walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity
cppcheck/test/testsuites/duma/memCheckers.html

367 lines
16 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><title>Comparison of Free Memory Checkers</title>
<link rel="start" type="text/html" href="http://www.cs.utexas.edu/%7Ejpmartin/index.html">
<link rel="up" type="text/html" href="http://www.cs.utexas.edu/%7Ejpmartin/resources.html">
<link rel="icon" type="image/png" href="http://www.cs.utexas.edu/%7Ejpmartin/longhorn_icon.png">
<link rel="styleSheet" href="memCheckers-Dateien/jpstyle.css" title="default stylesheet">
<link rel="Alternate StyleSheet" href="memCheckers-Dateien/boringstyle.css" title="alternate
(old-fashioned) stylesheet"></head><body>
<h1><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/index.html">Jean-Philippe Martin</a> |
<a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/resources.html">Resources</a> | Memory Checkers Comparison </h1>
<hr>
<p>
</p><h3>Memory Checkers</h3>
Memory checkers are debugging tools that help programmers find
improper use of pointers, typically memory leaks.
<p align="justify">
There are some freely available memory checkers. I ran a series of
very simple tests to determine what they can do. The <b>wrong</b>
series of tests contains code that makes pointer mistakes that are not
memory leaks, for example freeing a pointer twice, writing to
uninitialized memory or using delete instead of delete []. The
<b>leak</b> series of tests contains simple memory leaks,
i.e. pointers that are allocated but not released. The <b>ok</b>
series of tests contains programs that are correct and thus should not
cause the memory checker to output any alarm message.
</p>
<h3>C tests</h3>
(updated 3/10/2006)<p>
<table border="1">
<colgroup>
</colgroup><colgroup span="3">
</colgroup><colgroup span="2">
</colgroup><colgroup>
</colgroup><tbody><tr>
<th>Checker
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong1.c">wrong1.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong3.c">wrong3.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong6.c">wrong6.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong7.c">wrong7.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak1.c">leak1.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak2.c">leak2.c</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/ok5.c">ok5.c </a>
</th></tr>
<tr align="center">
<td><a class="title" href="http://www.gnu.org/manual/glibc-2.2.5/html_node/Heap-Consistency-Checking.html">MALLOC_CHECK_</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong7.out">*</a>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://dmalloc.com/">dmalloc</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://prj.softpixel.com/mcd/">memCheckDeluxe</a>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://www.linkdata.se/sourcecode.html">memwatch</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/memwatch-response.txt">*</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://duma.sourceforge.net/">DUMA</a>
</td><td><b><font color="darkgreen">OK</font></b>
<!-- segfaults on the bad write, but misses the bad read -->
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
<!-- segfaults on the first bug. That counts as finding it -->
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK<a href="http://www.cs.utexas.edu/%7Ejpmartin/duma-l2c.txt">*</a></font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://devel-home.kde.org/%7Esewardj/">valgrind</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
</tbody></table>
</p><p>
</p><h3>C++ tests</h3>
<table border="1">
<tbody><tr>
<th>Checker
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong1.cc">wrong1.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong2.cc">wrong2.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong3.cc">wrong3.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong4.cc">wrong4.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong5.cc">wrong5.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong6.cc">wrong6.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak1.cc">leak1.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak2.cc">leak2.cc</a>
</th><th><a class="title" href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/ok5.cc">ok5.cc</a>
</th></tr>
<tr align="center">
<td><a class="title" href="http://www.gnu.org/manual/glibc-2.2.5/html_node/Heap-Consistency-Checking.html">MALLOC_CHECK_</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://dmalloc.com/">dmalloc</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/dmalloc-wrong2.txt">*</a></b>
</td><td><b><font color="darkred">missed</font><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/dmalloc-wrong3.txt">*</a></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/dmalloc-ok5.txt">*</a></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://duma.sourceforge.net/">DUMA</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
<!-- caught the write to uninitialized memory, but not the read -->
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td></tr>
<tr align="center">
<td><a class="title" href="http://devel-home.kde.org/%7Esewardj/">valgrind</a>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK<a href="http://www.cs.utexas.edu/%7Ejpmartin/valgrind-w3cc.txt">*</a></font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkred">missed</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td><td><b><font color="darkgreen">OK</font></b>
</td></tr>
</tbody></table>
<p>
</p><h3>Conclusion</h3>
<p align="justify">
memWatch and memCheckDeluxe are both memory leak detectors, and they
passed all the memory leak tests. Memwatch wins this round because it
was able to detect the double-free in wrong1.c and the out-of-bounds
accesses in the dynamically allocated array of wrong7.c (not the
static array of wrong6 - but no one else did, either).
Both programs are designed to work with C and require a
recompilation.
</p>
<p align="justify">
MALLOC_CHECK_ is an interesting test: it is triggered simply by
setting the environment variable MALLOC_CHECK_ to 1, and the rest of
the magic is done by glibc (see the link in references, below). This
is the easiest check to set up and it requires no recompilation. It
detected the double free in wrong1 and the mismatched malloc/delete or
new/free pairs in wrong2.cc and wrong5.cc. It was able to see that
something was fishy in wrong7.c, but it reports a single error at the "free"
instead of when we are accessing the memory instead of two errors, for
each out-of-bounds access. MALLOC_CHECK_ cannot detect
memory leaks and did not detect the use of uninitialized memory in
wrong3.
</p>
<p align="justify">
dmalloc is more than a leak detector, but it didn't detect as
many bad cases as valgrind and requires a recompile. Also, its C++
support is (in the author's words) minimal. In particular, I have not
been able to get dmalloc to report line numbers with C++ (<a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/dmalloc-cpp.txt">log</a>), although that feature mostly
works with C code - in both leak1.c and leak2.c it pointed to
the <tt>return()</tt> instead of the line that allocated the unfreed
memory. Dmalloc also often reports unfreed memory, even for programs
that are correct. This may be because of errors in the c++ library,
but it makes the reports harder to read. In contrast, valgrind has a
way to hide leaks that it knows about so its reports are more
clear. See also the <a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/dmalloc-feedback.txt">author's comments</a>.
</p>
<p align="justify">
valgrind is clearly the winner of this little contest. valgrind
requires no recompilation of the program, so it's very easy to set
up. It identified almost all of the incorrect pointer uses and memory
leaks. The only test that it missed is wrong6, in which we break the
bounds of an array. No other checker spotted that one, though. Also,
valgrind has been improved since we ran this test, so it may perform
even better than what we show here.
</p>
<p align="justify">
DUMA is a very close second. The results I am posting here come from
Koneru Srikanth (kpsrikanth at gmail dot com) who generously sent them
to me. DUMA seems not to require a recompile, but the tests were run
on recompiled code. DUMA performs really well. It was also able to
detect out-of-bounds writes
(it is reported as failing wrong3.cc because it missed the
out-of-bounds read). If for some reason valgrind does not work for
you, then I recommend that you give DUMA a spin.
</p><h3>Reference</h3>
I tested:
<ul>
<li><a href="http://www.gnu.org/manual/glibc-2.2.5/html_node/Heap-Consistency-Checking.html">MALLOC_CHECK_</a>
for glibc (C and C++: requires no recompilation)
</li><li><a href="http://dmalloc.com/">dmalloc-5.2.2</a> (C, minimal C++ support; requires recompilation)
</li><li><a href="http://prj.softpixel.com/mcd/">memCheckDeluxe-1.2.2</a> (C,
some C++. Requires recompilation)
</li><li><a href="http://www.linkdata.se/sourcecode.html">memwatch-2.71</a> (C
only; requires recompilation)
</li><li><a href="http://devel-home.kde.org/%7Esewardj/">valgrind-1.9.6</a>
(C, C++ and more: requires no recompilation)
</li><li><a href="http://duma.sourceforge.net/">DUMA</a> version 2.4.26
(C and C++. Documentation says that no recompilation is needed, but
the tests were run on recompiled code) (as mentioned above, these tests
were contributed by Koneru Srikanth).
</li></ul>
I did not test:
<ul>
<li><a href="http://perens.com/FreeSoftware/">electric fence-2.1</a>
(did not compile on first attempt (<a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/efence-output.txt">log</a>))
</li><li><a href="http://check.sourceforge.net/">Checker-0.9.9.1</a> (did
not compile on first attempt (<a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/checker-output.txt">log</a>); author suggests I use
valgrind instead)
</li></ul>
Test programs:
<ul>
<li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong1.c">wrong1.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong3.c">wrong3.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong6.c">wrong6.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong7.c">wrong7.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak1.c">leak1.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak2.c">leak2.c</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/ok5.c">ok5.c </a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong1.cc">wrong1.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong2.cc">wrong2.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong3.cc">wrong3.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong4.cc">wrong4.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong5.cc">wrong5.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/wrong6.cc">wrong6.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak1.cc">leak1.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/leak2.cc">leak2.cc</a>
</li><li><a href="http://www.cs.utexas.edu/%7Ejpmartin/memcheck/ok5.cc">ok5.cc</a>
</li></ul>
<h3>ToDo</h3>
The following memory checkers have been mentioned to me but I haven't
tried them yet:
<ul>
<li>mpatrol at http://www.cbmamiga.demon.co.uk/mpatrol/
</li></ul>
<h3>Change History</h3>
March 10, 2006: added DUMA, contributed by Koneru Srikanth
<br>
Oct 6, 2003: mention of mpatrol
<br>
Sept 29, 2003: added dmalloc
<br>
June 25, 2003: minor change in the text
<br>
June 24, 2003: corrected result for memwatch's wrong1.c, added wrong7.c
<br>
June 15, 2003: initial release
<p>
Please <a href="http://www.cs.utexas.edu/%7Ejpmartin/contact.html">contact</a> me if you have feedback or
would like to suggest another tool for the test.
</p><p></p><hr>
[<a accesskey="j" href="http://www.cs.utexas.edu/%7Ejpmartin/index.html"><b>J</b>P Martin</a>]
[<a accesskey="s" href="http://www.cs.utexas.edu/%7Ejpmartin/resources.html">re<b>s</b>ources</a>]
[<a accesskey="c" href="http://www.cs.utexas.edu/%7Ejpmartin/contact.html"><b>c</b>ontact information</a>]
<p>
</p><center>
<a href="http://www.anybrowser.org/campaign/"><img src="memCheckers-Dateien/viewed-any.gif" alt="Best viewed with *any* browser" border="0" height="30" width="85"></a>
</center>
</body></html>
Reference in New Issue View Git Blame Copy Permalink