Hi,

HAProxy 3.1-dev12 was released on 2024/11/08. It added 41 new commits
after version 3.1-dev11.

Yes, I'm late again, I didn't see the week pass.

Things are getting calm, it's very encouraging. If this remains like this
a few more weeks, we'll have no problem releasing by the end of the month.

Few bugs were fixed, a counter overflowing in the Prometheus exporter when
dealing with extra counters, a case of possibly truncated responses in H2
when using super short keep-alive timeouts, a bug in ACK handling on closed
streams in QUIC, a failure to parse QUIC crypto fragmented packets, and to
correctly generate probing packets, and a thread-unsafe GUID deletion with
"delete server". Some build issues were also addressed (e.g. TCC builds
again).

A new pair of global settings was added to change startup/runtime process
priorities: "tune.renice.startup" and "tune.renice.runtime". These can be
convenient when dealing with huge configs that eat a lot of CPU on reload
for example.

The fc_err/bc_err sample fetch functions learned new error codes for events
affecting traffic; till now the codes were indeed only set during the setup
phase of the connection and handshakes. This allows to know better why an
"SD" termination code appears (e.g. ECONNRESET vs pure shutdown). And in
order to use more intelligible statuses without having to turn to the long
err_str format, a pair of new intermediary functions "fc_err_name" and
"bc_err_name" was added, to return only the short name (basically just the
internal enum suffix such as ENOBUFS or SSL_CA_FAIL). We count on these to
help sort out some of the long-living issues that are reported once in a
while.

The watchdog was improved. We figured that it was a bit sad that users face
it for the first time without having been warned upfront. So now the
watchdog is able to emit warnings with the suspicious thread's backtrace
before killing. In order to make that effective, it has been set by default
to 100ms. The value was be increased to 1s to disable it, or lowered down
to 1ms. Be reassured, even at one ms on my laptop with various configs, I
never managed to trigger it. But I suspect that some heavy configs (e.g.
some using heavy map_regm() or some Lua parsing loops in sample fetch
functions) could. Anyway the purpose is to warn long before it becomes a
problem. I'd encourage you to even lower the value to detect anomalies
(since this means traffic is not processed when it happens). If you notice
any warning at 100ms, please let me know so that we either figure what to
fix, or decide to raise it for the time it will take to address the problem.

The rest is a few optimizations, changes that will not be much visible to
most users, code cleanups, and doc updates.

Regarding pending issues, all those I'm aware of also affect older
versions, so they're not a reason for not releasing. However we still have
more freedom in the way to fix them once they're understood. There's
essentially this 502/SH thing floating around that we hope to understand
with bc_err_name and friends, there's a possible race between "delete
server" and "show stat" that Amaury has almost finished fixing, and a few
other ones I don't have in mind right now.

Last point, this morning with William we had a discussion about the work
done for the new and cleaner master-worker model, which revealed how
fragile the "program" section is, and given its lack of popularity, some
of its limitations, and the amount of hacks that would be required to
address them, we're considering deprecating it in 3.1 and removing it in
3.3. A subsequent patch will follow to emit a deprecation warning, but if
you have a compelling use case for it that cannot be argumented against,
it's not too late to postpone / cancel the deprecation. Thus in short, if
you really _need_ to keep the "program" section, please voice in now.

As a reminder next week I'm at the HTTP workshop so either someone else
will emit dev13 or I'll do it on Friday (or the week-end).

I've seen a revisit of many low hanging fruits in issues and that's nice,
it allows to clean the code base without creating new risks. Please keep
testing, that helps!

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/3.1/src/
   Git repository   : https://git.haproxy.org/git/haproxy.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy.git
   Changelog        : https://www.haproxy.org/download/3.1/src/CHANGELOG
   Dataplane API    : 
https://github.com/haproxytech/dataplaneapi/releases/latest
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages

Willy
---
Complete changelog :
Amaury Denoyelle (8):
      MINOR: quic: simplify qc_parse_pkt_frms() return path
      MINOR: quic: use dynamically allocated frame on parsing
      MINOR: quic: extend return value of CRYPTO parsing
      BUG/MINOR: quic: repeat packet parsing to deal with fragmented CRYPTO
      BUG/MEDIUM: quic: do not consider ACK on released stream as error
      CLEANUP: guid: remove global tree export
      BUG/MINOR: guid/server: ensure thread-safety on GUID insert/delete
      BUG/MEDIUM: quic: prevent crash due to CRYPTO parsing error

Aurelien DARRAGON (5):
      MINOR: http: don't %-encode the payload when not relevant
      MINOR: event_hdl: add event_hdl_sub_list_empty() helper func
      MINOR: pattern: add _pat_ref_new() helper func
      OPTIM: pattern: use malloc() to initialize new pat_ref struct
      MINOR: pattern: add pat_ref_free() helper func

Christopher Faulet (4):
      BUG/MEDIUM: promex: Fix dump of extra counters
      CLEANUP: quic: Remove the useless directive 
"tune.quic.backend.max-idle-timeou"
      MINOR: listener: Remove useless checks on the receiver protocol existence
      MINOR: http-conv: Remove unreachable goto statement in 
sample_conv_q_preferred

Frederic Lecaille (2):
      MINOR: quic: Help diagnosing malformed probing packets
      BUG/MINOR: quic: fix malformed probing packet building

Valentine Krasnobaeva (1):
      BUG/MINOR: mworker: do 'program' postparser checks in 
read_cfg_in_discovery_mode

William Lallemand (3):
      MINOR: startup: tune.renice.{startup,runtime} allow to change priorities
      EXAMPLES: add "traces.cfg" with traces examples
      DOC: management: explain the change of behavior of the program section

Willy Tarreau (18):
      BUILD: import/mt_list: support building with TCC
      BUILD: compiler: define __builtin_prefetch() for tcc
      DOC: config: document connection error 44 (reverse connect failure)
      CLEANUP: connection: properly name the CO_ER_SSL_FATAL enum entry
      DEBUG: cli: support closing "hard" using close() in addition to 
fd_delete()
      MINOR: connection: add more connection error codes to cover common errno
      MINOR: rawsock: set connection error codes when returning from 
recv/send/splice
      MINOR: connection: add new sample fetch functions fc_err_name and 
bc_err_name
      CLEANUP: stats: fix misleading comment on top of stat_idx_info
      MINOR: wdt: move the local timers to a struct
      MINOR: debug: add a function to dump a stuck thread
      DEBUG: wdt: better detect apparently locked up threads and warn about them
      DEBUG: cli: make it possible for "debug dev loop" to trigger warnings
      DEBUG: wdt: make the blocked traffic warning delay configurable
      DEBUG: wdt: add a stats counter "BlockedTrafficWarnings" in show info
      DEBUG: wdt: set the default blocked task delay to 100 ms
      MINOR: debug: move the "recover now" warn message after the optional notes
      BUG/MEDIUM: mux-h2: try to wait for the peer to read the GOAWAY

---


Reply via email to