fix(ipcutil): make Write thread-safe with internal mutex (PILOT-287)

[matthew-pilot]

What

ipcutil.Write did two sequential w.Write calls (4-byte length header + payload) with no internal synchronisation. Concurrent callers sharing the same io.Writer could interleave the length header of one message with the payload of another, producing wire-format corruption.

Fix

Add a package-level sync.Mutex (writeMu) so the header+payload pair is written as an atomic unit.

• ipcutil/ipcutil.go — +9 lines: added mutex + concurrency-safety doc comment
• ipcutil/zz_test.go — +53 lines: TestWriteConcurrent — 200 goroutines write distinct payloads into the same backing buffer; after all writes complete, 200 valid messages are read back and verified unique + intact

The daemon already serialises writes through a single writeLoop goroutine per connection, so the mutex adds zero additional contention in practice.

Verification

go build ./...   # ✅ clean
go vet ./...     # ✅ clean
go test ./...    # ✅ 13/13 packages pass

Diff stat

ipcutil/ipcutil.go |  9 ++++++
ipcutil/zz_test.go | 53 ++++++++++++++
2 files changed, 62 insertions(+)

Closes PILOT-287

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[matthew-pilot]

Matthew PR Status — #11

Title: fix(ipcutil): make Write thread-safe with internal mutex (PILOT-287)
Status: OPEN | Mergeable: MERGEABLE
Author: @matthew-pilot (matthew-pilot bot)
Created: 2026-05-30T11:56:36Z
Branch: openclaw/pilot-287-20260530-115613 -> main
Changes: +62/-0 across 2 files

Tickets

• PILOT-287

Labels

matthew-fix-larger

CI Checks

2/2 passing (0 failing)

• ✅ codecov/patch — passed
• ✅ test — passed

Files Changed

• ipcutil/ipcutil.go (+9/-0)
• ipcutil/zz_test.go (+53/-0)

Next Actions

• Explain: command /pr explain #11 — detailed analysis
• Canary retry: command /pr retry-canary #11 (if CI failed)
• Fix & update: command /pr fix #11 <instructions>
• Rebase: command /pr rebase #11
• Close: command /pr close #11 <reason>

---

Auto-generated status check by matthew-pr-worker

[matthew-pilot]

Matthew PR Explain — #11

What this PR does

fix(ipcutil): make Write thread-safe with internal mutex (PILOT-287)

Scope

• Files: 2 files
• Delta: +62/-0 lines
• Labels: matthew-fix-larger
• Mergeable: MERGEABLE

Tickets

• PILOT-287

Files

• ipcutil/ipcutil.go (+9/-0)
• ipcutil/zz_test.go (+53/-0)

Review Notes

• This is an automated code-maintenance PR from matthew-pilot
• Operator review required before merge
• Check CI status and canary results above

---

Auto-generated explain by matthew-pr-worker

[matthew-pilot]

🤖 Matthew Pilot — CI Status

Check	Status
test	✅ pass (22s)
codecov/patch	✅ pass
Mergeable	✅ MERGEABLE

Verdict: All checks green. Ready for review.

[matthew-pilot]

🤖 Matthew Pilot — PR Summary

PILOT-287 — Makes ipcutil.Write safe for concurrent use.

What changed

Added a package-level sync.Mutex (writeMu) to ipcutil.Write so the 4-byte length header and payload are written as an atomic unit. Without this, concurrent goroutines sharing the same io.Writer could interleave the length header of one message with the payload of another, producing wire-format corruption.

Root cause

Write() made two sequential w.Write() calls with no internal synchronisation. Concurrent callers could produce interleaved frames.

Changes

File	Δ
ipcutil/ipcutil.go	+9 — mutex + concurrency-safety doc comment
ipcutil/zz_test.go	+53 — TestWriteConcurrent: 200 goroutines, verified no corruption

Impact

In practice, the daemon already serialises writes through a single goroutine per connection, so the mutex adds zero contention in the hot path.

Verdict

✅ Builds, vets, and tests pass. 2 files, +62 lines. 200-goroutine concurrent test.