[Bug]: Codex native compaction can leave post-compaction context usage stale or unknown

[cyrusaf]

Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

No

Summary

After native Codex app-server compaction, OpenClaw can lack a reliable post-compaction token count. When that happens, status/context reporting should explicitly treat usage as unknown or bounded, not revive stale pre-compaction usage.

Parent tracker: #66251

Steps to reproduce

1. Start a session using the native Codex harness.
2. Grow the session context enough that context usage is visible.
3. Trigger native Codex compaction.
4. Inspect session status/context usage after compaction.
5. Observe whether OpenClaw reports old/pre-compaction usage as if it were the current fresh context usage.

Expected behavior

After Codex native compaction:

• if the app-server reports a reliable post-compaction token count, OpenClaw records and displays it
• if the app-server does not report tokensAfter, OpenClaw marks context usage as unknown/stale rather than pretending the old count is fresh
• transcript fallback logic respects a compaction boundary and does not resurrect pre-compaction usage
• status output avoids misleading values such as extreme or stale context percentages after compaction

Actual behavior

Native Codex compaction may complete without a reliable post-compaction token snapshot.

In that case, OpenClaw can fall back to stale transcript-derived or cumulative usage data and display it as current context usage. This makes compaction appear ineffective or can create confusing context reports after a successful compaction.

OpenClaw version

2026.4.10 / 2026.4.11 reports, plus current main investigation

Operating system

macOS and Linux reports

Install method

npm/global CLI and local source investigation

Model

codex/gpt-5.4

Provider / routing chain

OpenClaw -> bundled codex plugin -> Codex app-server

Additional provider/model setup details

NOT_ENOUGH_INFO

Logs, screenshots, and evidence

Scope boundary

This issue is specifically about native Codex app-server compaction and post-compaction context accounting.

Cumulative app-server token projection is related but partly tracked separately in #64669. This issue should focus on compaction boundaries, tokensAfter, stale/unknown state, and status reporting after native compaction.

Acceptance criteria

• Codex native compaction captures tokensAfter when the app-server provides it.
• If tokensAfter is unavailable, OpenClaw records post-compaction context usage as unknown/stale rather than fresh.
• A compaction marker or equivalent boundary prevents transcript fallback from using pre-compaction usage as current usage.
• Status/session reporting preserves the unknown state instead of fabricating a precise current percentage.
• Tests cover both known and unknown post-compaction token counts.

Suggested test coverage

• Codex app-server compaction returns tokensAfter when available.
• Codex app-server compaction records an unknown context state when tokensAfter is absent.
• Session/status reporting does not display stale pre-compaction usage as fresh.
• Transcript-derived usage ignores data before the native compaction boundary.
• Existing cumulative token handling from fix: [codex-harness] avoid treating cumulative app-server usage as current context #64669 remains compatible.

Related

• Parent: [Bug]: Track Codex harness stability work #66251
• Related cumulative usage projection issue: fix: [codex-harness] avoid treating cumulative app-server usage as current context #64669
• Related observed context inflation issue: Codex workspace dirty path can cause anomalous unbounded context inflation and pseudo-hangs #65503

Impact and severity

Affected: Users running OpenClaw with the bundled Codex harness.

Severity: High for long-running Codex sessions that rely on compaction/status reporting.

Frequency: Observed during Codex harness stabilization investigation.

Consequence: Users can see misleading context usage after compaction, making it difficult to tell whether compaction succeeded or whether a session is safe to continue.

Additional information

The local investigation has in-progress changes in this area. This issue is intended to capture the observed failure mode and the acceptance criteria for a focused fix.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Keep open: current main has fixed part of the shared auto-compaction stale-total invariant, but the focused Codex-native boundary is still incomplete because native compaction returns no tokensAfter, manual compaction can drop the explicit stale marker, and session-row transcript fallback can still promote derived usage as fresh current context.

Reproducibility: yes. at source level. Complete Codex native compaction without tokensAfter; current main still leaves the manual compaction path without an explicit stale marker and can let gateway transcript fallback promote pre-boundary usage as fresh current context.

Next step
Overlapping open PRs already address pieces of this area, so maintainers should choose, rebase, or replace the canonical status/compaction path before queueing a separate repair for this issue.

Review details

Best possible solution:

Make the Codex-native compaction boundary explicit end to end: persist a trusted post-compaction count when available, otherwise persist an explicit stale/unknown state and prevent manual compaction, session rows, transcript fallback, and status output from treating pre-boundary usage as fresh.

Do we have a high-confidence way to reproduce the issue?

Yes, at source level. Complete Codex native compaction without tokensAfter; current main still leaves the manual compaction path without an explicit stale marker and can let gateway transcript fallback promote pre-boundary usage as fresh current context.

Is this the best way to solve the issue?

Yes, the requested boundary invariant is the right fix shape. The current main fix for the shared auto-compaction updater is useful but incomplete; the remaining work should coordinate with the open status and compaction-invariant PRs rather than closing this issue as implemented.

Label justifications:

• P2: This is a normal-priority Codex session accounting bug with limited blast radius to Codex-backed compaction and status flows.
• impact:session-state: The issue is about stale context usage and session accounting state after compaction.

Acceptance criteria:

• node scripts/run-vitest.mjs extensions/codex/src/app-server/compact.test.ts src/gateway/server.sessions.compaction.test.ts src/gateway/session-utils.fs.test.ts src/auto-reply/reply/reply-state.test.ts src/auto-reply/reply/agent-runner-memory.test.ts src/auto-reply/status.test.ts ui/src/ui/chat/slash-command-executor.node.test.ts
• node scripts/crabbox-wrapper.mjs run --shell -- "pnpm check:changed"

What I checked:

• live-issue-state: Live GitHub state shows the issue is open, unprotected by labels, and assigned for follow-up; no open PR directly references this issue number.
• native-compaction-still-lacks-post-count: compactCodexNativeThread returns a successful compacted result with tokensBefore and details, but it still does not set tokensAfter, so downstream code cannot persist a fresh post-compaction Codex-native count from this path. (extensions/codex/src/app-server/compact.ts:361, 3d96111a5afe)
• completion-parser-does-not-read-usage: readNativeCompactionCompletion accepts thread/compacted and item/completed signals but only extracts signal, turn id, and item id; it does not parse usage or a post-compaction token payload. (extensions/codex/src/app-server/compact.ts:445, 3d96111a5afe)
• auto-compaction-partially-fixed: The shared updater now marks totalTokensFresh = false when compaction increments without a valid tokensAfter, and regression tests cover omitted and non-finite values; this addresses the narrower auto-compaction stale-total issue but not the full Codex-native/manual/status boundary. (src/auto-reply/reply/session-updates.ts:413, 3d96111a5afe)
• manual-compact-drops-explicit-unknown-state: The manual sessions.compact store update writes a fresh total only when tokensAfter is finite, but otherwise deletes both totalTokens and totalTokensFresh, losing the explicit stale/unknown marker the issue asks to preserve. (src/gateway/server-methods/sessions.ts:2348, 3d96111a5afe)
• transcript-fallback-can-promote-derived-usage: Gateway session rows read transcript usage when fresh stored totals are unavailable and then set totalTokensFresh true from transcript-derived totals, so an explicitly stale or missing post-compaction store value can still become a fresh-looking row without a compaction-boundary guard. (src/gateway/session-utils.ts:1757, 3d96111a5afe)

Likely related people:

• steipete: Authored recent native Codex compaction and compaction token snapshot work adjacent to the missing tokensAfter and stale-token invariant paths. (role: recent Codex native compaction and session-accounting contributor; confidence: high; commits: 934fc6ceeb10, 1b87ba8ca57b, f3e8a8a3195a; files: extensions/codex/src/app-server/compact.ts, docs/plugins/codex-harness.md, src/auto-reply/reply/session-updates.ts)
• jalehman: Introduced context-engine lifecycle integration in the Codex app-server harness, including the same compaction surface and tests. (role: adjacent context-engine compaction contributor; confidence: medium; commits: 51186d272543; files: extensions/codex/src/app-server/compact.ts, extensions/codex/src/app-server/compact.test.ts)
• cyrusaf: Authored the merged cumulative Codex usage fix that this issue explicitly distinguishes from native compaction boundary accounting. (role: adjacent Codex token-accounting contributor; confidence: medium; commits: 9a94194329de; files: extensions/codex/src/app-server/event-projector.ts, extensions/codex/src/app-server/event-projector.test.ts)
• scoootscooob: Added compaction checkpoints and optional tokensAfter metadata, which is the existing data source the status fallback PRs rely on. (role: introduced related compaction checkpoint feature; confidence: medium; commits: f4fcaa09a358; files: src/config/sessions/types.ts, src/gateway/session-compaction-checkpoints.ts, src/gateway/session-utils.ts)
• stainlu: Introduced the preserved totalTokensFresh=false stale session total contract that current status and gateway rows must honor after compaction. (role: stale-total contract contributor; confidence: medium; commits: 24b915ed413e; files: src/config/sessions/types.ts, src/status/status-message.ts)

Remaining risk / open question:

• No live Codex app-server compaction run was performed in this read-only review; the reproduction is source-level.
• Several open PRs cover overlapping status, compaction usage, and invariant fixes, so a new repair branch could conflict unless maintainers pick a canonical path first.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 3d96111a5afe.