Enabling pprof#524
Draft
WendelHime wants to merge 7 commits into
Draft
Conversation
Radiance is compiled into the host app via gomobile, so there's no
process to attach a profiler to and no on-device profiling hook. Add a
loopback pprof/HTTP server gated behind RADIANCE_PPROF_ADDR — off by
default (nothing registered, no port opened) so it ships safely in
release builds. Set it to e.g. localhost:6060 to capture CPU/heap
profiles of the running client, notably the broflake / Unbounded WebRTC
relay whose cost is otherwise invisible:
RADIANCE_PPROF_ADDR=localhost:6060 <app>
go tool pprof http://localhost:6060/debug/pprof/profile?seconds=30
Bound to loopback only and served from a dedicated mux (not
DefaultServeMux) so the debug handlers can't leak off-device or onto
another server in the process.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Hard-refuse any RADIANCE_PPROF_ADDR that isn't loopback (empty host, 0.0.0.0, or a public IP) instead of trusting the caller. pprof exposes goroutine stacks and can be driven to burn CPU, so it must never bind off-device. - Register the server's Close in shutdownFuncs so a Start/Close cycle (re-init, tests, in-process clients) frees the port and stops the goroutine. Previously it leaked and the next Start would hit "address already in use". Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add an env.Pprof key and have startDebugServer read the address through the radiance env package instead of os.Getenv directly. env.Get already honours an OS env var, a .env file in the working dir, and runtime env.Set (incl. the IPC SetEnv path) — the latter two are what let the profiler be enabled on sandboxed macOS/iOS system extensions, which don't inherit the launching shell's environment. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add telemetry/procmetrics, started from the sing-box tunnel process so the metrics describe the process that actually runs the proxy. On macOS/iOS that is the network-extension process, not the control process. RSS (via gopsutil) is the only signal that captures the WATER WASM outbound's linear memory, which wazero maps off the Go heap and so never appears in runtime.MemStats. Also emits process.cpu.time (user/system) and process.runtime.go.* (heap, goroutines, GC). Metrics flow through the existing OpenTelemetry meter provider and stay inert until telemetry is configured. Per-outbound throughput is already covered by the downlink_bytes/uplink_bytes metrics in connections.go. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.