p3-http: rework content-length handling
#11658
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
c2d00f7 to
9fa428c
Compare
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
prtest:full Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
848ff19 to
43fca87
Compare
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
15d2f9b to
a8599c2
Compare
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Member
Author
|
I've been working on some refactoring and addition of |
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
content-length testcontent-length test, rework
content-length test, reworkcontent-length handling
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
alexcrichton
approved these changes
Sep 10, 2025
alexcrichton
pushed a commit
to alexcrichton/wasmtime
that referenced
this pull request
Sep 11, 2025
* p3-http: correctly handle `result` future cancellation Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: restructure the `content-length` test a bit Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(http): keep accepting connections after errors prtest:full Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): assert `handle` error on exceeding `content-length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: perform `content-length` check early Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): account for `handle` race condition Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * refactor(http): reuse `get_content_length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: check `content-length` for host bodies Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): call out that host bodies are not validated Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: refactor body size error send Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * fix(p3-http): do not rely on `Drop` for host body check Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): ensure non-default send request is documented Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): correct `send_request` doc Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> --------- Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
alexcrichton
added a commit
that referenced
this pull request
Sep 11, 2025
* p3-http: rework `content-length` handling (#11658) * p3-http: correctly handle `result` future cancellation Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: restructure the `content-length` test a bit Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(http): keep accepting connections after errors prtest:full Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): assert `handle` error on exceeding `content-length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: perform `content-length` check early Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): account for `handle` race condition Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * refactor(http): reuse `get_content_length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: check `content-length` for host bodies Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): call out that host bodies are not validated Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: refactor body size error send Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * fix(p3-http): do not rely on `Drop` for host body check Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): ensure non-default send request is documented Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): correct `send_request` doc Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> --------- Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * return `TaskExit` future from `[Typed]Func::call_concurrent` (#11662) * return `TaskExit` future from `[Typed]Func::call_concurrent` In addition to returning the value produced by the callee, these functions now also return a `TaskExit` future which resolves once the subtask (and any transitively-created subtasks) have exited. This partially addresses #11600; the next step will be to add a `wasmtime-wit-bindgen` option to expose the `TaskExit` value in generated bindings. Signed-off-by: Joel Dice <joel.dice@fermyon.com> * address review feedback `TaskExit` now has an `async fn block` instead of closing over an `impl AsAccessor` and implementing `Future`. Signed-off-by: Joel Dice <joel.dice@fermyon.com> --------- Signed-off-by: Joel Dice <joel.dice@fermyon.com> * Update to wasm-tools 239 (#11660) Changes include: * `async` option on some CM intrinsics renamed to `cancellable` * New `backpressure.{inc,dec}` intrinsics * New component-model-threading-related intrinsics New features aren't yet implemented, they're left for future PRs. * add `task_exit` option to `wasmtime-wit-bindgen` (#11665) This builds on #11662 by optionally exposing the `TaskExit` return value from `[Typed]Func::call_concurrent` in the bindings generated for exported functions. Note that the first two commits are shared with #11662. Fixes #11600 Signed-off-by: Joel Dice <joel.dice@fermyon.com> * make `waitable-set.{poll,wait}` and `yield` non-cancellable by default (#11671) This fixes a divergence between the spec and the implementation. Thanks (again) to Luke for providing a test case, which I've added here. This addresses half of #11582 Signed-off-by: Joel Dice <joel.dice@fermyon.com> * fix panic in `Instance::set_consumer` when write end is already dropped (#11669) * fix panic in `Instance::set_consumer` when write end is already dropped In this case, we can drop the whole stream or future immediately since there's nothing left to do with it. Fixes #11621 Signed-off-by: Joel Dice <joel.dice@fermyon.com> * add test for piping from a stream whose write end is already dropped Signed-off-by: Joel Dice <joel.dice@fermyon.com> --------- Signed-off-by: Joel Dice <joel.dice@fermyon.com> * wasip3: Add support to `wasmtime serve` (#11646) * wasip3: Add support to `wasmtime serve` This commit adds support for WASIp3 to `wasmtime serve` by detecting whether the input component is using a WASIp3 exported interface instead of a WASIp2 exported interface (similar to how `wasmtime run` detects which is supported). * Fix tests * Log guest result * fix panic when trapping while handling multiple work items (#11678) Now we wrap the "ready" set of work items in a struct which will gracefully dispose of the remainder if we trap or panic while handling one of them. Fixes #11668 Signed-off-by: Joel Dice <joel.dice@fermyon.com> * Implement `backpressure.{inc,dec}` (#11661) Added to the async specification in WebAssembly/component-model#560 these are minor adaptations to the preexisting `backpressure.set` intrinsic and are intended to replace it. The `backpressure.set` intrinsic will remain until tooling propagates to understand `backpressure.{inc,dec}`. --------- Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> Signed-off-by: Joel Dice <joel.dice@fermyon.com> Co-authored-by: Roman Volosatovs <rvolosatovs@users.noreply.github.com> Co-authored-by: Joel Dice <joel.dice@fermyon.com>
bongjunj
pushed a commit
to prosyslab/wasmtime
that referenced
this pull request
Oct 20, 2025
* p3-http: correctly handle `result` future cancellation Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: restructure the `content-length` test a bit Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(http): keep accepting connections after errors prtest:full Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): assert `handle` error on exceeding `content-length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: perform `content-length` check early Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * test(p3-http): account for `handle` race condition Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * refactor(http): reuse `get_content_length` Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: check `content-length` for host bodies Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): call out that host bodies are not validated Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * p3-http: refactor body size error send Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * fix(p3-http): do not rely on `Drop` for host body check Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): ensure non-default send request is documented Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> * doc(p3-http): correct `send_request` doc Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net> --------- Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #11656
We paired with @alexcrichton yesterday debugging this (thank you, @alexcrichton!) and here's the summary of what we've found out:
The reason for the flakiness was an issue in implementation of the test HTTP server logic - short write of the 2nd connection would sometimes cause an error and the 3rd connection would fail to get established, since the server would stop accepting connections.
The reason for this is that there is a race condition for the "short write" case in which the client might not even have started sending the request body to the server yet when the error is caught by the consumer and consequently the I/O driver task is dropped. The cases where the body was not started to be transmitted yet would be treated as success by Hyper and so the 3rd connection would be accepted, however in the rare cases where the request body has already started being streamed, connection handling would fail server-side due to the short write, aborting the accept loop and causing "connection refused" error in the guest for the 3rd connection never triggering the
content-lengthcheck for the 3rd case and therefore causing a panic on thetransmit.expect_err, since fromwasi:httpperspective transmission future did not encounter errors as it has never even began. To address the last part, I've also pushed db3cbac to make surecontent-lengthcheck happens early and even if theGuestBodyis already dropped by the time guest is trying to writeIn this PR I've also:
content-lengthvalidation for requests carrying bodies originating from the host