🎉 Algora is now open source!Give us a star

PR

👋 Hey team,

Submitting my solution for the Redix upstream failure crisis detection bounty. This implementation provides a comprehensive test environment and enhanced CRE rule to detect critical upstream failure scenarios

Details

/claim #42

Reproducible test setup (Maintainers invited) : Redis Crash Live CRE link: CRE Playground Link Log file: test.log

Video Demonstration

Full test execution showing upstream failure simulation and CRE rule validation:

https://github.com/user-attachments/assets/532e0b2f-a2c3-436e-a40b-10a0e8504cf3

What This Detects

This rule covers critical Redis states that block all writes:

  1. OOM – Memory exceeded due to maxmemory + noeviction
  2. RDB/MISCONF – Disk full causes BGSAVE to fail
  3. READONLY – Write attempt on replica node
  4. NOPERM – ACL user denied write access

Reproduction Process

Run the following commands to simulate the cascade of Redis failures:

# Start the environment
docker-compose up -d

# Run the full Redis multi-stage crash test
chmod +x run-test.sh
./run-test.sh

# View logs
cat test.log

Sequence Simulates:

  • OOM via EVAL (40MB Lua allocation → memory exhaustion)
  • MISCONF triggered by BGSAVE on a full disk
  • READONLY enforced via REPLICAOF
  • NOPERM on ACL-restricted user attempting a SET

Sample Crisis Evidence

From the generated test.log:

RedisTest] Step 1: Triggering OOM with Lua EVAL...
OOM command not allowed when used memory > 'maxmemory'. script: 92f6ccf5..., on @user_script:1.

[RedisTest] Step 4: Write after RDB failure (expect MISCONF)...
MISCONF Redis is configured to save RDB snapshots, but it's currently unable to persist to disk...

[RedisTest] Attempting write in replica mode...
READONLY You can't write against a read only replica.

[RedisTest] Trying SET as testuser (expect NOPERM)...
NOPERM User testuser has no permissions to run the 'set' command

📌 Rule Characteristics

  • Severity: 0 (Critical)
  • Detection Window: 120 seconds
  • Impact Score: 10/10
  • False Positive Risk: Low (requires exact failure sequence)
  • Pattern Coverage: Detects all 4 Redis failure modes via precise regex

Claim

Total prize pool $250
Total paid $250
Status Approved
Submitted June 01, 2025
Last updated June 01, 2025

Contributors

VA

Vamshi Maskuri

@varshith257

 100%

Sponsors

PR

Prequel

@prequel-dev

$250 paid