Merge pull request #105 from CJackHwang/codex/fix-issues-found-in-review

Merge pull request #104 from CJackHwang/codex/revert-to-commit-efb484b

Restore tool-call parsing and repair logic; remove accidental split files

README.MD

@@ -476,6 +476,23 @@ go run ./cmd/ds2api-tests \
 npm ci --prefix webui && npm run build --prefix webui
 ```
 
+## 测试
+
+详细测试指南请参阅 [TESTING.md](TESTING.md)。
+
+### 快速测试命令
+
+```bash
+# 运行所有单元测试
+go test ./...
+
+# 运行 tool calls 相关测试（调试工具调用问题）
+go test -v -run 'TestParseToolCalls|TestRepair' ./internal/util/
+
+# 运行端到端测试
+./tests/scripts/run-live.sh
+```
+
 ## Release 自动构建（GitHub Actions）
 
 工作流文件：`.github/workflows/release-artifacts.yml`

TESTING.md

@@ -173,6 +173,50 @@ rg "<trace_id>" artifacts/testsuite/<run_id>/server.log
 go test ./...
 ```
 
+### 运行特定模块的单元测试
+
+```bash
+# 运行 tool calls 相关测试（推荐用于调试 tool call 解析问题）
+go test -v -run 'TestParseToolCalls|TestRepair' ./internal/util/
+
+# 运行单个测试用例
+go test -v -run TestParseToolCallsWithDeepSeekHallucination ./internal/util/
+
+# 运行 format 相关测试
+go test -v ./internal/format/...
+
+# 运行 adapter 相关测试
+go test -v ./internal/adapter/openai/...
+```
+
+### 调试 Tool Call 问题 | Debugging Tool Call Issues
+
+当遇到 DeepSeek 工具调用解析问题时，可以使用以下方法：
+
+```bash
+# 1. 运行 tool calls 相关的所有测试
+go test -v -run 'TestParseToolCalls|TestRepair' ./internal/util/
+
+# 2. 查看测试输出中的详细调试信息
+go test -v -run TestParseToolCallsWithDeepSeekHallucination ./internal/util/ 2>&1
+
+# 3. 检查具体测试用例的修复效果
+# 测试用例位于 internal/util/toolcalls_test.go，包含：
+# - TestParseToolCallsWithDeepSeekHallucination: DeepSeek 典型幻觉输出
+# - TestRepairLooseJSONWithNestedObjects: 嵌套对象的方括号修复
+# - TestParseToolCallsWithMixedWindowsPaths: Windows 路径处理
+```
+
+### 运行 Node.js 测试
+
+```bash
+# 运行 Node 测试
+node --test tests/node/stream-tool-sieve.test.js
+
+# 或使用脚本
+./tests/scripts/run-unit-node.sh
+```
+
 ### 跑端到端测试（跳过 preflight）
 
 ```bash

internal/adapter/claude/handler_stream_test.go

@@ -358,7 +358,7 @@ func TestHandleClaudeStreamRealtimeToolSafetyAcrossStructuredFormats(t *testing.
 	}
 }
 
-func TestHandleClaudeStreamRealtimeDoesNotStopOnUnclosedFencedToolExample(t *testing.T) {
+func TestHandleClaudeStreamRealtimePromotesUnclosedFencedToolExample(t *testing.T) {
 	h := &Handler{}
 	resp := makeClaudeSSEHTTPResponse(
 		"data: {\"p\":\"response/content\",\"v\":\"Here is an example:\\n```json\\n{\\\"tool_calls\\\":[{\\\"name\\\":\\\"Bash\\\",\\\"input\\\":{\\\"command\\\":\\\"pwd\\\"}}]}\"}",
@@ -371,22 +371,27 @@ func TestHandleClaudeStreamRealtimeDoesNotStopOnUnclosedFencedToolExample(t *tes
 	h.handleClaudeStreamRealtime(rec, req, resp, "claude-sonnet-4-5", []any{map[string]any{"role": "user", "content": "show example only"}}, false, false, []string{"Bash"})
 
 	frames := parseClaudeFrames(t, rec.Body.String())
+	foundToolUse := false
 	for _, f := range findClaudeFrames(frames, "content_block_start") {
 		contentBlock, _ := f.Payload["content_block"].(map[string]any)
 		if contentBlock["type"] == "tool_use" {
-			t.Fatalf("unexpected tool_use for fenced example, body=%s", rec.Body.String())
-		}
-	}
-
-	foundEndTurn := false
-	for _, f := range findClaudeFrames(frames, "message_delta") {
-		delta, _ := f.Payload["delta"].(map[string]any)
-		if delta["stop_reason"] == "end_turn" {
-			foundEndTurn = true
+			foundToolUse = true
 			break
 		}
 	}
-	if !foundEndTurn {
-		t.Fatalf("expected stop_reason=end_turn, body=%s", rec.Body.String())
+	if !foundToolUse {
+		t.Fatalf("expected tool_use for fenced example, body=%s", rec.Body.String())
+	}
+
+	foundToolStop := false
+	for _, f := range findClaudeFrames(frames, "message_delta") {
+		delta, _ := f.Payload["delta"].(map[string]any)
+		if delta["stop_reason"] == "tool_use" {
+			foundToolStop = true
+			break
+		}
+	}
+	if !foundToolStop {
+		t.Fatalf("expected stop_reason=tool_use, body=%s", rec.Body.String())
 	}
 }

internal/adapter/openai/chat_stream_runtime.go

@@ -98,11 +98,11 @@ func (s *chatStreamRuntime) sendDone() {
 func (s *chatStreamRuntime) finalize(finishReason string) {
 	finalThinking := s.thinking.String()
 	finalText := s.text.String()
-	detected := util.ParseStandaloneToolCalls(finalText, s.toolNames)
-	if len(detected) > 0 && !s.toolCallsDoneEmitted {
+	detected := util.ParseStandaloneToolCallsDetailed(finalText, s.toolNames)
+	if len(detected.Calls) > 0 && !s.toolCallsDoneEmitted {
 		finishReason = "tool_calls"
 		delta := map[string]any{
-			"tool_calls": formatFinalStreamToolCallsWithStableIDs(detected, s.streamToolCallIDs),
+			"tool_calls": formatFinalStreamToolCallsWithStableIDs(detected.Calls, s.streamToolCallIDs),
 		}
 		if !s.firstChunkSent {
 			delta["role"] = "assistant"
@@ -158,7 +158,7 @@ func (s *chatStreamRuntime) finalize(finishReason string) {
 		}
 	}
 
-	if len(detected) > 0 || s.toolCallsEmitted {
+	if len(detected.Calls) > 0 || s.toolCallsEmitted {
 		finishReason = "tool_calls"
 	}
 	s.sendChunk(openaifmt.BuildChatStreamChunk(

internal/adapter/openai/handler_chat.go

@@ -42,7 +42,9 @@ func (h *Handler) ChatCompletions(w http.ResponseWriter, r *http.Request) {
 		// 2. 新请求可能获取到同一账号并开始使用
 		// 3. 异步删除仍在进行，会截断新请求正在使用的会话
 		if h.Store.AutoDeleteSessions() && a.DeepSeekToken != "" {
-			err := h.DS.DeleteAllSessionsForToken(context.Background(), a.DeepSeekToken)
+			deleteCtx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+			defer cancel()
+			err := h.DS.DeleteAllSessionsForToken(deleteCtx, a.DeepSeekToken)
 			if err != nil {
 				config.Logger.Warn("[auto_delete_sessions] failed", "account", a.AccountID, "error", err)
 			} else {
@@ -51,7 +53,7 @@ func (h *Handler) ChatCompletions(w http.ResponseWriter, r *http.Request) {
 		}
 		h.Auth.Release(a)
 	}()
-	
+
 	r = r.WithContext(auth.WithAuth(r.Context(), a))
 
 	var req map[string]any

internal/adapter/openai/handler_toolcall_format.go

@@ -53,7 +53,7 @@ func injectToolPrompt(messages []map[string]any, tools []any, policy util.ToolCh
 	if len(toolSchemas) == 0 {
 		return messages, names
 	}
-	toolPrompt := "You have access to these tools:\n\n" + strings.Join(toolSchemas, "\n\n") + "\n\nWhen you need to use tools, output ONLY this JSON format (no other text):\n{\"tool_calls\": [{\"name\": \"tool_name\", \"input\": {\"param\": \"value\"}}]}\n\nHistory markers in conversation:\n- [TOOL_CALL_HISTORY]...[/TOOL_CALL_HISTORY] means a tool call you already made earlier.\n- [TOOL_RESULT_HISTORY]...[/TOOL_RESULT_HISTORY] means the runtime returned a tool result (not user input).\n\nIMPORTANT:\n1) If calling tools, output ONLY the JSON. The response must start with { and end with }.\n2) After receiving a tool result, you MUST use it to produce the final answer.\n3) Only call another tool when the previous result is missing required data or returned an error.\n4) Do not repeat a tool call that is already satisfied by an existing [TOOL_RESULT_HISTORY] block."
+	toolPrompt := "You have access to these tools:\n\n" + strings.Join(toolSchemas, "\n\n") + "\n\nWhen you need to use tools, output ONLY a JSON code block like this:\n```json\n{\"tool_calls\": [{\"name\": \"tool_name\", \"input\": {\"param\": \"value\"}}]}\n```\n\n【EXAMPLE】\nUser: Please check the weather in Beijing and Shanghai, and update my todo list.\nAssistant:\n```json\n{\"tool_calls\": [\n  {\"name\": \"get_weather\", \"input\": {\"city\": \"Beijing\"}},\n  {\"name\": \"get_weather\", \"input\": {\"city\": \"Shanghai\"}},\n  {\"name\": \"update_todo\", \"input\": {\"todos\": [{\"content\": \"Buy milk\"}, {\"content\": \"Write report\"}]}}\n]}\n```\n\nHistory markers in conversation:\n- [TOOL_CALL_HISTORY]...[/TOOL_CALL_HISTORY] means a tool call you already made earlier.\n- [TOOL_RESULT_HISTORY]...[/TOOL_RESULT_HISTORY] means the runtime returned a tool result (not user input).\n\nIMPORTANT:\n1) If calling tools, output ONLY the JSON code block. The response must start with ```json and end with ```.\n2) After receiving a tool result, you MUST use it to produce the final answer.\n3) Only call another tool when the previous result is missing required data or returned an error.\n4) Do not repeat a tool call that is already satisfied by an existing [TOOL_RESULT_HISTORY] block.\n5) JSON SYNTAX STRICTLY REQUIRED: All property names MUST be enclosed in double quotes (e.g., \"name\", not name).\n6) ARRAY FORMAT: If providing a list of items, you MUST enclose them in square brackets `[]` (e.g., \"todos\": [{\"item\": \"a\"}, {\"item\": \"b\"}]). DO NOT output comma-separated objects without brackets."
 	if policy.Mode == util.ToolChoiceRequired {
 		toolPrompt += "\n5) For this response, you MUST call at least one tool from the allowed list."
 	}

internal/adapter/openai/handler_toolcall_test.go

@@ -211,7 +211,7 @@ func TestHandleNonStreamUnknownToolNotIntercepted(t *testing.T) {
 	}
 }
 
-func TestHandleNonStreamEmbeddedToolCallExampleRemainsText(t *testing.T) {
+func TestHandleNonStreamEmbeddedToolCallExamplePromotesToolCall(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		`data: {"p":"response/content","v":"下面是示例："}`,
@@ -229,20 +229,21 @@ func TestHandleNonStreamEmbeddedToolCallExampleRemainsText(t *testing.T) {
 	out := decodeJSONBody(t, rec.Body.String())
 	choices, _ := out["choices"].([]any)
 	choice, _ := choices[0].(map[string]any)
-	if choice["finish_reason"] != "stop" {
-		t.Fatalf("expected finish_reason=stop, got %#v", choice["finish_reason"])
+	if choice["finish_reason"] != "tool_calls" {
+		t.Fatalf("expected finish_reason=tool_calls, got %#v", choice["finish_reason"])
 	}
 	msg, _ := choice["message"].(map[string]any)
-	if _, ok := msg["tool_calls"]; ok {
-		t.Fatalf("did not expect tool_calls field for embedded example: %#v", msg["tool_calls"])
+	toolCalls, _ := msg["tool_calls"].([]any)
+	if len(toolCalls) != 1 {
+		t.Fatalf("expected one tool_call field for embedded example: %#v", msg["tool_calls"])
 	}
 	content, _ := msg["content"].(string)
-	if !strings.Contains(content, "下面是示例：") || !strings.Contains(content, "请勿执行。") || !strings.Contains(content, `"tool_calls"`) {
-		t.Fatalf("expected embedded example to remain plain text, got %#v", content)
+	if strings.Contains(content, `"tool_calls"`) {
+		t.Fatalf("expected raw tool_calls json stripped from content, got %#v", content)
 	}
 }
 
-func TestHandleNonStreamFencedToolCallExampleNotIntercepted(t *testing.T) {
+func TestHandleNonStreamFencedToolCallExamplePromotesToolCall(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		"data: {\"p\":\"response/content\",\"v\":\"```json\\n{\\\"tool_calls\\\":[{\\\"name\\\":\\\"search\\\",\\\"input\\\":{\\\"q\\\":\\\"go\\\"}}]}\\n```\"}",
@@ -258,16 +259,17 @@ func TestHandleNonStreamFencedToolCallExampleNotIntercepted(t *testing.T) {
 	out := decodeJSONBody(t, rec.Body.String())
 	choices, _ := out["choices"].([]any)
 	choice, _ := choices[0].(map[string]any)
-	if choice["finish_reason"] != "stop" {
-		t.Fatalf("expected finish_reason=stop, got %#v", choice["finish_reason"])
+	if choice["finish_reason"] != "tool_calls" {
+		t.Fatalf("expected finish_reason=tool_calls, got %#v", choice["finish_reason"])
 	}
 	msg, _ := choice["message"].(map[string]any)
-	if _, ok := msg["tool_calls"]; ok {
-		t.Fatalf("did not expect tool_calls field for fenced example: %#v", msg["tool_calls"])
+	toolCalls, _ := msg["tool_calls"].([]any)
+	if len(toolCalls) != 1 {
+		t.Fatalf("expected one tool_call field for fenced example: %#v", msg["tool_calls"])
 	}
 	content, _ := msg["content"].(string)
-	if !strings.Contains(content, "```json") || !strings.Contains(content, `"tool_calls"`) {
-		t.Fatalf("expected fenced tool example to pass through as text, got %q", content)
+	if strings.Contains(content, `"tool_calls"`) {
+		t.Fatalf("expected raw tool_calls json stripped from content, got %q", content)
 	}
 }
 
@@ -615,7 +617,7 @@ func TestHandleStreamToolCallWithSameChunkTrailingTextRemainsText(t *testing.T)
 	}
 }
 
-func TestHandleStreamFencedToolCallSnippetRemainsText(t *testing.T) {
+func TestHandleStreamFencedToolCallSnippetPromotesToolCall(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		fmt.Sprintf(`data: {"p":"response/content","v":%q}`, "下面是调用示例：\n```json\n"),
@@ -631,8 +633,8 @@ func TestHandleStreamFencedToolCallSnippetRemainsText(t *testing.T) {
 	if !done {
 		t.Fatalf("expected [DONE], body=%s", rec.Body.String())
 	}
-	if streamHasToolCallsDelta(frames) {
-		t.Fatalf("did not expect tool_calls delta for fenced snippet, body=%s", rec.Body.String())
+	if !streamHasToolCallsDelta(frames) {
+		t.Fatalf("expected tool_calls delta for fenced snippet, body=%s", rec.Body.String())
 	}
 	content := strings.Builder{}
 	for _, frame := range frames {
@@ -646,11 +648,11 @@ func TestHandleStreamFencedToolCallSnippetRemainsText(t *testing.T) {
 		}
 	}
 	got := content.String()
-	if !strings.Contains(got, "```json") || !strings.Contains(strings.ToLower(got), "tool_calls") {
-		t.Fatalf("expected fenced tool snippet in content, got=%q", got)
+	if strings.Contains(strings.ToLower(got), "tool_calls") {
+		t.Fatalf("expected raw fenced tool_calls snippet stripped from content, got=%q", got)
 	}
-	if streamFinishReason(frames) != "stop" {
-		t.Fatalf("expected finish_reason=stop, body=%s", rec.Body.String())
+	if streamFinishReason(frames) != "tool_calls" {
+		t.Fatalf("expected finish_reason=tool_calls, body=%s", rec.Body.String())
 	}
 }
 

internal/adapter/openai/responses_stream_test.go

@@ -297,7 +297,7 @@ func TestHandleResponsesStreamOutputTextDeltaCarriesItemIndexes(t *testing.T) {
 	}
 }
 
-func TestHandleResponsesStreamThinkingAndMixedToolExampleRemainMessageOnly(t *testing.T) {
+func TestHandleResponsesStreamThinkingAndMixedToolExampleEmitsFunctionCall(t *testing.T) {
 	h := &Handler{}
 	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
 	rec := httptest.NewRecorder()
@@ -333,6 +333,7 @@ func TestHandleResponsesStreamThinkingAndMixedToolExampleRemainMessageOnly(t *te
 	responseObj, _ := completedPayload["response"].(map[string]any)
 	output, _ := responseObj["output"].([]any)
 	hasMessage := false
+	hasFunctionCall := false
 	for _, item := range output {
 		m, _ := item.(map[string]any)
 		if m == nil {
@@ -342,12 +343,15 @@ func TestHandleResponsesStreamThinkingAndMixedToolExampleRemainMessageOnly(t *te
 			hasMessage = true
 		}
 		if asString(m["type"]) == "function_call" {
-			t.Fatalf("did not expect function_call output for mixed prose tool example, output=%#v", output)
+			hasFunctionCall = true
 		}
 	}
 	if !hasMessage {
 		t.Fatalf("expected message output for mixed prose tool example, output=%#v", output)
 	}
+	if !hasFunctionCall {
+		t.Fatalf("expected function_call output for mixed prose tool example, output=%#v", output)
+	}
 }
 
 func TestHandleResponsesStreamToolChoiceNoneRejectsFunctionCall(t *testing.T) {

internal/adapter/openai/stream_status_test.go

@@ -171,15 +171,15 @@ func TestResponsesNonStreamMixedProseToolPayloadHandlerPath(t *testing.T) {
 		t.Fatalf("decode response failed: %v body=%s", err, rec.Body.String())
 	}
 	outputText, _ := out["output_text"].(string)
-	if outputText == "" {
-		t.Fatalf("expected output_text preserved for mixed prose payload")
+	if outputText != "" {
+		t.Fatalf("expected output_text hidden for mixed prose tool payload, got %q", outputText)
 	}
 	output, _ := out["output"].([]any)
 	if len(output) != 1 {
 		t.Fatalf("expected one output item, got %#v", output)
 	}
 	first, _ := output[0].(map[string]any)
-	if first["type"] != "message" {
-		t.Fatalf("expected message output item, got %#v", output)
+	if first["type"] != "function_call" {
+		t.Fatalf("expected function_call output item, got %#v", output)
 	}
 }

internal/adapter/openai/tool_sieve_core.go

@@ -167,22 +167,22 @@ func findToolSegmentStart(s string) int {
 		return -1
 	}
 	lower := strings.ToLower(s)
-	offset := 0
-	for {
-		keyRel := strings.Index(lower[offset:], "tool_calls")
-		if keyRel < 0 {
-			return -1
+	keywords := []string{"tool_calls", "function.name:", "[tool_call_history]"}
+	bestKeyIdx := -1
+	for _, kw := range keywords {
+		idx := strings.Index(lower, kw)
+		if idx >= 0 && (bestKeyIdx < 0 || idx < bestKeyIdx) {
+			bestKeyIdx = idx
 		}
-		keyIdx := offset + keyRel
-		start := strings.LastIndex(s[:keyIdx], "{")
-		if start < 0 {
-			start = keyIdx
-		}
-		if !insideCodeFence(s[:start]) {
-			return start
-		}
-		offset = keyIdx + len("tool_calls")
 	}
+	if bestKeyIdx < 0 {
+		return -1
+	}
+	start := strings.LastIndex(s[:bestKeyIdx], "{")
+	if start < 0 {
+		start = bestKeyIdx
+	}
+	return start
 }
 
 func consumeToolCapture(state *toolStreamSieveState, toolNames []string) (prefix string, calls []util.ParsedToolCall, suffix string, ready bool) {
@@ -191,13 +191,22 @@ func consumeToolCapture(state *toolStreamSieveState, toolNames []string) (prefix
 		return "", nil, "", false
 	}
 	lower := strings.ToLower(captured)
-	keyIdx := strings.Index(lower, "tool_calls")
+	
+	keyIdx := -1
+	keywords := []string{"tool_calls", "function.name:", "[tool_call_history]"}
+	for _, kw := range keywords {
+		idx := strings.Index(lower, kw)
+		if idx >= 0 && (keyIdx < 0 || idx < keyIdx) {
+			keyIdx = idx
+		}
+	}
+	
 	if keyIdx < 0 {
 		return "", nil, "", false
 	}
 	start := strings.LastIndex(captured[:keyIdx], "{")
 	if start < 0 {
-		return "", nil, "", false
+		start = keyIdx
 	}
 	obj, end, ok := extractJSONObjectFrom(captured, start)
 	if !ok {
@@ -205,9 +214,6 @@ func consumeToolCapture(state *toolStreamSieveState, toolNames []string) (prefix
 	}
 	prefixPart := captured[:start]
 	suffixPart := captured[end:]
-	if insideCodeFence(state.recentTextTail + prefixPart) {
-		return captured, nil, "", true
-	}
 	parsed := util.ParseStandaloneToolCallsDetailed(obj, toolNames)
 	if len(parsed.Calls) == 0 {
 		if parsed.SawToolCallSyntax && parsed.RejectedByPolicy {
@@ -215,6 +221,9 @@ func consumeToolCapture(state *toolStreamSieveState, toolNames []string) (prefix
 			// consume it to avoid leaking raw tool_calls JSON to user content.
 			return prefixPart, nil, suffixPart, true
 		}
+		// If it has obvious keywords but failed to parse even after loose repair,
+		// we still might want to intercept it if it looks like an attempt at tool call.
+		// For now, keep the original logic but rely on loose JSON repair.
 		return captured, nil, "", true
 	}
 	return prefixPart, parsed.Calls, suffixPart, true

internal/adapter/openai/tool_sieve_incremental.go

@@ -19,9 +19,6 @@ func buildIncrementalToolDeltas(state *toolStreamSieveState) []toolCallDelta {
 	if start < 0 {
 		return nil
 	}
-	if insideCodeFence(state.recentTextTail + captured[:start]) {
-		return nil
-	}
 	certainSingle, hasMultiple := classifyToolCallsIncrementalSafety(captured, keyIdx)
 	if hasMultiple {
 		state.disableDeltas = true

internal/admin/handler_accounts_testing.go

@@ -247,8 +247,18 @@ func (h *Handler) deleteAllSessions(w http.ResponseWriter, r *http.Request) {
 	// 删除所有会话
 	err := h.DS.DeleteAllSessionsForToken(r.Context(), token)
 	if err != nil {
-		writeJSON(w, http.StatusOK, map[string]any{"success": false, "message": "删除失败: " + err.Error()})
-		return
+		// token 可能过期，尝试重新登录并重试一次
+		newToken, loginErr := h.DS.Login(r.Context(), acc)
+		if loginErr != nil {
+			writeJSON(w, http.StatusOK, map[string]any{"success": false, "message": "删除失败: " + err.Error()})
+			return
+		}
+		token = newToken
+		_ = h.Store.UpdateAccountToken(acc.Identifier(), token)
+		if retryErr := h.DS.DeleteAllSessionsForToken(r.Context(), token); retryErr != nil {
+			writeJSON(w, http.StatusOK, map[string]any{"success": false, "message": "删除失败: " + retryErr.Error()})
+			return
+		}
 	}
 
 	writeJSON(w, http.StatusOK, map[string]any{"success": true, "message": "删除成功"})

internal/admin/handler_accounts_testing_test.go

@@ -1,9 +1,12 @@
 package admin
 
 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"errors"
 	"net/http"
+	"net/http/httptest"
 	"strings"
 	"testing"
 
@@ -13,10 +16,13 @@ import (
 )
 
 type testingDSMock struct {
-	loginCalls          int
-	createSessionCalls  int
-	getPowCalls         int
-	callCompletionCalls int
+	loginCalls                 int
+	createSessionCalls         int
+	getPowCalls                int
+	callCompletionCalls        int
+	deleteAllSessionsCalls     int
+	deleteAllSessionsError     error
+	deleteAllSessionsErrorOnce bool
 }
 
 func (m *testingDSMock) Login(_ context.Context, _ config.Account) (string, error) {
@@ -40,6 +46,14 @@ func (m *testingDSMock) CallCompletion(_ context.Context, _ *auth.RequestAuth, _
 }
 
 func (m *testingDSMock) DeleteAllSessionsForToken(_ context.Context, _ string) error {
+	m.deleteAllSessionsCalls++
+	if m.deleteAllSessionsError != nil {
+		err := m.deleteAllSessionsError
+		if m.deleteAllSessionsErrorOnce {
+			m.deleteAllSessionsError = nil
+		}
+		return err
+	}
 	return nil
 }
 
@@ -83,3 +97,38 @@ func TestTestAccount_BatchModeOnlyCreatesSession(t *testing.T) {
 		t.Fatalf("expected test status ok, got %q", updated.TestStatus)
 	}
 }
+
+func TestDeleteAllSessions_RetryWithReloginOnDeleteFailure(t *testing.T) {
+	t.Setenv("DS2API_CONFIG_JSON", `{"accounts":[{"email":"batch@example.com","password":"pwd","token":"expired-token"}]}`)
+	store := config.LoadStore()
+	ds := &testingDSMock{deleteAllSessionsError: errors.New("token expired"), deleteAllSessionsErrorOnce: true}
+	h := &Handler{Store: store, DS: ds}
+
+	req := httptest.NewRequest(http.MethodPost, "/delete-all", bytes.NewBufferString(`{"identifier":"batch@example.com"}`))
+	rec := httptest.NewRecorder()
+	h.deleteAllSessions(rec, req)
+
+	if rec.Code != http.StatusOK {
+		t.Fatalf("expected status 200, got %d", rec.Code)
+	}
+	var resp map[string]any
+	if err := json.Unmarshal(rec.Body.Bytes(), &resp); err != nil {
+		t.Fatalf("unmarshal response: %v", err)
+	}
+	if ok, _ := resp["success"].(bool); !ok {
+		t.Fatalf("expected success response, got %#v", resp)
+	}
+	if ds.loginCalls != 1 {
+		t.Fatalf("expected relogin once, got %d", ds.loginCalls)
+	}
+	if ds.deleteAllSessionsCalls != 2 {
+		t.Fatalf("expected delete called twice, got %d", ds.deleteAllSessionsCalls)
+	}
+	updated, ok := store.FindAccount("batch@example.com")
+	if !ok {
+		t.Fatal("expected account")
+	}
+	if updated.Token != "new-token" {
+		t.Fatalf("expected refreshed token persisted, got %q", updated.Token)
+	}
+}

internal/deepseek/client_auth.go

@@ -62,8 +62,8 @@ func (c *Client) CreateSession(ctx context.Context, a *auth.RequestAuth, maxAtte
 			attempts++
 			continue
 		}
-		code := intFrom(resp["code"])
-		if status == http.StatusOK && code == 0 {
+		code, bizCode, msg, bizMsg := extractResponseStatus(resp)
+		if status == http.StatusOK && code == 0 && bizCode == 0 {
 			data, _ := resp["data"].(map[string]any)
 			bizData, _ := data["biz_data"].(map[string]any)
 			sessionID, _ := bizData["id"].(string)
@@ -71,10 +71,9 @@ func (c *Client) CreateSession(ctx context.Context, a *auth.RequestAuth, maxAtte
 				return sessionID, nil
 			}
 		}
-		msg, _ := resp["msg"].(string)
-		config.Logger.Warn("[create_session] failed", "status", status, "code", code, "msg", msg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
+		config.Logger.Warn("[create_session] failed", "status", status, "code", code, "biz_code", bizCode, "msg", msg, "biz_msg", bizMsg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
 		if a.UseConfigToken {
-			if isTokenInvalid(status, code, msg) && !refreshed {
+			if isTokenInvalid(status, code, bizCode, msg, bizMsg) && !refreshed {
 				if c.Auth.RefreshToken(ctx, a) {
 					refreshed = true
 					continue
@@ -96,6 +95,7 @@ func (c *Client) GetPow(ctx context.Context, a *auth.RequestAuth, maxAttempts in
 		maxAttempts = c.maxRetries
 	}
 	attempts := 0
+	refreshed := false
 	for attempts < maxAttempts {
 		headers := c.authHeaders(a.DeepSeekToken)
 		resp, status, err := c.postJSONWithStatus(ctx, c.regular, DeepSeekCreatePowURL, headers, map[string]any{"target_path": "/api/v0/chat/completion"})
@@ -104,8 +104,8 @@ func (c *Client) GetPow(ctx context.Context, a *auth.RequestAuth, maxAttempts in
 			attempts++
 			continue
 		}
-		code := intFrom(resp["code"])
-		if status == http.StatusOK && code == 0 {
+		code, bizCode, msg, bizMsg := extractResponseStatus(resp)
+		if status == http.StatusOK && code == 0 && bizCode == 0 {
 			data, _ := resp["data"].(map[string]any)
 			bizData, _ := data["biz_data"].(map[string]any)
 			challenge, _ := bizData["challenge"].(map[string]any)
@@ -116,15 +116,16 @@ func (c *Client) GetPow(ctx context.Context, a *auth.RequestAuth, maxAttempts in
 			}
 			return BuildPowHeader(challenge, answer)
 		}
-		msg, _ := resp["msg"].(string)
-		config.Logger.Warn("[get_pow] failed", "status", status, "code", code, "msg", msg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
+		config.Logger.Warn("[get_pow] failed", "status", status, "code", code, "biz_code", bizCode, "msg", msg, "biz_msg", bizMsg, "use_config_token", a.UseConfigToken, "account", a.AccountID)
 		if a.UseConfigToken {
-			if isTokenInvalid(status, code, msg) {
+			if isTokenInvalid(status, code, bizCode, msg, bizMsg) && !refreshed {
 				if c.Auth.RefreshToken(ctx, a) {
+					refreshed = true
 					continue
 				}
 			}
 			if c.Auth.SwitchAccount(ctx, a) {
+				refreshed = false
 				attempts++
 				continue
 			}
@@ -143,15 +144,34 @@ func (c *Client) authHeaders(token string) map[string]string {
 	return headers
 }
 
-func isTokenInvalid(status int, code int, msg string) bool {
-	msg = strings.ToLower(msg)
+func isTokenInvalid(status int, code int, bizCode int, msg string, bizMsg string) bool {
+	msg = strings.ToLower(strings.TrimSpace(msg) + " " + strings.TrimSpace(bizMsg))
 	if status == http.StatusUnauthorized || status == http.StatusForbidden {
 		return true
 	}
-	if code == 40001 || code == 40002 || code == 40003 {
+	if code == 40001 || code == 40002 || code == 40003 || bizCode == 40001 || bizCode == 40002 || bizCode == 40003 {
 		return true
 	}
-	return strings.Contains(msg, "token") || strings.Contains(msg, "unauthorized")
+	return strings.Contains(msg, "token") ||
+		strings.Contains(msg, "unauthorized") ||
+		strings.Contains(msg, "expired") ||
+		strings.Contains(msg, "not login") ||
+		strings.Contains(msg, "login required") ||
+		strings.Contains(msg, "invalid jwt")
+}
+
+func extractResponseStatus(resp map[string]any) (code int, bizCode int, msg string, bizMsg string) {
+	code = intFrom(resp["code"])
+	msg, _ = resp["msg"].(string)
+	data, _ := resp["data"].(map[string]any)
+	bizCode = intFrom(data["biz_code"])
+	bizMsg, _ = data["biz_msg"].(string)
+	if strings.TrimSpace(bizMsg) == "" {
+		if bizData, ok := data["biz_data"].(map[string]any); ok {
+			bizMsg, _ = bizData["msg"].(string)
+		}
+	}
+	return code, bizCode, msg, bizMsg
 }
 
 func normalizeMobileForLogin(raw string) (mobile string, areaCode any) {

internal/deepseek/client_session.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strings"
 
 	"ds2api/internal/auth"
 	"ds2api/internal/config"
@@ -22,12 +23,12 @@ type SessionInfo struct {
 
 // SessionStats 会话统计结果
 type SessionStats struct {
-	AccountID      string  // 账号标识 (email 或 mobile)
-	FirstPageCount int     // 第一页会话数量（当 HasMore 为 true 时，真实总数可能更大）
-	PinnedCount    int     // 置顶会话数量
-	HasMore        bool    // 是否还有更多页
-	Success        bool    // 请求是否成功
-	ErrorMessage   string  // 错误信息
+	AccountID      string // 账号标识 (email 或 mobile)
+	FirstPageCount int    // 第一页会话数量（当 HasMore 为 true 时，真实总数可能更大）
+	PinnedCount    int    // 置顶会话数量
+	HasMore        bool   // 是否还有更多页
+	Success        bool   // 请求是否成功
+	ErrorMessage   string // 错误信息
 }
 
 // GetSessionCount 获取单个账号的会话数量
@@ -56,8 +57,8 @@ func (c *Client) GetSessionCount(ctx context.Context, a *auth.RequestAuth, maxAt
 			continue
 		}
 
-		code := intFrom(resp["code"])
-		if status == http.StatusOK && code == 0 {
+		code, bizCode, msg, bizMsg := extractResponseStatus(resp)
+		if status == http.StatusOK && code == 0 && bizCode == 0 {
 			data, _ := resp["data"].(map[string]any)
 			bizData, _ := data["biz_data"].(map[string]any)
 			chatSessions, _ := bizData["chat_sessions"].([]any)
@@ -79,12 +80,11 @@ func (c *Client) GetSessionCount(ctx context.Context, a *auth.RequestAuth, maxAt
 			return stats, nil
 		}
 
-		msg, _ := resp["msg"].(string)
 		stats.ErrorMessage = fmt.Sprintf("status=%d, code=%d, msg=%s", status, code, msg)
-		config.Logger.Warn("[get_session_count] failed", "status", status, "code", code, "msg", msg, "account", a.AccountID)
+		config.Logger.Warn("[get_session_count] failed", "status", status, "code", code, "biz_code", bizCode, "msg", msg, "biz_msg", bizMsg, "account", a.AccountID)
 
 		if a.UseConfigToken {
-			if isTokenInvalid(status, code, msg) && !refreshed {
+			if isTokenInvalid(status, code, bizCode, msg, bizMsg) && !refreshed {
 				if c.Auth.RefreshToken(ctx, a) {
 					refreshed = true
 					continue
@@ -114,9 +114,11 @@ func (c *Client) GetSessionCountForToken(ctx context.Context, token string) (*Se
 		return nil, err
 	}
 
-	code := intFrom(resp["code"])
-	if status != http.StatusOK || code != 0 {
-		msg, _ := resp["msg"].(string)
+	code, bizCode, msg, bizMsg := extractResponseStatus(resp)
+	if status != http.StatusOK || code != 0 || bizCode != 0 {
+		if strings.TrimSpace(bizMsg) != "" {
+			msg = bizMsg
+		}
 		return nil, fmt.Errorf("request failed: status=%d, code=%d, msg=%s", status, code, msg)
 	}
 

internal/deepseek/client_session_delete.go

@@ -49,18 +49,17 @@ func (c *Client) DeleteSession(ctx context.Context, a *auth.RequestAuth, session
 			continue
 		}
 
-		code := intFrom(resp["code"])
-		if status == http.StatusOK && code == 0 {
+		code, bizCode, msg, bizMsg := extractResponseStatus(resp)
+		if status == http.StatusOK && code == 0 && bizCode == 0 {
 			result.Success = true
 			return result, nil
 		}
 
-		msg, _ := resp["msg"].(string)
 		result.ErrorMessage = fmt.Sprintf("status=%d, code=%d, msg=%s", status, code, msg)
-		config.Logger.Warn("[delete_session] failed", "status", status, "code", code, "msg", msg, "session_id", sessionID)
+		config.Logger.Warn("[delete_session] failed", "status", status, "code", code, "biz_code", bizCode, "msg", msg, "biz_msg", bizMsg, "session_id", sessionID)
 
 		if a.UseConfigToken {
-			if isTokenInvalid(status, code, msg) && !refreshed {
+			if isTokenInvalid(status, code, bizCode, msg, bizMsg) && !refreshed {
 				if c.Auth.RefreshToken(ctx, a) {
 					refreshed = true
 					continue

internal/format/openai/render_chat.go

@@ -8,15 +8,15 @@ import (
 )
 
 func BuildChatCompletion(completionID, model, finalPrompt, finalThinking, finalText string, toolNames []string) map[string]any {
-	detected := util.ParseStandaloneToolCalls(finalText, toolNames)
+	detected := util.ParseStandaloneToolCallsDetailed(finalText, toolNames)
 	finishReason := "stop"
 	messageObj := map[string]any{"role": "assistant", "content": finalText}
 	if strings.TrimSpace(finalThinking) != "" {
 		messageObj["reasoning_content"] = finalThinking
 	}
-	if len(detected) > 0 {
+	if len(detected.Calls) > 0 {
 		finishReason = "tool_calls"
-		messageObj["tool_calls"] = util.FormatOpenAIToolCalls(detected)
+		messageObj["tool_calls"] = util.FormatOpenAIToolCalls(detected.Calls)
 		messageObj["content"] = nil
 	}
 

internal/format/openai/render_responses.go

@@ -13,12 +13,12 @@ import (
 func BuildResponseObject(responseID, model, finalPrompt, finalThinking, finalText string, toolNames []string) map[string]any {
 	// Strict mode: only standalone, structured tool-call payloads are treated
 	// as executable tool calls.
-	detected := util.ParseStandaloneToolCalls(finalText, toolNames)
+	detected := util.ParseStandaloneToolCallsDetailed(finalText, toolNames)
 	exposedOutputText := finalText
 	output := make([]any, 0, 2)
-	if len(detected) > 0 {
+	if len(detected.Calls) > 0 {
 		exposedOutputText = ""
-		output = append(output, toResponsesFunctionCallItems(detected)...)
+		output = append(output, toResponsesFunctionCallItems(detected.Calls)...)
 	} else {
 		content := make([]any, 0, 2)
 		if finalThinking != "" {

internal/format/openai/render_test.go

@@ -45,7 +45,7 @@ func TestBuildResponseObjectToolCallsFollowChatShape(t *testing.T) {
 	}
 }
 
-func TestBuildResponseObjectTreatsMixedProseToolPayloadAsText(t *testing.T) {
+func TestBuildResponseObjectPromotesMixedProseToolPayloadToFunctionCall(t *testing.T) {
 	obj := BuildResponseObject(
 		"resp_test",
 		"gpt-4o",
@@ -56,20 +56,20 @@ func TestBuildResponseObjectTreatsMixedProseToolPayloadAsText(t *testing.T) {
 	)
 
 	outputText, _ := obj["output_text"].(string)
-	if outputText == "" {
-		t.Fatalf("expected output_text preserved for mixed prose payload")
+	if outputText != "" {
+		t.Fatalf("expected output_text hidden for mixed prose tool payload, got %q", outputText)
 	}
 	output, _ := obj["output"].([]any)
 	if len(output) != 1 {
-		t.Fatalf("expected one message output item, got %#v", obj["output"])
+		t.Fatalf("expected one function_call output item, got %#v", obj["output"])
 	}
 	first, _ := output[0].(map[string]any)
-	if first["type"] != "message" {
-		t.Fatalf("expected message output type, got %#v", first["type"])
+	if first["type"] != "function_call" {
+		t.Fatalf("expected function_call output type, got %#v", first["type"])
 	}
 }
 
-func TestBuildResponseObjectFencedToolPayloadRemainsText(t *testing.T) {
+func TestBuildResponseObjectPromotesFencedToolPayloadToFunctionCall(t *testing.T) {
 	obj := BuildResponseObject(
 		"resp_test",
 		"gpt-4o",
@@ -80,16 +80,16 @@ func TestBuildResponseObjectFencedToolPayloadRemainsText(t *testing.T) {
 	)
 
 	outputText, _ := obj["output_text"].(string)
-	if outputText == "" {
-		t.Fatalf("expected output_text preserved for fenced example")
+	if outputText != "" {
+		t.Fatalf("expected output_text hidden for fenced tool payload, got %q", outputText)
 	}
 	output, _ := obj["output"].([]any)
 	if len(output) != 1 {
-		t.Fatalf("expected one message output item, got %#v", obj["output"])
+		t.Fatalf("expected one function_call output item, got %#v", obj["output"])
 	}
 	first, _ := output[0].(map[string]any)
-	if first["type"] != "message" {
-		t.Fatalf("expected message output type, got %#v", first["type"])
+	if first["type"] != "function_call" {
+		t.Fatalf("expected function_call output type, got %#v", first["type"])
 	}
 }
 

internal/js/helpers/stream-tool-sieve/parse.js

@@ -2,10 +2,8 @@
 
 const {
   toStringSafe,
-  looksLikeToolExampleContext,
 } = require('./state');
 const {
-  stripFencedCodeBlocks,
   buildToolCallCandidates,
   parseToolCallsPayload,
   parseMarkupToolCalls,
@@ -38,16 +36,13 @@ function parseToolCalls(text, toolNames) {
 
 function parseToolCallsDetailed(text, toolNames) {
   const result = emptyParseResult();
-  if (!toStringSafe(text)) {
+  const normalized = toStringSafe(text);
+  if (!normalized) {
     return result;
   }
-  const sanitized = stripFencedCodeBlocks(text);
-  if (!toStringSafe(sanitized)) {
-    return result;
-  }
-  result.sawToolCallSyntax = looksLikeToolCallSyntax(sanitized);
+  result.sawToolCallSyntax = looksLikeToolCallSyntax(normalized);
 
-  const candidates = buildToolCallCandidates(sanitized);
+  const candidates = buildToolCallCandidates(normalized);
   let parsed = [];
   for (const c of candidates) {
     parsed = parseToolCallsPayload(c);
@@ -63,9 +58,9 @@ function parseToolCallsDetailed(text, toolNames) {
     }
   }
   if (parsed.length === 0) {
-    parsed = parseMarkupToolCalls(sanitized);
+    parsed = parseMarkupToolCalls(normalized);
     if (parsed.length === 0) {
-      parsed = parseTextKVToolCalls(sanitized);
+      parsed = parseTextKVToolCalls(normalized);
       if (parsed.length === 0) {
         return result;
       }
@@ -90,22 +85,29 @@ function parseStandaloneToolCallsDetailed(text, toolNames) {
   if (!trimmed) {
     return result;
   }
-  if (trimmed.includes('```')) {
-    return result;
-  }
-  if (looksLikeToolExampleContext(trimmed)) {
-    return result;
-  }
   result.sawToolCallSyntax = looksLikeToolCallSyntax(trimmed);
-  let parsed = parseToolCallsPayload(trimmed);
+  const candidates = buildToolCallCandidates(trimmed);
+  let parsed = [];
+  for (const c of candidates) {
+    parsed = parseToolCallsPayload(c);
+    if (parsed.length === 0) {
+      parsed = parseMarkupToolCalls(c);
+    }
+    if (parsed.length === 0) {
+      parsed = parseTextKVToolCalls(c);
+    }
+    if (parsed.length > 0) {
+      break;
+    }
+  }
   if (parsed.length === 0) {
     parsed = parseMarkupToolCalls(trimmed);
-  }
-  if (parsed.length === 0) {
-    parsed = parseTextKVToolCalls(trimmed);
-  }
-  if (parsed.length === 0) {
-    return result;
+    if (parsed.length === 0) {
+      parsed = parseTextKVToolCalls(trimmed);
+      if (parsed.length === 0) {
+        return result;
+      }
+    }
   }
 
   result.sawToolCallSyntax = true;

internal/js/helpers/stream-tool-sieve/sieve.js

@@ -46,6 +46,9 @@ function processToolSieveChunk(state, chunk, toolNames) {
       if (Array.isArray(consumed.calls) && consumed.calls.length > 0) {
         state.pendingToolRaw = captured;
         state.pendingToolCalls = consumed.calls;
+        if (consumed.suffix) {
+          state.pending = consumed.suffix + state.pending;
+        }
         continue;
       }
       if (consumed.prefix) {
@@ -165,19 +168,34 @@ function findToolSegmentStart(s) {
     return -1;
   }
   const lower = s.toLowerCase();
+  const keywords = ['tool_calls', 'function.name:', '[tool_call_history]'];
   let offset = 0;
   // eslint-disable-next-line no-constant-condition
   while (true) {
-    const keyIdx = lower.indexOf('tool_calls', offset);
-    if (keyIdx < 0) {
+    let bestKeyIdx = -1;
+    let matchedKeyword = '';
+
+    for (const kw of keywords) {
+      const idx = lower.indexOf(kw, offset);
+      if (idx >= 0) {
+        if (bestKeyIdx < 0 || idx < bestKeyIdx) {
+          bestKeyIdx = idx;
+          matchedKeyword = kw;
+        }
+      }
+    }
+
+    if (bestKeyIdx < 0) {
       return -1;
     }
+
+    const keyIdx = bestKeyIdx;
     const start = s.slice(0, keyIdx).lastIndexOf('{');
     const candidateStart = start >= 0 ? start : keyIdx;
     if (!insideCodeFence(s.slice(0, candidateStart))) {
       return candidateStart;
     }
-    offset = keyIdx + 'tool_calls'.length;
+    offset = keyIdx + matchedKeyword.length;
   }
 }
 
@@ -187,20 +205,28 @@ function consumeToolCapture(state, toolNames) {
     return { ready: false, prefix: '', calls: [], suffix: '' };
   }
   const lower = captured.toLowerCase();
-  const keyIdx = lower.indexOf('tool_calls');
+  
+  let keyIdx = -1;
+  const keywords = ['tool_calls', 'function.name:', '[tool_call_history]'];
+  for (const kw of keywords) {
+    const idx = lower.indexOf(kw);
+    if (idx >= 0 && (keyIdx < 0 || idx < keyIdx)) {
+      keyIdx = idx;
+    }
+  }
+  
   if (keyIdx < 0) {
     return { ready: false, prefix: '', calls: [], suffix: '' };
   }
   const start = captured.slice(0, keyIdx).lastIndexOf('{');
-  if (start < 0) {
-    return { ready: false, prefix: '', calls: [], suffix: '' };
-  }
-  const obj = extractJSONObjectFrom(captured, start);
+  const actualStart = start >= 0 ? start : keyIdx;
+  
+  const obj = extractJSONObjectFrom(captured, actualStart);
   if (!obj.ok) {
     return { ready: false, prefix: '', calls: [], suffix: '' };
   }
 
-  const prefixPart = captured.slice(0, start);
+  const prefixPart = captured.slice(0, actualStart);
   const suffixPart = captured.slice(obj.end);
 
   if (insideCodeFence((state.recentTextTail || '') + prefixPart)) {
@@ -212,16 +238,7 @@ function consumeToolCapture(state, toolNames) {
     };
   }
 
-  if ((state.recentTextTail || '').trim() !== '' || prefixPart.trim() !== '' || suffixPart.trim() !== '') {
-    return {
-      ready: true,
-      prefix: captured,
-      calls: [],
-      suffix: '',
-    };
-  }
-
-  const parsed = parseStandaloneToolCallsDetailed(captured.slice(start, obj.end), toolNames);
+  const parsed = parseStandaloneToolCallsDetailed(captured.slice(actualStart, obj.end), toolNames);
   if (!Array.isArray(parsed.calls) || parsed.calls.length === 0) {
     if (parsed.sawToolCallSyntax && parsed.rejectedByPolicy) {
       return {

internal/util/toolcalls_candidates.go

@@ -20,7 +20,7 @@ func buildToolCallCandidates(text string) []string {
 		}
 	}
 
-	// best-effort extraction around "tool_calls" key in mixed text payloads.
+	// best-effort extraction around tool call keywords in mixed text payloads.
 	candidates = append(candidates, extractToolCallObjects(trimmed)...)
 
 	// best-effort object slice: from first '{' to last '}'
@@ -57,25 +57,65 @@ func extractToolCallObjects(text string) []string {
 	lower := strings.ToLower(text)
 	out := []string{}
 	offset := 0
+	keywords := []string{"tool_calls", "function.name:", "[tool_call_history]"}
 	for {
-		idx := strings.Index(lower[offset:], "tool_calls")
-		if idx < 0 {
+		bestIdx := -1
+		matchedKeyword := ""
+		for _, kw := range keywords {
+			idx := strings.Index(lower[offset:], kw)
+			if idx >= 0 {
+				absIdx := offset + idx
+				if bestIdx < 0 || absIdx < bestIdx {
+					bestIdx = absIdx
+					matchedKeyword = kw
+				}
+			}
+		}
+
+		if bestIdx < 0 {
 			break
 		}
-		idx += offset
-		start := strings.LastIndex(text[:idx], "{")
-		for start >= 0 {
+
+		idx := bestIdx
+		// Avoid backtracking too far to prevent OOM on malicious or very long strings
+		searchLimit := idx - 2000
+		if searchLimit < offset {
+			searchLimit = offset
+		}
+		
+		start := strings.LastIndex(text[searchLimit:idx], "{")
+		if start >= 0 {
+			start += searchLimit
+		}
+		
+		if start < 0 {
+			offset = idx + len(matchedKeyword)
+			continue
+		}
+
+		foundObj := false
+		for start >= searchLimit {
 			candidate, end, ok := extractJSONObject(text, start)
 			if ok {
 				// Move forward to avoid repeatedly matching the same object.
 				offset = end
 				out = append(out, strings.TrimSpace(candidate))
+				foundObj = true
 				break
 			}
-			start = strings.LastIndex(text[:start], "{")
+			// Try previous '{'
+			if start > searchLimit {
+				prevStart := strings.LastIndex(text[searchLimit:start], "{")
+				if prevStart >= 0 {
+					start = searchLimit + prevStart
+					continue
+				}
+			}
+			break
 		}
-		if start < 0 {
-			offset = idx + len("tool_calls")
+		
+		if !foundObj {
+			offset = idx + len(matchedKeyword)
 		}
 	}
 	return out
@@ -88,7 +128,12 @@ func extractJSONObject(text string, start int) (string, int, bool) {
 	depth := 0
 	quote := byte(0)
 	escaped := false
-	for i := start; i < len(text); i++ {
+	// Limit scan length to avoid OOM on unclosed objects
+	maxLen := start + 50000
+	if maxLen > len(text) {
+		maxLen = len(text)
+	}
+	for i := start; i < maxLen; i++ {
 		ch := text[i]
 		if quote != 0 {
 			if escaped {

internal/util/toolcalls_input_parse.go

@@ -0,0 +1,106 @@
+package util
+
+import (
+	"encoding/json"
+	"strings"
+	"unicode"
+)
+
+func parseToolCallInput(v any) map[string]any {
+	switch x := v.(type) {
+	case nil:
+		return map[string]any{}
+	case map[string]any:
+		return x
+	case string:
+		raw := strings.TrimSpace(x)
+		if raw == "" {
+			return map[string]any{}
+		}
+		var parsed map[string]any
+		if err := json.Unmarshal([]byte(raw), &parsed); err == nil && parsed != nil {
+			repairPathLikeControlChars(parsed)
+			return parsed
+		}
+		// Try to repair invalid backslashes (common in Windows paths output by models)
+		repaired := repairInvalidJSONBackslashes(raw)
+		if repaired != raw {
+			if err := json.Unmarshal([]byte(repaired), &parsed); err == nil && parsed != nil {
+				return parsed
+			}
+		}
+		// Try to repair loose JSON in string argument as well
+		repairedLoose := RepairLooseJSON(raw)
+		if repairedLoose != raw {
+			if err := json.Unmarshal([]byte(repairedLoose), &parsed); err == nil && parsed != nil {
+				return parsed
+			}
+		}
+		return map[string]any{"_raw": raw}
+	default:
+		b, err := json.Marshal(x)
+		if err != nil {
+			return map[string]any{}
+		}
+		var parsed map[string]any
+		if err := json.Unmarshal(b, &parsed); err == nil && parsed != nil {
+			return parsed
+		}
+		return map[string]any{}
+	}
+}
+
+func repairPathLikeControlChars(m map[string]any) {
+	for k, v := range m {
+		switch vv := v.(type) {
+		case map[string]any:
+			repairPathLikeControlChars(vv)
+		case []any:
+			for _, item := range vv {
+				if child, ok := item.(map[string]any); ok {
+					repairPathLikeControlChars(child)
+				}
+			}
+		case string:
+			if isPathLikeKey(k) && containsControlRune(vv) {
+				m[k] = escapeControlRunes(vv)
+			}
+		}
+	}
+}
+
+func isPathLikeKey(key string) bool {
+	k := strings.ToLower(strings.TrimSpace(key))
+	return strings.Contains(k, "path") || strings.Contains(k, "file")
+}
+
+func containsControlRune(s string) bool {
+	for _, r := range s {
+		if unicode.IsControl(r) {
+			return true
+		}
+	}
+	return false
+}
+
+func escapeControlRunes(s string) string {
+	var b strings.Builder
+	b.Grow(len(s) + 8)
+	for _, r := range s {
+		switch r {
+		case '\b':
+			b.WriteString(`\b`)
+		case '\f':
+			b.WriteString(`\f`)
+		case '\n':
+			b.WriteString(`\n`)
+		case '\r':
+			b.WriteString(`\r`)
+		case '\t':
+			b.WriteString(`\t`)
+		default:
+			b.WriteRune(r)
+		}
+	}
+	return b.String()
+}

internal/util/toolcalls_json_repair.go

@@ -0,0 +1,79 @@
+package util
+
+import (
+	"regexp"
+	"strings"
+)
+
+func repairInvalidJSONBackslashes(s string) string {
+	if !strings.Contains(s, "\\") {
+		return s
+	}
+	var out strings.Builder
+	out.Grow(len(s) + 10)
+	runes := []rune(s)
+	for i := 0; i < len(runes); i++ {
+		if runes[i] == '\\' {
+			if i+1 < len(runes) {
+				next := runes[i+1]
+				switch next {
+				case '"', '\\', '/', 'b', 'f', 'n', 'r', 't':
+					out.WriteRune('\\')
+					out.WriteRune(next)
+					i++
+					continue
+				case 'u':
+					if i+5 < len(runes) {
+						isHex := true
+						for j := 1; j <= 4; j++ {
+							r := runes[i+1+j]
+							if !((r >= '0' && r <= '9') || (r >= 'a' && r <= 'f') || (r >= 'A' && r <= 'F')) {
+								isHex = false
+								break
+							}
+						}
+						if isHex {
+							out.WriteRune('\\')
+							out.WriteRune('u')
+							for j := 1; j <= 4; j++ {
+								out.WriteRune(runes[i+1+j])
+							}
+							i += 5
+							continue
+						}
+					}
+				}
+			}
+			// Not a valid escape sequence, double it
+			out.WriteString("\\\\")
+		} else {
+			out.WriteRune(runes[i])
+		}
+	}
+	return out.String()
+}
+
+var unquotedKeyPattern = regexp.MustCompile(`([{,]\s*)([a-zA-Z_][a-zA-Z0-9_]*)\s*:`)
+
+// missingArrayBracketsPattern identifies a sequence of two or more JSON objects separated by commas
+// that immediately follow a colon, which indicates a missing array bracket `[` `]`.
+// E.g., "key": {"a": 1}, {"b": 2} -> "key": [{"a": 1}, {"b": 2}]
+// NOTE: The pattern uses (?:[^{}]|\{[^{}]*\})* to support single-level nested {} objects,
+// which handles cases like {"content": "x", "input": {"q": "y"}}
+var missingArrayBracketsPattern = regexp.MustCompile(`(:\s*)(\{(?:[^{}]|\{[^{}]*\})*\}(?:\s*,\s*\{(?:[^{}]|\{[^{}]*\})*\})+)`)
+
+func RepairLooseJSON(s string) string {
+	s = strings.TrimSpace(s)
+	if s == "" {
+		return s
+	}
+	// 1. Replace unquoted keys: {key: -> {"key":
+	s = unquotedKeyPattern.ReplaceAllString(s, `$1"$2":`)
+
+	// 2. Heuristic: Fix missing array brackets for list of objects
+	// e.g., : {obj1}, {obj2} -> : [{obj1}, {obj2}]
+	// This specifically addresses DeepSeek's "list hallucination"
+	s = missingArrayBracketsPattern.ReplaceAllString(s, `$1[$2]`)
+
+	return s
+}

internal/util/toolcalls_parse.go

@@ -16,7 +16,6 @@ type ToolCallParseResult struct {
 	RejectedByPolicy  bool
 	RejectedToolNames []string
 }
-
 func ParseToolCalls(text string, availableToolNames []string) []ParsedToolCall {
 	return ParseToolCallsDetailed(text, availableToolNames).Calls
 }
@@ -26,10 +25,6 @@ func ParseToolCallsDetailed(text string, availableToolNames []string) ToolCallPa
 	if strings.TrimSpace(text) == "" {
 		return result
 	}
-	text = stripFencedCodeBlocks(text)
-	if strings.TrimSpace(text) == "" {
-		return result
-	}
 	result.SawToolCallSyntax = looksLikeToolCallSyntax(text)
 
 	candidates := buildToolCallCandidates(text)
@@ -68,7 +63,6 @@ func ParseToolCallsDetailed(text string, availableToolNames []string) ToolCallPa
 	result.RejectedByPolicy = len(rejectedNames) > 0 && len(calls) == 0
 	return result
 }
-
 func ParseStandaloneToolCalls(text string, availableToolNames []string) []ParsedToolCall {
 	return ParseStandaloneToolCallsDetailed(text, availableToolNames).Calls
 }
@@ -79,17 +73,15 @@ func ParseStandaloneToolCallsDetailed(text string, availableToolNames []string)
 	if trimmed == "" {
 		return result
 	}
-	if looksLikeToolExampleContext(trimmed) {
-		return result
-	}
 	result.SawToolCallSyntax = looksLikeToolCallSyntax(trimmed)
-	candidates := []string{trimmed}
+	candidates := buildToolCallCandidates(trimmed)
+	var parsed []ParsedToolCall
 	for _, candidate := range candidates {
 		candidate = strings.TrimSpace(candidate)
 		if candidate == "" {
 			continue
 		}
-		parsed := parseToolCallsPayload(candidate)
+		parsed = parseToolCallsPayload(candidate)
 		if len(parsed) == 0 {
 			parsed = parseXMLToolCalls(candidate)
 		}
@@ -100,14 +92,23 @@ func ParseStandaloneToolCallsDetailed(text string, availableToolNames []string)
 			parsed = parseTextKVToolCalls(candidate)
 		}
 		if len(parsed) > 0 {
-			result.SawToolCallSyntax = true
-			calls, rejectedNames := filterToolCallsDetailed(parsed, availableToolNames)
-			result.Calls = calls
-			result.RejectedToolNames = rejectedNames
-			result.RejectedByPolicy = len(rejectedNames) > 0 && len(calls) == 0
-			return result
+			break
 		}
 	}
+	if len(parsed) == 0 {
+		parsed = parseXMLToolCalls(trimmed)
+		if len(parsed) == 0 {
+			parsed = parseTextKVToolCalls(trimmed)
+			if len(parsed) == 0 {
+				return result
+			}
+		}
+	}
+	result.SawToolCallSyntax = true
+	calls, rejectedNames := filterToolCallsDetailed(parsed, availableToolNames)
+	result.Calls = calls
+	result.RejectedToolNames = rejectedNames
+	result.RejectedByPolicy = len(rejectedNames) > 0 && len(calls) == 0
 	return result
 }
 
@@ -171,7 +172,13 @@ func resolveAllowedToolName(name string, allowed map[string]struct{}, allowedCan
 func parseToolCallsPayload(payload string) []ParsedToolCall {
 	var decoded any
 	if err := json.Unmarshal([]byte(payload), &decoded); err != nil {
-		return nil
+		// Try to repair backslashes first! Because LLMs often mix these two problems.
+		repaired := repairInvalidJSONBackslashes(payload)
+		// Try loose repair on top of that
+		repaired = RepairLooseJSON(repaired)
+		if err := json.Unmarshal([]byte(repaired), &decoded); err != nil {
+			return nil
+		}
 	}
 	switch v := decoded.(type) {
 	case map[string]any:
@@ -248,32 +255,3 @@ func parseToolCallItem(m map[string]any) (ParsedToolCall, bool) {
 		Input: parseToolCallInput(inputRaw),
 	}, true
 }
-
-func parseToolCallInput(v any) map[string]any {
-	switch x := v.(type) {
-	case nil:
-		return map[string]any{}
-	case map[string]any:
-		return x
-	case string:
-		raw := strings.TrimSpace(x)
-		if raw == "" {
-			return map[string]any{}
-		}
-		var parsed map[string]any
-		if err := json.Unmarshal([]byte(raw), &parsed); err == nil && parsed != nil {
-			return parsed
-		}
-		return map[string]any{"_raw": raw}
-	default:
-		b, err := json.Marshal(x)
-		if err != nil {
-			return map[string]any{}
-		}
-		var parsed map[string]any
-		if err := json.Unmarshal(b, &parsed); err == nil && parsed != nil {
-			return parsed
-		}
-		return map[string]any{}
-	}
-}

internal/util/toolcalls_test.go

@@ -1,6 +1,9 @@
 package util
 
-import "testing"
+import (
+	"strings"
+	"testing"
+)
 
 func TestParseToolCalls(t *testing.T) {
 	text := `prefix {"tool_calls":[{"name":"search","input":{"q":"golang"}}]} suffix`
@@ -19,8 +22,8 @@ func TestParseToolCalls(t *testing.T) {
 func TestParseToolCallsFromFencedJSON(t *testing.T) {
 	text := "I will call tools now\n```json\n{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"news\"}}]}\n```"
 	calls := ParseToolCalls(text, []string{"search"})
-	if len(calls) != 0 {
-		t.Fatalf("expected fenced tool_call example to be ignored, got %#v", calls)
+	if len(calls) != 1 {
+		t.Fatalf("expected fenced tool_call payload to be parsed, got %#v", calls)
 	}
 }
 
@@ -96,10 +99,10 @@ func TestFormatOpenAIToolCalls(t *testing.T) {
 	}
 }
 
-func TestParseStandaloneToolCallsOnlyMatchesStandalonePayload(t *testing.T) {
+func TestParseStandaloneToolCallsSupportsMixedProsePayload(t *testing.T) {
 	mixed := `这里是示例：{"tool_calls":[{"name":"search","input":{"q":"go"}}]}`
-	if calls := ParseStandaloneToolCalls(mixed, []string{"search"}); len(calls) != 0 {
-		t.Fatalf("expected standalone parser to ignore mixed prose, got %#v", calls)
+	if calls := ParseStandaloneToolCalls(mixed, []string{"search"}); len(calls) != 1 {
+		t.Fatalf("expected standalone parser to parse mixed prose payload, got %#v", calls)
 	}
 
 	standalone := `{"tool_calls":[{"name":"search","input":{"q":"go"}}]}`
@@ -109,10 +112,10 @@ func TestParseStandaloneToolCallsOnlyMatchesStandalonePayload(t *testing.T) {
 	}
 }
 
-func TestParseStandaloneToolCallsIgnoresFencedCodeBlock(t *testing.T) {
+func TestParseStandaloneToolCallsParsesFencedCodeBlock(t *testing.T) {
 	fenced := "```json\n{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"go\"}}]}\n```"
-	if calls := ParseStandaloneToolCalls(fenced, []string{"search"}); len(calls) != 0 {
-		t.Fatalf("expected fenced tool_call example to be ignored, got %#v", calls)
+	if calls := ParseStandaloneToolCalls(fenced, []string{"search"}); len(calls) != 1 {
+		t.Fatalf("expected fenced tool_call payload to be parsed, got %#v", calls)
 	}
 }
 
@@ -279,3 +282,238 @@ func TestParseToolCallsDoesNotAcceptMismatchedMarkupTags(t *testing.T) {
 		t.Fatalf("expected mismatched tags to be rejected, got %#v", calls)
 	}
 }
+
+func TestRepairInvalidJSONBackslashes(t *testing.T) {
+	tests := []struct {
+		input    string
+		expected string
+	}{
+		{`{"path": "C:\Users\name"}`, `{"path": "C:\\Users\name"}`},
+		{`{"cmd": "cd D:\git_codes"}`, `{"cmd": "cd D:\\git_codes"}`},
+		{`{"text": "line1\nline2"}`, `{"text": "line1\nline2"}`},
+		{`{"path": "D:\\back\\slash"}`, `{"path": "D:\\back\\slash"}`},
+		{`{"unicode": "\u2705"}`, `{"unicode": "\u2705"}`},
+		{`{"invalid_u": "\u123"}`, `{"invalid_u": "\\u123"}`},
+	}
+
+	for _, tt := range tests {
+		got := repairInvalidJSONBackslashes(tt.input)
+		if got != tt.expected {
+			t.Errorf("repairInvalidJSONBackslashes(%s) = %s; want %s", tt.input, got, tt.expected)
+		}
+	}
+}
+
+func TestRepairLooseJSON(t *testing.T) {
+	tests := []struct {
+		input    string
+		expected string
+	}{
+		{`{tool_calls: [{"name": "search", "input": {"q": "go"}}]}`, `{"tool_calls": [{"name": "search", "input": {"q": "go"}}]}`},
+		{`{name: "search", input: {q: "go"}}`, `{"name": "search", "input": {"q": "go"}}`},
+	}
+
+	for _, tt := range tests {
+		got := RepairLooseJSON(tt.input)
+		if got != tt.expected {
+			t.Errorf("RepairLooseJSON(%s) = %s; want %s", tt.input, got, tt.expected)
+		}
+	}
+}
+
+func TestParseToolCallsWithUnquotedKeys(t *testing.T) {
+	text := `这里是列表：{tool_calls: [{"name": "todowrite", "input": {"todos": "test"}}]}`
+	availableTools := []string{"todowrite"}
+
+	parsed := ParseToolCalls(text, availableTools)
+	if len(parsed) != 1 {
+		t.Fatalf("expected 1 tool call, got %d", len(parsed))
+	}
+	if parsed[0].Name != "todowrite" {
+		t.Errorf("expected tool todowrite, got %s", parsed[0].Name)
+	}
+}
+
+func TestParseToolCallsWithInvalidBackslashes(t *testing.T) {
+	// DeepSeek sometimes outputs Windows paths with single backslashes in JSON strings
+	// Note: using raw string to simulate what AI actually sends in the stream
+	text := `好的，执行以下命令：{"name": "execute_command", "input": "{\"command\": \"cd D:\git_codes && dir\"}"}`
+	availableTools := []string{"execute_command"}
+
+	parsed := ParseToolCalls(text, availableTools)
+	// If standard JSON fails, buildToolCallCandidates should still extract the object,
+	// and parseToolCallsPayload should repair it.
+	if len(parsed) != 1 {
+		// If it still fails, let's see why
+		candidates := buildToolCallCandidates(text)
+		t.Logf("Candidates: %v", candidates)
+		t.Fatalf("expected 1 tool call, got %d", len(parsed))
+	}
+
+	cmd, ok := parsed[0].Input["command"].(string)
+	if !ok {
+		t.Fatalf("expected command string in input, got %v", parsed[0].Input)
+	}
+
+	expected := "cd D:\\git_codes && dir"
+	if cmd != expected {
+		t.Errorf("expected command %q, got %q", expected, cmd)
+	}
+}
+
+func TestParseToolCallsWithDeepSeekHallucination(t *testing.T) {
+	// 模拟 DeepSeek 典型的幻觉输出：未加引号的键名 + 包含 Windows 路径的嵌套 JSON 字符串 + 漏掉列表的方括号
+	text := `检测到实施意图——实现经典算法。需在misc/目录创建Python文件。
+关键约束:
+1. Windows UTF-8编码处理
+2. 必须用绝对路径导入
+3. 禁止write覆盖已有文件（misc/目录允许创建新文件）
+将任务分解并委托：
+- 研究8皇后算法模式（并行探索）
+- 实现带可视化输出的解决方案（unspecified-high）
+先创建todo列表追踪步骤。
+{tool_calls: [{"name": "todowrite", "input": {"todos": {"content": "研究8皇后问题算法模式（回溯法）和输出格式", "status": "pending", "priority": "high"}, {"content": "在misc/目录创建8皇后Python脚本，包含完整解决方案和可视化输出", "status": "pending", "priority": "high"}, {"content": "验证脚本正确性（运行测试）", "status": "pending", "priority": "medium"}}}]}`
+
+	availableTools := []string{"todowrite"}
+	parsed := ParseToolCalls(text, availableTools)
+
+	if len(parsed) != 1 {
+		cands := buildToolCallCandidates(text)
+		for i, c := range cands {
+			t.Logf("CAND %d: %s", i, c)
+			repaired := RepairLooseJSON(c)
+			t.Logf("  REPAIRED: %s", repaired)
+		}
+		t.Fatalf("expected 1 tool call, got %d. Candidates: %v", len(parsed), buildToolCallCandidates(text))
+	}
+
+	if parsed[0].Name != "todowrite" {
+		t.Errorf("expected tool name 'todowrite', got %q", parsed[0].Name)
+	}
+
+	todos, ok := parsed[0].Input["todos"].([]any)
+	if !ok {
+		t.Fatalf("expected 'todos' to be parsed as a list, got %T: %#v", parsed[0].Input["todos"], parsed[0].Input["todos"])
+	}
+	if len(todos) != 3 {
+		t.Errorf("expected 3 todo items, got %d", len(todos))
+	}
+}
+
+func TestParseToolCallsWithMixedWindowsPaths(t *testing.T) {
+	// 更复杂的案例：嵌套 JSON 字符串中的反斜杠未转义
+	text := `关键约束: 1. Windows UTF-8编码处理 2. 必须用绝对路径导入 D:\git_codes\ds2api\misc
+{tool_calls: [{"name": "write_file", "input": "{\"path\": \"D:\\git_codes\\ds2api\\misc\\queens.py\", \"content\": \"print('hello')\"}"}]}`
+
+	availableTools := []string{"write_file"}
+	parsed := ParseToolCalls(text, availableTools)
+
+	if len(parsed) != 1 {
+		t.Fatalf("expected 1 tool call from mixed text with paths, got %d", len(parsed))
+	}
+
+	path, _ := parsed[0].Input["path"].(string)
+	// 在解析后的 Go map 中，反斜杠应该被还原
+	if !strings.Contains(path, "D:\\git_codes") && !strings.Contains(path, "D:/git_codes") {
+		t.Errorf("expected path to contain Windows style separators, got %q", path)
+	}
+}
+
+func TestParseToolCallInputRepairsControlCharsInPath(t *testing.T) {
+	in := `{"path":"D:\tmp\new\readme.txt","content":"line1\nline2"}`
+	parsed := parseToolCallInput(in)
+
+	path, ok := parsed["path"].(string)
+	if !ok {
+		t.Fatalf("expected path string in parsed input, got %#v", parsed["path"])
+	}
+	if path != `D:\tmp\new\readme.txt` {
+		t.Fatalf("expected repaired windows path, got %q", path)
+	}
+
+	content, ok := parsed["content"].(string)
+	if !ok {
+		t.Fatalf("expected content string in parsed input, got %#v", parsed["content"])
+	}
+	if content != "line1\nline2" {
+		t.Fatalf("expected non-path field to keep decoded escapes, got %q", content)
+	}
+}
+
+func TestRepairLooseJSONWithNestedObjects(t *testing.T) {
+	// 测试嵌套对象的修复：DeepSeek 幻觉输出，每个元素内部包含嵌套 {}
+	// 注意：正则只支持单层嵌套，不支持更深层次的嵌套
+	tests := []struct {
+		name     string
+		input    string
+		expected string
+	}{
+		// 1. 单层嵌套对象（核心修复目标）
+		{
+			name:     "单层嵌套 - 2个元素",
+			input:    `"todos": {"content": "研究算法", "input": {"q": "8 queens"}}, {"content": "实现", "input": {"path": "queens.py"}}`,
+			expected: `"todos": [{"content": "研究算法", "input": {"q": "8 queens"}}, {"content": "实现", "input": {"path": "queens.py"}}]`,
+		},
+		// 2. 3个单层嵌套对象
+		{
+			name:     "3个单层嵌套对象",
+			input:    `"items": {"a": {"x":1}}, {"b": {"y":2}}, {"c": {"z":3}}`,
+			expected: `"items": [{"a": {"x":1}}, {"b": {"y":2}}, {"c": {"z":3}}]`,
+		},
+		// 3. 混合嵌套：有些字段是对象，有些是原始值
+		{
+			name:     "混合嵌套 - 对象和原始值混合",
+			input:    `"items": {"name": "test", "config": {"timeout": 30}}, {"name": "test2", "config": {"timeout": 60}}`,
+			expected: `"items": [{"name": "test", "config": {"timeout": 30}}, {"name": "test2", "config": {"timeout": 60}}]`,
+		},
+		// 4. 4个嵌套对象（边界测试）
+		{
+			name:     "4个嵌套对象",
+			input:    `"todos": {"id": 1}, {"id": 2}, {"id": 3}, {"id": 4}`,
+			expected: `"todos": [{"id": 1}, {"id": 2}, {"id": 3}, {"id": 4}]`,
+		},
+		// 5. DeepSeek 典型幻觉：无空格逗号分隔
+		{
+			name:     "无空格逗号分隔",
+			input:    `"results": {"name": "a"}, {"name": "b"}, {"name": "c"}`,
+			expected: `"results": [{"name": "a"}, {"name": "b"}, {"name": "c"}]`,
+		},
+		// 6. 嵌套数组（数组在对象内，不是深层嵌套）
+		{
+			name:     "对象内包含数组",
+			input:    `"data": {"items": [1,2,3]}, {"items": [4,5,6]}`,
+			expected: `"data": [{"items": [1,2,3]}, {"items": [4,5,6]}]`,
+		},
+		// 7. 真实的 DeepSeek 8皇后问题输出
+		{
+			name:     "DeepSeek 8皇后真实输出",
+			input:    `"todos": {"content": "研究8皇后算法", "status": "pending"}, {"content": "实现Python脚本", "status": "pending"}, {"content": "验证结果", "status": "pending"}`,
+			expected: `"todos": [{"content": "研究8皇后算法", "status": "pending"}, {"content": "实现Python脚本", "status": "pending"}, {"content": "验证结果", "status": "pending"}]`,
+		},
+		// 8. 简单无嵌套对象（回归测试）
+		{
+			name:     "简单无嵌套对象",
+			input:    `"items": {"a": 1}, {"b": 2}`,
+			expected: `"items": [{"a": 1}, {"b": 2}]`,
+		},
+		// 9. 更复杂的单层嵌套
+		{
+			name:     "复杂单层嵌套",
+			input:    `"functions": {"name": "execute", "input": {"command": "ls"}}, {"name": "read", "input": {"file": "a.txt"}}`,
+			expected: `"functions": [{"name": "execute", "input": {"command": "ls"}}, {"name": "read", "input": {"file": "a.txt"}}]`,
+		},
+		// 10. 5个嵌套对象
+		{
+			name:     "5个嵌套对象",
+			input:    `"tasks": {"id":1}, {"id":2}, {"id":3}, {"id":4}, {"id":5}`,
+			expected: `"tasks": [{"id":1}, {"id":2}, {"id":3}, {"id":4}, {"id":5}]`,
+		},
+	}
+
+	for _, tt := range tests {
+		got := RepairLooseJSON(tt.input)
+		if got != tt.expected {
+			t.Errorf("[%s] RepairLooseJSON with nested objects:\n  input:    %s\n  got:      %s\n  expected: %s", tt.name, tt.input, got, tt.expected)
+		}
+	}
+}

internal/util/util_edge_test.go

@@ -409,8 +409,8 @@ func TestParseToolCallsWithFunctionWrapper(t *testing.T) {
 func TestParseStandaloneToolCallsFencedCodeBlock(t *testing.T) {
 	fenced := "Here's an example:\n```json\n{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"go\"}}]}\n```\nDon't execute this."
 	calls := ParseStandaloneToolCalls(fenced, []string{"search"})
-	if len(calls) != 0 {
-		t.Fatalf("expected fenced code block ignored, got %d calls", len(calls))
+	if len(calls) != 1 {
+		t.Fatalf("expected fenced code block to be parsed, got %d calls", len(calls))
 	}
 }
 

tests/compat/expected/toolcalls_fenced_json.json

@@ -1,6 +1,13 @@
 {
-  "calls": [],
-  "sawToolCallSyntax": false,
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
   "rejectedByPolicy": false,
   "rejectedToolNames": []
-}
+}

tests/compat/expected/toolcalls_standalone_fenced_example.json

@@ -1,6 +1,13 @@
 {
-  "calls": [],
-  "sawToolCallSyntax": false,
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
   "rejectedByPolicy": false,
   "rejectedToolNames": []
-}
+}

tests/compat/expected/toolcalls_standalone_mixed_prose.json

@@ -1,6 +1,13 @@
 {
-  "calls": [],
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
   "sawToolCallSyntax": true,
   "rejectedByPolicy": false,
   "rejectedToolNames": []
-}
+}

tests/node/stream-tool-sieve.test.js

@@ -91,7 +91,9 @@ test('parseToolCalls supports fenced json and function.arguments string payload'
     '```',
   ].join('\n');
   const calls = parseToolCalls(text, ['read_file']);
-  assert.equal(calls.length, 0);
+  assert.equal(calls.length, 1);
+  assert.equal(calls[0].name, 'read_file');
+  assert.equal(calls[0].input.path, 'README.md');
 });
 
 test('parseToolCalls parses text-kv fallback payload', () => {
@@ -122,19 +124,19 @@ test('parseToolCalls parses multiple text-kv fallback payloads', () => {
   assert.equal(calls[1].name, 'bash');
 });
 
-test('parseStandaloneToolCalls only matches standalone payload and ignores mixed prose', () => {
+test('parseStandaloneToolCalls parses mixed prose payload', () => {
   const mixed = '这里是示例：{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}，请勿执行。';
   const standalone = '{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}';
   const mixedCalls = parseStandaloneToolCalls(mixed, ['read_file']);
   const standaloneCalls = parseStandaloneToolCalls(standalone, ['read_file']);
-  assert.equal(mixedCalls.length, 0);
+  assert.equal(mixedCalls.length, 1);
   assert.equal(standaloneCalls.length, 1);
 });
 
-test('parseStandaloneToolCalls ignores fenced code block tool_call examples', () => {
+test('parseStandaloneToolCalls parses fenced code block tool_call payload', () => {
   const fenced = ['```json', '{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}', '```'].join('\n');
   const calls = parseStandaloneToolCalls(fenced, ['read_file']);
-  assert.equal(calls.length, 0);
+  assert.equal(calls.length, 1);
 });
 
 
@@ -259,28 +261,28 @@ test('sieve emits final tool_calls for split arguments payload without increment
   assert.deepEqual(finalCalls[0].input, { path: 'README.MD', mode: 'head' });
 });
 
-test('sieve keeps tool json as text when leading prose exists (strict mode)', () => {
+test('sieve still emits tool_calls when leading prose exists before tool json', () => {
   const events = runSieve(
     ['我将调用工具。', '{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}'],
     ['read_file'],
   );
   const hasTool = events.some((evt) => (evt.type === 'tool_calls' && evt.calls?.length > 0) || (evt.type === 'tool_call_deltas' && evt.deltas?.length > 0));
   const leakedText = collectText(events);
-  assert.equal(hasTool, false);
+  assert.equal(hasTool, true);
   assert.equal(leakedText.includes('我将调用工具。'), true);
-  assert.equal(leakedText.toLowerCase().includes('tool_calls'), true);
+  assert.equal(leakedText.toLowerCase().includes('tool_calls'), false);
 });
 
-test('sieve keeps same-chunk trailing prose payload as text in strict mode', () => {
+test('sieve emits tool_calls and keeps trailing prose when payload and prose share a chunk', () => {
   const events = runSieve(
     ['{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}然后继续解释。'],
     ['read_file'],
   );
   const hasTool = events.some((evt) => (evt.type === 'tool_calls' && evt.calls?.length > 0) || (evt.type === 'tool_call_deltas' && evt.deltas?.length > 0));
   const leakedText = collectText(events);
-  assert.equal(hasTool, false);
+  assert.equal(hasTool, true);
   assert.equal(leakedText.includes('然后继续解释。'), true);
-  assert.equal(leakedText.toLowerCase().includes('tool_calls'), true);
+  assert.equal(leakedText.toLowerCase().includes('tool_calls'), false);
 });
 
 test('formatOpenAIStreamToolCalls reuses ids with the same idStore', () => {

tests/repair_json_tool.go

@@ -0,0 +1,77 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+)
+
+func repairInvalidJSONBackslashes(s string) string {
+	if !strings.Contains(s, "\\") {
+		return s
+	}
+	var out strings.Builder
+	out.Grow(len(s) + 10)
+	runes := []rune(s)
+	for i := 0; i < len(runes); i++ {
+		if runes[i] == '\\' {
+			if i+1 < len(runes) {
+				next := runes[i+1]
+				switch next {
+				case '"', '\\', '/', 'b', 'f', 'n', 'r', 't':
+					out.WriteRune('\\')
+					out.WriteRune(next)
+					i++
+					continue
+				case 'u':
+					if i+5 < len(runes) {
+						isHex := true
+						for j := 1; j <= 4; j++ {
+							r := runes[i+1+j]
+							if !((r >= '0' && r <= '9') || (r >= 'a' && r <= 'f') || (r >= 'A' && r <= 'F')) {
+								isHex = false
+								break
+							}
+						}
+						if isHex {
+							out.WriteRune('\\')
+							out.WriteRune('u')
+							for j := 1; j <= 4; j++ {
+								out.WriteRune(runes[i+1+j])
+							}
+							i += 5
+							continue
+						}
+					}
+				}
+			}
+			// Not a valid escape sequence, double it
+			out.WriteString("\\\\")
+		} else {
+			out.WriteRune(runes[i])
+		}
+	}
+	return out.String()
+}
+
+func main() {
+	tests := []struct {
+		input    string
+		expected string
+	}{
+		{`{"path": "C:\Users\name"}`, `{"path": "C:\\Users\\name"}`},
+		{`{"cmd": "cd D:\git_codes"}`, `{"cmd": "cd D:\\git_codes"}`},
+		{`{"text": "line1\nline2"}`, `{"text": "line1\nline2"}`},
+		{`{"path": "D:\\back\\slash"}`, `{"path": "D:\\back\\slash"}`},
+		{`{"unicode": "\u2705"}`, `{"unicode": "\u2705"}`},
+		{`{"invalid_u": "\u123"}`, `{"invalid_u": "\\u123"}`},
+	}
+
+	for _, tt := range tests {
+		got := repairInvalidJSONBackslashes(tt.input)
+		if got != tt.expected {
+			fmt.Printf("FAIL: input=%s\n  got=%s\n  exp=%s\n", tt.input, got, tt.expected)
+		} else {
+			fmt.Printf("PASS: input=%s\n", tt.input)
+		}
+	}
+}