|
From: Robert W. <rj...@du...> - 2005-03-06 03:00:38
|
CVS commit by rjwalsh: Valgrind manual page. This should be mostly done now. M +285 -94 valgrind.1 1.3 --- valgrind/docs/valgrind.1 #1.2:1.3 @@ -12,5 +12,5 @@ .SH DESCRIPTION -\fIvalgrind\fP is a flexible program for debugging and profiling Linux-x86 +\fBvalgrind\fP is a flexible program for debugging and profiling Linux-x86 executables. It consists of a core, which provides a synthetic x86 CPU in software, and a series of "tools", each of which is a debugging or @@ -20,5 +20,55 @@ .PP This manual page covers only basic usage and options. Please see the -html documentation for more comprehensive information. +HTML documentation for more comprehensive information. + +.SH INVOCATION +\fBvalgrind\fP is typically invoked as follows: + + valgrind program args + +This runs \fBprogram\fP (with arguments \fBargs\fP) under valgrind using +the \fBmemcheck\fP tool. To use a different tool, use the \fB--tool\fP +option: + + valgrind --tool=addrcheck program args + +The following tools are available: + +.RS +.TP +.B +- addrcheck +\fBaddrcheck\fP is similar to memcheck, but does not perform the same +granularity of memory checking. +.TP +.B +- cachegrind +\fBcachegrind\fP is a cache simulator. +." .TP +." .B +." - helgrind +." \fBhelgrind\fP spots potential race conditions in your program. +.TP +.B +- lackey +\fBlackey\fP is a sample tool that can be used as a template for +generating your own tools. After the program terminates, it prints out +some basic statistics about the program execution. +.TP +.B +- massif +\fBmassif\fP is a heap profiler. It measures how much heap memory your +program uses. +.TP +.B +- memcheck +\fBmemcheck\fP is a fine-grained memory checker. +.TP +.B +- none +\fBnone\fP performs no function - it simply runs the program under +\fBvalgrind\fP. This is typically used for debugging and benchmarking +\fBvalgrind\fP. +.RE .SH COMMON CORE OPTIONS @@ -27,5 +77,5 @@ .B --db-attach=<yes|no> [default: no] -When enabled, \fIvalgrind\fP will pause after every error shown and +When enabled, \fBvalgrind\fP will pause after every error shown and print the line: @@ -39,10 +89,10 @@ .RS -Pressing Ret, or N Ret or n Ret, causes \fIvalgrind\fP not to start a +Pressing Ret, or N Ret or n Ret, causes \fBvalgrind\fP not to start a debugger for this error. .PP -Pressing Y Ret or y Ret causes \fIvalgrind\fP to start the debugger -(specified by the \fI--db-command\fP option) for the program at this +Pressing Y Ret or y Ret causes \fBvalgrind\fP to start the debugger +(specified by the \fB--db-command\fP option) for the program at this point. When you have finished with the debugger, quit from it, and the program will continue. Trying to continue from inside the debugger @@ -50,10 +100,10 @@ .PP -Pressing C Ret or c Ret causes \fIvalgrind\fI not to start the debugger -and \fIvalgrind\fP will not ask again. +Pressing C Ret or c Ret causes \fBvalgrind\fP not to start the debugger +and \fBvalgrind\fP will not ask again. .PP --db-attach=yes conflicts with --trace-children=yes. You can't use them -together. \fIvalgrind\fP refuses to start up in this situation. 1 May +together. \fBvalgrind\fP refuses to start up in this situation. 1 May 2002: this is a historical relic which could be easily fixed if it gets in your way. Mail me and complain if this is a problem for you. @@ -69,11 +119,11 @@ Specify the debugger to use with the --db-attach command. The default debugger is gdb. This option is a template that is expanded by -\fIvalgrind\fP at runtime. \fI%f\fP is replaced with the executable's -file name and \fI%p\fP is replaced by the process ID of the executable. +\fBvalgrind\fP at runtime. \fB%f\fP is replaced with the executable's +file name and \fB%p\fP is replaced by the process ID of the executable. .TP .B --error-limit=<yes|no> [default: yes] -When enabled, \fIvalgrind\fP stops reporting errors after 30000 in total, +When enabled, \fBvalgrind\fP stops reporting errors after 30000 in total, or 300 different ones, have been seen. This is to stop the error tracking machinery from becoming a huge performance overhead in programs with @@ -83,5 +133,5 @@ --gen-suppressions=<yes|no> [default: no] -When enabled, \fIvalgrind\fP will pause after every error shown and +When enabled, \fBvalgrind\fP will pause after every error shown and print the line: @@ -104,5 +154,5 @@ .P Pressing C Ret or c Ret will cause no suppression to be printed and -\fIvalgrind\fP will not ask again. +\fBvalgrind\fP will not ask again. .RE @@ -110,17 +160,16 @@ .B -h --help -Show help for all \fIoptions\fP, both for the core and for the selected -tool. +Show help for all options, both for the core and for the selected tool. .TP .B --help-debug -Show help for all \fIoptions\fP, both for the core and for the selected -tool, including options for debugging \fIvalgrind\fP. +Show help for all options, both for the core and for the selected tool, +including options for debugging \fBvalgrind\fP. .TP .B --log-file=<filename> -Specifies that \fIvalgrind\fP should send all of its messages to the +Specifies that \fBvalgrind\fP should send all of its messages to the specified file. In fact, the file name used is created by concatenating the text filename, ".pid" and the process ID, so as to create a file @@ -130,5 +179,5 @@ .B --num-callers=<number> [default=12] -By default, \fIvalgrind\fP shows four levels of function call names to +By default, \fBvalgrind\fP shows 12 levels of function call names to help you identify program locations. You can change that number with this option. This can help in determining the program's location in @@ -141,5 +190,5 @@ .PP The maximum value for this is 50. Note that higher settings will make -\fIvalgrind\fP run a bit more slowly and take a bit more memory, but +\fBvalgrind\fP run a bit more slowly and take a bit more memory, but can be useful when working with programs with deeply-nested call chains. .RE @@ -153,5 +202,5 @@ .TP .B ---suppressions=<filename> [default: $PREFIX/lib/\fIvalgrind\fP/default.supp] +--suppressions=<filename> [default: $PREFIX/lib/\fBvalgrind\fP/default.supp] Specifies an extra file from which to read descriptions of errors to suppress. You may specify up to 10 additional suppression files. @@ -160,76 +209,216 @@ .B --tool=<toolname> [default: memcheck] -Specify which tool to use. The default tool is memcheck. The following -tools are available: +Specify which tool to use. The default tool is memcheck. -.RS .TP .B -- addrcheck -\fIaddrcheck\fP is similar to memcheck, but does not perform the same -granularity of memory checking. +--trace-children=<yes|no> [default: no] +When enabled, \fBvalgrind\fP will trace into child processes. This is +confusing and usually not what you want, so is disabled by default. + .TP .B -- cachegrind -\fIcachegrind\fP is a cache simulator. +--track-fds=<yes|no> [default: no] +Track file descriptor creation and deletion and produce a summary at the +end of the program execution of file descriptors that are still in use. + .TP .B -- helgrind -\fIhelgrind\fP spots potential race conditions in your program. +-v --verbose +Be more verbose. Gives extra information on various aspects of your +program, such as: the shared objects loaded, the suppressions used, +the progress of the instrumentation and execution engines, and warnings +about unusual behaviour. Repeating the flag increases the verbosity level. + .TP .B -- lackey -\fIlackey\fP is a sample tool that can be used as a template for -generating your own tools. +--version +Show the version number of the \fBvalgrind\fP core. Tools can have +their own version numbers. There is a scheme in place to ensure that +tools only execute when the core version is one they are known to work +with. This was done to minimise the chances of strange problems arising +from tool-vs-core version incompatibilities. + +.SH ADDRCHECK OPTIONS + .TP .B -- massif -\fImassif\fP is a heap profiler. It measures how much heap memory your -program uses. +--freelist-vol=<number> [default: 1000000] +When the client program releases memory using free (in C) or delete +(C++), that memory is not immediately made available for re-allocation. +Instead it is marked inaccessible and placed in a queue of freed blocks. +The purpose is to delay the point at which freed-up memory comes back +into circulation. This increases the chance that \fBaddrcheck\fP will +be able to detect invalid accesses to blocks for some significant period +of time after they have been freed. + +.RS +This flag specifies the maximum total size, in bytes, of the blocks in +the queue. The default value is one million bytes. Increasing this +increases the total amount of memory used by \fBaddrcheck\fP but may +detect invalid uses of freed blocks which would otherwise go undetected. +.RE + .TP .B -- memcheck -\fImemcheck\fP is a fine-grained memory checker. +--leak-check=<yes|no|summary|full> [default: summary] +Enables full, summary or no leak checking. When full (\fBfull\fP or +\fByes\fP options) checking is performed, details on all leaked blocks +are printed after the program finishes executing. When summary checking +is enabled, a summary of all leaked memory is printed. When no leak +checking is performed, no leaked memory details are produced. Disabling +leak checking can speed up your program execution. + .TP .B -- none -\fInone\fP performs no function - it simply runs the program under -\fIvalgrind\fP. +--leak-resolution=<low|med|high> [default: low] +When doing leak checking, determines how willing \fBaddrcheck\fP is to +consider different backtraces to be the same. When set to \fBlow\fP, +the default, only the first two entries need match. When \fBmed\fP, +four entries have to match. When \fBhigh\fP, all entries need to match. + +.TP +.B +--partial-loads-ok=<yes|no> [default: yes] +Controls how \fBaddrcheck\fP handles word (4-byte) loads from addresses +for which some bytes are addressible and others are not. When enabled, +such loads do not elicit an address error. Instead, \fBaddrcheck\fP +considers the bytes corresponding to the illegal addresses as undefined, +and those corresponding to legal addresses are considered defined. + +.RS +When disabled, loads from partially invalid addresses are treated the +same as loads from completely invalid addresses: an illegal-address error +is issued, and the \fBaddrcheck\fP considers all bytes as invalid data. .RE .TP .B ---trace-children=<yes|no> [default: no] -When enabled, \fIvalgrind\fP will trace into child processes. This is -confusing and usually not what you want, so is disabled by default. +--show-reachable=<yes|no> [default: no] +When performing full leak checking, print out details of blocks that are +leaked but still reachable. For details of what a reachable block is, +see the HTML documentation. .TP .B ---track-fds=<yes|no> [default: no] -Track file descriptor creation and deletion and produce a summary at the -end of the program execution of file descriptors that are still in use. +--workaround-gcc296-bugs=<yes|no> [default: no] +When enabled, assume that reads and writes some small distance below +the stack pointer \fB%esp\fP are due to bugs in gcc 2.96, and does not +report them. The "small distance" is 256 bytes by default. Note that gcc +2.96 is the default compiler on some older Linux distributions (RedHat +7.X, Mandrake) and so you may well need to use this flag. Do not use +it if you do not have to, as it can cause real errors to be overlooked. +Another option is to use a gcc/g++ which does not generate accesses below +the stack pointer. 2.95.3 seems to be a good choice in this respect. + +.SH MEMCHECK OPTIONS +\fBmemcheck\fP understands the same options as \fBaddrcheck\fP, along +with the following options: .TP .B --v --verbose -Be more verbose. Gives extra information on various aspects of your -program, such as: the shared objects loaded, the suppressions used, -the progress of the instrumentation and execution engines, and warnings -about unusual behaviour. Repeating the flag increases the verbosity level. +--avoid-strlen-errors=<yes|no> [default: yes] +Enable or disable a heuristic for dealing with highly-optimized versions +of \fBstrlen\fP. These versions of \fBstrlen\fP can cause spurious +errors to be reported by \fBmemcheck\fP, so it's usually a good idea to +leave this enabled. .TP .B ---version -Show the version number of the \fIvalgrind\fP core. Tools can have -their own version numbers. There is a scheme in place to ensure that -tools only execute when the core version is one they are known to work -with. This was done to minimise the chances of strange problems arising -from tool-vs-core version incompatibilities. +--cleanup=<yes|no> [default: yes] +\fBThis is a flag to help debug valgrind itself. It is of no use to +end-users\fP. When enabled, various improvments are applied to the +post-instrumented intermediate code, aimed at removing redundant value +checks. + +.SH CACHEGRIND OPTIONS + +.TP +.B +--D1=<size>,<associativity>,<line size> +Specify the size, associativity and line size of the level 1 data cache. +All values are measured in bytes. If this options is not specified, +the system value (as retrieved by the \fBCPUID\fP instruction) is used. + +.TP +.B +--I1=<size>,<associativity>,<line size> +Specify the size, associativity and line size of the level 1 instruction +cache. All values are measured in bytes. If this options is not +specified, the system value (as retrieved by the \fBCPUID\fP instruction) +is used. + +.TP +.B +--L2=<size>,<associativity>,<line size> +Specify the size, associativity and line size of the level 2 cache. +All values are measured in bytes. If this options is not specified, +the system value (as retrieved by the \fBCPUID\fP instruction) is used. + +.SH MASSIF OPTIONS + +.TP +.B +--alloc-fn=<name> +Specify a function that allocates memory. This is useful for functions +that are wrappers to \fBmalloc()\fP, which can fill up the context +information uselessly (and give very uninformative bands on the graph). +Functions specified will be ignored in contexts, i.e. treated as though +they were \fBmalloc()\fP. This option can be specified multiple times +on the command line, to name multiple functions. + +.TP +.B +--depth=<number> [default: 3] +Depth of call chains to present in the detailed heap information. +Increasing it will give more information, but \fBmassif\fP will run the +program more slowly, using more memory, and produce a bigger \fB.txt\fP +or \fB.hp\fP file. + +.TP +.B +--format=<text|html> [default: text] +Produce the detailed heap information in text or HTML format. The file +suffix used will be either \fB.txt\fP or \fB.html\fP. + +.TP +.B +--heap=<yes|no> [default: yes] +When enabled, profile heap usage in detail. Without it, the \fB.txt\fP +or \fB.html\fP file will be very short. + +.TP +.B +--heap-admin=<number> [default: 8] +The number of admin bytes per block to use. This can only be an +estimate of the average, since it may vary. The allocator used +by \fBglibc\fP requires somewhere between 4 to 15 bytes per block, +depending on various factors. It also requires admin space for freed +blocks, although \fBmassif\fP does not count this. + +.TP +.B +--stacks=<yes|no> [default: yes] +When enabled, include stack(s) in the profile. Threaded programs can +have multiple stacks. + +.SH HELGRIND OPTIONS + +.TP +.B +--private-stacks=<yes|no> [default: no] +Assume thread stacks are used privately. + +.TP +.B +--show-last-access=<yes|some|no> [default: no] +Show location of last word access on error. .SH LESS FREQUENTLY USED CORE OPTIONS + .TP .B --alignment=<number> [default: 8] -By default \fIvalgrind\fP's malloc, realloc, etc, return 8-byte aligned +By default \fBvalgrind\fP's malloc, realloc, etc, return 8-byte aligned addresses. These are suitable for any accesses on x86 processors. Some programs might however assume that malloc et al return 16- or more @@ -259,18 +448,18 @@ .B --command-line-only=<yes|no> [default: no] -Normally, \fIvalgrind\fP will look for command-line options in the +Normally, \fBvalgrind\fP will look for command-line options in the following locations: .RS .TP -- The \fIvalgrind\fP command line +- The \fBvalgrind\fP command line .TP -- The \fI\.valgrindrc\fP file in the invocation directory +- The \fB\.valgrindrc\fP file in the invocation directory .TP -- The \fI\.valgrindrc\fP file in users home directory +- The \fB\.valgrindrc\fP file in users home directory .TP -- The \fI$VALGRIND_OPTS\fP environment variable +- The \fB$VALGRIND_OPTS\fP environment variable .P -When this option is enabled, \fIvalgrind\fP will only look at the command +When this option is enabled, \fBvalgrind\fP will only look at the command line for options. .RE @@ -280,5 +469,5 @@ --demangle=<yes|no> [default: yes] Enable or disable automatic demangling (decoding) of C++ names. Enabled by -default. When enabled, \fIvalgrind\fP will attempt to translate encoded +default. When enabled, \fBvalgrind\fP will attempt to translate encoded C++ procedure names back to something approaching the original. The demangler handles symbols mangled by g++ versions 2.X and 3.X. @@ -288,5 +477,5 @@ --dump-error=<number> After the program has exited, show gory details of the translation of -the basic block containing the \fI<number>\fP'th error context. When +the basic block containing the \fB<number>\fP'th error context. When used with --single-step=yes, can show the exact x86 instruction causing an error. This is all fairly dodgy and doesn't work at all if threads @@ -297,6 +486,6 @@ --exec=<filename> Specify the executable to run. If this is specified, it takes precedence -over the \fIyour-program\fP executable from the command-line. If this is -not specified, \fIvalgrind\fP searches the path for the \fIyour-program\fP +over the \fByour-program\fP executable from the command-line. If this is +not specified, \fBvalgrind\fP searches the path for the \fByour-program\fP executable, just like a regular shell would. @@ -305,10 +494,10 @@ --input-fd=<number> [default: 0, stdin] Specify the file descriptor to use for reading input from the user. This -is used whenever \fIvalgrind\fP needs to prompt the user for a decision. +is used whenever \fBvalgrind\fP needs to prompt the user for a decision. .TP .B --log-fd=<number> [default: 2, stderr] -Specifies that \fIvalgrind\fP should send all of its messages to +Specifies that \fBvalgrind\fP should send all of its messages to the specified file descriptor. The default, 2, is the standard error channel (stderr). Note that this may interfere with the client's own @@ -318,10 +507,10 @@ .B --log-socket=<ip-address:port-number> -Specifies that \fIvalgrind\fP should send all of its messages to the +Specifies that \fBvalgrind\fP should send all of its messages to the specified port at the specified IP address. The port may be omitted, in which case port 1500 is used. If a connection cannot be made to -the specified socket, \fIvalgrind\fP falls back to writing output to +the specified socket, \fBvalgrind\fP falls back to writing output to the standard error (stderr). This option is intended to be used in -conjunction with the \fIvalgrind-listener\fP program. For further details, +conjunction with the \fBvalgrind-listener\fP program. For further details, see section 2.3 of the user manual. @@ -338,5 +527,5 @@ When enabled, enforces client address space limits. If this option is disabled, the client program has full and unfettered access to the part -of the address space used internally by \fIvalgrind\fP. This can cause +of the address space used internally by \fBvalgrind\fP. This can cause unexplained crashes and false error reports, so it is best left enabled. @@ -353,5 +542,5 @@ .PP The glibc authors realised that this behaviour causes leak checkers, -such as \fIvalgrind\fP, to falsely report leaks in glibc, when a leak +such as \fBvalgrind\fP, to falsely report leaks in glibc, when a leak check is done at exit. In order to avoid this, they provided a routine called __libc_freeres specifically to make glibc release all memory it @@ -363,5 +552,5 @@ buggy to cause segmentation faults. This is particularly noticeable on Red Hat 7.1. So this flag is provided in order to inhibit the run of -__libc_freeres. If your program seems to run fine on \fIvalgrind\fP, but +__libc_freeres. If your program seems to run fine on \fBvalgrind\fP, but segfaults at exit, you may find that --run-libc-freeres=no fixes that, although at the cost of possibly falsely reporting space leaks in libc.so. @@ -372,6 +561,6 @@ --show-below-main=<yes|no> [default: no] When enabled, this option causes full stack backtraces to be emited, -including the part before \fImain\fP in your program (subject to the -\fI--num-callers\fP option.) When disabled, only the part of the stack +including the part before \fBmain\fP in your program (subject to the +\fB--num-callers\fP option.) When disabled, only the part of the stack backtrace up to and including main is printed. @@ -382,10 +571,10 @@ code. When disabled, translation is done on a per-basic-block basis, giving much better translations. This is needed when running -\fIvalgrind\fP under \fIvalgrind\fP. +\fBvalgrind\fP under \fBvalgrind\fP. .TP .B --sloppy-malloc=<yes|no> [default: no] -When enabled, \fIvalgrind\fP rounds all memory allocation request sizes +When enabled, \fBvalgrind\fP rounds all memory allocation request sizes up to 4 bytes. @@ -398,5 +587,5 @@ .B --weird-hacks=hack1,hack2,\.\.\. -Pass miscellaneous hints to \fIvalgrind\fP which slightly modify the +Pass miscellaneous hints to \fBvalgrind\fP which slightly modify the simulated behaviour in nonstandard or dangerous ways, possibly to help the simulation of strange features. By default no hacks are enabled. Use @@ -407,13 +596,13 @@ .B - lax-ioctls -If \fIvalgrind\fP encounters an \fIioctl\fP that it doesn't understand, +If \fBvalgrind\fP encounters an \fBioctl\fP that it doesn't understand, it normally prints a warning message before continuing. Specifying the -lax-ioctls hack tells \fIvalgrind\fP to be very lax about ioctl handling +lax-ioctls hack tells \fBvalgrind\fP to be very lax about ioctl handling and assume that unknown ioctls just behave correctly. .TP .B - ioctl-mmap -Tell \fIvalgrind\fP to search for new memory mappings after an unknown -\fIioctl\fP call. +Tell \fBvalgrind\fP to search for new memory mappings after an unknown +\fBioctl\fP call. .RE @@ -423,7 +612,7 @@ .B --profile=<yes|no> [default: no] -When enabled, does crude internal profiling of \fIvalgrind\fP itself. This +When enabled, does crude internal profiling of \fBvalgrind\fP itself. This is not for profiling your programs. Rather it is to allow the developers -to assess where \fIvalgrind\fP is spending its time. The tools must be +to assess where \fBvalgrind\fP is spending its time. The tools must be built for profiling for this to work. @@ -432,5 +621,5 @@ --sanity-level=<number> [default: 1] Set the level of sanity checking to perform. This is used for debugging -\fIvalgrind\fP. Setting this to 2 or higher can cause more internal +\fBvalgrind\fP. Setting this to 2 or higher can cause more internal sanity checks to be performed, but can slow your program down appreciably. Setting this to 0 disables sanity checks. @@ -439,5 +628,5 @@ .B --trace-codegen=<bitmask> -Produce lots of output showing exactly how \fIvalgrind\fP is translating +Produce lots of output showing exactly how \fBvalgrind\fP is translating each basic block. The argument to this option is a 5-bit wide bitmask. Each bit refers to a specific feature to trace. If the bit is 1, the @@ -489,7 +678,9 @@ .SH SEE ALSO -/usr/share/doc/\fIvalgrind\fP/html/manual.html +/usr/share/doc/\fBvalgrind\fP/html/manual.html + .SH AUTHOR This manpage has been written by Andres Roldan <ar...@de...> for the Debian Project, but can be used for any other distribution. -Updated by Robert Walsh <rj...@du...> for the 2.4.0 release. +Updated, rearranged and expanded by Robert Walsh <rj...@du...> +for the 2.4.0 release. |