Fix code context state isolation (#249)

* Fix code context state isolation

Each code context now gets a dedicated executor process from creation to deletion, preventing state leakage between contexts. Removed maximum pool size limits to allow organic scaling based on context count.

* Improve context isolation reliability and safety

Add atomic concurrent execution checks, exit handler cleanup, error handling for executor release failures, per-language process limits, and language validation. Include concurrent execution test.

* Simplify error handling and improve test coverage

Remove redundant try-catch blocks that just rethrow errors, use
try-finally pattern for guaranteed cleanup, simplify comments about
atomicity, and enhance concurrent execution test to verify actual
state isolation rather than just error counts.

* Use promise-based locking for concurrent execution

Replace isAvailable flag with executionPromise to fix race condition.
The promise acts as an atomic lock preventing concurrent execution
on the same context.

* Revert Dockerfile and improve concurrency test

Revert Dockerfile platform change that should not be committed.
Increase concurrent test requests to 20 for better stress testing.

* Serialize execution per code context

Use async-mutex to prevent race conditions when concurrent requests
target the same context. Execute code before creating stream to hold
mutex during actual execution.

* Fix test-worker dockerfile

* Add pool locking and executor health checks

Prevents race conditions when multiple contexts reserve executors
concurrently, and detects crashed executors before execution.

* Fix executor leak and stateless execution race

- Add cleanup on context creation failure to prevent executor leaks
- Serialize stateless executions with per-language mutex

* Refactor to single-layer executor locking

Moved all mutex locking from InterpreterService to ProcessPoolManager,
using per-executor locks instead of per-context locks. This enables
parallel stateless execution via borrow/return pattern and simplifies
code by centralizing all concurrency control in one layer.

* Add test for concurrent context execution isolation

Adds E2E test that verifies state isolation is maintained when
executing code concurrently across 12 different contexts. This
validates that the executor locking mechanism prevents race
conditions while maintaining proper context isolation.

Author: ghostwriternr

.changeset/fix-code-context-isolation.md

@@ -0,0 +1,5 @@
+---
+'@cloudflare/sandbox': patch
+---
+
+Fix code context isolation bug where contexts leaked state after 10 executions. Each code context now gets a dedicated executor process from creation to deletion, ensuring complete isolation between contexts. Removed maximum pool size limits to allow organic scaling.

package-lock.json

@@ -13,6 +13,7 @@
   },
   "dependencies": {
     "@repo/shared": "*",
+    "async-mutex": "^0.5.0",
     "esbuild": "^0.27.0",
     "zod": "^3.22.3"
   },

packages/sandbox-container/package.json

@@ -9,8 +9,10 @@ import type {
 import { ErrorCode } from '@repo/shared/errors';
 
 import type { RequestContext } from '../core/types';
-import type { CreateContextRequest } from '../interpreter-service';
-import type { InterpreterService } from '../services/interpreter-service';
+import type {
+  CreateContextRequest,
+  InterpreterService
+} from '../services/interpreter-service';
 import { BaseHandler } from './base-handler';
 
 export class InterpreterHandler extends BaseHandler<Request, Response> {