需求
- 项目程序, 读取串口数据, 出现程序崩溃问题
- valgrind 可以调试定位内存问题: 内存泄漏,非法地址访问,越界访问等内存问题
- vscode + gdb 可视化调试效果, 比命令行简单快捷很多
- 期望使用vscode + valgrind + gdb 调试程序内存异常, 崩溃退出的问题
环境准备
sudo apt install valgrind gdb
调试
1.valgrind + gdb 命令行调试程序
1.代码
51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c
#include <stdio.h>
#include <string.h>
#include <stdint.h>// 1.内存泄漏
void memory_leak(void)
{char *p = (char *)malloc(1024);memset(p, 0, 1024);
}// 2.非法地址访问
void invalid_address_access(void)
{// uint8_t *p = 0x12345678;uint8_t *p = NULL;uint8_t val = *p;printf("val = %d\n", val);
}// 3.栈空间越界 读写
void corss_border_read_write(void)
{uint32_t a = 0x10;uint32_t *p = &a + 0x8;// 越界读 -- 导致逻辑错误printf("Invalid address read %x\n", *p);// 越界写 -- 程序错误*p = 0x12345678;printf("Invalid address write %x\n", *p);
}// 4.堆空间越界访问, 属于2.非法地址访问int main()
{memory_leak();corss_border_read_write();invalid_address_access();return 0;
}
2.编译
scons编译
SConstruct
env = Environment()
env["PROGSUFFIX"] = ".out" # 可执行后缀.out
env["CCFLAGS"] = " -g3 -O0 -Wall" # gdb 调试开关
env.Program("51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c")
scons
g++ -o 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.o -c -g3 -O0 --std=c99 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.c
g++ -o 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.o
3.valgrind开启vgdb调试
valgrind --leak-check=full --show-leak-kinds=all --vgdb=yes --vgdb-error=0 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out
3279 Memcheck, a memory error detector
3279 Copyright © 2002-2017, and GNU GPL’d, by Julian Seward et al.
3279 Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
3279 Command: ./51_mem_valgrind_____________________________________________.out
3279
3279 (action at startup) vgdb me …
3279
3279 TO DEBUG THIS PROCESS USING GDB: start GDB like this
3279 /path/to/gdb ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out
3279 and then give GDB the following command
3279 target remote | /usr/lib/x86_64-linux-gnu/valgrind/…/…/bin/vgdb --pid=3279
3279 --pid is optional if only one valgrind process is running
valgrind 参数说明:
- –leak-check=full 内存泄漏检测
- –show-leak-kinds=all 详细各种异常检测
- –vgdb=yes --vgdb-error=0 开启vgdb
4.gdb 调试
gdb 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out
Reading symbols from ./51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out…
(gdb)target remote|vgdb
#远程到vgdb调试
Remote debugging using |vgdb
relaying data between gdb and process 3279
Reading symbols from /usr/lib/debug/.build-id/7a/e2aaae1a0e5b262df913ee0885582d2e327982.debug…
0x0000000004001100 in _start () from /lib64/ld-linux-x86-64.so.2
c
按c开始运行
命令行效果如图:
2.vscode + valgrind + gdb调试
1.vscode launch.json配置
使用国内几个大模型, 都无法给出正确可用的配置
在外网github搜到一个可参考的配置方法
链接: https://github.com/microsoft/vscode-cpptools/issues/4531
william-r-dieter commented on Aug 28, 2020
Here is the launch.json that worked for me:
launch.json
"customLaunchSetupCommands" : [{"description": "Attach to valgrind","text": "target remote | /usr/lib64/valgrind/../../bin/vgdb","ignoreFailures": false }],
vscode开启valgrind调试核心配置 launch.json
"setupCommands": [{"description": "vgdb","text": "target remote | /usr/bin/vgdb ","ignoreFailures": true}],
launch.json 完整配置
注意不能照抄, 我的默认编译构建工具是scons
{"version": "0.2.0","configurations": [{"name": "(gdb) 启动","type": "cppdbg","request": "launch","program": "${fileDirname}/${fileBasenameNoExtension}.out","args": [],"stopAtEntry": false,"cwd": "${fileDirname}","environment": [],"externalConsole": false,"MIMode": "gdb","setupCommands": [{"description": "为 gdb 启用整齐打印","text": "-enable-pretty-printing","ignoreFailures": true},{"description": "vgdb","text": "target remote | /usr/bin/vgdb ","ignoreFailures": true}],"preLaunchTask": "scons"}]
}
2.valgrind 开启vgdb调试
valgrind --leak-check=full --show-leak-kinds=all --vgdb=yes --vgdb-error=0 51_mem_valgrind调试_内存泄漏_非法地址访问_越界.out
3.vscode 启动gdb远程
参考 1.vscode launch.json配置
F5 运行
效果如图
总结
- valgrind + gdb 可以快速定位问题点
- 有概率gdb调试退出时, valgrind没有退出, 使用kill -9 强制退出
kill -9 valgrind_pid
- 项目中使用cppcheck + valgrind, 找出潜在的问题5-6个问题点,其中一个映像深刻
- 字节缓冲区, data_len变量为异常值(默认128, 异常时为156023), 导致指针索引地址越界
- 当通过C 指针索引地址时, 如果索引为异常值, 导致越界,或非法访问, 确实有风险.
- python列表,索引值越界会报异常
- c++ vector<uint8_t> 索引值越界会报异常
反思
- c++中尝试尽量将 bytes字节数据 转为vector<uint8_t> 处理
- 提交代码之前,进入安全稳定自测: valgrind, lsof, ss 排查内存,文件句柄,套接字资源是否有泄漏,漏洞,网络安全
- 尝试使用安全的语言, 如rust, 确认是否会有此问题
我是一名 嵌入式-系统-网络-机器人爱好者