使用Purify检查内存泄漏_Purify内存泄漏资源-CSDN文库

purify

memory

3星 · 超过75%的资源需积分: 50 148 浏览量 2016-01-03 13:03:01 上传评论 1 收藏 1.42MB PDF 举报

资源推荐

资源详情

资源评论

Purify:

Fast

Detection

Memory

Leaks

and

Access

Errors

Reed

Hastings

and

Bob Joyce

Pure Sofware

Inc.

Abstract

This

paper

describes

Purifyru,

a software

testing

and

quality

assurance

Ool

that

detects

memory

leaks and access

erors.

Purify

inserts

additional

checking

instructions directly

into the

object

code

produced

existing

compilers.

These

instructions

check every

memory

read and

write

performed

the

program-under-test and

detect several

types

access

errors,

such

reading

uninitialized

memory

or witing

freed

memory.

Purify

inserts checking

logic

into all of

the code

program, including third-party

and

vendor

object-code

libraries, and

verifies system

call

interfaces.

In addition,

Purify

tracks

memory

usage

and

identifies

individual

memory

leals using a

novel adaptation

garbage

collection

techniques.

Purify

produces

standard

executable

files compatible

with existing

debuggers,

and

currently

runs on

Sun

Microsystems'

SPARC

family

workstations.

Purify's

neafly-comprehensive

memory

access

checking

slows

the target

program

down

typically

less than a

facor of

three

and

has

resulted

significantly

reliable

software

for

several

development

goups.

Introduction

A single

memory

access

error,

such as

reading

from

uninitialized

memory or

writing to

freed

memory can cause

progam to act unpredicAbly

even

crash.

Yet,

it is nearly

impossible

to eliminate

all such

errors

from a

non-trivial

progam

For one

thing, these

erors

may

produce

observable

effects

infrequently

and

intermittently.

Even

when

p-gru.r are tested

intensively

for extended

periods,

errors

can and

do escape

detection.

The

unique

combination

litco*stanos

required

for an

error to

occur and

for

its symptoms

lo becomc

visible

may

virtually

impossible to

create

in the development

test environment.

result,

proglammers

spend

much time

looking

for these

errors,

but

end-users

may experience

tlem

first.

[Miller90]

empirically

shows

the continuing

prevalence

of access errors

many

widely-used

Unix

Programs.

Even

when

memory

access

error triggers

observable

symptom,

the

error can take

days to

nack down

and

eliminate.

This

due

to the

frequently

delayed and

coincidental

connection

between

the cause,

typically

memory

comrption,

and

the symptom,

typically

a crash

upon

the

eventual

reading

invalid data.

Mennry

leaks,

rhat

is,

memory allocated

but

no longer accessible

the

program,

slow

program

execution

increasing

paging,

and

can cause

progams

run out

memory.

Memory

leaks

are

difficult

to detect than

illegal

memory

accesses.

Memory

leaks

occur

because

a block

memory

was not

freed, and

hence are errors

omission,

rather than

commission.

addition,

memory

leaks

rarely

produce

directly

observable

elrors,

but

instead

cumulatively

degrade

overall

performance.

USENIX

-Winter

'92

125

Purify: Fast Detection

of ...

Hastings,

Joyce

Once

found, memory leaks remain

challenging to fix. If memory is

freed

prematurely,

memory

access errors

can

result. Since access errors can

introduce

intermittent

problems,

memory

leak fixes

may require

lengthy

testing. Often,

complicated

memory

ownership

prolocols

are

required

!o administer

dynamic memory. Incorrectly

coded boundary

cases

can

lurk in

otherwise stable code for

years.

Both

memory leaks

and access errors are ffisy

introduce into

program

but

hard

to eliminate. Without facilities for

detecting

memory

access errors,

it is risky

for

programmers

to attempt

to reclaim leaked memory

aggressively

because

that

may introduce

freed-memory

access enors with

unpredictable results.

Conversely,

without

feedback

memory leaks,

programmers

may waste memory

minimizing f ree

calls

order to avoid

freed-memory

access

errors.

A facility

that

reported

on both a

program's

memory

access errors and its memory

leaks

could

greatly

benefit

developers

improving

the robustness

and

performance

of their

prognms.

This

paper presents

Puri$,,

a tool that developers

and testers are using to find memory leaks

and access errors.

program

reads

or writes

freed

memory reads

writes

beyond an

array boundary,

reads from

uninitialized

memory

Purify

detects the error at the

point

of occurrence. In

addition, upon

demand, Purify

employs a

garbage

deteclor to

find

and

identify

existing memory leaks.

Memory

Access Errors

Some

memory

access elrors

are detectable statically

(e.g.

assigning a

pointer

into

a short);

others are detectable

only

at run-time

(e.g.

writing

past

the

end

of a dynamic array);

and others are

detectable

only by a

programmer

(e.g.

storing

person's

age

the memory intended

to hold his heighQ.

Compilers and

tools such as

lint

find

statically-

detectable

errors. Purify finds

run-time-detectable

errors.

Errors detectable only at run-time

are challenging

to eliminate from

progmm.

Consider

ttre

following

example

Purify session,

running an application

that

using the Xll

Window System Release

(XllR4)

Intrinsics Toolkit

(Xt).

The

application is

called

my_prog,

and

has

been

prepared

Purify.

tutorial*

myjrog

-display

exodus:

Purify:

Dynamic

Error Checking

Enabled. Version

I.3.2.

(C)

1990,

1991 Pure

Software,

fnc. Patents

Pendinq.

.. .program

runs,

untiJ. the

user

cJ.oses

a vindow

whiTe

one of

jts

dja-

Togs is

stiJ1

up,. .

Purify:

Array

Bounds Violation:

Writing 88

bytes

past

the

end of

an array

at 0x4a7c88

(in

heap)

Error occurred

whi-Ie in:

bcopy

(bcopy.o;

0x5d0c)

_XtDoPhase2Destroy

(Destroy.o,.

Iine

259)

XtDispatchEvent

(Event.o;

0x33bfd8)

XtAppMainloop

(Event.o;

0x33c48c)

XtMainloop

(Event.o;

0x33c454)

mai-n

(1ci.o,'

11ne

445)

The

array is 160 bytes

long, and was

allocated

by ma11oc

call_ed

from:

XtMaIloc

(AIloc.o;

0x32b7l-c)

XtReal-loc

(A1loc.o;

0x32b754)

XtDestroywidget

(Destroy.

o; J-ine 2921

cl-ose_window

(i-nput

. o,'

line 642

)

maybe_close_window

(util.

o,' line

2003)

XtCallCallbacks

(Callback.o;

line

294)

L26

USENIX

Winter

'92

Hastings,

Joyce

Purify:

Fast Detection

of ...

The Purify eror

message

says that bcopy, called

from

_xtDoPhase2Destroy,

overwriting an array end, and

ttrat ttre target array

was allocated by

xtoestroywidget,lne292.

void

XtDestroyWidget

(widget)

Widget

widget;

{

292

app->destroy_list

(DestroyRec*)XtRealloc(

293

(char*)

app->destroy_Iist,

294

(unsigned)

sizeof

(DestroyRec)

*app->destroy_1ist_size)

;

From

this

one can see

that the target

array is

destroy list,

internal

data

structure used as a

queue

pending

destroys by

the two-phase

Intrinsics

destroy

protocol.

In order

!o undentand

why the end of the array is

geuing

overwritten,

one

must

study

the caller of bcop%

_xtDoPhase2Destroy.

void

_XtDoPhase2Destroy

(appr

dispatch_level)

XtAppcontext

appt

int dispatch_level,'

253

inti=0;

254

DestroyRec*

apP->destroy_1ist;

255

while

app-)destroy_count)

{

256

(dr->dispatch_1eve1

dispatch_Ievel)

{

257

Widgetw:dr-)widget;

258

(--app->destroy_count)

259

bcopy(

(char*) (dr+l)

(char*)dr'

250

apP->destroy_count*sizeof

(DestroyRec)

)

267

xtPhase2Destroy(w);

262

else

{

263

i++,'

dr**;

)

Aided

the certain

knowledge that a

potentially

fatal

bug

lurks

here, one can see that the bcopy on

line

259 is

intended to delete

item in the destroy list

by copying the succeeding

items down

over the deleted one.

Unfortunately,

this

code only works

the

DestroyRec

being deleted

the

first

one on the

list, The

problem

that the

app->destroy_count

line 260

should be

app->destroy_count.

As it is,

whatever

memory

beyond the desroy

list will

get

copied over

itself,

shifted

8 bytes

(the

sizc of one

DestroyRec)

down. The

resemblance to

reasonable data

would likely

confuse the

programmer

debugging the evennral core dump.

lvlany

people

find it

hard

to believe that such an obvious and

potentially

fatal

bug could

have

been

previously

undetected

code

mature and widely used as the XllR4 Xt Intrinsics.

Certainly

the code was extensively tested,

but

ook a

particular

set

of circumstances

recursive

desroy) to exercise this bug, that

might not have

come

the

test suite.

Even

the bug

did come

the test

process,

the

memory comrpted may

not have

been

important

enough

to cause an easily

visible

symptom.

Consider

the testing

scenario

in more detail. Assume

optimistically that

the test team

has

the

resources

to ensure that

every basic block

exercised

by the test suite, and thus a

recursive

destroy

added

to the test suite to exercise

line

USENIX

-Winter'92

lz7

剩余11页未读，继续阅读

评论收藏

内容反馈

drfxiaoliuzi

2018-08-08

已经过时了的资源，现在已经用不了了

baidu_33414365

粉丝: 0
资源: 1

使用Purify检查内存泄漏

内存检测工具purify的简介

C/C++内存问题检查利器—Purify

C-C++内存问题检查利器—Purify 帮助文档以及下载地址

IBM Rational PurifyPlus V7 破解文件

Insure++自动测试工具

purify plus v7.0 for windows part2（含破解）

IBM Rational PurifyPlus 破解 License

IBM PurifyPlus安装详细步骤

如何检查内存泄漏

windows 内存泄漏检查

C/C++内存问题检查利器—Purify（五）

C/C++内存问题检查利器—Purify（三）

purify plus for windows 7.0 part1

ibm purify plus

IBM.Rational.PurifyPlus.v7.0.Windows(合并)

insure++ 7.1.6

PurifyPlus7.0.1_for_Linux part2

C/C++内存问题检查利器—Purify（二）

VLD内存泄漏检测工具使用

内存泄漏检查类

PurifyPlus7.0.1_for_Linux part1

STM32循迹小车（灰度+OpenMV权重判断）

谭浩强C语言程序设计第五版详细答案

MQTT协议设备客户端与图传APP.zip

Keil.STM32H7xx-DFP.3.1.1.pack

基于stm32f407的示波器+FFT频谱分析

最新资源