Hi, HAProxy 3.1-dev12 was released on 2024/11/08. It added 41 new commits after version 3.1-dev11.
Yes, I'm late again, I didn't see the week pass. Things are getting calm, it's very encouraging. If this remains like this a few more weeks, we'll have no problem releasing by the end of the month. Few bugs were fixed, a counter overflowing in the Prometheus exporter when dealing with extra counters, a case of possibly truncated responses in H2 when using super short keep-alive timeouts, a bug in ACK handling on closed streams in QUIC, a failure to parse QUIC crypto fragmented packets, and to correctly generate probing packets, and a thread-unsafe GUID deletion with "delete server". Some build issues were also addressed (e.g. TCC builds again). A new pair of global settings was added to change startup/runtime process priorities: "tune.renice.startup" and "tune.renice.runtime". These can be convenient when dealing with huge configs that eat a lot of CPU on reload for example. The fc_err/bc_err sample fetch functions learned new error codes for events affecting traffic; till now the codes were indeed only set during the setup phase of the connection and handshakes. This allows to know better why an "SD" termination code appears (e.g. ECONNRESET vs pure shutdown). And in order to use more intelligible statuses without having to turn to the long err_str format, a pair of new intermediary functions "fc_err_name" and "bc_err_name" was added, to return only the short name (basically just the internal enum suffix such as ENOBUFS or SSL_CA_FAIL). We count on these to help sort out some of the long-living issues that are reported once in a while. The watchdog was improved. We figured that it was a bit sad that users face it for the first time without having been warned upfront. So now the watchdog is able to emit warnings with the suspicious thread's backtrace before killing. In order to make that effective, it has been set by default to 100ms. The value was be increased to 1s to disable it, or lowered down to 1ms. Be reassured, even at one ms on my laptop with various configs, I never managed to trigger it. But I suspect that some heavy configs (e.g. some using heavy map_regm() or some Lua parsing loops in sample fetch functions) could. Anyway the purpose is to warn long before it becomes a problem. I'd encourage you to even lower the value to detect anomalies (since this means traffic is not processed when it happens). If you notice any warning at 100ms, please let me know so that we either figure what to fix, or decide to raise it for the time it will take to address the problem. The rest is a few optimizations, changes that will not be much visible to most users, code cleanups, and doc updates. Regarding pending issues, all those I'm aware of also affect older versions, so they're not a reason for not releasing. However we still have more freedom in the way to fix them once they're understood. There's essentially this 502/SH thing floating around that we hope to understand with bc_err_name and friends, there's a possible race between "delete server" and "show stat" that Amaury has almost finished fixing, and a few other ones I don't have in mind right now. Last point, this morning with William we had a discussion about the work done for the new and cleaner master-worker model, which revealed how fragile the "program" section is, and given its lack of popularity, some of its limitations, and the amount of hacks that would be required to address them, we're considering deprecating it in 3.1 and removing it in 3.3. A subsequent patch will follow to emit a deprecation warning, but if you have a compelling use case for it that cannot be argumented against, it's not too late to postpone / cancel the deprecation. Thus in short, if you really _need_ to keep the "program" section, please voice in now. As a reminder next week I'm at the HTTP workshop so either someone else will emit dev13 or I'll do it on Friday (or the week-end). I've seen a revisit of many low hanging fruits in issues and that's nice, it allows to clean the code base without creating new risks. Please keep testing, that helps! Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/3.1/src/ Git repository : https://git.haproxy.org/git/haproxy.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy.git Changelog : https://www.haproxy.org/download/3.1/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages Willy --- Complete changelog : Amaury Denoyelle (8): MINOR: quic: simplify qc_parse_pkt_frms() return path MINOR: quic: use dynamically allocated frame on parsing MINOR: quic: extend return value of CRYPTO parsing BUG/MINOR: quic: repeat packet parsing to deal with fragmented CRYPTO BUG/MEDIUM: quic: do not consider ACK on released stream as error CLEANUP: guid: remove global tree export BUG/MINOR: guid/server: ensure thread-safety on GUID insert/delete BUG/MEDIUM: quic: prevent crash due to CRYPTO parsing error Aurelien DARRAGON (5): MINOR: http: don't %-encode the payload when not relevant MINOR: event_hdl: add event_hdl_sub_list_empty() helper func MINOR: pattern: add _pat_ref_new() helper func OPTIM: pattern: use malloc() to initialize new pat_ref struct MINOR: pattern: add pat_ref_free() helper func Christopher Faulet (4): BUG/MEDIUM: promex: Fix dump of extra counters CLEANUP: quic: Remove the useless directive "tune.quic.backend.max-idle-timeou" MINOR: listener: Remove useless checks on the receiver protocol existence MINOR: http-conv: Remove unreachable goto statement in sample_conv_q_preferred Frederic Lecaille (2): MINOR: quic: Help diagnosing malformed probing packets BUG/MINOR: quic: fix malformed probing packet building Valentine Krasnobaeva (1): BUG/MINOR: mworker: do 'program' postparser checks in read_cfg_in_discovery_mode William Lallemand (3): MINOR: startup: tune.renice.{startup,runtime} allow to change priorities EXAMPLES: add "traces.cfg" with traces examples DOC: management: explain the change of behavior of the program section Willy Tarreau (18): BUILD: import/mt_list: support building with TCC BUILD: compiler: define __builtin_prefetch() for tcc DOC: config: document connection error 44 (reverse connect failure) CLEANUP: connection: properly name the CO_ER_SSL_FATAL enum entry DEBUG: cli: support closing "hard" using close() in addition to fd_delete() MINOR: connection: add more connection error codes to cover common errno MINOR: rawsock: set connection error codes when returning from recv/send/splice MINOR: connection: add new sample fetch functions fc_err_name and bc_err_name CLEANUP: stats: fix misleading comment on top of stat_idx_info MINOR: wdt: move the local timers to a struct MINOR: debug: add a function to dump a stuck thread DEBUG: wdt: better detect apparently locked up threads and warn about them DEBUG: cli: make it possible for "debug dev loop" to trigger warnings DEBUG: wdt: make the blocked traffic warning delay configurable DEBUG: wdt: add a stats counter "BlockedTrafficWarnings" in show info DEBUG: wdt: set the default blocked task delay to 100 ms MINOR: debug: move the "recover now" warn message after the optional notes BUG/MEDIUM: mux-h2: try to wait for the peer to read the GOAWAY ---