开发者

Error message: *** glibc detected *** ./cube: double free or corruption (!prev): 0x0a4c4420 ***

问答 作者:

In the following code I am getting an error: 

333         glGenBuffers(surftotal, uiVBO);
334         {
335                 for(surfnum=0; surfnum<surftotal; ++surfnum)
336                 {
337                         glBindBuffer(GL_ARRAY_BUFFER, uiVBO[surfnum]);
338                         size_t buf_size = 9*sizeof(GLfloat)*triNum[surfnum];
339                         GLfloat* const pData = (GLfloat*)malloc(buf_size);
340                         for(i=0; i<triNum[surfnum]; ++i)
341                                 printf("%d...",triNum[surfnum]);
342                                 {
343                                 memcpy(pData+i*9,   triArray[surfnum][i].pt1, 3*sizeof(GLfloat));
344                                 memcpy(pData+i*9+3, triArray[surfnum][i].pt2, 3*sizeof(GLfloat));
345                                 memcpy(pData+i*9+6, triArray[surfnum][i].pt3, 3*sizeof(GLfloat));
346                                 }
347                                 glBufferData(GL_ARRAY_BUFFER, buf_size, pData, GL_STATIC_DRAW);
348                                 free(pData);
349                 }
350                 glBindBuffer(GL_ARRAY_BUFFER, 0);
351                 glEnableVertexAttribArray(VERTEX_ARRAY);
352                 for(surfnum=0; surfnum<surftotal; ++surfnum)
353                 {
354                         glBindBuffer(GL_ARRAY_BUFFER, uiVBO[surfnum]);
355                         glVertexAttribPointer(VERTEX_ARRAY, 3, GL_FLOAT, GL_FALSE, 0, 0);
356                         glDrawArrays(GL_TRIANGLES, 0, 3*triNum[surfnum]);
357                         if (!TestEGLError("glDrawArrays"))
358                         {
359                         goto cleanup;
360                         }
361                 }
362                 glBindBuffer(GL_ARRAY_BUFFER, 0);
363                 eglSwapBuffers(eglDisplay, eglSurface);
364 
365                 if (!TestEGLError("eglSwapBuffers"))
366                 {
367                         goto cleanup;
368                 }
369 
370                 int i32NumMessages = XPending( x11Display );
371                 for( int i = 0; i < i32NumMessages; i++ )
372                 {
373                         XEvent  event;
374                         XNextEvent( x11Display, &event );
375                 }
376         }
377         glDeleteBuffers(surftotal,uiVBO);

And the error is the following:

* glibc detected ./cube: free(): invalid pointer: 0x090c53a0 *开发者_运维技巧*

printf is getting the error, and it writes 7 7 7 7 7 7 7 1 aborted and then this error.

When I try to print there I get this error. I try to use valgrind and its output is:

==8922== Memcheck, a memory error detector
==8922== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==8922== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
==8922== Command: ./cube
==8922== 
libEGL warning: use software fallback
==8922== Invalid write of size 1
==8922==    at 0x4027418: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A48F: main (Hello.cpp:343)
==8922==  Address 0x9391567 is 11 bytes after a block of size 252 alloc'd
==8922==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==8922==    by 0x804A3EC: main (Hello.cpp:339)
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027420: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A48F: main (Hello.cpp:343)
==8922==  Address 0x9391566 is 10 bytes after a block of size 252 alloc'd
==8922==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==8922==    by 0x804A3EC: main (Hello.cpp:339)
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027429: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A48F: main (Hello.cpp:343)
==8922==  Address 0x9391565 is 9 bytes after a block of size 252 alloc'd
==8922==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==8922==    by 0x804A3EC: main (Hello.cpp:339)
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027432: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A48F: main (Hello.cpp:343)
==8922==  Address 0x9391564 is 8 bytes after a block of size 252 alloc'd
==8922==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==8922==    by 0x804A3EC: main (Hello.cpp:339)
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027418: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A4E3: main (Hello.cpp:344)
==8922==  Address 0x9391573 is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027420: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A4E3: main (Hello.cpp:344)
==8922==  Address 0x9391572 is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027429: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A4E3: main (Hello.cpp:344)
==8922==  Address 0x9391571 is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027432: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A4E3: main (Hello.cpp:344)
==8922==  Address 0x9391570 is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027418: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A539: main (Hello.cpp:345)
==8922==  Address 0x939157f is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027420: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A539: main (Hello.cpp:345)
==8922==  Address 0x939157e is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027429: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A539: main (Hello.cpp:345)
==8922==  Address 0x939157d is not stack'd, malloc'd or (recently) free'd
==8922== 
==8922== Invalid write of size 1
==8922==    at 0x4027432: memcpy (mc_replace_strmem.c:497)
==8922==    by 0x804A539: main (Hello.cpp:345)
==8922==  Address 0x939157c is not stack'd, malloc'd or (recently) free'd
==8922== 
--8922-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--8922-- si_code=1;  Faulting address: 0xC8B91574;  sp: 0x62a5ce00

valgrind: the 'impossible' happened:
   Killed by fatal signal
==8922==    at 0x38031511: unlinkBlock (m_mallocfree.c:245)

sched status:
  running_tid=1

Thread 1: status = VgTs_Runnable
==8922==    at 0x4024F12: calloc (vg_replace_malloc.c:467)
==8922==    by 0x48D068A: softpipe_resource_create (sp_texture.c:114)
==8922==    by 0x4A50D96: st_bufferobj_data (u_inlines.h:180)
==8922==    by 0x4A1BB4E: _mesa_BufferDataARB (bufferobj.c:1177)
==8922==    by 0x49BFFD7: _es_BufferData (api_exec_es2.c:391)
==8922==    by 0x804A561: main (Hello.cpp:347)

But I was unable to understand it. Can you tell me where the error is? If I use

export MALLOC_CHECK_=0

this gives a segmentation fault.

(I have edited the question)

for(i=0; i<triNum[surfnum]; ++i)
    printf("%d...",triNum[surfnum]);
    {
    memcpy(pData+i*9,   triArray[surfnum][i].pt1, 3*sizeof(GLfloat));
    memcpy(pData+i*9+3, triArray[surfnum][i].pt2, 3*sizeof(GLfloat));
    memcpy(pData+i*9+6, triArray[surfnum][i].pt3, 3*sizeof(GLfloat));
    }

You have a problem with the brace placement here. Only the printf is inside the loop, and as a result, the memcpy lines will only be run once, with a value of i that is too large.

This will overwrite memory outside the bounds of your buffer, which causes the memory corruption error you see.

继续阅读:cglibcmemoryopengl-esvalgrind

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9