广东新支点技术服务有限公司 内部公开▲
技 术 文 档
技术文件名称:valgrind-3.3.1 的安装与使用研究
技术文件编号:OS-20110823
版 本:
拟 制 陈泽民
审 核
共 页
(包括封面)
修改记录
文件编号
版本号
拟制人/
修改人
拟制日期/
修改日期
更改理由
主要更改内容
(写要点即可)
注1:每次更改归档文件(上传到文件服务器)时,需填写此
表
关于同志近三年现实表现材料材料类招标技术评分表图表与交易pdf视力表打印pdf用图表说话 pdf
。
注2:文件第一次归档时,“更改理由”、“主要更改内容”栏写“无”。
目录
- 4 -第1章valgrind的安装
- 4 -1.1 valgrind的介绍
- 4 -1.2valgrind的安装
- 6 -第二章valgrind的使用
- 6 -2.1valgrind的使用与示例
第1章valgrind的安装
1.1 valgrind的介绍
Valgrind是一款用于内存调试、内存泄漏检测以及性能
分析
定性数据统计分析pdf销售业绩分析模板建筑结构震害分析销售进度分析表京东商城竞争战略分析
的软件开发工具。Valgrind这个名字取自北欧神话中英灵殿的入口。
Valgrind的最初作者是Julian Seward,他于2006年由于在开发Valgrind上的工作获得了第二届Google-O'Reilly开源代码奖。
Valgrind遵守GNU通用公共许可证条款,是一款自由软件。
到3.6.1版本为止,Valgrind支持{x86,amd64,arm,ppc32,ppc64}-linux and {x86,amd64}-darwin (Mac OS X).
而在CGSL系统中valgrind-3.3.1能很好地运行。
1.2valgrind的安装
本文所应用的平台为NewStart CGSL系统,
(1)在CGSL中解压valgrind-3.3.1.tar.bz2
[root@localhost ~]#tar –jxvf valgrind-3.2.3.tar.bz2
下载压缩包为(右键图标复制到非桌面位置即可):
然后进入
[root@localhost ~]# cd valgrind-3.3.1
[root@localhost valgrind-3.3.1]# ./configure && make && make install
进行安装等待安装完毕后
安装时可能需要几分钟
因为安装时:
Provides :
libpthread.so
libpthread.so.0
valgrind.so
valgrinq.so
valgrind
Requires :
ld-linux.so.2
libc.so.6
libc.so.6
libc.so.6
libc.so.6
/bin/sh
/usr/bin/perl
libc.so.6
Content of RPM :
/usr/bin/cachegrind
/usr/bin/valgrind
/usr/bin/vg_annotate
/usr/doc/valgrind-1.0.4
/usr/doc/valgrind-1.0.4/ACKNOWLEDGEMENTS
/usr/doc/valgrind-1.0.4/AUTHORS
/usr/doc/valgrind-1.0.4/COPYING
/usr/doc/valgrind-1.0.4/ChangeLog
/usr/doc/valgrind-1.0.4/NEWS
/usr/doc/valgrind-1.0.4/PATCHES_APPLIED
/usr/doc/valgrind-1.0.4/README
/usr/doc/valgrind-1.0.4/README_KDE3_FOLKS
/usr/doc/valgrind-1.0.4/README_MISSING_SYSCALL_OR_IOCTL
/usr/doc/valgrind-1.0.4/README_PACKAGERS
/usr/doc/valgrind-1.0.4/TODO
/usr/doc/valgrind-1.0.4/index.html
/usr/doc/valgrind-1.0.4/manual.html
/usr/doc/valgrind-1.0.4/nav.html
/usr/doc/valgrind-1.0.4/techdocs.html
/usr/include/valgrind.h
/usr/lib/valgrind
/usr/lib/valgrind/default.supp
/usr/lib/valgrind/glibc-2.1.supp
/usr/lib/valgrind/glibc-2.2.supp
/usr/lib/valgrind/libpthread.so
/usr/lib/valgrind/libpthread.so.0
/usr/lib/valgrind/valgrind.so
/usr/lib/valgrind/valgrinq.so
/usr/lib/valgrind/xfree-3.supp
/usr/lib/valgrind/xfree-4.supp
第二章valgrind的使用
2.1valgrind的使用与示例
1、用法
valgrind [options] prog-and-args [options]: 常用选项,适用于所有Valgrind工具
-tool=
最常用的选项。运行 valgrind中名为toolname的工具。默认memcheck。
h –help 显示帮助信息。
-version 显示valgrind内核的版本,每个工具都有各自的版本。
q –quiet 安静地运行,只打印错误信息。
v –verbose 更详细的信息, 增加错误数统计。
-trace-children=no|yes 跟踪子线程? [no]
-track-fds=no|yes 跟踪打开的文件描述?[no]
-time-stamp=no|yes 增加时间戳到LOG信息? [no]
-log-fd= 输出LOG到描述符文件 [2=stderr]
-log-file= 将输出的信息写入到filename.PID的文件里,PID是运行程序的进行ID
-log-file-exactly= 输出LOG信息到 file
-log-file-qualifier= 取得环境变量的值来做为输出信息的文件名。 [none]
-log-socket=ipaddr:port 输出LOG到socket ,ipaddr:port
LOG信息输出
-xml=yes 将信息以xml格式输出,只有memcheck可用
-num-callers= show callers in stack traces [12]
-error-limit=no|yes 如果太多错误,则停止显示新错误? [yes]
-error-exitcode= 如果发现错误则返回错误代码 [0=disable]
-db-attach=no|yes 当出现错误,valgrind会自动启动调试器gdb。[no]
-db-command= 启动调试器的命令行选项[gdb -nw %f %p]
适用于Memcheck工具的相关选项:
-leak-check=no|summary|full 要求对leak给出详细信息? [summary]
-leak-resolution=low|med|high how much bt merging in leak check [low]
-show-reachable=no|yes show reachable blocks in leak check? [no]
2、Memcheck 工具主要检查下面的程序错误
使用未初始化的内存 (Use of uninitialised memory)
使用已经释放了的内存 (Reading/writing memory after it has been free’d)
使用超过 malloc分配的内存空间(Reading/writing off the end of malloc’d blocks)
对堆栈的非法访问 (Reading/writing inappropriate areas on the stack)
申请的空间是否有释放 (Memory leaks – where pointers to malloc’d blocks are lost
forever)
malloc/free/new/delete申请和释放内存的匹配(Mismatched use of malloc/new/new [] vs
free/delete/delete [])
src和dst的重叠(Overlapping src and dst pointers in memcpy() and related functions)
3、示例(测试一个C)
#include
#include
int main()
{
struct mm{
int a;
int b;
}kk,*p;
kk.a = 10;
printf("kk.a : %d \n",kk.a);
p = (struct mm *)malloc(sizeof(struct mm));
p->a = 9;
printf("p->a : %d \n",p->a);
return 0;
}
操作如下:
[root@localhost ~]# vim hello.c
[root@localhost ~]# gcc -g -o hello hello.c
[root@localhost ~]# ./hello
结果如下:
然后用valgrind命令:
[root@localhost ~]# valgrind --tool=memcheck --leak-check=yes --show-reachable=yes ./hello
可以看出上面提示“malloc/free: 1 allocs, 0 frees, 8 bytes allocated.”,“definitely
lost: 8 bytes in 1 blocks.”。即丢失了8个字节。
PAGE
- 1 -
版权所有 不得外传
_1375603051/valgrind-3.3.1.tar.bz2
_1375603051/valgrind-3.3.1.tar
valgrind-3.3.1/VEX/pub/libvex_guest_amd64.h
/*---------------------------------------------------------------*/
/*--- ---*/
/*--- This file (libvex_guest_amd64.h) is ---*/
/*--- Copyright (C) OpenWorks LLP. All rights reserved. ---*/
/*--- ---*/
/*---------------------------------------------------------------*/
/*
This file is part of LibVEX, a library for dynamic binary
instrumentation and translation.
Copyright (C) 2004-2007 OpenWorks LLP. All rights reserved.
This library is made available under a dual licensing scheme.
If you link LibVEX against other code all of which is itself
licensed under the GNU General Public License, version 2 dated June
1991 ("GPL v2"), then you may use LibVEX under the terms of the GPL
v2, as appearing in the file LICENSE.GPL. If the file LICENSE.GPL
is missing, you can obtain a copy of the GPL v2 from the Free
Software Foundation Inc., 51 Franklin St, Fifth Floor, Boston, MA
02110-1301, USA.
For any other uses of LibVEX, you must first obtain a commercial
license from OpenWorks LLP. Please contact info@open-works.co.uk
for information about commercial licensing.
This software is provided by OpenWorks LLP "as is" and any express
or implied warranties, including, but not limited to, the implied
warranties of merchantability and fitness for a particular purpose
are disclaimed. In no event shall OpenWorks LLP be liable for any
direct, indirect, incidental, special, exemplary, or consequential
damages (including, but not limited to, procurement of substitute
goods or services; loss of use, data, or profits; or business
interruption) however caused and on any theory of liability,
whether in contract, strict liability, or tort (including
negligence or otherwise) arising in any way out of the use of this
software, even if advised of the possibility of such damage.
Neither the names of the U.S. Department of Energy nor the
University of California nor the names of its contributors may be
used to endorse or promote products derived from this software
without prior written permission.
*/
#ifndef __LIBVEX_PUB_GUEST_AMD64_H
#define __LIBVEX_PUB_GUEST_AMD64_H
#include "libvex_basictypes.h"
#include "libvex_emwarn.h"
/*---------------------------------------------------------------*/
/*--- Vex's representation of the AMD64 CPU state. ---*/
/*---------------------------------------------------------------*/
/* See detailed comments at the top of libvex_guest_x86.h for
further info. This representation closely follows the
x86 representation.
*/
typedef
struct {
/* 0 */ ULong guest_RAX;
/* 8 */ ULong guest_RCX;
/* 16 */ ULong guest_RDX;
/* 24 */ ULong guest_RBX;
/* 32 */ ULong guest_RSP;
/* 40 */ ULong guest_RBP;
/* 48 */ ULong guest_RSI;
/* 56 */ ULong guest_RDI;
/* 64 */ ULong guest_R8;
/* 72 */ ULong guest_R9;
/* 80 */ ULong guest_R10;
/* 88 */ ULong guest_R11;
/* 96 */ ULong guest_R12;
/* 104 */ ULong guest_R13;
/* 112 */ ULong guest_R14;
/* 120 */ ULong guest_R15;
/* 4-word thunk used to calculate O S Z A C P flags. */
/* 128 */ ULong guest_CC_OP;
/* 136 */ ULong guest_CC_DEP1;
/* 144 */ ULong guest_CC_DEP2;
/* 152 */ ULong guest_CC_NDEP;
/* The D flag is stored here, encoded as either -1 or +1 */
/* 160 */ ULong guest_DFLAG; /* 48 */
/* RIP */
/* 168 */ ULong guest_RIP;
/* Probably a lot more stuff too.
D,ID flags
16 128-bit SSE registers
all the old x87 FPU gunk
segment registers
*/
/* Bit 21 (ID) of eflags stored here, as either 0 or 1. */
ULong guest_IDFLAG;
/* HACK to make tls on amd64-linux work. %fs only ever seems to
hold zero, and so guest_FS_ZERO holds the 64-bit offset
associated with a %fs value of zero. */
ULong guest_FS_ZERO;
/* XMM registers */
ULong guest_SSEROUND;
U128 guest_XMM0;
U128 guest_XMM1;
U128 guest_XMM2;
U128 guest_XMM3;
U128 guest_XMM4;
U128 guest_XMM5;
U128 guest_XMM6;
U128 guest_XMM7;
U128 guest_XMM8;
U128 guest_XMM9;
U128 guest_XMM10;
U128 guest_XMM11;
U128 guest_XMM12;
U128 guest_XMM13;
U128 guest_XMM14;
U128 guest_XMM15;
/* FPU */
/* Note. Setting guest_FTOP to be ULong messes up the
delicately-balanced PutI/GetI optimisation machinery.
Therefore best to leave it as a UInt. */
UInt guest_FTOP;
ULong guest_FPREG[8];
UChar guest_FPTAG[8];
ULong guest_FPROUND;
ULong guest_FC3210;
/* Emulation warnings */
UInt guest_EMWARN;
/* Translation-invalidation area description. Not used on amd64
(there is no invalidate-icache insn), but needed so as to
allow users of the library to uniformly assume that the guest
state contains these two fields -- otherwise there is
compilation breakage. On amd64, these two fields are set to
zero by LibVEX_GuestAMD64_initialise and then should be
ignored forever thereafter. */
ULong guest_TISTART;
ULong guest_TILEN;
/* Used to record the unredirected guest address at the start of
a translation whose start has been redirected. By reading
this pseudo-register shortly afterwards, the translation can
find out what the corresponding no-redirection address was.
Note, this is only set for wrap-style redirects, not for
replace-style ones. */
ULong guest_NRADDR;
/* Padding to make it have an 8-aligned size */
/* UInt padding; */
}
VexGuestAMD64State;
/*---------------------------------------------------------------*/
/*--- Utility functions for amd64 guest stuff. ---*/
/*---------------------------------------------------------------*/
/* ALL THE FOLLOWING ARE VISIBLE TO LIBRARY CLIENT */
/* Initialise all guest amd64 state. The FPU is put in default
mode. */
extern
void LibVEX_GuestAMD64_initialise ( /*OUT*/VexGuestAMD64State* vex_state );
/* Extract from the supplied VexGuestAMD64State structure the
corresponding native %rflags value. */
extern
ULong LibVEX_GuestAMD64_get_rflags ( /*IN*/VexGuestAMD64State* vex_state );
#if 0
/* Convert a saved x87 FPU image (as created by fsave) and write it
into the supplied VexGuestX86State structure. The non-FP parts of
said structure are left unchanged.
*/
extern
void LibVEX_GuestX86_put_x87 ( /*IN*/UChar* x87_state,
/*OUT*/VexGuestX86State* vex_state );
/* Extract from the supplied VexGuestX86State structure, an x87 FPU
image. */
extern
void LibVEX_GuestX86_get_x87 ( /*IN*/VexGuestX86State* vex_state,
/*OUT*/UChar* x87_state );
/* Given a 32-bit word containing native x86 %eflags values, set the
eflag-related fields in the supplied VexGuestX86State accordingly.
All other fields are left unchanged. */
extern
void LibVEX_GuestX86_put_eflags ( UInt eflags_native,
/*OUT*/VexGuestX86State* vex_state );
#endif /* 0 */
#endif /* ndef __LIBVEX_PUB_GUEST_AMD64_H */
/*---------------------------------------------------------------*/
/*--- libvex_guest_amd64.h ---*/
/*---------------------------------------------------------------*/
valgrind-3.3.1/VEX/pub/libvex_ir.h
/*---------------------------------------------------------------*/
/*--- ---*/
/*--- This file (libvex_ir.h) is ---*/
/*--- Copyright (C) OpenWorks LLP. All rights reserved. ---*/
/*--- ---*/
/*---------------------------------------------------------------*/
/*
This file is part of LibVEX, a library for dynamic binary
instrumentation and translation.
Copyright (C) 2004-2007 OpenWorks LLP. All rights reserved.
This library is made available under a dual licensing scheme.
If you link LibVEX against other code all of which is itself
licensed under the GNU General Public License, version 2 dated June
1991 ("GPL v2"), then you may use LibVEX under the terms of the GPL
v2, as appearing in the file LICENSE.GPL. If the file LICENSE.GPL
is missing, you can obtain a copy of the GPL v2 from the Free
Software Foundation Inc., 51 Franklin St, Fifth Floor, Boston, MA
02110-1301, USA.
For any other uses of LibVEX, you must first obtain a commercial
license from OpenWorks LLP. Please contact info@open-works.co.uk
for information about commercial licensing.
This software is provided by OpenWorks LLP "as is" and any express
or implied warranties, including, but not limited to, the implied
warranties of merchantability and fitness for a particular purpose
are disclaimed. In no event shall OpenWorks LLP be liable for any
direct, indirect, incidental, special, exemplary, or consequential
damages (including, but not limited to, procurement of substitute
goods or services; loss of use, data, or profits; or business
interruption) however caused and on any theory of liability,
whether in contract, strict liability, or tort (including
negligence or otherwise) arising in any way out of the use of this
software, even if advised of the possibility of such damage.
Neither the names of the U.S. Department of Energy nor the
University of California nor the names of its contributors may be
used to endorse or promote products derived from this software
without prior written permission.
*/
#ifndef __LIBVEX_IR_H
#define __LIBVEX_IR_H
#include "libvex_basictypes.h"
/*---------------------------------------------------------------*/
/*--- High-level IR description ---*/
/*---------------------------------------------------------------*/
/* Vex IR is an architecture-neutral intermediate representation.
Unlike some IRs in systems similar to Vex, it is not like assembly
language (ie. a list of instructions). Rather, it is more like the
IR that might be used in a compiler.
Code blocks
~~~~~~~~~~~
The code is broken into small code blocks ("superblocks", type:
'IRSB'). Each code block typically represents from 1 to perhaps 50
instructions. IRSBs are single-entry, multiple-exit code blocks.
Each IRSB contains three things:
- a type environment, which indicates the type of each temporary
value present in the IRSB
- a list of statements, which represent code
- a jump that exits from the end the IRSB
Because the blocks are multiple-exit, there can be additional
conditional exit statements that cause control to leave the IRSB
before the final exit. Also because of this, IRSBs can cover
multiple non-consecutive sequences of code (up to 3). These are
recorded in the type VexGuestExtents (see libvex.h).
Statements and expressions
~~~~~~~~~~~~~~~~~~~~~~~~~~
Statements (type 'IRStmt') represent operations with side-effects,
eg. guest register writes, stores, and assignments to temporaries.
Expressions (type 'IRExpr') represent operations without
side-effects, eg. arithmetic operations, loads, constants.
Expressions can contain sub-expressions, forming expression trees,
eg. (3 + (4 * load(addr1)).
Storage of guest state
~~~~~~~~~~~~~~~~~~~~~~
The "guest state" contains the guest registers of the guest machine
(ie. the machine that we are simulating). It is stored by default
in a block of memory supplied by the user of the VEX library,
generally referred to as the guest state (area). To operate on
these registers, one must first read ("Get") them from the guest
state into a temporary value. Afterwards, one can write ("Put")
them back into the guest state.
Get and Put are characterised by a byte offset into the guest
state, a small integer which effectively gives the identity of the
referenced guest register, and a type, which indicates the size of
the value to be transferred.
The basic "Get" and "Put" operations are sufficient to model normal
fixed registers on the guest. Selected areas of the guest state
can be treated as a circular array of registers (type:
'IRRegArray'), which can be indexed at run-time. This is done with
the "GetI" and "PutI" primitives. This is necessary to describe
rotating register files, for example the x87 FPU stack, SPARC
register windows, and the Itanium register files.
Examples, and flattened vs. unflattened code
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For example, consider this x86 instruction:
addl %eax, %ebx
One Vex IR translation for this code would be this:
------ IMark(0x24F275, 7) ------
t3 = GET:I32(0) # get %eax, a 32-bit integer
t2 = GET:I32(12) # get %ebx, a 32-bit integer
t1 = Add32(t3,t2) # addl
PUT(0) = t1 # put %eax
(For simplicity, this ignores the effects on the condition codes, and
the update of the instruction pointer.)
The "IMark" is an IR statement that doesn't represent actual code.
Instead it indicates the address and length of the original
instruction. The numbers 0 and 12 are offsets into the guest state
for %eax and %ebx. The full list of offsets for an architecture
can be found in the type VexGuestState in the file
VEX/pub/libvex_guest_.h.
The five statements in this example are:
- the IMark
- three assignments to temporaries
- one register write (put)
The six expressions in this example are:
- two register reads (gets)
- one arithmetic (add) operation
- three temporaries (two nested within the Add32, one in the PUT)
The above IR is "flattened", ie. all sub-expressions are "atoms",
either constants or temporaries. An equivalent, unflattened version
would be:
PUT(0) = Add32(GET:I32(0), GET:I32(12))
IR is guaranteed to be flattened at instrumentation-time. This makes
instrumentation easier. Equivalent flattened and unflattened IR
typically results in the same generated code.
Another example, this one showing loads and stores:
addl %edx,4(%eax)
This becomes (again ignoring condition code and instruction pointer
updates):
------ IMark(0x4000ABA, 3) ------
t3 = Add32(GET:I32(0),0x4:I32)
t2 = LDle:I32(t3)
t1 = GET:I32(8)
t0 = Add32(t2,t1)
STle(t3) = t0
The "le" in "LDle" and "STle" is short for "little-endian".
No need for deallocations
~~~~~~~~~~~~~~~~~~~~~~~~~
Although there are allocation f