4. Memcheck: a memory error detector
To use this tool, you may specify
--tool=memcheck
on the Valgrind command line. You don’t have to, though,
since Memcheck is the default tool.
4.1. Overview
Memcheck is a memory error detector. It can detect the following problems that are common in C and C++ programs.
• Accessing memory you shouldn’t, e.g. overrunning and underrunning heap blocks, overrunning the top of the stack,
and accessing memory after it has been freed.
• Using undefined values, i.e. values that have not been initialised, or that have been derived from other undefined
values.
• Incorrect freeing of heap memory, such as double-freeing heap blocks, or mismatched use of
malloc
/
new
/
new[]
versus
free
/
delete
/
delete[]
• Overlapping
src
and
dst
pointers in
memcpy
and related functions.
• Memory leaks.
Problems like these can be difficult to find by other means, often remaining undetected for long periods, then causing
occasional, difficult-to-diagnose crashes.
4.2. Explanation of error messages from
Memcheck
Memcheck issues a range of error messages. This section presents a quick summary of what error messages mean.
The precise behaviour of the error-checking machinery is described in
Details of Memcheck’s checking machinery
.
4.2.1. Illegal read / Illegal write errors
For example:
Invalid read of size 4
at 0x40F6BBCC: (within /usr/lib/libpng.so.2.1.0.9)
by 0x40F6B804: (within /usr/lib/libpng.so.2.1.0.9)
by 0x40B07FF4: read_png_image(QImageIO *) (kernel/qpngio.cpp:326)
by 0x40AC751B: QImageIO::read() (kernel/qimage.cpp:3621)
Address 0xBFFFF0E0 is not stack’d, malloc’d or free’d
This happens when your program reads or writes memory at a place which Memcheck reckons it shouldn’t.
In
this example, the program did a 4-byte read at address 0xBFFFF0E0, somewhere within the system-supplied library
libpng.so.2.1.0.9, which was called from somewhere else in the same library, called from line 326 of
qpngio.cpp
,
and so on.
Memcheck tries to establish what the illegal address might relate to, since that’s often useful.
So, if it points
into a block of memory which has already been freed, you’ll be informed of this, and also where the block was
50