req_fsm: Always run vcl_synth upon client req reset

[dridi]

This way it becomes possible to log extra information for log consumers, call into VMODs, or whatever else one might want to do for a synthetic 408 response.

[nigoroll]

the commit message sounds like there would be more to it, but this is really just a comment fix?

[dridi]

Yes, this describes the old waiting list system with the retired hash_objhead field. I noticed this while surveying the req_reset behavior because we have more waiting list features on the Enterprise side (primarily #3835).

There was no reason to omit it from this patch series.

[nigoroll]

I was really only asking because the commit message " req_fsm: Clear stale reference to req->hash_objhead" sounds like you had other intentions than only polishing a comment.

[nigoroll]

I do not understand this. The only place where req_reset is set, VCL_RET_FAIL handling is signaled. Why does this pivot around req_reset and not VCL_RET_FAIL as already seems to be the case?

Also, is vcl_synth{} still the right place for this? Do we need some place to handle VCL_RET_FAIL, where it is clear that we do not emit headers?

I do not want to say that this is wrong, but could you please at least explain more?

[dridi]

The req_poll() function is a short-circuit to circumvent VCL execution once a request is "reset". For now, that is limited to aborted h2 connections or h2 streams being reset (and again, #3835 and more on the enterprise side).

The goal is to ensure that this short circuit either emulates a return (fail) that normally leads to vcl_synth (via R_STP_VCLFAIL) but does not prevent vcl_synth from being executed.

[nigoroll]

I do not understand how your response would answer my questions.

• why does this (need to) look at req_reset and not just at VCL_RET_FAIL?

• Would it not be cleaner to have a vcl sub to handle VCL_RET_FAIL rather than invoking vcl_synth {}, but without the intended effect? The existing code path in vcl_synth {} is to handle a return(fail) from vcl_synth {} itself, but now entering vcl_synth {} for fail paths and not executing the expected delivery seems plain wrong to me.

Side note: We should base our design decisions on what we have in our code base. What is in your private fork should not guide us.

[bsdphk]

This feels too adhoc and "forced"
Also: what about 400 ?
If we want this, I think we need a new vcl_${bikeshed} which only have access to the session info (ie: IP#, proxy info) and they we should call it on all "short" responses in the C code.

[dridi]

This feels too adhoc and "forced"

Forced, for sure.

Since req_reset emulates a client side return (fail) and since such a return (fail) leads to vcl_synth, then in order to follow the state machine as documented, we should end up in vcl_synth.

Also: what about 400 ?

Is this ad-hoc core code handling or acting like a return (fail)?

If we want this, I think we need a new vcl_${bikeshed} which only have access to the session info (ie: IP#, proxy info) and they we should call it on all "short" responses in the C code.

I think we can have both.

The point that was raised on our end was that an emulated failure should be emulated all the way to vcl_synth to ensure VCL gets a final call to register pieces of information to be picked up by varnishncsa for the request being reset. This is about the existing request state machine converging towards either vcl_synth or vcl_deliver, not about a new session state machine.

[nigoroll]

I think we can have both.

if we added, say, a vcl_fail, we should call that and that only for the "fast error" paths.