Valgrind Overview What is Valgrind?

Slides:



Advertisements
Similar presentations
Recitation By yzhuang, sseshadr. Agenda Debugging practices – GDB – Valgrind – Strace Errors and Wrappers – System call return values and wrappers – Uninitialization.
Advertisements

R4 Dynamically loading processes. Overview R4 is closely related to R3, much of what you have written for R3 applies to R4 In R3, we executed procedures.
Managing Memory Static and Dynamic Memory Type Casts Allocating Arrays of Dynamic Size Resizing Block of Memory Returning Memory from a Function Avoiding.
CSCI 171 Presentation 11 Pointers. Pointer Basics.
CS 241 Section Week #2 2/4/10. 2 Topics This Section MP1 overview Part1: Pointer manipulation Part2: Basic dictionary structure implementation Review.
DEBUGGING IN THE REAL WORLD : Recitation 4.
1 Day 03 Introduction to C. 2 Memory layout and addresses r s int x = 5, y = 10; float f = 12.5, g = 9.8; char c = ‘r’, d = ‘s’;
CSE 303 Lecture 13a Debugging C programs
1 CSE 303 Lecture 11 Heap memory allocation ( malloc, free ) reading: Programming in C Ch. 11, 17 slides created by Marty Stepp
Pointers Applications
15213 C Primer 17 September Outline Overview comparison of C and Java Good evening Preprocessor Command line arguments Arrays and structures Pointers.
CS 11 C track: lecture 5 Last week: pointers This week: Pointer arithmetic Arrays and pointers Dynamic memory allocation The stack and the heap.
RPROM , 2002 Lassi A. Tuura, Northeastern University Using Valgrind Lassi A. Tuura Northeastern University,
Pointers OVERVIEW.
CS 241 Section Week #2 9/9/10. 2 Topics This Section MP1 issues MP2 overview Process creation using fork()‏ Debugging tools: valgrind, gdb.
ECE 103 Engineering Programming Chapter 47 Dynamic Memory Alocation Herbert G. Mayer, PSU CS Status 6/4/2014 Initial content copied verbatim from ECE 103.
Prachi A. Joshi Assistant Professor in CSE DIEMS,Aurangabad Unit 1 : Basic Concepts Pointers and dynamic memory allocation, Algorithm Specification, Data.
CSE 232: C++ memory management Overview of Arrays Arrays are the simplest kind of data structure –One item right after another in memory (“contiguous range”
CS415 C++ Programming Takamitsu Kawai x4212 G11 CERC building WV Virtual Environments Lab West Virginia University.
NOVA art. memory leaking Alexey Naumov Lebedev Physical Institute Moscow 1.
Cho, Ho-Gi OS Lab. Cho, Ho-Gi OS Lab. How to Shadow Every Byte of Memory Used by a Program
Arrays, Strings, and Memory. Command Line Arguments #include int main(int argc, char *argv[]) { int i; printf("Arg# Contents\n"); for (i = 0; i < argc;
1 Debugging (Part 2). “Programming in the Large” Steps Design & Implement Program & programming style (done) Common data structures and algorithms Modularity.
1 C Basics Monday, August 30, 2010 CS 241. Announcements MP1, a short machine problem, will be released today. Due: Tuesday, Sept. 7 th at 11:59pm via.
MORE POINTERS Plus: Memory Allocation Heap versus Stack.
Announcements Partial Credit Due Date for Assignment 2 now due on Sat, Feb 27 I always seem to be behind and get tons of daily. If you me and.
CSE 333 – SECTION 2 Memory Management. Questions, Comments, Concerns Do you have any? Exercises going ok? Lectures make sense? Homework 1 – START EARLY!
HP-SEE Valgrind Usage Josip Jakić Scientific Computing Laboratory Institute of Physics Belgrade The HP-SEE initiative.
Dynamic Instrumentation - Valgrind  Developed by Julian Seward at/around Cambridge University,UK  Google-O'Reilly Open Source Award for "Best Toolmaker"
CSE 220 – C Programming malloc, calloc, realloc.
Dynamic Allocation in C
Memory Leaks and Valgrind
Content Coverity Static Analysis Use cases of Coverity Examples
Buffer Overflow By Collin Donaldson.
Stack and Heap Memory Stack resident variables include:
Winter 2009 Tutorial #6 Arrays Part 2, Structures, Debugger
YAHMD - Yet Another Heap Memory Debugger
Overview 4 major memory segments Key differences from Java stack
5.13 Recursion Recursive functions Functions that call themselves
Debugging Memory Issues
C Primer.
Day 03 Introduction to C.
CSE 374 Programming Concepts & Tools
Recitation 6: C Review 30 Sept 2016.
2016.
Advanced course of C/C++
Day 03 Introduction to C.
Checking Memory Management
Programming Languages and Paradigms
Recitation: C Review TA’s 19 Feb 2018.
Dynamic Instrumentation - Valgrind
ניפוי שגיאות - Debugging
Terminos españoles de ingeneria de computacion.
Overview 4 major memory segments Key differences from Java stack
Pointers, Dynamic Data, and Reference Types
Dynamic Memory Allocation
Memory Allocation CS 217.
CSc 352 Debugging Tools Saumya Debray Dept. of Computer Science
Pointers The C programming language gives us the ability to directly manipulate the contents of memory addresses via pointers. Unfortunately, this power.
Getting Started Download the tarball for this session. It will include the following files: driver 64-bit executable driver.c C driver source bomb.h declaration.
Dynamic Allocation in C
Introduction to Static Analyzer
EENG212 – Algorithms & Data Structures Fall 07/08 – Lecture Notes # 5b
TUTORIAL 7 CS 137 F18 October 30th.
Homework Continue with K&R Chapter 5 Skipping sections for now
Getting Started Download the tarball for this session. It will include the following files: driver 64-bit executable driver.c C driver source bomb.h declaration.
Valgrind Overview What is Valgrind?
Dynamic Memory – A Review
Makefiles, GDB, Valgrind
15213 C Primer 17 September 2002.
Presentation transcript:

Valgrind Overview What is Valgrind? For our purposes here, it's a front end for managing a collection of dynamic code analysis tools, including two complementary memory analysis tools: Memcheck a memory error detector, aimed at errors in handling dynamic memory errors SGcheck an experimental memory error detector, aimed overruns of arrays on the stack and global data areas I'll examine the basic use of these in the following slides. There are a number of very useful additional tools, which may be of great use to you in later courses.

Memory Management Errors Here's a simple C program with an obvious off-by-one access error to an array, followed by a memory leak: #include <stdlib.h> void f(); int main() { f(); return 0; } void f() { int* x = malloc(10 * sizeof(int)); x[10] = 0;

Out-of-bounds Array Access Linux> valgrind --leak-check=full a1 ==30506== Memcheck, a memory error detector ==30506== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==30506== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==30506== Command: a1 ==30506== ==30506== Invalid write of size 4 ==30506== at 0x4004F7: f (a1.c:14) ==30506== by 0x4004D1: main (a1.c:7) ==30506== Address 0x4c28068 is 0 bytes after a block of size 40 alloc'd ==30506== at 0x4A069EE: malloc (vg_replace_malloc.c:270) ==30506== by 0x4004EA: f (a1.c:13) . . . . . . void f() { int* x = malloc(10 * sizeof(int)); x[10] = 0; }

Memory Leak . . . void f() { int* x = malloc(10 * sizeof(int)); ==30547== HEAP SUMMARY: ==30547== in use at exit: 40 bytes in 1 blocks ==30547== total heap usage: 1 allocs, 0 frees, 40 bytes allocated ==30547== ==30547== 40 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==30547== at 0x4A069EE: malloc (vg_replace_malloc.c:270) ==30547== by 0x4004EA: f (a1.c:13) ==30547== by 0x4004D1: main (a1.c:7) . . . void f() { int* x = malloc(10 * sizeof(int)); x[10] = 0; }

Out-of-bounds Array Access . . . ==30547== HEAP SUMMARY: ==30547== in use at exit: 40 bytes in 1 blocks ==30547== total heap usage: 1 allocs, 0 frees, 40 bytes allocated ==30547== ==30547== 40 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==30547== at 0x4A069EE: malloc (vg_replace_malloc.c:270) ==30547== by 0x4004EA: f (a1.c:13) ==30547== by 0x4004D1: main (a1.c:7) . . . void f() { int* x = malloc(10 * sizeof(int)); x[10] = 0; }

Some Valgrind Options The following options are often very useful: --leak-check=full Display of details related to each leak that was detected. --show-leak-kinds=all Possible kinds of leaks include possible, indirect, definite, and reachable. --track-origins=yes Track the origins of uninitialized values that have been used. –v Be verbose... --log-file=filename Write valgrind output to specified file instead of stdout. Of course, see the valgrind man page for even more information and options.

Extensive Example: Invalid writes/reads The following example is derived from a common project used in CS 2506. Linux> valgrind --leak-check=full --show-leak-kinds=all --log-file=vlog.txt --track-origins=yes -v disassem C3TestFiles/ref07.o stu_ref07.asm . . . ==7962== Invalid write of size 1 ==7962== by 0x401575: main (Disassembler.c:225) ==7962== Address 0x51f6845 is 0 bytes after a block of size 5 alloc'd ==7962== at 0x4C2B974: calloc (in /usr/lib64/valgrind/vgpreload_memcheck- amd64-linux.so) ==7962== by 0x401522: main (Disassembler.c:222) ==7962== Invalid read of size 1 We see that two invalid memory accesses have been detected, each involving one byte.

Extensive Example: Invalid writes/reads Here are the cited lines of C source code: . . . 222 char *Label = calloc(5, 1); 225 sprintf(Label, "%5s%02d:%7s", "V", Index, ".word"); 228 strcpy(Labels[Line], Label); The logic error is fairly obvious: - 222: a char array of dimension 5 is allocated and zero'd; used in the normal way, this should hold no more than 4 user characters, allowing room for the terminator - 225: more than 4 characters are written to (and beyond the end of) the array Label - 228: since strcpy() depends on the terminator, it reads past the end of the array Label This error is pernicious because it did not result in any sort of runtime error (although it may very well have resulted in incorrect results).

Extensive Example: Uninitialized Values Valgrind detects a different kind of error: . . . ==7962== Conditional jump or move depends on uninitialised value(s) ==7962== by 0x4010AB: main (Disassembler.c:155) ==7962== Uninitialised value was created by a stack allocation ==7962== at 0x400B5D: main (Disassembler.c:40) . . . 39 int main(int argc, char** argv) 40 { 155 sprintf(currLine, "%s%8s", jT->Mnemonic, Name); Now, the source of the error in line 155 may be less clear. One relevant fact is that sprintf() depends on terminators to determine the ends of the two strings it prints...

Extensive Example: Uninitialized Values Examining the creation of the two strings suggests where the problem may lie: . . . 39 int main(int argc, char** argv) 40 { 137 JType *jT = parseJT(currLine); 138 char Name[100]; 149 sprintf(Name, "%s%02d", "L", Index); 155 sprintf(currLine, "%s%8s", jT->Mnemonic, Name); Now, in line 149, sprintf() will not write a terminator to Name[]. Therefore, in line 155, sprintf() will not find a terminator at the correct place in Name[]. As for Mnemonic, we'd have to examine more code to decide if it's a problem as well.

Extensive Example: Memory Leak Valgrind also detects a number of bytes have not been properly deallocated: . . . ==7962== HEAP SUMMARY: ==7962== in use at exit: 4,842 bytes in 331 blocks ==7962== total heap usage: 331 allocs, 0 frees, 4,842 bytes allocated ==7962== ==7962== Searching for pointers to 331 not-freed blocks ==7962== Checked 111,584 bytes Here are the details reported for one leak: . . . ==7962== 7 bytes in 1 blocks are definitely lost in loss record 1 of 26 ==7962== at 0x4C2B974: calloc (in /usr/lib64/valgrind/vgpreload_memcheck- amd64-linux.so) ==7962== by 0x4020B3: parseJTypeInstruction (ParseInstructions.c:178) ==7962== by 0x400F51: main (Disassembler.c:137)

Extensive Example: Memory Leak Valgrind also detects a number of bytes have not been properly deallocated: . . . 178 char* Code = calloc(7, 1); <--- allocates a block 179 opCode = getCode(MI); <--- leaks the block This one's easy to fix, with a little thought about just how we want the responsibilities to be factored into the code.

Extensive Example: Leak Summary Here's a less than ideal leak summary: . . . ==7962== LEAK SUMMARY: ==7962== definitely lost: 3,116 bytes in 233 blocks ==7962== indirectly lost: 590 bytes in 96 blocks ==7962== possibly lost: 0 bytes in 0 blocks ==7962== still reachable: 1,136 bytes in 2 blocks ==7962== suppressed: 0 bytes in 0 blocks ==7962== ==7962== ERROR SUMMARY: 116 errors from 34 contexts (suppressed: 2 from 2) But with Valgrind's help, we should be able to hammer out all of the leaks.

Bibliography I used the following sources for the preceding notes: The Valgrind Documentation Release, 3.9.0.31 October 2013 http://www.valgrind.org/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.