当前位置: 文江博客话题详情

valgrind memcheck 报告误报?

发布于 2024-10-18 12:29:11 字数 1964 浏览 1 评论 0原文

这是我的代码。

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

char buf1[100];
char buf2[100];

int main()
{
    char **p = (char**)(buf1+sizeof(long));
    char **q = (char**)(buf2+1);
    *p = (char*)malloc(100);
    *q = (char*)malloc(100);

    strcpy(*p, "xxxx");
    strcpy(*q, "zzzz");

    printf("p:%s   q:%s\n", *p, *q);
    return 0;
}

我使用 gcc 编译了代码,并像这样运行 valgrind-3.6.1

valgrind --leak-check=full --log-file=test.log  --show-reachable=yes  ~/a.out

valgrind 给了我下面的日志

==20768== Memcheck, a memory error detector
==20768== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==20768== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==20768== Command: /home/zxin11/a.out
==20768== Parent PID: 12686
==20768== 
==20768== 
==20768== HEAP SUMMARY:
==20768==     in use at exit: 200 bytes in 2 blocks
==20768==   total heap usage: 2 allocs, 0 frees, 200 bytes allocated
==20768== 
==20768== 100 bytes in 1 blocks are still reachable in loss record 1 of 2
==20768==    at 0x4C2488B: malloc (vg_replace_malloc.c:236)
==20768==    by 0x4005FD: main (test2.c:12)
==20768== 
==20768== 100 bytes in 1 blocks are definitely lost in loss record 2 of 2
==20768==    at 0x4C2488B: malloc (vg_replace_malloc.c:236)
==20768==    by 0x400611: main (test2.c:13)
==20768== 
==20768== LEAK SUMMARY:
==20768==    definitely lost: 100 bytes in 1 blocks
==20768==    indirectly lost: 0 bytes in 0 blocks
==20768==      possibly lost: 0 bytes in 0 blocks
==20768==    still reachable: 100 bytes in 1 blocks
==20768==         suppressed: 0 bytes in 0 blocks
==20768== 
==20768== For counts of detected and suppressed errors, rerun with: -v
==20768== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 3)

为什么第一个 malloc 仍然可以访问,而第二个 malloc 肯定丢失了? 也许是关于对齐的,你不能将malloced内存的地址放入未对齐的变量中,如果是这样,我该如何抑制这种积极的报告? 非常想你。

原文

Here's my code.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

char buf1[100];
char buf2[100];

int main()
{
    char **p = (char**)(buf1+sizeof(long));
    char **q = (char**)(buf2+1);
    *p = (char*)malloc(100);
    *q = (char*)malloc(100);

    strcpy(*p, "xxxx");
    strcpy(*q, "zzzz");

    printf("p:%s   q:%s\n", *p, *q);
    return 0;
}

I compiled the code using gcc, and run valgrind-3.6.1 like this

valgrind --leak-check=full --log-file=test.log  --show-reachable=yes  ~/a.out

valgrind gave me the log below

==20768== Memcheck, a memory error detector
==20768== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==20768== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==20768== Command: /home/zxin11/a.out
==20768== Parent PID: 12686
==20768== 
==20768== 
==20768== HEAP SUMMARY:
==20768==     in use at exit: 200 bytes in 2 blocks
==20768==   total heap usage: 2 allocs, 0 frees, 200 bytes allocated
==20768== 
==20768== 100 bytes in 1 blocks are still reachable in loss record 1 of 2
==20768==    at 0x4C2488B: malloc (vg_replace_malloc.c:236)
==20768==    by 0x4005FD: main (test2.c:12)
==20768== 
==20768== 100 bytes in 1 blocks are definitely lost in loss record 2 of 2
==20768==    at 0x4C2488B: malloc (vg_replace_malloc.c:236)
==20768==    by 0x400611: main (test2.c:13)
==20768== 
==20768== LEAK SUMMARY:
==20768==    definitely lost: 100 bytes in 1 blocks
==20768==    indirectly lost: 0 bytes in 0 blocks
==20768==      possibly lost: 0 bytes in 0 blocks
==20768==    still reachable: 100 bytes in 1 blocks
==20768==         suppressed: 0 bytes in 0 blocks
==20768== 
==20768== For counts of detected and suppressed errors, rerun with: -v
==20768== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 3)

Why the first malloc was still reachable while the second malloc was definitely lost?
Maybe it's about alignment, you can't put the address of malloced memory into an un-aligned variable, if so, how can I suppress this kind of positive report?
Think you very much.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

压抑⊿情绪 2024-10-25 12:29:11

来自 memcheck 手册(重点是我的):

如果--leak-check设置得当,对于每个剩余的块,Memcheck会确定该块是否可以从根集中的指针到达。根集由 (a) 所有线程的通用寄存器和 (b) 可访问的客户端内存(包括堆栈)中的初始化、对齐、指针大小的数据字组成。

所以你关于对齐的猜想是正确的。不幸的是,强有力地抑制此类警告的最佳方法可能只是在退出程序之前将任何此类已知值复制到对齐的位置(大概此代码是您真实应用程序的模型,它对您来说有某种意义)存储未对齐的指针)。

您还可以尝试编写或生成抑制文件 --gen-suppressions=yes。但是,如果您的应用程序是不确定的,或者您使用不同的输入数据运行它,那么这种方法很快就会变得烦人。

From the memcheck manual (emphasis mine):

If --leak-check is set appropriately, for each remaining block, Memcheck determines if the block is reachable from pointers within the root-set. The root-set consists of (a) general purpose registers of all threads, and (b) initialised, aligned, pointer-sized data words in accessible client memory, including stacks.

So your conjecture about alignment was correct. Unfortunately, the best way to robustly suppress such a warning is probably just to copy any such known values into aligned locations before exiting your program (presumably this code is a mock-up for your real application, where it makes some sort of sense for you to store unaligned pointers).

You can also try writing or generating a suppression file with --gen-suppressions=yes. But if your application is non-deterministic or you run it with different input data, this approach will get annoying pretty quickly.

回复 原文
~没有更多了~

关于作者

忘你却要生生世世

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

巷子口的你

文章 0 评论 0

微信用户

文章 0 评论 0

神妖

文章 0 评论 0

鞋纸虽美,但不合脚ㄋ〞

文章 0 评论 0

7460852697

文章 0 评论 0

ligengkai

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文