mimalloc icon indicating copy to clipboard operation
mimalloc copied to clipboard
verified publisher icon microsoft

mimalloc crashes on FreeBSD during static initialization phase

Open yurivict opened this issue 10 months ago • 10 comments

This program:

$ cat ex.cpp 


#include <string>
#include <iostream>

std::string s = "xxx";


int main() {
        std::cout << "s=" << s << std::endl;
}

when built like this:

c++ ex.cpp /usr/local/lib/libmimalloc.so

fails like like this:

(gdb) r

The program being debugged has been started already.
Start it from the beginning? (y or n) y

Starting program: /usr/ports/graphics/art/a.out

Program received signal SIGABRT, Aborted.
Sent by thr_kill() from pid 24370 and user 1001.
thr_kill () at thr_kill.S:4
4       RSYSCALL(thr_kill)

(gdb) bt
#0  thr_kill () at thr_kill.S:4
#1  0x000000002c0c5d34 in __raise (s=s@entry=6) at /disk-samsung/freebsd-src/lib/libc/gen/raise.c:50
#2  0x000000002c179ce9 in abort () at /disk-samsung/freebsd-src/lib/libc/stdlib/abort.c:64
#3  0x000000002be76aef in _mi_assert_fail (assertion=0x2be50ae9 "bin < MI_BIN_HUGE", fname=0x2be507ce "/usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page-queue.c", line=94, func=0x2be4fbb6 "mi_bin") at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/options.c:505
#4  0x000000002be7a6d5 in mi_bin (size=1672) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page-queue.c:94
#5  0x000000002be7a5d5 in _mi_bin (size=1672) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page-queue.c:107
#6  0x000000002be7e087 in mi_page_queue (heap=0x2be88a00 <heap_main>, size=1672) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/include/mimalloc/internal.h:727
#7  0x000000002be7cc25 in mi_find_page (heap=0x2be88a00 <heap_main>, size=1672, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page.c:891
#8  0x000000002be7c8df in _mi_malloc_generic (heap=0x2be88a00 <heap_main>, size=1672, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page.c:928
#9  0x000000002be5fadf in _mi_heap_malloc_zero_ex (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:192
#10 0x000000002be5fc0e in _mi_heap_malloc_zero (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:211
#11 0x000000002be5fca2 in mi_heap_zalloc (heap=0x2be85300 <_mi_heap_empty>, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:228
#12 0x000000002be5fd30 in mi_heap_calloc (heap=0x2be85300 <_mi_heap_empty>, count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:239
#13 0x000000002be5dfd5 in mi_calloc (count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:243
#14 0x000000002c32a4e7 in _thr_alloc (curthread=curthread@entry=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_list.c:154
#15 0x000000002c329522 in _libpthread_init (curthread=curthread@entry=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_init.c:336
#16 0x000000002c331ca2 in _thr_check_init () at /disk-samsung/freebsd-src/lib/libthr/thread/thr_private.h:927
#17 _thr_key_create (key=0x2be89b88 <_mi_heap_default_key>, destructor=0x2be837e0 <mi_pthread_done>) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_spec.c:62
#18 0x000000002be837d1 in _mi_prim_thread_init_auto_done () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/prim/unix/prim.c:866
#19 0x000000002be74e2b in mi_process_setup_auto_thread_done () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:517
#20 0x000000002be747b4 in mi_process_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:656
#21 0x000000002be74739 in mi_thread_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:531
#22 0x000000002be71772 in mi_heap_get_default () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/heap.c:149
#23 0x000000002be7c824 in _mi_malloc_generic (heap=0x2be85300 <_mi_heap_empty>, size=1672, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page.c:916
#24 0x000000002be5fadf in _mi_heap_malloc_zero_ex (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:192
#25 0x000000002be5fc0e in _mi_heap_malloc_zero (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:211
#26 0x000000002be5fca2 in mi_heap_zalloc (heap=0x2be85300 <_mi_heap_empty>, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:228
#27 0x000000002be5fd30 in mi_heap_calloc (heap=0x2be85300 <_mi_heap_empty>, count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:239
#28 0x000000002be5dfd5 in mi_calloc (count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:243
#29 0x000000002c32a4e7 in _thr_alloc (curthread=curthread@entry=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_list.c:154
#30 0x000000002c329522 in _libpthread_init (curthread=curthread@entry=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_init.c:336
#31 0x000000002c32bb89 in _thr_check_init () at /disk-samsung/freebsd-src/lib/libthr/thread/thr_private.h:927
#32 __Tthr_mutex_init (mutex=0x2be8b338 <subproc_main+1912>, mutex_attr=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_mutex.c:384
#33 0x000000002be74419 in mi_lock_init (lock=0x2be8b338 <subproc_main+1912>) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/include/mimalloc/atomic.h:484
#34 0x000000002be74f31 in mi_subproc_main_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:234
#35 0x000000002be74233 in mi_heap_main_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:249
#36 0x000000002be7477d in mi_process_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:651
#37 0x000000002be74739 in mi_thread_init () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/init.c:531
#38 0x000000002be71772 in mi_heap_get_default () at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/heap.c:149
#39 0x000000002be7c824 in _mi_malloc_generic (heap=0x2be85300 <_mi_heap_empty>, size=1672, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/page.c:916
#40 0x000000002be5fadf in _mi_heap_malloc_zero_ex (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true, huge_alignment=0) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:192
#41 0x000000002be5fc0e in _mi_heap_malloc_zero (heap=0x2be85300 <_mi_heap_empty>, size=1664, zero=true) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:211
#42 0x000000002be5fca2 in mi_heap_zalloc (heap=0x2be85300 <_mi_heap_empty>, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:228
#43 0x000000002be5fd30 in mi_heap_calloc (heap=0x2be85300 <_mi_heap_empty>, count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:239
#44 0x000000002be5dfd5 in mi_calloc (count=1, size=1664) at /usr/ports/devel/mimalloc/work/mimalloc-3.0.1/src/alloc.c:243
#45 0x000000002c32a4e7 in _thr_alloc (curthread=curthread@entry=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_list.c:154
#46 0x000000002c329522 in _libpthread_init (curthread=0x0) at /disk-samsung/freebsd-src/lib/libthr/thread/thr_init.c:336
#47 0x000000002be1084d in objlist_call_init (list=list@entry=0x7fffffffe5a8, lockstate=lockstate@entry=0x7fffffffe3a0) at /disk-samsung/freebsd-src/libexec/rtld-elf/rtld.c:3128
#48 0x000000002be0f409 in _rtld (sp=<optimized out>, exit_proc=0x7fffffffe620, objp=0x7fffffffe628) at /disk-samsung/freebsd-src/libexec/rtld-elf/rtld.c:975
#49 0x000000002be0c179 in rtld_start () at /disk-samsung/freebsd-src/libexec/rtld-elf/amd64/rtld_start.S:40

Version: 3.0.1 clang-19 FreeBSD 14.2

yurivict avatar Feb 07 '25 22:02 yurivict

I think I fixed the issue -- let me know if the latest dev3 fixes the issue.

daanx avatar Feb 10 '25 01:02 daanx

No, rev. 02311cb still crashes.

yurivict avatar Feb 10 '25 07:02 yurivict

No, rev. 02311cb still crashes.

Ah, that is not good. I just tested on freeBSD 14.2, clang 18, [02311cb], debug and release, and it works for me? (both ctest -V and your example. In your example you link with .so but it finds the so at runtime on the library path -- maybe it runs with the older installed .so ?

daanx avatar Feb 10 '25 17:02 daanx

No, I reinstalled the .so library. clang-19 was used.

yurivict avatar Feb 10 '25 17:02 yurivict

Yikes -- now I'm unable to repro this :-( Maybe you can share a stack trace again? maybe I'll be able to spot what could be the cause..

edit: I just tried with clang19 and it all works for me; C/C++, static and dynamic override. Not sure how to repro -- maybe provide detailed instructions including how you build mimalloc?

daanx avatar Feb 10 '25 19:02 daanx

mimalloc was built with:

$ cmake -DMI_INSTALL_TOPLEVEL=ON -DMI_BUILD_OBJECT=OFF -DMI_BUILD_TESTS=OFF

This line asserts:

 93│     bin = ((b << 2) + (uint8_t)((wsize >> (b - 2)) & 0x03)) - 3;
 94├───> mi_assert_internal(bin < MI_BIN_HUGE);
 95│   }

(gdb) p bin
$3 = 221 '\335'
(gdb) p b
$4 = 56 '8'
(gdb) p wsize
$5 = 208```

// Maximum number of size classes. (spaced exponentially in 12.5% increments) #define MI_BIN_HUGE (73U)


Why would bin=221 be > 73 ?

yurivict avatar Mar 05 '25 06:03 yurivict

Ah, I think I know what this is, the same as issue #1016 -- I am guessing this with v3 is on a cpu that does not support BMI1 (celeron?).

Can you try to compile mimalloc with -DMI_OPT_ARCH=OFF and see how it goes?

daanx avatar Mar 05 '25 23:03 daanx

Can you try to compile mimalloc with -DMI_OPT_ARCH=OFF and see how it goes?

It doesn't crash with this option.

yurivict avatar Mar 06 '25 00:03 yurivict

I pushed an update to have -DMI_OPT_ARCH=OFF by default as the perf improvement is minimal -- better to have it not crashing unexpectedly :-).

Btw. what cpu where you running this on?

daanx avatar Mar 06 '25 00:03 daanx

Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz

yurivict avatar Mar 06 '25 00:03 yurivict