valgrind 是如何工作的?
有人可以快速解释 Valgrind 的工作原理吗?举个例子:它如何知道内存何时被分配和释放?
Can someone provide a quick top level explanation of how Valgrind works? An example: how does it know when memory is allocated and freed?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
Valgrind 基本上在“沙箱”中运行您的应用程序。在此沙箱中运行时,它能够插入自己的指令来进行高级调试和分析。
从手册中:
基本上,valgrind 提供了一个执行您的应用程序的虚拟处理器。但是,在处理您的应用程序指令之前,它们会被传递给工具(例如 memcheck)。这些工具有点像插件,它们能够在您的应用程序在处理器上运行之前对其进行修改。
这种方法的优点是您根本不需要修改或重新链接您的程序即可在 valgrind 中运行它。它确实会导致您的程序运行速度变慢,但是 valgrind 并不意味着测量性能或在应用程序的正常执行期间运行,因此这并不是真正的问题。
Valgrind basically runs your application in a "sandbox." While running in this sandbox, it is able to insert its own instructions to do advanced debugging and profiling.
From the manual:
So basically, valgrind provides a virtual processor that executes your application. However, before your application instructions are processed, they are passed to tools (such as memcheck). These tools are kind of like plugins, and they are able to modify your application before it is run on the processor.
The great thing about this approach is that you don't have to modify or relink your program at all to run it in valgrind. It does cause your program to run slower, however valgrind isn't meant to measure performance or run during normal execution of your application, so this isn't really an issue.
Valgrind 是一种动态二进制分析 (DPA) 工具,它使用动态二进制检测 (DPI) 框架来检查内存分配、检测死锁并分析应用程序。 DPI 框架有自己的低级内存管理器、调度程序、线程处理程序和信号处理程序。 Valgrind 工具套件包括 Memcheck 等工具
Valgrind 工具使用反汇编和重新合成机制,将应用程序加载到进程中,反汇编应用程序代码,添加用于分析的检测代码,将其组装回来并执行应用程序。它使用 Just Intime 编译器 (JIT) 将检测代码嵌入到应用程序中。
Valgrind Core 反汇编应用程序代码并将代码片段传递给工具插件进行检测。工具插件添加分析代码并将其组装回来。因此,Valgrind 提供了在 Valgrind 框架之上编写我们自己的工具的灵活性。 Valgrind 使用影子寄存器和影子内存来检测读/写指令、读/写系统调用、堆栈和堆分配。
Valgrind 提供了系统调用的包装器,并为每个系统调用的前回调和后回调注册,以跟踪作为系统调用一部分访问的内存。因此,Valgrind 是操作系统和客户端应用程序之间的操作系统抽象层。
该图说明了 Valgrind 的 8 个阶段:
Valgrind is a Dynamic Binary Analysis (DPA) tool that uses Dynamic Binary Instrumentation (DPI) framework to check memory allocation, to detect deadlocks and to profile the applications. DPI framework has its own low level memory manager, scheduler, thread handler and signal handler. Valgrind tool suite includes tool like
Valgrind tool uses disassemble and resynthesize mechanism where it loads the application into a process, disassembles the application code, add the instrumentation code for analysis, assembles it back and executes the application. It uses Just Intime Compiler (JIT) to embed the application with the instrumentation code.
Valgrind Core disassembles the application code and passes the code fragment to tool plugin for instrumentation. The tool plugin adds the analysis code and assembles it back. Thus, Valgrind provides the flexibility to write our own tool on top of the Valgrind framework. Valgrind uses shadow registers and shadow memory to instrument read/write instructions, read/write system call, stack and heap allocations.
Valgrind provides wrappers around the system call and registers for pre and post callbacks for every system call to track the memory accessed as part of the system call. Thus, Valgrind is a OS abstraction layer between the operating system and the client application.
The diagram illustrates the 8 phases of Valgrind :
在这里您可以找到一些不错的信息:
Here you can find some nice info:
valgrind 位于程序和操作系统之间的一层,拦截对操作系统请求内存分配(释放)的调用,并记录正在操作的内容,然后实际分配内存并传回等效内存。这本质上是大多数代码分析器的工作方式,除了低得多的级别(系统调用而不是程序函数调用)。
valgrind sits as a layer between your program and the OS, intercepting calls to the OS requesting memory (de)allocation and recording what is being manipulated before then actually allocating the memory and passing back an equivalent. It's essentially how most code profilers work, except at a much lower level (system calls instead of program function calls).
Valgrind 基本上是一个执行程序的虚拟机。它是一个虚拟架构,拦截每个分配/释放内存的调用。
Valgrind is basically a virtual machine that executes your program. It is a virtual architecture that intercepts each call to allocate/free memory.