Hi,
HAProxy 2.2.1 was released on 2020/07/23. It added 29 new commits
after version 2.2.0.
This version addresses a small number of issues that were raised after the
release, a few of which are important enough to warrant an upgrade for all
2.2 users:
- two crashes that can happen in the scheduler when using threads and
resolvers, reported by Tim in issue 758. This is a regression that I
introduced late in the development cycle while trying to address
scheduling issues. It only affects multi-threaded tasks (seems to be
resolvers only) whose timeout can be updated based on new activity.
- the do-resolve action was not thread-safe (issue #236) and would
instantly segfault under load. In addition it was also able to leak
memory even when not using threads (issue #222). These ones were
already reported a year ago and affect 2.0 and possibly even as far
as 1.7.
- actions, sample-fetches, converters taking a single optional argument
would not accept to be called with empty parenthesis anymore, as Luke
reported in issue #763. This was a 2.2 regression coming as a side
effect of the rewrite of the arg parser to support commas and quotes.
The problem is that it doesn't cause an error, it sees an empty
argument of the same type as the optional one, so an integer would be
zero, a string would be empty, etc. It can possibly cause non-obvious
issues depending on the use cases.
- a bug in the way the channel code deals with shutdowns, causing endless
loops in Lua when peeking data from a channel (issue #744). The bug
itself is not a regression, but it wouldn't trigger on older versions
for scheduling reasons.
- an end of stream signaling in HTX that causes MSG_MORE to be emitted
even on the final response from an FCGI server since 2.2 (issue #756).
The fix is not the prettiest we've done but it will be enough for the
time it takes to improve this area, and possibly backport something
better in the future.
- idle-connections: FastCGI and H2 connections marked "private" were
mistakenly added to the shared list of available ones when they ought
not to.
- a bug on HTTP/1 protocol upgrades in tunnel mode that broke WebSocket,
and also affects 2.1 post-2.1.7 (issue #737).
- target servers in ring buffers, and peers declared using the "server"
keyword were not resolved if using an FQDN (issue #759). These would
simply cause a silent connection error.
A few other bugs were already present in older versions:
- a small memory leak in fcgi-app that affects 2.1 and newer (issue #750).
- a missing memory barrier in thread-safe lists that manages to cause
crashes in the scheduler only on ARM Cortex A53 (and probably other
weakly ordered CPUs).
- logs: mixing "sampled" log servers with non-sampled ones would cause
the latter to lose logs due to an unexpected "static" variable retaining
this state during the config parsing.
- Ilya addressed an FD leak that could happen with state files containing
errors (issues #660 and #738). This was apparently introduced in 2.1.
The rest is less important. There remains one bug on Fcgi, by which haproxy
would mistakenly decode the query string while it shouldn't (issue #769, also
affects 2.1). This will be addressed shortly.
Overall, it's not that bad at all. There definitely are some scary ones,
but not that many. I hope we'll have a bit of rest to restart to work on
addressing certain issues at the root instead of just their visible effect,
but the current trend seems encouraging.
In the mean time, every user of 2.2.0 should really upgrade to 2.2.1 to fix
these ones. I think we'll soon emit another 2.1 given that quite some fixes
have been accumulating since 2.1.7.
Please find the usual URLs below :
Site index : http://www.haproxy.org/
Discourse : http://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Sources : http://www.haproxy.org/download/2.2/src/
Git repository : http://git.haproxy.org/git/haproxy-2.2.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy-2.2.git
Changelog : http://www.haproxy.org/download/2.2/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
---
Complete changelog :
Christopher Faulet (12):
BUG/MEDIUM: mux-h2: Don't add private connections in available connection
list
BUG/MEDIUM: mux-fcgi: Don't add private connections in available
connection list
BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel
mode
BUG/MINOR: mux-fcgi: Handle empty STDERR record
BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record
padding
BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty
FCGI_STDOUT
BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are
peeked
BUG/MAJOR: dns: Make the do-resolve action thread-safe
BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
MEDIUM: htx: Add a flag on a HTX message when no more data are expected
BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are
expected
BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
Emeric Brun (2):
BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
Harris Kaufmann (1):
BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
Ilya Shipitsin (1):
BUG/MEDIUM: server: resolve state file handle leak on reload
Lukas Tribus (1):
DOC: ssl: req_ssl_sni needs implicit TLS
Tim Duesterhus (2):
BUG/MINOR: sample: Free str.area in smp_check_const_bool
BUG/MINOR: sample: Free str.area in smp_check_const_meth
Willy Tarreau (10):
BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
CONTRIB: da: fix memory leak in dummy function da_atlas_open()
BUG/MEDIUM: server: fix possibly uninitialized state file on close
BUILD: config: address build warning on raspbian+rpi4
BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
BUILD: config: fix again bugs gcc warnings on calloc
BUG/MEDIUM: arg: empty args list must be dropped
BUG/MAJOR: tasks: don't requeue global tasks into the local queue
BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
---
