Closed cha0sCat closed 4 months ago
PR sent #31
I'm very new to C so please bear with me if the code looks bad :P
Hey @cha0sCat,
Thanks for debugging this and the detailed explanation.
Please give me some time to review your PR.
@cha0sCat, I am not able to reproduce this. I use both IPv4 and IPv6, running the program for hours but the IPv4 never starts with anything but SrcIP:::ffff:x.x.x.x
.
For C, reading from uninitialized var is an undefined behaviour, so the behaviour might be various on different OS and compilers. (https://www.learncpp.com/cpp-tutorial/uninitialized-variables-and-undefined-behavior/)
For running I use Linux HOSTNAMEHERE 6.5.11-4-pve #1 SMP PREEMPT_DYNAMIC PMX 6.5.11-4 (2023-11-20T10:19Z) x86_64 x86_64 x86_64 GNU/Linux
with ubuntu 20.04
Some additional context:
CGO=0
and -static
). For the full compile step, please check the workflow file: https://github.com/cha0sCat/flat/actions/runs/8887259908/workflowNice explanation.
I have a workaround for this and think it is a good time for you and I to test this together.
I will make some changes to the code, create a static release and then let you know. Really interested to see how much of a difference it makes.
@cha0sCat so, I added a static release here:
https://github.com/pouriyajamshidi/flat/releases/download/v0.2.0/flat
It is based on a change here:
Please give it a shot and let me know if it solves it.
No, the issue still exists; I'm using the exact same VM as the first time.
Also, I want to correct my previous report. This issue happens not a few seconds after running but almost less than one second.
ah, that is a shame. I was hoping that the NULL
assignment would fix it.
I understand that your PR fixes it but I was hoping to fix it more fundamentally (ensuring other packet_t
fields are not affected as well) since we have a good test case here.
Could you please also give the latest release one more shot? The link:
https://github.com/pouriyajamshidi/flat/releases/tag/v0.2.1
The change:
Once again, thanks for the elaborate testing and level of details!
Works great this time. It's a pleasure to cooperate with you. The tool is also impressive: lightweight, good for latency spiking diagnostic, super feat our use cases
WOW! you got some traffic on that machine :D
Thanks a lot for your report, debugging and suggestions mate. Was very fun!
Btw, if you want, you can modify your PR to include the changes in the branch that fixed this for you. It might sounds a bit silly but since you did a lot of work on this, I think it'd be nice to have your name as a contributor of this project.
Yes, I've cherrypicked your commit and cleaned up mine.
I also noticed that the portable version already has a code for initialize: https://github.com/pouriyajamshidi/flat/blob/8dfba7e197e4474c8c61f6c7f8439686f094b09d/bpf/flat_portable.c#L142
Maybe we can make them same? but not sure memset
and = {0}
which performance better
The portable version uses the perfevent
instead of ringbuf
since ringbuf
is not available on older Linux versions.
On the "non-portable" version we cannot zero-initialize pkt
since ringbuf
would not accept it :S
😂 cool
fixed in #31
When using the original code, after the program outputs about 150 lines of connection logs at the beginning, there is no more output.
So, I add some logs to it https://github.com/cha0sCat/flat/blob/a0010830e35163d96aa2106a12003ae67538b656/internal/probe/probe.go#L233 https://github.com/cha0sCat/flat/blob/a0010830e35163d96aa2106a12003ae67538b656/internal/probe/probe.go#L242
Then I found that the IP prefix becomes random after a few seconds of the program running. (This is an ipv4 connection actually)
please notice that we can still find the actual ipv4 address in the raw packet:
comparing to normal packets:
So it turns out there are no more logs because these packets have unique random IP so they can't match with others.
The root cause is that in6_addr is not initialized before use, so it may be a random value