const task = this.dequeueTask(workerNodeKey)
+      if (task?.taskId != null) {
+        const promiseResponse = this.promiseResponseMap.get(task.taskId)
+        if (promiseResponse != null) {
+          this.rejectTaskPromise(
+            task.taskId,
+            promiseResponse,
+            workerNode,
+            crashError,
+            false,
+          )
+        }
+      }
+    }
+    this.checkAndEmitTaskExecutionFinishedEvents()
+  }
+
+  private rejectTaskPromise(
+    taskId: `${string}-${string}-${string}-${string}-${string}`,
+    promiseResponse: PromiseResponseWrapper<Response>,
+    workerNode: IWorkerNode<Worker, Data>,
+    error: Error,
+    decrementExecuting = true,
+  ): void {
+    promiseResponse.reject(error)
+    this.promiseResponseMap.delete(taskId)
+    if (decrementExecuting && workerNode.usage.tasks.executing > 0) {
+      --workerNode.usage.tasks.executing
+    }
+    ++workerNode.usage.tasks.failed
+    workerNode.dispatchEvent(new Event('taskFinished'))
+  }
+
+  /**
+   * Rejects all unsettled promises targeting the given worker node.
+   * Called from the exit handler for unexpected exits of ready workers
+   * that were not already handled by the onerror crash path.
+   * @param workerNode - The worker node whose promises to flush.
+   * @param error - The rejection error.
+   */
+  private flushWorkerNodePromises(
+    workerNode: IWorkerNode<Worker, Data>,
+    error: Error,
+  ): void {
+    const workerId = workerNode.info.id
+    for (const [taskId, promiseResponse] of this.promiseResponseMap) {
+      if (
+        promiseResponse.workerId === workerId ||
+        (workerId == null && promiseResponse.workerId == null)
+      ) {
+        this.rejectTaskPromise(taskId, promiseResponse, workerNode, error)
+      }
+    }
+    this.checkAndEmitTaskExecutionFinishedEvents()
+  }
+
+  /**
+   * Updates the promise response worker id after task steal or redistribute.
+   * Ensures crash-time rejection targets the correct worker.
+   * @param taskId - The task id.
+   * @param workerNodeKey - The destination worker node key.
+   */
+  private updatePromiseResponseWorkerId(
+    taskId: `${string}-${string}-${string}-${string}-${string}` | undefined,
+    workerNodeKey: number,
+  ): void {
+    if (taskId == null || workerNodeKey === -1) {
+      return
+    }
+    const workerNode = this.workerNodes[workerNodeKey]
+    if (workerNode.info.id == null) {
+      const promiseResponse = this.promiseResponseMap.get(taskId)
+      if (promiseResponse != null) {
+        promiseResponse.workerId = undefined
+      }
+      return
+    }
+    const promiseResponse = this.promiseResponseMap.get(taskId)
+    if (promiseResponse != null) {
+      promiseResponse.workerId = workerNode.info.id
     }
   }
 
@@ -2019,6 +2181,10 @@ export abstract class AbstractPool<
     }
     sourceWorkerNode.info.stolen = false
     destinationWorkerNode.info.stealing = false
+    this.updatePromiseResponseWorkerId(
+      stolenTask.taskId,
+      destinationWorkerNodeKey,
+    )
     this.handleTask(destinationWorkerNodeKey, stolenTask)
     this.updateTaskStolenStatisticsWorkerUsage(
       destinationWorkerNodeKey,
@@ -2038,6 +2204,43 @@ export abstract class AbstractPool<
     )
   }
 
+  /**
+   * Handles a crashed worker node: emits error, rejects in-flight promises,
+   * restarts dynamic workers if configured, and redistributes queued tasks.
+   * Static worker restart is handled by the exit event handler.
+   * @param workerNode - The crashed worker node.
+   * @param errorEvent - The error event that caused the crash.
+   */
+  private handleWorkerNodeCrash(
+    workerNode: IWorkerNode<Worker, Data>,
+    errorEvent: ErrorEvent,
+  ): void {
+    workerNode.info.ready = false
+    workerNode.info.crashHandled = true
+    this.eventTarget?.dispatchEvent(
+      new ErrorEvent(PoolEvents.error, errorEvent),
+    )
+    const crashedWorkerNodeKey = this.workerNodes.indexOf(workerNode)
+    const crashError = new Error(
+      `Worker node crashed with error: '${errorEvent.message}'`,
+      { cause: errorEvent.error ?? errorEvent },
+    )
+    this.rejectInFlightTaskPromises(crashedWorkerNodeKey, crashError)
+    if (this.started && !this.destroying) {
+      if (this.opts.restartWorkerOnError === true) {
+        if (workerNode.info.dynamic) {
+          this.createAndSetupDynamicWorkerNode()
+        }
+      }
+      if (this.opts.enableTasksQueue === true) {
+        this.redistributeQueuedTasks(crashedWorkerNodeKey)
+      }
+    }
+    if (this.opts.enableTasksQueue === true) {
+      this.rejectRemainingQueuedTaskPromises(crashedWorkerNodeKey, crashError)
+    }
+  }
+
   private readonly handleWorkerNodeIdleEvent = (
     event: CustomEvent<WorkerNodeEventDetail>,
     previousStolenTask?: Task<Data>,
@@ -2221,6 +2424,9 @@ export abstract class AbstractPool<
       )
     }
     const workerNodeKey = this.getWorkerNodeKeyByWorkerId(workerId)
+    if (workerNodeKey === -1) {
+      return
+    }
     const workerNode = this.workerNodes[workerNodeKey]
     workerNode.info.ready = ready
     workerNode.info.taskFunctionsProperties = taskFunctionsProperties
@@ -2230,11 +2436,19 @@ export abstract class AbstractPool<
   }
 
   private handleTaskExecutionResponse(message: MessageValue<Response>): void {
-    const { name, taskId, workerError, data } = message
+    const { name, taskId, workerError, data, workerId } = message
     const promiseResponse = this.promiseResponseMap.get(taskId!)
     if (promiseResponse != null) {
-      const { resolve, reject, workerNodeKey } = promiseResponse
-      const workerNode = this.workerNodes[workerNodeKey]
+      const { resolve, reject } = promiseResponse
+      let workerNodeKey = this.getWorkerNodeKeyByWorkerId(workerId)
+      if (workerNodeKey === -1) {
+        workerNodeKey = this.getWorkerNodeKeyByWorkerId(
+          promiseResponse.workerId,
+        )
+      }
+      const workerNode = workerNodeKey !== -1
+        ? this.workerNodes[workerNodeKey]
+        : undefined
       if (workerError != null) {
         this.eventTarget?.dispatchEvent(
           new ErrorEvent(PoolEvents.taskError, { error: workerError }),
@@ -2248,12 +2462,18 @@ export abstract class AbstractPool<
       } else {
         resolve(data!)
       }
-      this.afterTaskExecutionHook(workerNodeKey, message)
+      if (workerNodeKey !== -1) {
+        this.afterTaskExecutionHook(workerNodeKey, message)
+      }
       queueMicrotask(() => {
         workerNode?.dispatchEvent(new Event('taskFinished'))
         this.promiseResponseMap.delete(taskId!)
         this.checkAndEmitTaskExecutionFinishedEvents()
-        if (this.opts.enableTasksQueue === true && !this.destroying) {
+        if (
+          workerNodeKey !== -1 &&
+          this.opts.enableTasksQueue === true &&
+          !this.destroying
+        ) {
           if (
             !this.isWorkerNodeBusy(workerNodeKey) &&
             this.tasksQueueSize(workerNodeKey) > 0
@@ -2264,7 +2484,7 @@ export abstract class AbstractPool<
             )
           }
           if (this.isWorkerNodeIdle(workerNodeKey)) {
-            workerNode.dispatchEvent(
+            workerNode?.dispatchEvent(
               new CustomEvent<WorkerNodeEventDetail>('idle', {
                 detail: { workerNodeKey },
               }),

src/pools/utils.ts

@@ -530,6 +530,7 @@ export const initWorkerInfo = (worker: IWorker): WorkerInfo => {
     backPressure: false,
     backPressureStealing: false,
     continuousStealing: false,
+    crashHandled: false,
     queuedTaskAbortion: false,
     dynamic: false,
     id: getWorkerId(worker),

src/pools/worker.ts

@@ -164,6 +164,11 @@ export interface WorkerInfo {
    * This flag is set to `true` when worker node is continuously stealing tasks from other worker nodes.
    */
   continuousStealing: boolean
+  /**
+   * Crash handled flag.
+   * This flag is set to `true` when worker node crash has been handled.
+   */
+  crashHandled: boolean
   /**
    * Back pressure stealing flag.
    * This flag is set to `true` when worker node is stealing one task from another back pressured worker node.