Linux下SegmentFault(double free)分析方法(五)memwatch
一、memwatch 简介
MemWatch由 Johan Lindh 编写,是一个开放源代码 C 语言内存错误检测工具。MemWatch支持 ANSI C,它提供结果日志纪录,能检测双重释放(double-free)、错误释放(erroneous free)、内存泄漏(unfreed memory)、溢出(Overflow)、下溢(Underflow)等等。
二、memwatch使用
1、下载memwatch
官方网站
http://www.linkdata.se/sourcecode/memwatch/
从上述网址下载对应源码,一般版本为 2.71
下载后文件为:
memwatch-2.71.tar.gz
2、在Linux下进行解压
tar -xvfz memwatch-2.71.tar.gz
root@ubuntu:/Deepinfar/IIIA/SegmentFault/5.memwatch/memwatch-2.71# tree
.
├── FAQ
├── gpl.txt
├── Makefile 编译
├── memwatch.c MW系列接口定义
├── memwatch.h MW系列接口声明
├── memwatch.lsm
├── README 如何编译,链接自己的代码,生成可执行程序 ( 默认生成a.out ) 监测内存
├── test.c 自带的测试程序,可以换成自己的代码
└── USING 说明memwatch如何使用
这里面文件对memwatch进行了详细的介绍,这里就不一一说明,感兴趣的同学可以取里面进行查看
3、使用示例
1)、使用自带测试程序
直接执行makefile即可,默认生成a.out 执行即可
2)、编写自己程序
测试程序
double_free_c.c
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include "memwatch.h"
typedef struct Test
{
int s32_test;
double d_test;
char * ptest1;
size_t u32_data_size1;
int * ptest2;
size_t u32_data_size2;
}Test;
int main(void)
{
Test st_test1,st_test2;
st_test1.s32_test = 45;
st_test1.d_test = 45.00;
st_test1.ptest1 = malloc(24);
st_test1.u32_data_size1 = 24;
st_test1.ptest2 = malloc(48);
st_test1.u32_data_size2 = 48;
st_test2.s32_test = 12;
st_test2.d_test = 12.00;
st_test2.ptest1 = malloc(64);
st_test2.u32_data_size1 = 64;
st_test2.ptest2 = malloc(82);
st_test2.u32_data_size2 = 72;
st_test2 = st_test1;
free(st_test1.ptest1);
free(st_test1.ptest2);
free(st_test2.ptest1);
free(st_test2.ptest2);
return 0;
}
编译并运行
root@ubuntu:/Deepinfar/IIIA/SegmentFault/5.memwatch# gcc -DMEMWATCH -DMW_STDIO double_free_c.c memwatch.c -g
root@ubuntu:/Deepinfar/IIIA/SegmentFault/5.memwatch# ./a.out
MEMWATCH detected 4 anomalies
root@ubuntu:/Deepinfar/IIIA/SegmentFault/5.memwatch# cat memwatch.log
============= MEMWATCH 2.71 Copyright (C) 1992-1999 Johan Lindh =============
Started at Sun Mar 3 16:37:15 2019
Modes: __STDC__ 64-bit mwDWORD==(unsigned long)
mwROUNDALLOC==8 sizeof(mwData)==32 mwDataSize==32
double-free: <7> double_free_c.c(37), 0x9df51d0 was freed from double_free_c.c(35)
double-free: <8> double_free_c.c(38), 0x9df5220 was freed from double_free_c.c(36)
Stopped at Sun Mar 3 16:37:15 2019
unfreed: <4> double_free_c.c(32), 82 bytes at 0x9df5300 {FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE ................}
unfreed: <3> double_free_c.c(30), 64 bytes at 0x9df5288 {FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE ................}
Memory usage statistics (global):
N)umber of allocations made: 4
L)argest memory usage : 218
T)otal of all alloc() calls: 218
U)nfreed bytes totals : 146
root@ubuntu:/Deepinfar/IIIA/SegmentFault/5.memwatch#
重点的是 一定加上参数 -DMEMWATCH 并且 在所有头文件中引用 memwatch.h