This obviously does not work if server allows less than 2048 of window. But in practice, it is quite rare.

In some particular scenario, curl goes into busy loop. For example, initial window size is 65535 + 2048, and if server never send window update, curl goes into busy loop. Server that never send window update is kinda broken though.

I've removed the commit from this PR.

Is there a way to return NGHTTP2_ERR_DEFERRED or something else (PAUSE?) to avoid spinning and instead wait for an external event to re-wake/retry the stream, i.e. a WINDOW_UPDATE?

NGHTTP2_ERR_DEFERRED actually removes the stream from the tx queue. But curl calls nghttp2_session_resume_stream when data is available, which brings back the stream into the queue.

If I understand you correctly, you are suggesting that the places in curl lib/http2.c which call nghttp2_session_resume_data() could, if desired, check for window sizes above a certain threshold (low watermark) instead of the current behavior which checks for window sizes > 0.

No, I am not suggesting that. I just answered you question about the interaction between NGHTTP2_ERR_DEFERRED and nghttp2_session_resume_stream.

In nghttp2/nghttp2#1722, you said this was an application's problem, not the nghttp2 library. Is there any doc I could read about the recommended way to use libnghttp2 and have the application manage the HTTP/2 window sizes? lighttpd uses an HTTP/2 implementation that I wrote; lighttpd does not use libnghttp2. However, curl does use libnghttp2 and as I am not an expert on libnghttp2, and since libnghttp2 is not going to help applications avoid degenerative behaviors like the issue reported here, I am asking for guidance/examples on how an application such as curl should interact with libnghttp2 to manage window sizes.

I would prefer a define instead of the hard-coded number 1024 here. Then you can add a comment where the threshold is defined explaining the purpose of this value.

The buffer size is changeable in the API. Should the threshold perhaps rather be a share of that buffer size?

Ok. Where would you like the #define located? In the func? Above the func? In a header?

The purpose is to avoid less efficient tiny writes. The value is set to limit the size and overhead of shifting data at the end of the buffer to the beginning of the buffer. (The overhead of copying is low compared to inefficient writes to the network, but gets slightly more expensive as the buffer size increases and more data is copied.)

If you prefer a share of the buffer, then I propose 1/32 of the buffer size (upload_buffer_size >> 5). The reason I had chosen 1024 is that the HTTP/2 default max frame size is 16k. However, you rightly point out that this code is used by many different protocols, not just HTTP/2.

Just about any reasonable value should be better than the current behavior, so please choose something and let me know your preference.

modified to (data->set.upload_buffer_size >> 5) in the updated patch. Will change to whatever your preference.

I honestly think, that a plain and hard-coded 1024 does the job better. I only figured it's purpose out, after seeing this conversation and good code should explain itself.

@emilengler The block immediately following and a few lines below where offset is assigned states: /* only read more data if there's no upload data already present in the upload buffer, or if appending to upload buffer */. I agree that good code should explain itself, often without comments. At the same time, hard-coded magic numbers such as 1024 often do not add anything to clarity, which is why @bagder requested a better-named #define. I therefore disagree with your comment "1024 does the job better.". It does not do the job better. I am awaiting feedback from @bagder if he prefers #define foo 1024 or #define foo(data) ((data)->set.upload_buffer_size >> 5), and what 'foo' should be named and where the #define should be located in a .c or .h.

I created a #define curl_upload_refill_watermark(data)

This function is actually never called for HTTP when Hyper is used. The HTTP route is different then.

ok. will remove that along with next update with review feedback.

done

Can you elaborate on why these conditions should use a zero offset?

offset = 0 indicates "do not append": preserve existing behavior and falling through to send whatever remains in the buffer until the buffer is empty, and then read more.

k->p.http->postdata is NULL in the crash in test363. I do not understand why that is the case when k->p.http->sending == HTTPSEND_BODY

The other conditions are to avoid situations where it might not be safe to append. For example, the current chunk code writes a variable amount for the chunked header, and it adjusts k->upload_fromhere. Were we to modify the chunked code to write a fixed length header, then appending might be possible. I was not sure about the safety of appending with the trailer state, and it seemed prudent to me to restrict appending for HTTP to when sending k->p.http->sending == HTTPSEND_BODY. I am happy to be corrected on any of this.

ok, I figured out that the reason test363 was crashing was that the POST body had already been queued, and k->upload_done would be set after the existing k->upload_present was sent. I have adjusted the conditions and forced-pushed an update to this PR.

If I adjust the code writing chunked header to use a fixed size, I could make this patch work when k->upload_chunky is set. Would you like me to add a patch to do that? Using a fixed size might send up to 8 excess bytes in the chunked header for each chunk sent.

For your review, I pushed an additional commit which uses a fixed-size chunked header, so that appending to the buffer is safe for HTTP/1.1 chunked, too. I am not sure whether or not the additional bytes in the chunked header are a worthwhile tradeoff, and would lean toward not including this additional commit, but I'll leave that up to you.