Conversation
indutny
left a comment
There was a problem hiding this comment.
I think it should be a safe change to land, however I'm a bit worried that there is no test for this yet.
LGTM, though.
src/tls_wrap.cc
Outdated
There was a problem hiding this comment.
Let's change it to early return.
31f824d to
7f684a1
Compare
7f684a1 to
f3d9a70
Compare
|
@indutny addressed your comment & added a test |
There was a problem hiding this comment.
This is actually a unused var. As far as I see it you only wanted to deactivate it for clientTLSHandle. So you could just use // eslint-disable-next-line no-unused-vars?
|
I think it would be good to get another pair of eyes on this before landing due to the changed code. Therefore I am removing the ready label in the meanwhile. |
When the TLS stream is destroyed for whatever reason, we should unset all callbacks on the underlying transport stream. Fixes: nodejs#17475
|
@nodejs/collaborators Could somebody review (at least) the test here, since that has been kind of implicitly been requested by @BridgeAR ? |
f3d9a70 to
b7949b0
Compare
hybrist
left a comment
There was a problem hiding this comment.
The test file LGTM if my assumptions are correct.
| 'use strict'; | ||
|
|
||
| // Regression test for https://github.com/nodejs/node/issues/17475 | ||
| // Unfortunately, this tests only "works" reliably when checked with valgrind or |
There was a problem hiding this comment.
Just for clarity: I assume "works" in this context means "doesn't raise memory leak errors"..? And properly running the test is just using the --valgrind option?
There was a problem hiding this comment.
@jkrems Yeah – it complains about accessing released memory when run with valgrind. “Unfortunately”, most of the time that doesn’t lead to crashes…
Running the test file with --valgrind should make that reflected in the exit code, yes :)
| #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB | ||
| sni_context_.Reset(); | ||
| #endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB | ||
|
|
There was a problem hiding this comment.
I would add a comment before this block linking to the issue.
There was a problem hiding this comment.
I’ve added a reference to the test and a quick explanation, the test contains a link to the issue.
|
Landed in f96a86c |
|
Normally we don't backport to LTS until things have been in a current release (9.x) for at least two weeks. This hasn't gone into a 9.x release yet, so we'd be talking 6 weeks before this could land in v8.x. If this is a serious bug we should consider including it in the v8.9.4 release candidate build going out today, so that it goes out with v8.9.4 in two weeks. What would be helpful is an idea of:
|
|
I don't think this needs to be rushed. This problem has likely be in for a very long time, and we just heard about it recently. |
|
Hitting this bug should be pretty rare. I'm seeing it, but my use case is very similar to the code in #17475 (remarkably, I encountered it about a day later). It caused a whole lot of pain, but I'm happily using a recent build which includes the fixes, and will move over to the next release of 9 when it appears. The fix itself appears fairly low risk. On balance, I would probably not do anything different to the usual process. The bug has been around for a long time, and I know of only two times it has been encountered. |
|
I don't disagree with anything above. But I want to point out that we've also seen this bug a long time, but recently (as in the last 2-3 weeks) it's happening a lot more often. We had some trouble nailing it back when it was a sporadic crash (and also sporadic failure in our unittests). Due to the nature of the bug, that could be due to a multitude of reasons. And this increase in frequency might be due to some of our code or change in our usage. I wanted to propose it at least. |
|
+1 on waiting until the next release |
|
I've landed this on both v6.x and v8.x staging. Please lmk if there are objections |
|
@MylesBorins Given the kind of issue that this fixes (rare, hard-to-debug segfault), I would even like to see it on v4.x. Would that be okay with you? |
|
@addaleax there were no plans for another 4.x but I'm open to considering if you think this is a big enough deal. Would you be willing to open an issue on release to discuss? |
When the TLS stream is destroyed for whatever reason,
we should unset all callbacks on the underlying transport
stream.
Fixes
Refs (maybe Fixes): #17475@indutny Could you take a look at this?
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)
tls