Article

Valgrind: a framework for heavyweight dynamic binary instrumentation

Authors:

Nicholas Nethercote,

Julian SewardAuthors Info & Claims

PLDI '07: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 89 - 100

https://doi.org/10.1145/1250734.1250746

Published: 10 June 2007 Publication History

Abstract

Dynamic binary instrumentation (DBI) frameworks make it easy to build dynamic binary analysis (DBA) tools such as checkers and profilers. Much of the focus on DBI frameworks has been on performance; little attention has been paid to their capabilities. As a result, we believe the potential of DBI has not been fully exploited.

In this paper we describe Valgrind, a DBI framework designed for building heavyweight DBA tools. We focus on its unique support for shadow values-a powerful but previously little-studied and difficult-to-implement DBA technique, which requires a tool to shadow every register and memory value with another value that describes it. This support accounts for several crucial design features that distinguish Valgrind from other DBI frameworks. Because of these features, lightweight tools built with Valgrind run comparatively slowly, but Valgrind can be used to build more interesting, heavyweight tools that are difficult or impossible to build with other DBI frameworks such as Pin and DynamoRIO.

References

[1]

V. Bala, E. Duesterwald, and S. Banerjia. Dynamo: A transparent dynamic optimization system. In Proceedings of PLDI 2000, pages 1--12, Vancouver, Canada, June 2000.

Digital Library

[2]

D. Bruening. Efficient, Transparent, and Comprehensive Runtime Code Manipulation. PhD thesis, MIT, Cambridge, Mass., USA, September 2004.

Digital Library

[3]

D. Bruening, T. Garnett, and S. Amarasinghe. An infrastructure for adaptive dynamic optimization. In Proceedings of CGO'03, pages 265--276, San Francisco, California, USA, March 2003.

Digital Library

[4]

M. Burrows, S. N. Freund, and J. L. Wiener. Run-time type checking for binary programs. In Proceedings of CC 2003, pages 90--105, Warsaw, Poland, April 2003.

Digital Library

[5]

W. Cheng. Personal communication, November 2006.

[6]

W. Cheng, Q. Zhao, B. Yu, and S. Hiroshige. TaintTrace: Efficient flow tracing with dynamic binary rewriting. In Proceedings of ISCC 2006, pages 749--754, Cagliari, Sardinia, Italy, June 2006.

Digital Library

[7]

P. J. Guo, J. H. Perkins, S. McCamant, and M. D. Ernst. Dynamic inference of abstract types. In Proceedings of ISSTA 2006, pages 255--265, Portland, Maine, USA, July 2006.

Digital Library

[8]

R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference, pages 125--136, San Francisco, California, USA, January 1992.

[9]

K. Hazelwood. Code Cache Management in Dynamic Optimization Systems. PhD thesis, Harvard University, Cambridge, Mass., USA, May 2004.

[10]

G. Lueck and R. Cohn. Personal communication, September-November 2006.

[11]

C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In Proceedings of PLDI 2005, pages 191--200, Chicago, Illinois, USA, June 2005.

Digital Library

[12]

J. Maebe, M. Ronsse, and K. De Bosschere. DIOTA: Dynamic instrumentation, optimization and transformation of applications. In Proceedings of WBT-2002, Charlottesville, Virginia, USA, September 2002.

[13]

S. McCamant and M. D. Ernst. Quantitative information-flow tracking for C and related languages. Technical Report MIT--CSAIL--TR--2006--076, MIT, Cambridge, Mass., USA, 2006.

[14]

S. Narayanasamy, C. Pereira, H. Patil, R. Cohn, and B. Calder. Automatic logging of operation system effects to guide application-level architecture simulation. In Proceedings of SIGMetrics/Performance 2006, pages 216--227, St. Malo, France, June 2006.

Digital Library

[15]

N. Nethercote. Dynamic Binary Analysis and Instrumentation. PhD thesis, University of Cambridge, United Kingdom, November 2004.

[16]

N. Nethercote and J. Fitzhardinge. Bounds-checking entire programs without recompiling. In Informal Proceedings of SPACE 2004, Venice, Italy, January 2004.

[17]

N. Nethercote and A. Mycroft. Redux: A dynamic dataflow tracer. ENTCS, 89(2), 2003.

[18]

N. Nethercote and J. Seward. Valgrind: A program supervision framework. ENTCS, 89(2), 2003.

[19]

N. Nethercote and J. Seward. How to shadow every byte of memory used by a program. In Proceedings of VEE 2007, San Diego, California, USA, June 2007.

Digital Library

[20]

J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proceedings of NDSS'05, San Diego, California, USA, February 2005.

[21]

H. Patil and C. Fischer. Low-cost, concurrent checking of pointer and array accesses in C programs. Software-Practice and Experience, 27(1):87--110, January 1997.

Digital Library

[22]

F. Qin. Personal communication, March 2007.

[23]

F. Qin, C. Wang, Z. Li, H. Kim, Y. Zhou, and Y. Wu. Lift: A low-oeverhead practical information flow tracking system for detecting security attacks. In Proceedings of the Annual IEEE/ACM International Symposium on Microarchitecture (Micro'06), Orlando, Florida, USA, December 2006.

Digital Library

[24]

K. Scott, J. W. Davidson, and K. Skadron. Low-overhead software dynamic translation. Technical Report CS-2001-18, University of Virginia, Charlottesville, Virginia, USA, 2001.

Digital Library

[25]

J. Seward and N. Nethercote. Using Valgrind to detect undefined value errors with bit-precision. In Proceedings of the USENIX'05 Annual Technical Conference, Anaheim, California, USA, April 2005.

Digital Library

[26]

O. Traub, G. Holloway, and M. D. Smith. Quality and speed in linear-scan register allocation. In Proceedings of PLDI '98, pages 142--151, Montreal, Canada, June 1998.

Digital Library

[27]

The Valgrind Developers. 2nd official Valgrind survey, September 2005: full report. http://www.valgrind.org/gallery/survey_05/report.txt.

[28]

The Valgrind Developers. Valgrind. http://www.valgrind.org/.

[29]

L. Wall, T. Christiansen, and J Orwant. Programming Perl. O'Reilly, 3rd edition, 2000.

Digital Library

Cited By

Feng YLi HCao YWang YFeng H(2024)CRABS-former: CRoss-Architecture Binary Code Similarity Detection based on TransformerProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3671390(11-20)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3671390
Xu ZChon YSu YTan ZApostolakis SCampanoni SAugust D(2024)PROMPT: A Fast and Extensible Memory Profiling FrameworkProceedings of the ACM on Programming Languages10.1145/36498278:OOPSLA1(449-473)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649827
Kokhazadeh MKeramidas GKelefouras VStamoulis I(2024)Denseflex: A Low Rank Factorization Methodology for Adaptable Dense Layers in DNNsProceedings of the 21st ACM International Conference on Computing Frontiers10.1145/3649153.3649183(21-31)Online publication date: 7-May-2024
https://dl.acm.org/doi/10.1145/3649153.3649183
Show More Cited By

Index Terms

Valgrind: a framework for heavyweight dynamic binary instrumentation
1. Information systems
  1. Data management systems
    1. Middleware for databases
      1. Distributed transaction monitors
2. Software and its engineering

Recommendations

Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 PLDI conference

Dynamic binary instrumentation (DBI) frameworks make it easy to build dynamic binary analysis (DBA) tools such as checkers and profilers. Much of the focus on DBI frameworks has been on performance; little attention has been paid to their capabilities. ...
How to shadow every byte of memory used by a program
VEE '07: Proceedings of the 3rd international conference on Virtual execution environments

Several existing dynamic binary analysis tools use shadowmemory-they shadow, in software, every byte of memory used by a program with another value that says something about it. Shadow memory is difficult to implement both efficiently and robustly. ...
Parallelisation of the Valgrind Dynamic Binary Instrumentation Framework
ISPA '08: Proceedings of the 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications

Valgrind is a dynamic binary translation and instrumentation framework. It is suited to analysing memory usage. It is used in memory validation and profiling tools. Currently, Valgrind is restricted to executing a guest with serialised thread ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI '07: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation

June 2007

508 pages

ISBN:9781595936332

DOI:10.1145/1250734

General Chair:
Jeanne Ferrante
University of California, San Diego, USA
,
Program Chair:
Kathryn S. McKinley
University of Texas at Austin, USA

ACM SIGPLAN Notices Volume 42, Issue 6
Proceedings of the 2007 PLDI conference
June 2007
491 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1273442
Issue’s Table of Contents

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 June 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

PLDI '07

Sponsor:

PLDI '07: ACM SIGPLAN Conference on Programming Language Design and Implementation

June 10 - 13, 2007

California, San Diego, USA

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1,395
Total Citations
View Citations
5,477
Total Downloads

Downloads (Last 12 months)441
Downloads (Last 6 weeks)28

Reflects downloads up to 19 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Feng YLi HCao YWang YFeng H(2024)CRABS-former: CRoss-Architecture Binary Code Similarity Detection based on TransformerProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3671390(11-20)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3671390
Xu ZChon YSu YTan ZApostolakis SCampanoni SAugust D(2024)PROMPT: A Fast and Extensible Memory Profiling FrameworkProceedings of the ACM on Programming Languages10.1145/36498278:OOPSLA1(449-473)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649827
Kokhazadeh MKeramidas GKelefouras VStamoulis I(2024)Denseflex: A Low Rank Factorization Methodology for Adaptable Dense Layers in DNNsProceedings of the 21st ACM International Conference on Computing Frontiers10.1145/3649153.3649183(21-31)Online publication date: 7-May-2024
https://dl.acm.org/doi/10.1145/3649153.3649183
Bouzenia IKrishan BPradel M(2024)DyPyBench: A Benchmark of Executable Python SoftwareProceedings of the ACM on Software Engineering10.1145/36437421:FSE(338-358)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643742
Stinnett JKell SRodríguez GSadayappan PSukumaran-Rajam A(2024)Accurate Coverage Metrics for Compiler-Generated Debugging InformationProceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction10.1145/3640537.3641578(126-136)Online publication date: 17-Feb-2024
https://dl.acm.org/doi/10.1145/3640537.3641578
Zheng DSen KRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)Dynamic Inference of Likely Symbolic Tensor Shapes in Python Machine Learning ProgramsProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639718(147-156)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639718
Hager-Clukas AHohentanner KQuek TGao DZhou JCardenas A(2024)DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging ExtensionProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637655(1173-1185)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637655
Ling HHuang HWang CCai YZhang CTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)GIANTSAN: Efficient Memory Sanitization with Segment FoldingProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640391(433-449)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640391
Liu XYou WYe YZhang ZHuang JZhang XRoychoudhury APaiva AAbreu RStorey M(2024)FuzzInMem: Fuzzing Programs via In-memory StructuresProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639172(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639172
Zhan QHu XLi ZXia XLo DLi SRoychoudhury APaiva AAbreu RStorey M(2024)PS3: Precise Patch Presence Test based on Semantic Symbolic SignatureProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639134(1-12)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639134
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents