Tools like valgrind

It basically checks for bad memory usage such as buffer overflows as well as leaks. It has a performance penalty of roughly 2x, which whilst it is a large impact is still significantly better than Valgrind. You may need to install the package libasan on your Linux distribution of choice. It has a typical slowdown of 5x — 15x and a memory overhead of 5x — 10x.

You should not try to use this with the asan flag. The Undefined Behaviour Sanitizer ubsan for short does exactly what it says on the tin, it detects undefined behaviour usage in your application that can lead to bugs and portability issues and it is extremely fast. Another example from the Clang manual:. This is just a basic introduction to the available sanitizers, they have many more features and there are several more available. You are commenting using your WordPress. You are commenting using your Google account.

You are commenting using your Twitter account. You are commenting using your Facebook account. Notify me of new comments via email. Are you referring to something like where you do something that is normally invalid e. You can hardly hold that against Valgrind though since it is additional functionality that leads to that: ASAN never false-positives on uninit reads because it never, ever detects such reads in the first place.

Anecdotally I get zero false positives with Valgrind on every project I have used it on recently. Do you have another reading of the documentation? I agree that it is a crippling limitation. It is certainly an argument in favour of valgrind that I did not have before. I get false positives all the time with valgrind, or rather, I get emails from people who complain about bugs that valgrind found in code that I wrote… that are provably not bugs….

To be clear, what I mean by false positive is not that valgrind is wrong per se. Uninitialized memory is indeed read in this example. What I mean is that there are legitimate uses of code that does not initialize everything. My example will pass the memory sanitizers because I have white-listed the offending function. It is possible that I can do the same with valgrind. We should be precise when talk about sanitizers. MSAN got the better name, leading to confusion when people talk about lower-case-m memory sanitizers.

About the documentation, I looked it up twice. The second time was fairly recently, when I spent a while debugging a sporadic uninitialized read issue using ASAN. Again I found text like this :. When un-instrumented libraries includes the standard libraries, you are are dead in the water. I would also argue that this function is not correct in general when it reads beyond the end of the initialized array: if the initialized part of the array has no zeros, the answer will depend on the uninitialized part, no?

Certainly MSAN will. One might also argue that it is better to fail always here since this is almost always a bug, so just whitelist the remaining cases. Valgrind definitely has whitelisting capabilities, and a search should turn up the details.

Maybe you want to whitelist at the source level though? Agreed, but to be clear Valgrind has no issue with this in general, as it tracks which parts of the buffer have been initialized and only complains when you read and then subsequently use the unitialized part.

That is much more rare and generally only appears in highly optimized code which is able to read slightly past the end of the buffer yes, this is the code that you happen to deal with every day, so to you it probably seems like a lot of false positives. IMO it is practical to whitelist these few places, or do what I do as a mitigation: just initialize e. That is much more rare and generally only appears in highly optimized code which is able to read slightly past the end of the buffer […].

Based on personal experience, I would consider such code to be broken. It tends to work most of the time, until your buffer happens to end on a page boundary and the next page is unmapped. The result is a segfault that is exceedingly hard to reproduce. Basically you create a loop like this:.

You have to check for the end anyway. The careful operation is slower, but you only use it a few times at the end of the loop. I do not disagree with this sentiment. Yet it is a cheap one-time cost to check whether you are going to cross a page. Main annoyance is that you need two copies of whatever you are doing. So the cost is primarily to the human coder, not runtime cost. Either you build simple and slow code, or else you build more complex but faster code.

Of course, experienced programmers know that complexity is not free. Throw enough complexity into a code base and soon enough progress slows down to a crawl. Yes, I was talking about the type of code which reads past the end of the buffer, but makes sure it is safe first typically by ensuring it will not cross into the next page.

Learn more. Alternative to valgrind memcheck for finding leaks on linux? Asked 10 years, 4 months ago. Active 1 year, 3 months ago. Viewed 19k times. Improve this question. Community Bot 1 1 1 silver badge. Add a comment. Active Oldest Votes. Improve this answer. Just wanted to add that it is bit only. SantoshTiwari: I don't think so. I think what you mean to say that binary packages for your platform may only be available for a particular platform.

DynamoRIO is flexible and also works on some 64bit platforms. Memory release does not support bit applications.