(The OS version is Mac OS X 10.4.11 with all updates as of today and rsync is compiled with Apple's gcc powerpc-apple-darwin8-gcc-4.0.1 (build 5370).)

When I'm running rsync with the following options:

-X -a -v -n --exclude-from=... --delete --backup --backup-dir=...

I occasionally get the following errors from the Mac OS X malloc():

rsync(486) malloc: ***  Deallocation of a pointer not malloced: 0x4aeb54; This could be a double free(), or free() called with the middle of an allocated block; Try setting environment variable MallocHelp to see tools to help debug

It can be reproduced with dry runs. But if the file system is modifed, it can also go away.

The stack trace from where the printout comes (strings replaced with "..."):

(gdb) bt
#0  0x9012b760 in malloc_printf ()
#1  0x90005f5c in free ()
#2  0x00037fd4 in uncache_tmp_xattrs () at xattrs.c:754
#3  0x00023c08 in make_backup (fname=0xbfffd118 "...") at backup.c:369
#4  0x0000bbb8 in delete_item (fbuf=0xbfffd118 "...", mode=33152, flags=17448) at generator.c:198
#5  0x0000b970 in delete_dir_contents (fname=0xbfffd118 "...", flags=4) at generator.c:304
#6  0x0000bab8 in delete_item (fbuf=0xbfffd118 "...", mode=16832, flags=2) at generator.c:179
#7  0x0000c2a8 in delete_in_dir (fbuf=0x4fdf88 "...", file=0x6, fs_dev=0x11b05e0) at generator.c:536
#8  0x00011288 in generate_files (f_out=1, local_name=0x4aeb54 "...") at generator.c:2245
#9  0x0001d004 in do_recv (f_in=0, f_out=1, local_name=0x0) at main.c:830
#10 0x0001da00 in start_server (f_in=0, f_out=1, argc=1, argv=0xbfffe444) at main.c:940
#11 0x0001ed50 in child_main (argc=18633264, argv=0x8000) at main.c:947
#12 0x00039858 in local_child (argc=2, argv=0xbfffe440, f_in=0xbfffe030, f_out=0xbfffe034, child_main=0x1ed30 <child_main>) at pipe.c:156
#13 0x0001ebcc in main (argc=2, argv=0x3002b0) at main.c:463