Glib memory leak using valgrind investigation - c++

I know that there is similiar thread before here about this problem and on this site https://live.gnome.org/Valgrind had been explained, I wrote my simple program below
#include <glib.h>
#include <glib/gprintf.h>
#include <iostream>
int main()
{
const gchar *signalfound = g_strsignal(1);
std::cout << signalfound<< std::endl;
return 0;
}
but when I tried to check using valgrind using this command
G_DEBUG=gc-friendly G_SLICE=always-malloc valgrind --leak-check=full --leak-resolution=high ./g_strsignal
and here is the result
==30274== Memcheck, a memory error detector
==30274== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==30274== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==30274== Command: ./g_strsignal
==30274== Parent PID: 5201
==30274==
==30274==
==30274== HEAP SUMMARY:
==30274== in use at exit: 14,746 bytes in 18 blocks
==30274== total heap usage: 24 allocs, 6 frees, 23,503 bytes allocated
==30274==
==30274== LEAK SUMMARY:
==30274== definitely lost: 0 bytes in 0 blocks
==30274== indirectly lost: 0 bytes in 0 blocks
==30274== possibly lost: 0 bytes in 0 blocks
==30274== still reachable: 14,746 bytes in 18 blocks
==30274== suppressed: 0 bytes in 0 blocks
==30274== Reachable blocks (those to which a pointer was found) are not shown.
==30274== To see them, rerun with: --leak-check=full --show-reachable=yes
==30274==
==30274== For counts of detected and suppressed errors, rerun with: -v
==30274== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
I noticed that what was valgrind said "Reachable blocks (those to which a pointer was found) are not shown.". then I try to check the gmem.c
source on corresponding function since I used glib-2.35.4 version. I found following code
gpointer
g_malloc (gsize n_bytes)
{
if (G_LIKELY (n_bytes))
{
gpointer mem;
mem = glib_mem_vtable.malloc (n_bytes);
TRACE (GLIB_MEM_ALLOC((void*) mem, (unsigned int) n_bytes, 0, 0));
if (mem)
return mem;
g_error ("%s: failed to allocate %"G_GSIZE_FORMAT" bytes",
G_STRLOC, n_bytes);
}
TRACE(GLIB_MEM_ALLOC((void*) NULL, (int) n_bytes, 0, 0));
return NULL;
}
And my question is
Is this still a normal situation on where valgrind had said "Reachable blocks (those to which a pointer was found) are not shown.", and I think this statement is refer to the g_malloc function above in which has returning mem a gpointer variable?
If not are there any alternatives to solve, "still reachable: 14,746 bytes in 18 blocks" on what valgrind had said above?
I'm running x86 fedora 18
thanks

It most likely refers to dynamically allocated memory returned by the function g_strsignal().
valgrind says "Reachable blocks....", because a valid pointer(signalfound) still points to the dynamically allocated memory.
If Valgrind finds that a pointer to pointing to dynamic memory is lost(overwritten) then it reports a "definite leak...", Since it can conclusively say that the dynamic block of memory can never be freed. In your case the pointer still points to the block valgrind does not assume it is lost but it assumes it is probably by design.

Related

Valgrind false memory leak for a pointer stored in a static std::list

Valgrind shows a memory leak for a pointer stored in static std::list variable. below is the sample code.
Leak shown for "auto t = new Abc;" ( definitely lost: 4 bytes in 1 blocks)
Is this a BUG in Valgrind ?
Is there a solution/workaround (other than clearing the Pool::queue manually) ?
#include <list>
struct Abc
{
int y = 9;
};
struct Pool
{
static std::list<Abc*> queue;
~Pool()
{
for (auto p : queue)
{
delete p;
}
}
};
std::list<Abc*> Pool::queue;
int main ()
{
auto t = new Abc; //<<<<<<<<<<< Leak shown for this
Pool::queue.push_back(t);
return 0;
}
Valgrind output
g++ -ggdb Main.cpp
valgrind --leak-check=full ./a.out
==8807== Memcheck, a memory error detector
==8807== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==8807== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==8807== Command: ./a.out
==8807==
==8807==
==8807== HEAP SUMMARY:
==8807== in use at exit: 4 bytes in 1 blocks
==8807== total heap usage: 3 allocs, 2 frees, 72,732 bytes allocated
==8807==
==8807== 4 bytes in 1 blocks are definitely lost in loss record 1 of 1
==8807== at 0x4C2A1E3: operator new(unsigned long) (vg_replace_malloc.c:334)
==8807== by 0x4007D9: main (Main.cpp:26)
==8807==
==8807== LEAK SUMMARY:
==8807== definitely lost: 4 bytes in 1 blocks
==8807== indirectly lost: 0 bytes in 0 blocks
==8807== possibly lost: 0 bytes in 0 blocks
==8807== still reachable: 0 bytes in 0 blocks
==8807== suppressed: 0 bytes in 0 blocks
==8807==
==8807== For counts of detected and suppressed errors, rerun with: -v
==8807== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
The std::list destructs (the compiler takes care of that for a static object), the objects in it don't as that's the job of ~Pool, which the code doesn't invoke anywhere. The Abc instance survives and is indeed not reachable, the leak report is correct.
Answer by #dratenik is the correct answer, I am posting the modified code according to his answer so that some other dev my might find it useful
#include <list>
struct Abc
{
int y = 9;
};
struct List
{
std::list<Abc*> queue;
void push_back(Abc* p)
{
queue.push_back(p);
}
~List()
{
for (auto& p : queue)
{
delete p;
}
}
};
struct Pool
{
static List queue;
};
List Pool::queue;
int main ()
{
auto t = new Abc;
Pool::queue.push_back(t);
return 0;
}

throw() with clang++ shows possible memory leak

I have a piece of code, which when compiled with g++ does not show any memory leaks.
Whereas, the same when compiled with clang++ shows, possible memory leak.
Here's the trace,
==7115==
==7115== HEAP SUMMARY:
==7115== in use at exit: 16 bytes in 1 blocks
==7115== total heap usage: 2,324 allocs, 2,323 frees, 2,166,060 bytes allocated
==7115==
==7115== 16 bytes in 1 blocks are still reachable in loss record 1 of 1
==7115== at 0x4C2BFB9: calloc (vg_replace_malloc.c:762)
==7115== by 0x4129830: __cxxabiv1::__calloc_with_fallback(unsigned long, unsigned long) (in /opt/xxx/lib64/libc++abi.so.1)
==7115== by 0x4128946: __cxa_get_globals (in /opt/xxx/lib64/libc++abi.so.1)
==7115== by 0x412B287: __cxa_throw (in /opt/xxx/lib64/libc++abi.so.1)
==7115== by 0x4E712AE: Lib::GenCmd::RaiseException(Status, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >) (LibBase.cpp:291)
==7115==
==7115== LEAK SUMMARY:
==7115== definitely lost: 0 bytes in 0 blocks
==7115== indirectly lost: 0 bytes in 0 blocks
==7115== possibly lost: 0 bytes in 0 blocks
==7115== still reachable: 16 bytes in 1 blocks
==7115== suppressed: 0 bytes in 0 blocks
==7115==
==7115== For counts of detected and suppressed errors, rerun with: -v
Well, its not possible to share the code snippet, but I can tell you RaiseException() is the function where I have a call made to throw() (at line 291) an exception. Here's the function snippet:
void GenCmd::RaiseException(Status status, std::string AdditionalMsg) throw(Status) {
s_last_error = GetStatusString(status);
if (false == AdditionalMsg.empty()) {
s_last_error = s_last_error + AdditionalMsg;
}
throw(status);
}
Status is a structure, defined as below (along with default, parameterized & copy constructors)
typedef struct _Status {
const u64_t m_status : 8;
const u64_t ReservedByte1 : 8;
const u64_t m_action : 8;
const u64_t ReservedByte3 : 5;
const u64_t m_testbit1 : 1;
const u64_t m_testbit2 : 1;
const u64_t m_cmd_failure : 1;
const u64_t m_module_code : 4;
const u64_t m_file_code : 8;
const u64_t ReservedByte7 : 4;
const u64_t m_line_no : 16;
}Status
The fact, that no leaks are seen with GCC, but only with Clang makes me think this to be some issue with Clang. (With Clang, I mean it could be libcxxabi as well)
I was navigating through the source for clang, & __cxa_get_globals() is the function where a calloc() call is made. I am not yet sure of the execution flow for clang.
Any idea or any inputs which could confirm this to be a Clang issue & not my code issue?
Here's the clang version I am using. The code is compiled with C++11, additionally with '-stdlib=libc++, '-lc++', '-lc++abi'.
[user~]$ clang --version
clang version 7.1.0
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /usr/local/bin
Update: This exception is raised from the constructor.
Update
I wrote another dummy code to see the behaviour with Clang, & it seems the issue is actually with the Clang (libc++abi).
Have a look at the below naive code
#include <iostream>
#include <stdexcept>
class Positive {
int m_number1;
public:
Positive() : m_number1(10) {
}
Positive(int no) {
if (no < 0) {
// throw 100;
throw std::invalid_argument("Send positive nu");
} else {
m_number1 = no;
}
}
~Positive() {
}
void print() {
std::cout<< "Value of member is: " <<m_number1 <<std::endl;
}
};
int main() {
try {
Positive p1;
p1.print();
Positive p2(100);
p2.print();
Positive p3(-10);
p3.print();
} catch(...) {
std::cout << "Some Exception occured" <<std::endl;
}
return 0;
}
Even on executing the above code, I saw the same result on Valgrind. Here's the output:
[user]$ valgrind --leak-check=full --leak-resolution=high --show-leak-kinds=all ./a.out
==119789== Memcheck, a memory error detector
==119789== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==119789== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==119789== Command: ./a.out
==119789==
Value of member is: 10
Value of member is: 100
Some Exception occured
==119789==
==119789== HEAP SUMMARY:
==119789== in use at exit: 16 bytes in 1 blocks
==119789== total heap usage: 3 allocs, 2 frees, 201 bytes allocated
==119789==
==119789== 16 bytes in 1 blocks are still reachable in loss record 1 of 1
==119789== at 0x4C2BFB9: calloc (vg_replace_malloc.c:762)
==119789== by 0x40FF830: __cxxabiv1::__calloc_with_fallback(unsigned long, unsigned long) (in /usr/local/lib/libc++abi.so.1.0)
==119789== by 0x40FE946: __cxa_get_globals (in /usr/local/lib/libc++abi.so.1.0)
==119789== by 0x4101287: __cxa_throw (in /usr/local/lib/libc++abi.so.1.0)
==119789== by 0x4014B0: Positive::Positive(int) (in /home/user/test/a.out)
==119789== by 0x4010F9: main (in /home/user/test/a.out)
==119789==
==119789== LEAK SUMMARY:
==119789== definitely lost: 0 bytes in 0 blocks
==119789== indirectly lost: 0 bytes in 0 blocks
==119789== possibly lost: 0 bytes in 0 blocks
==119789== still reachable: 16 bytes in 1 blocks
==119789== suppressed: 0 bytes in 0 blocks
==119789==
==119789== For counts of detected and suppressed errors, rerun with: -v
==119789== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
[user]$
Interestingly, it shows 3 allocations made. Which I am assuming to be something related to the 3rd object, but how can I ensure that is cleared (or not allocated itself)?
Probably, the same thing can help me fix my original code.
I also found this problem. It actually occurs if your code throws anything at least once, so the simplest reproduction scenario is just running this code:
int
main()
{
try {
throw 42;
} catch (int) {}
}
However, if you throw several times there is still just one 16-bytes "leaked" block (which is not really leaked, since it is still reachable from some global variable). Digging into libc++abi library sources shows that such blocks are actually allocated once per thread to hold some exception processing context, and each one is freed when a thread is destroyed since it uses TLS and have proper destructor registered. So after all, it looks totally safe and is not an issue.

Error was detected while a C++MEX interface was running which crashed Matlab although compiling was successful?

I am wrapping a C++ code into Matlab by using mex C++ interface. Although compiling was successful, Matlab crashes when running the function in the code and I do not what is causing it! I am using Matlab 2019a, and I am using the following code
#include "mex.hpp"
#include "mexAdapter.hpp"
#include "RBergomi.h"
using namespace matlab::mex;
using namespace matlab::data;
class MexFunction : public matlab::mex::Function {
public:
void operator()(matlab::mex::ArgumentList outputs, matlab::mex::ArgumentList inputs) {
Vector H(1);
H= Vector { 0.07};
Vector eta(1);
eta= Vector { 1.9};
Vector rho(1) ;
rho= Vector { -0.9};
Vector T(1) ;
T = Vector { 1.0};
Vector K(1) ;
K= Vector { 1.0 };
double xi = 0.0552;
int N = 2;
long M = 1;
Vector W1(2);
W1= Vector { 1.0, 0.0};
Vector W1perp(2);
W1perp = Vector { 1.0 ,0.0};
RBergomiST Obj=RBergomiST(xi, H, eta, rho, T, K, N, M);
double RB;
price(RB, Obj, W1, W1perp );
outputs[0][0] = RB;
}
void price(double RB, RBergomiST Obj, const Vector& W1, const Vector& W1perp) {
RB=Obj.ComputePayoffRT_single(W1, W1perp);
}
};
For compiling I did
mex -g Bergomi_interface.cpp -lfftw3 RBergomi.cpp ParamTot.cpp BlackScholes.cpp
which went successfully but I have the crash of Matlab and this message when running it.
I tried to check if I have a memory leak with Valgrind and I got this final output after fixing some memory leaks but still Matlab crashes.
==6751== Memcheck, a memory error detector
==6751== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==6751== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==6751== Command: ./RBergomi
==6751==
==6751==
==6751== HEAP SUMMARY:
==6751== in use at exit: 72,704 bytes in 1 blocks
==6751== total heap usage: 1,455 allocs, 1,454 frees, 368,936 bytes allocated
==6751==
==6751== 72,704 bytes in 1 blocks are still reachable in loss record 1 of 1
==6751== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-
amd64->linux.so)
==6751== by 0x52C1EFF: ??? (in /usr/lib/x86_64-linux-
gnu/libstdc++.so.6.0.21)
==6751== by 0x40106C9: call_init.part.0 (dl-init.c:72)
==6751== by 0x40107DA: call_init (dl-init.c:30)
==6751== by 0x40107DA: _dl_init (dl-init.c:120)
==6751== by 0x4000C69: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so)
==6751==
==6751== LEAK SUMMARY:
==6751== definitely lost: 0 bytes in 0 blocks
==6751== indirectly lost: 0 bytes in 0 blocks
==6751== possibly lost: 0 bytes in 0 blocks
==6751== still reachable: 72,704 bytes in 1 blocks
==6751== suppressed: 0 bytes in 0 blocks
==6751==
==6751== For counts of detected and suppressed errors, rerun with: -v
==6751== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

Why in "std::ostream &operator<<" I have memory leaking?

So, I have a simple code :
main.cpp:
#include "source/core/Vector2D.h"
int main(int argc, char **argv)
{
Vector2D vector;
return 0;
}
Vector2D.h:
#ifndef VECTOR2D_H
#define VECTOR2D_H
// Стандартные библиотеки C++
#include <cmath>
#include <ostream>
class Vector2D
{
public:
Vector2D();
~Vector2D();
friend std::ostream &operator<<(std::ostream& os, const Vector2D &v);
protected:
double m_x;
double m_y;
private:
};
#endif // VECTOR2D_H
And Vector2D.cpp
#include "Vector2D.h"
Vector2D::Vector2D()
{
m_x = m_y = 0;
}
Vector2D::~Vector2D()
{
//dtor
}
std::ostream &operator<<(std::ostream& os, const Vector2D &v)
{
os<<'{'<<v.m_x<<';'<<v.m_y<<'}';
os.flush();
return os;
}
If I check this code with valgrind then :
valgrind --leak-check=full --show-leak-kinds=all ./Game
==9886== Memcheck, a memory error detector
==9886== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9886== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==9886== Command: ./Game
==9886==
==9886==
==9886== HEAP SUMMARY:
==9886== in use at exit: 72,704 bytes in 1 blocks
==9886== total heap usage: 1 allocs, 0 frees, 72,704 bytes allocated
==9886==
==9886== 72,704 bytes in 1 blocks are still reachable in loss record 1 of 1
==9886== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9886== by 0x4EC3EFF: ??? (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21)
==9886== by 0x40104E9: call_init.part.0 (dl-init.c:72)
==9886== by 0x40105FA: call_init (dl-init.c:30)
==9886== by 0x40105FA: _dl_init (dl-init.c:120)
==9886== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so)
==9886==
==9886== LEAK SUMMARY:
==9886== definitely lost: 0 bytes in 0 blocks
==9886== indirectly lost: 0 bytes in 0 blocks
==9886== possibly lost: 0 bytes in 0 blocks
==9886== still reachable: 72,704 bytes in 1 blocks
==9886== suppressed: 0 bytes in 0 blocks
==9886==
==9886== For counts of detected and suppressed errors, rerun with: -v
==9886== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
72 kbytes of what? What is wrong with my code or it is some compiler or std library bug?
Compiler flags :
-std=c++1y -I/usr/include/SDL2 -I"/home/maxim/workspace/Game/cppadv_game" -O0 -g3 -pedantic -pedantic-errors -Wall -Werror -c -fmessage-length=0
UPD:
It is some std library bug :
maxim#MaximPC:echo "#include <iostream>
> int main() {return 0;} " > prog.cpp
maxim#MaximPC:~/workspace/hello_world/Debug$ g++ prog.cpp -o prog
maxim#MaximPC:~/workspace/hello_world/Debug$ valgrind ./prog
==11116== Memcheck, a memory error detector
==11116== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==11116== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==11116== Command: ./prog
==11116==
==11116==
==11116== HEAP SUMMARY:
==11116== in use at exit: 72,704 bytes in 1 blocks
==11116== total heap usage: 1 allocs, 0 frees, 72,704 bytes allocated
==11116==
==11116== LEAK SUMMARY:
==11116== definitely lost: 0 bytes in 0 blocks
==11116== indirectly lost: 0 bytes in 0 blocks
==11116== possibly lost: 0 bytes in 0 blocks
==11116== still reachable: 72,704 bytes in 1 blocks
==11116== suppressed: 0 bytes in 0 blocks
==11116== Rerun with --leak-check=full to see details of leaked memory
==11116==
==11116== For counts of detected and suppressed errors, rerun with: -v
==11116== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
There's no error here:
==11116== LEAK SUMMARY:
==11116== definitely lost: 0 bytes in 0 blocks
==11116== indirectly lost: 0 bytes in 0 blocks
==11116== possibly lost: 0 bytes in 0 blocks
==11116== still reachable: 72,704 bytes in 1 blocks
Its telling you that there are no lost bytes, just 72K of data globally accessable -- stuff allocated by the standard library and still accessable when the program exits. The standard library doesn't bother to delete this stuff, as it is a waste of time -- the memory is reclaimed automatically when the process exits.
Looking at the detailed summary, this looks to be memory used to load a dynamic library at startup (probably the libstc++ library)

GMP mpf functions causing a segmentation fault

I can not figure out that is causing this error. I just installed GMP on ubuntu. This is a 64 bit OS on an AMD cpu (not sure if it matters). I keep getting a segmentation fault.
#include <stdio.h>
#include <stdlib.h>
#include <gmp.h>
#include <time.h>
int main(int argc, char** argv)
{
mpz_t sum, fac;
mpf_t fsum, ffac;
int i;
time_t t;
mpz_init_set_ui(sum, 1);
mpz_init_set_ui(fac, 1);
t = time(NULL);
for(i = 10000; i >= 1; --i)
{
mpz_mul_ui(fac, fac, i);
mpz_add(sum, sum, fac);
if(i % 10000 == 0)
{
printf("%d\n", i);
}
}
printf("Time %d\n", (time(0) - t));
mpf_init(fsum);
mpf_init(ffac);
mpf_set_z(fsum, sum);
mpf_set_z(ffac, fac);
mpz_clear(sum);
mpz_clear(fac);
mpf_div(fac, sum, fac);
mpf_out_str(stdout, 10, 50, fac);
mpf_clear(fsum);
mpf_clear(ffac);
return(EXIT_SUCCESS);
}
This code outputs the following...
10000
Time 0
Segmentation fault (core dumped)
I then tried to run this program with valgrind and this is the output.
==25427== Memcheck, a memory error detector
==25427== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==25427== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info
==25427== Command: /home/chase/NetBeansProjects/GmpECalc/dist/Debug/GNU-Linux-x86/gmpecalc
==25427==
10000
Time 1
==25427== Invalid read of size 8
==25427== at 0x4E8E590: __gmpn_copyi (in /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3)
==25427== by 0x400B27: main (main.c:40)
==25427== Address 0x73b0000073c is not stack'd, malloc'd or (recently) free'd
==25427==
==25427==
==25427== Process terminating with default action of signal 11 (SIGSEGV)
==25427== Access not within mapped region at address 0x73B0000073C
==25427== at 0x4E8E590: __gmpn_copyi (in /usr/lib/x86_64-linux-gnu/libgmp.so.10.1.3)
==25427== by 0x400B27: main (main.c:40)
==25427== If you believe this happened as a result of a stack
==25427== overflow in your program's main thread (unlikely but
==25427== possible), you can try to increase the size of the
==25427== main thread stack using the --main-stacksize= flag.
==25427== The main thread stack size used in this run was 8388608.
==25427==
==25427== HEAP SUMMARY:
==25427== in use at exit: 48 bytes in 2 blocks
==25427== total heap usage: 3,706 allocs, 3,704 frees, 27,454,096 bytes allocated
==25427==
==25427== LEAK SUMMARY:
==25427== definitely lost: 0 bytes in 0 blocks
==25427== indirectly lost: 0 bytes in 0 blocks
==25427== possibly lost: 0 bytes in 0 blocks
==25427== still reachable: 48 bytes in 2 blocks
==25427== suppressed: 0 bytes in 0 blocks
==25427== Rerun with --leak-check=full to see details of leaked memory
==25427==
==25427== For counts of detected and suppressed errors, rerun with: -v
==25427== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)
The error seems to be occurring at the mpf_div function. However, if I remove this function the error will occur at mpf_out_str. I also tried initializing ffac and fsum to doubles (instead of setting them to the fac and sum) and I get the same error.
Problem is in this lines:
mpz_clear(sum); // You clear the variables, GMP deallocates their memory
mpz_clear(fac);
mpf_div(fac, sum, fac); // You use cleared variables, segfault
Maybe you meant:
mpf_div(ffac, fsum, ffac);