leakdice VS codechecker

Maybe try Leakdice: https://github.com/tialaramex/leakdice in C or rewritten in Rust: https://github.com/tialaramex/leakdice-rust/

In my obviously biased opinion, very specialised, but sometimes exactly what you needed (I have used this in anger maybe 2-3 times in my career since then, which is why I wrote the C version):

https://github.com/tialaramex/leakdice (or https://github.com/tialaramex/leakdice-rust)

Leakdice implements some of Raymond Chen's "The poor man’s way of identifying memory leaks" for you. On Linux at least.

https://bytepointer.com/resources/old_new_thing/20050815_224...

All leakdice does is: You pick a running process which you own, leakdice picks a random heap page belonging to that process and shows you that page as hex + ASCII.

The Raymond Chen article explains why you might ever want to do this.

(or there's a Rust rewrite https://github.com/tialaramex/leakdice-rust because I was learning Rust)

leakdice is not a clever, sophisticated tool like valgrind, or eBPF programming, but that's fine because this isn't a subtle problem - it's very blatant - and running leakdice takes seconds so if it wasn't helpful you've lost very little time.

Here's what leakdice does: It picks a random heap page of a running process, which you suspect is leaking, and it displays that page as ASCII + hex.

That's all, and that might seem completely useless, unless you either read Raymond Chen's "The Old New Thing" or you paid attention in statistics class.

Because your program is leaking so badly the vast majority of heap pages (leakdice counts any pages which are writable and anonymous) are leaked. Any random heap page, therefore, is probably leaked. Now, if that page is full of zero bytes you don't learn very much, it's just leaking blank pages, hard to diagnose. But most often you're leaking (as was happening here) something with structure, and very often sort of engineer assigned investigating a leak can look at a 4kbyte page of structure and go "Oh, I know what that is" from staring at the output in hex + ASCII.

This isn't a silver bullet, but it's very easy and you can try it in like an hour (not days, or a week) including writing up something like "Alas the leaked pages are empty" which isn't a solution but certainly clarifies future results.

Right. Even in an entirely safe language you can have leaks, and valgrind is an effective way to find those leaks if you can afford the virtualisation overhead.

If you can't afford the virtualisation overhead, and you need to find leaks you should try what Raymond Chen suggests in "The poor man's way of identifying memory leaks" (not bothering to link since Microsoft will only move it anyway, they have several times since I read it). If you are too lazy to do it by hand, or find the technique works but wish it less manual, this is what Leakdice does:

https://github.com/tialaramex/leakdice

python3 new.py docker-php-extension-installer: https://github.com/mlocati/docker-php-extension-installer codechecker: https://github.com/Ericsson/codechecker SingleFileZ: https://github.com/gildas-lormeau/SingleFileZ china-dictatorship: https://github.com/cirosantilli/china-dictatorship vscode-docker: https://github.com/microsoft/vscode-docker flask-bones: https://github.com/cburmeister/flask-bones ProjectFib: https://github.com/anantdgoel/ProjectFib S3Mock: https://github.com/adobe/S3Mock home: https://github.com/gege-circle/home docker-php: https://github.com/chialab/docker-php dockbix-xxl: https://github.com/monitoringartist/dockbix-xxl wind-layer: https://github.com/sakitam-fdd/wind-layer powerstrip: https://github.com/ClusterHQ/powerstrip selenium-jupiter: https://github.com/bonigarcia/selenium-jupiter gnome-shell-extension-docker: https://github.com/gpouilloux/gnome-shell-extension-docker hacktoberfest-2022: https://github.com/docker/hacktoberfest-2022 azure-docker-extension: https://github.com/Azure/azure-docker-extension pgrocks-fdw: https://github.com/vidardb/pgrocks-fdw docker-php-yii2: https://github.com/dmstr/docker-php-yii2 docker-community-extensions: https://github.com/collabnix/docker-community-extensions alpine-php-fpm: https://github.com/joseluisq/alpine-php-fpm autoview-tradingview-chrome-docker-bot: https://github.com/IAMtheIAM/autoview-tradingview-chrome-docker-bot .config: https://github.com/zszszszsz/.config docker-phpfpm: https://github.com/adhocore/docker-phpfpm coc-docker: https://github.com/josa42/coc-docker china-dictatorhsip-6: https://github.com/cirosantilli/china-dictatorhsip-6 testcontainers-spock: https://github.com/testcontainers/testcontainers-spock Dockery: https://github.com/oslabs-beta/Dockery docker-extension: https://github.com/tailscale/docker-extension volumes-backup-extension: https://github.com/docker/volumes-backup-extension ajeetraina@Docker-Ajeet-Singh-Rainas-MacBook-Pro chatgpt % vi new.py ajeetraina@Docker-Ajeet-Singh-Rainas-MacBook-Pro chatgpt % python3 new.py .config: https://github.com/zszszszsz/.config Dockery: https://github.com/oslabs-beta/Dockery docker-extension: https://github.com/tailscale/docker-extension ransomware: https://github.com/abhir98/ransomware jfrog-docker-desktop-extension: https://github.com/jfrog/jfrog-docker-desktop-extension dd-extension-lgtm: https://github.com/cedricziel/dd-extension-lgtm openshift-dd-ext: https://github.com/redhat-developer/openshift-dd-ext k9s-dd-extension: https://github.com/spurin/k9s-dd-extension pgadmin4-docker-extension: https://github.com/marcelo-ochoa/pgadmin4-docker-extension trivy-docker-extension: https://github.com/aquasecurity/trivy-docker-extension drone-ci-docker-extension: https://github.com/harness/drone-ci-docker-extension docker-extension: https://github.com/loopDelicious/docker-extension swagger-editor-docker-extension: https://github.com/n-murphy/swagger-editor-docker-extension wasm-docker-extension: https://github.com/cmrigney/wasm-docker-extension microcks-docker-desktop-extension: https://github.com/microcks/microcks-docker-desktop-extension docker-extension-golang-playground: https://github.com/rumpl/docker-extension-golang-playground diveintoansible-extension: https://github.com/spurin/diveintoansible-extension docker-desktop-extension: https://github.com/okteto/docker-desktop-extension docker-extension-rabbitmq: https://github.com/Yogendra0Sharma/docker-extension-rabbitmq docker-storj-extension: https://github.com/elek/docker-storj-extension github-registry-docker-desktop-extension: https://github.com/peacecwz/github-registry-docker-desktop-extension docker-desktop-extension-issues: https://github.com/mutagen-io/docker-desktop-extension-issues sdw-docker-extension: https://github.com/marcelo-ochoa/sdw-docker-extension vcluster-dd-extension: https://github.com/loft-sh/vcluster-dd-extension extension-docker-desktop: https://github.com/epinio/extension-docker-desktop asyncapi-studio-docker-extension: https://github.com/thiyagu06/asyncapi-studio-docker-extension gefyra-docker-desktop-extension: https://github.com/gefyrahq/gefyra-docker-desktop-extension oraclexe-docker-extension: https://github.com/marcelo-ochoa/oraclexe-docker-extension docker-extensions-101: https://github.com/collabnix/docker-extensions-101 step-ca-docker-extension: https://github.com/hslatman/step-ca-docker-extension

Regarding problems on clang-tidy - have you looked into Codechecker? It is based on clang tidy but also supports cppcheck and marking issues as false positives/will not fix etc... https://github.com/Ericsson/codechecker

I've been down the llvm / clang / mlir rabbit hole recently and drank this : https://codechecker.readthedocs.io ...

Seconding `rr` as suggested by @tux3, it's great for debugging.

Also, the sanitizers for GCC and Clang (https://github.com/google/sanitizers), and the Clang static analyzer (and tidy too) through CodeChecker (https://codechecker.readthedocs.io/).

For the Clang static analyzer, make sure your LLVM toolchain has the Z3 support enabled (OK in Debian stable for example), and enable cross translation units (CTU) analysis too for better results.

If you have the bandwidth, I'd also recommend using something like https://github.com/Ericsson/codechecker which allows you to add results of analysis/tests to a database. This would in turn allow you to set your "stable" branch pipelines to fail if the diff of problems between runs shows you've introduced more issues that haven't been marked as addressed.

Another open source alternative is CodeChecker [1] with the Clang static analyzer [2]. Make sure the Clang toolchain has been compiled with Z3 [3] support for better results (it's the case in Debian stable), particularly for code doing bit operations. It supports cross files analysis ("cross translation units" or CTU), which last time I checked was not the case for IKOS and helps improve diagnostics.

It's not completely turn key if you use it for a cross compiled code base, but once set-up I prefer it to another professional tool: much less false alarms. Although it's good to have both, each one found issues not seen by the other.

  [1] https://github.com/Ericsson/codechecker