[DragonFlyBSD - Bug #2034] (Closed) assertion: z->z_Magic == ZALLOC_SLAB_MAGIC in _slabfree

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Tue May 31 14:53:26 PDT 2022 

Issue #2034 has been updated by tuxillo.

Status changed from New to Closed
Assignee set to tuxillo

We no longer use pkgsrc. Also, invoking vlc or tinyproxy does not trigger this anymore.

----------------------------------------
Bug #2034: assertion: z->z_Magic == ZALLOC_SLAB_MAGIC in _slabfree
http://bugs.dragonflybsd.org/issues/2034#change-14316

* Author: pavalos
* Status: Closed
* Priority: Normal
* Assignee: tuxillo
* Target version: 6.4
----------------------------------------
I'm receiving the following assertion when running vlc and tinyproxy:

assertion: z->z_Magic == ZALLOC_SLAB_MAGIC in _slabfree

My vlc was compiled with gcc 4.1.2, and my world is gcc 4.4.  vlc hits
this assertion very early, and only runs for a second or so.  Here's the
backtrace:

<pre>
(gdb) bt
#0  0x2820efbf in kill () at kill.S:2
#1  0x281a1fcc in _raise (sig=6) at /usr/src/lib/libthread_xu/thread/thr_syscalls.c:438
#2  0x2828a88e in abort () at /usr/src/lib/libc/../libc/stdlib/abort.c:63
#3  0x2821ac39 in _mpanic (ctl=0x28290918 "assertion: %s in %s") at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:1715
#4  0x2821b875 in _slabfree (ptr=<value optimized out>, flags=<value optimized out>, rbigp=0x0) at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:1165
#5  0x2821bd7b in free (ptr=0x2abca1bc) at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:774
#6  0x2ac85455 in operator delete (ptr=0x0)
    at /usr/src/gnu/lib/gcc44/libstdc++/../../../usr.bin/cc44/cc_tools/../../../../contrib/gcc-4.4/libstdc++-v3/libsupc++/del_op.cc:44
#7  0x2ac19385 in __gnu_cxx::new_allocator<char>::deallocate (this=0x2abca1bc, __a=...) at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/ext/new_allocator.h:95
#8  std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::_Rep::_M_destroy (this=0x2abca1bc, __a=...)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:427
#9  0x2ac1ad87 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::_Rep::_M_dispose (this=0x28346dd4, __res=5)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.h:231
#10 std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::reserve (this=0x28346dd4, __res=5)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:489
#11 0x2ac1ae77 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::append (this=0x28346dd4, __n=5, __c=0 L'\000')
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:289
#12 0x2ab3cd30 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::resize (this=0x0, __n=5, __c=0 L'\000')
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.1/bits/basic_string.tcc:626
#13 0x2b2ff85c in TagLib::String::String(char const*, TagLib::String::Type) () from /usr/pkg/lib/libtag.so.1
#14 0x2b2ebb3a in __static_initialization_and_destruction_0 () from /usr/pkg/lib/libtag.so.1
#15 0x2b31b300 in __do_global_ctors_aux () from /usr/pkg/lib/libtag.so.1
#16 0x2b2d014a in _init () from /usr/pkg/lib/libtag.so.1
#17 0x2805289f in objlist_call_init (list=<value optimized out>) at /usr/src/libexec/rtld-elf/rtld.c:1498
#18 0x280544bc in dlopen (name=0x283a0600 "/usr/pkg/lib/vlc/plugins/meta_engine/libtaglib_plugin.so", mode=2) at /usr/src/libexec/rtld-elf/rtld.c:1865
#19 0x2813d3d9 in ?? () from /usr/pkg/lib/libvlccore.so.4
#20 0x283a0600 in ?? ()
#21 0x00000002 in ?? ()
#22 0x00000000 in ?? ()
Current language:  auto
The current source language is "auto; currently asm".

</pre>


I can't tell if this is a libstdc++, gcc44, or a nmalloc bug.

When I attempt to compile a new version of vlc from pkgsrc, it fails
hitting the same assertion when running lt-vlc-cache-gen as part of the
build process.  This also happens with gcc41.  The backtrace looks
similar:

<pre>
(gdb) bt
#0  0x2820dfbf in kill () at kill.S:2
#1  0x2818cfcc in _raise (sig=6) at /usr/src/lib/libthread_xu/thread/thr_syscalls.c:438
#2  0x2828988e in abort () at /usr/src/lib/libc/../libc/stdlib/abort.c:63
#3  0x28219c39 in _mpanic (ctl=0x2828f918 "assertion: %s in %s") at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:1715
#4  0x2821a875 in _slabfree (ptr=<value optimized out>, flags=<value optimized out>, rbigp=0x0) at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:1165
#5  0x2821ad7b in free (ptr=0x2abd81bc) at /usr/src/lib/libc/../libc/stdlib/nmalloc.c:774
#6  0x2ac93455 in operator delete (ptr=0x0)
    at /usr/src/gnu/lib/gcc44/libstdc++/../../../usr.bin/cc44/cc_tools/../../../../contrib/gcc-4.4/libstdc++-v3/libsupc++/del_op.cc:44
#7  0x2ac27385 in __gnu_cxx::new_allocator<char>::deallocate (this=0x2abd81bc, __a=...) at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/ext/new_allocator.h:95
#8  std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::_Rep::_M_destroy (this=0x2abd81bc, __a=...)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:427
#9  0x2ac28d87 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::_Rep::_M_dispose (this=0x28346d94, __res=5)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.h:231
#10 std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::reserve (this=0x28346d94, __res=5)
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:489
#11 0x2ac28e77 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::append (this=0x28346d94, __n=5, __c=0 L'\000')
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.4/bits/basic_string.tcc:289
#12 0x2ab4ad30 in std::basic_string<wchar_t, std::char_traits<wchar_t>, std::allocator<wchar_t> >::resize (this=0x0, __n=5, __c=0 L'\000')
    at /usr/obj/usr/src/world_i386/usr/include/c++/4.1/bits/basic_string.tcc:626
#13 0x2b30285c in TagLib::String::String(char const*, TagLib::String::Type) () from /usr/pkg/lib/libtag.so.1
#14 0x2b2eeb3a in __static_initialization_and_destruction_0 () from /usr/pkg/lib/libtag.so.1
#15 0x2b31e300 in __do_global_ctors_aux () from /usr/pkg/lib/libtag.so.1
#16 0x2b2d314a in _init () from /usr/pkg/lib/libtag.so.1
#17 0x2805189f in objlist_call_init (list=<value optimized out>) at /usr/src/libexec/rtld-elf/rtld.c:1498
#18 0x280534bc in dlopen (name=0x28330600 "/usr/pkg/lib/vlc/plugins/meta_engine/libtaglib_plugin.so", mode=2) at /usr/src/libexec/rtld-elf/rtld.c:1865
#19 0x2813c3d9 in ?? () from /usr/pkg/lib/libvlccore.so.4
#20 0x28330600 in ?? ()
#21 0x00000002 in ?? ()
#22 0x00000000 in ?? ()
Current language:  auto
The current source language is "auto; currently asm".
</pre>

I can't seem to find any core file from tinyproxy, but I do see the
assertion pop up on the pty where i started tinyproxy from.

--Peter



-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account

More information about the Bugs mailing list