[nginx] HTTP/2: fixed possible alert about left open socket on shutdown.

Ruslan Ermilov ru at nginx.com
Mon Sep 23 12:46:24 UTC 2019


details:   https://hg.nginx.org/nginx/rev/d6cf51af8a3d
branches:  
changeset: 7570:d6cf51af8a3d
user:      Ruslan Ermilov <ru at nginx.com>
date:      Mon Sep 23 15:45:32 2019 +0300
description:
HTTP/2: fixed possible alert about left open socket on shutdown.

This could happen when graceful shutdown configured by worker_shutdown_timeout
times out and is then followed by another timeout such as proxy_read_timeout.
In this case, the HEADERS frame is added to the output queue, but attempt to
send it fails (due to c->error forcibly set during graceful shutdown timeout).
This triggers request finalization which attempts to close the stream.  But the
stream cannot be closed because there is a frame in the output queue, and the
connection cannot be finalized.  This leaves the connection open without any
timer events leading to alert.

The fix is to post write event when sending output queue fails on c->error.
That will finalize the connection.

diffstat:

 src/http/v2/ngx_http_v2.c |  7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

diffs (19 lines):

diff -r 80359395b345 -r d6cf51af8a3d src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c	Wed Sep 18 20:28:12 2019 +0300
+++ b/src/http/v2/ngx_http_v2.c	Mon Sep 23 15:45:32 2019 +0300
@@ -513,12 +513,11 @@ ngx_http_v2_send_output_queue(ngx_http_v
     ngx_http_core_loc_conf_t  *clcf;
 
     c = h2c->connection;
+    wev = c->write;
 
     if (c->error) {
-        return NGX_ERROR;
-    }
-
-    wev = c->write;
+        goto error;
+    }
 
     if (!wev->ready) {
         return NGX_AGAIN;


More information about the nginx-devel mailing list