fix: memory leak by gonzaloserrano · Pull Request #7429 · envoyproxy/gateway

gonzaloserrano · 2025-11-04T15:22:42Z

What type of PR is this?

Bugfix.

What this PR does / why we need it:

Two watchable.Maps were never closed when shutting down the provider:

GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close()
BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close()

Each unclosed map leaked 3 goroutines:

Internal watchable.Map.coalesce goroutine
HandleSubscription goroutine blocked on channel read
Error handler goroutine blocked on channel read

Which issue(s) this PR fixes:

N/A

Release Notes: TODO.

--

Click to expand the goleak-based test that reproduced the issue.

// Copyright Envoy Gateway Authors
// SPDX-License-Identifier: Apache-2.0
// The full text of the Apache license is available in the LICENSE file at
// the root of the repo.

package message_test

import (
	"context"
	"testing"
	"time"

	"go.uber.org/goleak"
	"k8s.io/apimachinery/pkg/types"
	gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"

	"github.com/envoyproxy/gateway/internal/message"
)

func TestMain(m *testing.M) {
	goleak.VerifyTestMain(m)
}

// TestGatewayAPIStatuses_ProperClose verifies proper cleanup of all status maps.
// This test would detect goroutine leaks if GatewayClassStatuses.Close() was missing.
func TestGatewayAPIStatuses_ProperClose(t *testing.T) {
	defer goleak.VerifyNone(t)

	statuses := &message.GatewayAPIStatuses{}

	subscription := statuses.GatewayClassStatuses.Subscribe(context.Background())

	go func() {
		statuses.GatewayClassStatuses.Store(
			types.NamespacedName{Name: "test-class"},
			&gwapiv1.GatewayClassStatus{},
		)
		time.Sleep(50 * time.Millisecond)
	}()

	done := make(chan struct{})
	go func() {
		defer close(done)
		message.HandleSubscription(
			message.Metadata{Runner: "test", Message: "test"},
			subscription,
			func(update message.Update[types.NamespacedName, *gwapiv1.GatewayClassStatus], errChans chan error) {
				// Process update
			},
		)
	}()

	time.Sleep(100 * time.Millisecond)

	// Properly close all statuses including GatewayClassStatuses
	statuses.Close()

	// Wait for goroutine to exit
	<-done
}

// TestPolicyStatuses_ProperClose verifies proper cleanup of all policy status maps.
// This test would detect goroutine leaks if BackendTrafficPolicyStatuses.Close() was missing.
func TestPolicyStatuses_ProperClose(t *testing.T) {
	defer goleak.VerifyNone(t)

	statuses := &message.PolicyStatuses{}

	subscription := statuses.BackendTrafficPolicyStatuses.Subscribe(context.Background())

	go func() {
		statuses.BackendTrafficPolicyStatuses.Store(
			types.NamespacedName{Name: "test-policy", Namespace: "default"},
			&gwapiv1.PolicyStatus{},
		)
		time.Sleep(50 * time.Millisecond)
	}()

	done := make(chan struct{})
	go func() {
		defer close(done)
		message.HandleSubscription(
			message.Metadata{Runner: "test", Message: "test"},
			subscription,
			func(update message.Update[types.NamespacedName, *gwapiv1.PolicyStatus], errChans chan error) {
				// Process update
			},
		)
	}()

	time.Sleep(100 * time.Millisecond)

	// Properly close all statuses including BackendTrafficPolicyStatuses
	statuses.Close()

	// Wait for goroutine to exit
	<-done
}

Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com>

kkk777-7 · 2025-11-04T16:03:37Z

LGTM, thanks!

arkodg

LGTM thanks

codecov · 2025-11-04T16:12:33Z

Codecov Report

❌ Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 72.33%. Comparing base (04ee6c0) to head (9149391).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/message/types.go	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7429      +/-   ##
==========================================
+ Coverage   72.31%   72.33%   +0.01%     
==========================================
  Files         231      231              
  Lines       34011    34013       +2     
==========================================
+ Hits        24596    24603       +7     
+ Misses       7641     7637       -4     
+ Partials     1774     1773       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com>

* chore(examples): fix extensionserver build (#7398) Signed-off-by: Maxime Brunet <max@brnt.mx> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: add missing endpoints in the crl test (#7402) fix test for #7199 Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore(make): exit on failure (#7387) Signed-off-by: Maxime Brunet <max@brnt.mx> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: port typo (#7397) Signed-off-by: cong <q1875486458@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump busybox from `2f590fc` to `e3652a0` in /tools/docker/envoy-gateway (#7409) build(deps): bump busybox in /tools/docker/envoy-gateway Bumps busybox from `2f590fc` to `e3652a0`. --- updated-dependencies: - dependency-name: busybox dependency-version: e3652a00a2fabd16ce889f0aa32c38eec347b997e73bd09e69c962ec7f8732ee dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: validate EnvoyGateway configuration before reload (#7412) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump the actions group across 1 directory with 2 updates (#7410) Bumps the actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [google/osv-scanner-action](https://github.com/google/osv-scanner-action). Updates `github/codeql-action` from 4.31.0 to 4.31.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@4e94bd1...0499de3) Updates `google/osv-scanner-action` from 2.2.3 to 2.2.4 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@e92b5d0...9bb6957) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: google/osv-scanner-action dependency-version: 2.2.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: missing onInvalidMessage for ClientTrafficPolicy (#7417) Signed-off-by: i.makarychev <makarichev.ivan@gmail.com> Signed-off-by: i.makarychev <i.makarychev@tbank.ru> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: add missing filters in the filter order configuration (#7404) * add missing filters in the filter order configuration Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix wrong filter name Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * test: tcp security policy e2e (#7226) * feat(securitypolicy): Added e2e tests for tcp security policies Signed-off-by: davem-git <demathieu@gmail.com> * removed commented out line Signed-off-by: davem-git <demathieu@gmail.com> --------- Signed-off-by: davem-git <demathieu@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * Docs: tcp security policy (#7247) * updated release notes Signed-off-by: davem-git <demathieu@gmail.com> * updated docs Signed-off-by: davem-git <demathieu@gmail.com> * fixed merge conflict Signed-off-by: davem-git <demathieu@gmail.com> --------- Signed-off-by: davem-git <demathieu@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * feat: support both local and global ratelimit simultaneously (#7334) * update rate limit type Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * feat: support both type rate limit Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * feat: support separated path match in ratelimit path (#7413) * update: path match ratelimit e2e Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: handle optional next update for CRL (#7422) fix: handle optional next update for crl Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: missing jwt provider when jwt is configured on multiple listeners sharing the same port (#7337) * fix jwt provider missing when jwt is configured at multiple ir listeners Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: only insert proxy service once it exists (#7424) * maybe this is the fix? Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> * fixes Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> * cleanup Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> * consolidate Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> * fix Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> --------- Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix error when updating invalid gateway status (#7415) * fix error when updating invalid gateway status Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: avoid calling the issuer's well-known endpoint for every routes (#7394) * fix: avoid calling the issuer's well-known endpoint for every routes with Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: memory leak (#7429) Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * perf: move snapshot update above status update in xds layer (#7423) Signed-off-by: Arko Dasgupta <arko@tetrate.io> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: cleanup logging when inserting proxy service cluster (#7431) cleanup Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * upgrade gofumpt (#7420) Signed-off-by: fabian4 <fabian.v.bao@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * feat(translator): relax backend restrictions for localhost when running standalone with Host infrastructure (#7427) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: improve api docs for http10.useDefaultHost (#7435) * imporove api docs for useDefaultHost Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * ci: disable lint.dependabot (#7445) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: bump github.com/containerd/containerd (#7448) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * perf: do not set last transition time for status in watcher layer (#7268) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * docs: fix gwapi docs (#7408) * docs: fix gwapi docs Signed-off-by: zirain <zirain2009@gmail.com> * fix Signed-off-by: zirain <zirain2009@gmail.com> * update Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: renable lint.dependabot (#7454) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * chore: remove last transition time comparison as no longer set (#7451) chore: remove last transition time comparision as no longer set Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: merged policy status (#7376) Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: header modifier doesn't permit multiple values with commas (#7436) * revert: separate headers with commas Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add e2e Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix auto http config with proxy protocol (#7439) * don't set TypedExtensionProtocolOptions when ProxyProtocol enabled Signed-off-by: zirain <zirain2009@gmail.com> * update test Signed-off-by: zirain <zirain2009@gmail.com> * enable auto ALPN for proxy protocol Signed-off-by: zirain <zirain2009@gmail.com> * add e2e Signed-off-by: zirain <zirain2009@gmail.com> * update Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump sigs.k8s.io/controller-runtime from 0.22.3 to 0.22.4 in /examples/extension-server (#7470) build(deps): bump sigs.k8s.io/controller-runtime Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.22.3 to 0.22.4. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-version: 0.22.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump softprops/action-gh-release from 2.4.1 to 2.4.2 in the actions group across 1 directory (#7461) build(deps): bump softprops/action-gh-release Bumps the actions group with 1 update in the / directory: [softprops/action-gh-release](https://github.com/softprops/action-gh-release). Updates `softprops/action-gh-release` from 2.4.1 to 2.4.2 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@6da8fa9...5be0e66) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump github.com/envoyproxy/go-control-plane/envoy from 1.35.0 to 1.36.0 in /examples/grpc-ext-proc (#7471) build(deps): bump github.com/envoyproxy/go-control-plane/envoy Bumps [github.com/envoyproxy/go-control-plane/envoy](https://github.com/envoyproxy/go-control-plane) from 1.35.0 to 1.36.0. - [Release notes](https://github.com/envoyproxy/go-control-plane/releases) - [Changelog](https://github.com/envoyproxy/go-control-plane/blob/main/CHANGELOG.md) - [Commits](envoyproxy/go-control-plane@envoy/v1.35.0...envoy/v1.36.0) --- updated-dependencies: - dependency-name: github.com/envoyproxy/go-control-plane/envoy dependency-version: 1.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump github.com/envoyproxy/go-control-plane/envoy from 1.35.0 to 1.36.0 in /examples/envoy-ext-auth (#7467) build(deps): bump github.com/envoyproxy/go-control-plane/envoy Bumps [github.com/envoyproxy/go-control-plane/envoy](https://github.com/envoyproxy/go-control-plane) from 1.35.0 to 1.36.0. - [Release notes](https://github.com/envoyproxy/go-control-plane/releases) - [Changelog](https://github.com/envoyproxy/go-control-plane/blob/main/CHANGELOG.md) - [Commits](envoyproxy/go-control-plane@envoy/v1.35.0...envoy/v1.36.0) --- updated-dependencies: - dependency-name: github.com/envoyproxy/go-control-plane/envoy dependency-version: 1.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * build(deps): bump github.com/envoyproxy/go-control-plane/envoy from 1.35.1-0.20251029084203-42a4a9261f66 to 1.36.0 in /examples/extension-server (#7468) build(deps): bump github.com/envoyproxy/go-control-plane/envoy Bumps [github.com/envoyproxy/go-control-plane/envoy](https://github.com/envoyproxy/go-control-plane) from 1.35.1-0.20251029084203-42a4a9261f66 to 1.36.0. - [Release notes](https://github.com/envoyproxy/go-control-plane/releases) - [Changelog](https://github.com/envoyproxy/go-control-plane/blob/main/CHANGELOG.md) - [Commits](https://github.com/envoyproxy/go-control-plane/commits/envoy/v1.36.0) --- updated-dependencies: - dependency-name: github.com/envoyproxy/go-control-plane/envoy dependency-version: 1.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * [release/v1.6] v1.6.0 release docs (#7475) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> --------- Signed-off-by: Maxime Brunet <max@brnt.mx> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: cong <q1875486458@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: i.makarychev <makarichev.ivan@gmail.com> Signed-off-by: i.makarychev <i.makarychev@tbank.ru> Signed-off-by: davem-git <demathieu@gmail.com> Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: jukie <10012479+jukie@users.noreply.github.com> Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Signed-off-by: Arko Dasgupta <arko@tetrate.io> Signed-off-by: fabian4 <fabian.v.bao@gmail.com> Co-authored-by: Maxime Brunet <max@brnt.mx> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: 聪 <q1875486458@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Inode1 <makarichevivan@gmail.com> Co-authored-by: davem-git <demathieu@gmail.com> Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com> Co-authored-by: Isaac <10012479+jukie@users.noreply.github.com> Co-authored-by: Gonzalo Serrano <boikot@gmail.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Co-authored-by: Fabian Bao <fabian.v.bao@gmail.com> Co-authored-by: Ignasi Barrera <nacx@apache.org>

Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com>

* fix: bug in overlap detection of cert SANs (#7234) Signed-off-by: zirain <zirain2009@gmail.com> * fix(translator): Fix panic with request mirror + grpcroute (#6875) Signed-off-by: Andrew Moreland <andy@andymoreland.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix: watch change for the ca cert in the Backend (#7294) * watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix ipFamily not set in UDPListener (#7313) fix: set ipfamily in udpistener (#7312) Signed-off-by: cong <q1875486458@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * coalesce updates to reduce intermediate updates (#7328) * coalesce updates to reduce redundant processing in subscription handler Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * retain order Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * keep intermediate delete updates Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * minor wording Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * treat delete as normal operations Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * retain the original order of the last updates for each key Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * address comments Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix: port typo (#7397) Signed-off-by: cong <q1875486458@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix: validate EnvoyGateway configuration before reload (#7412) Signed-off-by: zirain <zirain2009@gmail.com> * fix: missing jwt provider when jwt is configured on multiple listeners sharing the same port (#7337) * fix jwt provider missing when jwt is configured at multiple ir listeners Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix: memory leak (#7429) Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> * fix gen after cherry-pick Signed-off-by: zirain <zirain2009@gmail.com> * fix watchutil test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Andrew Moreland <andy@andymoreland.com> Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: cong <q1875486458@gmail.com> Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Co-authored-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Co-authored-by: Andrew Moreland <andy@andymo.org> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: 聪 <q1875486458@gmail.com> Co-authored-by: Gonzalo Serrano <boikot@gmail.com>

Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <boikot@gmail.com> Signed-off-by: sh2 <shawnhxh@outlook.com>

gonzaloserrano requested a review from a team as a code owner November 4, 2025 15:22

gonzaloserrano changed the title ~~Fix memory leak~~ Nov 4, 2025

gonzaloserrano force-pushed the fix-memory-leak branch from b3c0eef to 9149391 Compare November 4, 2025 15:26

kkk777-7 approved these changes Nov 4, 2025

View reviewed changes

arkodg approved these changes Nov 4, 2025

View reviewed changes

arkodg added this to the v1.6.0 Milestone milestone Nov 4, 2025

arkodg added the cherrypick/release-v1.5.5 label Nov 4, 2025

jukie approved these changes Nov 4, 2025

View reviewed changes

arkodg merged commit 5ebd539 into envoyproxy:main Nov 4, 2025
31 of 32 checks passed

arkodg added the cherrypick/release-v1.4.6 label Nov 4, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: memory leak#7429

fix: memory leak#7429
arkodg merged 1 commit intoenvoyproxy:mainfrom
gonzaloserrano:fix-memory-leak

gonzaloserrano commented Nov 4, 2025

kkk777-7 commented Nov 4, 2025

arkodg left a comment

codecov bot commented Nov 4, 2025 •

edited

Loading

Uh oh!

Labels

4 participants

Conversation

gonzaloserrano commented Nov 4, 2025

kkk777-7 commented Nov 4, 2025

arkodg left a comment

Choose a reason for hiding this comment

codecov bot commented Nov 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Labels

4 participants

codecov bot commented Nov 4, 2025 •

edited

Loading