1<?xml version="1.0"?> <!-- -*- sgml -*- --> 2<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" 4[ <!ENTITY % vg-entities SYSTEM "vg-entities.xml"> %vg-entities; ]> 5 6 7<chapter id="manual-writing-tools" xreflabel="Writing a New Valgrind Tool"> 8<title>Writing a New Valgrind Tool</title> 9 10So you want to write a Valgrind tool? Here are some instructions that may 11help. 12 13<sect1 id="manual-writing-tools.intro" xreflabel="Introduction"> 14<title>Introduction</title> 15 16<para>The key idea behind Valgrind's architecture is the division 17between its <emphasis>core</emphasis> and <emphasis>tools</emphasis>.</para> 18 19<para>The core provides the common low-level infrastructure to 20support program instrumentation, including the JIT 21compiler, low-level memory manager, signal handling and a 22thread scheduler. It also provides certain services that 23are useful to some but not all tools, such as support for error 24recording, and support for replacing heap allocation functions such as 25<function>malloc</function>.</para> 26 27<para>But the core leaves certain operations undefined, which 28must be filled by tools. Most notably, tools define how program 29code should be instrumented. They can also call certain 30functions to indicate to the core that they would like to use 31certain services, or be notified when certain interesting events 32occur. But the core takes care of all the hard work.</para> 33 34</sect1> 35 36 37 38<sect1 id="manual-writing-tools.writingatool" xreflabel="Basics"> 39<title>Basics</title> 40 41<sect2 id="manual-writing-tools.howtoolswork" xreflabel="How tools work"> 42<title>How tools work</title> 43 44<para>Tools must define various functions for instrumenting programs 45that are called by Valgrind's core. They are then linked against 46Valgrind's core to define a complete Valgrind tool which will be used 47when the <option>--tool</option> option is used to select it.</para> 48 49</sect2> 50 51 52<sect2 id="manual-writing-tools.gettingcode" xreflabel="Getting the code"> 53<title>Getting the code</title> 54 55<para>To write your own tool, you'll need the Valgrind source code. You'll 56need a check-out of the Subversion repository for the automake/autoconf 57build instructions to work. See the information about how to do check-out 58from the repository at <ulink url="&vg-repo-url;">the Valgrind 59website</ulink>.</para> 60 61</sect2> 62 63 64<sect2 id="manual-writing-tools.gettingstarted" xreflabel="Getting started"> 65<title>Getting started</title> 66 67<para>Valgrind uses GNU <computeroutput>automake</computeroutput> and 68<computeroutput>autoconf</computeroutput> for the creation of Makefiles 69and configuration. But don't worry, these instructions should be enough 70to get you started even if you know nothing about those tools.</para> 71 72<para>In what follows, all filenames are relative to Valgrind's 73top-level directory <computeroutput>valgrind/</computeroutput>.</para> 74 75<orderedlist> 76 <listitem> 77 <para>Choose a name for the tool, and a two-letter abbreviation that can 78 be used as a short prefix. We'll use 79 <computeroutput>foobar</computeroutput> and 80 <computeroutput>fb</computeroutput> as an example.</para> 81 </listitem> 82 83 <listitem> 84 <para>Make three new directories <filename>foobar/</filename>, 85 <filename>foobar/docs/</filename> and 86 <filename>foobar/tests/</filename>. 87 </para> 88 </listitem> 89 90 <listitem> 91 <para>Create an empty file <filename>foobar/tests/Makefile.am</filename>. 92 </para> 93 </listitem> 94 95 <listitem> 96 <para>Copy <filename>none/Makefile.am</filename> into 97 <filename>foobar/</filename>. Edit it by replacing all 98 occurrences of the strings 99 <computeroutput>"none"</computeroutput>, 100 <computeroutput>"nl_"</computeroutput> and 101 <computeroutput>"nl-"</computeroutput> with 102 <computeroutput>"foobar"</computeroutput>, 103 <computeroutput>"fb_"</computeroutput> and 104 <computeroutput>"fb-"</computeroutput> respectively.</para> 105 </listitem> 106 107 <listitem> 108 <para>Copy <filename>none/nl_main.c</filename> into 109 <computeroutput>foobar/</computeroutput>, renaming it as 110 <filename>fb_main.c</filename>. Edit it by changing the 111 <computeroutput>details</computeroutput> lines in 112 <function>nl_pre_clo_init</function> to something appropriate for the 113 tool. These fields are used in the startup message, except for 114 <computeroutput>bug_reports_to</computeroutput> which is used if a 115 tool assertion fails. Also, replace the string 116 <computeroutput>"nl_"</computeroutput> throughout with 117 <computeroutput>"fb_"</computeroutput> again.</para> 118 </listitem> 119 120 <listitem> 121 <para>Edit <filename>Makefile.am</filename>, adding the new directory 122 <filename>foobar</filename> to the 123 <computeroutput>TOOLS</computeroutput> or 124 <computeroutput>EXP_TOOLS</computeroutput> variables.</para> 125 </listitem> 126 127 <listitem> 128 <para>Edit <filename>configure.in</filename>, adding 129 <filename>foobar/Makefile</filename> and 130 <filename>foobar/tests/Makefile</filename> to the 131 <computeroutput>AC_OUTPUT</computeroutput> list.</para> 132 </listitem> 133 134 <listitem> 135 <para>Run:</para> 136<programlisting><![CDATA[ 137 autogen.sh 138 ./configure --prefix=`pwd`/inst 139 make 140 make install]]></programlisting> 141 142 <para>It should automake, configure and compile without errors, 143 putting copies of the tool in 144 <filename>foobar/</filename> and 145 <filename>inst/lib/valgrind/</filename>.</para> 146 </listitem> 147 148 <listitem> 149 <para>You can test it with a command like:</para> 150<programlisting><![CDATA[ 151 inst/bin/valgrind --tool=foobar date]]></programlisting> 152 153 <para>(almost any program should work; 154 <computeroutput>date</computeroutput> is just an example). 155 The output should be something like this:</para> 156<programlisting><![CDATA[ 157 ==738== foobar-0.0.1, a foobarring tool. 158 ==738== Copyright (C) 2002-2009, and GNU GPL'd, by J. Programmer. 159 ==738== Using Valgrind-3.5.0.SVN and LibVEX; rerun with -h for copyright info 160 ==738== Command: date 161 ==738== 162 Tue Nov 27 12:40:49 EST 2007 163 ==738==]]></programlisting> 164 165 <para>The tool does nothing except run the program uninstrumented.</para> 166 </listitem> 167 168</orderedlist> 169 170<para>These steps don't have to be followed exactly -- you can choose 171different names for your source files, and use a different 172<option>--prefix</option> for 173<computeroutput>./configure</computeroutput>.</para> 174 175<para>Now that we've setup, built and tested the simplest possible tool, 176onto the interesting stuff...</para> 177 178</sect2> 179 180 181 182<sect2 id="manual-writing-tools.writingcode" xreflabel="Writing the Code"> 183<title>Writing the code</title> 184 185<para>A tool must define at least these four functions:</para> 186<programlisting><![CDATA[ 187 pre_clo_init() 188 post_clo_init() 189 instrument() 190 fini()]]></programlisting> 191 192<para>The names can be different to the above, but these are the usual 193names. The first one is registered using the macro 194<computeroutput>VG_DETERMINE_INTERFACE_VERSION</computeroutput>. 195The last three are registered using the 196<computeroutput>VG_(basic_tool_funcs)</computeroutput> function.</para> 197 198<para>In addition, if a tool wants to use some of the optional services 199provided by the core, it may have to define other functions and tell the 200core about them.</para> 201 202</sect2> 203 204 205 206<sect2 id="manual-writing-tools.init" xreflabel="Initialisation"> 207<title>Initialisation</title> 208 209<para>Most of the initialisation should be done in 210<function>pre_clo_init</function>. Only use 211<function>post_clo_init</function> if a tool provides command line 212options and must do some initialisation after option processing takes 213place (<computeroutput>"clo"</computeroutput> stands for "command line 214options").</para> 215 216<para>First of all, various "details" need to be set for a tool, using 217the functions <function>VG_(details_*)</function>. Some are all 218compulsory, some aren't. Some are used when constructing the startup 219message, <computeroutput>detail_bug_reports_to</computeroutput> is used 220if <computeroutput>VG_(tool_panic)</computeroutput> is ever called, or 221a tool assertion fails. Others have other uses.</para> 222 223<para>Second, various "needs" can be set for a tool, using the functions 224<function>VG_(needs_*)</function>. They are mostly booleans, and can 225be left untouched (they default to <varname>False</varname>). They 226determine whether a tool can do various things such as: record, report 227and suppress errors; process command line options; wrap system calls; 228record extra information about heap blocks; etc.</para> 229 230<para>For example, if a tool wants the core's help in recording and 231reporting errors, it must call 232<function>VG_(needs_tool_errors)</function> and provide definitions of 233eight functions for comparing errors, printing out errors, reading 234suppressions from a suppressions file, etc. While writing these 235functions requires some work, it's much less than doing error handling 236from scratch because the core is doing most of the work. 237</para> 238 239<para>Third, the tool can indicate which events in core it wants to be 240notified about, using the functions <function>VG_(track_*)</function>. 241These include things such as heap blocks being allocated, the stack 242pointer changing, a mutex being locked, etc. If a tool wants to know 243about this, it should provide a pointer to a function, which will be 244called when that event happens.</para> 245 246<para>For example, if the tool want to be notified when a new heap block 247is allocated, it should call 248<function>VG_(track_new_mem_heap)</function> with an appropriate 249function pointer, and the assigned function will be called each time 250this happens.</para> 251 252<para>More information about "details", "needs" and "trackable events" 253can be found in 254<filename>include/pub_tool_tooliface.h</filename>.</para> 255 256</sect2> 257 258 259 260<sect2 id="manual-writing-tools.instr" xreflabel="Instrumentation"> 261<title>Instrumentation</title> 262 263<para><function>instrument</function> is the interesting one. It 264allows you to instrument <emphasis>VEX IR</emphasis>, which is 265Valgrind's RISC-like intermediate language. VEX IR is described 266in the comments of the header file 267<filename>VEX/pub/libvex_ir.h</filename>.</para> 268 269<para>The easiest way to instrument VEX IR is to insert calls to C 270functions when interesting things happen. See the tool "Lackey" 271(<filename>lackey/lk_main.c</filename>) for a simple example of this, or 272Cachegrind (<filename>cachegrind/cg_main.c</filename>) for a more 273complex example.</para> 274 275</sect2> 276 277 278 279<sect2 id="manual-writing-tools.fini" xreflabel="Finalisation"> 280<title>Finalisation</title> 281 282<para>This is where you can present the final results, such as a summary 283of the information collected. Any log files should be written out at 284this point.</para> 285 286</sect2> 287 288 289 290<sect2 id="manual-writing-tools.otherinfo" xreflabel="Other Important Information"> 291<title>Other Important Information</title> 292 293<para>Please note that the core/tool split infrastructure is quite 294complex and not brilliantly documented. Here are some important points, 295but there are undoubtedly many others that I should note but haven't 296thought of.</para> 297 298<para>The files <filename>include/pub_tool_*.h</filename> contain all the 299types, macros, functions, etc. that a tool should (hopefully) need, and are 300the only <filename>.h</filename> files a tool should need to 301<computeroutput>#include</computeroutput>. They have a reasonable amount of 302documentation in it that should hopefully be enough to get you going.</para> 303 304<para>Note that you can't use anything from the C library (there 305are deep reasons for this, trust us). Valgrind provides an 306implementation of a reasonable subset of the C library, details of which 307are in <filename>pub_tool_libc*.h</filename>.</para> 308 309<para>When writing a tool, in theory you shouldn't need to look at any of 310the code in Valgrind's core, but in practice it might be useful sometimes to 311help understand something.</para> 312 313<para>The <filename>include/pub_tool_basics.h</filename> and 314<filename>VEX/pub/libvex_basictypes.h</filename> files have some basic 315types that are widely used.</para> 316 317<para>Ultimately, the tools distributed (Memcheck, Cachegrind, Lackey, etc.) 318are probably the best documentation of all, for the moment.</para> 319 320<para>The <computeroutput>VG_</computeroutput> macro is used 321heavily. This just prepends a longer string in front of names to avoid 322potential namespace clashes. It is defined in 323<filename>include/pub_tool_basics.h</filename>.</para> 324 325<para>There are some assorted notes about various aspects of the 326implementation in <filename>docs/internals/</filename>. Much of it 327isn't that relevant to tool-writers, however.</para> 328 329</sect2> 330 331 332</sect1> 333 334 335 336<sect1 id="manual-writing-tools.advtopics" xreflabel="Advanced Topics"> 337<title>Advanced Topics</title> 338 339<para>Once a tool becomes more complicated, there are some extra 340things you may want/need to do.</para> 341 342<sect2 id="manual-writing-tools.advice" xreflabel="Debugging Tips"> 343<title>Debugging Tips</title> 344 345<para>Writing and debugging tools is not trivial. Here are some 346suggestions for solving common problems.</para> 347 348<para>If you are getting segmentation faults in C functions used by your 349tool, the usual GDB command:</para> 350 351<screen><![CDATA[ 352 gdb <prog> core]]></screen> 353<para>usually gives the location of the segmentation fault.</para> 354 355<para>If you want to debug C functions used by your tool, there are 356instructions on how to do so in the file 357<filename>README_DEVELOPERS</filename>.</para> 358 359<para>If you are having problems with your VEX IR instrumentation, it's 360likely that GDB won't be able to help at all. In this case, Valgrind's 361<option>--trace-flags</option> option is invaluable for observing the 362results of instrumentation.</para> 363 364<para>If you just want to know whether a program point has been reached, 365using the <computeroutput>OINK</computeroutput> macro (in 366<filename>include/pub_tool_libcprint.h</filename>) can be easier than 367using GDB.</para> 368 369<para>The other debugging command line options can be useful too (run 370<computeroutput>valgrind --help-debug</computeroutput> for the 371list).</para> 372 373</sect2> 374 375<sect2 id="manual-writing-tools.suppressions" xreflabel="Suppressions"> 376<title>Suppressions</title> 377 378<para>If your tool reports errors and you want to suppress some common 379ones, you can add suppressions to the suppression files. The relevant 380files are <filename>*.supp</filename>; the final suppression 381file is aggregated from these files by combining the relevant 382<filename>.supp</filename> files depending on the versions of linux, X 383and glibc on a system.</para> 384 385<para>Suppression types have the form 386<computeroutput>tool_name:suppression_name</computeroutput>. The 387<computeroutput>tool_name</computeroutput> here is the name you specify 388for the tool during initialisation with 389<function>VG_(details_name)</function>.</para> 390 391</sect2> 392 393 394<sect2 id="manual-writing-tools.docs" xreflabel="Documentation"> 395<title>Documentation</title> 396 397<para>If you are feeling conscientious and want to write some 398documentation for your tool, please use XML as the rest of Valgrind does. 399The file <filename>docs/README</filename> has more details on getting 400the XML toolchain to work; this can be difficult, unfortunately.</para> 401 402<para>To write the documentation, follow these steps (using 403<computeroutput>foobar</computeroutput> as the example tool name 404again):</para> 405 406<orderedlist> 407 408 <listitem> 409 <para>The docs go in 410 <computeroutput>foobar/docs/</computeroutput>, which you will 411 have created when you started writing the tool.</para> 412 </listitem> 413 414 <listitem> 415 <para>Copy the XML documentation file for the tool Nulgrind from 416 <filename>none/docs/nl-manual.xml</filename> to 417 <computeroutput>foobar/docs/</computeroutput>, and rename it to 418 <filename>foobar/docs/fb-manual.xml</filename>.</para> 419 420 <para><command>Note</command>: there is a tetex bug 421 involving underscores in filenames, so don't use '_'.</para> 422 </listitem> 423 424 <listitem> 425 <para>Write the documentation. There are some helpful bits and 426 pieces on using XML markup in 427 <filename>docs/xml/xml_help.txt</filename>.</para> 428 </listitem> 429 430 <listitem> 431 <para>Include it in the User Manual by adding the relevant entry to 432 <filename>docs/xml/manual.xml</filename>. Copy and edit an 433 existing entry.</para> 434 </listitem> 435 436 <listitem> 437 <para>Include it in the man page by adding the relevant entry to 438 <filename>docs/xml/valgrind-manpage.xml</filename>. Copy and 439 edit an existing entry.</para> 440 </listitem> 441 442 <listitem> 443 <para>Validate <filename>foobar/docs/fb-manual.xml</filename> using 444 the following command from within <filename>docs/</filename>: 445 </para> 446<screen><![CDATA[ 447make valid 448]]></screen> 449 450 <para>You may get errors that look like this:</para> 451 452<screen><![CDATA[ 453./xml/index.xml:5: element chapter: validity error : No declaration for 454attribute base of element chapter 455]]></screen> 456 457 <para>Ignore (only) these -- they're not important.</para> 458 459 <para>Because the XML toolchain is fragile, it is important to ensure 460 that <filename>fb-manual.xml</filename> won't break the documentation 461 set build. Note that just because an XML file happily transforms to 462 html does not necessarily mean the same holds true for pdf/ps.</para> 463 </listitem> 464 465 <listitem> 466 <para>You can (re-)generate the HTML docs while you are writing 467 <filename>fb-manual.xml</filename> to help you see how it's looking. 468 The generated files end up in 469 <filename>docs/html/</filename>. Use the following 470 command, within <filename>docs/</filename>:</para> 471<screen><![CDATA[ 472make html-docs 473]]></screen> 474 </listitem> 475 476 <listitem> 477 <para>When you have finished, try to generate PDF and PostScript output to 478 check all is well, from within <filename>docs/</filename>: 479 </para> 480<screen><![CDATA[ 481make print-docs 482]]></screen> 483 484 <para>Check the output <filename>.pdf</filename> and 485 <filename>.ps</filename> files in 486 <computeroutput>docs/print/</computeroutput>.</para> 487 488 <para>Note that the toolchain is even more fragile for the print docs, 489 so don't feel too bad if you can't get it working.</para> 490 </listitem> 491 492</orderedlist> 493 494</sect2> 495 496 497<sect2 id="manual-writing-tools.regtests" xreflabel="Regression Tests"> 498<title>Regression Tests</title> 499 500<para>Valgrind has some support for regression tests. If you want to 501write regression tests for your tool:</para> 502 503<orderedlist> 504 <listitem> 505 <para>The tests go in <computeroutput>foobar/tests/</computeroutput>, 506 which you will have created when you started writing the tool.</para> 507 </listitem> 508 509 <listitem> 510 <para>Write <filename>foobar/tests/Makefile.am</filename>. Use 511 <filename>memcheck/tests/Makefile.am</filename> as an 512 example.</para> 513 </listitem> 514 515 <listitem> 516 <para>Write the tests, <computeroutput>.vgtest</computeroutput> test 517 description files, <computeroutput>.stdout.exp</computeroutput> and 518 <computeroutput>.stderr.exp</computeroutput> expected output files. 519 (Note that Valgrind's output goes to stderr.) Some details on 520 writing and running tests are given in the comments at the top of 521 the testing script 522 <computeroutput>tests/vg_regtest</computeroutput>.</para> 523 </listitem> 524 525 <listitem> 526 <para>Write a filter for stderr results 527 <computeroutput>foobar/tests/filter_stderr</computeroutput>. It can 528 call the existing filters in 529 <computeroutput>tests/</computeroutput>. See 530 <computeroutput>memcheck/tests/filter_stderr</computeroutput> for an 531 example; in particular note the 532 <computeroutput>$dir</computeroutput> trick that ensures the filter 533 works correctly from any directory.</para> 534 </listitem> 535 536</orderedlist> 537 538</sect2> 539 540 541 542<sect2 id="manual-writing-tools.profiling" xreflabel="Profiling"> 543<title>Profiling</title> 544 545<para>Lots of profiling tools have trouble running Valgrind. For example, 546trying to use gprof is hopeless.</para> 547 548<para>Probably the best way to profile a tool is with OProfile on Linux.</para> 549 550<para>You can also use Cachegrind on it. Read 551<filename>README_DEVELOPERS</filename> for details on running Valgrind under 552Valgrind; it's a bit fragile but can usually be made to work.</para> 553 554</sect2> 555 556 557 558<sect2 id="manual-writing-tools.mkhackery" xreflabel="Other Makefile Hackery"> 559<title>Other Makefile Hackery</title> 560 561<para>If you add any directories under 562<computeroutput>foobar/</computeroutput>, you will need to add 563an appropriate <filename>Makefile.am</filename> to it, and add a 564corresponding entry to the <computeroutput>AC_OUTPUT</computeroutput> 565list in <filename>configure.in</filename>.</para> 566 567<para>If you add any scripts to your tool (see Cachegrind for an 568example) you need to add them to the 569<computeroutput>bin_SCRIPTS</computeroutput> variable in 570<filename>foobar/Makefile.am</filename> and possible also to the 571<computeroutput>AC_OUTPUT</computeroutput> list in 572<filename>configure.in</filename>.</para> 573 574</sect2> 575 576 577 578<sect2 id="manual-writing-tools.ifacever" xreflabel="Core/tool Interface Versions"> 579<title>The Core/tool Interface</title> 580 581<para>The core/tool interface evolves over time, but it's pretty stable. 582We deliberately do not provide backward compatibility with old interfaces, 583because it is too difficult and too restrictive. We view this as a good 584thing -- if we had to be backward compatible with earlier versions, many 585improvements now in the system could not have been added.</para> 586 587<para>Because tools are statically linked with the core, if a tool compiles 588successfully then it should be compatible with the core. We would not 589deliberately violate this property by, for example, changing the behaviour 590of a core function without changing its prototype.</para> 591 592</sect2> 593 594</sect1> 595 596 597 598<sect1 id="manual-writing-tools.finalwords" xreflabel="Final Words"> 599<title>Final Words</title> 600 601<para>Writing a new Valgrind tool is not easy, but the tools you can write 602with Valgrind are among the most powerful programming tools there are. 603Happy programming!</para> 604 605</sect1> 606 607</chapter> 608