fix(h2): do not rewind kPendingIdx past in-flight requests by DucMinhNe · Pull Request #5408 · nodejs/undici (original) (raw)

When two requests are multiplexed on one HTTP/2 session and one stream is closed by the server before response headers, finalizeRequest(true) unconditionally reset kPendingIdx back to kRunningIdx while the other request was still in flight. Once the surviving request finalized, kRunningIdx advanced past kPendingIdx, leaving a nulled queue slot that Client[kDestroy] later splices and calls errorRequest on, crashing the process with 'TypeError: Cannot read properties of null (reading 'onResponseError')'.

Only reset kPendingIdx when it has actually fallen behind kRunningIdx, which is the invariant the reset was added to restore in nodejs#5090.

Fixes: nodejs#5404 Signed-off-by: Minh Le ducminhldm@gmail.com