A comparison of various C Programming memory debuggers
- Dmalloc
- Electric Fence
- Valgrind
- Memwatch
- Mtrace
- AddressSanitizer (ASAN)
From the Mind_Monitor
directory:
devops/script/dependency_checker.sh
Tool | Verify | Install |
---|---|---|
Dmalloc | dmalloc --version |
apt install libdmalloc* |
Electric Fence | dpkg-query --list electric-fence |
apt install electric-fence |
Valgrind | valgrind --version |
apt install valgrind |
Memwatch | ls src/memwatch.? |
devops/script/install_memwatch.sh |
Mtrace | mtrace --version |
Built into glibc |
ASAN | gcc -fsanitize=address --version |
apt install gcc |
From the Mind_Monitor
directory:
devops/script/test_all.sh
Filename | Description | Dmalloc | Electric Fence | Valgrind | Memwatch | Mtrace | ASAN |
---|---|---|---|---|---|---|---|
bad_code1.c | Uninit. mem | โ๐ข | โ | โ๏ธ | โ | โ | โ๏ธ๐ข |
bad_code2.c | Buffer overflow (Heap) | โ๏ธ๐ข๐ฅ | โ | โ๏ธ | โ๏ธ | โ | โ๏ธ |
bad_code3.c | Memory leak | โ๏ธ๐ข | โ | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
bad_code4.c | Invalid mem access | โ๐ข | โ๐ฅ | โ๏ธ | โ | โ | โ๏ธ |
bad_code5.c | Double free | โ๏ธ๐ข๐ฅ | โ๏ธ๐ฅ | โ๏ธ | โ๏ธ | โ | โ๏ธ |
bad_code6.c | Uninit. integer | โ๐ข | โ | โ๏ธ | โ๐ข | โ | โ |
bad_code7.c | Overlapping memcpy | โ๐ข | โ | โ | โ | โ | โ๏ธ |
bad_code8.c | Fishy malloc values | โ๏ธ๐ข๐ฅ | โ๏ธ๐ฅ | โ๏ธ๐ฅ | โ๐ฅ | โ๐ฅ | โ๏ธ |
bad_code9.c | Fishy calloc values | โ๏ธ๐ข๐ฅ | โ๐ฅ | โ๏ธ๐ฅ | โ๐ฅ | โ๐ฅ | โ๏ธ |
bad_code10.c | Multi-process memory leak | โ๏ธ๐ข | โ | โ | โ๏ธ | โ๏ธ๐ข | โ |
bad_code11.c | Multi-process double free | โ๐ข | โ๏ธ | โ | โ๏ธ | โ | โ |
bad_code12.c | Multi-thread memory leak | โ๏ธ๐ข | โ | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
bad_code13.c | Multi-thread double free | โ๏ธ๐ข | โ๏ธ | โ๏ธ | โ๏ธ | โ๐ฅ | โ๏ธ |
bad_code14.c | Multi-process memory leak (wait) | โ๏ธ | โ | โ | โ๏ธ | โ | โ |
bad_code15.c | Multi-process double free (wait) | โ | โ๏ธ | โ๏ธ | โ๏ธ | โ | โ๏ธ |
bad_code16.c | Buffer overflow (Stack) | โ | โ | โ | โ | โ | โ๏ธ |
LEGEND
Emoji | Meaning |
---|---|
๐ข | False positive, misleading/missing results |
๐ฅ | Seg fault or core dump |
โ | Test not yet executed |
โ๏ธ | Succeeded in finding the error |
โ | Failed to find the error |
NOTES:
- Some ideas came from https://valgrind.org/docs/manual/mc-manual.html
- Bad Code 10 is the multi-process version of Bad Code 3
- Bad Code 11 is the multi-process version of Bad Code 5
- Bad Code 12 is the multi-thread version of Bad Code 3
- Bad Code 13 is the multi-thread version of Bad Code 5
- Bad Code 14 is Bad Code 10 with waitpid() implemented
- Bad Code 15 is Bad Code 11 with waitpid() implemented
- Turns out Mtrace's response to Bad Code 13 isn't anything above and beyond normal execution
- Bad Code 16 borrowed heavily from Bad Code 2
- *_code6_memwatch.bin and *_code16_memwatch.bin are failing to create a log file at runtime. Theory: "...memwatch will auto-initialize on the first call to a memory function..." and neither test case calls a memory function. I verified the binaries were linked against memwatch (e.g., `readelf -a *_code6_memwatch.bin | grep mw`). I even tried to manually initialize memwatch with `mwInit()`, `mwDoFlush(1)`, and `mwTerm()`.
- Dmalloc - 9/16
- Electric Fence - 5/16
- Valgrind - 11/16
- Memwatch - 9/16
- Mtrace - 2.5/16
- ASAN - 12/16
NOTE: Mtrace has seemingly non-deterministic results for Bad Code 10 so it gets a ๐ข and a half point
On a scale of 1 to 5 (5 being the easiest to use):
- Dmalloc - 2/5
- Electric Fence - 3/5
- Valgrind - 4/5
- Memwatch - 3/5
- Mtrace - 3/5
- ASAN - 5/5
On a scale of 1 to 5 (5 being the easiest to read):
- Dmalloc - 2/5
- Electric Fence - 4/5
- Valgrind - 3/5
- Memwatch - 5/5
- Mtrace - 5/5
- ASAN - 4/5
Ranked best to worst:
- ASAN (85.0%)
- Memwatch (72.1%)
- Valgrind (69.6%)
- Mtrace (58.5%)
- Electric Fence (57.1%)
- Dmalloc (45.4%)