memory debugging
play

Memory Debugging SS 2007 Johannes Kepler University Linz, Austria - PowerPoint PPT Presentation

Feb 01, 2024 •254 likes •434 views

Advanced Topics on Applied Systemtheory: Debugging Memory Debugging 1 Memory Debugging SS 2007 Johannes Kepler University Linz, Austria Dr. Toni Jussila Institut for Formal Models and Verification http://fmv.jku.at/kv Applied Systemtheory

  1. Advanced Topics on Applied Systemtheory: Debugging Memory Debugging 1 Memory Debugging SS 2007 Johannes Kepler University Linz, Austria Dr. Toni Jussila Institut for Formal Models and Verification http://fmv.jku.at/kv Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  2. Memory Debugging Memory Debugging 2 • some programming languages (most notably C and C++), leave the management of the heap ∗ to the programmer – you allocate new memory with malloc() / new() – you free allocated memory with free() / delete() • unintentional misuse of this heap memory is a common source of errors • there types of faults are time bombs – they may manifest themselves only millions of instructions later Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz ∗ heap is the place where new objects are allocated

  3. Types of Heap Faults Memory Debugging 3 1. uninitialized memory read resp. copy (umr, umc) 2. using memory that you do not own (a) null pointer read or write (npr, npw) (b) zero page read of write (zpr, zpw) (c) invalid pointer read or write (ipr, ipw) (d) free memory read or write (fmr, fmw) (e) beyong stack read or write (bsr, bsw) Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  4. Types of Heap Faults II Memory Debugging 4 3. using more memory that you have allocated (buffer overruns) (a) array bounds read (abr) (b) array bounds write (abw) 4. using faulty heap memory management (a) memory leaks and potential memory leaks (mlk, plk, mpk) (b) freeing invalid memory (fim) i. freeing mismatched memory (fmm) ii. freeing non-heap memory (fnh) iii. freeing unallocated memory (fum) Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  5. Tools to Detect Memory Faults Memory Debugging 5 • validating the heap with MALLOC CHECK – provided with the GNU C runtime library • avoiding buffer overflows with Electricfence – provided as a library, compile with -lefence • detecting memory errors with Purify (a commercial tool) • detecting memory errors (and profiling) with Valgring Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  6. Purify Memory Debugging 6 • initially written by Reed Hastings and Bob Joyce (1991) • Pure Software ⇒ Pure Atria ⇒ Rational Software ⇒ IBM • OCI = Object Code Instrumentation – compile your programs with debug information (switch -g ) – call Purify with the binary as an argument to instrument it with additional code around calls to malloc() and free() – if you run the instrumented program, Purify detects errors inside of your program or operating system libraries at runtime – program may work, yet Purify may report an error Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  7. Heap Fault Examples I Memory Debugging 7 • NPR – read from address zero • ZPR – try to read an address from memory page zero typedef struct node { struct node* next; int val; } Node; int findLastNodeValue(Node* head) { while (head->next != NULL) { /* Expect NPR */ head = head->next; } return head->val; /* Expect ZPR */ } void genNPRandZPR() { int i = findLastNodeValue(NULL); } Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  8. Heap Fault Examples II Memory Debugging 8 • FMR – read from a memory that is released (dangling pointer) • FMR – write from a memory that is released int* init_array(int *ptr, int new_size) { ptr = (int*) realloc(ptr, new_size*sizeof(int)); memset(ptr, 0, new_size*sizeof(int)); return ptr; } int* fill_fibonacci(int *fib, int size) { int i; /* oops, forgot: fib = */ init_array(fib, size); fib[1] = 1; for (i=2; i<size; i++) fib[i] = fib[i-1] + fib[i-2]; return fib; } void genFMRandFMW() { int *array = (int*)malloc(10); fill_fibonacci(array, 3); } Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  9. Heap Fault Examples III Memory Debugging 9 • BSR – beyond stack read (dangling stack pointer) • BSW – beyong stack write char *append(const char* s1, const char *s2) { const int MAXSIZE = 128; char result[128]; int i=0, j=0; for (j=0; i<MAXSIZE-1 && j<strlen(s1); i++,j++) { result[i] = s1[j]; } for (j=0; i<MAXSIZE-1 && j<strlen(s2); i++,j++) { result[i] = s2[j]; } result[++i] = ’\0’; return result; } void genBSRandBSW() { char *name = append("Applied ", append("System", "theory")); printf("%s\n", name); /* Expect BSR */ *name = ’\0’; /* Expect BSW */ } Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  10. Heap Fault Examples IV – memory leaks Memory Debugging 10 • PLK – potential memory leak int *plk = NULL; void genPLK() { plk = (int *) malloc(2 * sizeof(int)); /* Expect PLK */ plk++; } • FNH – freeing non-heap memory • FUM – freeing unallocated memory void genFNH() { int fnh = 0; free(&fnh); /* Expect FNH: freeing stack memory */ } void genFUM() { int *fum = (int *) malloc(4 * sizeof(int)); free(fum+1); /* Expect FUM: fum+1 points to middle of a block */ free(fum); free(fum); /* Expect FUM: freeing already freed memory */ } Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  11. Valgrind Memory Debugging 11 • named after the holy entrance of Valhalla from Nordic mythology • originally written by Julian Seward (aka the author of bzip2 ) • DBI framework for building heavyweight DBA tools • tool to execute dynamic x86-to-x86 transformations – thus can be combined with different code instrumentation plug-ins – shadow values: for each register and memory value you can introduce additional data Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  12. Valgrind II Memory Debugging 12 • Valgrind runs on the machine’s real CPU • the client (the program to be analyzed) is run on a simulated CPU • Tools: heap bugs can be analyzed with a plug-in called memcheck • cachegrind annotate every line of your program with the number of executed in- structions and incurred cache misses • callgrind get call counts and cost of each call • helgrind spots potential race conditions in your program Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  13. Valgrind III Memory Debugging 13 • uses dynamic binary recompilation (D & R) – machine code is transformed to Valgrind intermediate representation – architecture-neutral, single-static-assignment (SSA) – granularity: superblock (single-entry, multiple-exit) – RISC-like, yet over 200 primitive arithmetic/logical operations • FP , MMX, SSE and SSE2 instructions (on Intel architecture) – not disassembled to the same level of detail as integer instructions • cannot trace into kernel, system calls handled by wrappers 15KLOC of tedious C code Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  14. (Valgrind) + memcheck Memory Debugging 14 • memory definedness checker at the bit level • for each register or memory bit, a shadow V-bit is introduced • every operation that creates a value is shadowed by an operation that computes the V-bits of the output based on those of the input • every operation using a value in a way that could affect observable behavior is checked • example: d3 = Add(d1, d2) is shadowed by v3 = Left(UifU(v1, v2)) • large overhead, programs typically run 20 – 30 times slower Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  15. Memcheck, avoiding false positives Memory Debugging 15 • Memcheck defers error reporting as far as it can. • Checks for undefinedness are made for: 1. memory addresses in load and store instructions 2. conditional jump, check %eflags for definedness 3. arguments to system calls 4. memory loads (address and data) into a SIMD or FP register Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  16. Memcheck – limitations Memory Debugging 16 • cannot be free of both false positives and negatives – equivalent of solving the Halting Problem • design goal: almost completely avoid false negatives and minimize false positives • a worthy aim: Memcheck-cleanness. To get there, dummy initializations may be needed. • Memcheck cannot test for code that is not executed – thus, in addition to ad-hoc debugging, it should be used together with automatic regression test suites Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

  17. Current Trends Memory Debugging 17 • Valgrind and Purify only make sense in environments where heap memory manage- ment is left to the programmer • current trend in software development is to trade performance for runtime safety wherever possible (Zeller) • in Java and .NET the integrity of code and data is constantly verified • given explosion in computational power, the cost of checking becomes more and more irrelevant • eventually, proving correctness may turn to be a strategy for optimization Applied Systemtheory – SS 2007 – Toni Jussila – JKU Linz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Visual Debugging Software What is Debugging Visualization Visualizing

Visual Debugging Software What is Debugging Visualization Visualizing

Visual Debugging Software What is Debugging Visualization Visualizing Program State Incremental interactive unfolding (DDD) Visual Memory Abstract representations (traversal-based) Debugging Focusing: memory

433 views • 5 slides
Memory Debugging Parallel Applications on BlueGene SciComp May 21, 2009 1 Ed Hinkel Agenda

Memory Debugging Parallel Applications on BlueGene SciComp May 21, 2009 1 Ed Hinkel Agenda

Memory Debugging Parallel Applications on BlueGene SciComp May 21, 2009 1 Ed Hinkel Agenda Introduction Memory (mis) Management Memory Debug Options &amp; Issues Memory Debugging Techniques Whats New 2 2 Memory Bugs

618 views • 32 slides
Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and

Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and

Chapter 15 Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and set values in memory Execute portions of program Stop execution when (and where) desired Want debugging tools to operate on

274 views • 9 slides
Debugging Memory Leaks in .NET CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM

Debugging Memory Leaks in .NET CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM

Debugging Memory Leaks in .NET CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 18.07.2020 DEBUGGING MEMORY LEAKS IN .NET - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases.

779 views • 40 slides
Debugging and improving the C/C++11 memory model Viktor Vafeiadis Max Planck Institute for

Debugging and improving the C/C++11 memory model Viktor Vafeiadis Max Planck Institute for

Debugging and improving the C/C++11 memory model Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) January 2016 The C11 memory model Defines the semantics of concurrent memory accesses in C/C++. Standardised by ISO C/C++

865 views • 48 slides
Debugging a Memory Manager Karl Cronburg karl@cs.tufts.edu Tufts University The Problem How do

Debugging a Memory Manager Karl Cronburg karl@cs.tufts.edu Tufts University The Problem How do

Debugging a Memory Manager Karl Cronburg karl@cs.tufts.edu Tufts University The Problem How do we guarantee correctness of a memory management system? Difficulties include: Complex garbage collection (GC) algorithms Static analysis

688 views • 51 slides
Debugging Distributed-Shared-Memory Communication at Multiple Granularities in Networks on Chip

Debugging Distributed-Shared-Memory Communication at Multiple Granularities in Networks on Chip

Debugging Distributed-Shared-Memory Communication at Multiple Granularities in Networks on Chip Bart Vermeulen 1 Kees Goossens 1,2 Siddharth Umrani 2 1 Research, NXP Semiconductors 2 Computer Engineering, Delft University of Technology 2

801 views • 26 slides
Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production

Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production

Welcome to Advanced .NET Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production Challenges in debugging Production issues Production Environment Debugging Timeline Tools for .NET Debugging Review 3

622 views • 47 slides
DEBUGGING RUBY PERFORMANCE Aman Gupta @tmm1 speakerdeck.com/u/tmm1/p/debugging-ruby-performance

DEBUGGING RUBY PERFORMANCE Aman Gupta @tmm1 speakerdeck.com/u/tmm1/p/debugging-ruby-performance

DEBUGGING RUBY PERFORMANCE Aman Gupta @tmm1 speakerdeck.com/u/tmm1/p/debugging-ruby-performance AS RUBYISTS, WE'VE SEEN... ejpphoto (flickr) nasty bugs code fatboyke (flickr) memory bloat 37prime (flickr) THIS TALK IS ABOUT... TOOLS TO

1.63k views • 125 slides
Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging

Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging

CS 240 Stage 2 Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging Machine code, assembly language, program translation Control flow Procedures, stacks Data layout, security, linking and loading Program,

822 views • 29 slides
Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging

Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging

CS 240 Stage 2 Hardware-Software Interface Memory addressing, C language, pointers Assertions, debugging Machine code, assembly language, program translation Control flow Procedures, stacks Data layout, security, linking and loading Program,

415 views • 30 slides
Debugging Memory Problems on Cray XT3 Supercomputers with TotalView Debugger Chris Gottbrath,

Debugging Memory Problems on Cray XT3 Supercomputers with TotalView Debugger Chris Gottbrath,

Debugging Memory Problems on Cray XT3 Supercomputers with TotalView Debugger Chris Gottbrath, Ariel Burton TotalView Technologies Robert Moench, Luiz DeRose Cray What is TotalView? Source Code Debugger C, C++, Fortran 77,

459 views • 29 slides
Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition

Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition

Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition Jakob Engblom, PhD Virtutech jakob@virtutech.com 1 Scope &amp; Context of This Talk Multiprocessor revolution Programming multicore

1.5k views • 129 slides
Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination.

Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination.

Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination. Will also talk about the ddd gui for gdb (lots of value added to gdb). First, debugging in the abstract: Program state is a snapshot

475 views • 20 slides
1 Crashes, interrupts, and backtrace Watchpoints GDB will automatically stop if the program

1 Crashes, interrupts, and backtrace Watchpoints GDB will automatically stop if the program

Debugging and debuggers Debugging in the development cycle You have probably already had the experience of making Edit a mistake in a program Speaking roughly, debugging is the process: After you know that your code is wrong

911 views • 3 slides
Enhanced Memory debugging of MPI-parallel Applications in Open MPI 4th Parallel tools workshop

Enhanced Memory debugging of MPI-parallel Applications in Open MPI 4th Parallel tools workshop

Enhanced Memory debugging of MPI-parallel Applications in Open MPI 4th Parallel tools workshop 2010 Shiqing Fan HLRS, High Performance Computing Center University of Stuttgart, Germany Slide 1 High Performance Computing Center Stuttgart

364 views • 19 slides
Malamed Slide Related To Medical Emergencies Knowing Your

Malamed Slide Related To Medical Emergencies Knowing Your

Malamed Slide Related To Medical Emergencies Knowing Your Patient Preparing Dental Staff for Emergencies in the Office Preparing for Medical Emergencies

90 views • 8 slides
The Cardiac Pacemaker Case Study and its implementation in Safety-Critical Java and Ravenscar Ada

The Cardiac Pacemaker Case Study and its implementation in Safety-Critical Java and Ravenscar Ada

The Cardiac Pacemaker Case Study and its implementation in Safety-Critical Java and Ravenscar Ada Neeraj Kumar Singh, Andy Wellings, Ana Cavalcanti University of York, United Kingdom JTRES, 24-26 October 2012 Singh, Wellings and Cavalcanti

518 views • 34 slides
It V T V = L In mm LV = I with L = V T LEFT INVERSE COMPSCI 527 Computer Vision The

It V T V = L In mm LV = I with L = V T LEFT INVERSE COMPSCI 527 Computer Vision The

Orthogonal Matrices The Left Inverse of an Orthogonal Matrix M E m q i = v T i p (Finding coefficients q i is easy!) O_O Rewrite v T i v j = ij in matrix form V = [ v 1 , . . . , v n ] 2 R m n It V T V = L In mm LV = I with L =

467 views • 9 slides
BIOE 301 Review of Last Time How do we treat coronary artery disease? CABG PTCA

BIOE 301 Review of Last Time How do we treat coronary artery disease? CABG PTCA

Lecture Sixteen BIOE 301 Review of Last Time How do we treat coronary artery disease? CABG PTCA Stent Prevention Progression of Heart Disease High Blood Pressure High Cholesterol Levels Heart Failure Atherosclerosis Heart

675 views • 51 slides
Bio-ontologies in medicine: From bench to bedside and back again XXIII International Conference

Bio-ontologies in medicine: From bench to bedside and back again XXIII International Conference

Bio-ontologies in medicine: From bench to bedside and back again XXIII International Conference of the European Federation for Medical Informatics, Oslo, 2831.08.2011 Peter N. Robinson Charit e Universit atsmedizin Berlin Desiderata

697 views • 22 slides
4Q FY2011/12 2Q FY16/17 Financial Results Presentation Investor Presentation 25 October 2016

4Q FY2011/12 2Q FY16/17 Financial Results Presentation Investor Presentation 25 October 2016

4Q FY2011/12 2Q FY16/17 Financial Results Presentation Investor Presentation 25 October 2016 ASEAN Stars Conference 2012 1 March 2012 Asias First Listed Indian Property Trust Asias First Listed Indian Property Trust Disclaimer This

563 views • 38 slides
Introduction Modelling Biological Knowledge with OWL Much has been written about what KR

Introduction Modelling Biological Knowledge with OWL Much has been written about what KR

Introduction Modelling Biological Knowledge with OWL Much has been written about what KR languages can offer domain experts in terms of modelling facilities Much less has been written about what Robert Stevens and Georgina Moulton

672 views • 18 slides
ECG Dr. Foadoddini ECG= Combination of Depol. And Repol. waves Dr. Foadoddini

ECG Dr. Foadoddini ECG= Combination of Depol. And Repol. waves Dr. Foadoddini

Chapt. 11,12,13 ECG Dr. Foadoddini ECG= Combination of Depol. And Repol. waves Dr. Foadoddini Isoelectric P R interval: bw A &amp;V excitation Q T interval: V contraction Dr. Foadoddini

969 views • 57 slides

More recommend