http://www.ibm.com/developerworks/cn/linux/l-cn-memleak/ 介绍了基本的测试类型和原理
http://blog.csdn.net/rufeng18/archive/2008/11/17/3322099.aspx
http://www.ibm.com/developerworks/cn/linux/l-pow-debug/
http://xueyueming.blog.163.com/blog/static/60411785200981045547110/
http://zhangyafeikimi.javaeye.com/blog/389197
http://valgrind.org/
http://valgrind.org/docs/manual/faq.html
介绍了使用valgrind进行测试的原理和方法
Valgrind工具包包含多个工具,如Memcheck,Cachegrind,Helgrind, Callgrind,Massif。下面分别介绍个工具的作用:
Memcheck 工具主要检查下面的程序错误:
-
使用未初始化的内存 (Use of uninitialised memory)
-
使用已经释放了的内存 (Reading/writing memory after it has been free’d)
-
使用超过 malloc分配的内存空间(Reading/writing off the end of malloc’d blocks)
-
对堆栈的非法访问 (Reading/writing inappropriate areas on the stack)
-
申请的空间是否有释放 (Memory leaks – where pointers to malloc’d blocks are lost forever)
-
malloc/free/new/delete申请和释放内存的匹配(Mismatched use of malloc/new/new [] vs free/delete/delete [])
-
src和dst的重叠(Overlapping src and dst pointers in memcpy() and related functions)
Callgrind
Callgrind收集程序运行时的一些数据,函数调用关系等信息,还可以有选择地进行cache 模拟。在运行结束时,它会把分析数据写入一个文件。callgrind_annotate可以把这个文件的内容转化成可读的形式。
Cachegrind
它模拟 CPU中的一级缓存I1,D1和L2二级缓存,能够精确地指出程序中 cache的丢失和命中。如果需要,它还能够为我们提供cache丢失次数,内存引用次数,以及每行代码,每个函数,每个模块,整个程序产生的指令数。这对优化程序有很大的帮助。
Helgrind
它主要用来检查多线程程序中出现的竞争问题。Helgrind 寻找内存中被多个线程访问,而又没有一贯加锁的区域,这些区域往往是线程之间失去同步的地方,而且会导致难以发掘的错误。Helgrind实现了名为” Eraser” 的竞争检测算法,并做了进一步改进,减少了报告错误的次数。
Massif
堆栈分析器,它能测量程序在堆栈中使用了多少内存,告诉我们堆块,堆管理块和栈的大小。Massif能帮助我们减少内存的使用,在带有虚拟内存的现代系统中,它还能够加速我们程序的运行,减少程序停留在交换区中的几率。
Valgrind 安装
1、 到www.valgrind.org下载最新版valgrind-3.2.3.tar.bz2
2、 解压安装包:tar –jxvf valgrind-3.2.3.tar.bz2
3、 解压后生成目录valgrind-3.2.3
4、 cd valgrind-3.2.3
5、 ./configure
6、 Make;make install
1.检查内存错误:
例如我们原来有一个程序sec_infod,这是一个用gcc –g参数编译的程序,运行它需要:
#./a.out
如果我们想用valgrind的内存检测工具,我们就要用如下方法调用:
#valgrind --leak-check=full --show-reachable=yes --trace-children= yes ./a.out (2>logfile加上会好些,程序在执行期间stderr会有一些输出。提示比较多)
其中--leak-check=full 指的是完全检查内存泄漏,--show-reachable=yes是显示内存泄漏的地点,--trace-children=yes是跟入子进程。
如果您的程序是会正常退出的程序,那么当程序退出的时候valgrind自然会输出内存泄漏的信息。如果您的程序是个守护进程,那么也不要紧,我们只要在 别的终端下杀死memcheck进程(因为valgrind默认使用memcheck工具,就是默认参数—tools=memcheck):
#killall memcheck
这样我们的程序(./a.out)就被kill了
The details are in the Memcheck section of the user manual.
In short:
-
"definitely lost" means your program is leaking memory -- fix those leaks!
-
"indirectly lost" means your program is leaking memory in a pointer-based structure. (E.g. if the root node of a binary tree is "definitely lost", all the children will be "indirectly lost".) If you fix the "definitely lost" leaks, the "indirectly lost" leaks should go away.
-
"possibly lost" means your program is leaking memory, unless you're doing funny things with pointers. This is sometimes reasonable. Use
--show-possibly-lost=noif you don't want to see these reports. -
"still reachable" means your program is probably ok -- it didn't free some memory it could have. This is quite common and often reasonable. Don't use
--show-reachable=yesif you don't want to see these reports. -
"suppressed" means that a leak error has been suppressed. There are some suppressions in the default suppression files. You can ignore suppressed errors.
Is it possible to attach Valgrind to a program that is already running?
No. The environment that Valgrind provides for running programs is significantly different to that for normal programs, e.g. due to different layout of memory. Therefore Valgrind has to have full control from the very start.
It is possible to achieve something like this by running your program without any instrumentation (which involves a slow-down of about 5x, less than that of most tools), and then adding instrumentation once you get to a point of interest. Support for this must be provided by the tool, however, and Callgrind is the only tool that currently has such support. See the instructions on the callgrind_control program for details.
http://www.ibm.com/developerworks/cn/rational/rationaledge/content/apr07/begic_pratt/
用purifyplus进行测试
扫一扫
1031
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
