The use and principle of valgrind

Valgrind Supported tools: Memcheck addrcheck cachegrind massid helgrind callgrindthe runtime must indicate the tool you want to use, and if you omit the tool name, run Memcheck by default1,memcheck

1), using uninitialized memory 2), read/write the memory that has been freed 3), read/write memory out of bounds 4), read/write inappropriate memory stack space 5), memory leak, pointer to a piece of memory forever lost 6), using malloc/new/new[] and free/delete/delete[] does not match 7), memory overlap of src and DST in memcpy () correlation function Common Options:--leak-check=<no|summary|yes|full> [Default:summary]

2,cachegrind

The

cache Profiler, which simulates the execution of the L1,D1 and L2 caches in the CPU, can be very accurate in spending Caffrey cache misses. You can print the number of cache misses, memory references, and each line of code that occurs with a cache miss, each function, each module. You can print the number of misses per line of machine code.

3,helgrind

Finding competing data in multiple threads looks for areas in memory that are accessed by multiple threads without a consistently locked area, which tends to be a place where threads are out of sync, and can lead to hard-to-dig errors.

4,callgrind

Collect the program runtime some data, function call relationship information, Han can choose to do the cache simulation, at the end of the run, it will write the analysis data to a file, callgrind_annotate can be the content of this file into a readable form

General usage:

< Span style= "Background-color:inherit" >        valgrind--tool=callgrind./test   generates callgrind.out in the current directory. [PID]

killall Callgrind End Program

callgrind_annotate--auto=yes callgrind.out. [PID] > Log

VI Log

5,massif

Stack Analyzer to measure how much memory the program uses in the stack

6,lackey

Lackey is an instance program that can create your own tool as a template, and after the program finishes it prints some basic statistics about program execution

valgrind Parameters (all tools are adapted)--tool=<name>- H--help--version-Q--quiet quiet operation, only print error messages--verbose more detailed information--trace-children=<yes|no> Trace child process, default no--trace-fds=<yes|no> Trace Open file descriptor, default no--time-stamp=<yes|no> Add time stamp to log information, default no--log-fd=<number> output log information to file descriptor--log-file-exactly=<file> output log information to file--xml=yes output information in XML format, only Memcheck available--num-callers=<number>--error-exitcode=<number> Returns an error code if an error is found--db-attach=<yes|no> When an error occurs, Valgrind automatically starts the debugger, and the default no--db-command=<command> command-line options to start the debugger

Valgrind (Memcheck) contains 7 types of errors

1,illegal read/illegal write errors tip information: [Invalid read of size 4]2, use ofuninitialised values Tip information:[Conditional jump or move depends on uninitialised value]3, use ofuninitialised or unaddressable the values in system calls Hint message:[syscall param write (BUF) points to uninitilaised bytes]4,illegal frees tip:[Invalid Free ()]5, whena heap block was freed with an inappropriate deallocation function Hint message:[Mismatched free ()/delete/delete[]]6,overlapping source and destination blocks Hint message:[source and destination overlap in memcpy (,)]7,memory leak detection 1), still reachableThe memory pointer still has the opportunity to use or release, and the dynamic memory pointed to by the pointer has not been released and exited.2), definitely lostidentified memory leaks that have no access to this block of memory3), indirectly lostpointers to this memory are located at the memory leak4), possibly lostpossible memory leaks, there is still a pointer that can quickly access a block of memory, but the pointer is not in the first place of memory

Invalid Write of size 1: Heap memory out-of-bounds accessSource and destination overlap in memcpy: Memory overlapInvalid Free ()/delete/delete[]: Repeat releaseUse of uninitialised value of size 4: illegal pointerHeap SUMMARY: Heap Memory Usage SummaryLEAK SUMMARY: Disclosure SummaryError SUMMARY: Total number of errors
--trace-fds=yesFile Descriptors:3 OPEN at EXIT: filename Descriptor

Memory Check principle



Detection principle:

1, when you want to read or write a byte in memory, first check the byte corresponding to the a bit. If the a bit shows that the location is invalid, Memcheck reports read-write errors2, the kernel (core) is similar to a virtual CPU environment, so that when a byte in memory is loaded into the real CPU, the corresponding v bit of that byte is also loaded into the virtual CPU environment. Once the value in the register is used to generate the memory address, or the value can affect the program output, Memcheck checks the corresponding v bits, and if the value has not been initialized, it reports the use of an uninitialized memory error.

The use and principle of valgrind