Chapter 11. memstomp
memstomp is a command line tool that can be used to identify function calls with overlapping memory regions in situations when such an overlap is not permitted by various standards. It intercepts calls to the library functions listed in Table 11.1, “Function Calls Inspected by memstomp” and for each memory overlap, it displays a detailed backtrace to help you debug the problem.
Similarly to Valgrind, the memstomp
utility inspects applications without the need to recompile them. However, it is much faster than this tool and therefore serves as a convenient alternative to it.
Red Hat Developer Toolset is distributed with memstomp 0.1.5.
Function | Description |
---|---|
| Copies n bytes from one memory area to another and returns a pointer to the second memory area. |
| Copies a maximum of n bytes from one memory area to another and stops when a certain character is found. It either returns a pointer to the byte following the last written byte, or NULL if the given character is not found. |
| Copies n bytes from one memory area to another and returns a pointer to the byte following the last written byte. |
| Copies a string from one memory area to another and returns a pointer to the second string. |
| Copies a string from one memory area to another and returns a pointer to the terminating null byte of the second string. |
| Copies a maximum of n characters from one string to another and returns a pointer to the second string. |
| Copies a maximum of n characters from one string to another. It either returns a pointer to the terminating null byte of the second string, or if the string is not null-terminated, a pointer to the byte following the last written byte. |
| Appends one string to another while overwriting the terminating null byte of the second string and adding a new one at its end. It returns a pointer to the new string. |
| Appends a maximum of n characters from one string to another while overwriting the terminating null byte of the second string and adding a new one at its end. It returns a pointer to the new string. |
|
The wide-character equivalent of the |
|
The wide-character equivalent of the |
|
The wide-character equivalent of the |
|
The wide-character equivalent of the |
|
The wide-character equivalent of the |
|
The wide-character equivalent of the |
11.1. Installing memstomp
In Red Hat Developer Toolset, the memstomp
utility is provided by the devtoolset-12-memstomp package and is automatically installed with devtoolset-12-toolchain as described in Section 1.5, “Installing Red Hat Developer Toolset”.
11.2. Using memstomp
To run the memstomp
utility on a program you want to analyze:
$ scl enable devtoolset-12 'memstomp program argument...'
To immediately terminate the analyzed program when a problem is detected, run the utility with the --kill
(or -k
for short) command line option:
$ scl enable devtoolset-12 'memstomp --kill program argument...'
The use of the --kill
option is especially recommended if you are analyzing a multi-threaded program; the internal implementation of backtraces is not thread-safe and running the memstomp
utility on a multi-threaded program without this command line option can therefore produce unreliable results.
Additionally, if you have compiled the analyzed program with the debugging information or this debugging information is available to you, you can use the --debug-info
(or -d
) command line option to produce a more detailed backtrace:
$ scl enable devtoolset-12 'memstomp --debug-info program argument...'
For detailed instructions on how to compile your program with the debugging information built in the binary file, see Section 8.2, “Preparing a Program for Debugging”. For information on how to install debugging information for any of the Red Hat Developer Toolset packages, see Section 1.5.4, “Installing Debugging Information”.
Note that you can execute any command using the scl
utility, causing it to be run with the Red Hat Developer Toolset binaries used in preference to the Red Hat Enterprise Linux system equivalent. This allows you to run a shell session with Red Hat Developer Toolset memstomp
as default:
$ scl enable devtoolset-12 'bash'
Example 11.1. Using memstomp
In the current working directory, create a source file named employee.c
with the following contents:
#include <stdio.h> #include <string.h> #define BUFSIZE 80 int main(int argc, char *argv[]) { char employee[BUFSIZE] = "John,Doe,john@example.com"; char name[BUFSIZE] = {0}; char surname[BUFSIZE] = {0}; char *email; size_t length; /* Extract the information: */ memccpy(name, employee, ',', BUFSIZE); length = strlen(name); memccpy(surname, employee + length, ',', BUFSIZE); length += strlen(surname); email = employee + length; /* Compose the new entry: */ strcat(employee, surname); strcpy(employee, name); strcat(employee, email); /* Print the result: */ puts(employee); return 0; }
Compile this program into a binary file named employee
:
$ scl enable devtoolset-12 'gcc -rdynamic -g -o employee employee.c'
To identify erroneous function calls with overlapping memory regions:
$ scl enable devtoolset-12 'memstomp --debug-info ./employee'
memstomp: 0.1.4 successfully initialized for process employee (pid 14887).
strcat(dest=0x7fff13afc265, src=0x7fff13afc269, bytes=21) overlap for employee(14887)
??:0 strcpy()
??:0 strcpy()
??:0 _Exit()
??:0 strcat()
employee.c:26 main()
??:0 __libc_start_main()
??:0 _start()
John,john@example.comDoe,
11.3. Additional Resources
For more information about memstomp
and its features, see the resources listed below.
Installed Documentation
memstomp(1) — The manual page for the
memstomp
utility provides detailed information about its usage. To display the manual page for the version included in Red Hat Developer Toolset:$
scl enable devtoolset-12 'man memstomp'
See Also
- Chapter 1, Red Hat Developer Toolset — An overview of Red Hat Developer Toolset and more information on how to install it on your system.
- Chapter 8, GNU Debugger (GDB) — Instructions on debugging programs written in C, C++, and Fortran.
- Chapter 9, strace — Instructions on using the strace utility to monitor system calls that a program uses and signals it receives.
- Chapter 13, Valgrind — Instructions on using the Valgrind tool to profile applications and detect memory errors and memory management problems, such as the use of uninitialized memory, improper allocation and freeing of memory, and the use of improper arguments in system calls.