assertion failed on malloc.c
Jason Evans
jasone at freebsd.org
Thu Nov 22 03:54:52 PST 2007
Pietro Cerutti wrote:
>> uname -r
> 8.0-CURRENT
>
> Mplayer always crashes quitting .flv video (either by pressing 'q' or
> because the video is over).
>
> The error is:
>
> Assertion failed: (diff == regind * size), function
> arena_run_reg_dalloc, file /usr/src/lib/libc/stdlib/malloc.c, line 1714.
>
> Removing the assert at line 1714 and recompiling libc solves the
> problem, but I'm not that familiar with the current malloc
> implementation to know whether (diff == regind * size) is always
> supposed to be true (thus a bug in mplayer) or the assertion is simply
> wrong.
This is probably due to attempted deallocation of an invalid pointer.
This could be either a double free or a totally bogus deallocation,
perhaps of a pointer that is within a valid object.
Removing the assertion in malloc.c simply allows undefined behavior
beyond where the assertion failure would have caused a crash. The
failure modes can be serious, such as memory corruption or a
segmentation fault.
Jason
More information about the freebsd-hackers
mailing list