[usm] fix the script generating the gotls/lookup/luts.go file #37629
Conversation
andreimatei
added
qa/done
|
|
andreimatei
added
ask-review
Regression DetectorRegression Detector ResultsMetrics dashboard Baseline: 405dcb1 Optimization Goals: ✅ No significant changes detected
|
| perf | experiment | goal | Δ mean % | Δ mean % CI | trials | links |
|---|---|---|---|---|---|---|
| ➖ | quality_gate_logs | % cpu utilization | +2.02 | [-0.80, +4.84] | 1 | Logs bounds checks dashboard |
| ➖ | quality_gate_idle_all_features | memory utilization | +1.18 | [+1.04, +1.32] | 1 | Logs bounds checks dashboard |
| ➖ | otlp_ingest_logs | memory utilization | +0.53 | [+0.41, +0.66] | 1 | Logs |
| ➖ | uds_dogstatsd_20mb_12k_contexts_20_senders | memory utilization | +0.24 | [+0.19, +0.29] | 1 | Logs |
| ➖ | file_to_blackhole_300ms_latency | egress throughput | +0.08 | [-0.59, +0.75] | 1 | Logs |
| ➖ | file_to_blackhole_100ms_latency | egress throughput | +0.04 | [-0.59, +0.66] | 1 | Logs |
| ➖ | file_to_blackhole_500ms_latency | egress throughput | +0.00 | [-0.52, +0.53] | 1 | Logs |
| ➖ | tcp_dd_logs_filter_exclude | ingress throughput | +0.00 | [-0.02, +0.02] | 1 | Logs |
| ➖ | uds_dogstatsd_to_api | ingress throughput | -0.01 | [-0.28, +0.27] | 1 | Logs |
| ➖ | file_to_blackhole_1000ms_latency | egress throughput | -0.07 | [-0.70, +0.56] | 1 | Logs |
| ➖ | file_to_blackhole_0ms_latency | egress throughput | -0.08 | [-0.71, +0.55] | 1 | Logs |
| ➖ | uds_dogstatsd_to_api_cpu | % cpu utilization | -0.09 | [-0.97, +0.79] | 1 | Logs |
| ➖ | file_to_blackhole_0ms_latency_http1 | egress throughput | -0.09 | [-0.70, +0.51] | 1 | Logs |
| ➖ | file_to_blackhole_1000ms_latency_linear_load | egress throughput | -0.11 | [-0.35, +0.13] | 1 | Logs |
| ➖ | file_to_blackhole_0ms_latency_http2 | egress throughput | -0.14 | [-0.74, +0.46] | 1 | Logs |
| ➖ | ddot_metrics | memory utilization | -0.32 | [-0.44, -0.21] | 1 | Logs |
| ➖ | tcp_syslog_to_blackhole | ingress throughput | -0.34 | [-0.40, -0.28] | 1 | Logs |
| ➖ | ddot_logs | memory utilization | -0.45 | [-0.59, -0.31] | 1 | Logs |
| ➖ | otlp_ingest_metrics | memory utilization | -0.52 | [-0.67, -0.36] | 1 | Logs |
| ➖ | docker_containers_cpu | % cpu utilization | -0.58 | [-3.65, +2.49] | 1 | Logs |
| ➖ | quality_gate_idle | memory utilization | -0.70 | [-0.76, -0.63] | 1 | Logs bounds checks dashboard |
| ➖ | docker_containers_memory | memory utilization | -0.89 | [-0.96, -0.83] | 1 | Logs |
| ➖ | file_tree | memory utilization | -2.40 | [-2.60, -2.20] | 1 | Logs |
Bounds Checks: ❌ Failed
| perf | experiment | bounds_check_name | replicates_passed | links |
|---|---|---|---|---|
| ❌ | docker_containers_memory | memory_usage | 0/10 | |
| ❌ | quality_gate_logs | memory_usage | 9/10 | bounds checks dashboard |
| ✅ | docker_containers_cpu | simple_check_run | 10/10 | |
| ✅ | docker_containers_memory | simple_check_run | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency_http1 | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency_http1 | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency_http2 | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency_http2 | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_1000ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_1000ms_latency_linear_load | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_100ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_100ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_300ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_300ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_500ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_500ms_latency | memory_usage | 10/10 | |
| ✅ | quality_gate_idle | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle | memory_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle_all_features | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle_all_features | memory_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_logs | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_logs | lost_bytes | 10/10 | bounds checks dashboard |
Explanation
Confidence level: 90.00%
Effect size tolerance: |Δ mean %| ≥ 5.00%
Performance changes are noted in the perf column of each table:
- ✅ = significantly better comparison variant performance
- ❌ = significantly worse comparison variant performance
- ➖ = no significant change in performance
A regression test is an A/B test of target performance in a repeatable rig, where "performance" is measured as "comparison variant minus baseline variant" for an optimization goal (e.g., ingress throughput). Due to intrinsic variability in measuring that goal, we can only estimate its mean value for each experiment; we report uncertainty in that value as a 90.00% confidence interval denoted "Δ mean % CI".
For each experiment, we decide whether a change in performance is a "regression" -- a change worth investigating further -- if all of the following criteria are true:
-
Its estimated |Δ mean %| ≥ 5.00%, indicating the change is big enough to merit a closer look.
-
Its 90.00% confidence interval "Δ mean % CI" does not contain zero, indicating that if our statistical model is accurate, there is at least a 90.00% chance there is a difference in performance between baseline and comparison variants.
-
Its configuration does not mark it "erratic".
CI Pass/Fail Decision
❌ Failed. Some Quality Gates were violated.
- quality_gate_logs, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_logs, bounds check lost_bytes: 10/10 replicas passed. Gate passed.
- quality_gate_logs, bounds check memory_usage: 9/10 replicas passed. Failed 1 which is > 0. Gate FAILED.
- quality_gate_idle_all_features, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_idle_all_features, bounds check memory_usage: 10/10 replicas passed. Gate passed.
- quality_gate_idle, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_idle, bounds check memory_usage: 10/10 replicas passed. Gate passed.
Static quality checks✅ Please find below the results from static quality gates Successful checksInfo
|
We did run it. Go 1.24 was released on February 11th, while |
pkg/network/go/lutgen/run.go
Outdated
| // Pin the golang.org/x/net module to an old version. Newer versions cannot | ||
| // be processed by Go <= 1.16 because the go.mod in x/net has the wrong | ||
| // format. Newer versions of the package have a go.mod file that can't be | ||
| // parsed by Go <= 1.16. | ||
| getCmd := exec.CommandContext(ctx, "go", "get", "golang.org/x/net@v0.35.0") | ||
| getCmd.Env = cmd.Env | ||
| getCmd.Dir = cmd.Dir | ||
| getCmd.Path = cmd.Path | ||
| output, err := getCmd.CombinedOutput() | ||
| if err != nil { | ||
| return fmt.Errorf("error executing 'go get': %s\n%s", err, output) | ||
| } |
There was a problem hiding this comment.
That's a problematic change. You assume that v0.35 will represent all future versions, while we can still have changes.
If the issue happens only with go1.16 and below, then the fix should take into account and pin the version only when we run the script for go1.16 and below
There was a problem hiding this comment.
I've considered doing that, but this all leads to a deeper question -- which version of the library do we care about? Why would would we particularly care about the latest (and only the latest)? Then, caring about different library versions for different compiler versions seems confusing -- although you can argue that it makes some sense since new versions of the lib don't work with old compilers... I'm in the live debugger team, and so the real answer is perhaps that we should actually look at the particular binary and dynamically analyze its debug info :).
But also you can argue that dealing with the debug info for the x/net library at all is kinda silly -- the only thing we look at is the offset of an embedded field into a struct -- which seems likely to stay 0 for as long as that field exists. That's why I thought that the complexity of dealing with multiple versions is not really worth it. I guess using the latest version of the library tells us that the embedded field continues to exist, so there's some value in it...
Having written all this, if you think the complexity of changing the library version based on the compiler version is worth it, I'm happy to do it.
There was a problem hiding this comment.
I've made the script use different versions of the library based on the Go version, as you suggested.
github-actions
bot
added
medium review
A comment was referencing the wrong type name.
For development you might want to run a single Go version. The script already lets you specify a minimum version.
Before this patch, the generation of the gotls/lookup/luts.go file was failing: Go versions below 1.16 cannot parse the go.mod file of the x/net module at versions above 0.35 (released a few months ago). This patch pins the module at v0.35. We were arbitrarily using the latest x/net version (and thus using the debug info for the latest); now we're arbitrarily using a fixed version. Luckily, the debug info we need for x/net is stable -- we need the offset of an embedded field in a struct (*). In addition to failing on Go 1.16, the latest version of x/net was forcing the toolchain selection mechanism in go 1.21+ to select 1.23 -- so we were not actually using go 1.21 and 1.22. The next commit makes the script robust to this. The regenerated luts.go doesn't have any changes. FWIW, I think this shows that the debug info in that file is valid for Go 1.24; I'm not sure we ever ran the script for 1.24, since I think the release of x/net that broke it happened a little before 1.24.
The generator script for luts.go intends to use every Go compiler version. Until this patch, it was fragile because it allowed Go's toolchain selection mechanism to transparently use a newer toolchain version than the one the script was intended to use, subject to the requirements of the modules used by the test program. This could lead to the generated source containing debug info for the wrong compiler versions. In fact, this was happening until the previous commit. This patch makes the generation robust by forcing the intended toolchain versions.
|
A side-note -- the script does not work for Go 1.25rc, which switched to generating dwarf v5 and our library that processes location lists doesn't like that. We need to fix this for Live Debugger too. I've added a commit to the PR that lets you set a max go version so we can still run the script in the meantime. |
Before this patch, the generation of the
gotls/lookup/luts.gofile wasfailing: Go versions below 1.16 cannot parse the go.mod file of the
x/net module at versions above 0.35 (released a few months ago). This
patch pins the module at v0.35. We were arbitrarily using the latest
x/net version (and thus using the debug info for the latest); now we're
arbitrarily using a fixed version. Luckily, the debug info we need for
x/net is stable -- we need the offset of an embedded field in a struct.
The regenerated
luts.godoesn't have any changes. FWIW, I think this showsthat the debug info in that file is valid for Go 1.24; I'm not sure we
ever ran the script for 1.24, since I think the release of x/net that
broke it happened a little before 1.24.