The Fix
pip install urllib3==1.25
Based on closed urllib3/urllib3 issue #805 · PR/commit linked
Production note: Watch p95/p99 latency and retry volume; timeouts can turn into retry storms and duplicate side-effects.
@@ -283,6 +283,33 @@ def test_ca_certs_default_cert_required(self):
self.assertEqual(conn.cert_reqs, 'CERT_REQUIRED')
+ def test_cleanup_on_extreme_connection_error(self):
+ """
+ This test validates that we clean up properly even on exceptions that
fix.md
Option A — Upgrade to fixed release\npip install urllib3==1.25\nWhen NOT to use: Do not use this fix if your application relies on blocking behavior for connection management.\n\n
Why This Fix Works in Production
- Trigger: Connection pool queue can still be exhausted by gevent timeouts
- Mechanism: Connections are not properly returned to the pool after timeouts, leading to exhaustion
- Why the fix works: This patch ensures that we correctly cleanup connections that fail inside `HTTPConnectionPool.urlopen`, addressing the issue of connection pool exhaustion due to gevent timeouts. (first fixed release: 1.25).
Production impact:
- If left unfixed, this can cause silent data inconsistencies that propagate (bad cache entries, incorrect downstream decisions).
Why This Breaks in Prod
- Connections are not properly returned to the pool after timeouts, leading to exhaustion
- Production symptom (often without a traceback): Connection pool queue can still be exhausted by gevent timeouts
Proof / Evidence
- GitHub issue: #805
- Fix PR: https://github.com/urllib3/urllib3/pull/807
- First fixed release: 1.25
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.74
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“@ml31415 Should be fixed in master, can you confirm? (Let's re-open if it's still an issue.)”
“@ml31415 Do we have a shorter repro scenario than the one above? Ideally one it's not a problem for me to run locally?”
“@Lukasa Yea I think a cleanup boolean + finally is the way to go for complex cleanups based on how the rest of our code…”
“Hmmm, unfortunately it looks like it's still there. Looks like i overlooked something initially :/”
Failure Signature (Search String)
- Connection pool queue can still be exhausted by gevent timeouts
- A similar error was discussed here https://github.com/shazow/urllib3/issues/644 already and some fix applied, but the problem still partly exists. Consider this code:
Copy-friendly signature
signature.txt
Failure Signature
-----------------
Connection pool queue can still be exhausted by gevent timeouts
A similar error was discussed here https://github.com/shazow/urllib3/issues/644 already and some fix applied, but the problem still partly exists. Consider this code:
Error Message
Signature-only (no traceback captured)
error.txt
Error Message
-------------
Connection pool queue can still be exhausted by gevent timeouts
A similar error was discussed here https://github.com/shazow/urllib3/issues/644 already and some fix applied, but the problem still partly exists. Consider this code:
What Broke
Connection pool exhaustion causes blocking on further requests.
Why It Broke
Connections are not properly returned to the pool after timeouts, leading to exhaustion
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
pip install urllib3==1.25
When NOT to use: Do not use this fix if your application relies on blocking behavior for connection management.
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Option D — Guard side-effects with OnceOnly Guardrail for side-effects
Mitigate duplicate external side-effects under retries/timeouts/agent loops by gating the operation before calling external systems.
- Place OnceOnly between your code/agent and real side-effects (Stripe, emails, CRM, APIs).
- Use a stable key per side-effect (e.g., customer_id + action + idempotency_key).
- Fail-safe: configure fail-open vs fail-closed based on blast radius and spend risk.
- This does NOT fix data corruption; it only prevents duplicate side-effects.
Show example snippet (optional)
onceonly.py
from onceonly import OnceOnly
import os
once = OnceOnly(api_key=os.environ["ONCEONLY_API_KEY"], fail_open=True)
# Stable idempotency key per real side-effect.
# Use a request id / job id / webhook delivery id / Stripe event id, etc.
event_id = "evt_..." # replace
key = f"stripe:webhook:{event_id}"
res = once.check_lock(key=key, ttl=3600)
if res.duplicate:
return {"status": "already_processed"}
# Safe to execute the side-effect exactly once.
handle_event(event_id)
When NOT to use: Do not use this to hide logic bugs or data corruption. Use it to block duplicate external side-effects and enforce tool permissions/spend caps.
Fix reference: https://github.com/urllib3/urllib3/pull/807
First fixed release: 1.25
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- Do not use this fix if your application relies on blocking behavior for connection management.
- Do not use this to hide logic bugs or data corruption. Use it to block duplicate external side-effects and enforce tool permissions/spend caps.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Add a CI check that diffs key outputs after upgrades (OpenAPI schema snapshots, JSON payload shapes, CLI output).
- Upgrade behind a canary and run integration tests against the canary before 100% rollout.
- Track RSS + object counts after deployments; alert on monotonic growth and GC pressure.
- Add a long-running test that repeats the failing call path and asserts stable memory.
Version Compatibility Table
| Version | Status |
|---|---|
| 1.25 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.