Hi, HAProxy 3.1.2 was released on 2025/01/08. It added 56 new commits after version 3.1.1.
As usual, several bugs were fixed by this released. On QUIC side, the BBR implementation was improved by fixing some minor issues. It is not surprising. BBR was added at the end of the 3.1 development cycle. So some changes were expected. Some issues related to the pacing were also fixed. The part was refactored and improved to be able to remove specific code path to deal with pacing. An issue was raised with Lua by which a boolean sample expression returning a boolean would be converted to an integer in Lua instead of a boolean. This seems to result from a very early copy-paste between integer and boolean handling. In order to address this without breaking scripts and ease the transition, a new global option was added to choose between the legacy and correct behavior: "tune.lua.bool-sample-conversion". When the option is not set and the situation is detected, a warning will be issued to explain how to choose between both behaviors, and the default is not changed. This change was backported to 3.1 in order to catch such issues as early as possible and let the rare users check their scripts accordingly and/or choose the option that suits them best. Recent changes on the H2 multiplexer to be able to allocate several RX buffers per streams introduced a bug when data are received. When data was copied from RX buffers to the channel buffer, more data than expected could be moved because amount of data copied was never decremented from the limit. This could lead to a stream dead lock when the compression filter was used. This was fixed. In addition, when the reverse HTTP was used, invalid value could be reported for the counters tracking the current and the total numbers of HTTP/2 connections. First the increment was not performed on the expected side. Then integer overflows could be experienced because the decrement was also performed on the wrong side. To fix the issue, the increment operations are now delayed on reverse HTTP. Both counters are updated only after the reverse has completed. Crashes (or undefined behaviors) with the Prometheus exporter could be experienced when resolvers metrics were dumped. The issue was observed when a "resolvers" section was defined without any nameserver. To fix the issue, we now take care to skip these sections when resolvers metrics are dumped. Crashes were also reported when "show schema json" command was issued. The issue was introduced in 3.0-dev8 when the stats were refactored to be preserved between reloads. The command context was not properly initialised. It is now fixed. Most of remaining issues with the queues management were fixed. The dequeuing process is now called when a stream is closed. This should unsure no stream remains infinitely blocked in the queue and prevent any infinite loop in some extreme cases. It was also possible to exceed the configured maxconn when a server was brought back up. It appears that only the proxy queue was evaluated at this stage while the server queue must also be processed. Note that the issue it not totally fixed in 3.1. We can occasionally see a few more connections than maxconn, but the max that have been observed is 4 more connections, we no longer get multiple times maxconn. This was improved in the 3.2 to strickly respect the maxconn value. A crash because of a BUG_ON() could be experienced because a stream task could be queued in the past. Conditions to trigger the issue are quite hard to meet. A buffer allocation must have failed while an analysis timer is set. In that case, if an I/O event is received, the stream task could be queued in past because an expired analysis timer is used. It appeared that only I/O timers (read and write timeout) must be considered when an I/O event is handled. Only the stream is responsible to consider analysis timers. The CLI was skipping the '\r' at the end of all lines, even in command payloads. It was not expected. It should only be performed on the command line. The issue was observed when setting certificates containing CRLFs via the CLI. The do-log action parsing contained a bug that prevented the use of if/unless conditional statements. The parsing of errorfile and errorloc was improved to properly alert about unexpected extra arguments. As a last minute fix, responses to HEAD requests with a "transfer-encoding" header are now properly parsed. An regression was introduced in 2.9. the H1 parser was waiting for a message body for such responses, because of the "transfer-encoding" header, while it should instead consider the response as fully received. Finally the documentation was improved: An exemple for server "track" keyword was added, the "trask-sc0" action was missing from the action keywords matrix, "tune.lua.*" keywords were not correctly ordered. Thanks everyone for your help ! Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/3.1/src/ Git repository : https://git.haproxy.org/git/haproxy-3.1.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-3.1.git Changelog : https://www.haproxy.org/download/3.1/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages --- Complete changelog : Amaury Denoyelle (23): BUG/MEDIUM: mux-quic: do not mix qcc_io_send() return codes with pacing CLEANUP: mux-quic: remove unused qcc member send_retry_list MINOR: quic: add traces MINOR: mux-quic: refactor wait-for-handshake support MEDIUM/OPTIM: mux-quic: define a recv_list for demux resumption MEDIUM/OPTIM: mux-quic: implement purg_list MINOR: mux-quic: extract code to build STREAM frames list MINOR: mux-quic: split STREAM and RS/SS emission MEDIUM/OPTIM: mux-quic: do not rebuild frms list on every send MEDIUM: mux-quic: remove pacing specific code on qcc_io_cb MINOR: trace: implement tracing disabling API MINOR: mux-quic: hide traces when woken up on pacing only BUG/MEDIUM: mux-quic: prevent BUG_ON() by refreshing frms on MAX_DATA CLEANUP: mux-quic: remove dead err label in qcc_build_frms() BUG/MINOR: h2/rhttp: fix HTTP2 conn counters on reverse BUG/MAJOR: mux-quic: fix BUG_ON on empty STREAM emission Revert "BUG/MAJOR: mux-quic: fix BUG_ON on empty STREAM emission" BUG/MAJOR: mux-quic: properly fix BUG_ON on empty STREAM emission BUG/MEDIUM: mux-quic: do not attach on already closed stream BUG/MINOR: mux-quic: fix wakeup on qcc_set_error() MINOR: mux-quic: add traces on sd attach MINOR: mux-quic: change return value of qcs_attach_sc() BUG/MINOR: mux-quic: handle closure of uni-stream Aurelien DARRAGON (8): DOC: config: add example for server "track" keyword DOC: config: reorder "tune.lua.*" keywords by alphabetical order DOC: config: add "tune.lua.burst-timeout" to the list of global parameters MINOR: hlua: add option to preserve bool type from smp to lua REGTESTS: fix lua-based regtests using tune.lua.smp-preserve-bool MINOR: hlua: rename "tune.lua.preserve-smp-bool" to "tune.lua.bool-sample-conversion" BUG/MINOR: stats: fix segfault caused by uninitialized value in "show schema json" DOC: config: add missing "track-sc0" in action keywords matrix Christopher Faulet (6): BUG/MEDIUM: stconn: Only consider I/O timers to update stream's expiration date BUG/MEDIUM: mux-h2: Count copied data when looping on RX bufs in h2_rcv_buf() BUG/MINOR: log: Allow to use if/unless conditionnals for do-log action MINOR: config: Alert about extra arguments for errorfile and errorloc BUG/MEDIUM: promex/resolvers: Don't dump metrics if no nameserver is defined BUG/MEDIUM: h1-htx: Properly handle bodyless messages Frederic Lecaille (13): MINOR: window_filter: rely on the time to update the filter samples (QUIC/BBR) BUG/MINOR: quic: wrong logical statement in in_recovery_period() (BBR) BUG/MINOR: quic: fix BBB max bandwidth oscillation issue. BUG/MINOR: quic: wrong bbr_target_inflight() implementation BUG/MINOR: quic: remove max_bw filter from delivery rate sampling BUG/MINOR: quic: underflow issue for bbr_inflight_hi_from_lost_packet() BUG/MINOR: quic: reduce packet losses at least during ProbeBW_CRUISE (BBR) MINOR: quic: reduce the private data size of QUIC cc algos CLEANUP: quic: remove a wrong comment about ->app_limited (drs) BUG/MINOR: quic: fix the wrong tracked recovery start time value BUG/MINOR: quic: too permissive exit condition for high loss detection in Startup (BBR) BUG/MINOR: quic: missing Startup accelerating probing bw states CLEANUP: quic: Rename some BBR functions in relation with bw probing Olivier Houchard (3): BUG/MEDIUM: queues: Make sure we call process_srv_queue() when leaving BUG/MEDIUM: queues: Do not use pendconn_grab_from_px(). BUG/MEDIUM: queue: Make process_srv_queue return the number of streams Valentine Krasnobaeva (2): BUG/MINOR: cli: cli_snd_buf: preserve \r\n for payload lines REGTESTS: ssl: add a PEM with mix of LF and CRLF line endings Willy Tarreau (1): BUILD: debug: only dump/reset glitch counters when really defined -- Christopher Faulet