fix(sidecar): classify new limit constants + tolerate stale sidecar callback responses

crates/sidecar/src/service.rs

@@ -2721,9 +2721,26 @@ where
         &mut self,
         response: SidecarResponseFrame,
     ) -> Result<(), SidecarError> {
-        self.pending_sidecar_responses
-            .accept_response(&response)
-            .map_err(sidecar_response_tracker_error)?;
+        match self.pending_sidecar_responses.accept_response(&response) {
+            Ok(()) => {}
+            // A response for a request that is no longer pending (its owning VM
+            // was disposed, abandoning the in-flight callback) or already
+            // completed is a benign late/stale reply on the shared sidecar — a
+            // per-VM `sidecar_request` can be answered by the host after that VM
+            // has been torn down (multiple VMs share one sidecar process). Drop
+            // it instead of failing the whole sidecar over a harmless straggler.
+            Err(
+                error @ (SidecarResponseTrackerError::UnmatchedResponse { .. }
+                | SidecarResponseTrackerError::DuplicateResponse { .. }),
+            ) => {
+                tracing::warn!(
+                    request_id = response.request_id,
+                    "dropping stale sidecar response with no matching pending request: {error}"
+                );
+                return Ok(());
+            }
+            Err(error) => return Err(sidecar_response_tracker_error(error)),
+        }
         self.pending_sidecar_responses_gauge
             .observe_depth(self.pending_sidecar_responses.pending_count());
         self.completed_sidecar_response_order

crates/sidecar/tests/fixtures/limits-inventory.json

@@ -24,6 +24,12 @@
 		"rationale": "Guest JS stdout/stderr capture cap.",
 		"wired": "VmLimits.js_runtime.captured_output_limit_bytes"
 	},
+	{
+		"name": "MAX_TIMER_DELAY_MS",
+		"path": "crates/execution/src/javascript.rs",
+		"class": "invariant",
+		"rationale": "Clamps a guest timer delay to the JS setTimeout ceiling (2^31-1 ms); a leak guard so a timer thread cannot outlive its session by pinning the session Arc, mirroring the standard setTimeout max rather than operator policy."
+	},
 	{
 		"name": "JAVASCRIPT_EVENT_CHANNEL_CAPACITY",
 		"path": "crates/execution/src/javascript.rs",
@@ -103,6 +109,12 @@
 		"class": "policy-deferred",
 		"rationale": "WASM wall-clock backstop applied when no fuel budget is set; safety default to stop infinite-loop core-pinning, fold into a wasm execution-timeout field later."
 	},
+	{
+		"name": "DEFAULT_WASM_RUNNER_HEAP_LIMIT_MB",
+		"path": "crates/execution/src/wasm.rs",
+		"class": "policy-deferred",
+		"rationale": "Wasm runner V8 heap default (2 GiB, intentionally above the 128 MiB per-guest budget so warmup stops OOMing); per-isolate near-heap guard contains it, operator-tunable via the WASM_RUNNER_HEAP_LIMIT_MB env override rather than VmLimits."
+	},
 	{
 		"name": "DEFAULT_WASM_PREWARM_TIMEOUT_MS",
 		"path": "crates/execution/src/wasm.rs",

crates/sidecar/tests/service.rs

@@ -63,7 +63,7 @@ use extension::{
     ExtensionInterruptResponse, ExtensionResponse,
 };
 use service::NativeSidecarConfig;
-use state::SidecarRequestTransport;
+use state::{EventSinkTransport, SidecarRequestTransport};
 
 #[allow(dead_code)]
 #[path = "../src/stdio.rs"]