This section is divided into the following subsections:
The Dr. Memory distribution contains the following:
- The front-end script to launch Dr. Memory:
drmemory.pl
on Linux and Cygwin, drmemory.exe
on Windows.
- The back-end of Dr. Memory, contained in the
bin32
and dynamorio
subdirectories. Dr. Memory runs on top of the DynamoRIO tool engine (see http://dynamorio.org for more information on DynamoRIO).
- Documentation for Dr. Memory (you're looking at it).
The current version is 1.4.6. The changes between version 1.4.6 and 1.4.5 include:
- Added MinGW support
- Added -pause_at_error option
- Various bug fixes
The changes between version 1.4.5 and 1.4.4 include:
- The tool now detects mismatched use of malloc/new/new[] vs free/delete/delete[]
- Added a script to convert Memcheck suppression files to the Dr. Memory format.
- Performance improvements on large applications via a symbol cache
- Renamed the -check_cmps option to -check_uninit_cmps
- Renamed the -check_non_moves option to -check_uninit_non_moves
- Various bug fixes
The changes between version 1.4.4 and 1.4.3 include:
- Fix for missing output in cmd on Win7 SP1
- Check for /MDd and abort
The changes between version 1.4.3 and 1.4.2 include:
- Changed the default callstack printing style and added control over the style via the -callstack_style runtime option
- On Windows, printing errors to stderr is now on by default
- On Windows, several options now control simplifying callstacks: -callstack_truncate_below, -callstack_srcfile_prefix, -callstack_modname_hide, -callstack_srcfile_hide. The -brief option sets these to common defaults and hides absolute addresses for simpler reports.
- Callstack walking in presence of FPO is now supported.
- Added a new mode that is several times faster but does not check for uninitialized reads: -no_check_uninitialized.
- Thread creation stack traces are now available in the global.pid.log file for identifying threads.
- Suppressions can take names, and the list of used suppressions is printed out in the results file.
- Increased default -redzone_size to 16
- Suppression can take instruction specifiers for narrower scope.
- The Valgrind Memcheck suppression format is supported for legacy suppression files: however, C++ symbols must be de-mangled at this time.
- Various bug fixes
The changes between version 1.4.2 and 1.4.1 include:
- Initial graphical system call support to reduce false positives
- Various bug fixes
The changes between version 1.4.1 and 1.4.0 include:
- Full Windows 7 support
- Various bug fixes
The changes between version 1.4.0 and 1.3.1 include:
- Initial Windows 7 support
- Performance improvements
- Various bug fixes
- Release build is used by default
The changes between version 1.3.1 and 1.3.0 include:
- Performance improvements
- Various bug fixes
The changes between version 1.3.0 and 1.2.1 include:
- Enabled -check_leaks and -possible_leaks by default (Issue 8)
- Improved suppression support: support for vertical wildcards "..."
- Locate target app on path on Linux (Issue 33)
- Various bug fixes
The changes between version 1.2.1 and 1.2.0 include:
- Fix bug in symbol lookup causing debug build asserts
The changes between version 1.2.0 and 1.1.0 include:
- Avoid false positives and false negatives when using debug versions of msvcrt, whose own debugging facilities conflicted with Dr. Memory's
- Added -perturb feature that uses random delays to attempt to trigger data races such as use-after-free accesses, which Dr. Memory will immediately detect
- Separate indirect leaks from direct leaks
- Added -version option to front end
- Generalized "invalid free" to "invalid heap argument"
- Improved performance of many instruction types including string instructions
- Improved performance of heap routines accessing heap headers
- Improved performance of stack adjustments
- Improved performance of shadow table accesses
- Improved performance of hashtables via dynamic resizing
- Display messages in cmd window, where DynamoRIO has trouble printing
- Switch to online symbol processing on Windows, greatly simplifying the Windows design and making it more robust by eliminating perl entirely
- Eliminate need for admin privileges to run on Windows
- Added wildcard support to suppressions
- Various bug fixes
The changes between version 1.1.0 and 1.0.1 include:
- Eliminated common C++ cases of false positives in possible leaks
- Report additional information on unaddressable errors: list the nearest malloc chunks above and below, and whether the access was to freed memory
- Report timestamp and thread id of reported errors
- Added -leaks_only feature for low-overhead leak checking
- Improved support for heaps used as stacks when such stacks are small and are adjacent to non-stack data
- Improved Linux system call parameter handling to reduce false positives
- Added default suppression file
- Added -aggregate option to combine error listings and eliminate duplicates among a set of processes
- Report the total number of leaked bytes
- Perform error duplication checks in the client
- Reduce memory usage of callstacks stored on each malloc
- Eliminate false positives from libc string routines by replacing them
- Switch to true reachability-based leak detection, trigger-able from a nudge at any time during a run
- Split possible leaks from certain leaks
- Improved documentation
- Improve performance of consecutive similar memory references
- Improve performance of 64K-boundary-crossing stack adjustments
- Many other performance improvements
- Many bug fixes
This is a Beta version. It has some missing features and undoubtedly some bugs. The missing features include:
- Windows system call parameters are not all known, which can result in false positives and false negatives, especially on Vista or Windows 7, or with code that interacts with the network.
- The malloc in the Cygwin C library is not yet tracked separately from the Windows API malloc which can lead to false negatives.
- Definedness is tracked at the byte level, not at the bit level, which when bitfields are in use can lead to false positives.
- 64-bit support: we plan to add this in the future.
- 32-bit applications on 64-bit Windows have some limitations (these are actually limitations of the current version of the underlying DynamoRIO engine): if the app creates threads prior to image entry (as cygwin apps often do) and does not link user32.dll, Dr. Memory will not take over early enough to avoid problems with the other thread(s). On 32-bit Windows this can be worked around by taking over from a parent process (e.g., cmd.exe). Instructions on how to do this will appear in an upcoming version (basically you need to use DynamoRIO's drdeploy to set up the child; in the future the drmemory front-end will support doing that for you).
- Detecting mixing of malloc/new/new[] vs free/delete/delete[]: though if the deleted class has its own allocated memory it should show up as a reported memory leak; and if it doesn't, and its destructor doesn't do anything else, then no harm done by not calling delete[].
- Multiple thread corner cases:
- Pathological races between mallocs and frees can result in Dr. Memory's shadow memory structures becoming mis-aligned with subsequent false positives. However, such a scenario will always be preceded by an invalid free error.
- General races between memory accesses and Dr. Memory's shadow memory can occur but errors will only occur with the presence of erroneous race conditions in the application.
- This release can produce false positives if multiple threads write to adjacent bytes simultaneously. Future releases will provide options to trade off performance, memory usage, and accuracy.