| 系统编程中一个重要的方面就是有效地处理与内存相关的问题。你的工作越接近系统,你就需要面对越多的内存问题。有时这些问题非常琐碎,而更多时候它会演变成一个调试内存问题的恶梦。所以,在实践中会用到很多工具来调试内存问题。 在本文中,我们将讨论最流行的开源内存管理框架 VALGRIND。 摘自 Valgrind.org: Valgrind是用于构建动态分析工具的探测框架。它包括一个工具集,每个工具执行某种类型的调试、分析或类似的任务,以帮助完善你的程序。Valgrind的架构是模块化的,所以可以容易地创建新的工具而又不会扰乱现有的结构。
许多有用的工具被作为标准而提供。 Memcheck是一个内存错误检测器。它有助于使你的程序,尤其是那些用C和C++写的程序,更加准确。 Cachegrind是一个缓存和分支预测分析器。它有助于使你的程序运行更快。 Callgrind是一个调用图缓存生成分析器。它与Cachegrind的功能有重叠,但也收集Cachegrind不收集的一些信息。 Helgrind是一个线程错误检测器。它有助于使你的多线程程序更加准确。 DRD也是一个线程错误检测器。它和Helgrind相似,但使用不同的分析技术,所以可能找到不同的问题。 Massif是一个堆分析器。它有助于使你的程序使用更少的内存。 DHAT是另一种不同的堆分析器。它有助于理解块的生命期、块的使用和布局的低效等问题。 SGcheck是一个实验工具,用来检测堆和全局数组的溢出。它的功能和Memcheck互补:SGcheck找到Memcheck无法找到的问题,反之亦然。 BBV是个实验性质的SimPoint基本块矢量生成器。它对于进行计算机架构的研究和开发很有用处。 也有一些对大多数用户没有用的小工具:Lackey是演示仪器基础的示例工具;Nulgrind是一个最小化的Valgrind工具,不做分析或者操作,仅用于测试目的。 在这篇文章我们将关注“memcheck”工具。 |Ley 翻译于 2年前 1人顶 顶 翻译的不错哦!
使用 Valgrind Memcheck memcheck工具的使用方式如下: ? 1 valgrind –tool=memcheck ./a.out 从上面的命令可以清楚的看到, 主要的命令是valgrind,而我们想使用的工具是通过'-tool'选项来指定的. 上面的‘a.out’指的是我们想使用memcheck运行的可执行文件. 该工具可以检测下列与内存相关的问题 : 未释放内存的使用 对释放后内存的读/写 对已分配内存块尾部的读/写 内存泄露 不匹配的使用malloc/new/new[] 和 free/delete/delete[] 重复释放内存 注意: 上面列出的并不很全面,但却包含了能被该工具检测到的很多普遍的问题. 让我们一个一个地对上面的场景进行讨论: 注意: 下面讨论的所有测试代码都应该使用gcc并且加上-g选项(用来在memcheck的输出中生成行号)进行编译. 就想我们之前讨论过的 C程序被编译成可执行文件, 它需要经历四个不同的阶段.
valgrind –tool=memcheck ./a.out
valgrind –tool=memcheck ./a.out
- 使用未初始化的内存 Code :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| 1#include <stdio.h>
2#include <stdlib.h>
3int main(void) {
4 char *p;
5 char c = *p;
6 printf("\n [%c]\n",c);
7 return 0;
8 }
9
10在上面的代码中,我们尝试使用未初始化的指针 ‘p’. 让我们运行Memcheck来看下结果.
11
12```bash
13$ valgrind --tool=memcheck ./val
14==2862== Memcheck, a memory error detector
15==2862== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
16==2862== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
17==2862== Command: ./val
18==2862==
19==2862== Use of uninitialised value of size 8
20==2862== at 0x400530: main (valgrind.c:8)
21==2862== [#]
22==2862==
23==2862== HEAP SUMMARY:
24==2862== in use at exit: 0 bytes in 0 blocks
25==2862== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
26==2862==
27==2862== All heap blocks were freed -- no leaks are possible
28==2862==
29==2862== For counts of detected and suppressed errors, rerun with: -v
30==2862== Use --track-origins=yes to see where uninitialized values come from
31==2862== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
32 |
从上面的输出可以看到,Valgrind检测到了未初始化的变量,然后给出了警告(上面加粗的几行(译者注:貌似上面没有加粗的)).
- 在内存被释放后进行读/写 Code :
1
2
3
4
5
6
7
8
9
10
11
12
| 1#include <stdio.h>
2#include <stdlib.h>
3int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 free(p);
9 c = *p;
10 return 0;
11 }
12 |
上面的代码中,我们有一个释放了内存的指针 ‘p’ 然后我们又尝试利用指针获取值. 让我们运行memcheck来看一下Valgrind对这种情况是如何反应的.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| 1$ valgrind --tool=memcheck ./val
2==2849== Memcheck, a memory error detector
3==2849== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2849== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2849== Command: ./val
6==2849== [a]
7==2849== Invalid read of size 1
8==2849== at 0x400603: main (valgrind.c:30)
9==2849== Address 0x51b0040 is 0 bytes inside a block of size 1 free'd
10==2849== at 0x4C270BD: free (vg_replace_malloc.c:366)
11==2849== by 0x4005FE: main (valgrind.c:29)
12==2849==
13==2849==
14==2849== HEAP SUMMARY:
15==2849== in use at exit: 0 bytes in 0 blocks
16==2849== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
17==2849==
18==2849== All heap blocks were freed -- no leaks are possible
19==2849==
20==2849== For counts of detected and suppressed errors, rerun with: -v
21==2849== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
22 |
从上面的输出内容可以看到,Valgrind检测到了无效的读取操作然后输出了警告 ‘Invalid read of size 1′. 另注,使用gdb来调试c程序. 3. 从已分配内存块的尾部进行读/写 Code :
1
2
3
4
5
6
7
8
9
10
11
12
| 1
2#include <stdio.h>
3#include <stdlib.h>
4int main(void) {
5 char *p = malloc(1);
6 *p = 'a';
7 char c = *(p+1);
8 printf("\n [%c]\n",c);
9 free(p);
10 return 0;
11 }
12 |
在上面的代码中,我们已经为‘p’分配了一个字节的内存,但我们在将值读取到 ‘c’中的时候使用的是地址p+1. 现在我们使用Valgrind运行上面的代码 :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| 1 $ valgrind --tool=memcheck ./val
2==2835== Memcheck, a memory error detector
3==2835== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2835== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2835== Command: ./val
6==2835==
7==2835== Invalid read of size 1
8==2835== at 0x4005D9: main (valgrind.c:25)
9==2835== Address 0x51b0041 is 0 bytes after a block of size 1 alloc'd
10==2835== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
11==2835== by 0x4005C5: main (valgrind.c:22)
12==2835== []
13==2835==
14==2835== HEAP SUMMARY:
15==2835== in use at exit: 0 bytes in 0 blocks
16==2835== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
17==2835==
18==2835== All heap blocks were freed -- no leaks are possible
19==2835==
20==2835== For counts of detected and suppressed errors, rerun with: -v
21==2835== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
22 |
同样,该工具在这种情况下也检测到了无效的读取操作. 4. 内存泄露 Code:
1
2
3
4
5
6
7
8
9
10
| 1#include <stdio.h>
2#include <stdlib.h>
3int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 return 0;
9 }
10 |
在这次的代码中, 我们申请了一个字节但是没有将它释放.现在让我们运行Valgrind看看会发生什么: ?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2888== Memcheck, a memory error detector
3==2888== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2888== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2888== Command: ./val
6==2888== [a]
7==2888==
8==2888== HEAP SUMMARY:
9==2888== in use at exit: 1 bytes in 1 blocks
10==2888== total heap usage: 1 allocs, 0 frees, 1 bytes allocated
11==2888==
12==2888== 1 bytes in 1 blocks are definitely lost in loss record 1 of 1
13==2888== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
14==2888== by 0x400575: main (valgrind.c:6)
15==2888==
16==2888== LEAK SUMMARY:
17==2888== definitely lost: 1 bytes in 1 blocks
18==2888== indirectly lost: 0 bytes in 0 blocks
19==2888== possibly lost: 0 bytes in 0 blocks
20==2888== still reachable: 0 bytes in 0 blocks
21==2888== suppressed: 0 bytes in 0 blocks
22==2888==
23==2888== For counts of detected and suppressed errors, rerun with: -v
24==2888== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
25 |
输出行(上面加粗的部分)显示,该工具能够检测到内存的泄露. 注意: 在这里我们增加了一个选项‘–leak-check=full’来得到内存泄露的详细细节.
1
2
3
4
5
6
7
8
9
| 1#include <stdio.h>
2#include <stdlib.h>
3int main(void) {
4 char *p;
5 char c = *p;
6 printf("\n [%c]\n",c);
7 return 0;
8}
9 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| 1$ valgrind --tool=memcheck ./val
2==2862== Memcheck, a memory error detector
3==2862== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2862== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2862== Command: ./val
6==2862==
7==2862== Use of uninitialised value of size 8
8==2862== at 0x400530: main (valgrind.c:8)
9==2862== [#]
10==2862==
11==2862== HEAP SUMMARY:
12==2862== in use at exit: 0 bytes in 0 blocks
13==2862== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
14==2862==
15==2862== All heap blocks were freed -- no leaks are possible
16==2862==
17==2862== For counts of detected and suppressed errors, rerun with: -v
18==2862== Use --track-origins=yes to see where uninitialized values come from
19==2862== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
20
21
22```cpp
23#include <stdio.h>
24#include <stdlib.h>
25int main(void) {
26 char *p = malloc(1);
27 *p = 'a';
28 char c = *p;
29 printf("\n [%c]\n",c);
30 free(p);
31 c = *p;
32 return 0;
33 }
34 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| 1$ valgrind --tool=memcheck ./val
2==2849== Memcheck, a memory error detector
3==2849== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2849== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==2849== Command: ./val
5==2849== [a]
6==2849== Invalid read of size 1
7==2849== at 0x400603: main (valgrind.c:30)
8==2849== Address 0x51b0040 is 0 bytes inside a block of size 1 free'd
9==2849== at 0x4C270BD: free (vg_replace_malloc.c:366)
10==2849== by 0x4005FE: main (valgrind.c:29)
11==2849==
12==2849==
13==2849== HEAP SUMMARY:
14==2849== in use at exit: 0 bytes in 0 blocks
15==2849== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
16==2849==
17==2849== All heap blocks were freed -- no leaks are possible
18==2849==
19==2849== For counts of detected and suppressed errors, rerun with: -v
20==2849== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
21 |
1
2
3
4
5
6
7
8
9
10
| 1#include <stdio.h> #include <stdlib.h>
2 int main(void) {
3 char *p = malloc(1);
4 *p = 'a';
5 char c = *(p+1);
6 printf("\n [%c]\n",c);
7 free(p);
8 return 0;
9 }
10 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| 1$ valgrind --tool=memcheck ./val
2==2835== Memcheck, a memory error detector
3==2835== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2835== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2835== Command: ./val
6==2835==
7==2835== Invalid read of size 1
8==2835== at 0x4005D9: main (valgrind.c:25)
9==2835== Address 0x51b0041 is 0 bytes after a block of size 1 alloc'd
10==2835== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
11==2835== by 0x4005C5: main (valgrind.c:22)
12==2835== []
13==2835==
14==2835== HEAP SUMMARY:
15==2835== in use at exit: 0 bytes in 0 blocks
16==2835== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
17==2835==
18==2835== All heap blocks were freed -- no leaks are possible
19==2835==
20==2835== For counts of detected and suppressed errors, rerun with: -v
21==2835== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
22 |
1
2
3
4
5
6
7
8
9
| 1#include <stdio.h>
2 #include <stdlib.h>
3 int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 return 0; }
9 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2888== Memcheck, a memory error detector
3==2888== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2888== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==2888== Command: ./val
5==2888== [a]
6==2888==
7==2888== HEAP SUMMARY:
8==2888== in use at exit: 1 bytes in 1 blocks
9==2888== total heap usage: 1 allocs, 0 frees, 1 bytes allocated
10==2888==
11==2888== 1 bytes in 1 blocks are definitely lost in loss record 1 of 1
12==2888== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
13==2888== by 0x400575: main (valgrind.c:6)
14==2888==
15==2888== LEAK SUMMARY:
16==2888== definitely lost: 1 bytes in 1 blocks
17==2888== indirectly lost: 0 bytes in 0 blocks
18==2888== possibly lost: 0 bytes in 0 blocks
19==2888== still reachable: 0 bytes in 0 blocks
20==2888== suppressed: 0 bytes in 0 blocks
21==2888==
22==2888== For counts of detected and suppressed errors, rerun with: -v
23==2888== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
24 |
1
2
3
4
5
6
7
8
9
| 1#include <stdio.h>
2#include <stdlib.h>
3 int main(void) {
4 char *p;
5 char c = *p;
6 printf("\n [%c]\n",c);
7 return 0;
8}
9 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| 1$ valgrind --tool=memcheck ./val
2==2862== Memcheck, a memory error detector
3==2862== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2862== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2862== Command: ./val
6==2862==
7==2862== Use of uninitialised value of size 8
8==2862== at 0x400530: main (valgrind.c:8)
9==2862== [#]
10==2862==
11==2862== HEAP SUMMARY:
12==2862== in use at exit: 0 bytes in 0 blocks
13==2862== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
14==2862==
15==2862== All heap blocks were freed -- no leaks are possible
16==2862==
17==2862== For counts of detected and suppressed errors, rerun with: -v
18==2862== Use --track-origins=yes to see where uninitialized values come from
19==2862== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
20 |
1
2
3
4
5
6
7
8
9
10
11
12
| 1#include <stdio.h>
2#include <stdlib.h>
3 int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 free(p);
9 c = *p;
10 return 0;
11 }
12 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| 1$ valgrind --tool=memcheck ./val
2==2849== Memcheck, a memory error detector
3==2849== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2849== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2849== Command: ./val
6==2849== [a]
7==2849== Invalid read of size 1
8==2849== at 0x400603: main (valgrind.c:30)
9==2849== Address 0x51b0040 is 0 bytes inside a block of size 1 free'd
10==2849== at 0x4C270BD: free (vg_replace_malloc.c:366)
11==2849== by 0x4005FE: main (valgrind.c:29)
12==2849==
13==2849==
14==2849== HEAP SUMMARY:
15==2849== in use at exit: 0 bytes in 0 blocks
16==2849== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
17==2849==
18==2849== All heap blocks were freed -- no leaks are possible
19==2849==
20==2849== For counts of detected and suppressed errors, rerun with: -v
21==2849== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
22 |
1
2
3
4
5
6
7
8
9
10
11
| 1#include <stdio.h>
2#include <stdlib.h>
3 int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *(p+1);
7 printf("\n [%c]\n",c);
8 free(p);
9 return 0;
10 }
11 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| 1$ valgrind --tool=memcheck ./val
2==2835== Memcheck, a memory error detector
3==2835== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2835== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==2835== Command: ./val
5==2835==
6==2835== Invalid read of size 1
7==2835== at 0x4005D9: main (valgrind.c:25)
8==2835== Address 0x51b0041 is 0 bytes after a block of size 1 alloc'd
9==2835== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
10==2835== by 0x4005C5: main (valgrind.c:22)
11==2835== []
12==2835==
13==2835== HEAP SUMMARY:
14==2835== in use at exit: 0 bytes in 0 blocks
15==2835== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
16==2835==
17==2835== All heap blocks were freed -- no leaks are possible
18==2835==
19==2835== For counts of detected and suppressed errors, rerun with: -v
20==2835== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
21 |
1
2
3
4
5
6
7
8
9
10
| 1#include <stdio.h>
2#include <stdlib.h>
3 int main(void) {
4 char *p = malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 return 0;
9 }
10 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2888== Memcheck, a memory error detector
3==2888== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2888== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==2888== Command: ./val
5==2888== [a]
6==2888==
7==2888== HEAP SUMMARY:
8==2888== in use at exit: 1 bytes in 1 blocks
9==2888== total heap usage: 1 allocs, 0 frees, 1 bytes allocated
10==2888== ==2888== 1 bytes in 1 blocks are definitely lost in loss record 1 of 1
11==2888== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
12==2888== by 0x400575: main (valgrind.c:6)
13==2888==
14==2888== LEAK SUMMARY:
15==2888== definitely lost: 1 bytes in 1 blocks
16==2888== indirectly lost: 0 bytes in 0 blocks
17==2888== possibly lost: 0 bytes in 0 blocks
18==2888== still reachable: 0 bytes in 0 blocks
19==2888== suppressed: 0 bytes in 0 blocks
20==2888==
21==2888== For counts of detected and suppressed errors, rerun with: -v
22==2888== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
23 |
- 不匹配地使用malloc/new/new[] 和 free/delete/delete[] Code:
1
2
3
4
5
6
7
8
9
10
| 1 #include <stdio.h> #include <stdlib.h> #include<iostream>
2 int main(void) {
3 char *p = (char*)malloc(1);
4 *p = 'a';
5 char c = *p;
6 printf("\n [%c]\n",c);
7 delete p;
8 return 0;
9 }
10 |
上面的代码中,我们使用了malloc()来分配内存,但是使用了delete操作符来删除内存. 注意 : 使用g++来编译上面的代码,因为delete操作符是在C++中引进的,而要编译C++需要使用g++. 让我们运行来看一下 :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2972== Memcheck, a memory error detector
3==2972== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2972== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2972== Command: ./val
6==2972== [a]
7==2972== Mismatched free() / delete / delete []
8==2972== at 0x4C26DCF: operator delete(void*) (vg_replace_malloc.c:387)
9==2972== by 0x40080B: main (valgrind.c:13)
10==2972== Address 0x595e040 is 0 bytes inside a block of size 1 alloc'd
11==2972== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
12==2972== by 0x4007D5: main (valgrind.c:7)
13==2972==
14==2972==
15==2972== HEAP SUMMARY:
16==2972== in use at exit: 0 bytes in 0 blocks
17==2972== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
18==2972==
19==2972== All heap blocks were freed -- no leaks are possible
20==2972==
21==2972== For counts of detected and suppressed errors, rerun with: -v
22==2972== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
23 |
从上面的输出可以看到 (加粗的行), Valgrind清楚的说明了‘不匹配的使用了free() / delete / delete []‘ 你可以尝试在测试代码中使用'new'和'free'进行组合来看看Valgrind给出的结果是什么.
1
2
3
4
5
6
7
8
9
10
11
12
| 1#include <stdio.h>
2#include <stdlib.h>
3#include<iostream>
4int main(void) {
5 char *p = (char*)malloc(1);
6 *p = 'a';
7 char c = *p;
8 printf("\n [%c]\n",c);
9 delete p;
10 return 0;
11 }
12 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2972== Memcheck, a memory error detector
3==2972== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2972== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2972== Command: ./val
6==2972== [a]
7==2972== Mismatched free() / delete / delete []
8==2972== at 0x4C26DCF: operator delete(void*) (vg_replace_malloc.c:387)
9==2972== by 0x40080B: main (valgrind.c:13)
10==2972== Address 0x595e040 is 0 bytes inside a block of size 1 alloc'd
11==2972== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
12==2972== by 0x4007D5: main (valgrind.c:7)
13==2972==
14==2972==
15==2972== HEAP SUMMARY:
16==2972== in use at exit: 0 bytes in 0 blocks
17==2972== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
18==2972==
19==2972== All heap blocks were freed -- no leaks are possible
20==2972==
21==2972== For counts of detected and suppressed errors, rerun with: -v
22==2972== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
23 |
1
2
3
4
5
6
7
8
9
10
11
12
13
| 1
2#include <stdio.h>
3#include <stdlib.h>
4#include<iostream>
5 int main(void) {
6 char *p = (char*)malloc(1);
7 *p = 'a';
8 char c = *p;
9 printf("\n [%c]\n",c);
10 delete p;
11 return 0;
12}
13 |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==2972== Memcheck, a memory error detector
3==2972== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==2972== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
5==2972== Command: ./val
6==2972== [a]
7==2972== Mismatched free() / delete / delete []
8==2972== at 0x4C26DCF: operator delete(void*) (vg_replace_malloc.c:387)
9==2972== by 0x40080B: main (valgrind.c:13)
10==2972== Address 0x595e040 is 0 bytes inside a block of size 1 alloc'd
11==2972== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
12==2972== by 0x4007D5: main (valgrind.c:7)
13==2972==
14==2972==
15==2972== HEAP SUMMARY:
16==2972== in use at exit: 0 bytes in 0 blocks
17==2972== total heap usage: 1 allocs, 1 frees, 1 bytes allocated
18==2972==
19==2972== All heap blocks were freed -- no leaks are possible
20==2972==
21==2972== For counts of detected and suppressed errors, rerun with: -v
22==2972== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
23
24 |
6. 两次释放内存
Code :
1
2
3
4
5
6
7
8
9
10
11
12
| 1#include <stdio.h>
2#include <stdlib.h>
3 int main(void) {
4 char *p = (char*)malloc(1);
5 *p = 'a';
6 char c = *p;
7 printf("\n [%c]\n",c);
8 free(p);
9 free(p);
10 return 0;
11 }
12 |
在上面的代码中, 我们两次释放了'p'指向的内存. 现在让我们运行memcheck :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| 1$ valgrind --tool=memcheck --leak-check=full ./val
2==3167== Memcheck, a memory error detector
3==3167== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
4==3167== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==3167== Command: ./val
5==3167== [a]
6==3167== Invalid free() / delete / delete[]
7==3167== at 0x4C270BD: free (vg_replace_malloc.c:366)
8==3167== by 0x40060A: main (valgrind.c:12)
9==3167== Address 0x51b0040 is 0 bytes inside a block of size 1 free'd ==3167== at 0x4C270BD: free (vg_replace_malloc.c:366)
10==3167== by 0x4005FE: main (valgrind.c:11)
11==3167==
12==3167==
13==3167== HEAP SUMMARY:
14==3167== in use at exit: 0 bytes in 0 blocks
15==3167== total heap usage: 1 allocs, 2 frees, 1 bytes allocated
16==3167==
17==3167== All heap blocks were freed -- no leaks are possible
18==3167==
19==3167== For counts of detected and suppressed errors, rerun with: -v
20==3167== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
21 |
从上面的输出可以看到(加粗的行), 该功能检测到我们对同一个指针调用了两次释放内存操作.
在本文中,我们把注意力放在了内存管理框架Valgrind,然后使用memcheck(Valgrind框架提供的)工具来了解它是如何降低需要经常操作内存的程序员的负担的. 该工具能够检测到很多手动检测不到的与内存相关的问题
