[nginx] Upstream: fixed running posted requests (ticket #788).

Roman Arutyunyan arut at nginx.com
Thu Jun 22 08:53:38 UTC 2017

details:   http://hg.nginx.org/nginx/rev/6169dbad37d8
changeset: 7041:6169dbad37d8
user:      Roman Arutyunyan <arut at nginx.com>
date:      Wed Jun 14 20:13:41 2017 +0300
Upstream: fixed running posted requests (ticket #788).

Previously, the upstream resolve handler always called
ngx_http_run_posted_requests() to run posted requests after processing the
resolver response.  However, if the handler was called directly from the
ngx_resolve_name() function (for example, if the resolver response was cached),
running posted requests from the handler could lead to the following errors:

- If the request was scheduled for termination, it could actually be terminated
in the resolve handler.  Upper stack frames could reference the freed request
object in this case.

- If a significant number of requests were posted, and for each of them the
resolve handler was called directly from the ngx_resolve_name() function,
posted requests could be run recursively and lead to stack overflow.

Now ngx_http_run_posted_requests() is only called from asynchronously invoked
resolve handlers.


 src/http/ngx_http_upstream.c |  7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diffs (29 lines):

diff -r d49b74a683b1 -r 6169dbad37d8 src/http/ngx_http_upstream.c
--- a/src/http/ngx_http_upstream.c	Wed Jun 14 18:13:31 2017 +0300
+++ b/src/http/ngx_http_upstream.c	Wed Jun 14 20:13:41 2017 +0300
@@ -1143,11 +1143,14 @@ ngx_http_upstream_cache_check_range(ngx_
 static void
 ngx_http_upstream_resolve_handler(ngx_resolver_ctx_t *ctx)
+    ngx_uint_t                     run_posted;
     ngx_connection_t              *c;
     ngx_http_request_t            *r;
     ngx_http_upstream_t           *u;
     ngx_http_upstream_resolved_t  *ur;
+    run_posted = ctx->async;
     r = ctx->data;
     c = r->connection;
@@ -1211,7 +1214,9 @@ ngx_http_upstream_resolve_handler(ngx_re
-    ngx_http_run_posted_requests(c);
+    if (run_posted) {
+        ngx_http_run_posted_requests(c);
+    }

More information about the nginx-devel mailing list