Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Studio 12.3: Discover and Uncover User's Guide Oracle Solaris Studio 12.3 Information Library |
2. Memory Error Discovery Tool (Discover)
Requirements for Using Discover
Binaries Must Be Prepared Correctly
Binaries That Use Preloading or Auditing Cannot Be Used
Binaries That Redefine Standard Memory Allocation Functions Can Be Used
Instrumenting a Prepared Binary
Instrumenting Shared Libraries
SUNW_DISCOVER_OPTIONS Environment Variable
SUNW_DISCOVER_FOLLOW_FORK_MODE Environment Variable
Running an Instrumented Binary
Interpreting Discover Error Messages
Limitations When Using Discover
Only Annotated Code is Instrumented
Machine Instruction Might Differ From Source Code
Compiler Options Affect the Generated Code
System Libraries Can Affect the Errors Reported
Custom Memory Management Can Affect the Accuracy of the Data
Out of Bounds Errors for Static and Automatic Arrays Cannot Be Detected
Discover detects and reports many memory access errors, as well as warning you about accesses that might be errors.
Discover detects the following memory access errors:
ABR: beyond Array Bounds Read
ABW: beyond Array Bounds Write
BFM: Bad Free Memory
BRP: Bad Realloc address Parameter
CGB: Corrupted array Guard Block
DFM: Double Freeing Memory
FMR: Freed Memory Read
FMW: Freed Memory Write
FRP: Freed Realloc Parameter
IMR: Invalid Memory Read
IMW: Invalid Memory Write
Memory leak
OLP: OverLaPping source and destination
PIR: Partially Initialized Read
SBR: beyond Stack frame Bounds Read
SBW: beyond Stack frame Bounds Write
UAR: UnAllocated memory Read
UAW: UnAllocated memory Write
UMR: Unitialized Memory Read
The following sections list some simple sample programs that will produce some of these errors.
// ABR: reading memory beyond array bounds at address 0x%1x (%d byte%s)" int *a = (int*) malloc(sizeof(int[5])); printf("a[5] = %d\n",a[5]);
// ABW: writing to memory beyond array bounds int *a = (int*) malloc(sizeof(int[5])); a[5] = 5;
// BFM: freeing wrong memory block int *p = (int*) malloc(sizeof(int)); free(p+1);
// BRP is "bad address parameter for realloc 0x%1x" int *p = (int*) realloc(0,sizeof(int)); int *q = (int*) realloc(p+20,sizeof(int[2]));
// DFM is "double freeing memory" int *p = (int*) malloc(sizeof(int)); free(p); free(p);'
// FMR is "reading from freed memory at address 0x%1x (%d byte%s)" int *p = (int*) malloc(sizeof(int)); free(p); printf("p = 0x%h\n",p);
// FMW is "writing to freed memory at address 0x%1x (%d byte%s)" int *p = (int*) malloc(sizeof(int)); free(p); *p = 1;
// FRP: freed pointer passed to realloc int *p = (int*) malloc(sizeof(int)); free(0); int *q = (int*) realloc(p,sizeof(int[2]));
// IMR: read from invalid memory address int *p = 0; int i = *p; // generates Signal 11...
// IMW: write to invalid memory address int *p = 0; *p = 1; // generates Signal 11...
char *s=(char *) malloc(15); memset(s, 'x', 15); memcpy(s, s+5, 10); return 0;
// PIR: accessing partially initialized data int *p = (int*) malloc(sizeof(int)); *((char*)p) = 'c'; printf("*(p = %d\n",*(p+1));
int a[2]={0,1}; printf("a[-10]=%d\n",a[-10]); return 0;
int a[2]={0,1)' a[-10]=2; return 0;
// UAR is "reading from unallocated memory" int *p = (int*) malloc(sizeof(int)); printf("*(p+1) = %d\n",*(p+1));
// UAW is "writing to unallocated memory" int *p = (int*) malloc(sizeof(int)); *(p+1) = 1;
// UMR is "accessing uninitialized data from address 0x%1x (A%d byte%s)" int *p = (int*) malloc(sizeof(int)); printf("*p = %d\n",*p);
Discover reports the following memory access warnings:
AZS: allocating zero size
SMR: speculative unitialized memory read
The following section lists a simple example program that will produce an AZS warning.
// AZS: allocating zero size memory block int *p = malloc();