Ben Maurer bmaurer at
Mon Dec 31 01:12:04 MSK 2007

Ben Maurer wrote:
> Hi,
> On a server that has quite a few SSL connections, I started to notice 
> that FDs were leaking. I set the load balancer in front of nginx to stop 
> sending new requests to one server for a few minutes (to let the 
> keepalive time expire) and found that there were a few thousand FDs 
> open. netstat says that there are many sockets in the CLOSE_WAIT and 
> ESTABLISHED state for the SSL server. Many of them have data in receive 
> queue.
> Any ideas what might cause this? This is an up-to-date 0.5.x install.

Some progress on debugging this -- it may have to to do with the 
deferred setting.

I've managed to get straces like this:

accept(6, {sa_family=AF_INET, sin_port=htons(35327), 
sin_addr=inet_addr("")}, [16]) = 92
ioctl(92, FIONBIO, [1])                 = 0
recv(92, 0xbf9c6c2b, 1, MSG_PEEK)       = -1 EAGAIN (Resource 
temporarily unavailable)

by using:

ab -c500 -n2000 https://localhost:8095/

and aborting in the middle. It seems that these straces are the ones 
that result in leaked FDs. The trace really doesn't make much sense to 
me. Deferred accept promises that the socket only goes into accept once 
it has data or if it's ready to be closed. Neither of these should 
result in an EAGAIN. Regardless, it seems the problem is that the FD 
never gets added to epoll at this point.

- Ben

More information about the nginx mailing list