Assert from malloc after interrupt

[chrisjbillington]

Very occasionally when hitting ctrl-C while running a program with stderred preloaded, I get an assert failure from malloc:

$ pacman -Fs ca
extra/easy-rsa 3.0.5-1
etc/easy-rsa/x509-types/ca
extra/xkeyboard-config 2.25-1
usr/share/X11/xkb/symbols/ca
usr/share/X11/xkb/symbols/sun_vndr/ca
^Cpacman: malloc.c:2385: sysmalloc: Assertion `(old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.
Aborted (core dumped)

The backtrace from the coredump is the following, indicating the abort happened within stderred's version of write():

$ gdb /usr/bin/pacman core.pacman.1000.064a1e21dbc14fee98a3d86234c07375.32230.1547917040000000
GNU gdb (GDB) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/pacman...(no debugging symbols found)...done.
[New LWP 32230]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `pacman -Fs ca'.
Program terminated with signal SIGABRT, Aborted.
#0  0x00007f688a4dad7f in raise () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007f688a4dad7f in raise () from /usr/lib/libc.so.6
#1  0x00007f688a4c5672 in abort () from /usr/lib/libc.so.6
#2  0x00007f688a523fd8 in __malloc_assert () from /usr/lib/libc.so.6
#3  0x00007f688a52637f in sysmalloc () from /usr/lib/libc.so.6
#4  0x00007f688a527716 in _int_malloc () from /usr/lib/libc.so.6
#5  0x00007f688a529736 in calloc () from /usr/lib/libc.so.6
#6  0x00007f688a49f97c in ?? () from /usr/lib/libdl.so.2
#7  0x00007f688a49f333 in dlsym () from /usr/lib/libdl.so.2
#8  0x00007f688a7b28c2 in write ()
   from /home/bilbo/bin/stderred/build/libstderred.so
#9  0x000055f0cf54b162 in ?? ()
#10 0x000055f0cf54b2d5 in ?? ()
#11 <signal handler called>
#12 0x00007f688a527763 in _int_malloc () from /usr/lib/libc.so.6
#13 0x00007f688a528135 in _int_realloc () from /usr/lib/libc.so.6
#14 0x00007f688a5292df in realloc () from /usr/lib/libc.so.6
#15 0x00007f688a7429cf in ?? () from /usr/lib/libalpm.so.11
#16 0x00007f688a7281b9 in ?? () from /usr/lib/libalpm.so.11
#17 0x00007f688a72baf5 in ?? () from /usr/lib/libalpm.so.11
#18 0x00007f688a72bb9b in alpm_db_get_pkgcache () from /usr/lib/libalpm.so.11
#19 0x000055f0cf5472a6 in ?? ()
#20 0x000055f0cf541532 in ?? ()
#21 0x00007f688a4c7223 in __libc_start_main () from /usr/lib/libc.so.6

I can reproduce it a couple of times out of every hundred by hitting ctrl c while running the command 'pacman -Fs ca', which is just searching Arch Linux's package manager's file database for files called 'ca'. It prints the files out, and in normal operation, would print "Interrupt signal received" to stderr after a keyboard interrupt. It looks like the crash is happening when it tries to do that.

After removing stderred from my LD_PRELOAD I can't reproduce the error.