fix(deps): pin mio after lockfile drift

[PeaBrane]

Preserve the existing main-branch Axum / hyper compatibility pins and add only mio = 1.1.1 on top.

Static review of the passing-to-hanging lockfile boundary showed the meaningful drift was mio 1.1.1 -> 1.2.0 and hyper 1.8.1 -> 1.9.0, but only mio changed listener behavior in a way that matches the failure. In mio 1.2.0, Linux TcpListener::bind moved from backlog -1 / kernel-max behavior to a hardcoded backlog 128. Tokio's TcpListener::bind delegates to that path, and Dynamo uses Tokio listener binds for both the frontend HTTP listener and the internal TCP callback servers.

At 4096 concurrency, that backlog change is a plausible explanation for the accept-queue pressure, Connection reset by peer panics, and stranded tail requests seen after the lockfile refresh. This PR keeps the existing hyper / hyper-util pins from main, pins only mio = 1.1.1, and keeps all workspace lockfiles in sync so cargo metadata --locked stays green.

[coderabbitai]

Walkthrough

Four network-related dependency crates (hyper, hyper-util, mio, and socket2) were added to the Python bindings Cargo.toml with pinned versions. No other Cargo configurations, feature flags, or public API signatures were modified.

Changes

Cohort / File(s)	Summary
Python Bindings Dependencies lib/bindings/python/Cargo.toml	Added four pinned network dependencies: hyper (1.8.1), hyper-util (0.1.17), mio (1.1.1), and socket2 (0.5.8) to the dependencies list.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The PR description provides detailed technical context about the dependency pins, specific version changes (mio 1.1.1 vs 1.2.0, hyper 1.8.1 vs 1.9.0), and the rationale for the changes, but does not follow the repository's required template structure with Overview, Details, Where should the reviewer start, and Related Issues sections.	Restructure the description to follow the template: add an Overview section, move technical details into Details, specify which files to review, and clearly indicate any related GitHub issues using action keywords (Closes/Fixes/Resolves).

✅ Passed checks (2 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title mentions pinning mio and addressing lockfile drift, which aligns with the core objective of pinning HTTP/runtime stack dependencies after a lockfile refresh.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@lib/bindings/python/Cargo.toml`:
- Around line 40-43: The direct pins for hyper and hyper-util are fine but
transitive dependencies still pull newer mio and socket2, so add explicit
overrides in Cargo.toml to force a single version for the transitive crates:
create a [patch.crates-io] section and pin mio = "=1.1.1" and socket2 = "=0.5.8"
(matching your rollback targets) so all crates resolve to those versions, then
run cargo update --package mio --precise 1.1.1 and cargo update --package
socket2 --precise 0.5.8 (or regenerate the lockfile) to ensure the lockfile
reflects the forced versions.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 247232e0-f7d5-49e6-a3ee-b13c78dc0845

📥 Commits

Reviewing files that changed from the base of the PR and between 7f8e88f and ab33b7f.

⛔ Files ignored due to path filters (1)

• lib/bindings/python/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• lib/bindings/python/Cargo.toml

[YAMY1234]

Thanks for the fix! I just tested this on our repro setup and it fully resolves the hang.

Setup: Qwen3.5-397B-A17B-FP8, aggregated DEP4 (TP4 EP4 DP4), 1 GB200 node (4 GPUs), lmsysorg/sglang:dev-0409, SA-Bench isl=1000, osl=1, concurrency=4096, req_rate=inf.

Results

Test	Warmup	Formal	Panics	Result
Before fix (commit 6082ece)	✅ 52,115 tok/s	❌ Hang at 12183/12288 (105 active)	3	HANG
With PR #8080 (89767db)	✅ 52,865 tok/s	✅ 57,083 tok/s	0	PASS

[biswapanda]

lgtm