Segmentation fault HAP 2.2.3

We recently upgraded to haproxy 2.2.3 from 2.0 and stared getting segmentation faults when we specify backend server with proto h2.

backend server-group
     mode http
     option httpchk
     http-check send meth GET uri /check/path ver HTTP/1.1 hdr Host some.header
     http-check expect status 200
     server server1 x.x.x.x:xx check port xxx maxconn 100 enabled maxqueue 1 proto h2
     errorfile 503 /path/busy.http

When we create the backend with above confing, the below error shows up in the logs and the haproxy process just stops.

Oct 30 07:51:03 hapservername[19668419.437037] haproxy[pid]: segfault at 6 ip 000055ad97b1d07d sp 00007fa4677db8d0 error 4 in haproxy[55ad97a3c000+243000]

We can fix this by changing the proto to alpn.

Below is the output of haproxy -vv

root@hapserver:~# haproxy -vv
HA-Proxy version 2.2.3-0e58a34 2020/09/08 -
Status: long-term supported branch - will stop receiving fixes around Q2 2025.
Known bugs:
Running on: Linux 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 x86_64
Build options :
  TARGET  = linux-glibc
  CPU     = generic
  CC      = gcc
  CFLAGS  = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-stringop-overflow -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference


Default settings :
  bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with multi-threading support (MAX_THREADS=64, default=16).
Built with OpenSSL version : OpenSSL 1.1.0g  2 Nov 2017
Running on OpenSSL version : OpenSSL 1.1.0g  2 Nov 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
Built with network namespace support.
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with PCRE version : 8.39 2016-06-14
Running on PCRE version : 8.39 2016-06-14
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Encrypted password support via crypt(3): yes
Built with gcc compiler version 7.3.0
Built with the Prometheus exporter as a service

Available polling systems :
      epoll : pref=300,  test result OK
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
            fcgi : mode=HTTP       side=BE        mux=FCGI
       <default> : mode=HTTP       side=FE|BE     mux=H1
              h2 : mode=HTTP       side=FE|BE     mux=H2
       <default> : mode=TCP        side=FE|BE     mux=PASS

Available services :

Available filters :
	[SPOE] spoe
	[COMP] compression
	[TRACE] trace
	[CACHE] cache
	[FCGI] fcgi-app

Can this be a possible bug?

Would you need core dump to trace this? or whatever info given in the post should be good enough?

Upgrade to 2.2.4 and if it still happens, please file a bug at github: