lecture14一内存检测、剖面 分析 绳伟光 上海交通大学微纳电子学系 2017年04月18日 ERS
lecture 14 ——内存检测、剖面 分析 绳伟光 上海交通大学微纳电子学系 2017年04月18日
内容 ■内存检测 ■剖面分析 2
内存检测 剖面分析 内容 2
内容 ■内存检测 ·剖面分析 3
内存检测 剖面分析 内容 3
内存使用问题 ■ 内存泄漏 ■非法内存地址访问 ■读取未初始化区域 ■访问已释放区域 ■内存双重释放 ■非法栈操作 4
内存泄漏 非法内存地址访问 读取未初始化区域 访问已释放区域 内存双重释放 非法栈操作 内存使用问题 4
Valgrind ■Valgrind是一个Unix/Linux动态分析工具 ■Valgrind:最主要的用途是检测程序的内存问题 ■Valgrind可以检测出内存的非法使用,对缓存 、堆进行profiling,检测POSIX线程冲突 ■Valgrind需要先安装后使用 5
Valgrind是一个Unix/Linux动态分析工具 Valgrind最主要的用途是检测程序的内存问题 Valgrind可以检测出内存的非法使用,对缓存 、堆进行profiling,检测POSIX线程冲突 Valgrind需要先安装后使用 Valgrind 5
Valgrind内存检测工具的使用方法 ■Valgrind提供的工具 memcheck:检测内存问题 callgrind:检测函数调用问题 cachegrind:检测缓存使用问题 helgrind:检测多线程问题 massif:检测程序堆栈使用问题 extension:自定义扩展功能 假设要检测的程序为program valgrind--tool=memcheck--leak-check=yes program valgrind--leak-check=yes program &valgrind默认启用memcheck工具 ■其余工具的用法由大家自行探索 6
Valgrind提供的工具 memcheck:检测内存问题 callgrind:检测函数调用问题 cachegrind:检测缓存使用问题 helgrind:检测多线程问题 massif:检测程序堆栈使用问题 extension:自定义扩展功能 假设要检测的程序为program valgrind --tool=memcheck --leak-check=yes program valgrind --leak-check=yes program valgrind默认启用memcheck工具 其余工具的用法由大家自行探索 Valgrind内存检测工具的使用方法 6
检测内存泄漏 B test1.c(-/calg/memchk)-gedit 文件(F)编辑(E)查看(M搜索(S)工具(T文档(D)帮助(H) 雪巴打开~保存台撤消 的國 test1.c x 1 #include 2 3 int main(void) 4 5 char *p malloc(10); 6 return EXIT_SUCCESS; 7 [wgsheng@calg memchk]$gcc test1.c -o test1 [wgsheng@calg memchk]$valgrind ./test1 ==3078==Memcheck,a memory error detector ==3078==Copyright (C)2002-2012,and GNU GPL'd,by Julian Seward et al. ==3078==Using Valgrind-3.8.1 and LibVEX;rerun with -h for copyright info ==3078== Command:./test1 ==3078== ==3078== ==3078==HEAP SUMMARY: ==3078== in use at exit:10 bytes in 1 blocks ==3078== total heap usage:1 allocs,0 frees,10 bytes allocated ==3078== ==3078==LEAK SUMMARY: 3078== definitely lost:10 bytes in 1 blocks ==3078== indirectly lost:0 bytes in 0 blocks =3078== possibly lost:0 bytes in 0 blocks ==3078== still reachable:0 bytes in 0 blocks ==3078== suppressed:0 bytes in 0 blocks ==3078==Rerun with --leak-check=full to see details of leaked memory ==3078== ==3078==For counts of detected and suppressed errors,rerun with:-v 画终端超Shel‖输出 C~跳格宽度:4行1,列20 插入
检测内存泄漏 7
显示详细泄露信息(编译时加-g选项) 2 test1.c(~/calg/memchk)-gedit -回X 文件(F)编辑(E)查看()搜索(S)工具(T文档(D)帮助(H) ©白打开~位保存凸今撤消血色扁小的 画test1.c× 1 #include 2 y int main(void) 4 { 5 char *p malloc(10); 6 return EXIT_SUCCESS; 7 [wgsheng@calg memchk]$valgrind --leak-check=full./test1 ==3123==Memcheck,a memory error detector ==3123==Copyright (C)2002-2012,and GNU GPL'd,by Julian Seward et al. ==3123==Using Valgrind-3.8.1 and LibVEX;rerun with -h for copyright info ==3123==Command:./test1 ==3123== ==3123== ==3123==HEAP SUMMARY: ==3123== in use at exit:10 bytes in 1 blocks ==3123== total heap usage:1 allocs,0 frees,10 bytes allocated ==3123== ==3123==10 bytes in 1 blocks are definitely lost in loss record 1 of 1 =3123- at 0x40072B2:malloc (vg replace_malloc.c:270) ==3123== by 0x80483D8:main (test1.c:5) ==3123= ==3123==LEAK SUMMARY: ==3123== definitely lost:10 bytes in 1 blocks ==3123= indirectly lost:0 bytes in 0 blocks =3123== possibly lost:0 bytes in 0 blocks ==3123== still reachable:0 bytes in 0 blocks ==3123= suppressed:0 bytes in 0 blocks 国终端s始Shel输出 C~跳格宽度:4~行1,列20 插入 8
显示详细泄露信息(编译时加-g选项) 8
检测非法内存地址访问 2 test2.c(~/calg/memchk)-gedit 一口× 文件()编辑(E)查看)搜索(S)工具(D文档(D)帮助H) 巴打开业保存台的撤消◆端岛鹤 test2.c× 1 #include 2 3 int main(void) 4 { 5 char *p malloc(10); 6 p[10]1;/write to illegal memory address*/ 7 free(p); 8 return EXIT_SUCCESS; 9 } ==3142==Copyright (C)2002-2012,and GNU GPL'd,by Julian Seward et al. ==3142==Using Valgrind-3.8.1 and LibVEX;rerun with -h for copyright info ==3142==Command:./test2 ==3142== -=3T42==Invalid write of size 1 -3142= at 0x8048414:main (test2.c:6) ==3142==Address 0x4027032-is-0-bytes after a block of size 10 alloc'd ==3142== at 0x40072B2:malloc (vg_replace_malloc.c:270) ==3142= by 0x8048408:main (test2.c:5) ==3142== ==3142== ==3142==HEAP SUMMARY: ==3142== in use at exit:0 bytes in 0 blocks ==3142== total heap usage:1 allocs,1 frees,10 bytes allocated ==3142== ==3142==All heap blocks were freed --no leaks are possible ==3142== ==3142==For counts of detected and suppressed errors,rerun with:-v 国终端Shell输出 C~跳格宽度:4~行6,列50 播入 9
检测非法内存地址访问 9
读取未初始化区域 2 test3.c(-/calg/memchk)-gedit 文件(日)编辑(E)查看)搜索(S)工具(①文档(D)帮助H) ©口打开~保存色撤消 西鱼的到 test3.c× 1 #include 2 3 int main(void) 4 { 5 char *x malloc(sizeof(int)); 6 int a *x 1; 7 free(x); 8 return a; 9 [wgsheng@calg memchk]$gcc test3.c -o test3 -g [wgsheng@calg memchk]$valgrind ./test3 ==3171==Memcheck,a memory error detector ==3171==Copyright (C)2002-2012,and GNU GPL'd,by Julian Seward et al. ==3171==Using Valgrind-3.8.1 and LibVEX;rerun with -h for copyright info ==3171==Command:./test3 ==3171= ==3171==Syscall param-exit-group(status)contains uninitialised byte(s) 3171== at 0x393B04:Exit (exit.S:34) =3171== by 0x308D3D:(below main)(libc-start c:258) ==3171== =3171== ==3171==HEAP SUMMARY: ==3171== in use at exit:0 bytes in 0 blocks =3171== total heap usage:1 allocs,1 frees,4 bytes allocated ==3171== ==3171==All heap blocks were freed--no leaks are possible ==3171== 国终端猫Shell输出 C~跳格宽度:4~行8,列13 插入 10
读取未初始化区域 10