工程运行过程中出现了一个 signal SIGSEGV, Segmentation fault.问题

peze commented 7 years ago

系统： Linux version 3.12.21-gentoo-r1 (gcc version 4.7.3 (Gentoo 4.7.3-r1 p1.4, pie-0.5.5) ) php: PHP 5.5.18-pl0-gentoo (cli) swoole: swoole-src-1.8.7-stable

下面是通过gdb解析core文件打出的日志：

0 swoole_set_object (object=, ptr=ptr@entry=0x0) at /data/pkg/swoole-src-1.8.7-stable/swoole.c:421

1 0x00007f09f4536112 in swoole_http_context_free (ctx=0x7f09f80ec7e0) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:1147

2 0x00007f09f4536709 in http_onClose (serv=0x1231720, info=0x7fff97a6f870) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:846

3 0x00007f09f4549c03 in swFactoryProcess_end (factory=0x1231b50, fd=)

at /data/pkg/swoole-src-1.8.7-stable/src/factory/FactoryProcess.c:294

4 0x00007f09f455a396 in swWorker_onTask (factory=factory@entry=0x1231b50, task=task@entry=0x7fff97a6f910)

at /data/pkg/swoole-src-1.8.7-stable/src/network/Worker.c:254

5 0x00007f09f455a629 in swWorker_onPipeReceive (reactor=, event=0x7fff97a71970)

at /data/pkg/swoole-src-1.8.7-stable/src/network/Worker.c:549

6 0x00007f09f454c23b in swReactorEpoll_wait (reactor=0x12648f0, timeo=)

at /data/pkg/swoole-src-1.8.7-stable/src/reactor/ReactorEpoll.c:258

7 0x00007f09f455b253 in swWorker_loop (factory=factory@entry=0x1231b50, worker_id=worker_id@entry=11)

at /data/pkg/swoole-src-1.8.7-stable/src/network/Worker.c:496

8 0x00007f09f4558605 in swManager_spawn_worker (factory=0x1231b50, worker_id=11) at /data/pkg/swoole-src-1.8.7-stable/src/network/Manager.c:679

9 0x00007f09f4558a3f in swManager_start (factory=factory@entry=0x1231b50) at /data/pkg/swoole-src-1.8.7-stable/src/network/Manager.c:143

10 0x00007f09f45490b2 in swFactoryProcess_start (factory=0x1231b50) at /data/pkg/swoole-src-1.8.7-stable/src/factory/FactoryProcess.c:86

11 0x00007f09f454faa9 in swServer_start (serv=serv@entry=0x1231720) at /data/pkg/swoole-src-1.8.7-stable/src/network/Server.c:645

12 0x00007f09f4532c4c in zim_swoole_http_server_start (this_ptr=0x7f09f82b9520, return_value=0x7f09f82b9580, ht=,

return_value_ptr=, return_value_used=) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:1379

13 zim_swoole_http_server_start (ht=, return_value=0x7f09f82b9580, return_value_ptr=, this_ptr=0x7f09f82b9520,

return_value_used=) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:1282

14 0x00000000007c7987 in ?? ()

15 0x0000000000787ac8 in execute_ex ()

16 0x000000000071a0d9 in zend_execute_scripts ()

17 0x00000000006b91bf in php_execute_script ()

18 0x00000000007caf19 in ?? ()

19 0x000000000046ca7f in main ()

(gdb) Operation timed out

还望能够解答。谢谢

peze commented 7 years ago

大概知道问题在哪儿了

(gdb) f

0 swoole_set_object (object=, ptr=ptr@entry=0x0) at /data/pkg/swoole-src-1.8.7-stable/swoole.c:421

421 swoole_objects.array[handle] = ptr; (gdb) info f Stack level 0, frame at 0x7fffcfca0880: rip = 0x7f568db2605a in swoole_set_object (/data/pkg/swoole-src-1.8.7-stable/swoole.c:421); saved rip = 0x7f568db3d112 called by frame at 0x7fffcfca0890 source language c. Arglist at 0x7fffcfca0838, args: object=, ptr=ptr@entry=0x0 Locals at 0x7fffcfca0838, Previous frame's sp is 0x7fffcfca0880 Saved registers: rbx at 0x7fffcfca0848, rbp at 0x7fffcfca0850, r12 at 0x7fffcfca0858, r13 at 0x7fffcfca0860, r14 at 0x7fffcfca0868, r15 at 0x7fffcfca0870, rip at 0x7fffcfca0878 (gdb) info locals handle = 2327694184

这里handle的值已经到23亿了

代码中这段大概有点问题

void swoole_set_object(zval *object, void *ptr)
{
#if PHP_MAJOR_VERSION < 7
    zend_object_handle handle = Z_OBJ_HANDLE_P(object);
#else
    int handle = (int) Z_OBJ_HANDLE(*object);
#endif
    assert(handle < SWOOLE_OBJECT_MAX);
    if (handle >= swoole_objects.size)
    {
        uint32_t old_size = swoole_objects.size;
        uint32_t new_size = old_size * 2;
        void *old_ptr = swoole_objects.array;
        void *new_ptr = NULL;
        if (new_size > SWOOLE_OBJECT_MAX)
        {
            new_size = SWOOLE_OBJECT_MAX;
        }
        new_ptr = realloc(old_ptr, sizeof(void*) * new_size);
        if (!new_ptr)
        {
            return;
        }
        bzero(new_ptr + (old_size * sizeof(void*)), (new_size - old_size) * sizeof(void*));
        swoole_objects.array = new_ptr;
        swoole_objects.size = new_size;
    }
    swoole_objects.array[handle] = ptr;
}

matyhtf commented 7 years ago

请升级至最新版本

peze commented 7 years ago

但是为何这个handle会变成23亿这么大的数字呢？

matyhtf commented 7 years ago

对象已被销毁导致的

peze commented 7 years ago

哦是我们程序自动销毁导致还是 swoole内部机制导致的呢？

matyhtf commented 7 years ago

无法得到更多信息，无法重现，待再次重现后继续跟踪

swoole / swoole-src

工程运行过程中出现了一个 signal SIGSEGV, Segmentation fault.问题 #996

0 swoole_set_object (object=, ptr=ptr@entry=0x0) at /data/pkg/swoole-src-1.8.7-stable/swoole.c:421

1 0x00007f09f4536112 in swoole_http_context_free (ctx=0x7f09f80ec7e0) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:1147

2 0x00007f09f4536709 in http_onClose (serv=0x1231720, info=0x7fff97a6f870) at /data/pkg/swoole-src-1.8.7-stable/swoole_http_server.c:846

3 0x00007f09f4549c03 in swFactoryProcess_end (factory=0x1231b50, fd=)

4 0x00007f09f455a396 in swWorker_onTask (factory=factory@entry=0x1231b50, task=task@entry=0x7fff97a6f910)

5 0x00007f09f455a629 in swWorker_onPipeReceive (reactor=, event=0x7fff97a71970)

6 0x00007f09f454c23b in swReactorEpoll_wait (reactor=0x12648f0, timeo=)

7 0x00007f09f455b253 in swWorker_loop (factory=factory@entry=0x1231b50, worker_id=worker_id@entry=11)

8 0x00007f09f4558605 in swManager_spawn_worker (factory=0x1231b50, worker_id=11) at /data/pkg/swoole-src-1.8.7-stable/src/network/Manager.c:679

9 0x00007f09f4558a3f in swManager_start (factory=factory@entry=0x1231b50) at /data/pkg/swoole-src-1.8.7-stable/src/network/Manager.c:143

10 0x00007f09f45490b2 in swFactoryProcess_start (factory=0x1231b50) at /data/pkg/swoole-src-1.8.7-stable/src/factory/FactoryProcess.c:86

11 0x00007f09f454faa9 in swServer_start (serv=serv@entry=0x1231720) at /data/pkg/swoole-src-1.8.7-stable/src/network/Server.c:645

12 0x00007f09f4532c4c in zim_swoole_http_server_start (this_ptr=0x7f09f82b9520, return_value=0x7f09f82b9580, ht=,

13 zim_swoole_http_server_start (ht=, return_value=0x7f09f82b9580, return_value_ptr=, this_ptr=0x7f09f82b9520,

14 0x00000000007c7987 in ?? ()

15 0x0000000000787ac8 in execute_ex ()

16 0x000000000071a0d9 in zend_execute_scripts ()

17 0x00000000006b91bf in php_execute_script ()

18 0x00000000007caf19 in ?? ()

19 0x000000000046ca7f in main ()

0 swoole_set_object (object=, ptr=ptr@entry=0x0) at /data/pkg/swoole-src-1.8.7-stable/swoole.c:421