1.valgrind命令

调试内存问题: valgrind --leak-check=full
更新详细的显示: valgrind --leak-check=full --show-leak-kinds=all

valgrind提示信息汇总

• 内存泄漏 lost in loss record 丢失记录 , 内存泄漏实例[[#2.内存泄漏–不完全释放内存|实例链接]]
• 段错误 Process terminating with default action of signal 11 (SIGSEGV)
  • 非法地址读 Invalid read of size 1 非法地址读实例 [[#3.1非法地址读实例]]
  • 非法地址写 Invalid write of size 1 非法地址写实例[[#3.1非法地址写]]
• 越界访问
  • 栈越界读 --无异常
  • 栈越界写 实例[[#2.栈越界写]]
    • Jump to the invalid address stated on the next line
    • reachable in loss record
    • still reachable:

测试代码链接: gitee-51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c

实例

1.无内存泄漏–完全释放内存

#include <stdio.h>
#include <stdlib.h>

void full_calloc_free(void)
{
    printf("申请3次内存，并释放\n");
    int * p_data[3];
    p_data[0] = malloc(sizeof(int));
    p_data[1] = malloc(sizeof(int)*3);
    p_data[2] = malloc(sizeof(int)*5);

    free(p_data[0]);
    free(p_data[1]);
    free(p_data[2]);
}

valgrind --leak-check=full ./52_valgrind_内存泄漏提示.out

2921 Command: ./52_valgrind___.out
申请3次内存，并释放
2921
2921 HEAP SUMMARY:
2921 in use at exit: 0 bytes in 0 blocks
2921 total heap usage: 4 allocs, 4 frees, 1,060 bytes allocated -->申请4次,释放4次
2921
2921 All heap blocks were freed – no leaks are possible -->无内存泄漏可能性
2921
2921 For lists of detected and suppressed errors, rerun with: -s
2921 ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

总结:
无内存泄漏的程序, 运行结束, 应该提示无内存泄漏

2.内存泄漏–不完全释放内存

void manual_leak_mem(void)
{
    printf("申请3次内存，少释放一次,主动触发 内存泄漏\n");
    int *p_data[3];
    p_data[0] = malloc(sizeof(int));
    p_data[1] = malloc(sizeof(int) * 3);
    p_data[2] = malloc(sizeof(int) * 5);

    free(p_data[0]);
    free(p_data[1]);
    // free(p_data[2]);
}

valgrind --leak-check=full ./52_valgrind_内存泄漏提示.out 1

申请3次内存，少释放一次,主动触发 内存泄漏
2981 HEAP SUMMARY:
2981 in use at exit: 20 bytes in 1 blocks
2981 total heap usage: 4 allocs, 3 frees, 1,060 bytes allocated -->4次申请,3次释放,少一次free
2981
2981 20 bytes in 1 blocks are definitely lost in loss record 1 of 1
2981 at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
2981 by 0x1092A7: manual_leak_mem (52_valgrind_内存泄漏提示.c:23) -->内存泄漏提示行
2981 by 0x109318: main (52_valgrind_内存泄漏提示.c:37)
2981
2981 LEAK SUMMARY:
2981 definitely lost: 20 bytes in 1 blocks
2981 indirectly lost: 0 bytes in 0 blocks
2981 possibly lost: 0 bytes in 0 blocks
2981 still reachable: 0 bytes in 0 blocks
2981 suppressed: 0 bytes in 0 blocks
2981
2981 For lists of detected and suppressed errors, rerun with: -s
2981 ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

总结:
lost in loss record 丢失记录 --> 内存泄漏

3.非法地址访问

3.1非法地址读

// 2.非法地址访问
void invalid_address_access(void)
{
    // uint8_t *p = 0x12345678; # 非法地址
    uint8_t *p = NULL;
    printf("val = %d\n", *p);
}

valgrind --leak-check=full ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 2

13358 Command: ./51_mem_valgrind__.out 3
13358
13358 Invalid read of size 1 无效读地址
13358 at 0x109234: invalid_address_access (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:18) 提示错误行
13358 by 0x109312: main (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:47)
13358 Address 0x0 is not stack’d, malloc’d or (recently) free’d
13358
13358
13358 Process terminating with default action of signal 11 (SIGSEGV) SIGSEGV非法地址访问
13358 Access not within mapped region at address 0x0
13358 at 0x109234: invalid_address_access (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:18)
13358 by 0x109312: main (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:47)
13358 If you believe this happened as a result of a stack
13358 overflow in your program’s main thread (unlikely but
13358 possible), you can try to increase the size of the
13358 main thread stack using the --main-stacksize= flag.
13358 The main thread stack size used in this run was 8388608.
13358
13358 HEAP SUMMARY:
13358 in use at exit: 0 bytes in 0 blocks
13358 total heap usage: 0 allocs, 0 frees, 0 bytes allocated
13358
13358 All heap blocks were freed – no leaks are possible
13358
13358 For lists of detected and suppressed errors, rerun with: -s
13358 ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

3.1非法地址写

// 2.非法地址访写
void invalid_address_write(void)
{
    // uint8_t *p = 0x12345678; # 非法地址
    uint8_t *p = NULL;
    *p = 0x12;
}

valgrind --leak-check=full ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 3

17929 Invalid write of size 1 非法地址写
17929 at 0x109267: invalid_address_write (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:26)
17929 by 0x10933F: main (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:56)
17929 Address 0x0 is not stack’d, malloc’d or (recently) free’d
17929
17929
17929 Process terminating with default action of signal 11 (SIGSEGV) 段错误
17929 Access not within mapped region at address 0x0
17929 at 0x109267: invalid_address_write (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:26) 提示行
17929 by 0x10933F: main (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:56)
17929 If you believe this happened as a result of a stack
17929 overflow in your program’s main thread (unlikely but
17929 possible), you can try to increase the size of the
17929 main thread stack using the --main-stacksize= flag.
17929 The main thread stack size used in this run was 8388608.
17929
17929 HEAP SUMMARY:
17929 in use at exit: 0 bytes in 0 blocks
17929 total heap usage: 0 allocs, 0 frees, 0 bytes allocated
17929
17929 All heap blocks were freed – no leaks are possible
17929
17929 For lists of detected and suppressed errors, rerun with: -s
17929 ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault 段错误

4.内存越界

1.栈越界读

// 4.越界 读写
void corss_border_read_write(void)
{
    uint32_t a = 0x10;
    uint32_t *p = &a + 0x8;

    // 越界读 -- 程序不崩溃,可能导致逻辑错误
    printf("cross border address read %x\n", *p);

    // 越界写 -- 程序错误
    *p = 0x12345678;
    //printf("cross border address write %x\n", *p);
}

运行无错误提示
valgrind --leak-check=full --show-leak-kinds=all ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 4

2.栈越界写

// 4.越界 读写
void corss_border_read_write(void)
{
    uint32_t a = 0x10;
    uint32_t *p = &a + 0x8;

    // 越界读 -- 程序不崩溃,可能导致逻辑错误
    // printf("cross border address read %x\n", *p);

    // 越界写 -- 程序错误
    *p = 0x12345678;
    printf("cross border address write %x\n", *p);
}

valgrind --leak-check=full ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 4

cross border address read 0
cross border address write 12345678
23861 Jump to the invalid address stated on the next line 非法地址
23861 at 0x123456780010935C: ???
23861 by 0x48A1D8F: (below main) (libc_start_call_main.h:58)
23861 Address 0x123456780010935c is not stack’d, malloc’d or (recently) free’d
23861
23861
23861 Process terminating with default action of signal 11 (SIGSEGV) 触发段错误
23861 Bad permissions for mapped region at address 0x123456780010935C
23861 at 0x123456780010935C: ???
23861 by 0x48A1D8F: (below main) (libc_start_call_main.h:58)
23861
23861 HEAP SUMMARY:
23861 in use at exit: 1,024 bytes in 1 blocks
23861 total heap usage: 1 allocs, 0 frees, 1,024 bytes allocated
23861
23861 LEAK SUMMARY:
23861 definitely lost: 0 bytes in 0 blocks
23861 indirectly lost: 0 bytes in 0 blocks
23861 possibly lost: 0 bytes in 0 blocks
23861 still reachable: 1,024 bytes in 1 blocks
23861 suppressed: 0 bytes in 0 blocks
23861 Reachable blocks (those to which a pointer was found) are not shown.
23861 To see them, rerun with: --leak-check=full --show-leak-kinds=all
23861
23861 For lists of detected and suppressed errors, rerun with: -s
23861 ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault

更详细的显示
valgrind --leak-check=full --show-leak-kinds=all ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 4

cross border address write 12345678
25992 Jump to the invalid address stated on the next line
25992 at 0x1234567800109340: ???
25992 by 0x48A1D8F: (below main) (libc_start_call_main.h:58)
25992 Address 0x1234567800109340 is not stack’d, malloc’d or (recently) free’d
25992
25992
25992 Process terminating with default action of signal 11 (SIGSEGV)
25992 Bad permissions for mapped region at address 0x1234567800109340
25992 at 0x1234567800109340: ???
25992 by 0x48A1D8F: (below main) (libc_start_call_main.h:58)
25992
25992 HEAP SUMMARY:
25992 in use at exit: 1,024 bytes in 1 blocks
25992 total heap usage: 1 allocs, 0 frees, 1,024 bytes allocated
25992
25992 1,024 bytes in 1 blocks are still reachable in loss record 1 of 1 ==到达 丢失的记录 ==
25992 at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
25992 by 0x48D879E: printf (printf.c:33)
25992 by 0x1092C0: corss_border_read_write (51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c:40)
25992 by 0x123456780010933F: ???
25992 by 0x48A1D8F: (below main) (libc_start_call_main.h:58)
25992
25992 LEAK SUMMARY:
25992 definitely lost: 0 bytes in 0 blocks
25992 indirectly lost: 0 bytes in 0 blocks
25992 possibly lost: 0 bytes in 0 blocks
25992 still reachable: 1,024 bytes in 1 blocks
25992 suppressed: 0 bytes in 0 blocks
25992
25992 For lists of detected and suppressed errors, rerun with: -s
25992 ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault

---