search

Codesire-Deng / co_context

A coroutine framework aimed at high-concurrency io with reasonable latency, based on io_uring.
Apache License 2.0
527 stars 46 forks source link

[bug] Segmentation fault happened when it loops #108

Open Tianpingan opened 7 months ago

Tianpingan commented 7 months ago 
#include <iostream>
#include "co_context/io_context.hpp"
co_context::task<int> func() { co_return 6; }
int main() {
    co_context::io_context ctx;
    ctx.co_spawn([]() -> co_context::task<> {
        while (true) {
            auto x = co_await func();
            std::cout << x << std::endl;
        }
    }());
    ctx.start();
    ctx.join();
}

在这种情况下,会发生segmentation fault.

The report of valgrind

==146874== ==146874== Process terminating with default action of signal 11 (SIGSEGV) ==146874== Bad permissions for mapped region at address 0x5474FF8 ==146874== at 0x4EE8D40: fwrite (iofwrite.c:31) ==146874== ==146874== HEAP SUMMARY: ==146874== in use at exit: 75,160 bytes in 5 blocks ==146874== total heap usage: 65,501 allocs, 65,496 frees, 3,742,936 bytes allocated ==146874== ==146874== 304 bytes in 1 blocks are possibly lost in loss record 3 of 5 ==146874== at 0x4848A13: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==146874== by 0x4012CE9: calloc (rtld-malloc.h:44) ==146874== by 0x4012CE9: allocate_dtv (dl-tls.c:375) ==146874== by 0x4012CE9: _dl_allocate_tls (dl-tls.c:634) ==146874== by 0x4EFF259: allocate_stack (allocatestack.c:423) ==146874== by 0x4EFF259: pthread_create@@GLIBC_2.34 (pthread_create.c:652) ==146874== by 0x4CE9438: std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete >, void (*)()) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.32) ==146874== by 0x10DC82: co_context::io_context::start() (in /home/tpa/Heimerdinger-Lab/Karma/build/benchmark/benchmark) ==146874== by 0x10B605: main (in /home/tpa/Heimerdinger-Lab/Karma/build/benchmark/benchmark) ==146874== ==146874== LEAK SUMMARY: ==146874== definitely lost: 0 bytes in 0 blocks ==146874== indirectly lost: 0 bytes in 0 blocks ==146874== possibly lost: 304 bytes in 1 blocks ==146874== still reachable: 74,856 bytes in 4 blocks ==146874== suppressed: 0 bytes in 0 blocks ==146874== Reachable blocks (those to which a pointer was found) are not shown. ==146874== To see them, rerun with: --leak-check=full --show-leak-kinds=all ==146874== ==146874== For lists of detected and suppressed errors, rerun with: -s ==146874== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) [1] 146874 segmentation fault (core dumped) valgrind --leak-check=yes ./benchmark

Codesire-Deng commented 6 months ago

原因估计是 gcc 在某些情况下没有使用 indirect tailcall 来实现对称转移,导致的栈溢出。可以参考 Bug 100897 - Symmetric transfer does not prevent stack-overflow for C++20 coroutines

如果一段时间内我找不到 gcc 的解决办法,也可以通过修改 task 的对称转移来缓解栈溢出问题。