摘要:
valgrind是linux下用于调试程序和查找内存泄露的常用工具。valgrind会报告5种内存泄露,"definitely lost", "indirectly lost", "possibly lost", "still reachable", and "suppressed"。笔者于工作闲暇之余对这5种(其实是4种,有一种没研究出结果)内存泄露的出现原因及区别进行了研究,撰此文以记之。
测试环境:
Linux 2.6.18-194.el5 x86_64
valgrind-3.5.0
官方解释及分析:
摘自#faq.deflost
5.2.With Memcheck’s memory leak detector, what’s the difference between "definitely lost", "indirectly lost", "possibly lost", "still reachable", and "suppressed"?The details are in the Memcheck section of the user manual.In short:"definitely lost" means your program is leaking memory — fix those leaks!"indirectly lost" means your program is leaking memory in a pointer-based structure. (E.g. if the root node of a binary tree is "definitely lost", all the children will be "indirectly lost".) If you fix the "definitely lost" leaks, the "indirectly lost" leaks should go away."possibly lost" means your program is leaking memory, unless you’re doing unusual things with pointers that could cause them to point into the middle of an allocated block; see the user manual for some possible causes. Use –show-possibly-lost=no if you don’t want to see these reports."still reachable" means your program is probably ok — it didn’t free some memory it could have. This is quite common and often reasonable. Don’t use –show-reachable=yes if you don’t want to see these reports."suppressed" means that a leak error has been suppressed. There are some suppressions in the default suppression files. You can ignore suppressed errors.
"definitely lost":确认丢失。程序中存在内存泄露,应尽快修复。当程序结束时如果一块动态分配的内存没有被释放且通过程序内的指针变量均无法访问这块内存则会报这个错误。
"indirectly lost":间接丢失。当使用了含有指针成员的类或结构时可能会报这个错误。这类错误无需直接修复,他们总是与"definitely lost"一起出现,只要修复"definitely lost"即可。例子可参考我的例程。
"possibly lost":可能丢失。大多数情况下应视为与
"still reachable":可以访问,未丢失但也未释放。如果程序是正常结束的,那么它可能不会造成程序崩溃,但长时间运行有可能耗尽系统资源,,因此笔者建议修复它。如果程序是崩溃(如访问非法的地址而崩溃)而非正常结束的,则应当暂时忽略它,先修复导致程序崩溃的错误,然后重新检测。
测试程序:
源码(C++):
#include "stdio.h"#include "stdlib.h"class c1{private:char *m_pcData;public:c1();~c1();};c1::c1(){m_pcData=(char*)malloc(10);}c1::~c1(){if(m_pcData) delete m_pcData;} char *Fun1()//definitely lost{char *pcTemp;pcTemp=(char*)malloc(10);return pcTemp;}char *Fun2()//still reachable{static char *s_pcTemp=NULL;if(s_pcTemp==NULL) s_pcTemp=(char*)malloc(10);return NULL;}char *Fun3()//possibly lost{static char *s_pcTemp;char *pcData;pcData=(char*)malloc(10);s_pcTemp=pcData+1;return NULL;}int Fun4()//definitely and indirectly lost{c1 *pobjTest;pobjTest=new c1();return 0;}char *Fun5()//possibly lost but no need of repair,repair the breakdown then no memory leak{char *pcData;int i,*piTemp=NULL;pcData=(char*)malloc(10);pcData+=10;for(i=0;i<10;i++){pcData–;*pcData=0;if(i==5) *piTemp=1;//create a breakdown}free(pcData);return NULL;}int main(){printf("This program will create various memory leak,use valgrind to observe it.\n");printf("Following functions are bad codes,don\&;t imitate.\n");printf("Fun1\n");Fun1();printf("Fun2\n");Fun2();printf("Fun3\n");Fun3();printf("Fun4\n");Fun4();printf("Fun5\n");Fun5();printf("end\n");return 0;}
使用valgrind运行结果:
没有创造的生活不能算生活,只能算活着。
