valgrind定位内存问题
来源:互联网 发布:神仙劫法座进阶数据 编辑:程序博客网 时间:2024/06/05 00:22
valgrind介绍
Valgrind是一个GPL的软件,用于Linux(For x86, amd64 and ppc32)程序的内存调试和代码剖析。你可以在它的环境中运行你的程序来监视内存的使用情况,比如C 语言中的malloc和free或者 C++中的new和 delete。使用Valgrind的工具包,你可以自动的检测许多内存管理和线程的bug,避免花费太多的时间在bug寻找上,使得你的程序更加稳固。
Valgrind的主要功能
Valgrind工具包包含多个工具,如Memcheck,Cachegrind,Helgrind, Callgrind,Massif。下面分别介绍个工具的作用:
Memcheck 工具主要检查下面的程序错误:
1.使用未初始化的内存 (Use of uninitialised memory)
2.使用已经释放了的内存 (Reading/writing memory after it has been free’d)
3.使用超过 malloc分配的内存空间(Reading/writing off the end of malloc’d blocks)
4.对堆栈的非法访问 (Reading/writing inappropriate areas on the stack)
5.申请的空间是否有释放 (Memory leaks – where pointers to malloc’d blocks are lost forever)
6.malloc/free/new/delete申请和释放内存的匹配(Mismatched use of malloc/new/new [] vs free/delete/delete [])
7.src和dst的重叠(Overlapping src and dst pointers in memcpy() and related functions)
Callgrind
Callgrind收集程序运行时的一些数据,函数调用关系等信息,还可以有选择地进行cache 模拟。在运行结束时,它会把分析数据写入一个文件。callgrind_annotate可以把这个文件的内容转化成可读的形式。
Cachegrind
它模拟 CPU中的一级缓存I1,D1和L2二级缓存,能够精确地指出程序中 cache的丢失和命中。如果需要,它还能够为我们提供cache丢失次数,内存引用次数,以及每行代码,每个函数,每个模块,整个程序产生的指令数。这对优化程序有很大的帮助。
Helgrind
它主要用来检查多线程程序中出现的竞争问题。Helgrind 寻找内存中被多个线程访问,而又没有一贯加锁的区域,这些区域往往是线程之间失去同步的地方,而且会导致难以发掘的错误。Helgrind实现了名为” Eraser” 的竞争检测算法,并做了进一步改进,减少了报告错误的次数。
Massif
堆栈分析器,它能测量程序在堆栈中使用了多少内存,告诉我们堆块,堆管理块和栈的大小。Massif能帮助我们减少内存的使用,在带有虚拟内存的现代系统中,它还能够加速我们程序的运行,减少程序停留在交换区中的几率。
Ubuntu 安装valgrind: sudo apt-get install valgrind
测试示例:
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
//动态内存泄漏
static void mem_leak1(void)
{
char *p = malloc(1);
}
//资源泄漏,代码中以文件描述符为例
static void mem_leak2(void)
{
FILE *fp = fopen("test.txt", "w");
}
//动态内存越界
static void mem_overrun1(void)
{
char *p = malloc(1);
*(short*)p = 2;
free(p);
}
//数据越界,字符串结束符'\0'
static void mem_overrun2(void)
{
char array[5];
strcpy(array, "hello");
}
//动态内存double free
static void mem_double_free(void)
{
char *p = malloc(1);
free(p);
free(p);
}
/*
* 使用野指针
* 指向一个不可用内存区域的指针(已删除或未申请内存区域),称为野指针
*/
static void mem_free_wild_pointer(void)
{
char *p;
free(p);
}
int main()
{
mem_leak1();
mem_leak2();
mem_overrun1();
mem_overrun2();
mem_double_free();
mem_free_wild_pointer();
return 0;
}
gcc 编译后,使用valgrind运行进行内存错误检测,结果如下:
tiany@tiany-desktop:~/program/C$ valgrind --track-fds=yes --leak-check=full --undef-value-errors=yes ./memErr
==3691== Memcheck, a memory error detector
==3691== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==3691== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==3691== Command: ./memErr
==3691==
//此处检测到了动态内存的越界
==3691== Invalid write of size 2
==3691== at 0x40067C: mem_overrun1 (in /home/tiany/program/C/memErr)
==3691== by 0x400724: main (in /home/tiany/program/C/memErr)
==3691== Address 0x51fd310 is 0 bytes inside a block of size 1 alloc'd
==3691== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x400673: mem_overrun1 (in /home/tiany/program/C/memErr)
==3691== by 0x400724: main (in /home/tiany/program/C/memErr)
==3691==
//检测到double free
==3691== Invalid free() / delete / delete[] / realloc()
==3691== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x4006F9: mem_double_free (in /home/tiany/program/C/memErr)
==3691== by 0x40072E: main (in /home/tiany/program/C/memErr)
==3691== Address 0x51fd360 is 0 bytes inside a block of size 1 free'd
==3691== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x4006ED: mem_double_free (in /home/tiany/program/C/memErr)
==3691== by 0x40072E: main (in /home/tiany/program/C/memErr)
==3691==
//检测到未初始化变量的问题
==3691== Conditional jump or move depends on uninitialised value(s)
==3691== at 0x4C2BDA2: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x40070F: mem_free_wild_pointer (in /home/tiany/program/C/memErr)
==3691== by 0x400733: main (in /home/tiany/program/C/memErr)
==3691==
//检测到非法使用野指针
==3691== Invalid free() / delete / delete[] / realloc()
==3691== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x40070F: mem_free_wild_pointer (in /home/tiany/program/C/memErr)
==3691== by 0x400733: main (in /home/tiany/program/C/memErr)
==3691== Address 0x51fd360 is 0 bytes inside a block of size 1 free'd
==3691== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x4006ED: mem_double_free (in /home/tiany/program/C/memErr)
==3691== by 0x40072E: main (in /home/tiany/program/C/memErr)
==3691==
==3691==
/*
* 检测到文件指针资源的泄漏,即就是退出时未关闭打开的文件描述符
*/
==3691== FILE DESCRIPTORS: 4 open at exit.
==3691== Open file descriptor 3: test.txt
==3691== at 0x4F234B0: __open_nocancel (syscall-template.S:81)
==3691== by 0x4EB1E07: _IO_file_open (fileops.c:228)
==3691== by 0x4EB1E07: _IO_file_fopen@@GLIBC_2.2.5 (fileops.c:333)
==3691== by 0x4EA62E3: __fopen_internal (iofopen.c:90)
==3691== by 0x40065B: mem_leak2 (in /home/tiany/program/C/memErr)
==3691== by 0x40071F: main (in /home/tiany/program/C/memErr)
==3691==
==3691== Open file descriptor 2: /dev/pts/8
==3691== <inherited from parent>
==3691==
==3691== Open file descriptor 1: /dev/pts/8
==3691== <inherited from parent>
==3691==
==3691== Open file descriptor 0: /dev/pts/8
==3691== <inherited from parent>
==3691==
==3691==
//堆信息
==3691== HEAP SUMMARY:
==3691== in use at exit: 569 bytes in 2 blocks
==3691== total heap usage: 4 allocs, 4 frees, 571 bytes allocated
==3691==
==3691== 1 bytes in 1 blocks are definitely lost in loss record 1 of 2
==3691== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3691== by 0x40063E: mem_leak1 (in /home/tiany/program/C/memErr)
==3691== by 0x40071A: main (in /home/tiany/program/C/memErr)
==3691==
==3691== LEAK SUMMARY:
==3691== definitely lost: 1 bytes in 1 blocks
==3691== indirectly lost: 0 bytes in 0 blocks
==3691== possibly lost: 0 bytes in 0 blocks
==3691== still reachable: 568 bytes in 1 blocks
==3691== suppressed: 0 bytes in 0 blocks
==3691== Reachable blocks (those to which a pointer was found) are not shown.
==3691== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==3691==
==3691== For counts of detected and suppressed errors, rerun with: -v
==3691== Use --track-origins=yes to see where uninitialised values come from
==3691== ERROR SUMMARY: 6 errors from 5 contexts (suppressed: 0 from 0)
- valgrind定位内存问题
- 实例介绍利用valgrind定位内存泄漏问题
- 实例介绍利用valgrind定位内存非法访问问题
- 实例介绍利用valgrind定位内存泄漏问题
- Valgrind 内存问题简述
- Valgrind内存泄漏检查及定位利器
- 实例介绍利用valgrind定位内存异常释放问题(double free 和wrong free)
- 实例介绍利用valgrind定位strcpy/strncpy/strcat/strncat内存重叠问题
- 话说linux 下的pthread 内存问题 (Valgrind 检测 及定位排除)
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题 !
- 使用valgrind检查内存问题
- 使用valgrind检查内存问题
- Color the ball ---树状数组(区间更新及单点求值)
- 解决已经安装requests,却依然提示No module named 'requests'
- C#多线程实操
- mysql入门命令
- table样式
- valgrind定位内存问题
- 永久代(PermGen)和元空间的区别(Metaspace)
- Ecology8二次开发:HTML表单字段必填验证的添加与移除
- 使用Slf4j集成Log4j2构建项目日志系统的完美解决方案
- @Resource注解的使用,@Autowired和和@Resource的区别是什么?
- history.back(-1)和history.go(-1)的区别
- 解决Fragment切换过快程序崩溃
- sqlserver中判断表或临时表是否存在
- hdu4547