Hi,
HAProxy 1.9.8 was released on 2019/05/13. It added 53 new commits
after version 1.9.7.
The most important bugs fall into 3 main categories here :
- a possible crash in multi-threads when issuing "show map" or
"show acl" on the CLI in parallel to "clear map" or "clear acl" on
another CLI session ;
- an incorrect handling in H2 of the HTX end-of-message mark after
the response trailers which can lead to an endless loop between
the caller seeing there's still something to send and the callee
seeing it cannot send this block alone. This one gave a few of us
some difficulties and helped us see how we can improve HTX for
future versions by making certain cases more straightforward.
Thanks to Patrick Hemmer for providing backtraces exhibiting the
issue.
- multiple incorrect list handling in the H2 mux resulting in endless
loops for some users with large objects. The assumptions that once
were granted in this code evolved several times during 1.9-dev and
have led to situations where the presence of an element in the send
list was not guarded anymore by some previous conditions. Multiple
iterations of fixes were only pushing the problem forward to the
next point. Now that these issues were addressed, we've figured how
certain parts can be simplified to significantly reduce the
probability that similar issues appear in the future. We owe a big
thanks to Maciej Zdeb for testing countless patches and reporting
detailed traces, and even core dumps.
There were some other annoying issues among which :
- occasionally a 100% CPU condition (but traffic not interrupted) on
certain fragmented H2 HEADER frames. Thanks go to Yves Lafon for
providing cores and traces.
- missing locks on source port ranges occasionally causing connections
running on different threads to pick the same outgoing source port,
resulting in connection failures.
- a missing lock on the server slowstart code causing deadlocks on the
roundrobin algorithm when using threads and slowstart.
The rest is either a bit less important or became confuse to me after
having dealt with the ones above, to be honest.
I'm quite confident this one works way better than previous ones, and at
the same time that someone will soon raise their hand saying "I think I
have a problem". Having said that, with 305 bugs fixed since 1.9.0 was
released, you have no valid reason for still using an earlier release
now that this one is available.
I would generally like to thank all the early adopters who are running
on 1.9, because they are the ones going through all the problems above
and taking the risks for others, and thanks to them we can expect a much
calmer 2.0. So please continue to report any issue you'll meet!
Please find the usual URLs below :
Site index : http://www.haproxy.org/
Discourse : http://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Sources : http://www.haproxy.org/download/1.9/src/
Git repository : http://git.haproxy.org/git/haproxy-1.9.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy-1.9.git
Changelog : http://www.haproxy.org/download/1.9/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
---
Complete changelog :
Chris Packham (1):
BUILD: threads: Add __ha_cas_dw fallback for single threaded builds
Christopher Faulet (13):
BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per
request
MINOR: spoe: Use the sample context to pass frag_ctx info during encoding
MINOR: examples: Use right locale for the last changelog date in
haproxy.spec
BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is
handled
MINOR: config: Test validity of tune.maxaccept during the config parsing
CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
BUG/MINOR: mux-h1: Fix the parsing of trailers
BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks()
MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX
message
BUG/MINOR: stream: Attach the read side on the response as soon as
possible
BUG/MEDIUM: http: Use pointer to the begining of input to parse message
headers
MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are
checked
Dragan Dosen (4):
BUG/MINOR: haproxy: fix rule->file memory leak
BUG/MINOR: log: properly free memory on logformat parse error and deinit()
BUG/MINOR: checks: free memory allocated for tasklets
BUG/MEDIUM: pattern: fix memory leak in regex pattern functions
Ilya Shipitsin (1):
BUG/MEDIUM: servers: fix typo "src" instead of "srv"
Kevin Zhu (1):
BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed
Olivier Houchard (11):
MINOR: threads: Implement HA_ATOMIC_LOAD().
BUG/MEDIUM: port_range: Make the ring buffer lock-free.
BUG/MEDIUM: channels: Don't forget to reset output in channel_erase().
BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown.
BUG/MEDIUM: ssl: Use the early_data API the right way.
BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected.
BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
MINOR: doc: Document allow-0rtt on the server line.
BUG/MEDIUM: h2: Revamp the way send subscriptions works.
BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach().
BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list.
Rob Allen (1):
BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload
Tim Duesterhus (2):
DOC: Fix typo in keyword matrix
BUG/MINOR: vars: Fix memory leak in vars_check_arg
Willy Tarreau (17):
BUG/MEDIUM: mux-h2: properly deal with too large headers frames
BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
BUG/MEDIUM: checks: make sure the warmup task takes the server lock
CLEANUP: task: report calls as unsigned in show sess
BUG/MINOR: activity: always initialize the profiling variable
MINOR: connection: make the debugging helper functions safer
BUG/MINOR: logs/threads: properly split the log area upon startup
BUG/MINOR: mux-h2: rely on trailers output not input to turn them to
empty data
BUG/MEDIUM: h2/htx: always fail on too large trailers
MEDIUM: mux-h2: discard contents that are to be sent after a shutdown
BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers
BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block
BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend
BUILD: ssl: fix again a libressl build failure after the openssl FD leak
fix
BUILD: threads: fix again the __ha_cas_dw() definition
BUG/MAJOR: mux-h2: do not add a stream twice to the send list
BUG/MINOR: htx: make sure to always initialize the HTTP method when
parsing a buffer
Yann Cézard (2):
DOC: contrib/modsecurity: Typos and fix the reject example
BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to
strdup it
---
