assertion failed on malloc.c
Pietro Cerutti
gahr at gahr.ch
Thu Nov 22 01:12:01 PST 2007
Jason Evans wrote:
> Pietro Cerutti wrote:
>>> uname -r
>> 8.0-CURRENT
>>
>> Mplayer always crashes quitting .flv video (either by pressing 'q' or
>> because the video is over).
>>
>> The error is:
>>
>> Assertion failed: (diff == regind * size), function
>> arena_run_reg_dalloc, file /usr/src/lib/libc/stdlib/malloc.c, line 1714.
>>
>> Removing the assert at line 1714 and recompiling libc solves the
>> problem, but I'm not that familiar with the current malloc
>> implementation to know whether (diff == regind * size) is always
>> supposed to be true (thus a bug in mplayer) or the assertion is simply
>> wrong.
>
> This is probably due to attempted deallocation of an invalid pointer.
> This could be either a double free or a totally bogus deallocation,
> perhaps of a pointer that is within a valid object.
>
> Removing the assertion in malloc.c simply allows undefined behavior
> beyond where the assertion failure would have caused a crash. The
> failure modes can be serious, such as memory corruption or a
> segmentation fault.
Thanks for analyzing this. In this case, I'll go on looking for the bug
in mplayer.
>
> Jason
--
Pietro Cerutti
PGP Public Key:
http://gahr.ch/pgp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20071122/80f9a2c9/signature.pgp
More information about the freebsd-hackers
mailing list