Using GDB to debug PHP code to solve the _php of PHP code dead Loop problem

Last Update:2017-01-19 Source: Internet

Author: User

Tags php source code sapi zend

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

When I recently solved the swoole server problem with my colleagues, I found that 1 worker processes were in the state of R and the CPU was very time-consuming. The initial conclusion is that there is a dead loop in the PHP code.

Here is a piece of code to show how to solve the PHP dead loop problem.

Copy Code code as follows:

#dead_loop. php
$array = Array ();
for ($i = 0; $i < 10000; $i + +)
{
$array [] = $i;
}
Include __dir__. " /include.php ";
#include. php
while (1)
{
Usleep (10);
$keys = Array_flip ($array);
$index = Array_search (rand (1500, 9999), $array);
$str = str_repeat (' A ', $index);
$STRB = Test ($index, $STR);
}
function test ($index, $STR)
{
Return Str_replace (' A ', ' B ', $str);
}

Through PS aux get process ID and status as follows, use gdb-p process ptrace trace, get call stack via BT command

Copy Code code as follows:

HTF 3834 2.6 0.2 166676 22060 pts/12 r+ 10:50 0:12 php dead_loop.php
Gdb-p 3834
(GDB) bt
#0 0x00000000008cc03f in Zend_mm_check_ptr (heap=0x1eaa2c0, ptr=0x2584910, Silent=1, __zend_filename=0xee3d40 "/home/" HTF/WORKSPACE/PHP-5.4.27/ZEND/ZEND_VARIABLES.C ",
__zend_lineno=182, __zend_orig_filename=0xee1888 "/home/htf/workspace/php-5.4.27/zend/zend_execute_api.c", __zend _orig_lineno=437)
at/home/htf/workspace/php-5.4.27/zend/zend_alloc.c:1485
#1 0x00000000008cd643 in _zend_mm_free_int (heap=0x1eaa2c0, p=0x2584910, __zend_filename=0xee3d40 "/home/htf/" WORKSPACE/PHP-5.4.27/ZEND/ZEND_VARIABLES.C ", __zend_lineno=182,
__zend_orig_filename=0xee1888 "/home/htf/workspace/php-5.4.27/zend/zend_execute_api.c", __zend_orig_lineno=437) at/home/htf/workspace/php-5.4.27/zend/zend_alloc.c:2064
#2 0x00000000008cebf7 in _efree (ptr=0x2584910, __ZEND_FILENAME=0XEE3D40 "/home/htf/workspace/php-5.4.27/zend/zend_ VARIABLES.C ", __zend_lineno=182,
__zend_orig_filename=0xee1888 "/home/htf/workspace/php-5.4.27/zend/zend_execute_api.c", __zend_orig_lineno=437) at/home/htf/workspace/php-5.4.27/zend/zend_alloc.c:2436
#3 0x00000000008eda0a in _zval_ptr_dtor (zval_ptr=0x25849a0, __ZEND_FILENAME=0XEE3D40 "/home/htf/workspace/ PHP-5.4.27/ZEND/ZEND_VARIABLES.C ", __zend_lineno=182)
at/home/htf/workspace/php-5.4.27/zend/zend_execute_api.c:437
#4 0x00000000008fe687 in _zval_ptr_dtor_wrapper (zval_ptr=0x25849a0) at/home/htf/workspace/php-5.4.27/zend/zend_ variables.c:182
#5 0x000000000091259f in Zend_hash_destroy (ht=0x7f7263f6e380) at/home/htf/workspace/php-5.4.27/zend/zend_hash.c : 560
#6 0x00000000008fe2c5 in _zval_dtor_func (Zvalue=0x7f726426fe50, __zend_filename=0xeea290 "/home/htf/workspace/ Php-5.4.27/zend/zend_execute.c ", __zend_lineno=901)
At/home/htf/workspace/php-5.4.27/zend/zend_variables.c:45
#7 0x0000000000936656 in _zval_dtor (Zvalue=0x7f726426fe50, __zend_filename=0xeea290 "/home/htf/workspace/php-5.4.27 /zend/zend_execute.c ", __zend_lineno=901)
At/home/htf/workspace/php-5.4.27/zend/zend_variables.h:35
#8 0x0000000000939747 in Zend_assign_to_variable (variable_ptr_ptr=0x7f7263f8e738, value=0x7f726426f6a8) AT/HOME/HTF /workspace/php-5.4.27/zend/zend_execute.c:901
#9 0x0000000000997ee5 in Zend_assign_spec_cv_var_handler (execute_data=0x7f726d04b2a8) at/home/htf/workspace/ php-5.4.27/zend/zend_vm_execute.h:33168
#10 0x000000000093b5fd in Execute (op_array=0x21d58b0) at/home/htf/workspace/php-5.4.27/zend/zend_vm_execute.h:410
#11 0x0000000000901692 in Zend_execute_scripts (type=8, retval=0x0, file_count=3) at/home/htf/workspace/php-5.4.27/ zend/zend.c:1315
#12 0x000000000087926a in Php_execute_script (primary_file=0x7ffffe0038d0) at/home/htf/workspace/php-5.4.27/main/ main.c:2502
#13 0x00000000009a32e3 in Do_cli (argc=2, Argv=0x7ffffe004d18) at/home/htf/workspace/php-5.4.27/sapi/cli/php_cli.c : 989
#14 0x00000000009a4491 in Main (argc=2, argv=0x7ffffe004d18) at/home/htf/workspace/php-5.4.27/sapi/cli/php_cli.c : 1365

After GDB executes, the process of the dead loop changes to the state of T, indicating that it is being trace. This is exclusive, so you can no longer use STRACE/GDB or other ptrace tools to debug this process. In addition, this process interrupts execution. After GDB enters C, the program continues to run down. Then press CTRL + C again to interrupt the program. View the call stack of the process through the BT command.

Copy Code code as follows:

(GDB) bt
#0 _zend_mm_alloc_int (heap=0x1eaa2c0, size=72, __zend_filename=0xe43410 "/home/htf/workspace/php-5.4.27/ext/ Standard/array.c ", __zend_lineno=2719,
__zend_orig_filename=0xee5a38 "/home/htf/workspace/php-5.4.27/zend/zend_hash.c", __zend_orig_lineno=412) at/home/ htf/workspace/php-5.4.27/zend/zend_alloc.c:1895
#1 0x00000000008ceb86 in _emalloc (size=72, __zend_filename=0xe43410 "/home/htf/workspace/php-5.4.27/ext/standard/ Array.c ", __zend_lineno=2719,
__zend_orig_filename=0xee5a38 "/home/htf/workspace/php-5.4.27/zend/zend_hash.c", __zend_orig_lineno=412) at/home/ htf/workspace/php-5.4.27/zend/zend_alloc.c:2425
#2 0x0000000000911d85 in _zend_hash_index_update_or_next_insert (ht=0x2257a10, h=3972, pdata=0x7ffffe0012b0, Ndatasize=8, pdest=0x0, Flag=1,
__zend_filename=0xe43410 "/home/htf/workspace/php-5.4.27/ext/standard/array.c", __zend_lineno=2719) at/home/htf/ workspace/php-5.4.27/zend/zend_hash.c:412
#3 0x00000000007767e1 in Zif_array_flip (Ht=1, Return_value=0x7f726424ea68, return_value_ptr=0x0, this_ptr=0x0, return _value_used=1)
at/home/htf/workspace/php-5.4.27/ext/standard/array.c:2719
#4 0x000000000093c03e in Zend_do_fcall_common_helper_spec (execute_data=0x7f726d04b2a8) at/home/htf/workspace/ php-5.4.27/zend/zend_vm_execute.h:643
#5 0x00000000009400e6 in Zend_do_fcall_spec_const_handler (execute_data=0x7f726d04b2a8) at/home/htf/workspace/ php-5.4.27/zend/zend_vm_execute.h:2233
#6 0x000000000093b5fd in Execute (op_array=0x21d58b0) at/home/htf/workspace/php-5.4.27/zend/zend_vm_execute.h:410

Two times the BT information is different, because the program is interrupted in various locations. Seeing the oparray=0x21d58b0 line, this is the portal to the PHP execution Oparray. GdB enters F 6, which is available through the call stack number.

Copy Code code as follows:

(GDB) F 6
#6 0x000000000093b5fd in Execute (op_array=0x21d58b0) at/home/htf/workspace/php-5.4.27/zend/zend_vm_execute.h:410
410 if (ret = Opline->handler (execute_data tsrmls_cc)) > 0) {
(GDB) P *op_array
$ = {type = 2 ' \002 ', function_name = 0x7f726d086540 "Test", scope = 0x0, Fn_flags = 134217728, prototype = 0x0, Num_args = 2, Required_num_args = 2, Arg_info = 0x7f726d086bd8,
RefCount = 0x7f726d0870f0, opcodes = 0x7f726424d600, last = 8, VARs = 0x7f726424e890, Last_var = 2, T = 1, Brk_cont_array = 0x0, Last_brk_cont = 0, Try_catch_array = 0x0,
Last_try_catch = 0, Static_variables = 0x0, This_var = 4294967295, filename = 0x7f726424ba38 "/home/htf/wwwroot/include.ph" P ", Line_start = Line_end =, Doc_comment = 0x0,
Doc_comment_len = 0, early_binding = 4294967295, literals = 0x7f726424eae0, last_literal = 4, Run_time_cache = 0x7f726450b fb0, Last_cache_slot = 1, reserved = {0x0, 0x0, 0x0, 0x0}}

Here's the filename can see Op_array is which php file. Then enter F 0 to enter the current position.

Copy Code code as follows:

(GDB) P **executor_globals.opline_ptr
$ = {Handler = 0x93ff9c, OP1 = {constant = 1680133296, var = 1680133296, num = 1680133296, hash = 140129283132592, Oplin E_num = 1680133296,
Jmp_addr = 0x7f726424ccb0, Zv = 0x7f726424ccb0, literal = 0x7f726424ccb0, ptr = 0x7f726424ccb0}, OP2 = {constant = 0, var = 0, num = 0, hash = 0, Opline_num = 0, jmp_addr = 0x0,
Zv = 0x0, literal = 0x0, ptr = 0x0}, result = {constant =, var =-, num = n, hash = 0, Opline_num =- x20, Zv = 0x20, literal = 0x20, ptr = 0x20},
Extended_value = 1, Lineno = 5, opcode = 60 '

The Lineno here represents the number of lines of code that the opcode is in, and you can go to the corresponding file to see which line of code. Use GDB to see more information, here is no longer introduced, and interested you can try it on your own.

The use of Zbacktrace

Zend Official provides a GDB script that encapsulates the instructions and can see the invocation relationships of PHP functions directly. There is a. Gdbinit in the root directory of the PHP source code package. Use

Copy Code code as follows:

SOURCE Your_php_src_path/.gdbinit
Zbacktrace

You can see the call stack of the PHP function directly.

The above is the entire content of this article, I hope you can enjoy.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More