内存/地址消毒器vs Valgrind [英] Memory/Address Sanitizer vs Valgrind

问题描述

我想要一些工具来诊断用户后释放错误和未初始化的错误.我正在考虑使用消毒剂(内存和/或地址)和Valgrind.但是我对它们的优缺点几乎一无所知.谁能告诉我Sanitizer和Valgrind的主要功能，区别和优点/缺点?

I want some tool to diagnose user-after-free bugs and uninitialized bugs. I am considering Sanitizer(Memory and/or Address) and Valgrind. But I have very little idea about their advantages and disadvantages. Can anyone tell the main features, differences and pros/cons of Sanitizer and Valgrind?

我发现了一些比较，例如:Valgrind使用DBI(动态二进制工具)，而Sanitizer使用CTI(编译时工具).无论Sanitizer运行速度是否比Valgrind(2x)快得多，Valgrind都会使程序慢得多(20x).如果有人可以给我一些更重要的考虑因素，那将是很大的帮助.

I found some of comparisons like: Valgrind uses DBI(dynamic binary instrumentation) and Sanitizer uses CTI(compile-time instrumentation). Valgrind makes the program much slower(20x) whether Sanitizer runs much faster than Valgrind(2x). If anyone can give me some more important points to consider, it will be a great help.

推荐答案

我想您会找到 wiki 有用.

TLDR消毒剂的主要优点是

TLDR main advantages of sanitizers are

• CPU开销要小得多(Lsan实际上是免费的，UBsan是1.25倍，Asan和Msan是计算密集型任务的2-4倍，而GUI是1.05-1.1倍，Tsan是5-15倍)
• 检测到的错误(堆栈和全局溢出，返回后使用)的类别更多
• 完全支持多线程应用程序(Valgrind对多线程的支持是一个笑话)

缺点是

大量的内存开销(Asan高达2倍，Msan高达3倍，Tsan高达10倍)，这可能是资源受限环境(例如电话)的限制因素；它仍然比Valgrind更好
• 更复杂的集成(您需要教您的构建系统以了解Asan，有时还需要解决Asan本身的局限性/错误，还需要使用相对较新的编译器)
• MemorySanitizer目前尚不易于使用，因为它需要一个人来重建Msan下的所有依赖关系(包括所有标准库，例如libstdc ++)；这意味着临时用户只能使用Valgrind来检测未初始化的错误
• 消毒剂通常不能相互组合(唯一受支持的组合是Asan + UBsan + Lsan)，这意味着您必须进行单独的QA运行以捕获所有类型的错误

• significant memory overhead (up to 2x for Asan, up to 3x for Msan, up to 10x for Tsan) which may be a limiting factor for resource limited environments (e.g. phones); it's still way better than Valgrind
• more complicated integration (you need to teach your build system to understand Asan and sometimes work around limitations/bugs in Asan itself, you also need to use relatively recent compiler)
• MemorySanitizer is not reall^W easily usable at the moment as it requires one to rebuild all dependencies under Msan (including all standard libraries e.g. libstdc++); this means that casual users can only use Valgrind for detecting uninitialized errors
• sanitizers typically can not be combined with each other (the only supported combination is Asan+UBsan+Lsan) which means that you'll have to do separate QA runs to catch all types of bugs

这篇关于内存/地址消毒器vs Valgrind的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！