Out of the blue after 5.9 upgrade I've started getting chromium reporting use-after-free. I do not seem to be the only person with this problem http://www.bsdforen.de/threads/chromium-st%C3%BCrzt-mit-dem-fehler-chrome-in-free-ab.32523/ I suspect both of us have some bizarre left over state on our systems. Still, if somebody knows what that state might be, I'm curious.
% uname -a OpenBSD mymachine 5.9 GENERIC#1761 amd64 % gdb /usr/local/chrome/chrome ... (gdb) r Starting program: /usr/local/chrome/chrome Program received signal SIGCONT, Continued. [Switching to thread 1022778] __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75 75 call *%r8 Current language: auto; currently asm (gdb) c Continuing. chrome(2215) in free(): error: use after free 0x888158178c0 Program received signal SIGABRT, Aborted. [Switching to thread 1003708] 0x00000888034b887a in thrkill () at <stdin>:2 2 <stdin>: No such file or directory. in <stdin> (gdb) where #0 0x00000888034b887a in thrkill () at <stdin>:2 #1 0x00000888034b3f39 in *_libc_abort () at /usr/src/lib/libc/stdlib/abort.c:52 #2 0x0000088803496279 in wrterror (msg=0x888035bf378 "use after free", p=0x888158178c0) at /usr/src/lib/libc/stdlib/malloc.c:283 #3 0x000008880349784c in ofree (p=0x888158178c0) at /usr/src/lib/libc/stdlib/malloc.c:1235 #4 0x00000888034978ee in free (ptr=0x887ce8c9940) at /usr/src/lib/libc/stdlib/malloc.c:1340 #5 0x0000088810167f82 in SECMOD_LoadModule () from /usr/local/lib/libnss3.so.39.0 #6 0x00000888101680d5 in SECMOD_LoadModule () from /usr/local/lib/libnss3.so.39.0 #7 0x0000088810134024 in nss_Init () from /usr/local/lib/libnss3.so.39.0 #8 0x00000888101349eb in NSS_InitReadWrite () from /usr/local/lib/libnss3.so.39.0 #9 0x0000088574644112 in std::vector<unsigned char, std::allocator<unsigned char> >::_M_fill_assign () from /usr/local/chrome/chrome #10 0x00000885748e9744 in std::_Rb_tree<int, int, std::_Identity<int>, std::less<int>, std::allocator<int> >::count () from /usr/local/chrome/chrome #11 0x00000885749de4c3 in _ZNSt6vectorIxSaIxEE19_M_emplace_back_auxIJxEEEvDpOT_ () from /usr/local/chrome/chrome #12 0x0000088574a93b7f in std::vector<__gnu_cxx::_Hashtable_node<unsigned long long>*, std::allocator<__gnu_cxx::_Hashtable_node<unsigned long long>*> >::_M_fill_insert () from /usr/local/chrome/chrome #13 0x0000088574960dc5 in _ZNSt6vectorISt4pairISsSsESaIS1_EE19_M_emplace_back_auxIJRKS1_EEEvDpOT_ () from /usr/local/chrome/chrome #14 0x000008857496d64c in std::vector<unsigned long, std::allocator<unsigned long> >::operator= () from /usr/local/chrome/chrome #15 0x0000088574237446 in std::_Rb_tree<std::string, std::string, std::_Identity<std::string>, std::less<std::string>, std::allocator<std::string> >::_M_copy () from /usr/local/chrome/chrome #16 0x0000088576efd817 in std::_Rb_tree<long long, long long, std::_Identity<long long>, std::less<long long>, std::allocator<long long> >::erase () from /usr/local/chrome/chrome #17 0x000008857712b1ba in std::_Rb_tree<std::string, std::pair<std::string const, std::set<int, std::less<int>, std::allocator<int> > >, std::_Select1st<std::pair<std::string const, std::set<int, std::less<int>, std::allocator<int> > > >, std::less<std::string>, std::allocator<std::pair<std::string const, std::set<int, std::less<int>, std::allocator<int> > > > >::_M_erase () from /usr/local/chrome/chrome #18 0x00000885745f0d5a in std::_Rb_tree<std::string, std::pair<std::string const, int>, std::_Select1st<std::pair<std::string const, int> >, std::less<std::string>, std::allocator<std::pair<std::string const, int> > >::_M_insert_<std::pair<std::string, int> > () from /usr/local/chrome/chrome #19 0x00000885745eba25 in std::string::_M_replace_dispatch<wchar_t const*> () from /usr/local/chrome/chrome #20 0x000008885b19080e in _rthread_start (v=Variable "v" is not available. ) at /usr/src/lib/librthread/rthread.c:145 #21 0x000008880344052b in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75 #22 0x0000000000000000 in ?? () % pkg_info chromium Information for inst:chromium-48.0.2564.116 ... Thanks Greg -- nest.cx is Gmail hosted, use PGP for anything private. Key: http://goo.gl/6dMsr Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0