内存访问错误和警告

Discover 会检测和报告许多内存访问错误，并就可能是错误的访问向您发出警告。

内存访问错误

Discover 可检测到以下内存访问错误：

• ABR：超出数组边界的读取

• ABW：超出数组边界的写入

• BFM：释放错误的内存块

• BRP：错误的重新分配地址参数

• CGB：损坏的数组保护块

• DFM：双重释放内存

• FMR：读取释放的内存

• FMW：写入释放的内存

• FRP：释放的重新分配参数

• IMR：无效的内存读取

• IMW：无效的内存写入

• PIR：部分初始化的读取

• SBR：超出栈帧边界的读取

• SBW：超出栈帧边界的写入

• UAR：未分配内存的读取

• UAW：未分配内存的写入

• UMR：未初始化内存的读取

以下几部分列出了一些简单的示例程序，这些程序会生成上述某些错误。

ABR

#include <stdio.h>
#include <stdlib.h>
int main()
{
  //  ABR: reading memory beyond array bounds at address 0x%1x (%d byte%s)"
  int *a = (int*) malloc(sizeof(int[5]));
  printf("a[5] = %d\n",a[5]);
)

ABW

#include <stdlib.h>
int main()
{
  //  ABW:  writing to memory beyond array bounds
  int *a = (int*) malloc(sizeof(int[5]));
  a[5] = 5;
}

BFM

#include <stdlib.h>
int main()
{

  //  BFM:  freeing wrong memory block
  int *p = (int*) malloc(sizeof(int));
  free(p+1);
}

BRP

#include <stdlib.h>
int main()
{
  //  BRP is "bad address parameter for realloc 0x%1x"
  int *p = (int*) realloc(0,sizeof(int));
  int *q = (int*) realloc(p+20,sizeof(int[2]));
}

DFM

#include <stdlib.h>
int main()
{
  // DFM is "double freeing memory"
  int *p = (int*) malloc(sizeof(int));
  free(p);
  free(p);'
}

FMR

#includ <stdio.h>
#include <stdlib.h>
int main()
{
  //  FMR is "reading from freed memory at address 0x%1x  (%d byte%s)"
  int *p = (int*) malloc(sizeof(int));
  free(p);
  printf("p = 0x%h\n",p);
}

FMW

#include <stdlib.h>
int main()
{
  //  FMW is "writing to freed memory at address 0x%1x (%d byte%s)"
  int *p = (int*) malloc(sizeof(int));
  free(p);
  *p = 1;
}

FRP

#include <stdlib.h>
int main()
{
  //  FRP:  freed pointer passed to realloc
  int *p = (int*) malloc(sizeof(int));
  free(0);
  int *q = (int*) realloc(p,sizeof(int[2]));
}

IMR

#include <stdlib.h>
int main()
{
  //  IMR:  read from invalid memory address
  int *p = 0;
  int i = *p;   // generates Signal 11...
}

IMW

#include <stdlib.h>
int main()
{
  //  IMW:  write to invalide memory address
  int *p = 0;
  *p = 1;       // generates Signal 11...
}

PIR

#include <stdio.h>
#include <stdlib.h>
int main()
{
  //  PIR:  accessing partially initialized data
  int *p = (int*) malloc(sizeof(int));
  *((char*)p) = 'c';
  printf("*(p = %d\n",*(p+1));
}  

UAR

#include <stdio.h>
#include <stdlib>
int main()
{
  //  UAR is "reading from unallocated memory"
  int *p = (int*) malloc(sizeof(int));
  printf("*(p+1) = %d\n",*(p+1));
}

UAW

#include <stdio.h>
#include <stdlib.h>
int main()
{
  // UAW is "writing to unallocated memory"
  int *p = (int*) malloc(sizeof(int));
  *(p+1) = 1;
}

UMR

#include <stdio.h>
#include <stdlib.h>
int main()
{
  // UMR is "accessing uninitialized data from address 0x%1x (A%d byte%s)"
  int *p = (int*) malloc(sizeof(int));
  printf("*p = %d\n",*p);
} 

内存访问警告

Discover 会报告下列内存访问警告：

• AZS：分配零大小

• NAR：无注释读取

• NAW：无注释写入

• SMR：可疑内存读取

• SMW：可疑内存写入

• UFR：未知栈帧读取

• UFW：未知栈帧写入

• USR：读取时状态未知

• USW：写入时状态未知

下面列出了一个会生成 AZS 警告的简单示例程序。

AZS

#include <stdlib.h>
int main()
{
  //  AZS:  allocating zero size memory block
  int *p = malloc();
}