ENG-55756 Fix data race in CloneForSummary

[and-bezzir]

Summary

Fixes a data race in view.(*Statelet).CloneForSummary that caused a SIGSEGV (nil pointer dereference) panic in datly-platform-production.

During a read, queryInBatches shares one *Statelet between two concurrent goroutines:

• the summary goroutine — querySummary → CloneForSummary, which reads Statelet.Filters
• the object-query goroutine — queryObjects → Build, which grows Statelet.Filters via AppendFilters (service/reader/sql.go)

AppendFilters mutates the slice under filtersMu, but CloneForSummary read it without the lock. When append reallocated the backing array, the clone could observe a torn slice header (new len + stale/nil ptr) and copy off a nil pointer, faulting at addr=0x0.

Observed in prod:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0]
view.(*Statelet).CloneForSummary               view/state.go:183
service/reader.(*Service).querySummary         service/reader/service.go:280
service/reader.(*Service).queryInBatches.func1 service/reader/service.go:435

Changes

• view/state.go — acquire filtersMu around the Filters read in CloneForSummary. The mutex itself is still not copied.
• view/state_race_test.go — race tests driving the real CloneForSummary (read) and AppendFilters (write) on a shared Statelet:
  • TestStatelet_SummaryClone_Fixed_NoRace — passes under -race.
  • TestStatelet_SummaryClone_Unsafe_ReproducesRace — reproduces the original race (skipped by default; gated behind REPRODUCE_STATELET_RACE=1).

Test plan

• go test -race -run TestStatelet_SummaryClone_Fixed_NoRace ./view/ passes
• REPRODUCE_STATELET_RACE=1 go test -race -run TestStatelet_SummaryClone_Unsafe_ReproducesRace ./view/ reports the data race (read in clone vs write in AppendFilters)
• go vet ./view/ clean