Linux 内存泄漏检查工具 valgrind

时间:2021-08-16 16:29:11

抄自《从零开始的JSON库教程》,先mark一下,以后再慢慢研究。

======== 引用分割线 ========

在 Linux、OS X 下,我们可以使用 valgrind 工具(用 apt-get install valgrind、 brew install valgrind)。我们完全不用修改代码,只要在命令行执行:

$ valgrind --leak-check=full  ./leptjson_test
$ valgrind --leak-check=full  ./leptjson_test
==== Memcheck, a memory error detector
==== Copyright (C) -, and GNU GPL'd, by Julian Seward et al.
==== Using Valgrind-3.11. and LibVEX; rerun with -h for copyright info
==== Command: ./leptjson_test
====
---- run: /usr/bin/dsymutil "./leptjson_test"
/ (100.00%) passed
====
==== HEAP SUMMARY:
==== in use at exit: , bytes in blocks
==== total heap usage: allocs, frees, , bytes allocated
====
==== bytes in blocks are definitely lost in loss record of
==== at 0x100012EBB: malloc (in /usr/local/Cellar/valgrind/3.11./lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==== by 0x100008F36: lept_set_string (leptjson.c:)
==== by 0x100008415: test_access_boolean (test.c:)
==== by 0x100001849: test_parse (test.c:)
==== by 0x1000017A3: main (test.c:)
====

它发现了在 test_access_boolean() 中,由 lept_set_string() 分配的 2 个字节("a")泄漏了。

Valgrind 还有很多功能,例如可以发现未初始化变量。我们若在应用程序或测试程序中,忘了调用 lept_init(&v),那么v.type 的值没被初始化,其值是不确定的(indeterministic),一些函数如果读取那个值就会出现问题:

static void test_access_boolean() {
lept_value v;
/* lept_init(&v); */
lept_set_string(&v, "a", );
...
}

这种错误有时候测试时能正确运行(刚好 v.type 被设为 0),使我们误以为程序正确,而在发布后一些机器上却可能崩溃。这种误以为正确的假像是很危险的,我们可利用 valgrind 能自动测出来:

$ valgrind --leak-check=full  ./leptjson_test
...
==== Conditional jump or move depends on uninitialised value(s)
==== at 0x100008B5D: lept_free (leptjson.c:)
==== by 0x100008F26: lept_set_string (leptjson.c:)
==== by 0x1000083FE: test_access_boolean (test.c:)
==== by 0x100001839: test_parse (test.c:)
==== by 0x100001793: main (test.c:)
====

它发现 lept_free() 中依靠了一个未初始化的值来跳转,就是 v.type,而错误是沿自 test_access_boolean()。

编写单元测试时,应考虑哪些执行次序会有机会出错,例如内存相关的错误。然后我们可以利用 TDD 的步骤,先令测试失败(以内存工具检测),修正代码,再确认测试是否成功。