吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 729|回复: 0
收起左侧

[求助] 小白求助:网络连接套接字问题

[复制链接]
zzzznl 发表于 2024-5-21 02:43
本帖最后由 zzzznl 于 2024-5-21 02:48 编辑

系统版本:Linux version 3.10.0-1160.53.1.el7.x86_64(mockbuild@kbuilder.bsys.centos.org) (gcc version 4.8.5 20150623 (Red Hat4.8.5-44) (GCC) );
运行软件:lgateway,大致算协议转换类,GCC编译;
现象:向两个IP的连接用了同一个套接字句柄,即socket(2,1,0)返回值;
2024-05-21_004515.png
10:49:36~10 :49:42之间未发现其他socketfd4相关日志
关闭套接字
2024-05-21_022455.png
问题:出现以上现象的原因、后果,及我认识中不对的地方;
两个连接同一套接字是否会由后建立的信息覆盖先建立的socket文件,导致前一连接要读写的内容,读写到后一连接中。例如我要在master1中写保持寄存器,实际会写到master17中。这种写入会立刻发生还是有什么触发条件;
或者在我没看到的地方加个ID,能使同一套接字管理IP不同的两个连接;
实际上,未发现这两个连接的其他日志,将近20分钟之后,应该写到master1的数,确实写到了master17里,这又是什么原理(为啥不是立即);
这种多线程连接的,(socket文件)是否会加锁,是否需要加锁;
我在Linux和网络方面都是小白,感觉自己基础太薄弱,大佬有合适的,原理讲的比较清楚的资料也请推荐下;
说明:软件是多线程的,个人理解每一个连接用一个线程对于ModbusTCP相关内容,sockaddr结构体地址的TCP连接建立成功(connect()返回值大于等于0)会出:[INFO]ModbusTCP Master%d: socketfd%d;
关闭套接字(close())前会出:[WARNING]ModbusTCP Master%d:socketfd%d,close!
套接字描述/句柄(socketfd后面的%d)为int socket(2,1,0)返回值;
Send err. Break!为CIP协议相关报警,因为CIP协议的其他日志需要debug版本记录,正常运行时就这一条日志。根据下一条文件错误,虽然没证据,但我理解是socketfd5的资源释放了,也就是之前就有CIP连接和master17共用socket文件;
硬件资源应该不紧张,I5-2400 CPU,就运行这一个应用程序,平时利用率不到1%,内存Memory: 3542912k/4708352k available (7796k kernel code, 624380kabsent, 541060k reserved, 5947k data, 1980k init);
伪代码(IDA):
[C++] 纯文本查看 复制代码
void __cdecl __noreturn modbus_tcp_master(char *a1)
{
  pthread_t v1; // eax
  int v2; // edx
  int v3; // eax
  int v4; // edx
  int *v5; // eax
  char *v6; // esi
  int *v7; // eax
  int v8; // [esp+0h] [ebp-C88h] BYREF
  int v9; // [esp+4h] [ebp-C84h]
  int v10; // [esp+8h] [ebp-C80h]
  int v11; // [esp+Ch] [ebp-C7Ch]
  char s[1032]; // [esp+18h] [ebp-C70h] BYREF
  int v13; // [esp+420h] [ebp-868h] BYREF
  char v14[4]; // [esp+424h] [ebp-864h]
  int v15; // [esp+428h] [ebp-860h]
  int v16; // [esp+42Ch] [ebp-85Ch]
  int fd[2]; // [esp+C30h] [ebp-58h] BYREF
  __int16 v18; // [esp+C3Ah] [ebp-4Eh]
  unsigned __int16 v19; // [esp+C3Ch] [ebp-4Ch]
  unsigned __int16 v20; // [esp+C3Eh] [ebp-4Ah]
  int v21; // [esp+C40h] [ebp-48h]
  int v22; // [esp+C44h] [ebp-44h]
  char v23; // [esp+C4Bh] [ebp-3Dh]
  int v24; // [esp+C4Ch] [ebp-3Ch]
  int v25; // [esp+C50h] [ebp-38h]
  __int16 v26; // [esp+C56h] [ebp-32h]
  unsigned __int8 v27; // [esp+C59h] [ebp-2Fh]
  unsigned __int8 v28; // [esp+C5Ah] [ebp-2Eh]
  char v29; // [esp+C5Bh] [ebp-2Dh]
  int v30; // [esp+C5Ch] [ebp-2Ch]
  int v31; // [esp+C60h] [ebp-28h]
  int v32; // [esp+C64h] [ebp-24h]
  bool v33; // [esp+C6Ah] [ebp-1Eh]
  char v34; // [esp+C6Bh] [ebp-1Dh]
  int v35; // [esp+C6Ch] [ebp-1Ch]

  v1 = pthread_self();
  pthread_detach(v1);
  v25 = (int)a1;
  v35 = 0;
  log_message(DebugMBTCP, 6, "ModbusTCP_master%d", a1 + 1);
  if ( (int)a1 < 0 || v25 > 99 )
  {
    log_message(DebugMBTCP, 3, "ModbusTCP_master%d:ModbusTCPNO err!pthread_exit.", v25 + 1);
    pthread_exit(0);
  }
  v24 = 0;
  v34 = 0;
  v33 = 1;
  v33 = byte_82D2998[22316 * v25 + 3] != 0;
  v23 = byte_82D2998[22316 * v25 + 2];
LABEL_161:
  if ( !running )
  {
    byte_82D2998[22316 * v25 + 1] = 0;
    log_message(1, 4, "ModbusTCP Master%d:pthread_exit!", v25 + 1);
    *((_BYTE *)&unk_82D2898 + 22316 * v25) = 0;
    g_inputreg[(v25 >> 4) + 8] &= ~(unsigned __int16)(1 << (v25 & 0xF));
    g_inputreg[(v25 >> 4) + 28] &= ~(unsigned __int16)(1 << (v25 & 0xF));
    IEC104DeviceStatus(CS101_COT_SPONTANEOUS, ca, *((_DWORD *)&unk_82D2894 + 5579 * v25) | 0x10000, 0, 0);
    pthread_exit(0);
  }
  *((_BYTE *)&unk_82D2898 + 22316 * v25) = 0;
  g_inputreg[(v25 >> 4) + 8] &= ~(unsigned __int16)(1 << (v25 & 0xF));
  g_inputreg[(v25 >> 4) + 28] &= ~(1 << (v25 & 0xF));
  while ( running )
  {
    if ( byte_82D2998[22316 * v25 + 3] && v33 )
    {
      if ( byte_82D2998[22316 * v25 + 19] )
        v33 = 0;
      MBTCPClientInit((int)fd);
      MBTCPSetTimeout(fd[0], 3);
      log_message(
        DebugMBTCP,
        7,
        "ModbusTCP Master%d: trying to connect slave IP1 to %s.",
        v25 + 1,
        (const char *)(22316 * v25 + 137177499));
      if ( TCPClientConnect(fd[0], (char *)(22316 * v25 + 137177499), 0x1F6u) >= 0 )
        break;
      log_message(DebugMBTCP, 7, "ModbusTCP Master%d: connect err.", v25 + 1);
      log_message(DebugMBTCP, 7, "ModbusTCP Master%d:socketfd=%d,close.", v25 + 1, fd[0]);
      close(fd[0]);
    }
    if ( byte_82D2998[22316 * v25 + 19] && !v33 )
    {
      v33 = byte_82D2998[22316 * v25 + 3] != 0;
      MBTCPClientInit((int)fd);
      MBTCPSetTimeout(fd[0], 3);
      log_message(
        DebugMBTCP,
        7,
        "ModbusTCP Master%d: trying to connect slave IP2 to %s.\n",
        v25 + 1,
        (const char *)(22316 * v25 + 137177515));
      if ( TCPClientConnect(fd[0], (char *)(22316 * v25 + 137177515), 502u) >= 0 )
        break;
      log_message(DebugMBTCP, 7, "ModbusTCP Master%d: connect err.", v25 + 1);
      log_message(DebugMBTCP, 7, "ModbusTCP Master%d:socketfd=%d,close.", v25 + 1, fd[0]);
      close(fd[0]);
    }
    usleep(3000000u);
  }
  *((_DWORD *)&unk_82D2890 + 5579 * v25) = fd[0];
  log_message(1, 6, "ModbusTCP Master%d: socketfd%d", v25 + 1, fd[0]);
  v22 = 0;
  v32 = 0;
  v31 = 0;
  v30 = 0;
  v34 = 0;
  while ( 1 )
  {
    do
    {
      while ( 1 )
      {
        if ( !running )
          goto LABEL_160;
        if ( !v35 )
        {
          memset((void *)(22316 * v25 + 137177241), 0, 0xFFu);
          v31 = 1;
          v30 = 0;
        }
        while ( v35 <= 499 )
        {
          v29 = 0;
          if ( byte_82D2998[22316 * v25 + 36 + 44 * v35] )
          {
            if ( byte_82D2998[22316 * v25 + 37 + 44 * v35] )
            {
              if ( byte_82D2998[22316 * v25 + 37 + 44 * v35] == 1
                && g_reg[*(_DWORD *)&byte_82D2998[22316 * v25 + 56 + 44 * v35]] )
              {
                v29 = 1;
              }
              else if ( byte_82D2998[22316 * v25 + 37 + 44 * v35] == 2
                     && GETDiscretes(*(_DWORD *)&byte_82D2998[22316 * v25 + 56 + 44 * v35]) )
              {
                v29 = 1;
              }
            }
            else
            {
              v29 = 1;
            }
          }
          if ( v29 )
            break;
          ++v35;
        }
        if ( v35 <= 499 )
          break;
        if ( v30 )
        {
          *((_BYTE *)&unk_82D2898 + 22316 * v25) = 1;
        }
        else if ( v34 > v23 )
        {
          *((_BYTE *)&unk_82D2898 + 22316 * v25) = 0;
        }
        v24 = (1 << (v25 & 0xF)) & (unsigned __int16)g_inputreg[(v25 >> 4) + 28];
        if ( *((_BYTE *)&unk_82D2898 + 22316 * v25) )
          v2 = (unsigned __int16)g_inputreg[(v25 >> 4) + 28] | (1 << (v25 & 0xF));
        else
          v2 = (unsigned __int16)g_inputreg[(v25 >> 4) + 28] & ~(1 << (v25 & 0xF));
        g_inputreg[(v25 >> 4) + 28] = v2;
        v3 = (v25 >> 4) + 8;
        if ( v31 )
          v4 = (unsigned __int16)g_inputreg[v3] | (1 << (v25 & 0xF));
        else
          v4 = (unsigned __int16)g_inputreg[v3] & ~(1 << (v25 & 0xF));
        g_inputreg[v3] = v4;
        if ( v24 && !*((_BYTE *)&unk_82D2898 + 22316 * v25) || !v24 && *((_BYTE *)&unk_82D2898 + 22316 * v25) )
        {
          if ( *((_DWORD *)&unk_82D2894 + 5579 * v25) )
            IEC104DeviceStatus(
              CS101_COT_SPONTANEOUS,
              ca,
              *((_DWORD *)&unk_82D2894 + 5579 * v25) | 0x10000,
              *((_BYTE *)&unk_82D2898 + 22316 * v25) != 0,
              0);
        }
        if ( v34 > v23 )
        {
          log_message(1, 4, "modbus_tcp_master%d: cmdi=0,MBerr>%d,break!", v25 + 1, v23);
          goto LABEL_160;
        }
        v35 = 0;
      }
      usleep(1000 * *((_DWORD *)&unk_82D2888 + 5579 * v25));
      v21 = (unsigned __int8)byte_82D2998[22316 * v25 + 38 + 44 * v35];
      v20 = *(_DWORD *)&byte_82D2998[22316 * v25 + 44 + 44 * v35];
      v19 = *(_DWORD *)&byte_82D2998[22316 * v25 + 52 + 44 * v35];
      v18 = *(_DWORD *)&byte_82D2998[22316 * v25 + 48 + 44 * v35];
      v28 = 0;
      v27 = 0;
      v26 = 0;
      fd[1] = 0;
    }
    while ( *(_BYTE *)(22316 * v25 + v21 + 137177241) == 1 );
    memset(s, 0, sizeof(s));
    switch ( byte_82D2998[22316 * v25 + 39 + 44 * v35] )
    {
      case 1:
        v28 = v19 >> 3;
        if ( (v19 & 7) != 0 )
          ++v28;
        v27 = v28 >> 1;
        if ( (v28 & 1) != 0 )
          ++v27;
        if ( v20 + v27 > 15000 )
          goto LABEL_135;
        ((void (__stdcall *)(int *))MBTCPReadCoils2)(&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( !v15 && *(int *)v14 > 0 )
          goto LABEL_85;
        v31 = 0;
        if ( v34 <= v23 )
          ++v34;
        goto LABEL_145;
      case 2:
        v28 = v19 >> 3;
        if ( (v19 & 7) != 0 )
          ++v28;
        v27 = v28 >> 1;
        if ( (v28 & 1) != 0 )
          ++v27;
        if ( v20 + v27 > 15000 )
          goto LABEL_135;
        MBTCPReadDecreteInputs2((int)&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( v15 || *(int *)v14 <= 0 )
        {
          v31 = 0;
          if ( v34 <= v23 )
            ++v34;
        }
        else
        {
LABEL_85:
          v34 = 0;
          v30 = 1;
          swapreg((int)s, v27, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
          memcpy(&g_reg[v20], s, 2 * v27);
        }
        goto LABEL_145;
      case 3:
        if ( v20 + v19 > 15000 )
          goto LABEL_135;
        ((void (__stdcall *)(int *))MBTCPReadHoldingRegisters2)(&v13);
        if ( v15 == -9 )
        {
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
          log_message(DebugMBTCP, 7, "MB_ERROR_TIMEOUT");
        }
        if ( !v15 && *(int *)v14 > 0 )
          goto LABEL_64;
        v31 = 0;
        if ( v34 <= v23 )
          ++v34;
        goto LABEL_145;
      case 4:
        if ( v20 + v19 > 15000 )
          goto LABEL_135;
        MBTCPReadInputRegisters2((int)&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( v15 || *(int *)v14 <= 0 )
        {
          v31 = 0;
          if ( v34 <= v23 )
            ++v34;
        }
        else
        {
LABEL_64:
          v34 = 0;
          v30 = 1;
          swapreg((int)s, v19, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
          memcpy(&g_reg[v20], s, 2 * v19);
        }
        goto LABEL_145;
      case 5:
        if ( v20 + 1 > 15000 )
          goto LABEL_135;
        memcpy(s, (const void *)(2 * v20 + 139408832), 2u);
        swapreg((int)s, 1, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
        if ( (s[0] & 1) != 0 )
          v26 = -256;
        MBTCPWriteSingleCoil2((int)&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( v15 || *(int *)v14 <= 0 )
        {
          v31 = 0;
          if ( v34 <= v23 )
            ++v34;
        }
        else
        {
          v34 = 0;
          v30 = 1;
        }
        goto LABEL_145;
      case 6:
        if ( v20 + 1 > 15000 )
          goto LABEL_135;
        memcpy(s, (const void *)(2 * v20 + 139408832), 2u);
        swapreg((int)s, 1, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
        MBTCPWriteSingleRegister2((int)&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( v15 || *(int *)v14 <= 0 )
        {
          v31 = 0;
          if ( v34 <= v23 )
            ++v34;
        }
        else
        {
          v34 = 0;
          v30 = 1;
        }
        goto LABEL_145;
      case 0xF:
        v28 = v19 >> 3;
        if ( (v19 & 7) != 0 )
          ++v28;
        v27 = v28 >> 1;
        if ( (v28 & 1) != 0 )
          ++v27;
        if ( v20 + v27 > 15000 )
          goto LABEL_135;
        memcpy(s, (const void *)(2 * v20 + 139408832), v28);
        swapreg((int)s, v27, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
        MBTCPWriteMultipleCoils2((int)&v8);
        v13 = v8;
        *(_DWORD *)v14 = v9;
        v15 = v10;
        v16 = v11;
        if ( v10 == -9 )
          *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
        if ( v15 || *(int *)v14 <= 0 )
        {
          v31 = 0;
          if ( v34 <= v23 )
            ++v34;
        }
        else
        {
          v34 = 0;
          v30 = 1;
        }
        goto LABEL_145;
      case 0x10:
        if ( v20 + v19 > 15000 )
        {
LABEL_135:
          log_message(DebugMBTCP, 7, "ModbusTCP Master%d:cmd reg err!", v25 + 1);
          ++v35;
        }
        else
        {
          memcpy(s, (const void *)(2 * v20 + 139408832), 2 * v19);
          swapreg((int)s, v19, (unsigned __int8)byte_82D2998[22316 * v25 + 40 + 44 * v35]);
          MBTCPWriteMultipleRegisters2((int)&v8);
          v13 = v8;
          *(_DWORD *)v14 = v9;
          v15 = v10;
          v16 = v11;
          if ( v10 == -9 )
            *(_BYTE *)(22316 * v25 + v21 + 137177241) = 1;
          if ( v15 || *(int *)v14 <= 0 )
          {
            v31 = 0;
            if ( v34 <= v23 )
              ++v34;
          }
          else
          {
            v34 = 0;
            v30 = 1;
          }
LABEL_145:
          ++v35;
          if ( v15 )
            log_message(DebugMBTCP, 7, "ret.adu_len = %d ,MB_OK = %d", *(_DWORD *)v14, v15);
          if ( v34 > v23 )
          {
            log_message(1, 4, "modbus_tcp_master%d: MBerr>%d,break!", v25 + 1, v23);
            goto LABEL_160;
          }
          if ( *(int *)v14 <= 0 )
          {
            if ( *(int *)v14 >= 0 || *__errno_location() != 11 && *__errno_location() != 11 && *__errno_location() != 4 )
            {
              v5 = __errno_location();
              v6 = strerror(*v5);
              v7 = __errno_location();
              log_message(
                1,
                4,
                "modbus_tcp_master%d:sendlen=%d,recvlen=%d,errno=%d:%s! break!",
                v25 + 1,
                v13,
                *(_DWORD *)v14,
                *v7,
                v6);
LABEL_160:
              log_message(1, 4, "ModbusTCP Master%d:socketfd%d,close!", v25 + 1, fd[0]);
              close(fd[0]);
              *((_BYTE *)&unk_82D2898 + 22316 * v25) = 0;
              *((_DWORD *)&unk_82D2890 + 5579 * v25) = 0;
              g_inputreg[(v25 >> 4) + 8] &= ~(unsigned __int16)(1 << (v25 & 0xF));
              g_inputreg[(v25 >> 4) + 28] &= ~(unsigned __int16)(1 << (v25 & 0xF));
              IEC104DeviceStatus(CS101_COT_SPONTANEOUS, ca, *((_DWORD *)&unk_82D2894 + 5579 * v25) | 0x10000, 0, 0);
              goto LABEL_161;
            }
            log_message(DebugMBTCP, 7, "modbus_tcp_master%d: try!", v25 + 1);
            if ( v23 <= ++v32 )
            {
              log_message(1, 4, "modbus_tcp_master%d: tryn,break!", v25 + 1);
              goto LABEL_160;
            }
          }
          else
          {
            v32 = 0;
          }
        }
        break;
      default:
        goto LABEL_145;
    }
  }
}
软件开发人员说socket是系统分配的,不可能重,但这个就这么发生了,感觉念头不太通达了

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-12-12 22:38

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表