- 程序例子
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
static void mem_leak1()
{
char *p = malloc(1);
}
static void mem_leak2()
{
FILE *p = fopen("test.txt", "w+");
}
static void mem_overrun1()
{
char *p = malloc(1);
*(short*)p = 2;
free(p);
}
static void mem_overrun2()
{
char arr[5];
strcpy(arr, "hello");
}
static void mem_double_free()
{
char *p = malloc(1);
free(p);
free(p);
}
static void mem_free_wild_pointer()
{
char *p;
free(p);
}
int main(int argc, char const *argv[])
{
mem_leak1();
mem_leak2();
mem_overrun1();
mem_overrun2();
mem_double_free();
mem_free_wild_pointer();
return 0;
}
gcc -g ./valgrind_test.c
2. valgrind 检测程序内存错误
command :
valgrind --track-fds=yes --leak-check=full --undef-value-errors=yes --show-reachable=yes --run-libc-freeres=yes ./a.out
保存输出结果至文件: --log-file=./valgrind_report.log
输出结果:
==152257== Memcheck, a memory error detector
==152257== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==152257== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info
==152257== Command: ./a.out
==152257== Parent PID: 152018
==152257==
==152257== Invalid write of size 2
==152257== at 0x10920A: mem_overrun1 (valgrind_test.c:18)
==152257== by 0x1092E0: main (valgrind_test.c:45)
==152257== Address 0x4a552b0 is 0 bytes inside a block of size 1 alloc'd
==152257== at 0x483C855: malloc (vg_replace_malloc.c:380)
==152257== by 0x109201: mem_overrun1 (valgrind_test.c:17)
==152257== by 0x1092E0: main (valgrind_test.c:45)
==152257==
==152257== Invalid free() / delete / delete[] / realloc()
==152257== at 0x483F0C3: free (vg_replace_malloc.c:755)
==152257== by 0x109291: mem_double_free (valgrind_test.c:32)
==152257== by 0x1092F4: main (valgrind_test.c:47)
==152257== Address 0x4a55300 is 0 bytes inside a block of size 1 free'd
==152257== at 0x483F0C3: free (vg_replace_malloc.c:755)
==152257== by 0x109285: mem_double_free (valgrind_test.c:31)
==152257== by 0x1092F4: main (valgrind_test.c:47)
==152257== Block was alloc'd at
==152257== at 0x483C855: malloc (vg_replace_malloc.c:380)
==152257== by 0x109275: mem_double_free (valgrind_test.c:30)
==152257== by 0x1092F4: main (valgrind_test.c:47)
==152257==
==152257== Conditional jump or move depends on uninitialised value(s)
==152257== at 0x483F076: free (vg_replace_malloc.c:755)
==152257== by 0x1092AC: mem_free_wild_pointer (valgrind_test.c:38)
==152257== by 0x1092FE: main (valgrind_test.c:48)
==152257== Uninitialised value was created by a stack allocation
==152257== at 0x109295: mem_free_wild_pointer (valgrind_test.c:36)
==152257==
==152257== Invalid free() / delete / delete[] / realloc()
==152257== at 0x483F0C3: free (vg_replace_malloc.c:755)
==152257== by 0x1092AC: mem_free_wild_pointer (valgrind_test.c:38)
==152257== by 0x1092FE: main (valgrind_test.c:48)
==152257== Address 0x4a55300 is 0 bytes inside a block of size 1 free'd
==152257== at 0x483F0C3: free (vg_replace_malloc.c:755)
==152257== by 0x109285: mem_double_free (valgrind_test.c:31)
==152257== by 0x1092F4: main (valgrind_test.c:47)
==152257== Block was alloc'd at
==152257== at 0x483C855: malloc (vg_replace_malloc.c:380)
==152257== by 0x109275: mem_double_free (valgrind_test.c:30)
==152257== by 0x1092F4: main (valgrind_test.c:47)
==152257==
==152257==
==152257== FILE DESCRIPTORS: 5 open (3 std) at exit.
==152257== Open file descriptor 4: test.txt
==152257== at 0x4970EAB: open (open64.c:48)
==152257== by 0x48F3195: _IO_file_open (fileops.c:189)
==152257== by 0x48F3459: _IO_file_fopen@@GLIBC_2.2.5 (fileops.c:281)
==152257== by 0x48E5B0D: __fopen_internal (iofopen.c:75)
==152257== by 0x48E5B0D: fopen@@GLIBC_2.2.5 (iofopen.c:86)
==152257== by 0x1091E4: mem_leak2 (valgrind_test.c:12)
==152257== by 0x1092D6: main (valgrind_test.c:44)
==152257==
==152257== Open file descriptor 3: /mnt/hgfs/ubuntu20/test_code/tmp.txt
==152257== <inherited from parent>
==152257==
==152257==
==152257== HEAP SUMMARY:
==152257== in use at exit: 473 bytes in 2 blocks
==152257== total heap usage: 4 allocs, 4 frees, 475 bytes allocated
==152257==
==152257== 1 bytes in 1 blocks are definitely lost in loss record 1 of 2
==152257== at 0x483C855: malloc (vg_replace_malloc.c:380)
==152257== by 0x1091BE: mem_leak1 (valgrind_test.c:7)
==152257== by 0x1092CC: main (valgrind_test.c:43)
==152257==
==152257== 472 bytes in 1 blocks are still reachable in loss record 2 of 2
==152257== at 0x483C855: malloc (vg_replace_malloc.c:380)
==152257== by 0x48E5AAD: __fopen_internal (iofopen.c:65)
==152257== by 0x48E5AAD: fopen@@GLIBC_2.2.5 (iofopen.c:86)
==152257== by 0x1091E4: mem_leak2 (valgrind_test.c:12)
==152257== by 0x1092D6: main (valgrind_test.c:44)
==152257==
==152257== LEAK SUMMARY:
==152257== definitely lost: 1 bytes in 1 blocks
==152257== indirectly lost: 0 bytes in 0 blocks
==152257== possibly lost: 0 bytes in 0 blocks
==152257== still reachable: 472 bytes in 1 blocks
==152257== suppressed: 0 bytes in 0 blocks
==152257==
==152257== For lists of detected and suppressed errors, rerun with: -s
==152257== ERROR SUMMARY: 6 errors from 5 contexts (suppressed: 0 from 0)