Skip to content

Filter notify backend logs from SQLite log sink#12

Open
th317erd wants to merge 3 commits into
Loongphy:mainfrom
th317erd:fix-sqlite-notify-log-loop
Open

Filter notify backend logs from SQLite log sink#12
th317erd wants to merge 3 commits into
Loongphy:mainfrom
th317erd:fix-sqlite-notify-log-loop

Conversation

@th317erd

Copy link
Copy Markdown

Summary

Fixes #11.

This prevents the SQLite log sink from persisting raw notify backend TRACE/DEBUG messages such as:

  • inotify event: ...
  • adding inotify watch: ...
  • removing inotify watch: ...
  • FSEvent: ...
  • kqueue event: ...
  • Windows backend Event: path = ...

These messages are emitted through the log compatibility target by notify itself. In Codext, AuthWatch watches the top-level CODEX_HOME directory, and the SQLite log DB normally lives in CODEX_HOME. That can create a self-amplifying loop:

  1. Codext writes a log row.
  2. SQLite updates logs_2.sqlite-wal.
  3. The CODEX_HOME watcher sees the WAL change.
  4. notify emits a raw TRACE log for the file event.
  5. The SQLite log sink persists that TRACE row.
  6. SQLite updates the WAL again.

The fix keeps normal application logs intact, including unrelated target="log" TRACE rows, but drops low-level file-watch backend noise before it reaches the SQLite log DB.

Notes

The existing opentelemetry_sdk TRACE/DEBUG filter is preserved. This patch moves filtering after message extraction so the sink can identify specific notify backend messages.

Testing

cargo test -p codex-state sqlite_sink_drops_low_level_notify_logs --lib
cargo test -p codex-state sqlite_sink_drops_low_level_opentelemetry_sdk_logs --lib
cargo test -p codex-state --lib
cargo build -p codex-cli

I also ran a manual default-path retest with the patched binary:

  • Removed the temporary sqlite_home workaround so SQLite returned to ~/.codex-work.
  • Confirmed the patched process had ~/.codex-work/logs_2.sqlite-wal open.
  • Created, modified, and removed 80 disposable top-level files in ~/.codex-work.
  • Confirmed WAL size and bad-row counts did not increase.

sayan-oai and others added 3 commits June 17, 2026 20:59
- Remote executors now use authenticated, end-to-end encrypted Noise relay channels. (openai#26242, openai#26245)
- Cross-platform remote execution now preserves executor-native working directories and shells, including filesystem permission paths across app-server and exec-server boundaries. (openai#27819, openai#27995, openai#28032, openai#28122, openai#28165, openai#28367)
- Selected executor plugins can activate their stdio MCP servers per thread; plugin discovery also adds a created-by-me marketplace and auth-specific curated catalogs. (openai#27870, openai#27884, openai#27893, openai#28203, openai#28383)
- App-server clients can list immediate child threads, correlate external-agent imports with detailed results, and read or redeem rate-limit reset credits. (openai#26662, openai#28008, openai#28143)
- Realtime clients can explicitly append speech, control how Codex responses enter conversations, and omit startup context. (openai#27917, openai#28405)
- TUI input prompts can auto-resolve after inactivity, with a countdown that pauses on interaction. (openai#28235)

## Bug Fixes

- Hook trust bypass now persists through `codex exec` thread start and resume, while blocking `PostToolUse` hooks correctly reject code-mode tool calls. (openai#26434, openai#28365)
- Plugin capabilities now route consistently by authentication mode, deduplicate conflicting App/MCP declarations, and preserve remote marketplace ordering. (openai#27461, openai#27602, openai#27607, openai#27902, openai#27958, openai#28395)
- Windows sandbox execution repairs stale credentials automatically and gives PowerShell commands more time before backgrounding. (openai#27086, openai#27944)
- Idle exec-server relays remain connected, and steered user input immediately interrupts `wait_agent`. (openai#28286, openai#28341)
- Bundled SQLite is pinned to a version containing the WAL-reset corruption fix. (openai#27992)
- TLS connections now support P-521 certificate signatures commonly used by enterprise proxies. (openai#27706)

## Chores

- Reduced latency and memory use in large, tool-heavy sessions by caching tool search and eliminating repeated request and history copies. (openai#27258, openai#27813, openai#28306, openai#28309, openai#28313, openai#28323, openai#28327)
- Bounded prompt-image caching to 64 MiB and feedback uploads to eight related threads. (openai#28294, openai#28332)
- Terminal resize reflow is now always enabled, ignoring obsolete disabled settings. (openai#27794)

## Changelog

Full Changelog: openai/codex@rust-v0.140.0...rust-v0.141.0

- openai#28001 [codex] package Windows ARM64 on x64 @tamird
- openai#28032 [codex] Carry exec-server cwd as PathUri @anp-oai
- openai#27607 [codex] Dedupe plugin MCPs by app declaration name @felixxia-oai
- openai#27992 [codex] Pin bundled SQLite to fixed WAL-reset version @gpeal
- openai#28125 build: run buildifier from just fmt @anp-oai
- openai#28120 bazel: add PowerShell to Wine test harness @anp-oai
- openai#27819 path-uri: render native paths across platforms @anp-oai
- openai#28122 [codex] exec-server honors remote environment cwd and shell @anp-oai
- openai#26662 feat(app-server): filter threads by parent @btraut-openai
- openai#27884 Add selected-plugin precedence and attribution to the MCP catalog @jif-oai
- openai#27870 Discover stdio MCP servers from selected executor plugins @jif-oai
- openai#28283 [codex] update multi-agent v2 prompts @jif-oai
- openai#27602 [codex] Preserve plugin apps in connector listings @felixxia-oai
- openai#27461 [codex] Skip plugin MCP OAuth for matching app routes @felixxia-oai
- openai#27893 Activate selected executor plugin MCPs in app-server @jif-oai
- openai#28332 [codex] Cap feedback upload subtrees @jif-oai
- openai#27365 Represent dynamic tools with explicit namespaces internally @sayan-oai
- openai#28333 skills: hide orchestrator skills with a local executor @jif-oai
- openai#27756 [codex] simplify shell snapshot ownership @pakrym-oai
- openai#27794 Remove terminal resize reflow flag gates @etraut-openai
- openai#28286 chore: restore exec-server relay keepalives @jif-oai
- openai#28164 [codex] simplify memory read metrics @pakrym-oai
- openai#27371 Expose explicit dynamic tool namespaces in thread start @sayan-oai
- openai#28309 linearize history output normalization @jif-oai
- openai#28306 avoid cloning sampling request input @jif-oai
- openai#28323 serialize websocket requests directly @jif-oai
- openai#28313 avoid cloning websocket request history @jif-oai
- openai#28344 [codex] remove stale PathExt import @pakrym-oai
- openai#27059 [codex] Cover OTLP HTTP log and trace event export @richardopenai
- openai#28327 reuse encoded Responses request bodies @jif-oai
- openai#27995 [codex] preserve explicit environment cwd @pakrym-oai
- openai#28285 guardian: isolate review context from skills and memories @jif-oai
- openai#26702 TUI Plugin Sharing 2 - add remote plugin section plumbing @canvrno-oai
- openai#28294 bound prompt image cache retention @jif-oai
- openai#28257 Support staging OAuth client ID overrides @apanasenko-oai
- openai#28341 core: let steer interrupt wait_agent @jif-oai
- openai#28336 skills: cache orchestrator resources per thread @jif-oai
- openai#28357 Extract shared Windows sandbox session runner @iceweasel-oai
- openai#27706 Use aws-lc-rs for rustls crypto provider @malsamiri-oai
- openai#28347 [codex] add path-types skill @anp-oai
- openai#28235 Add request user input auto-resolution timer @shijie-oai
- openai#28234 [mcp] Increase default tool timeout to 300 seconds @adaley-openai
- openai#28008 [codex] Add external agent import result accounting @charlesgong-openai
- openai#27944 recover stale Windows sandbox credentials @iceweasel-oai
- openai#27086 Add Windows unified exec yield floor @iceweasel-oai
- openai#28358 Add hidden Windows sandbox wrapper entrypoint @iceweasel-oai
- openai#27258 core: cache the tool search handler per session @mchen-oai
- openai#28143 feat(app-server): expose rate-limit reset credits @jayp-oai
- openai#28355 feat(core): add metadata field to ResponseItem @owenlin0
- openai#28203 [codex] Add created-by-me remote plugin marketplace @ericning-o
- openai#28365 Respect blocking PostToolUse hooks in code mode @abhinav-oai
- openai#27813 [codex] Reuse Apps policy evaluation across MCP tool exposure @mzeng-openai
- openai#28300 Deflake realtime handoff steering test @felixxia-oai
- openai#28395 [codex] Preserve remote plugin directory order @jameswt-oai
- openai#27955 [codex] retain resolved environments across turns @pakrym-oai
- openai#27917 Add realtime speech append control @guinness-oai
- openai#27093 [codex-analytics] Analytics Capture to File in Debug Builds @jameswt-oai
- openai#26242 exec-server: add Noise relay transport @viyatb-oai
- openai#28165 Use PathUri in filesystem permission paths for exec-server @anp-oai
- openai#28415 [codex] Fix missing response item metadata in tests @adaley-openai
- openai#27058 [codex] Add second-based OTEL duration histograms @richardopenai
- openai#27902 [codex] Centralize plugin auth capability filtering @felixxia-oai
- openai#28405 Add a toggle for realtime startup context @guinness-oai
- openai#26434 Preserve hook trust bypass in codex exec threads @abhinav-oai
- openai#26245 exec-server: default remote transport to Noise @viyatb-oai
- openai#28383 [codex] Load API curated marketplace by auth @felixxia-oai
- openai#27958 [codex] Make plugin details capability aware @felixxia-oai
- openai#28367 Use ApiPathString in app-server filesystem permission paths @anp-oai
- openai#28421 [codex] Bind shell snapshots to retained thread environments @pakrym-oai
- openai#28429 [codex] Add interruptible sleep tool @pakrym-oai
- openai#28441 [codex] Use expect in integration tests @pakrym-oai
- openai#28163 [codex] Use local environment for user shell commands @pakrym-oai
@andrei-hasna

Copy link
Copy Markdown

Merge is blocked for PR #12 as currently shaped.

Evidence:

  • GitHub reports the PR as conflicting/dirty against current main (base 0a8f60d, head 1c076d5), with no checks or reviews reported.
  • A dry-run merge against current main conflicts in unrelated release/TUI/Cargo/docs/workflow files, so this is not safe to merge as a log-sink-only change.
  • Current main already has the broader SQLite log-sink fix from e98d43a: codex-rs/state/src/log_db.rs defines log_db::default_filter(), disables target "log", and app-server/TUI install that filter. That covers notify backend logs in production paths.
  • The focused current-main validation passed: CARGO_HOME=/tmp/codext-pr12-cargo-home CARGO_TARGET_DIR=/tmp/codext-pr12-target cargo test -p codex-state sqlite_sink.

Recommendation: do not merge or cherry-pick this PR as-is. If maintainers want the narrower message-pattern behavior instead of current broad target=log suppression, it should be reimplemented fresh from current main with tests that exercise log_db::default_filter().

@andrei-hasna

Copy link
Copy Markdown

Updated worker review: PR #12 still should not be merged as-is.

Evidence from current origin/main (0a8f60d67) and PR head (1c076d5a):

  • GitHub reports mergeable=CONFLICTING / mergeStateStatus=DIRTY; there are no reported checks or reviews.
  • A read-only merge-tree dry run conflicts in unrelated reapply/release/TUI/Cargo/docs files, including .agents/skills/codex-upstream-reapply/SKILL.md, .github/workflows/rust-release.yml, AGENTS.md, README.md, codex-rs/Cargo.lock, codex-rs/Cargo.toml, and multiple codex-rs/tui/* files.
  • The focused log_db.rs patch does not apply cleanly to current main, and codex-rs/state/src/log_db_filter_tests.rs no longer exists on current main, so this needs a fresh current-base implementation if still desired.
  • Current task guardrails for this reapply worktree prohibit adding/modifying tests, while the PR adds codex-rs/state/src/log_db_filter_tests.rs.
  • Adversarial review found code risks in the focused patch: it records every event into MessageVisitor before dropping OpenTelemetry TRACE/DEBUG events, adding overhead to high-volume logs, and its target="log" prefix matching is not specific to notify because bridged records can use the generic tracing target.

Validation run on current main, no repo changes made:
CARGO_HOME=/tmp/codext-pr12-cargo-home CARGO_TARGET_DIR=/tmp/codext-pr12-target cargo test -p codex-state log_db::tests -- --nocapture -> 6 passed.

Recommendation: do not merge or cherry-pick PR #12. If notify-specific SQLite log filtering is still wanted, reimplement it fresh against current main with a filter that avoids extra work for already-dropped high-volume targets and is specific to notify-originated bridge records.

@andrei-hasna

Copy link
Copy Markdown

Verifier correction for the previous blocker note: current origin/main (0a8f60d67) does contain codex-rs/state/src/log_db_filter_tests.rs; PR #12 modifies that file rather than adding a brand-new file against current main. The merge decision is unchanged: GitHub still reports mergeable=CONFLICTING / mergeStateStatus=DIRTY, gh pr checks reports no checks on fix-sqlite-notify-log-loop, and a dry-run git merge-tree origin/main origin/pr/12 still conflicts across unrelated reapply/release/TUI/Cargo/docs files. Under the current reapply guardrails, the PR's test changes also remain outside the allowed change shape for this task. Recommendation remains: do not merge or cherry-pick PR #12 as-is; reimplement any desired notify-specific SQLite log filtering fresh on current main.

@Loongphy Loongphy force-pushed the main branch 2 times, most recently from 3407c26 to 782985c Compare July 9, 2026 17:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

SQLite log WAL grows rapidly from self-watched CODEX_HOME inotify events

4 participants