In this posting i will be discussing about various memory related errors and the tools to detect them.
Errors which occur due to dynamic memory allocation will show up only when the program is executed. Following are the various kinds of memory related errors
* Reading from memory before allocating it
* Writing to memory before allocating it
* Reading before the beginning of allocated memory
* Writing before the beginning of allocated memory
* Reading after the end of allocated memory
* Writing after the end of allocated memory
* Reading from memory after its deallocation
* Writing to memory after its deallocation
* Failing to deallocate allocated memory
* Deallocating the same memory twice
* Deallocating memory that is not allocated
Following tools can be used to determine the memroy related errors in program
The memory allocation functions provided by C library can detect writing before the beginning of an allocation and deallocating the same allocation twice.Using malloc checking is advantageous because the program need not be recompiled, but its capability to diagnose errors is limited.Basically, it checks that the allocated data structures have not been corrupted.Thus, it can detect double deallocation of the same allocation. Also, writing just before the beginning of a memory allocation can usually be detected because the allocator stores the size of each memory allocation just before the allocated region.Thus, writing just before the allocated memory will corrupt this number.
Memory error detection with mtrace involves following changes to source code
a. Modify the source code to include and to invoke mtrace () as soon as the program starts, at the beginning of main.The call to mtrace turns on tracking of memory allocations and deallocations.
b. Specify the name of a file to store information about all memory allocations and deallocations:% export MALLOC_TRACE=memory.log
c. Run the program. All memory allocations and deallocations are stored in the logging file.
d. Using the mtrace command,analyze the memory allocations and deallocations to ensure that they match.
% mtrace my_program $MALLOC_TRACE
The mtrace command analyzes this file and lists unmatched allocations and deallocations.
The ccmalloc library diagnoses dynamic memory errors by replacing malloc and free with code tracing their use. If the program terminates gracefully, it produces a report of memory leaks and other errors.
The program’s object files must be linked with ccmalloc’s library and the dynamic linking library. Append -lccmalloc -ldl to your link command.
Now execute the program as usual which will provide a report of allocation and deallocations in the program.
Electric Fence halts executing programs on the exact line where a write or a read outside an allocation occurs.This is the only tool that
discovers illegal reads.It can be downloaded from “http://www.perens.com/FreeSoftware/” . To use the tool, user program’s object files must be linked with Electric Fence’s library by appending -lefence to the linking command. As the program runs, allocated memory uses are checked for correctness. A violation causes a segmentation fault.Using a debugger, you can determine the context of the illegal action.
None of the above tools guarantees diagnosing all errors, but using any of them does increase the probability of finding errors.
Which of the four tools should be used?.
Since, failing to match allocations and deallocations is the most common dynamic memory error, use mtrace during initial development. After ensuring that the number of allocations and deallocations match, use Electric Fence to find illegal memory accesses.This will eliminate almost all memory errors.Using these two tools will reveal most memory errors.
Advanced Linux Programming
Mark Mitchell, Jeffrey Oldham, and Alex Samuel