as release is getting close, I've performed cppcheck analysis
https://github.com/haproxy/haproxy/issues/1939
https://github.com/haproxy/haproxy/issues/1940
https://github.com/haproxy/haproxy/issues/1941
let me know, if it is noisy/useless, I'm fine with cdiscarding cppcheck
issues (however, it is not trivial to suppress them)
Ilya
пт, 18 нояб. 2022 г. в 21:56, Willy Tarreau :
> Hi,
>
> HAProxy 2.7-dev9 was released on 2022/11/18. It added 168 new commits
> after version 2.7-dev8.
>
> I know, one month has elapsed since -dev8, but some of us were fully
> busy preparing the haproxyconf and others dealing alone with the bug
> reports, so now we have to catch up slowly. On the other hand, these
> efforts were rewarded since many bugs were addressed and the feedback
> on the conf was generally excellent.
>
> No less than 41 bugs were addressed since -dev8, that's about 2 per work
> day, and most of them are now of low importance so we're converging.
> However I find that there's still an annoying number of small ones in the
> issue tracker, which are not necessarily regressions but which deserve
> being analysed a bit, and this takes time.
>
> I'll try to sum up one month of changes below by mostly focusing on
> user-visible ones (including developers):
>
> - USE_SHM_OPEN that is used to preserve startup logs across reloads
> operated by the master process was extended by default to the
> linux-musl and freebsd targets.
>
> - tree-wide update to the "fallthrough" hint to tell the compiler to
> shut up on missing breaks between switch/case statements: those who
> were dealing with preprocessing followed by compiling with compilers
> starting with gcc 7 were still seeing lots of warnings due to the
> preprocessor stripping the comments and the compiler not seeing them.
> This typically happened for those using distcc or ccache (could
> possibly trigger for some distros using build farms).
>
> - xxhash was updated to version 0.8.1 to address the similar fallthrough
> issue as above (very few other differences so that's OK).
>
> - fixed the build issue that was breaking DEBUG_MEM_STATS on old
> compilers; it was my fault for putting quotes around symbol names
> where it was inappropriate.
>
> - fixed build issues for dev/poll and dev/tcploop which were ignoring
> changes to the source file, and mis-reporting certain build steps.
>
> - various QUIC build fixes on m68k, 32-bit platforms in general, and
> worked around a wrong warning from gcc-12. Usual number of updates
> including more counters and code cleanups/refactoring. By the way,
> we'd like to thank Gabriel Tzagkarakis for his amazing help in fixing
> the remaining QUIC bugs over the last month.
>
> - the support for completely obsolete and abandonned set-cookie2 was
> finally removed (thanks Tim for the reminder). It was planned for 2.5
> already but we forgot it and it was not suitable to break the 2.5->2.6
> transition.
>
> - mux-h1's connection handling was refined so that the stream code
> depends
> less on the low-level connection status. This is part of the permanent
> quest to report the most accurate errors possible and not to report any
> when everything went fine. Mux-h2 experienced a similar but smaller
> cleanup (it's trickier and we don't want to risk regressions now).
>
> - SSL certiticate error checking was ignoring decoding errors and was
> fixed. There is a non-nul risk that errors are now reported at boot
> time from broken certs that would already not work anyway but would
> have been silently ignored.
>
> - ca-ignore-err and crt-ignore-err can now use an error contant name
> and not just a value (since openssl found it fun to change the
> documented values between 1.x and 3.0). In addition, such options
> were previously limited to the 64 first values, this is no longer
> the case.
>
> - a new "trace" statement can be placed in the global section, using
> the exact same syntax as on the CLI. It requires that the directive
> "expose-experimental-directives" is set first because we're not certain
> it will remain like this, but it significantly improves operations for
> users willing to share traces with developers during debugging
> sessions,
> so we figured that any format would be better than nothing.
>
> - a "quick-exit" keyword was added to the global section so that those
> who absolutely need to skip deinit() on quick reload can do it. The
> time savings are only marginal, however it could have been a useful
> workaround a few times in the past when triggering a double-free in
> deinit().
>
> - the "debug dev memstats" output now also displays where buffers are
> allocated and released. This should help track leaks when they happen.
>
> - the "peers" section now supports a principle of sharding. The idea is
> that when you have to push