4.3.2 Using valgrind; 4.3.3 Using the Address Sanitizer. 4.3.3.1 Using the Leak Sanitizer; 4.3.4 Using the Undefined Behaviour Sanitizer; 4.3.5 Other analyses with ‘clang’ 4.3.6 Other analyses with ‘gcc’ 4.3.7 Using ‘Dr. Memory’ 4.3.8 Fortran array bounds checking; 4.4 Debugging compiled code. 4.4.1 Finding entry points in.
- The TotalView debugger (or, more precisely, its Memscope) has a feature set similar to the one of Valgrind. You can also try Electric Fence (original author's link) (the origin of DUMA) for buffer overflows or touch-after-free cases (but not for memleaks, though).
- Apple: Valgrind Alternative for Mountain LionHelpful? Please support me on Patreon: thanks & praise to God, and wi.
Original author(s) | Julian Seward |
---|---|
Developer(s) | Valgrind Development Team[1] |
Stable release | 3.16.1 (June 22, 2020; 10 months ago) [±][2] |
Repository | |
Operating system | Linux macOS Solaris Android[3] |
Type | Profiler, Memory debugger |
License | GNU General Public License |
Website | www.valgrind.org |
Valgrind (/ˈvælɡrɪnd/) is a programming tool for memory debugging, memory leak detection, and profiling.
Valgrind was originally designed to be a freememory debugging tool for Linux on x86, but has since evolved to become a generic framework for creating dynamic analysis tools such as checkers and profilers.
The name Valgrind is a reference to the main entrance of Valhalla from Norse Mythology. During development (before release) the project was named Heimdall; however, the name would have conflicted with a security package.
Overview[edit]
Valgrind is in essence a virtual machine using just-in-time (JIT) compilation techniques, including dynamic recompilation. Nothing from the original program ever gets run directly on the host processor. Instead, Valgrind first translates the program into a temporary, simpler form called Intermediate Representation (IR), which is a processor-neutral, SSA-based form. After the conversion, a tool (see below) is free to do whatever transformations it would like on the IR, before Valgrind translates the IR back into machine code and lets the host processor run it. Valgrind recompiles binary code to run on host and target (or simulated) CPUs of the same architecture. It also includes a GDB stub to allow debugging of the target program as it runs in Valgrind, with 'monitor commands' that allow querying the Valgrind tool for various information.
A considerable amount of performance is lost in these transformations (and usually, the code the tool inserts); usually, code run with Valgrind and the 'none' tool (which does nothing to the IR) runs at 20% to 25% of the speed of the normal program.[4][5]
Tools[edit]
Memcheck[edit]
There are multiple tools included with Valgrind (and several external ones). The default (and most used) tool is Memcheck. Memcheck inserts extra instrumentation code around almost all instructions, which keeps track of the validity (all unallocated memory starts as invalid or 'undefined', until it is initialized into a deterministic state, possibly from other memory) and addressability (whether the memory address in question points to an allocated, non-freed memory block), stored in the so-called V bits and A bits respectively. As data is moved around or manipulated, the instrumentation code keeps track of the A and V bits, so they are always correct on a single-bit level.
In addition, Memcheck replaces the standard C memory allocator with its own implementation, which also includes memory guards around all allocated blocks (with the A bits set to 'invalid'). This feature enables Memcheck to detect off-by-one errors where a program reads or writes outside an allocated block by a small amount. The problems Memcheck can detect and warn about include the following:
- Use of uninitialized memory
- Reading/writing memory after it has been
free
'd - Reading/writing off the end of
malloc
'd blocks
The price of this is lost performance. Programs running under Memcheck usually run 20–30 times slower[6] than running outside Valgrind and use more memory (there is a memory penalty per allocation). Thus, few developers run their code under Memcheck (or any other Valgrind tool) all the time. They most commonly use such tools either to trace down some specific bug, or to verify that there are no latent bugs (of the kind Memcheck can detect) in the code.
Other tools[edit]
In addition to Memcheck, Valgrind has several other tools:[7]
- None, runs the code in the virtual machine without performing any analysis and thus has the smallest possible CPU and memory overhead of all tools. Since valgrind itself provides a trace back from a segmentation fault, the none tool provides this traceback at minimal overhead.
- Addrcheck, similar to Memcheck but with much smaller CPU and memory overhead, thus catching fewer types of bugs. Addrcheck has been removed as of version 3.2.0.[8]
- Massif, a heapprofiler. The separate GUI massif-visualizer visualizes output from Massif.
- Helgrind and DRD, detect race conditions in multithreaded code
- Cachegrind, a cache profiler. The separate GUI KCacheGrind visualizes output from Cachegrind.
- Callgrind, a callgraph analyzer created by Josef Weidendorfer was added to Valgrind as of version 3.2.0. KCacheGrind can visualize output from Callgrind.
- DHAT, dynamic heap analysis tool which analyzes how much memory is allocated and for how long as well as patterns of memory usage.
- exp-sgcheck (named exp-ptrcheck prior to version 3.7), an experimental tool to find stack and global array overrun errors which Memcheck cannot find.[9] Some code results in false positives from this tool.[10]
- exp-bbv, a performance simulator that extrapolates performance from a small sample set.
There are also several externally developed tools available. One such tool is ThreadSanitizer, another detector of race conditions.[11][12]
Platforms supported[edit]
As of version 3.4.0, Valgrind supports Linux on x86, x86-64 and PowerPC. Support for OS X was added in version 3.5.0.[13] Support for Linux on ARMv7 (used for example in certain smartphones) was added in version 3.6.0.[14] Support for Solaris was added in version 3.11.0.[3] There are unofficial ports to other UNIX-like platforms (like FreeBSD,[15]OpenBSD,[16] and NetBSD[17]). From version 3.7.0 the ARM/Android platform support was added.[3]
Since version 3.9.0 there is support for Linux on MIPS64 little and big endian, for MIPS DSP ASE on MIPS32, for s390x Decimal Floating Point instructions, for POWER8 (Power ISA 2.07) instructions, for Intel AVX2 instructions, for Intel Transactional Synchronization Extensions, both RTM and HLE and initial support for Hardware Transactional Memory on POWER.[2]
History and development[edit]
It is named after the main entrance to Valhalla in Norse mythology.[18]
The original author of Valgrind is Julian Seward, who in 2006 won a Google-O'Reilly Open Source Award for his work on Valgrind.[19][20]
Several others have also made significant contributions, including Cerion Armour-Brown, Jeremy Fitzhardinge, Tom Hughes, Nicholas Nethercote, Paul Mackerras, Dirk Mueller, Bart Van Assche, Josef Weidendorfer, and Robert Walsh.[21]
It is used by a number of Linux-based projects.[22]
Limitations of Memcheck[edit]
In addition to the performance penalty, an important limitation of Memcheck is its inability to detect all cases of bounds errors in the use of static or stack-allocated data.[23] The following code will pass the Memcheck tool in Valgrind without incident, despite containing the errors described in the comments:
The experimental valgrind tool exp-sgcheck has been written to address this limitation in Memcheck. It will detect array overrun errors, provided the first access to an array is within the array bounds. Note that exp-sgcheck will not detect the array overrun in the code above, since the first access to an array is out of bounds, but it will detect the array overrun error in the following code.
The inability to detect all errors involving the access of stack allocated data is especially noteworthy sincecertain types of stack errors make software vulnerable to the classicstack smashing exploit.
See also[edit]
- AddressSanitizer et al.
Notes[edit]
- ^https://valgrind.org/info/developers.html
- ^ abValgrind News
- ^ abcValgrind release notes
- ^Valgrind homepage
- ^Valgrind Manual
- ^https://valgrind.org/docs/manual/quick-start.html#quick-start.mcrun
- ^Valgrind main tool list
- ^[1]
- ^section on exp-sgcheck in the Valgrind user manual
- ^[2]
- ^https://valgrind.org/downloads/variants.html
- ^K Serebryany, T Iskhodzhanov, ThreadSanitizer–data race detection in practice, Proceedings of the Workshop on Binary Instrumentation and Applications WBIA'09
- ^OS X port
- ^ARM/Linux port
- ^Valgrind FreeBSD port
- ^Valgrind OpenBSD port
- ^'Valgrind NetBSD port'. Archived from the original on 2006-02-09. Retrieved 2006-01-28.
- ^Valgrind FAQ
- ^valgrind.org's list of awards
- ^Google-O'Reilly Open Source Awards – Hall of Fame
- ^The Valgrind Developers
- ^valgrind.org's list of users
- ^Valgrind FAQ
References[edit]
- Nethercote, Nicholas; Seward, Julian. 'Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation'. Proceedings of ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation (PLDI 2007). ACM.
- Seward, Julian; Nethercote, Nicholas. 'Using Valgrind to detect undefined value errors with bit-precision'. Proceedings of the USENIX Annual Technical Conference 2005. USENIX Association.
- Seward, J.; Nethercote, N.; Weidendorfer, J.; Valgrind Development Team (March 2008). Valgrind 3.3 – Advanced Debugging and Profiling for GNU/Linux applications. Network Theory Ltd. pp. 164 pages. ISBN0-9546120-5-1.
External links[edit]
Wikibooks has a book on the topic of: Valgrind |
Valgrind is a developer tool for C++ developers used to find memory issues including C++ memory leak detection. Valgrind uses instrumentation to collect information about allocated and freed memory to gather complete information about memory blocks.
Many developers ask how to use Valgrind on Windows and Visual Studio. Valgrind heavy relies on Linux internals, that’s why Valgrind does not support Windows.
Fortunately, there is a Valgrind alternative for Windows, called Deleaker. It is a memory profiler tool for Windows. While Valgrind uses instrumentation that makes the code slower about 10x times, Deleaker uses hooks and does not modify code of a program: code execution speed remains almost the same. Deleaker doesn’t require a program to be rebuilt. All what Deleaker needs is a debug information to locate source of leaks.
Also Deleaker detects Windows specific leaks such as GDI leaks, leaks of handles.
Deleaker can work as a standalone application and as an extension for Visual Studio. The standalone version is suitable for memory leaks profiling on a client machine when the installation of Visual Studio is not allowed. If your favourite IDE is Qt Creator or C++ Builder, it is worth mentioning that Deleaker integrates with them as well.
Alternative To Valgrind Mac
With Deleaker extension for Visual Studio, a developer checks code for memory leaks, identifying exact leaking places quite quickly. Deleaker assists a developer, showing list of allocated memory blocks with their call stacks and other information including hit count, size, module path and others.
Let’s look at how it works. Create new console application and add a simple leak:
Before starting debugging, ensure that Deleaker is enabled:
Alternatives To Valgrind On Windows
Start debugging. The application allocates memory and exits. Once the debugging stopped, Deleaker takes a snapshot and shows a report. To navigate to the source of a leak, just right-click and select Show Source Code:
Alternatives To Valgrind
Deleaker can compare snapshots to find some recurring leaks. Also a developer can export snapshots to review them later.
Deleaker comes with a command line tool, DeleakerConsole.exe, that can be used to integrate memory leaks checking into continuous integration process to ensure that an application does not leak. DeleakerConsole.exe prepares memory leaks reports in XML format that can be analyzed.
If you are looking for an alternative of Valgrind, try Deleaker. It is a C++ memory leak detection tool for Windows that is fast, supports both 32-bit and 64-bit code, and integrates with all major IDE including Visual Studio, Qt Creator and RAD Studio.