njn | 3e986b2 | 2004-11-30 10:43:45 +0000 | [diff] [blame] | 1 | <?xml version="1.0"?> <!-- -*- sgml -*- --> |
| 2 | <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
| 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
| 4 | |
| 5 | <chapter id="ac-manual" xreflabel="Addrcheck: a lightweight memory checker"> |
| 6 | <title>Addrcheck: a lightweight memory checker</title> |
| 7 | |
| 8 | <para>To use this tool, you must specify |
| 9 | <computeroutput>--tool=addrcheck</computeroutput> on the Valgrind |
| 10 | command line.</para> |
| 11 | |
| 12 | <sect1> |
| 13 | <title>Kinds of bugs that Addrcheck can find</title> |
| 14 | |
| 15 | <para>Addrcheck is a simplified version of the Memcheck tool |
| 16 | described in Section 3. It is identical in every way to |
| 17 | Memcheck, except for one important detail: it does not do the |
| 18 | undefined-value checks that Memcheck does. This means Addrcheck |
| 19 | is about twice as fast as Memcheck, and uses less memory. |
| 20 | Addrcheck can detect the following errors:</para> |
| 21 | |
| 22 | <itemizedlist> |
| 23 | <listitem> |
| 24 | <para>Reading/writing memory after it has been free'd</para> |
| 25 | </listitem> |
| 26 | <listitem> |
| 27 | <para>Reading/writing off the end of malloc'd blocks</para> |
| 28 | </listitem> |
| 29 | <listitem> |
| 30 | <para>Reading/writing inappropriate areas on the stack</para> |
| 31 | </listitem> |
| 32 | <listitem> |
| 33 | <para>Memory leaks -- where pointers to malloc'd blocks are lost |
| 34 | forever</para> |
| 35 | </listitem> |
| 36 | <listitem> |
| 37 | <para>Mismatched use of malloc/new/new [] vs free/delete/delete []</para> |
| 38 | </listitem> |
| 39 | <listitem> |
| 40 | <para>Overlapping <computeroutput>src</computeroutput> and |
| 41 | <computeroutput>dst</computeroutput> pointers in |
| 42 | <computeroutput>memcpy()</computeroutput> and related |
| 43 | functions</para> |
| 44 | </listitem> |
| 45 | <listitem> |
| 46 | <para>Some misuses of the POSIX pthreads API</para> |
| 47 | </listitem> |
| 48 | </itemizedlist> |
| 49 | |
| 50 | |
| 51 | <para>Rather than duplicate much of the Memcheck docs here |
| 52 | (a.k.a. since I am a lazy b'stard), users of Addrcheck are |
| 53 | advised to read <xref linkend="mc-manual.bugs"/>. Some important |
| 54 | points:</para> |
| 55 | |
| 56 | <itemizedlist> |
| 57 | |
| 58 | <listitem> |
| 59 | <para>Addrcheck is exactly like Memcheck, except that all the |
| 60 | value-definedness tracking machinery has been removed. |
| 61 | Therefore, the Memcheck documentation which discusses |
| 62 | definedess ("V-bits") is irrelevant. The stuff on |
| 63 | addressibility ("A-bits") is still relevant.</para> |
| 64 | </listitem> |
| 65 | |
| 66 | <listitem> |
| 67 | <para>Addrcheck accepts the same command-line flags as |
| 68 | Memcheck, with the exception of ... (to be filled in).</para> |
| 69 | </listitem> |
| 70 | |
| 71 | <listitem> |
| 72 | <para>Like Memcheck, Addrcheck will do memory leak checking |
| 73 | (internally, the same code does leak checking for both |
| 74 | tools). The only difference is how the two tools decide |
| 75 | which memory locations to consider when searching for |
| 76 | pointers to blocks. Memcheck will only consider 4-byte |
| 77 | aligned locations which are validly addressible and which |
| 78 | hold defined values. Addrcheck does not track definedness |
| 79 | and so cannot apply the last, "defined value", |
| 80 | criteria.</para> |
| 81 | |
| 82 | <para>The result is that Addrcheck's leak checker may |
| 83 | "discover" pointers to blocks that Memcheck would not. So it |
| 84 | is possible that Memcheck could (correctly) conclude that a |
| 85 | block is leaked, yet Addrcheck would not conclude |
| 86 | that.</para> |
| 87 | |
| 88 | <para>Whether or not this has any effect in practice is |
| 89 | unknown. I suspect not, but that is mere speculation at this |
| 90 | stage.</para> |
| 91 | </listitem> |
| 92 | |
| 93 | </itemizedlist> |
| 94 | |
| 95 | <para>Addrcheck is, therefore, a fine-grained address checker. |
| 96 | All it really does is check each memory reference to say whether |
| 97 | or not that location may validly be addressed. Addrcheck has a |
| 98 | memory overhead of one bit per byte of used address space. In |
| 99 | contrast, Memcheck has an overhead of nine bits per byte.</para> |
| 100 | |
| 101 | <para>Due to lazyness on the part of the implementor (Julian), |
| 102 | error messages from Addrcheck do not distinguish reads from |
| 103 | writes. So it will say, for example, "Invalid memory access of |
| 104 | size 4", whereas Memcheck would have said whether the access is a |
| 105 | read or a write. This could easily be remedied, if anyone is |
| 106 | particularly bothered.</para> |
| 107 | |
| 108 | <para>Addrcheck is quite pleasant to use. It's faster than |
| 109 | Memcheck, and the lack of valid-value checks has another side |
| 110 | effect: the errors it does report are relatively easy to track |
| 111 | down, compared to the tedious and often confusing search |
| 112 | sometimes needed to find the cause of uninitialised-value errors |
| 113 | reported by Memcheck.</para> |
| 114 | |
| 115 | <para>Because it is faster and lighter than Memcheck, our hope is |
| 116 | that Addrcheck is more suitable for less-intrusive, larger scale |
| 117 | testing than is viable with Memcheck. As of mid-November 2002, |
| 118 | we have experimented with running the KDE-3.1 desktop on |
| 119 | Addrcheck (the entire process tree, starting from |
| 120 | <computeroutput>startkde</computeroutput>). Running on a 512MB, |
| 121 | 1.7 GHz P4, the result is nearly usable. The ultimate aim is |
| 122 | that is fast and unintrusive enough that (eg) KDE sessions may be |
| 123 | unintrusively monitored for addressing errors whilst people do |
| 124 | real work with their KDE desktop.</para> |
| 125 | |
| 126 | <para>Addrcheck is a new experiment in the Valgrind world. We'd |
| 127 | be interested to hear your feedback on it.</para> |
| 128 | |
| 129 | </sect1> |
| 130 | |
| 131 | </chapter> |