Prevent REST response overflow and double-close failures#22356
Prevent REST response overflow and double-close failures#22356venkateshwaracholan wants to merge 2 commits into
Conversation
Signed-off-by: Venkateshwaran Shanmugham <venkateshwaran@cloudera.com> Signed-off-by: Venkateshwaran Shanmugham <venkateshwaracholan@gmail.com>
PR Reviewer Guide 🔍(Review updated until commit 354a74e)Here are some key observations to aid the review process:
|
PR Code Suggestions ✨Latest suggestions up to 354a74e
Previous suggestionsSuggestions up to commit dd9846a
|
|
❌ Gradle check result for dd9846a: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
Signed-off-by: Venkateshwaran Shanmugham <venkateshwaracholan@gmail.com>
e0b5118 to
354a74e
Compare
|
Persistent review updated to latest commit 354a74e |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #22356 +/- ##
============================================
- Coverage 73.40% 73.36% -0.05%
+ Complexity 76075 76038 -37
============================================
Files 6076 6076
Lines 345500 345507 +7
Branches 49732 49732
============================================
- Hits 253608 253474 -134
- Misses 71707 71778 +71
- Partials 20185 20255 +70 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Summary
Fix two related bugs in the REST response path that can cause a silent ~5-minute hang (zero bytes flushed, LB 504) when search response bodies exceed ~715 MB.
ResourceHandlingHttpChannelandStreamHandlingHttpChannelclose()idempotent so failure responses can still be sent after a partialsendResponse()failure.Fixes #22311.
Problem
Large string responses are encoded through:
When the UTF-16 string length exceeds
Integer.MAX_VALUE / 3, Lucene throws anArithmeticException.Because the response channel has already been partially closed,
RestActionListener.onFailure()attempts anothersendResponse(), which fails withIllegalStateException("Channel is already closed"), leaving the connection hanging until the load balancer times out.Solution
Bug A
Validate the UTF-16 length before constructing
BytesRefand return a typedOpenSearchStatusException(HTTP 413) instead of exposing an uncaughtArithmeticException.Bug B
Make channel
close()idempotent so repeated calls become a no-op instead of throwing, allowing the failure response to be sent correctly.Evidence / Tests
BytesArrayTests.testOverflowGuardPreventsBytesRefIntegerOverflowBytesRestResponseTests.testToBytesArrayMapsOverflowGuardFailureToRequestEntityTooLargeOpenSearchStatusException(HTTP 413)RestControllerTests.testResourceHandlingChannelCloseIsIdempotentsendResponse()calls no longer fail due to repeatedclose()Validation
All tests pass locally.
Related
Checklist
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.