Hi,

HAProxy 1.9.8 was released on 2019/05/13. It added 53 new commits
after version 1.9.7.

The most important bugs fall into 3 main categories here :
  - a possible crash in multi-threads when issuing "show map" or
    "show acl" on the CLI in parallel to "clear map" or "clear acl" on
    another CLI session ;

  - an incorrect handling in H2 of the HTX end-of-message mark after
    the response trailers which can lead to an endless loop between
    the caller seeing there's still something to send and the callee
    seeing it cannot send this block alone. This one gave a few of us
    some difficulties and helped us see how we can improve HTX for
    future versions by making certain cases more straightforward.
    Thanks to Patrick Hemmer for providing backtraces exhibiting the
    issue.

  - multiple incorrect list handling in the H2 mux resulting in endless
    loops for some users with large objects. The assumptions that once
    were granted in this code evolved several times during 1.9-dev and
    have led to situations where the presence of an element in the send
    list was not guarded anymore by some previous conditions. Multiple
    iterations of fixes were only pushing the problem forward to the
    next point. Now that these issues were addressed, we've figured how
    certain parts can be simplified to significantly reduce the
    probability that similar issues appear in the future. We owe a big
    thanks to Maciej Zdeb for testing countless patches and reporting
    detailed traces, and even core dumps.

There were some other annoying issues among which :
  - occasionally a 100% CPU condition (but traffic not interrupted) on
    certain fragmented H2 HEADER frames. Thanks go to Yves Lafon for
    providing cores and traces.

  - missing locks on source port ranges occasionally causing connections
    running on different threads to pick the same outgoing source port,
    resulting in connection failures.

  - a missing lock on the server slowstart code causing deadlocks on the
    roundrobin algorithm when using threads and slowstart.

The rest is either a bit less important or became confuse to me after
having dealt with the ones above, to be honest.

I'm quite confident this one works way better than previous ones, and at
the same time that someone will soon raise their hand saying "I think I
have a problem". Having said that, with 305 bugs fixed since 1.9.0 was
released, you have no valid reason for still using an earlier release
now that this one is available.

I would generally like to thank all the early adopters who are running
on 1.9, because they are the ones going through all the problems above
and taking the risks for others, and thanks to them we can expect a much
calmer 2.0. So please continue to report any issue you'll meet!

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : http://www.haproxy.org/download/1.9/src/
   Git repository   : http://git.haproxy.org/git/haproxy-1.9.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-1.9.git
   Changelog        : http://www.haproxy.org/download/1.9/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Willy
---
Complete changelog :
Chris Packham (1):
      BUILD: threads: Add __ha_cas_dw fallback for single threaded builds

Christopher Faulet (13):
      BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per 
request
      MINOR: spoe: Use the sample context to pass frag_ctx info during encoding
      MINOR: examples: Use right locale for the last changelog date in 
haproxy.spec
      BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is 
handled
      MINOR: config: Test validity of tune.maxaccept during the config parsing
      CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
      BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
      BUG/MINOR: mux-h1: Fix the parsing of trailers
      BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks()
      MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX 
message
      BUG/MINOR: stream: Attach the read side on the response as soon as 
possible
      BUG/MEDIUM: http: Use pointer to the begining of input to parse message 
headers
      MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are 
checked

Dragan Dosen (4):
      BUG/MINOR: haproxy: fix rule->file memory leak
      BUG/MINOR: log: properly free memory on logformat parse error and deinit()
      BUG/MINOR: checks: free memory allocated for tasklets
      BUG/MEDIUM: pattern: fix memory leak in regex pattern functions

Ilya Shipitsin (1):
      BUG/MEDIUM: servers: fix typo "src" instead of "srv"

Kevin Zhu (1):
      BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed

Olivier Houchard (11):
      MINOR: threads: Implement HA_ATOMIC_LOAD().
      BUG/MEDIUM: port_range: Make the ring buffer lock-free.
      BUG/MEDIUM: channels: Don't forget to reset output in channel_erase().
      BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown.
      BUG/MEDIUM: ssl: Use the early_data API the right way.
      BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected.
      BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
      MINOR: doc: Document allow-0rtt on the server line.
      BUG/MEDIUM: h2: Revamp the way send subscriptions works.
      BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach().
      BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list.

Rob Allen (1):
      BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload

Tim Duesterhus (2):
      DOC: Fix typo in keyword matrix
      BUG/MINOR: vars: Fix memory leak in vars_check_arg

Willy Tarreau (17):
      BUG/MEDIUM: mux-h2: properly deal with too large headers frames
      BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
      BUG/MEDIUM: checks: make sure the warmup task takes the server lock
      CLEANUP: task: report calls as unsigned in show sess
      BUG/MINOR: activity: always initialize the profiling variable
      MINOR: connection: make the debugging helper functions safer
      BUG/MINOR: logs/threads: properly split the log area upon startup
      BUG/MINOR: mux-h2: rely on trailers output not input to turn them to 
empty data
      BUG/MEDIUM: h2/htx: always fail on too large trailers
      MEDIUM: mux-h2: discard contents that are to be sent after a shutdown
      BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers
      BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block
      BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend
      BUILD: ssl: fix again a libressl build failure after the openssl FD leak 
fix
      BUILD: threads: fix again the __ha_cas_dw() definition
      BUG/MAJOR: mux-h2: do not add a stream twice to the send list
      BUG/MINOR: htx: make sure to always initialize the HTTP method when 
parsing a buffer

Yann C├ęzard (2):
      DOC: contrib/modsecurity: Typos and fix the reject example
      BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to 
strdup it

---

Reply via email to