From 22e6080b86e2475543396174eb8278cd67a0e91b Mon Sep 17 00:00:00 2001 From: dondetir Date: Wed, 22 Apr 2026 10:42:00 -0500 Subject: [PATCH] net/tcp: close write-worker fd on async write error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In the IO_WATCH_WRITE handler, when the stream write handler returns <0 (e.g. TLS async write fails after the 2s handshake timeout), the error branch breaks out of the switch before reaching the close(s) call that the success/pending paths hit at line 327. The fd s is delivered to the write worker via SCM_RIGHTS and is an independent copy in the worker's fd table — it must be explicitly closed on every exit path. tcpconn_release_error() signals main to close main's copy; close(s) closes the worker's copy. Without it one fd leaks per failed async write, confirmed: 7 leaked fds from 51 TLS OPTIONS (handshake timeout path) vs. 0 with the fix. Cherry-pick of bffcf0035 from master. Fixes: #3711 --- net/net_tcp_proc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/net_tcp_proc.c b/net/net_tcp_proc.c index 3de73eaec60..7de18e3b0cf 100644 --- a/net/net_tcp_proc.c +++ b/net/net_tcp_proc.c @@ -308,6 +308,7 @@ inline static int handle_io(struct fd_map* fm, int idx,int event_type) "handle write, err, state: %d, att: %d", con->state, con->msg_attempts); tcpconn_release_error(con, 1,"Write error"); + close(s); /* we always close the socket received for writing */ break; } else if (resp==1) { sh_log(con->hist, TCP_SEND2MAIN,