Hi,

HAProxy 3.1.1 was released on 2024/12/11. It added 42 new commits
after version 3.1.0.

Almost all of these are fixes for the 3.1 branch, in the following areas:

- startup: despite rigorous testing on the startup changes and almost 2
  months in prod, a few side effects were found and reported. The most
  visible one was that -c which checks the config, didn't prevent the
  process from forking when in daemon mode. The implication is that the
  config could be reported as valid even when not because the process
  started, forked a child which parsed the config, then immediately exited.
  And similarly, working in daemon mode would not wait for the child to
  confirm (or deny) the validity of the config. That's more visible with
  large or slow configs with warnings or errors, that would print the
  warnings or errors after the shell's prompt. The problem here is that
  the daemon would also report a success for faulty setups. Also, when
  starting in foreground, it was visible that Ctrl-C wouldn't always be
  delivered to the process depending on the shell/OS this was started
  from, with "^C" being printed instead (due to SIGINT being disabled
  by the shell and HAProxy systematically doing a setsid() instead of
  reserving it to daemon mode). Finally, "-c" would have the nasty side
  effect of overriding the pidfile if it was defined. All of this has
  been fixed, now both the checker or the daemon correctly wait for their
  child's report, Ctrl-C is working fine again, and -c doesn't touch the
  pidfile anymore. This alone is a good reason for updating.

- QUIC: some cases of streams freezing in the send path when pacing is
  enabled were addressed. One of them could theoretically even crash,
  though this was not reproduced. Some alerts on old systems not
  supporting UDO GSO or socket-owner were removed since that's only a
  status that the user cannot do anything about, and it doesn't prevent
  from starting up. A calculation bug was addressed in BBR.

- analysers: a rare circumstances, L7 retries could cause a crash because
  the request was dropped before the retry took effect.

- H2: the changes to support a larger Rx window for faster uploads
  required a change in how the stream position is counted. But applying
  these changes to (read-only) closed streams definitely causes crashes.
  The timing seems very tight since we never got any single one on
  haproxy.org for a few months of exposure.

- core: the issue we've been chasing for 2 months now was in fact a reply
  of the same we've worked on for 4 months 18 months ago, and only happens
  on Ubuntu kernels 5.4 and 5.15, where for a totally unknown reason,
  epoll_wait() may occasionally report an error during a pending connect(),
  but once it finishes in success, everything works, except that this
  error is reported as a server error (which it technically is as seen
  from the code). We've put in place a detection and workaround for this
  case which has already wasted 6 months of painful investigation in 2
  years. Note: that doens't mean that all 502 were caused by this, but the
  few for which we got strace outputs definitely were.

- dynamic servers: deleting a server that's currently about to be displayed
  in stats but interrupted leaves a dangling pointer in the stats dumper
  thread that most often will crash when it resumes dumping. The mechanism
  was changed for a more reliable (albeit a bit more complex) one.

- the accept-invalid-http-{request,response} would be ignored if declared
  before "mode http" due to another warning being emitted in this case.

- H1: an HTTP reason wouldn't automatically be set on an HTTP/1 response
  if none was present in the server's response (e.g. if coming from an H2
  server).

- H2: the glitches description was added so that "debug counters" doesn't
  only report cryptic line numbers anymore.

- Lua: deleting more than one server at once between two calls to the Lua
  interpreter could leave the list of servers in an inconsistent state.

- QUIC/BBR: timers were inaccurate on very fast links (e.g. loopback) due
  to a quick wraparound of nanosecond-based timers resulting in some
  incorrect calculations. The result was a low performance in this case.

And the support for 421-misdirected in "retry-on" was backported.

Lots of thanks to all those who were quick at reporting the issues they
faced. That was efficient since most of the affected areas are still
fresh in the developers' heads. Overall I'm pretty satisfied with the
low impact of the vast majority of these issues. In any case if you're
currently evaluating 3.1.0, please just skip to 3.1.1.

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/3.1/src/
   Git repository   : https://git.haproxy.org/git/haproxy-3.1.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy-3.1.git
   Changelog        : https://www.haproxy.org/download/3.1/src/CHANGELOG
   Dataplane API    : 
https://github.com/haproxytech/dataplaneapi/releases/latest
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages

Willy
---
Complete changelog :
Amaury Denoyelle (7):
      BUG/MEDIUM: quic: prevent stream freeze on pacing
      BUG/MEDIUM: mux-quic: remove pacing status when everything is sent
      BUG/MINOR: quic: remove startup alert if conn socket-owner unsupported
      BUG/MINOR: quic: remove startup alert if GSO unsupported
      BUG/MINOR: stats: decrement srv refcount on stats-file release
      MINOR: list: define a watcher type
      BUG/MEDIUM: stats/server: use watcher to track server during stats dump

Aurelien DARRAGON (4):
      BUG/MINOR: log: fix lf_text() behavior with empty string
      BUG/MEDIUM: event_hdl: fix uninitialized value in async mode when no data 
is provided
      DOC: config: fix confusing init-state examples
      BUG/MINOR: hlua_fcn: restore server pairs iterator pointer consistency

Christopher Faulet (7):
      BUG/MEDIUM: sock: Remove FD_POLL_HUP during connect() if FD_POLL_ERR is 
not set
      MINOR: proxy: Add support of 421-Misdirected-Request in retry-on status
      BUG/MEDIUM: http-ana: Reset request flag about data sent to perform a L7 
retry
      BUG/MINOR: h1-htx: Use default reason if not set when formatting the 
response
      BUG/MINOR: config: Fix parsing of accept-invalid-http-{request,response}
      BUG/MINOR: http-fetch: Ignore empty argument string for query()
      BUG/MINOR: server-state: Fix expiration date of srvrq_check tasks

Frederic Lecaille (3):
      BUG/MINOR: improve BBR throughput on very fast links
      BUILD: quic: fix a build error about an non initialized timestamp
      BUG/MINOR: quic: fix bbr_inflight() calls with wrong gain value

Ilia Shipitsin (3):
      BUG/MINOR: namespace: handle a possible strdup() failure
      BUG/MINOR: ssl_crtlist: handle a possible strdup() failure
      BUG/MINOR: resolvers: handle a possible strdup() failure

Valentine Krasnobaeva (9):
      BUG/MINOR: signal: register default handler for SIGINT in signal_init()
      BUG/MINOR: startup: close pidfd and free global.pidfile in 
handle_pidfile()
      BUG/MINOR: startup: fix pidfile creation
      BUG/MINOR: mworker: don't save program PIDs in oldpids
      BUG/MINOR: mworker: fix -D -W -sf/-st modes
      BUG/MINOR: startup: fix error path for master, if can't open pidfile
      BUG/MEDIUM: startup: don't daemonize if started with -c
      BUG/MEDIUM: startup: report status if daemonized process fails
      BUG/MEDIUM: mworker: report status, if daemonized master fails

Willy Tarreau (9):
      BUG/MEDIUM: init: make sure only daemonized processes change their session
      BUG/MINOR: init: do not call fork_poller() for non-forked processes
      BUG/MEDIUM: mux-h2: make sure not to touch dummy streams when sending WU
      BUG/MINOR: debug: COUNT_IF() should return true/false
      BUILD: debug: fix build issues in COUNT_IF() with -Wunused-value
      MINOR: mux-h2/traces: add a missing trace on negative initial window size
      CLEANUP: mux-h2/traces: reword certain ambiguous traces
      MINOR: mux-h2/glitches: add a description to the H2 glitches
      BUG/MINOR: mux-h2: fix expression when detecting excess of CONTINUATION 
frames

---


Reply via email to