[7.3] aeaf44a48 req_fsm: Ensure failed sub-requests reach transmit
    Dridi Boukelmoune 
    dridi.boukelmoune at gmail.com
       
    Tue Nov 21 06:40:06 UTC 2023
    
    
  
commit aeaf44a48eea50145b3b3c0fba93daf7fdf6bdd1
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date:   Tue Nov 21 07:12:11 2023 +0100
    req_fsm: Ensure failed sub-requests reach transmit
    
    A VCL failure on the client side transitions to vcl_synth, except
    failures from vcl_synth that lead to minimal errors. The ESI transport
    is not allowed to reply with minimal responses so this would lead to a
    panic.
    
    On top of that, the vcl_req_reset feature flag emulates `return (fail)`
    statements when an HTTP/2 client disconnected, resulting in the same
    panic scenario.
    
    For sub-requests, we masquerade the fail transition as a deliver and
    trade the illegal minimal response for the synthetic response.
    
    Fixes #4022
diff --git a/bin/varnishd/cache/cache_req_fsm.c b/bin/varnishd/cache/cache_req_fsm.c
index 3deb70e5a..9373ec4ef 100644
--- a/bin/varnishd/cache/cache_req_fsm.c
+++ b/bin/varnishd/cache/cache_req_fsm.c
@@ -333,7 +333,11 @@ cnt_synth(struct worker *wrk, struct req *req)
 
 	VSLb_ts_req(req, "Process", W_TIM_real(wrk));
 
-	if (wrk->vpi->handling == VCL_RET_FAIL) {
+	while (wrk->vpi->handling == VCL_RET_FAIL) {
+		if (req->esi_level > 0) {
+			wrk->vpi->handling = VCL_RET_DELIVER;
+			break;
+		}
 		VSB_destroy(&synth_body);
 		(void)VRB_Ignore(req);
 		(void)req->transport->minimal_response(req, 500);
diff --git a/bin/varnishtest/tests/e00037.vtc b/bin/varnishtest/tests/e00037.vtc
new file mode 100644
index 000000000..bfb1354e5
--- /dev/null
+++ b/bin/varnishtest/tests/e00037.vtc
@@ -0,0 +1,28 @@
+varnishtest "Double fail ESI sub request"
+
+server s1 {
+	rxreq
+	txresp -body {<esi:include src="/inc"/>}
+} -start
+
+varnish v1 -vcl+backend {
+	sub vcl_backend_response {
+		set beresp.do_esi = true;
+	}
+
+	sub vcl_recv {
+		if (req.esi_level > 0) {
+			return (fail);
+		}
+	}
+
+	sub vcl_synth {
+		return (fail);
+	}
+} -start
+
+client c1 {
+	non_fatal
+	txreq
+	rxresp
+} -run
    
    
More information about the varnish-commit
mailing list