Skip to content

[FIXED] Avoid nil deref on mirror state restore#7909

Open
MauriceVanVeen wants to merge 1 commit intomainfrom
maurice/retry-source-persist
Open

[FIXED] Avoid nil deref on mirror state restore#7909
MauriceVanVeen wants to merge 1 commit intomainfrom
maurice/retry-source-persist

Conversation

@MauriceVanVeen
Copy link
Copy Markdown
Member

@MauriceVanVeen MauriceVanVeen commented Mar 5, 2026
edited
Loading

Guard mset.mirror against nil when restoring sequence/lag state after a failed persist in processInboundMirrorMsg, preventing a potential nil deref if the mirror was removed concurrently.

Signed-off-by: Maurice van Veen github@mauricevanveen.com

@MauriceVanVeen MauriceVanVeen requested a review from a team as a code owner March 5, 2026 15:20
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Mar 5, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d8eb3e67b5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread server/stream.go Outdated
@MauriceVanVeen MauriceVanVeen force-pushed the maurice/retry-source-persist branch from d8eb3e6 to 1fb9f1c Compare March 5, 2026 16:23
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Mar 5, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1fb9f1c222

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread server/stream.go Outdated
@MauriceVanVeen MauriceVanVeen force-pushed the maurice/retry-source-persist branch from 1fb9f1c to 0448cad Compare March 5, 2026 17:37
@MauriceVanVeen MauriceVanVeen marked this pull request as draft March 6, 2026 06:41
@MauriceVanVeen
Copy link
Copy Markdown
Member Author

MauriceVanVeen commented Mar 6, 2026

Need to add a test..

@MauriceVanVeen
[FIXED] Avoid nil deref on mirror state restore
c0e8b40 
Signed-off-by: Maurice van Veen <github@mauricevanveen.com>
@MauriceVanVeen MauriceVanVeen changed the title [FIXED] Increment source fails on failed persist, decrement on success [FIXED] Avoid nil deref on mirror state restore Apr 22, 2026
@MauriceVanVeen MauriceVanVeen force-pushed the maurice/retry-source-persist branch from 0448cad to c0e8b40 Compare April 22, 2026 16:48
@MauriceVanVeen MauriceVanVeen marked this pull request as ready for review April 22, 2026 16:48
@MauriceVanVeen
Copy link
Copy Markdown
Member Author

MauriceVanVeen commented Apr 22, 2026

Have repurposed this PR. It now only contains the mirror nil deref.

@MauriceVanVeen
Copy link
Copy Markdown
Member Author

MauriceVanVeen commented Apr 22, 2026

@claude, brief review.

@synadia-claude-reviewer
Copy link
Copy Markdown

synadia-claude-reviewer Bot commented Apr 22, 2026
edited
Loading

Claude finished @MauriceVanVeen's task in 49s —— View job

Brief Review

Reviewing: server/stream.go nil guard in processInboundMirrorMsg

What the fix does

processInboundMirrorMsg drops mset.mu at line 3248 to perform the persist (propose or processJetStreamMsg). If an errLastSeqMismatch is returned it re-acquires the lock and writes back the saved sequence/lag values. Between the two lock windows a concurrent goroutine can set mset.mirror = nil (e.g., mirror removal), causing a nil deref. The two added nil guards close that window.

Looks correct. The pattern is consistent with how other post-unlock mirror accesses are already guarded in this file (e.g., setMirrorErr at line 3300 has the same mset.mirror != nil pattern).

A couple of observations:

  1. return false when nil in the first branch (line 3282–3283): If the mirror was removed concurrently there is nothing to retry, so silently returning false is the right call.

  2. retryMirrorConsumer() still called when nil in the second branch (line 3291): retryMirrorConsumercancelMirrorConsumer already has its own nil guard, and setupMirrorConsumer will re-create mset.mirror if needed, so this is also safe.

  3. Missing test — already flagged by the author. Worth adding a concurrent-removal test to prevent regression.

Overall: minimal, safe, and matches existing defensive patterns in the file. LGTM pending a test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MauriceVanVeen