Incoming STOP_SENDING on bidi streams may cause opposite-direction application data to be discarded

[dtikhonov]

Observed while implementing and testing WebTransport session close, but the issue appears broader than WebTransport.

Problem:

• When a peer receives STOP_SENDING on a bidirectional stream, lsquic appears to tear down stream state aggressively enough that subsequently arriving application data on the opposite direction may no longer be delivered to user code.
• In our WT case, this means a peer can receive STOP_SENDING for the CONNECT stream before the WT_CLOSE_SESSION capsule bytes are processed, so the close capsule is never surfaced to the application.

Why this matters beyond WT:

• The same pattern can happen in HTTP/3. Example: client uploads a large POST body; server decides it is too large, sends a response (e.g. 413 with response body), and also sends STOP_SENDING to stop the upload. If the client discards incoming response data because STOP_SENDING was processed first, that is incorrect for a bidi request/response stream.

Spec context:

• QUIC STOP_SENDING is directional: it asks the peer to stop transmitting on that stream and send RESET_STREAM.
• It should not by itself imply that already-received or subsequently-arriving data in the opposite direction becomes irrelevant for the application on a bidirectional stream.

Concrete WT manifestation:

• Client sends WT_CLOSE_SESSION capsule on the CONNECT stream and then STOP_SENDING WT_SESSION_GONE.
• Server processes STOP_SENDING first and resets/closes the CONNECT stream before the capsule bytes are delivered to WT capsule handling.
• Result: session closes with code 0 / empty reason instead of the application-provided close reason.

Suggested investigation:

• Audit how incoming STOP_SENDING is handled for bidi streams.
• Verify whether stream teardown on received STOP_SENDING is collapsing both directions too early.
• Add a regression test around a bidi stream where one side sends STOP_SENDING while the other direction still carries meaningful response/application data.

This is likely a stream-layer behavioral issue rather than something specific to WebTransport.

[tonicocean]

As "WebTransport" and "RESET_STREAM" were mentioned in the briefing above.

Is this (in part) related to the RFC-specified WebTransport requirement for supporting the "RESET_STREAM_AT" frame as part of session establishment and actual "reset" of streams?

References...
https://datatracker.ietf.org/doc/draft-ietf-webtrans-http3/ (section 4.4)
https://datatracker.ietf.org/doc/html/draft-ietf-quic-reliable-stream-reset

Sidenote: I'm currently exploring lsquic for webtransport server-side (at the moment successfully connecting with latest Firefox, Chrome, Opera browser javascript clients, but failed connect with Safari (V25.4, unsure if Apple refuse due to lack of receiving empty RESET_STREAM_AT frame)
BR Peter

[dtikhonov]

Hi @tonicocean,

We are getting WebTransport support ready in #629.

I am, in turn, curious about your WT support. You said that you developed lsquic-based WT solution? I'd love to see it.

[tonicocean]

Thanks for prompt feedback. Looking forward to #629. As a hobby-project trying to build a neat web-based "client-server" application based on asynchronous transfer of json data records using parallel dedicated webtransport streams for commands, data (records) and events/signals (inspiration from good old protocols such as ftp and imap). The application server is c-based with lsquic as "engine" currently running on FreeBSD (kqueue for event-loop). Trying to keep away from bloated application frameworks. Vanilla javascript on client side and the unix operating system, open litespeed, lsquic, a json parser, boringssl and c23 as the server counterpart. Still some work remaining to resolve persistant storage. Thanks for sharing your excellent LSQUIC.
Best Regards, Peter (Linköping, Sweden)