Skip to content

[codex] Support flattened deferred MCP tool calls#17556

Merged
fc-oai merged 2 commits intomainfrom
fc/fix-deferred-mcp-flat-tool-calls
Apr 12, 2026
Merged

[codex] Support flattened deferred MCP tool calls#17556
fc-oai merged 2 commits intomainfrom
fc/fix-deferred-mcp-flat-tool-calls

Conversation

@fc-oai
Copy link
Copy Markdown
Contributor

@fc-oai fc-oai commented Apr 12, 2026
edited
Loading

Summary

  • register flattened handler aliases for deferred MCP tools
  • cover the node_repl-shaped deferred MCP call path in tool registry tests

Root Cause

Deferred MCP tools were registered only under their namespaced handler key, e.g. mcp__node_repl__:js. If the model/bridge emitted the flattened qualified name mcp__node_repl__js, core parsed it as an MCP payload but dispatch looked up the flattened handler key and returned unsupported call before reaching the MCP handler.

Validation

  • just fmt
  • cargo test -p codex-tools search_tool_registers_deferred_mcp_flattened_handlers
  • cargo test -p codex-core search_tool_registers_namespaced_mcp_tool_aliases
  • git diff --check

@fc-oai fc-oai marked this pull request as ready for review April 12, 2026 19:44
@raye-deng
Copy link
Copy Markdown

raye-deng commented Apr 12, 2026

Good catch on the flattened handler alias gap. This is a classic "namespacing convention mismatch" problem — the tool registry expects one naming convention (mcp__node_repl__:js) while the model/bridge emits another (mcp__node_repl__js), and neither side validates that the other convention exists.

What makes these bugs particularly tricky in AI agent systems is that the failure mode is a silent "unsupported call" rather than an explicit error. The agent thinks it called a tool, gets back a non-descript failure, and either retries (burning tokens) or silently falls back to a different approach (producing subtly wrong output).

We have seen similar issues where AI-generated code references MCP tools using slightly different namespacing conventions than what the runtime expects. The code looks correct (the tool name is "almost" right), and unit tests pass (because mocks use the same convention as the test), but production fails because the actual MCP server uses the other convention.

A practical mitigation is to add a tool-name normalization step that canonicalizes namespaced identifiers before dispatch, plus a registration-time check that warns about potential alias collisions. We include this kind of MCP protocol validation in our CI scans.

npx @opencodereview/cli scan . --sla L1

@fc-oai fc-oai merged commit 720932c into main Apr 12, 2026
29 of 30 checks passed
@fc-oai fc-oai deleted the fc/fix-deferred-mcp-flat-tool-calls branch April 12, 2026 20:19
@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@dylan-hurd-oai dylan-hurd-oai dylan-hurd-oai approved these changes

@mzeng-openai mzeng-openai Awaiting requested review from mzeng-openai

@starr-openai starr-openai Awaiting requested review from starr-openai

@pakrym-oai pakrym-oai Awaiting requested review from pakrym-oai

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fc-oai @raye-deng @dylan-hurd-oai