add flow-control and remove auto-read

Author: mhl-b

modules/transport-netty4/src/internalClusterTest/java/org/elasticsearch/http/netty4/Netty4IncrementalRequestHandlingIT.java

@@ -178,8 +178,6 @@ public void testClientConnectionCloseMidStream() throws Exception {
 
             // await stream handler is ready and request full content
             var handler = ctx.awaitRestChannelAccepted(opaqueId);
-            assertBusy(() -> assertNotEquals(0, handler.stream.bufSize()));
-
             assertFalse(handler.streamClosed);
 
             // terminate client connection
@@ -190,10 +188,7 @@ public void testClientConnectionCloseMidStream() throws Exception {
             handler.stream.next();
 
             // wait for resources to be released
-            assertBusy(() -> {
-                assertEquals(0, handler.stream.bufSize());
-                assertTrue(handler.streamClosed);
-            });
+            assertBusy(() -> assertTrue(handler.streamClosed));
         }
     }
 
@@ -208,15 +203,11 @@ public void testServerCloseConnectionMidStream() throws Exception {
 
             // await stream handler is ready and request full content
             var handler = ctx.awaitRestChannelAccepted(opaqueId);
-            assertBusy(() -> assertNotEquals(0, handler.stream.bufSize()));
             assertFalse(handler.streamClosed);
 
             // terminate connection on server and wait resources are released
             handler.channel.request().getHttpChannel().close();
-            assertBusy(() -> {
-                assertEquals(0, handler.stream.bufSize());
-                assertTrue(handler.streamClosed);
-            });
+            assertBusy(() -> assertTrue(handler.streamClosed));
         }
     }
 
@@ -230,16 +221,12 @@ public void testServerExceptionMidStream() throws Exception {
 
             // await stream handler is ready and request full content
             var handler = ctx.awaitRestChannelAccepted(opaqueId);
-            assertBusy(() -> assertNotEquals(0, handler.stream.bufSize()));
             assertFalse(handler.streamClosed);
 
             handler.shouldThrowInsideHandleChunk = true;
             handler.stream.next();
 
-            assertBusy(() -> {
-                assertEquals(0, handler.stream.bufSize());
-                assertTrue(handler.streamClosed);
-            });
+            assertBusy(() -> assertTrue(handler.streamClosed));
         }
     }
 
@@ -280,7 +267,7 @@ public void testClientBackpressure() throws Exception {
                 });
                 handler.readBytes(partSize);
             }
-            assertTrue(handler.stream.hasLast());
+            assertTrue(handler.recvLast);
         }
     }
 

modules/transport-netty4/src/main/java/org/elasticsearch/http/netty4/Netty4HttpHeaderValidator.java

@@ -9,249 +9,106 @@
 
 package org.elasticsearch.http.netty4;
 
-import io.netty.buffer.Unpooled;
+import io.netty.channel.ChannelDuplexHandler;
 import io.netty.channel.ChannelHandlerContext;
-import io.netty.channel.ChannelInboundHandlerAdapter;
 import io.netty.handler.codec.DecoderResult;
 import io.netty.handler.codec.http.HttpContent;
 import io.netty.handler.codec.http.HttpObject;
 import io.netty.handler.codec.http.HttpRequest;
-import io.netty.handler.codec.http.LastHttpContent;
-import io.netty.util.ReferenceCountUtil;
 
 import org.elasticsearch.action.ActionListener;
 import org.elasticsearch.action.support.ContextPreservingActionListener;
 import org.elasticsearch.common.util.concurrent.ThreadContext;
+import org.elasticsearch.core.Nullable;
 import org.elasticsearch.http.netty4.internal.HttpValidator;
 import org.elasticsearch.transport.Transports;
 
-import java.util.ArrayDeque;
-
-import static org.elasticsearch.http.netty4.Netty4HttpHeaderValidator.State.DROPPING_DATA_PERMANENTLY;
-import static org.elasticsearch.http.netty4.Netty4HttpHeaderValidator.State.DROPPING_DATA_UNTIL_NEXT_REQUEST;
-import static org.elasticsearch.http.netty4.Netty4HttpHeaderValidator.State.FORWARDING_DATA_UNTIL_NEXT_REQUEST;
-import static org.elasticsearch.http.netty4.Netty4HttpHeaderValidator.State.QUEUEING_DATA;
-import static org.elasticsearch.http.netty4.Netty4HttpHeaderValidator.State.WAITING_TO_START;
-
-public class Netty4HttpHeaderValidator extends ChannelInboundHandlerAdapter {
+public class Netty4HttpHeaderValidator extends ChannelDuplexHandler {
 
     private final HttpValidator validator;
     private final ThreadContext threadContext;
-    private ArrayDeque<HttpObject> pending = new ArrayDeque<>(4);
-    private State state = WAITING_TO_START;
+    private boolean droppingContent;
+    private boolean validatingRequest;
 
     public Netty4HttpHeaderValidator(HttpValidator validator, ThreadContext threadContext) {
         this.validator = validator;
         this.threadContext = threadContext;
     }
 
-    State getState() {
-        return state;
-    }
-
-    @SuppressWarnings("fallthrough")
     @Override
     public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
-        assert msg instanceof HttpObject;
-        final HttpObject httpObject = (HttpObject) msg;
-
-        switch (state) {
-            case WAITING_TO_START:
-                assert pending.isEmpty();
-                pending.add(ReferenceCountUtil.retain(httpObject));
-                requestStart(ctx);
-                assert state == QUEUEING_DATA;
-                assert ctx.channel().config().isAutoRead() == false;
-                break;
-            case QUEUEING_DATA:
-                pending.add(ReferenceCountUtil.retain(httpObject));
-                break;
-            case FORWARDING_DATA_UNTIL_NEXT_REQUEST:
-                assert pending.isEmpty();
-                if (httpObject instanceof LastHttpContent) {
-                    state = WAITING_TO_START;
-                }
-                ctx.fireChannelRead(httpObject);
-                break;
-            case DROPPING_DATA_UNTIL_NEXT_REQUEST:
-                assert pending.isEmpty();
-                if (httpObject instanceof LastHttpContent) {
-                    state = WAITING_TO_START;
-                }
-                ReferenceCountUtil.release(httpObject);
-                break;
-            case DROPPING_DATA_PERMANENTLY:
-                assert pending.isEmpty();
-                ReferenceCountUtil.release(httpObject); // consume without enqueuing
-                ctx.channel().config().setAutoRead(false);
-                break;
-        }
-    }
-
-    private void requestStart(ChannelHandlerContext ctx) {
-        assert state == WAITING_TO_START;
-
-        if (pending.isEmpty()) {
-            return;
-        }
-
-        final HttpObject httpObject = pending.getFirst();
-        final HttpRequest httpRequest;
-        if (httpObject instanceof HttpRequest && httpObject.decoderResult().isSuccess()) {
-            // a properly decoded HTTP start message is expected to begin validation
-            // anything else is probably an error that the downstream HTTP message aggregator will have to handle
-            httpRequest = (HttpRequest) httpObject;
-        } else {
-            httpRequest = null;
-        }
-
-        state = QUEUEING_DATA;
-        ctx.channel().config().setAutoRead(false);
-
-        if (httpRequest == null) {
-            // this looks like a malformed request and will forward without validation
-            ctx.channel().eventLoop().execute(() -> forwardFullRequest(ctx));
-        } else {
-            assert Transports.assertDefaultThreadContext(threadContext);
-            ActionListener.run(
-                // this prevents thread-context changes to propagate to the validation listener
-                // atm, the validation listener submits to the event loop executor, which doesn't know about the ES thread-context,
-                // so this is just a defensive play, in case the code inside the listener changes to not use the event loop executor
-                ActionListener.assertOnce(
-                    new ContextPreservingActionListener<Void>(
-                        threadContext.wrapRestorable(threadContext.newStoredContext()),
-                        // Always explicitly dispatch back to the event loop to prevent reentrancy concerns if we are still on event loop
-                        new ActionListener<>() {
-                            @Override
-                            public void onResponse(Void unused) {
-                                assert Transports.assertDefaultThreadContext(threadContext);
-                                ctx.channel().eventLoop().execute(() -> forwardFullRequest(ctx));
-                            }
-
-                            @Override
-                            public void onFailure(Exception e) {
-                                assert Transports.assertDefaultThreadContext(threadContext);
-                                ctx.channel().eventLoop().execute(() -> forwardRequestWithDecoderExceptionAndNoContent(ctx, e));
-                            }
-                        }
-                    )
-                ),
-                listener -> {
-                    // this prevents thread-context changes to propagate beyond the validation, as netty worker threads are reused
-                    try (ThreadContext.StoredContext ignore = threadContext.newStoredContext()) {
-                        validator.validate(httpRequest, ctx.channel(), listener);
+        assert ctx.channel().config().isAutoRead() == false : "auto-read should be always disabled";
+        if (msg instanceof HttpObject httpObject) {
+            if (httpObject.decoderResult().isFailure()) {
+                ctx.fireChannelRead(httpObject); // pass-through for decoding failures
+            } else {
+                if (msg instanceof HttpRequest request) {
+                    validate(ctx, request);
+                } else if (msg instanceof HttpContent content) {
+                    if (droppingContent) {
+                        content.release();
+                    } else {
+                        assert validatingRequest == false : "unexpected content before validation completed";
+                        ctx.fireChannelRead(content);
                     }
                 }
-            );
-        }
-    }
-
-    private void forwardFullRequest(ChannelHandlerContext ctx) {
-        Transports.assertDefaultThreadContext(threadContext);
-        assert ctx.channel().eventLoop().inEventLoop();
-        assert ctx.channel().config().isAutoRead() == false;
-        assert state == QUEUEING_DATA;
-
-        ctx.channel().config().setAutoRead(true);
-        boolean fullRequestForwarded = forwardData(ctx, pending);
-
-        assert fullRequestForwarded || pending.isEmpty();
-        if (fullRequestForwarded) {
-            state = WAITING_TO_START;
-            requestStart(ctx);
-        } else {
-            state = FORWARDING_DATA_UNTIL_NEXT_REQUEST;
-        }
-
-        assert state == WAITING_TO_START || state == QUEUEING_DATA || state == FORWARDING_DATA_UNTIL_NEXT_REQUEST;
-    }
-
-    private void forwardRequestWithDecoderExceptionAndNoContent(ChannelHandlerContext ctx, Exception e) {
-        Transports.assertDefaultThreadContext(threadContext);
-        assert ctx.channel().eventLoop().inEventLoop();
-        assert ctx.channel().config().isAutoRead() == false;
-        assert state == QUEUEING_DATA;
-
-        HttpObject messageToForward = pending.getFirst();
-        boolean fullRequestDropped = dropData(pending);
-        if (messageToForward instanceof HttpContent toReplace) {
-            // if the request to forward contained data (which got dropped), replace with empty data
-            messageToForward = toReplace.replace(Unpooled.EMPTY_BUFFER);
-        }
-        messageToForward.setDecoderResult(DecoderResult.failure(e));
-
-        ctx.channel().config().setAutoRead(true);
-        ctx.fireChannelRead(messageToForward);
-
-        assert fullRequestDropped || pending.isEmpty();
-        if (fullRequestDropped) {
-            state = WAITING_TO_START;
-            requestStart(ctx);
-        } else {
-            state = DROPPING_DATA_UNTIL_NEXT_REQUEST;
+            }
         }
-
-        assert state == WAITING_TO_START || state == QUEUEING_DATA || state == DROPPING_DATA_UNTIL_NEXT_REQUEST;
     }
 
     @Override
-    public void channelInactive(ChannelHandlerContext ctx) throws Exception {
-        state = DROPPING_DATA_PERMANENTLY;
-        while (true) {
-            if (dropData(pending) == false) {
-                break;
-            }
+    public void read(ChannelHandlerContext ctx) throws Exception {
+        // until validation is completed we can ignore read calls,
+        // once validation is finished HttpRequest will be fired and downstream can read from there
+        if (validatingRequest == false) {
+            ctx.read();
         }
-        super.channelInactive(ctx);
     }
 
-    private static boolean forwardData(ChannelHandlerContext ctx, ArrayDeque<HttpObject> pending) {
-        final int pendingMessages = pending.size();
-        try {
-            HttpObject toForward;
-            while ((toForward = pending.poll()) != null) {
-                ctx.fireChannelRead(toForward);
-                ReferenceCountUtil.release(toForward); // reference cnt incremented when enqueued
-                if (toForward instanceof LastHttpContent) {
-                    return true;
-                }
-            }
-            return false;
-        } finally {
-            maybeResizePendingDown(pendingMessages, pending);
-        }
-    }
+    void validate(ChannelHandlerContext ctx, HttpRequest request) {
+        assert Transports.assertDefaultThreadContext(threadContext);
+        droppingContent = false;
+        validatingRequest = true;
+        ActionListener.run(
+            // this prevents thread-context changes to propagate to the validation listener
+            // atm, the validation listener submits to the event loop executor, which doesn't know about the ES thread-context,
+            // so this is just a defensive play, in case the code inside the listener changes to not use the event loop executor
+            ActionListener.assertOnce(
+                new ContextPreservingActionListener<Void>(
+                    threadContext.wrapRestorable(threadContext.newStoredContext()),
+                    new ActionListener<>() {
+                        @Override
+                        public void onResponse(Void unused) {
+                            handleValidationResult(ctx, request, null);
+                        }
 
-    private static boolean dropData(ArrayDeque<HttpObject> pending) {
-        final int pendingMessages = pending.size();
-        try {
-            HttpObject toDrop;
-            while ((toDrop = pending.poll()) != null) {
-                ReferenceCountUtil.release(toDrop, 2); // 1 for enqueuing, 1 for consuming
-                if (toDrop instanceof LastHttpContent) {
-                    return true;
+                        @Override
+                        public void onFailure(Exception e) {
+                            handleValidationResult(ctx, request, e);
+                        }
+                    }
+                )
+            ),
+            listener -> {
+                // this prevents thread-context changes to propagate beyond the validation, as netty worker threads are reused
+                try (ThreadContext.StoredContext ignore = threadContext.newStoredContext()) {
+                    validator.validate(request, ctx.channel(), listener);
                 }
             }
-            return false;
-        } finally {
-            maybeResizePendingDown(pendingMessages, pending);
-        }
+        );
     }
 
-    private static void maybeResizePendingDown(int largeSize, ArrayDeque<HttpObject> pending) {
-        if (pending.size() <= 4 && largeSize > 32) {
-            // Prevent the ArrayDeque from becoming forever large due to a single large message.
-            ArrayDeque<HttpObject> old = pending;
-            pending = new ArrayDeque<>(4);
-            pending.addAll(old);
-        }
+    void handleValidationResult(ChannelHandlerContext ctx, HttpRequest request, @Nullable Exception validationError) {
+        assert Transports.assertDefaultThreadContext(threadContext);
+        // Always explicitly dispatch back to the event loop to prevent reentrancy concerns if we are still on event loop
+        ctx.channel().eventLoop().execute(() -> {
+            if (validationError != null) {
+                request.setDecoderResult(DecoderResult.failure(validationError));
+                droppingContent = true;
+            }
+            validatingRequest = false;
+            ctx.fireChannelRead(request);
+        });
     }
 
-    enum State {
-        WAITING_TO_START,
-        QUEUEING_DATA,
-        FORWARDING_DATA_UNTIL_NEXT_REQUEST,
-        DROPPING_DATA_UNTIL_NEXT_REQUEST,
-        DROPPING_DATA_PERMANENTLY
-    }
 }

modules/transport-netty4/src/main/java/org/elasticsearch/http/netty4/Netty4HttpPipeliningHandler.java

@@ -139,14 +139,16 @@ public void channelRead(final ChannelHandlerContext ctx, final Object msg) {
                     } else {
                         var contentStream = new Netty4HttpRequestBodyStream(
                             ctx.channel(),
-                            serverTransport.getThreadPool().getThreadContext(),
-                            activityTracker
+                            serverTransport.getThreadPool().getThreadContext()
                         );
                         currentRequestStream = contentStream;
                         netty4HttpRequest = new Netty4HttpRequest(readSequence++, request, contentStream);
                     }
                 }
                 handlePipelinedRequest(ctx, netty4HttpRequest);
+                if (request instanceof FullHttpRequest) {
+                    ctx.read();
+                }
             } else {
                 assert msg instanceof HttpContent : "expect HttpContent got " + msg;
                 assert currentRequestStream != null : "current stream must exists before handling http content";