用mtrace检查内存泄漏

时间:2021-12-17 05:36:12

http://blog.csdn.net/ixidof/article/details/6638066
内存泄漏检查方法(for Linux) 
如果你更想读原始文档, 请参考glibc info的"Allocation Debugging" 一章 (执行info libc);
glibc提供了一个检查内存泄漏的方法, 前提是你的程序使用glibc的标准函数 分配内存(如malloc, alloc...): 
1. 在需要内存泄漏检查的代码的开始调用void mtrace(void) (在mcheck.h中有声明). mtrace为malloc等函数安装hook, 用于记录内存分配信息. 在需要内存泄漏检查的代码的结束调用void muntrace(void). 
注意: 一般情况下不要调用muntrace, 而让程序自然结束. 因为可能有些释放内存代码要到muntrace之后才运行. 
2. 用debug模式编译被检查代码(-g或-ggdb) 
3. 设置环境变量MALLOC_TRACE为一文件名, 这一文件将存有内存分配信息. 
4. 运行被检查程序, 直至结束或muntrace被调用. 
5. 用mtrace命令解析内存分配Log文件($MALLOC_TRACE) , (mtrace foo $MALLOC_TRACE, where foo is the executible name) ,如果有内存泄漏, mtrace会输出分配泄漏内存的代码位置,以及分配数量. 其他东西
1. 可以将mtrace, muntrace放入信号处理函数(USR1, USR2), 以动态地进行内存泄漏检查控制. 
2. mtrace是个perl代码, 如果你对符号地址与代码文本的转换感兴趣, 可以读一下. 
3. again, 尽量不要用muntrace()

For C++ Leak: 
检查内存泄漏的方法除glibc提供外还可以试试一些专用的程序;如: 
ccmalloc(http://www.inf.ethz.ch/personal/biere/projects/ccmalloc/ccmalloc-english.html) 
mpatrol(http://www.cbmamiga.demon.co.uk/mpatrol/) 
这俩个工具的功能相当不错,能对程序进行相当全面的检查 
很奇怪,redhat 9 居然不带mtrace perl脚本,只好下载gcc源码编译了
wget --passive-ftp ftp://rpmfind.net/linux/redhat/9/en/os/i386/SRPMS/glibc-2.3.2-11.9.src.rpm
rpm -ivh glibc*.src.rpm
cd /usr/src/redhat/SPECS/
rpmbuild -ba glibc-9.spec 
cd /var/tmp/glibc-2.3.2-root/usr/bin/
cp mtrace /usr/bin/
 
调试方法如下:
vi a.c

  1. 1 #include <mcheck.h>
  2. 2
  3. 3 int main()
  4. 4 {
  5. 5     mtrace();
  6. 6     malloc(10);
  7. 7     malloc(16);
  8. 8     return 0;
  9. 9 }

$gcc -g a.c #记得编译带-g调试选项 
$export MALLOC_TRACE=a.log 
$./a.out 
$unset MALLOC_TRACE #记得执行完后unset变量,否则可能运行其他命令可能覆盖log 
$mtrace a.out a.log 
Memory not freed:
-----------------
   Address     Size     Caller
0x09b08378      0xa  at /XXX/a.c:6
0x09b08388     0x10  at /XXX/a.c:7

可以看到,会显示未释放动态空间的代码具体位置.

MTRACE(3)                 Linux Programmer's Manual                MTRACE(3)

NAME         top

       mtrace, muntrace - malloc tracing

SYNOPSIS         top

       #include <mcheck.h>

       void mtrace(void);

       void muntrace(void);

DESCRIPTION         top

       The mtrace() function installs hook functions for the memory-
allocation functions (malloc(3), realloc(3) memalign(3), free(3)).
These hook functions record tracing information about memory
allocation and deallocation. The tracing information can be used to
discover memory leaks and attempts to free nonallocated memory in a
program. The muntrace() function disables the hook functions installed by
mtrace(), so that tracing information is no longer recorded for the
memory-allocation functions. If no hook functions were successfully
installed by mtrace(), muntrace() does nothing. When mtrace() is called, it checks the value of the environment
variable MALLOC_TRACE, which should contain the pathname of a file in
which the tracing information is to be recorded. If the pathname is
successfully opened, it is truncated to zero length. If MALLOC_TRACE is not set, or the pathname it specifies is invalid
or not writable, then no hook functions are installed, and mtrace()
has no effect. In set-user-ID and set-group-ID programs,
MALLOC_TRACE is ignored, and mtrace() has no effect.

ATTRIBUTES         top

       For an explanation of the terms used in this section, see
attributes(7). ┌─────────────────────┬───────────────┬───────────┐
Interface Attribute Value
├─────────────────────┼───────────────┼───────────┤
mtrace(), muntrace() │ Thread safety │ MT-Unsafe │
└─────────────────────┴───────────────┴───────────┘

CONFORMING TO         top

       These functions are GNU extensions.

NOTES         top

       In normal usage, mtrace() is called once at the start of execution of
a program, and muntrace() is never called. The tracing output produced after a call to mtrace() is textual, but
not designed to be human readable. The GNU C library provides a Perl
script, mtrace(1), that interprets the trace log and produces human-
readable output. For best results, the traced program should be
compiled with debugging enabled, so that line-number information is
recorded in the executable. The tracing performed by mtrace() incurs a performance penalty (if
MALLOC_TRACE points to a valid, writable pathname).

BUGS         top

       The line-number information produced by mtrace(1) is not always
precise: the line number references may refer to the previous or
following (nonblank) line of the source code.

EXAMPLE         top

       The shell session below demonstrates the use of the mtrace() function
and the mtrace(1) command in a program that has memory leaks at two
different locations. The demonstration uses the following program: $ cat t_mtrace.c
#include <mcheck.h>
#include <stdlib.h>
#include <stdio.h> int
main(int argc, char *argv[])
{
int j; mtrace(); for (j = 0; j < 2; j++)
malloc(100); /* Never freed--a memory leak */ calloc(16, 16); /* Never freed--a memory leak */
exit(EXIT_SUCCESS);
} When we run the program as follows, we see that mtrace() diagnosed
memory leaks at two different locations in the program: $ cc -g t_mtrace.c -o t_mtrace
$ export MALLOC_TRACE=/tmp/t
$ ./t_mtrace
$ mtrace ./t_mtrace $MALLOC_TRACE
Memory not freed:
-----------------
Address Size Caller
0x084c9378 0x64 at /home/cecilia/t_mtrace.c:12
0x084c93e0 0x64 at /home/cecilia/t_mtrace.c:12
0x084c9448 0x100 at /home/cecilia/t_mtrace.c:16 The first two messages about unfreed memory correspond to the two
malloc(3) calls inside the for loop. The final message corresponds
to the call to calloc(3) (which in turn calls malloc(3)).

SEE ALSO         top

       mtrace(1), malloc(3), malloc_hook(3), mcheck(3)

COLOPHON         top

       This page is part of release 4.07 of the Linux man-pages project.  A
description of the project, information about reporting bugs, and the
latest version of this page, can be found at
https://www.kernel.org/doc/man-pages/. GNU 2015-03-02 MTRACE(3)