[PATCH] Fix memory leak from used_server_addr during deinit

2021-01-07 Thread Thayne McCombs
Fixes #1037
---
 src/haproxy.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/haproxy.c b/src/haproxy.c
index a28b45fb9..1d16b507d 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -2649,6 +2649,7 @@ void deinit(void)
free(s->available_conns);
free(s->curr_idle_thr);
free(s->resolvers_id);
+   free(s->addr_node.key);
 
if (s->use_ssl == 1 || s->check.use_ssl == 1 || 
(s->proxy->options & PR_O_TCPCHK_SSL)) {
if (xprt_get(XPRT_SSL) && 
xprt_get(XPRT_SSL)->destroy_srv)
-- 
2.30.0



Re: [PATCH] A bunch of spelling fixes.

2021-01-07 Thread Thayne McCombs
Here it is split up into multiple patches. 
I also included a patch that adds a few words to the 
ignore-words-list in the codespell workflow.

-- >8 --
>From 65d9fd1583841a92afdc276c8fca72ed7f49345b Mon Sep 17 00:00:00 2001
From: Thayne McCombs 
Date: Thu, 7 Jan 2021 21:24:41 -0700
Subject: [PATCH 1/4] Spelling fixes in documentation

---
 BRANCHES |  2 +-
 CONTRIBUTING |  2 +-
 INSTALL  |  2 +-
 doc/configuration.txt| 10 +-
 doc/internals/acl.txt|  6 +++---
 doc/internals/buffer-api.txt |  2 +-
 doc/internals/htx-api.txt|  4 ++--
 doc/intro.txt|  2 +-
 doc/management.txt   |  2 +-
 9 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/BRANCHES b/BRANCHES
index 6cb275c94..53b2ee996 100644
--- a/BRANCHES
+++ b/BRANCHES
@@ -134,7 +134,7 @@ to make a safe guess about what to pick.
 Branches up to 1.8 are all designated as "long-term supported" ("LTS" for
 short), which means that they are maintained for several years after the
 release. These branches were emitted at a pace of one per year since 1.5 in
-2014. As of 2019, 1.5 is still supported and widely used, eventhough it very
+2014. As of 2019, 1.5 is still supported and widely used, even though it very
 rarely receives updates. After a few years these LTS branches enter a
 "critical fixes only" status, which means that they will rarely receive a fix
 but if that a critital issue affects them, a release will be made, with or
diff --git a/CONTRIBUTING b/CONTRIBUTING
index 88733e19e..73a27c7db 100644
--- a/CONTRIBUTING
+++ b/CONTRIBUTING
@@ -154,7 +154,7 @@ features are disabled. Similarly, when modifying the SSL 
stack, please always
 ensure that supported OpenSSL versions continue to build and to work, 
especially
 if you modify support for alternate libraries. Clean support for the legacy
 OpenSSL libraries is mandatory, support for its derivatives is a bonus and may
-occasionally break eventhough a great care is taken. In other words, if you
+occasionally break even though a great care is taken. In other words, if you
 provide a patch for OpenSSL you don't need to test its derivatives, but if you
 provide a patch for a derivative you also need to test with OpenSSL.
 
diff --git a/INSTALL b/INSTALL
index 32cf5d91e..32c0dd338 100644
--- a/INSTALL
+++ b/INSTALL
@@ -528,7 +528,7 @@ because of strange symbols or section mismatches, simply 
remove -g from
 DEBUG_CFLAGS.
 
 Building on AIX 7.2 works fine using the "aix72-gcc" TARGET. It adds two
-special CFLAGS to prevent the loading of AIXs xmem.h and var.h. This is done
+special CFLAGS to prevent the loading of AIX's xmem.h and var.h. This is done
 by defining the corresponding include-guards _H_XMEM and _H_VAR. Without
 excluding those header-files the build fails because of redefinition errors.
 Furthermore, the atomic library is added to the LDFLAGS to allow for
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 31ab5906b..d357b89c2 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -406,7 +406,7 @@ HAProxy's configuration process involves 3 major sources of 
parameters :
 
   - the arguments from the command-line, which always take precedence
   - the configuration file(s), whose format is described here
-  - the running process' environment, in case some environment variables are
+  - the running process's environment, in case some environment variables are
 explicitly referenced
 
 The configuration file follows a fairly simple hierarchical format which obey
@@ -1083,7 +1083,7 @@ external-check
   "insecure-setuid-wanted".
 
 gid 
-  Changes the process' group ID to . It is recommended that the group
+  Changes the process's group ID to . It is recommended that the group
   ID is dedicated to HAProxy or to a small set of similar daemons. HAProxy must
   be started with a user belonging to this group, or with superuser privileges.
   Note that if haproxy is started from a user having supplementary groups, it
@@ -1756,7 +1756,7 @@ stats maxconn 
   possible to change this value with "stats maxconn".
 
 uid 
-  Changes the process' user ID to . It is recommended that the user ID
+  Changes the process's user ID to . It is recommended that the user ID
   is dedicated to HAProxy or to a small set of similar daemons. HAProxy must
   be started with superuser privileges in order to be able to switch to another
   one. See also "gid" and "user".
@@ -14410,7 +14410,7 @@ weight 
 
 HAProxy allows using a host name on the server line to retrieve its IP address
 using name servers. By default, HAProxy resolves the name when parsing the
-configuration file, at startup and cache the result for the process' life.
+configuration file, at startup and cache the result for the process's life.
 This is not sufficient in some cases, such as in Amazon where a server's IP
 can change after a reboot or an ELB Virtual IP can change based on current
 workload.
@@ -20369,7 +20369

[PATCH] BUG/MINOR: Fix memory leak in hlua_alloc

2021-01-07 Thread Tim Duesterhus
During a configuration check valgrind reports:

==14425== 0 bytes in 106 blocks are definitely lost in loss record 1 of 107
==14425==at 0x4C2DB8F: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14425==by 0x4C2FDEF: realloc (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14425==by 0x443CFC: hlua_alloc (hlua.c:8662)
==14425==by 0x5F72B11: luaM_realloc_ (in 
/usr/lib/x86_64-linux-gnu/liblua5.3.so.0.0.0)
==14425==by 0x5F78089: luaH_free (in 
/usr/lib/x86_64-linux-gnu/liblua5.3.so.0.0.0)
==14425==by 0x5F707D3: sweeplist (in 
/usr/lib/x86_64-linux-gnu/liblua5.3.so.0.0.0)
==14425==by 0x5F710D0: luaC_freeallobjects (in 
/usr/lib/x86_64-linux-gnu/liblua5.3.so.0.0.0)
==14425==by 0x5F7715D: close_state (in 
/usr/lib/x86_64-linux-gnu/liblua5.3.so.0.0.0)
==14425==by 0x443D4C: hlua_deinit (hlua.c:9302)
==14425==by 0x543F88: deinit (haproxy.c:2742)
==14425==by 0x5448E7: deinit_and_exit (haproxy.c:2830)
==14425==by 0x5455D9: init (haproxy.c:2044)

This is due to Lua calling `hlua_alloc()` with `ptr = NULL` and `nsize = 0`.
While `realloc` is supposed to be equivalent `free()` if the size is `0` this
is only required for a non-NULL pointer. Apparently my allocator (or valgrind)
actually allocates a zero size area if the pointer is NULL, possibly taking up
some memory for management structures.

Fix this leak by specifically handling the case where both the pointer and the
size are `0`.

This bug appears to have been introduced with the introduction of the
multi-threaded Lua, thus this fix is specific for 2.4. No backport needed.
---
 src/hlua.c | 13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/hlua.c b/src/hlua.c
index a52a1b50d..8b7db7843 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -8643,8 +8643,12 @@ static void *hlua_alloc(void *ud, void *ptr, size_t 
osize, size_t nsize)
/* a limit of ~0 means unlimited and boot complete, so there's no need
 * for accounting anymore.
 */
-   if (likely(~zone->limit == 0))
-   return realloc(ptr, nsize);
+   if (likely(~zone->limit == 0)) {
+   if (likely(ptr || nsize))
+   return realloc(ptr, nsize);
+   else
+   return NULL;
+   }
 
if (!ptr)
osize = 0;
@@ -8658,7 +8662,10 @@ static void *hlua_alloc(void *ud, void *ptr, size_t 
osize, size_t nsize)
return NULL;
} while (!_HA_ATOMIC_CAS(&zone->allocated, &old, new));
 
-   ptr = realloc(ptr, nsize);
+   if (likely(ptr || nsize))
+   ptr = realloc(ptr, nsize);
+   else
+   ptr = NULL;
 
if (unlikely(!ptr && nsize)) // failed
_HA_ATOMIC_SUB(&zone->allocated, nsize - osize);
-- 
2.29.0




Re: [PATCH] A bunch of spelling fixes.

2021-01-07 Thread Tim Düsterhus
Thayne,

Am 07.01.21 um 16:55 schrieb Thayne McCombs:
>> `iff` means `if and only if`.
> 
> I was aware of this abbreviation, but wasn't sure if that was the intended
> meaning or if it was a typo. Do you think it would be better to spell it
> out as "if and only if", or to add iff to the list of ignored words?

I don't have a strong opinion either way.

Best regards
Tim Düsterhus



[PATCH] cleanup: switch to my_realloc2 instead of realloc

2021-01-07 Thread Илья Шипицин
Hi,

patch resolving #1030 attached.

Ilya
From eb849f02b0fef02a4d40f7566da3b54b2d0a8368 Mon Sep 17 00:00:00 2001
From: Ilya Shipitsin 
Date: Thu, 7 Jan 2021 22:45:13 +0500
Subject: [PATCH] CLEANUP: replace "realloc" with "my_realloc2" to fix to
 memory leak

my_realloc2 frees variable in case of allocation failure

fixes #1030

realloc was introduced in 9e1758efbd68c8b1d27e17e2abee110f3ebe

this might be backported to 2.2, 2.3
---
 src/cfgparse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index c34b3a8f5..12eae67cc 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1983,7 +1983,7 @@ next_line:
 
 			if (err & (PARSE_ERR_TOOLARGE|PARSE_ERR_OVERLAP)) {
 outlinesize = (outlen + 1023) & -1024;
-outline = realloc(outline, outlinesize);
+outline = my_realloc2(outline, outlinesize);
 if (outline == NULL) {
 	ha_alert("parsing [%s:%d]: line too long, cannot allocate memory.\n",
 		 file, linenum);
-- 
2.29.2



[PATCH] BUILD: Makefile: exclude broken tests by default

2021-01-07 Thread William Dauchy
it could be sometimes a bit confusing to have tests which are known to
be broken executed in the default `make reg-tests` command, especially
for not frequent contributors which are not necessarily aware of all our
quirks.

without this patch, this test is failing on my side:
  #top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.228) exit=2
  1 tests failed, 0 tests skipped, 107 tests passed

Signed-off-by: William Dauchy 
---
 Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Makefile b/Makefile
index 4e6c834ed..1e383f464 100644
--- a/Makefile
+++ b/Makefile
@@ -1044,6 +1044,7 @@ opts:
@echo 'OBJS="$(strip $(OBJS))"'
 
 ifeq (reg-tests, $(firstword $(MAKECMDGOALS)))
+  REGTESTS_TYPES := default,bug,devel,slow
   REGTEST_ARGS := $(wordlist 2, $(words $(MAKECMDGOALS)), $(MAKECMDGOALS))
   $(eval $(REGTEST_ARGS):;@true)
 endif
-- 
2.29.2




Re: [PATCH] A bunch of spelling fixes.

2021-01-07 Thread Thayne McCombs
okay, sounds good. I'll send up separated patches later today.

> `iff` means `if and only if`.

I was aware of this abbreviation, but wasn't sure if that was the intended
meaning or if it was a typo. Do you think it would be better to spell it
out as "if and only if", or to add iff to the list of ignored words?

Thayne McCombs
Senior Software Engineer
tha...@lucidchart.com



Lucid.co 


On Thu, Jan 7, 2021 at 8:36 AM Tim Düsterhus  wrote:

> Thayne,
>
> Am 07.01.21 um 10:09 schrieb Thayne McCombs:
> > diff --git a/doc/internals/htx-api.txt b/doc/internals/htx-api.txt
> > index e783e0ebf..07224821c 100644
> > --- a/doc/internals/htx-api.txt
> > +++ b/doc/internals/htx-api.txt
> > @@ -113,7 +113,7 @@ payload.
> >
> >  Because the payloads part may wrap, there are 2 usable free spaces:
> >
> > -- The free space in front of the blocks part. This one is used iff
> > the other
> > +- The free space in front of the blocks part. This one is used if
> > the other
> >one was not used yet.
> >
> >  - The free space at the beginning of the message. Once this one is
> > used, the
>
> Didn't check all in detail, but that one is most likely not a typo.
> `iff` means `if and only if`.
>
> Best regards
> Tim Düsterhus
>


Re: [PATCH] A bunch of spelling fixes.

2021-01-07 Thread Tim Düsterhus
Thayne,

Am 07.01.21 um 10:09 schrieb Thayne McCombs:
> diff --git a/doc/internals/htx-api.txt b/doc/internals/htx-api.txt
> index e783e0ebf..07224821c 100644
> --- a/doc/internals/htx-api.txt
> +++ b/doc/internals/htx-api.txt
> @@ -113,7 +113,7 @@ payload.
> 
>  Because the payloads part may wrap, there are 2 usable free spaces:
> 
> -    - The free space in front of the blocks part. This one is used iff
> the other
> +    - The free space in front of the blocks part. This one is used if
> the other
>    one was not used yet.
> 
>  - The free space at the beginning of the message. Once this one is
> used, the

Didn't check all in detail, but that one is most likely not a typo.
`iff` means `if and only if`.

Best regards
Tim Düsterhus



Re: [PATCH] A bunch of spelling fixes.

2021-01-07 Thread Willy Tarreau
Hi Thayne,

On Thu, Jan 07, 2021 at 02:09:10AM -0700, Thayne McCombs wrote:
> From the output of codespell.

Thanks for this, but I'll ask you a favor, which is to split this into
2 or 3 patches:
  - one for the pure documentation, that will have to be backported
since the documentation is user visible and in this essence,
spelling mistakes in the doc can be seen as bugs that deserve being
fixed ; you can use a single patch for all doc-related stuff, that's
OK, just label it as "DOC".

  - one for code comments: these ones have zero impact on existing code
and will usually not be backported as they may needlessly annoy users
who maintain their own out-of-tree patches, unless that's needed to
ease backports of later patches. These can be tagged as CLEANUP since
nothing changes for the user (0 byte of output code or package changes).

  - possibly a separate one for error messages or anything that is in the
code and is user-visible. These ones will result in code changes that
may have an impact on out-of-tree patches but are fixes that need to
be backported anyway. These ones may be labelled as DOC, CLEANUP, or
"BUG/MINOR" as you see fit. In some cases they may be merged with the
first ones but I tend to prefer that they remain distinct since they
cause a different binary at the end and may occasionally impact some
local regtests some users might have to run before upgrading.

Thanks!
Willy



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Dauchy
On Thu, Jan 7, 2021 at 4:02 PM Willy Tarreau  wrote:
> No, we'd rather indeed make the types exclude broken by default.
> Let's just preset "REGTESTS_TYPES=default,bug,devel,slow" in the makefile
> and that's done without changing anything for anyone who already forces
> them.
>
> Patches welcome, as usual :-)

thanks, will do.

-- 
William



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Willy Tarreau
On Thu, Jan 07, 2021 at 03:12:20PM +0100, William Dauchy wrote:
> On Thu, Jan 7, 2021 at 1:54 PM  ???  wrote:
> > We can make regtest type mandatory
> 
> honestly not a fan :) makes it more complicated for people trying to
> contribute simple things

No, we'd rather indeed make the types exclude broken by default.
Let's just preset "REGTESTS_TYPES=default,bug,devel,slow" in the makefile
and that's done without changing anything for anyone who already forces
them.

Patches welcome, as usual :-)
Willy



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Dauchy
On Thu, Jan 7, 2021 at 1:54 PM Илья Шипицин  wrote:
> We can make regtest type mandatory

honestly not a fan :) makes it more complicated for people trying to
contribute simple things

-- 
William



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Илья Шипицин
On Thu, Jan 7, 2021, 5:19 PM William Dauchy  wrote:

> On Thu, Jan 7, 2021 at 12:53 PM Илья Шипицин  wrote:
> > They are excluded in ci builds
> > - env VTEST_PROGRAM=../vtest/vtest gmake reg-tests
> REGTESTS_TYPES=default,bug,devel || (for folder in /tmp/*regtest*/vtc.*; do
> cat $folder/INFO $folder/LOG; done && exit
>
> yeah I understood, but I'm thinking about small contributors trying to
> understand what is wrong before sending their patches; a default
> working `make reg-tests` would be nice in my own opinion.
>
> --
> William
>

We can make regtest type mandatory

>


Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Dauchy
On Thu, Jan 7, 2021 at 12:53 PM Илья Шипицин  wrote:
> They are excluded in ci builds
> - env VTEST_PROGRAM=../vtest/vtest gmake reg-tests 
> REGTESTS_TYPES=default,bug,devel || (for folder in /tmp/*regtest*/vtc.*; do 
> cat $folder/INFO $folder/LOG; done && exit

yeah I understood, but I'm thinking about small contributors trying to
understand what is wrong before sending their patches; a default
working `make reg-tests` would be nice in my own opinion.

-- 
William



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Илья Шипицин
On Thu, Jan 7, 2021, 4:45 PM William Dauchy  wrote:

> On Thu, Jan 7, 2021 at 11:54 AM William Lallemand
>  wrote:
> > These reg-tests are of types "slow" and "broken" not launched by the CI.
>
> thanks folks for your inputs. my vtest was indeed out of date.
> now I'm left with:
>
> ## Starting vtest ##
> Testing with haproxy version: 2.4-dev5-761d64-4
> #top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.194)
> exit=2
> 1 tests failed, 0 tests skipped, 107 tests passed
> ## Gathering results ##
> ## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
> ## test results in:
> "/tmp/haregtests-2021-01-07_12-38-36.OFayg8/vtc.132412.2a7ac563"
>  h1Bad exit status: 0x exit 0x0 signal 0 core 0
>
> but indeed:
> reg-tests/seamless-reload/abns_socket.vtc:#REGTEST_TYPE=broken
>
> maybe we should exclude them from a `make reg-tests` to avoid confusion?
> --
> William
>

They are excluded in ci builds
- env VTEST_PROGRAM=../vtest/vtest gmake reg-tests
REGTESTS_TYPES=default,bug,devel || (for folder in /tmp/*regtest*/vtc.*; do
cat $folder/INFO $folder/LOG; done && exit

>


Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Dauchy
On Thu, Jan 7, 2021 at 11:54 AM William Lallemand
 wrote:
> These reg-tests are of types "slow" and "broken" not launched by the CI.

thanks folks for your inputs. my vtest was indeed out of date.
now I'm left with:

## Starting vtest ##
Testing with haproxy version: 2.4-dev5-761d64-4
#top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.194) exit=2
1 tests failed, 0 tests skipped, 107 tests passed
## Gathering results ##
## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
## test results in:
"/tmp/haregtests-2021-01-07_12-38-36.OFayg8/vtc.132412.2a7ac563"
 h1Bad exit status: 0x exit 0x0 signal 0 core 0

but indeed:
reg-tests/seamless-reload/abns_socket.vtc:#REGTEST_TYPE=broken

maybe we should exclude them from a `make reg-tests` to avoid confusion?
-- 
William



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Frederic Lecaille

On 1/7/21 11:03 AM, William Dauchy wrote:

unclear whether this is on my side only because I did not investigate
but I have two tests failing for a while now:

## Starting vtest ##
Testing with haproxy version: 2.4-dev5-761d64-4
#top  TEST reg-tests/filters/random-forwarding.vtc FAILED (0.192) exit=2
#top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.215) exit=2
2 tests failed, 0 tests skipped, 106 tests passed
## Gathering results ##
## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
## test results in:
"/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.67e5fada"
 h1   Bad exit status: 0x exit 0x0 signal 0 core 0
## Test case: reg-tests/filters/random-forwarding.vtc ##
## test results in:
"/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.72f8fd5f"
 c1   Assert error in vtc_gunzip(), src/vtc_gzip.c line 114:


Your vtest program does not seem to be up to date. Here is the vtest 
issue which is similar to yours:


https://github.com/vtest/VTest/issues/20



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Lallemand
On Thu, Jan 07, 2021 at 11:21:07AM +0100, Willy Tarreau wrote:
> On Thu, Jan 07, 2021 at 11:03:14AM +0100, William Dauchy wrote:
> > On Wed, Jan 6, 2021 at 5:45 PM Willy Tarreau  wrote:
> > > HAProxy 2.4-dev5 was released on 2021/01/06. It added 91 new commits
> > > after version 2.4-dev4.
> > 
> > unclear whether this is on my side only because I did not investigate
> > but I have two tests failing for a while now:
> > 
> > ## Starting vtest ##
> > Testing with haproxy version: 2.4-dev5-761d64-4
> > #top  TEST reg-tests/filters/random-forwarding.vtc FAILED (0.192) exit=2
> > #top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.215) 
> > exit=2
> 
> I didn't observe them, they all succeed on my side, and just checking
> the CI, it seems they succeed. But that doesn't mean they're reliable
> or anything, very often regtests start to fail sporadically in a single
> environment before we figure the problem.
> 

These reg-tests are of types "slow" and "broken" not launched by the CI.
 

-- 
William Lallemand



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Willy Tarreau
On Thu, Jan 07, 2021 at 11:03:14AM +0100, William Dauchy wrote:
> On Wed, Jan 6, 2021 at 5:45 PM Willy Tarreau  wrote:
> > HAProxy 2.4-dev5 was released on 2021/01/06. It added 91 new commits
> > after version 2.4-dev4.
> 
> unclear whether this is on my side only because I did not investigate
> but I have two tests failing for a while now:
> 
> ## Starting vtest ##
> Testing with haproxy version: 2.4-dev5-761d64-4
> #top  TEST reg-tests/filters/random-forwarding.vtc FAILED (0.192) exit=2
> #top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.215) exit=2

I didn't observe them, they all succeed on my side, and just checking
the CI, it seems they succeed. But that doesn't mean they're reliable
or anything, very often regtests start to fail sporadically in a single
environment before we figure the problem.

Is it 100% reproducible for you ?

> 2 tests failed, 0 tests skipped, 106 tests passed
> ## Gathering results ##
> ## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
> ## test results in:
> "/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.67e5fada"
>  h1   Bad exit status: 0x exit 0x0 signal 0 core 0
> ## Test case: reg-tests/filters/random-forwarding.vtc ##
> ## test results in:
> "/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.72f8fd5f"
>  c1   Assert error in vtc_gunzip(), src/vtc_gzip.c line 114:
> Condition(vz.total_out < l) not true.  Errno=0 Success

I remember seeing this one with an old version of vtest, and it
went away after an upgrade.

> I build with:
> 
> make -j5 CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE=1
> USE_PCRE_JIT=1 USE_ZLIB=1 USE_GETADDRINFO=1 USE_LINUX_TPROXY=1
> ADDLIB="-ljemalloc" DEFINE=-DTCP_USER_TIMEOUT=18 USE_SYSTEMD=1
> USE_TFO=1 USE_NS=1
> EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o"

Using the exact same options (except systemd) worked fine for me
with 106 successful tests. So at least it's not cause exclusively
by the set of options.

Willy



Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread Илья Шипицин
чт, 7 янв. 2021 г. в 15:06, William Dauchy :

> On Wed, Jan 6, 2021 at 5:45 PM Willy Tarreau  wrote:
> > HAProxy 2.4-dev5 was released on 2021/01/06. It added 91 new commits
> > after version 2.4-dev4.
>
> unclear whether this is on my side only because I did not investigate
> but I have two tests failing for a while now:
>
> ## Starting vtest ##
> Testing with haproxy version: 2.4-dev5-761d64-4
> #top  TEST reg-tests/filters/random-forwarding.vtc FAILED (0.192)
> exit=2
> #top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.215)
> exit=2
> 2 tests failed, 0 tests skipped, 106 tests passed
> ## Gathering results ##
> ## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
> ## test results in:
> "/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.67e5fada"
>  h1   Bad exit status: 0x exit 0x0 signal 0 core 0
> ## Test case: reg-tests/filters/random-forwarding.vtc ##
> ## test results in:
> "/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.72f8fd5f"
>  c1   Assert error in vtc_gunzip(), src/vtc_gzip.c line 114:
>

did you clone vtest recently ? some gunzip asserts were fixed like 1 or 2
months ago.
if it is fresh master, error most probably should be reported to vtest


> Condition(vz.total_out < l) not true.  Errno=0 Success
>  s1   HTTP header is incomplete
> make: *** [Makefile:1053: reg-tests] Error 1
>
> I build with:
>
> make -j5 CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE=1
> USE_PCRE_JIT=1 USE_ZLIB=1 USE_GETADDRINFO=1 USE_LINUX_TPROXY=1
>

USE_LINUX_TPROXY is automatic. no need to specify


> ADDLIB="-ljemalloc" DEFINE=-DTCP_USER_TIMEOUT=18 USE_SYSTEMD=1
> USE_TFO=1 USE_NS=1
> EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o"
>
> I will spend more time later if nobody does.
> --
> William
>
>


Re: [ANNOUNCE] haproxy-2.4-dev5

2021-01-07 Thread William Dauchy
On Wed, Jan 6, 2021 at 5:45 PM Willy Tarreau  wrote:
> HAProxy 2.4-dev5 was released on 2021/01/06. It added 91 new commits
> after version 2.4-dev4.

unclear whether this is on my side only because I did not investigate
but I have two tests failing for a while now:

## Starting vtest ##
Testing with haproxy version: 2.4-dev5-761d64-4
#top  TEST reg-tests/filters/random-forwarding.vtc FAILED (0.192) exit=2
#top  TEST reg-tests/seamless-reload/abns_socket.vtc FAILED (2.215) exit=2
2 tests failed, 0 tests skipped, 106 tests passed
## Gathering results ##
## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
## test results in:
"/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.67e5fada"
 h1   Bad exit status: 0x exit 0x0 signal 0 core 0
## Test case: reg-tests/filters/random-forwarding.vtc ##
## test results in:
"/tmp/haregtests-2021-01-07_10-59-10.xOIJpc/vtc.115543.72f8fd5f"
 c1   Assert error in vtc_gunzip(), src/vtc_gzip.c line 114:
Condition(vz.total_out < l) not true.  Errno=0 Success
 s1   HTTP header is incomplete
make: *** [Makefile:1053: reg-tests] Error 1

I build with:

make -j5 CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE=1
USE_PCRE_JIT=1 USE_ZLIB=1 USE_GETADDRINFO=1 USE_LINUX_TPROXY=1
ADDLIB="-ljemalloc" DEFINE=-DTCP_USER_TIMEOUT=18 USE_SYSTEMD=1
USE_TFO=1 USE_NS=1
EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o"

I will spend more time later if nobody does.
-- 
William



Re: [PATCH] improve SSL guarding, use macro instead of openssl version

2021-01-07 Thread William Lallemand
On Thu, Jan 07, 2021 at 12:28:02PM +0500, Илья Шипицин wrote:
> Hi,
> 
> another series of removing HA_OPENSSL_VERSION
> 
> Ilya


Thanks, merged.



-- 
William Lallemand



[PATCH] A bunch of spelling fixes.

2021-01-07 Thread Thayne McCombs

From the output of codespell.
---
 BRANCHES   |  2 +-
 CONTRIBUTING   |  2 +-
 INSTALL|  2 +-
 Makefile   |  4 ++--
 doc/configuration.txt  | 10 +-
 doc/internals/acl.txt  |  6 +++---
 doc/internals/buffer-api.txt   |  2 +-
 doc/internals/htx-api.txt  |  2 +-
 doc/intro.txt  |  2 +-
 doc/management.txt |  2 +-
 include/haproxy/action-t.h |  2 +-
 include/haproxy/connection-t.h |  4 ++--
 include/haproxy/listener.h |  2 +-
 include/haproxy/proxy-t.h  |  2 +-
 include/haproxy/server-t.h |  2 +-
 include/import/ebmbtree.h  |  2 +-
 scripts/announce-release   |  2 +-
 src/backend.c  |  2 +-
 src/fd.c   |  2 +-
 src/haproxy.c  |  2 +-
 src/hlua.c | 16 
 src/http.c |  2 +-
 src/http_act.c |  2 +-
 src/htx.c  |  4 ++--
 src/pattern.c  |  4 ++--
 src/proxy.c|  2 +-
 src/stream_interface.c |  6 +++---
 27 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/BRANCHES b/BRANCHES
index 6cb275c94..53b2ee996 100644
--- a/BRANCHES
+++ b/BRANCHES
@@ -134,7 +134,7 @@ to make a safe guess about what to pick.
 Branches up to 1.8 are all designated as "long-term supported" ("LTS" for
 short), which means that they are maintained for several years after the
 release. These branches were emitted at a pace of one per year since 
1.5 in
-2014. As of 2019, 1.5 is still supported and widely used, eventhough it 
very
+2014. As of 2019, 1.5 is still supported and widely used, even though 
it very

 rarely receives updates. After a few years these LTS branches enter a
 "critical fixes only" status, which means that they will rarely 
receive a fix

 but if that a critital issue affects them, a release will be made, with or
diff --git a/CONTRIBUTING b/CONTRIBUTING
index 88733e19e..73a27c7db 100644
--- a/CONTRIBUTING
+++ b/CONTRIBUTING
@@ -154,7 +154,7 @@ features are disabled. Similarly, when modifying the 
SSL stack, please always
 ensure that supported OpenSSL versions continue to build and to work, 
especially
 if you modify support for alternate libraries. Clean support for the 
legacy
 OpenSSL libraries is mandatory, support for its derivatives is a bonus 
and may

-occasionally break eventhough a great care is taken. In other words, if you
+occasionally break even though a great care is taken. In other words, 
if you
 provide a patch for OpenSSL you don't need to test its derivatives, 
but if you

 provide a patch for a derivative you also need to test with OpenSSL.

diff --git a/INSTALL b/INSTALL
index 32cf5d91e..32c0dd338 100644
--- a/INSTALL
+++ b/INSTALL
@@ -528,7 +528,7 @@ because of strange symbols or section mismatches, 
simply remove -g from

 DEBUG_CFLAGS.

 Building on AIX 7.2 works fine using the "aix72-gcc" TARGET. It adds two
-special CFLAGS to prevent the loading of AIXs xmem.h and var.h. This is 
done
+special CFLAGS to prevent the loading of AIX's xmem.h and var.h. This 
is done

 by defining the corresponding include-guards _H_XMEM and _H_VAR. Without
 excluding those header-files the build fails because of redefinition 
errors.

 Furthermore, the atomic library is added to the LDFLAGS to allow for
diff --git a/Makefile b/Makefile
index 4e6c834ed..fba5d4267 100644
--- a/Makefile
+++ b/Makefile
@@ -30,7 +30,7 @@
 #   USE_TPROXY   : enable transparent proxy. Automatic.
 #   USE_LINUX_TPROXY : enable full transparent proxy. Automatic.
 #   USE_LINUX_SPLICE : enable kernel 2.6 splicing. Automatic.
-#   USE_LIBCRYPT : enable crypted passwords using -lcrypt
+#   USE_LIBCRYPT : enable encrypted passwords using -lcrypt
 #   USE_CRYPT_H  : set it if your system requires including 
crypt.h

 #   USE_GETADDRINFO  : use getaddrinfo() to resolve IPv6 host names.
 #   USE_OPENSSL  : enable use of OpenSSL. Recommended, but see 
below.

@@ -435,7 +435,7 @@ endif
 ifeq ($(TARGET),cygwin)
   set_target_defaults = $(call default_opts, \
 USE_POLL USE_TPROXY USE_OBSOLETE_LINKER)
-  # Cygwin adds IPv6 support only in version 1.7 (in beta right now).
+  # Cygwin adds IPv6 support only in version 1.7 (in beta right now).
   TARGET_CFLAGS  = $(if $(filter 1.5.%, $(shell uname -r)), -DUSE_IPV6 
-DAF_INET6=23 -DINET6_ADDRSTRLEN=46, )

 endif

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 31ab5906b..d357b89c2 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -406,7 +406,7 @@ HAProxy's configuration process involves 3 major 
sources of parameters :


   - the arguments from the command-line, which always take precedence
   - the configuration file(s), whose format is described here
-  - the running process' environment, in case some environment 
variables are
+  - the running process's environment, i