From 95197ec04e241f33803909c9c6182e832b6ed16e Mon Sep 17 00:00:00 2001 From: Valentine Krasnobaeva Date: Tue, 18 Mar 2025 16:33:54 +0100 Subject: [PATCH] BUG/MINOR: limits: compute_ideal_maxconn: don't cap remain if fd_hard_limit=0 'global.fd_hard_limit' stays uninitialized, if haproxy is started with -m (global.rlimit_memmax). 'remain' is the MAX between soft and hard process fd limits. It will be always bigger than 'global.fd_hard_limit' (0) in this case. So, if we reassign 'remain' to the 'global.fd_hard_limit' unconditionally, calculated then 'maxconn' will be even negative and the DEFAULT_MAXCONN (100) will be set as the 'ideal_maxconn'. During the 'global.maxconn' calculations in set_global_maxconn(), if the provided 'global.rlimit_memmax' is quite big, system will refuse to calculate based on its 'global.maxconn' and we will do a fallback to the 'ideal_maxconn', which is 100. Same problem for the configs with SSL frontends and backends. This fixes the issue #2899. This should be backported to v3.1.0. (cherry picked from commit 060f441199aa97d9735dd553bafd231ca615f723) Signed-off-by: Willy Tarreau --- src/limits.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/limits.c b/src/limits.c index bb74510..47f4499 100644 --- a/src/limits.c +++ b/src/limits.c @@ -151,8 +151,14 @@ int compute_ideal_maxconn() if (!is_any_limit_configured()) global.fd_hard_limit = DEFAULT_MAXFD; - if (remain > global.fd_hard_limit) + if (global.fd_hard_limit && (remain > global.fd_hard_limit)) { + /* cap remain only when global.fd_hard_limit > 0, i.e.: either + * there were no any other limits set and it's defined by lines + * above as DEFAULT_MAXFD (100), or fd_hard_limit is explicitly + * provided in config. + */ remain = global.fd_hard_limit; + } /* subtract listeners and checks */ remain -= global.maxsock; -- 1.7.10.4