一、简介

Valgrind是一个二进制插桩框架，可以用来制作二进制分析工具。利用Valgrind可以检测二进制程序的内存和线程漏洞。Valgrind框架目前包含以下几种工具：

Memcheck is a memory error detector. It helps you make your programs, particularly those written in C and C++, more correct.

Cachegrind is a cache and branch-prediction profiler. It helps you make your programs run faster.

Callgrind is a call-graph generating cache profiler. It has some overlap with Cachegrind, but also gathers some information that Cachegrind does not.

Helgrind is a thread error detector. It helps you make your multi-threaded programs more correct.

DRD is also a thread error detector. It is similar to Helgrind but uses different analysis techniques and so may find different problems.

Massif is a heap profiler. It helps you make your programs use less memory.

DHAT is a different kind of heap profiler. It helps you understand issues of block lifetimes, block utilisation, and layout inefficiencies.

SGcheck is an experimental tool that can detect overruns of stack and global arrays. Its functionality is complementary to that of Memcheck: SGcheck finds problems that Memcheck can't, and vice versa..

BBV is an experimental SimPoint basic block vector generator. It is useful to people doing computer architecture research and development.

二、安装valgrind

从valgrind官网上下载源码，解压后依次执行

./configure

make

sudo make install

输入valgrind -h查看是否安装成功

三、使用

valgrind的默认命令结构为：

valgrind [valgrind-options] your-prog [your prog options]

对C/C++程序，采用-g 编译选项进行编译得到二进制程序myprog

一般使用下面命令来运行程序myprog：

valgrind --tool=memcheck  --leak-check=yes myprog arg1 arg2 

默认使用的是Memcheck工具，如果要使用别的工具可以在--tool 选项中设置,  --leak-check选项默认打开memory leak detector

--toool=<toolname>

toolname 可以为：memcheck, cachegrind, callgrind, helgrind, drd, massif, lackey, none, exp-sgcheck, exp-bbv, exp-dhat, etc.

如果目标是检查程序漏洞，则常使用的tool为：memcheck (内存错误)， helgrind, drd(线程错误)