Possible the Nvidia driver writes heap, or Glibc?

Hi all!

Originally I posted it on Nvidia forum, but seeing the activity of people there, I don’t think anyone would answer me in finite amount of time.
Thank you for your help!

Hi,

I have a very strange error when creating openGL application under Debian.
kernel version: 2.6.32-5-686
installed NV driver version: ‘NVIDIA Accelerated Graphics Driver for Linux-x86’ (version: 260.19.12)
Currently the latest driver, but the problem occured with the 256.x.x also…

Problem is:
I’m making an OpenGL and Glut program as homework for University, And I get memory access error when
trying to make an array.

Problematic Code segment:
It is called through the glutDisplayFunc(onDisplay); – onDisplay function, so it’s in the
glutMainLoop;

Point2D* Bezier(int degree, Point2D* ctrlPoints, double smoothness, int& numPoints){

    int* coeffs = new int[degree+1];

    numPoints = 1.0 / smoothness + 1;

    int* baubau = new int[30];     // <<<----- Sometimes Dies Here

    //return array of points
    Point2D* curvePoints = new Point2D[ (int) numPoints ]; // <<<----- Definietelly dies here!

    // fill coefs
    for( int n = 0; n <= degree; ++n)
        coeffs[n] = BinomialCoefficient(degree, n);

[...]

At the problematic lines I get the error:
As I can see the malloc (new) says someone already allocated that memory segment,
which is in the heap as could be seen. (The total error output is at the end of this post)

malloc(): memory corruption: 0x08074468 ***

[...]

08048000-0804a000 r-xp 00000000 08:01 19461      /media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2
0804a000-0804b000 rwxp 00001000 08:01 19461      /media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2
0804b000-08178000 rwxp 00000000 00:00 0          [heap]
b5e00000-b5e21000 rwxp 00000000 00:00 0 

Here is what’s at 0x08074468:
Obviously some Nvidia (or maybe OpenGL, Glu, Glut lib has written some stuff there)

0x08074468  00 00 00 00 00 00 59 40 18 DC F7 09 00 00 00 00  ......Y@........
0x08074478  18 00 00 00 10 00 00 00 00 00 00 00 41 00 00 00  ............A...
0x08074488  72 65 5F 6F 71 00 00 00 C0 43 07 08 0C 00 00 00  re_oq....C......
0x08074498  38 00 00 00 00 00 00 00 20 69 06 08 02 00 40 03  8....... i....@.
0x080744a8  01 00 00 00 00 00 00 00 57 02 00 00 01 00 00 00  ........W.......
0x080744b8  01 00 00 00 75 72 65 5F 73 52 47 42 20 47 4C 5F  ....ure_sRGB GL_
0x080744c8  45 58 54 5F 74 65 78 74 75 72 65 5F 73 77 69 7A  EXT_texture_swiz
0x080744d8  7A 6C 65 20 47 4C 5F 45 58 54 5F 74 65 78 74 75  zle GL_EXT_textu
0x080744e8  72 65 5F 74 79 70 65 5F 32 5F 31 30 06 00 00 00  re_type_2_10....
0x080744f8  31 30 5F 52 39 00 00 00 01 00 00 00 00 00 00 00  10_R9...........
0x08074508  01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
0x08074518  58 02 00 00 58 02 00 00 00 00 00 00 00 00 00 00  X...X...........
0x08074528  58 02 00 00 58 02 00 00 45 58 54 5F 21 00 00 00  X...X...EXT_!...
0x08074538  E8 E3 D1 B7 E8 E3 D1 B7 20 47 4C 5F 45 58 54 5F  ........ GL_EXT_
0x08074548  76 65 72 74 65 78 5F 61 20 00 00 00 20 00 00 00  vertex_a ... ...
0x08074558  00 00 00 00 00 E0 3A B6 00 00 01 00 00 00 00 00  ......:.........
0x08074568  00 00 00 00 01 00 00 00 00 00 00 00 21 00 00 00  ............!...
0x08074578  44 33 44 5F 51 75 61 6C 69 74 79 45 6E 68 61 6E  D3D_QualityEnhan
0x08074588  63 65 6D 65 6E 74 73 00 00 00 00 00 11 00 00 00  cements.........
0x08074598  78 24 07 08 A8 45 07 08 00 00 00 00 11 00 00 00  x$...E..........
0x080745a8  54 65 78 53 68 61 72 70 65 6E 00 00 11 00 00 00  TexSharpen......
0x080745b8  37 30 38 33 35 39 33 37 46 00 79 45 11 00 00 00  70835937F.yE....
0x080745c8  37 30 38 33 35 39 33 37 41 00 00 00 11 00 00 00  70835937A.......
0x080745d8  37 34 30 39 35 32 31 33 42 00 00 00 11 00 00 00  74095213B.......
0x080745e8  20 47 07 08 30 47 07 08 01 00 00 00 11 00 00 00   G..0G..........
0x080745f8  E8 45 07 08 08 46 07 08 00 00 00 00 11 00 00 00  .E...F..........
0x08074608  33 38 39 39 38 33 39 33 31 38 00 00 31 00 00 00  3899839318..1...
0x08074618  91 00 D0 C1 03 00 EF BE 03 00 EF BE 05 00 00 00  ................
0x08074628  30 93 0E 08 00 00 00 00 01 00 00 00 B8 32 12 08  0............2..
0x08074638  A0 6C BD B7 00 00 00 00 14 00 00 00 31 00 00 00  .l..........1...
0x08074648  91 00 D0 C1 04 00 EF BE 03 00 EF BE 06 00 00 00  ................
0x08074658  00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
0x08074668  A0 6C BD B7 18 46 07 08 30 00 00 00 11 00 00 00  .l...F..0.......
0x08074678  F0 22 07 08 C8 45 07 08 00 00 00 00 31 00 00 00  .\"...E......1...
0x08074688  00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00  ................
0x08074698  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
0x080746a8  00 00 00 00 00 00 00 00 20 47 07 08 21 00 00 00  ........ G..!...
0x080746b8  E8 E3 D1 B7 E8 E3 D1 B7 48 47 07 08 01 00 00 00  ........HG......
0x080746c8  60 47 07 08 00 00 00 00 20 00 00 00 19 00 00 00  `G...... .......
0x080746d8  44 65 66 61 75 6C 74 53 77 61 70 49 6E 74 65 72  DefaultSwapInter
0x080746e8  76 61 6C 00 21 00 00 00 E8 E3 D1 B7 B0 46 07 08  val.!........F..
0x080746f8  69 74 79 45 6E 68 61 6E 63 65 6D 65 6E 74 73 00  ityEnhancements.
0x08074708  20 00 00 00 11 00 00 00 78 46 07 08 D8 45 07 08   .......xF...E..
0x08074718  01 00 00 00 11 00 00 00 10 47 07 08 D8 46 07 08  .........G...F..
0x08074728  00 00 00 00 19 00 00 00 53 4C 49 5F 52 45 4E 44  ........SLI_REND
0x08074738  45 52 49 4E 47 5F 4D 4F 44 45 00 00 19 00 00 00  ERING_MODE......
0x08074748  00 00 00 00 00 00 00 00 45 52 49 4E 47 5F 4D 4F  ........ERING_MO
0x08074758  18 00 00 00 11 00 00 00 F0 50 0E 08 D8 E3 D1 B7  .........P......
0x08074768  10 00 00 00 91 00 00 00 00 00 00 00 00 00 00 00  ................
0x08074778  01 00 00 00 78 67 B9 B7 10 00 00 00 03 00 00 00  ....xg..........
0x08074788  F0 46 07 08 B8 46 07 08 00 48 07 08 20 48 07 08  .F...F...H.. H..
0x08074798  40 48 07 08 60 48 07 08 80 48 07 08 A0 48 07 08  @H..`H...H...H..
0x080747a8  C0 48 07 08 E0 48 07 08 00 49 07 08 20 49 07 08  .H...H...I.. I..
0x080747b8  40 49 07 08 60 49 07 08 80 49 07 08 A0 49 07 08  @I..`I...I...I..
0x080747c8  48 47 07 08 C0 49 07 08 D8 49 07 08 00 00 00 00  HG...I...I......
0x080747d8  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
0x080747e8  00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00  ................
0x080747f8  00 00 00 00 21 00 00 00 D0 E3 D1 B7 D0 E3 D1 B7  ....!...........
0x08074808  00 00 00 00 00 00 00 00 65 72 5F 6F 62 6A 65 63  ........er_objec
0x08074818  74 32 20 47 21 00 00 00 D0 E3 D1 B7 D0 E3 D1 B7  t2 G!...........
0x08074828  00 00 00 00 00 00 00 00 5F 4E 56 5F 70 72 65 73  ........_NV_pres
0x08074838  65 6E 74 5F 21 00 00 00 D0 E3 D1 B7 D0 E3 D1 B7  ent_!...........
0x08074848  00 00 00 00 00 00 00 00 5F 63 6F 6D 62 69 6E 65  ........_combine
0x08074858  72 73 20 47 21 00 00 00 D0 E3 D1 B7 D0 E3 D1 B7  rs G!...........

What I don’t understand is how can it happen? The operating system should return with the address
of a memory segment which is sufficient for the allocation. I have no idea what can place data there.
I was sure I compiled the NVidia kernel module with the same version of Gcc as the kernel was
compiled with. All of my libs are updated.

Thank you for your help!!

Total error output:

&"warning: GDB: Failed to set controlling terminal: Operation not permitted (written in Hungarian orig :)
*** glibc detected *** /media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2: malloc(): memory corruption: 0x08074468 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6(+0x6b281)[0xb7c46281]
/lib/i686/cmov/libc.so.6(+0x6e085)[0xb7c49085]
/lib/i686/cmov/libc.so.6(__libc_malloc+0x5c)[0xb7c4ac8c]
/usr/lib/libstdc++.so.6(_Znwj+0x27)[0xb7e22ba7]
/usr/lib/libstdc++.so.6(_Znaj+0x1d)[0xb7e22cdd]
/media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2[0x8048eb1]
/media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2[0x8049190]
/media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2[0x80492f1]
/usr/lib/libglut.so.3(+0x15d86)[0xb7e6fd86]
/usr/lib/libglut.so.3(fgEnumWindows+0x40)[0xb7e73c50]
/usr/lib/libglut.so.3(glutMainLoopEvent+0x174)[0xb7e70204]
/usr/lib/libglut.so.3(glutMainLoop+0x55)[0xb7e70b35]
/media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2[0x8049115]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7bf1c76]
/media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2[0x8048d41]
======= Memory map: ========
08048000-0804a000 r-xp 00000000 08:01 19461      /media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2
0804a000-0804b000 rwxp 00001000 08:01 19461      /media/backup/[BME] Egyetem/5.felev/grafika/hazi2/prog/hazi2/dist/Debug/GNU-Linux-x86/hazi2
0804b000-08178000 rwxp 00000000 00:00 0          [heap]
b5e00000-b5e21000 rwxp 00000000 00:00 0 
b5e21000-b5f00000 ---p 00000000 00:00 0 
b5f2b000-b612b000 rwxs 2f66f000 00:05 6040       /dev/nvidia0
b612b000-b622b000 rwxs 2f918000 00:05 6040       /dev/nvidia0
b622b000-b622c000 rwxs e6c08000 00:05 6040       /dev/nvidia0
b622c000-b626c000 rwxs 2f8e7000 00:05 6040       /dev/nvidia0
b626c000-b628c000 rwxs 2f5a3000 00:05 6040       /dev/nvidia0
b628c000-b62f1000 rwxp 00000000 00:00 0 
b62f1000-b6337000 rwxp 00000000 00:05 562        /dev/zero
b6337000-b63ae000 rwxp 00000000 00:00 0 
b63ae000-b63c7000 rwxs 00000000 00:04 65536      /SYSV00000000 (deleted)
b63c7000-b63c9000 rwxp 00000000 00:00 0 
b63c9000-b63cd000 r-xp 00000000 08:15 154918     /usr/lib/libXdmcp.so.6.0.0
b63cd000-b63ce000 rwxp 00003000 08:15 154918     /usr/lib/libXdmcp.so.6.0.0
b63ce000-b63d0000 r-xp 00000000 08:15 154903     /usr/lib/libXau.so.6.0.0
b63d0000-b63d1000 rwxp 00001000 08:15 154903     /usr/lib/libXau.so.6.0.0
b63d1000-b63e9000 r-xp 00000000 08:15 154922     /usr/lib/libxcb.so.1.1.0
b63e9000-b63ea000 rwxp 00017000 08:15 154922     /usr/lib/libxcb.so.1.1.0
b63ea000-b63eb000 rwxp 00000000 00:00 0                                                                                                                                             
b63eb000-b63f7000 r-xp 00000000 08:15 156711     /usr/lib/libXi.so.6.1.0                                                                                                            
b63f7000-b63f8000 rwxp 0000c000 08:15 156711     /usr/lib/libXi.so.6.1.0                                                                                                            
b63f8000-b63fa000 r-xp 00000000 08:15 606581     /lib/i686/cmov/libdl-2.11.2.so                                                                                                     
b63fa000-b63fb000 r-xp 00001000 08:15 606581     /lib/i686/cmov/libdl-2.11.2.so                                                                                                     
b63fb000-b63fc000 rwxp 00002000 08:15 606581     /lib/i686/cmov/libdl-2.11.2.so                                                                                                     
b63fc000-b640a000 r-xp 00000000 08:15 155745     /usr/lib/libXext.so.6.4.0                                                                                                          
b640a000-b640b000 rwxp 0000d000 08:15 155745     /usr/lib/libXext.so.6.4.0                                                                                                          
b640b000-b6524000 r-xp 00000000 08:15 155783     /usr/lib/libX11.so.6.3.0                                                                                                           
b6524000-b6528000 rwxp 00118000 08:15 155783     /usr/lib/libX11.so.6.3.0                                                                                                           
b6528000-b7b6c000 r-xp 00000000 08:15 155276     /usr/lib/libnvidia-glcore.so.260.19.12                                                                                             
b7b6c000-b7bc8000 rwxp 01644000 08:15 155276     /usr/lib/libnvidia-glcore.so.260.19.12                                                                                             
b7bc8000-b7bd8000 rwxp 00000000 00:00 0                                                                                                                                             
b7bd8000-b7bd9000 r-xp 00000000 08:15 203643     /usr/lib/tls/libnvidia-tls.so.260.19.12                                                                                            
b7bd9000-b7bda000 rwxp 00000000 08:15 203643     /usr/lib/tls/libnvidia-tls.so.260.19.12                                                                                            
b7bda000-b7bdb000 rwxp 00000000 00:00 0                                                                                                                                             
b7bdb000-b7d1b000 r-xp 00000000 08:15 606589     /lib/i686/cmov/libc-2.11.2.so                                                                                                      
b7d1b000-b7d1d000 r-xp 0013f000 08:15 606589     /lib/i686/cmov/libc-2.11.2.so                                                                                                      
b7d1d000-b7d1e000 rwxp 00141000 08:15 606589     /lib/i686/cmov/libc-2.11.2.so                                                                                                      
b7d1e000-b7d21000 rwxp 00000000 00:00 0                                                                                                                                             
b7d21000-b7d3e000 r-xp 00000000 08:15 586430     /lib/libgcc_s.so.1                                                                                                                 
b7d3e000-b7d3f000 rwxp 0001c000 08:15 586430     /lib/libgcc_s.so.1                                                                                                                 
b7d3f000-b7d63000 r-xp 00000000 08:15 602955     /lib/i686/cmov/libm-2.11.2.so                                                                                                      
b7d63000-b7d64000 r-xp 00023000 08:15 602955     /lib/i686/cmov/libm-2.11.2.so                                                                                                      
b7d64000-b7d65000 rwxp 00024000 08:15 602955     /lib/i686/cmov/libm-2.11.2.so                                                                                                      
b7d65000-b7e4e000 r-xp 00000000 08:15 160020     /usr/lib/libstdc++.so.6.0.13                                                                                                       
b7e4e000-b7e52000 r-xp 000e9000 08:15 160020     /usr/lib/libstdc++.so.6.0.13                                                                                                       
b7e52000-b7e53000 rwxp 000ed000 08:15 160020     /usr/lib/libstdc++.so.6.0.13                                                                                                       
b7e53000-b7e5a000 rwxp 00000000 00:00 0                                                                                                                                             
b7e5a000-b7e8b000 r-xp 00000000 08:15 162251     /usr/lib/libglut.so.3.9.0                                                                                                          
b7e8b000-b7e90000 rwxp 00030000 08:15 162251     /usr/lib/libglut.so.3.9.0
b7e90000-b7e91000 rwxp 00000000 00:00 0 
b7e91000-b7f00000 r-xp 00000000 08:15 158839     /usr/lib/libGLU.so.1.3.070701
b7f00000-b7f01000 rwxp 0006e000 08:15 158839     /usr/lib/libGLU.so.1.3.070701
b7f01000-b7f9d000 r-xp 00000000 08:15 156190     /usr/lib/libGL.so.260.19.12
b7f9d000-b7fbb000 rwxp 0009b000 08:15 156190     /usr/lib/libGL.so.260.19.12
b7fbb000-b7fca000 rwxp 00000000 00:00 0 
b7fca000-b7fcc000 r-xs 00000000 08:15 385956     /tmp/glIdG8Z8 (deleted)
b7fcc000-b7fce000 rwxs 00000000 08:15 385956     /tmp/glIdG8Z8 (deleted)
b7fce000-b7fd2000 rwxs 2f664000 00:05 6040       /dev/nvidia0
b7fd2000-b7fd6000 rwxs 2f911000 00:05 6040       /dev/nvidia0
b7fd6000-b7fd7000 rwxs c0005000 00:05 6040       /dev/nvidia0
b7fd7000-b7fd8000 rwxs 2f637000 00:05 6040       /dev/nvidia0
b7fd8000-b7fdc000 rwxs 2f633000 00:05 6040       /dev/nvidia0
b7fdc000-b7fdd000 rwxs e6641000 00:05 6040       /dev/nvidia0
b7fdd000-b7fde000 rwxs 2f90c000 00:05 6040       /dev/nvidia0
b7fde000-b7fdf000 rwxs 2f95a000 00:05 6040       /dev/nvidia0
b7fdf000-b7fe0000 rwxs e6060000 00:05 6040       /dev/nvidia0
b7fe0000-b7fe2000 rwxp 00000000 00:00 0 
b7fe2000-b7fe3000 r-xp 00000000 00:00 0          [vdso]
b7fe3000-b7ffe000 r-xp 00000000 08:15 586582     /lib/ld-2.11.2.so
b7ffe000-b7fff000 r-xp 0001a000 08:15 586582     /lib/ld-2.11.2.so
b7fff000-b8000000 rwxp 0001b000 08:15 586582     /lib/ld-2.11.2.so
bffc2000-c0000000 rw-p 00000000 00:00 0          [stack]

It might be useful to use Valgrind memcheck tool to detect memory corruption problems. Memory corruption does not always happen in the same place where the application crashes, it may be caused in another piece of code.

I’d make an epically huge bet that the issue is not the GL driver, but some where some one is writing past their allocated bits…

also, since you are using C++, it would save yourself alot of hassle if you used std::vector<> for your arrays.

like robmx suggested, run your code with valgrind’s memcheck and see.

if you are worried about GL being stable or working on your system, get openarena and see if it works, if it does, you can prolly rely that GL is working.

This topic was automatically closed 183 days after the last reply. New replies are no longer allowed.