diff --git a/src/node_http_parser.cc b/src/node_http_parser.cc
index a339043bdca5bd..90fc3b41b525f7 100644
--- a/src/node_http_parser.cc
+++ b/src/node_http_parser.cc
@@ -527,6 +527,7 @@ class Parser : public AsyncWrap {
 
       stream->set_alloc_cb(parser->prev_alloc_cb_);
       stream->set_read_cb(parser->prev_read_cb_);
+      stream->Unconsume();
     }
 
     parser->prev_alloc_cb_.clear();
diff --git a/src/stream_base.h b/src/stream_base.h
index 75bf0e937f338b..68c82d243f2913 100644
--- a/src/stream_base.h
+++ b/src/stream_base.h
@@ -234,6 +234,11 @@ class StreamBase : public StreamResource {
     consumed_ = true;
   }
 
+  inline void Unconsume() {
+    CHECK_EQ(consumed_, true);
+    consumed_ = false;
+  }
+
   template <class Outer>
   inline Outer* Cast() { return static_cast<Outer*>(Cast()); }
 
diff --git a/test/parallel/test-http-upgrade-reconsume-stream.js b/test/parallel/test-http-upgrade-reconsume-stream.js
new file mode 100644
index 00000000000000..e712ea647b3ad9
--- /dev/null
+++ b/test/parallel/test-http-upgrade-reconsume-stream.js
@@ -0,0 +1,29 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const tls = require('tls');
+const http = require('http');
+
+// Tests that, after the HTTP parser stopped owning a socket that emits an
+// 'upgrade' event, another C++ stream can start owning it (e.g. a TLSSocket).
+
+const server = http.createServer(common.mustNotCall());
+
+server.on('upgrade', common.mustCall((request, socket, head) => {
+  // This should not crash.
+  new tls.TLSSocket(socket);
+  server.close();
+  socket.destroy();
+}));
+
+server.listen(0, common.mustCall(() => {
+  http.get({
+    port: server.address().port,
+    headers: {
+      'Connection': 'Upgrade',
+      'Upgrade': 'websocket'
+    }
+  }).on('error', () => {});
+}));