

2015-08-27 11:24  youxin  阅读(627)  评论(0编辑  收藏  举报



Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect many memory management and threading bugs, and profile your programs in detail. You can also use Valgrind to build new tools.

The Valgrind distribution currently includes six production-quality tools: a memory error detector, two thread error detectors, a cache and branch-prediction profiler, a call-graph generating cache and branch-prediction profiler, and a heap profiler. It also includes three experimental tools: a stack/global array overrun detector, a second heap profiler that examines how heap blocks are used, and a SimPoint basic block vector generator. It runs on the following platforms: X86/Linux, AMD64/Linux, ARM/Linux, ARM64/Linux, PPC32/Linux, PPC64/Linux, PPC64BE/Linux, S390X/Linux, MIPS32/Linux, MIPS64/Linux, ARM/Android (2.3.x and later), X86/Android (4.0 and later), MIPS32/Android, X86/Darwin and AMD64/Darwin (Mac OS X 10.9, with limited support for 10.8).


Stack OverFlow 栈溢出 - stack smashing detected


**** stack smashing detected ***: ./app terminated*
*======= Backtrace: =========*

Stack Smashing is actually a protection mechanism used by gcc to detect buffer overflow attacks. 

#include <stdio.h>
void func()
    char array[10];
int main(int argc, char **argv)

【注释:】  An input of string greater than size 10 causes corruption of gcc inbuilt protection canary variable followed by SIGABRT to terminate the program.

    You can disable this protection of gcc using option -fno-stack-protector while compiling.
In that case you will get a segmentation fault if you try to access illegal memory location. and of course you can detect the point of overflow say for example using  valgrind.



#include <string.h>
void fn(void)
    char a[100];
    char *p = a;
    bzero(p, 1000);
int main(int argc, char *argv[])
     return 0;


这里,数组a就会保存在栈中。当越界访问a[100]及后面的数据时,发生栈溢出,最容易出现的问题是返回指针被修改,进而函数返回时会发现返回的代码段指针错误,提示:“stack smashing detected...":

