Date: Wed, 21 Nov 2007 18:56:09 -0800 From: Jason Evans <jasone@freebsd.org> To: Pietro Cerutti <gahr@gahr.ch> Cc: freebsd-hackers@freebsd.org Subject: Re: assertion failed on malloc.c Message-ID: <4744EFC9.50409@freebsd.org> In-Reply-To: <474420B8.10203@gahr.ch> References: <474420B8.10203@gahr.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
Pietro Cerutti wrote: >> uname -r > 8.0-CURRENT > > Mplayer always crashes quitting .flv video (either by pressing 'q' or > because the video is over). > > The error is: > > Assertion failed: (diff == regind * size), function > arena_run_reg_dalloc, file /usr/src/lib/libc/stdlib/malloc.c, line 1714. > > Removing the assert at line 1714 and recompiling libc solves the > problem, but I'm not that familiar with the current malloc > implementation to know whether (diff == regind * size) is always > supposed to be true (thus a bug in mplayer) or the assertion is simply > wrong. This is probably due to attempted deallocation of an invalid pointer. This could be either a double free or a totally bogus deallocation, perhaps of a pointer that is within a valid object. Removing the assertion in malloc.c simply allows undefined behavior beyond where the assertion failure would have caused a crash. The failure modes can be serious, such as memory corruption or a segmentation fault. Jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4744EFC9.50409>