多线程编程中使用pthread_create内存泄露问题

时间:2021-10-16 05:40:38

//tls5源代码:

#include <stdio.h>

#include <unistd.h>

#include <string.h>

#include "pthread.h"

#include "TLS/Tlsconf.h"

#include "TLS/tls_api.h"

#define ERROR  -1

#define OK     0

void test_fn2(int a)

{

char  *psz = (char*)get_buf(ENUM_1, 32);

printf("thread(%u) psz: %s\n", pthread_self(), psz);

memset(psz, 0, 32);

sprintf(psz, "%u_%d", pthread_self(), a);

return;

}

void test_fn1(int a)

{

int  *reti = (int*)get_buf(ENUM_0, sizeof(int));

printf("thread(%u) reti: %d\n", pthread_self(), *reti);

(*reti)++;

test_fn2(a);

return;

}

void* test_fn_main1(void* arg)

{

int i = 0;

for (i = 0; i < 3; i++)

{

test_fn1(i);

sleep(1);

}

return;

}

int main()

{

int iRet = ERROR;

int i = 0;

pthread_t   tid;

printf("test start!\n");

for (i = 0; i < 5; i++)

{

iRet = pthread_create(&tid, NULL, test_fn_main1, NULL);

if (OK != iRet)

{

printf("pthread_create error!\n");

return ERROR;

}

//pthread_detach(tid);

}

sleep(10);

return OK;

}

//生成可执行程序:tls库见上一篇

gcc -o tls5 tlstest5.c TLS/libtls.a -lpthread -lstdc++

//用valgrind进行内存泄露监测:

valgrind -v --leak-check=full --tool=memcheck ./tls5

提示信息:

[root@localhost 20130713]# valgrind -v --leak-check=full --tool=memcheck ./tls5

…………

==31803== malloc/free: in use at exit: 720 bytes in 5 blocks.

==31803== malloc/free: 40 allocs, 35 frees, 1,220 bytes allocated.

==31803==

==31803== searching for pointers to 5 not-freed blocks.

==31803== checked 52,519,768 bytes.

==31803==

==31803==

==31803== 720 bytes in 5 blocks are possibly lost in loss record 1 of 1

==31803==    at 0x4004824: calloc (vg_replace_malloc.c:279)

==31803==    by 0x840B39: _dl_allocate_tls (in /lib/ld-2.6.so)

==31803==    by 0x9F1B35: pthread_create@@GLIBC_2.1 (in /lib/libpthread-2.6.so)

==31803==    by 0x8048ACA: main (in /mnt/hgfs/D/work/test/20130713/tls5)

==31803==

==31803== LEAK SUMMARY:

==31803==    definitely lost: 0 bytes in 0 blocks.

==31803==      possibly lost: 720 bytes in 5 blocks.

==31803==    still reachable: 0 bytes in 0 blocks.

==31803==         suppressed: 0 bytes in 0 blocks.

…………

IN SUMMARY: 16 errors from 8 contexts (suppressed: 0 from 0)主要是库里面使用了未初始化的变量(Conditional jump or move depends on uninitialised value(s)),不管它。主要问题是在malloc/free: 40 allocs, 35 frees, 1,220 bytes allocated。

查看代码及程序运行打印,malloc与free都是一一对应的,怎会出现未释放的内存块?另外,程序共创建了5个线程,每个线程中有两次malloc操作,应该10 allocs,怎会是40allocs?排查步骤如下:

步骤一:

void* test_fn_main1(void* arg)

{

int i = 0;

for (i = 0; i < 3; i++)

{

//test_fn1(i);         //注释掉该行不再调用malloc

sleep(1);

}

return;

}

步骤二:

[root@localhost 20130713]# gcc -o tls5 tlstest5.c TLS/libtls.a -lpthread -lstdc++

[root@localhost 20130713]# valgrind -v --leak-check=full --tool=memcheck ./tls5

………………

==2237== malloc/free: in use at exit: 720 bytes in 5 blocks.

==2237== malloc/free: 5 allocs, 0 frees, 720 bytes allocated.

==2237==

==2237== searching for pointers to 5 not-freed blocks.

==2237== checked 52,526,684 bytes.

==2237==

==2237==

==2237== 720 bytes in 5 blocks are possibly lost in loss record 1 of 1

==2237==    at 0x4004824: calloc (vg_replace_malloc.c:279)

==2237==    by 0x840B39: _dl_allocate_tls (in /lib/ld-2.6.so)

==2237==    by 0x9F1B35: pthread_create@@GLIBC_2.1 (in /lib/libpthread-2.6.so)

==2237==    by 0x8048ABF: main (in /mnt/hgfs/D/work/test/20130713/tls5)

==2237==

==2237== LEAK SUMMARY:

==2237==    definitely lost: 0 bytes in 0 blocks.

==2237==      possibly lost: 720 bytes in 5 blocks.

==2237==    still reachable: 0 bytes in 0 blocks.

==2237==         suppressed: 0 bytes in 0 blocks.

--2237--  memcheck: sanity checks: 2 cheap, 1 expensive

…………

我们发现,程序中即使没有调用malloc,也存在5 allocs,纵观测试代码,唯一有可能alloc的地方就只有pthread_create了。

上网查了一下,在http://blog.csdn.net/jiqiren007/article/details/5959810找到答案。

线程在创建时都会分配一些内存(valgrind里面alloc次数是怎么算的,不是很清楚!),这些内存默认情况下需要在主线程中调用pthread_join进行释放;或者可以将子线程从父线程剥离,子线程终止时会回收这些内存资源。如果不使用pthread_join或者pthread_detach,线程结束时,pthread_create产生的内存将一直存在,直到整个进程结束为止,造成内存泄露。

在pthread_create后面加上pthread_detach(tid),结果如下:

…………………………

==3206== malloc/free: in use at exit: 0 bytes in 0 blocks.

==3206== malloc/free: 40 allocs, 40 frees, 1,220 bytes allocated.

==3206==

==3206== All heap blocks were freed -- no leaks are possible.

--3206--  memcheck: sanity checks: 2 cheap, 1 expensive

--3206--  memcheck: auxmaps: 0 auxmap entries (0k, 0M) in use

--3206--  memcheck: auxmaps: 0 searches, 0 comparisons

……………………

问题解决!

从这个问题可以看出,如果大量地启动子线程,却不对子线程进行任何处理(调用pthread_join或者pthread_detach),最终有可能导致内存大量地隐秘地被蚕食。这个过程缓慢而又难以发掘,不过带来的问题却是极严重的。