标签: valgrind

我最近用valgrind调试了一些应用程序,我收到了非常奇怪的报告dlopen.

==1987== 32 bytes in 1 blocks are still reachable in loss record 1 of 2
==1987==    at 0x4C24477: calloc (vg_replace_malloc.c:418)
==1987==    by 0x570F31F: _dlerror_run (dlerror.c:142)
==1987==    by 0x570EEE0: dlopen@@GLIBC_2.2.5 (dlopen.c:88)
        <my call to dlopen>
==1987==
==1987== 264 bytes in 1 blocks are still reachable in loss record 2 of 2
==1987==    at 0x4C25153: malloc (vg_replace_malloc.c:195)
==1987==    by 0x400CD44: _dl_map_object_deps (dl-deps.c:506)
==1987==    by 0x4012DA2: dl_open_worker (dl-open.c:326)
==1987==    by 0x400E385: _dl_catch_error (dl-error.c:178)
==1987==    by 0x40126C6: _dl_open (dl-open.c:615)
==1987==    by …

我一直在追逐这个bug,我只是不明白.我忘了一些基本的C或什么？

==28357== Conditional jump or move depends on uninitialised value(s)
==28357==    at 0x4C261E8: strlen (mc_replace_strmem.c:275)
==28357==    by 0x4E9280A: puts (ioputs.c:36)
==28357==    by 0x400C21: handlePath (myshell.c:105)
==28357==    by 0x400B17: handleInput (myshell.c:69)
==28357==    by 0x400AAD: acceptInput (myshell.c:60)
==28357==    by 0x4009CF: main (myshell.c:33)
==28357==  Uninitialised value was created by a heap allocation
==28357==    at 0x4C25153: malloc (vg_replace_malloc.c:195)
==28357==    by 0x400BDE: handlePath (myshell.c:99)
==28357==    by 0x400B17: handleInput (myshell.c:69)
==28357==    by 0x400AAD: acceptInput (myshell.c:60)
==28357==    by 0x4009CF: main (myshell.c:33)
==28357==

(095) void handlePath(char *input) { …

我很担心,因为我写了一个小应用程序,如果我相信valgrind(我实际上做了什么),似乎存在内存泄漏:

==9321== 251 bytes in 7 blocks are definitely lost in loss record 1 of 1
==9321==    at 0x402569A: operator new(unsigned int) (vg_replace_malloc.c:255)
==9321==    by 0x40D3D05: std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) (in /usr/lib/libstdc++.so.6.0.13)
==9321==    by 0x40D4977: std::string::_Rep::_M_clone(std::allocator<char> const&, unsigned int) (in /usr/lib/libstdc++.so.6.0.13)
==9321==    by 0x40D57AC: std::string::reserve(unsigned int) (in /usr/lib/libstdc++.so.6.0.13)
==9321==    by 0x40D5EE6: std::string::operator+=(char) (in /usr/lib/libstdc++.so.6.0.13)
==9321==    by 0x804E113: xl2::TextParser::getNextLfLine() (TextParser.cpp:162)
==9321==    by 0x804BFD5: xl2::UsbTree::parseStringInfo(xl2::TextParser&, std::string&, std::string&) (UsbTree.cpp:362)
==9321==    by 0x804B881: xl2::UsbTree::parseDevicesFile(std::string) (UsbTree.cpp:204)
==9321==    by 0x804B34E: xl2::UsbTree::updateTree() (UsbTree.cpp:70)
==9321==    by …

通过使用valgrind进行检查,我看到在终止程序后没有释放5块内存,但它们仍然可以访问.我需要被它打扰吗？

它是如何发生的？

zhanwu@gelata:~/sandbox$ valgrind ./a.out
==2430== Memcheck, a memory error detector
==2430== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==2430== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==2430== Command: ./a.out
==2430== 
Hello world!
Thread1 returns 1
Thread2 returns 10
Thread3 returns 10
==2430== 
==2430== HEAP SUMMARY:
==2430==     in use at exit: 1,590 bytes in 5 blocks
==2430==   total heap usage: 14 allocs, 9 frees, 2,442 bytes allocated
==2430== 
==2430== LEAK SUMMARY:
==2430==    definitely …

我有这个C程序编译使用gcc test.c或clang test.c:

int main (void) {
    return 0;
}

valgrind ./a.out 给我这个:

==9232== Memcheck, a memory error detector
==9232== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==9232== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==9232== Command: ./a.out
==9232== 
==9232== Conditional jump or move depends on uninitialised value(s)
==9232==    at 0x4017876: index (in /usr/lib/ld-2.16.so)
==9232==    by 0x4007902: expand_dynamic_string_token (in /usr/lib/ld-2.16.so)
==9232==    by 0x4008204: _dl_map_object (in /usr/lib/ld-2.16.so)
==9232==    by 0x400180D: …

写了一个简单的测试:

#include <iostream>
#include <boost/thread.hpp>

using namespace std;

void myThreadRun() {
    cout << "Thread id: " << boost::this_thread::get_id() << "\n";
}

int main() {
    for (int i = 0; i < 10000; i++) {
        boost::thread t(myThreadRun);

        t.join();
    }

    return 0;
}

Valgrind Massif显示以下图表:

(已启用堆栈分析.平台:Linux Ubuntu x86).

该程序实际上似乎没有内存泄漏:内存使用情况稳定.

我想知道:这是Valgrind还是boost :: thread的问题？或许我误解了什么？

你会怎么解释？

我在Valgrind测试我的应用程序,我无法理解为什么它会在这里抛出无法识别的指令错误:

unsigned char *temp=SearchStartPtr;
unsigned char *NrStartPos=NULL;
unsigned char *Param=(unsigned char*)ParamName; //this is originally *char with "PAR#" inside

if(0==memcmp(temp,Param,4)) 
        {
        NrStartPos=temp;
        break;
        }       

Valgrind抛出这个并退出我的应用程序.

disInstr(arm): unhandled instruction: 0xF1010200
cond=15(0xF) 27:20=16(0x10) 4:4=0 3:0=0(0x0)
==7679== valgrind: Unrecognised instruction at address 0x4843588.
==7679==    at 0x4843588: ??? (in /usr/lib/arm-linux-gnueabihf/libcofi_rpi.so)
Your program just tried to execute an instruction that Valgrind
==7679== did not recognise.  There are two possible reasons for this.
==7679== 1. Your program has a bug and erroneously jumped to a non-code
==7679== …

今天我在我的Mac os x 10.6上安装了valgrind并尝试测试它.事实证明,系统中存在奇怪的内存泄漏.我所做的只是创建简单的c文件,获取一些堆内存并立即释放它.当我跑valgrind时,它表现出类似的东西

Realfrees-MacBook-Pro:C Realfree$ valgrind --tool=memcheck --leak-check=yes --show-reachable=yes ./a.out 
==2621== Memcheck, a memory error detector
==2621== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==2621== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==2621== Command: ./a.out
==2621== 
--2621-- ./a.out:
--2621-- dSYM directory is missing; consider using --dsymutil=yes
==2621== 
==2621== HEAP SUMMARY:
==2621==     in use at exit: 88 bytes in 1 blocks
==2621==   total heap usage: 2 allocs, 1 frees, 92 bytes allocated
==2621== …

我已经安装了valgrind for android,我可以确认它正在运行,因为我尝试用它运行ls,它工作正常.

但是如何使用我想调试的本机组件执行Android应用程序？我看了这个问题:如何用valgrind启动一个Android应用程序,但我不知道如何遵循它.如何在shell脚本中包装应用程序？什么是"包装".其次是包名应该是？

我尝试使用com.matthewmitchell.wakeifyplus作为我的应用程序包:

setprop wrap.com.matthewmitchell.wakeifyplus "logwrapper /data/local/valgrind" 

但它说"无法设置财产".我应该做些什么？我找不到任何有效的分步指南.我试过这个(我甚至不知道setprop的作用):

setprop com.matthewmitchell.wakeifyplus "logwrapper /data/local/valgrind" 

/ data/local/valgrind是一个具有执行权限的shell脚本,它是:

#!/system/bin/sh
VGPARAMS='--error-limit=no'
export TMPDIR=/data/data/com.matthewmitchell.wakeifyplus
exec /data/local/Inst/bin/valgrind $VGPARAMS $*

但当我运行应用程序时:

am start -a android.intent.action.MAIN -n com.matthewmitchell.wakeifyplus/.MainActivity 

即使在清除之后,valgrind也不会出现在logcat中.

我有一个简单的程序:

int main(void)
{
  const char sname[]="xxx";
  sem_t *pSemaphor;
  if ((pSemaphor = sem_open(sname, O_CREAT, 0644, 0)) == SEM_FAILED) {
    perror("semaphore initilization");
    exit(1);
  }
  sem_unlink(sname);
  sem_close(pSemaphor);
}

当我在valgrind下运行它时,我收到以下错误:

==12702== Syscall param write(buf) points to uninitialised byte(s)
==12702==    at 0x4E457A0: __write_nocancel (syscall-template.S:81)
==12702==    by 0x4E446FC: sem_open (sem_open.c:245)
==12702==    by 0x4007D0: main (test.cpp:15)
==12702==  Address 0xfff00023c is on thread 1's stack
==12702==  in frame #1, created by sem_open (sem_open.c:139)

代码是从一个成功运行多年的大型项目中提取的,但现在却导致了分段错误.

我的示例中的valgrind错误与更大的项目中看到的相同,但它会导致崩溃,我的小例子没有.