Article

Using Valgrind to detect undefined value errors with bit-precision

Authors:

Nicholas NethercoteAuthors Info & Claims

ATEC '05: Proceedings of the annual conference on USENIX Annual Technical Conference

Page 2

Published: 10 April 2005 Publication History

Abstract

We present Memcheck, a tool that has been implemented with the dynamic binary instrumentation framework Valgrind. Memcheck detects a wide range of memory errors in programs as they run. This paper focuses on one kind of error that Memcheck detects: undefined value errors. Such errors are common, and often cause bugs that are hard to find in programs written in languages such as C, C++ and Fortran. Memcheck's definedness checking improves on that of previous tools by being accurate to the level of individual bits. This accuracy gives Memcheck a low false positive and false negative rate.

The definedness checking involves shadowing every bit of data in registers and memory with a second bit that indicates if the bit has a defined value. Every value-creating operation is instrumented with a shadow operation that propagates shadow bits appropriately. Memcheck uses these shadow bits to detect uses of undefined values that could adversely affect a program's behaviour.

Under Memcheck, programs typically run 20-30 times slower than normal. This is fast enough to use with large programs. Memcheck finds many errors in real programs, and has been used during the past two years by thousands of programmers on a wide range of systems, including OpenOffice, Mozilla, Opera, KDE, GNOME, MySQL, Perl, Samba, The GIMP, and Unreal Tournament.

References

[1]

{1} Michael D. Ernst. Static and dynamic analysis: synergy and duality. In Proceedings of WODA 2003, pages 6-9, Portland, Oregon, May 2003.

[2]

{2} Eric Estievenart. Valgui, a GPL front-end for Valgrind. http://valgui.sf.net/.

[3]

{3} Reed Hastings and Bob Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference, pages 125-136, San Francisco, California, USA, January 1992.

[4]

{4} J. C. Huang. Detection of data flow anomaly through program instrumentation. IEEE Transactions on Software Engineering, 5(3):226-236, May 1979.

[5]

{5} Willett Kempton and Brian A. Wichmann. Run-time detection of undefined variables considered essential. Software--Practice and Experience, 20(4):391-402, April 1990.

[6]

{6} Paul Mackerras. Re: Valgrind for PowerPC. Message to the valgrind-developers mailing list, March 2004.

[7]

{7} Jonas Maebe and Koen De Bosschere. Instrumenting self-modifying code. In Proceedings of AADE- BUG2003, Ghent, Belgium, September 2003.

[8]

{8} Dorit Naishlos. Autovectorisation in GCC. In Proceedings of the 2004 GCC Developers' Summit, Ottawa, Canada, June 2004.

[9]

{9} Nicholas Nethercote. Dynamic Binary Analysis and Instrumentation. PhD thesis, Computer Laboratory, University of Cambridge, United Kingdom, November 2004.

[10]

{10} Nicholas Nethercote and Julian Seward. Valgrind: A program supervision framework. In Proceedings of RV'03, Boulder, Colorado, USA, July 2003.

[11]

{11} Openoffice.org issue 20184, 2003. http://www.openoffice.org/ issues/show_bug.cgi?id=20184.

[12]

{12} Parasoft. Automatic C/C++ application testing with Parasoft Insure++. White paper.

[13]

{13} Jens-Heiner Rechtien. Validating and debugging openoffice.org with valgrind, 2003. http://tools.openoffice.org/ debugging/usingvalgrind.sxw.

[14]

{14} Julian Seward, Nicholas Nethercote, Jeremy Fitzhardinge, et al. Valgrind. http://www.valgrind.org/.

[15]

{15} Amitabh Srivastava and Alan Eustace. ATOM: A system for building customized program analysis tools. In Proceedings of PLDI '94, pages 196-205, Orlando, Florida, USA, June 1994.

[16]

{16} Standard Performance Evaluation Corporation. SPEC CPU2000 benchmarks. http://www.spec.org/.

[17]

{17} Jeffrey Stedfast. Alleyoop. http://alleyoop.sf.net/.

[18]

{18} Third Degree User Manual, May 1994.

[19]

{19} Josef Weidendorfer. KCachegrind. http://kcachegrind.sf.net/.

Cited By

Karakaš AHelic DMonga MLonati VBarendsen ESheard JPaterson J(2024)Combining Local Testing with Automatic Commits: Benefits for Progress Tracking and CS2 Students' Learning ExperienceProceedings of the 2024 on Innovation and Technology in Computer Science Education V. 110.1145/3649217.3653561(108-114)Online publication date: 3-Jul-2024
https://dl.acm.org/doi/10.1145/3649217.3653561
Kuliamin V(2024)A Survey of Software Dynamic Analysis MethodsProgramming and Computing Software10.1134/S036176882401007950:1(90-114)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1134/S0361768824010079
Koschel JBorrello PD'Elia DBos HGiuffrida CCalandrino JTroncoso C(2023)UNCONTAINEDProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620520(5055-5072)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620520
Show More Cited By

Index Terms

Using Valgrind to detect undefined value errors with bit-precision
1. Software and its engineering

Recommendations

Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 PLDI conference

Dynamic binary instrumentation (DBI) frameworks make it easy to build dynamic binary analysis (DBA) tools such as checkers and profilers. Much of the focus on DBI frameworks has been on performance; little attention has been paid to their capabilities. ...
Valgrind: a framework for heavyweight dynamic binary instrumentation
PLDI '07: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation

Dynamic binary instrumentation (DBI) frameworks make it easy to build dynamic binary analysis (DBA) tools such as checkers and profilers. Much of the focus on DBI frameworks has been on performance; little attention has been paid to their capabilities. ...
Valgrind 3.3 - Advanced Debugging and Profiling for GNU/Linux applications

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

ATEC '05: Proceedings of the annual conference on USENIX Annual Technical Conference

April 2005

588 pages

Publisher

USENIX Association

United States

Publication History

Published: 10 April 2005

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

154
Total Citations
View Citations
62
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Karakaš AHelic DMonga MLonati VBarendsen ESheard JPaterson J(2024)Combining Local Testing with Automatic Commits: Benefits for Progress Tracking and CS2 Students' Learning ExperienceProceedings of the 2024 on Innovation and Technology in Computer Science Education V. 110.1145/3649217.3653561(108-114)Online publication date: 3-Jul-2024
https://dl.acm.org/doi/10.1145/3649217.3653561
Kuliamin V(2024)A Survey of Software Dynamic Analysis MethodsProgramming and Computing Software10.1134/S036176882401007950:1(90-114)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1134/S0361768824010079
Koschel JBorrello PD'Elia DBos HGiuffrida CCalandrino JTroncoso C(2023)UNCONTAINEDProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620520(5055-5072)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620520
Chen ZYan RMa YSui YXue J(2023)A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory SafetyACM Transactions on Software Engineering and Methodology10.1145/363722733:4(1-47)Online publication date: 11-Dec-2023
https://dl.acm.org/doi/10.1145/3637227
Ly DKosmatov NLoulergue FSignoles J(2023)Sound Runtime Assertion Checking for Memory Properties via Program TransformationFormal Aspects of Computing10.1145/360595136:1(1-46)Online publication date: 31-Jul-2023
https://dl.acm.org/doi/10.1145/3605951
Li YTan WLv ZYang SPayer MLiu YZhang CYin HStavrou ACremers CShi E(2022)PACMemProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560598(1901-1915)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560598
Ma JZuo GLoughlin KZhang HQuinn AKasikci BFalsafi BFerdman MLu SWenisch T(2022)Debugging in the brave new world of reconfigurable hardwareProceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3503222.3507701(946-962)Online publication date: 28-Feb-2022
https://dl.acm.org/doi/10.1145/3503222.3507701
Jiang YYap RLiang ZRosier HSuga YSakurai KDing XSako K(2022)RecIPE: Revisiting the Evaluation of Memory Error DefensesProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3524127(574-588)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1145/3488932.3524127
Munsters APupo ABauwens JBoix E(2021)Oron: Towards a Dynamic Analysis Instrumentation Platform for AssemblyScriptCompanion Proceedings of the 5th International Conference on the Art, Science, and Engineering of Programming10.1145/3464432.3464780(6-13)Online publication date: 22-Mar-2021
https://dl.acm.org/doi/10.1145/3464432.3464780
Chen ZWang CYan JSui YXue JCadar CZhang X(2021)Runtime detection of memory errors with smart statusProceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3460319.3464807(296-308)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3460319.3464807
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents