Skip to content

Add NULL checks to prevent segfaults when Kafka metadata contains NULL #428

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
k-raina wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add NULL checks to prevent segfaults when Kafka metadata contains NULL #428

k-raina wants to merge 2 commits into from

Conversation

@k-raina
Copy link
Member

@k-raina k-raina commented Jan 6, 2026
edited
Loading

Problem

Application crashes with segmentation fault when calling AdminClient.describeTopics() during Kafka broker restarts. The crash occurs when converting node metadata to JavaScript objects.

Root Cause: During broker restarts, Kafka metadata can contain NULL node pointers or NULL host fields. The code dereferenced these NULL pointers without checks, causing segfaults.

Replication steps

  • Docker Compose environment: Start 3 Kafka brokers + ZooKeeper
  • Start Client which continuously calls describeTopics() every 500ms on 10 test topics
  • Run Chaos scripts ( like restart-brokers.sh) to trigger broker restarts/kills
  • During restarts: Kafka sends metadata updates with changing node information
  • When brokers go offline: node structures have NULL host fields
  • Native code converts nodes to JavaScript without NULL checks → segfault

Solution

Added defensive NULL checks in two functions:

  1. ToV8Object() - Check if node pointer and host field are NULL before accessing
  2. FromDescribeTopicsResult() - Check leader, ISR, and replica nodes for NULL before conversion

NULL values are now safely converted to JavaScript null instead of crashing.

Testing

Without Fix

➜  JavaScript_1_3_1_SEG_Fault_Repro-Modifie-2 cat client/logs/stderr.log
=========== Caught a Segmentation Fault [pid=76203] ===========
-----[ Native Stacktraces ]-----
Cannot unwind stacktraces: Feature disabled / Missing libunwind on your system

---[ V8 JavaScript Stacktraces ]---
============================================================

With Fix

  ➜  JavaScript_1_3_1_SEG_Fault_Repro-Modifie-2 cat client/logs/stderr.log
➜  JavaScript_1_3_1_SEG_Fault_Repro-Modifie-2

No segfault noticed

@k-raina k-raina requested a review from a team as a code owner January 6, 2026 16:57
Copilot AI review requested due to automatic review settings January 6, 2026 16:57
@k-raina k-raina requested a review from a team as a code owner January 6, 2026 16:57
Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds NULL pointer checks to prevent segmentation faults when Kafka metadata contains NULL values during broker restarts or metadata updates.

  • Adds NULL checks for node pointers and host fields in ToV8Object()
  • Adds NULL checks for leader, ISR, and replica nodes in FromDescribeTopicsResult()
  • Fixes memory leaks by destroying partition lists when validation fails

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/common.cc
Comment on lines +557 to +563
if (offsetValue->IsObject()) {
v8::Local<v8::Object> offsetObject = offsetValue.As<v8::Object>();
int64_t offset = GetParameter<int64_t>(offsetObject, "timestamp", 0);
toppar->offset = offset;
} else {
toppar->offset = 0;
}
Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The logic extracts a 'timestamp' parameter from the offset object but assigns it to toppar->offset. This is confusing - if the parameter name is 'timestamp', consider renaming the local variable to timestamp for clarity, or verify that 'timestamp' is the correct parameter name to extract.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@k-raina