[libbeat] Fix a shutdown race in the memory queue#47248
Merged
faec merged 9 commits intoelastic:mainfrom Oct 24, 2025
Merged
Conversation
faec
added
Team:Elastic-Agent-Data-Plane
botelastic
bot
added
the
needs_team
Contributor
|
Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane) |
botelastic
bot
removed
the
needs_team
Contributor
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
Contributor
|
This pull request does not have a backport label.
To fixup this pull request, you need to add the backport labels for the needed
|
faec
added
the
backport-active-all
leehinman
reviewed
Oct 21, 2025
mykola-elastic
approved these changes
Oct 22, 2025
mauri870
approved these changes
Oct 22, 2025
Member
mauri870
left a comment
mauri870
left a comment
There was a problem hiding this comment.
LGTM, thanks for fixing this! I tested it with the stresstest script and confirmed it's stable.
Contributor
Author
I'm increasingly of the opinion that controller logic goroutines should always have unbuffered input channels, there's often some sense that there should be a buffer for performance, "just in case," but it makes the synchronization logic so much less stable, this specific channel buffer has caused years worth of incredibly subtle races.
I don't think so either ( |
Contributor
Author
|
Sigh, the buffered channel is sticking around after all 😔 Per @leehinman's request I added a benchmark to confirm this wasn't hurting performance, and found that it actually did slow down performance by 10-15%. So I've revised the fix to keep the buffered channel but to handle shutdown more carefully in the producers so they still handle a pending response even if the queue shutdown reaches them first. (Response channels already had a one-element buffer, and after the closing channel is triggered the response buffer is guaranteed to be filled for all requests that were actually handled.) This version is more self-evidently performance-neutral, but the benchmark test confirms it and I left the it in the PR just for reference. |
leehinman
approved these changes
Oct 24, 2025
Contributor
|
@Mergifyio backport 8.19 9.0 9.1 9.2 |
Contributor
✅ Backports have been createdDetails
|
mergify bot
pushed a commit
that referenced
this pull request
Oct 24, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9)
4 tasks
mergify bot
pushed a commit
that referenced
this pull request
Oct 24, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9)
4 tasks
mergify bot
pushed a commit
that referenced
this pull request
Oct 24, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9) # Conflicts: # libbeat/publisher/queue/memqueue/queue_test.go
4 tasks
mergify bot
pushed a commit
that referenced
this pull request
Oct 24, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9)
4 tasks
pierrehilbert
pushed a commit
that referenced
this pull request
Oct 27, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9) Co-authored-by: Fae Charlton <fae.charlton@elastic.co>
pierrehilbert
pushed a commit
that referenced
this pull request
Oct 27, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9) Co-authored-by: Fae Charlton <fae.charlton@elastic.co>
pierrehilbert
pushed a commit
that referenced
this pull request
Oct 27, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change. (cherry picked from commit 94eaea9) Co-authored-by: Fae Charlton <fae.charlton@elastic.co>
andrzej-stencel
pushed a commit
to andrzej-stencel/beats
that referenced
this pull request
Dec 1, 2025
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see elastic#47246. A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix a race in the memory queue where an event that was reported as unpublished during queue shutdown could still be enqueued, ingested, and have its acknowledgment callback triggered. In specific circumstances this could cause a panic during Filebeat shutdown, see #47246.
A deterministic test is impossible since the behavior depended on precise timing of an internal select statement with multiple valid paths, but the accompanying unit test fails 90% of the time on the old code, and passes 100% of the time with this change.
Checklist
./changelog/fragmentsusing the changelog tool.Related issues