dmalloc assertion: (*bmp & (1LU << bno)) == 0 in memfree
When running zsh an assertion is shown each time zsh is closed.
DragonFly version is v22.214.171.124.g17720-RELEASE an X86_64.
#1 Updated by xbit about 4 years ago
I found an example that can be used to reproduce this error: https://bugs.dragonflybsd.org/pastes/29.
When realloc() is called with the new size (8), then in dmalloc.c the memalloc() function returns a new object and the old one is removed with memfree() which runs into this assertion.
#2 Updated by vsrinivas about 4 years ago
I believe the test program posted above is wrong. Specifically, after realloc(), it checks if the original pointer, not the new return from realloc, is nonzero, and then free()s. This is not okay -- after a nonzero return from realloc, the original pointer has been released and is no longer valid.