Hello! On Tue, Dec 24, 2019 at 04:45:20PM +0100, Gábor Boskovits wrote:
> Maxim Dounin <mdou...@mdounin.ru> ezt írta (időpont: 2019. dec. 23., H, > 20:28): > > > > Hello! > > > > On Wed, Dec 18, 2019 at 08:24:25PM +0300, Maxim Dounin wrote: > > > > > On Mon, Dec 16, 2019 at 03:02:37PM +0100, Gábor Boskovits wrote: > > > > > > > On berlin.guix.gnu.org we observed a regression upon upgrading nginx > > > > to 1.17.5. The problem was, when pipelining request to a proxy using > > > > tls, we suddenly started to get 408 client timeouts, manifesting in > > > > dropped connections. Currently we worked around the issue by > > > > downgrading to 1.17.4. I have collected some information about the > > > > problem here: > > > > https://gitlab.com/g_bor/fix-nginx-tls > > > > It contains the logs from the good and the bad version, a full nginx > > > > config, some info about how nginx was built. I managed to bisect the > > > > problem down to changeset 9d2ad2fb4423, which introduced the problem. > > > > Any help in further debuggin this would be greatly appreciated. > > > > > > Thanks for the report, it indeed looks like a bug introduced > > > in 9d2ad2fb4423. > > > > > > The problem is that c->read->handler is overwritted when switching > > > to the next pipelined request, ngx_ssl_next_read_handler() is not > > > called, and c->read->ready remains not set. I'll take a look how > > > to fix it properly. > > > > Please try the following patch: > > > > # HG changeset patch > > # User Maxim Dounin <mdou...@mdounin.ru> > > # Date 1577129029 -10800 > > # Mon Dec 23 22:23:49 2019 +0300 > > # Node ID c2dc6bfd2a0bce28618ef96b87fbdb63c6010575 > > # Parent 8e64e11aaca02d50649cd2d9b448508f5b268062 > > SSL: reworked posted next events. > > > > Introduced in 9d2ad2fb4423 available bytes handling in SSL relied > > on connection read handler being overwritten to set the ready flag > > and the amount of available bytes. This approach is, however, does > > not work properly when connection read handler is changed, for example, > > when switching to a next pipelined request, and can result in unexpected > > connection timeouts, see here: > > > > http://mailman.nginx.org/pipermail/nginx-devel/2019-December/012825.html > > > > Fix is to introduce ngx_event_process_posted_next() instead, which > > will set ready and available regardless of how event handler is set. [...] > Thanks for having a look at this. I will coordinate with others as > when can we schedule a service restart. > I will report back with the results soon. > > I wish you a merry christmas, and thanks for the great work all around the > year! Just to make sure it's known: the patch above was committed after internal review/testing, and it is available as part of the 1.17.7 release. Merry Christmas! -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel