Description
Version
20.13.0 and later, including latest 22.x
Platform
Linux hostname 6.5.0-28-generic #29~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Apr 4 14:39:20 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
Subsystem
No response
What steps will reproduce the bug?
I may need some help to narrow down the problem as it happens sporadically.
Currently I only know that it happens after:
- A session created.
- The server
pushStreamto the client (and callback called). - The client sends a request to create another stream and the server hangs.
I have tested with versions 20.10.0, 20.11.0, 20.12.0 and 20.12.1 and there's no problem. But since 20.13.0 the issue appears.
How often does it reproduce? Is there a required condition?
No response
What is the expected behavior? Why is that the expected behavior?
No response
What do you see instead?
I tried to use --inspect and pause on hanging (also the memory usage increases rapidly to several gigabytes and then terminated by OS I think) but no luck.
And tried --prof there's part of that looks suspicious:
ticks parent name
27305 70.6% /usr/bin/node
24662 90.3% JS: ^submitRstStream node:internal/http2/core:450:25
24662 100.0% JS: ^finishCloseStream node:internal/http2/core:1963:27
24662 100.0% JS: ^closeStream node:internal/http2/core:1930:21
24662 100.0% JS: ^_destroy node:internal/http2/core:2325:11
24662 100.0% JS: ^_destroy node:internal/streams/destroy:90:18
I am not a security guy but at first I thought it's something related to HTTP2 rapid reset attack and spent a whole day debugging towards that. At the end of the day I decided to downgrade Node.js and found out the older version just works.
Additional information
Also the HTTP2 server is on internet but generally only used by myself. Though I do saw a Russian IP connecting it periodically and that's also why I thought it was an attack.
But it also happens with only my own clients connected.