Socket leaks., pread and [crit] SSL_Write() in 1.0.14

Maxim Dounin mdounin at mdounin.ru
Mon Mar 26 10:21:47 UTC 2012


Hello!

On Sun, Mar 25, 2012 at 11:55:53PM -0400, TECK wrote:

> Hi everyone,
> 
> I just wanted to let the developers know about some error flags I
> discovered into Nginx 1.0.14, with debug mode disabled.
> Socket leaks and pread:
> 2012/03/24 23:29:52 [alert] 10770#0: open socket #46 left in connection
> 5
> 2012/03/24 23:29:52 [alert] 10770#0: open socket #115 left in connection
> 54
> 2012/03/24 23:29:52 [alert] 10770#0: open socket #110 left in connection
> 107
> 2012/03/24 23:29:52 [alert] 10770#0: aborting
> 2012/03/24 23:29:52 [alert] 10772#0: open socket #44 left in connection
> 57
> 2012/03/24 23:29:52 [alert] 10772#0: open socket #38 left in connection
> 140
> 2012/03/24 23:29:52 [alert] 10772#0: aborting

Do you see this as a regression from some previous version?  If 
yes - which one?  Do you see the same problem in 1.1.x?

> 2012/03/25 00:01:35 [alert] 4105#0: *14584 pread() read only 0 of 5733
> from "/var/www/domain.com/index.html" while sending response to client,
> client: xx.xxx.xx.xxx, server: www.domain.com, request: "GET /
> HTTP/1.1", host: "www.domain.com"

This usually happens if you update files non-atomically, i.e. edit 
files in-place instead of creating new file and then renaming it 
to desired name.  Obvious solution is to update files atomically.

Note well: by using open_file_cache you allow much bigger time 
frame for non-atomic updates to trigger problems.  If you can't 
eliminate non-atomic updates it's a good idea to avoid using 
open_file_cache.

> SSL_Write()
> 2012/03/25 12:59:25 [crit] 8254#0: *342055 SSL_write() failed (SSL:)
> while sending to client, client: xxx.xx.xxx.xxx, server: www.domain.com,
> request: "GET /community/attachments/info007-jpg.179371/ HTTP/1.1",
> upstream: "fastcgi://127.0.0.1:9000", host: "www.domain.com", referrer:
> "https://www.domain.com/community/threads/photos.42232/"
> 2012/03/25 14:52:15 [crit] 8253#0: *388269 SSL_write() failed (SSL:)
> while sending to client, client: xx.xxx.xx.xxx, server: www.domain.com,
> request: "GET /community/ HTTP/1.0", upstream:
> "fastcgi://127.0.0.1:9000", host: "www.domain.com"
> 
> We are running Nginx on CentOS 5.8 64bits, with openssl 0.9.8e-22.el5.

As openssl 0.9.8e is quite old, I assume it's heavily modified by 
your OS vendor.  Do you see the same errors if you compile nginx with 
recent vanilla openssl (0.9.8u, 1.0.0h or 1.0.1 will be ok)?

[...]

Maxim Dounin



More information about the nginx mailing list