Google Git
Sign in
chromium / external / github.com / DynamoRIO / drmemory / release_1.11.0 / . / drmemory / docs / release.dox
blob: eb9edd2265bb1a1715d975ab4fa721ae6601248f [file] [log] [blame]
/* **********************************************************
* Copyright (c) 2010-2016 Google, Inc. All rights reserved.
* Copyright (c) 2009-2010 VMware, Inc. All rights reserved.
* **********************************************************/
/* Dr. Memory: the memory debugger
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation;
* version 2.1 of the License, and no later version.
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/**
****************************************************************************
****************************************************************************
\page page_release_notes Release Notes for Version \TOOL_VERSION
This section is divided into the following subsections:
- \ref sec_package
- \ref sec_changes
- \ref sec_limits
***************************************************************************
\htmlonly
<table width=100% bgcolor="#000000" cellspacing=0 cellpadding=2 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td></td></tr></table></td></tr></table></td></tr></table>
\endhtmlonly
\section sec_package Distribution Contents
The Dr. Memory distribution contains the following:
- The front-end executable \p drmemory for launching Dr. Memory.
- The back-end of Dr. Memory, contained in the \p bin and \p dynamorio
subdirectories. Dr. Memory runs on top of the DynamoRIO tool engine
(see http://dynamorio.org for more information on DynamoRIO).
- Documentation for Dr. Memory (you're looking at it).
- \ref page_drstrace
- \ref page_symquery
***************************************************************************
\htmlonly
<table width=100% bgcolor="#000000" cellspacing=0 cellpadding=2 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td></td></tr></table></td></tr></table></td></tr></table>
\endhtmlonly
\section sec_changes Changes Since Prior Releases
The current version is \TOOL_VERSION.
The changes between \TOOL_VERSION and version 1.10.1 include:
- Added support for Windows 10 1607.
- Added support for loading system call numbers from a file, to make
it easier to update for future major Windows 10 updates.
- Added an option -ignore_kernel to attempt to continue on even when
running on a kernel with unknown system call numbers.
- Added support for Mac OSX El Capitan.
- Better international string support.
The changes between 1.10.1 and version 1.10.0 include:
- Fixed problems with configuration directories on Android.
- Fixed several bugs, including Windows false positives, ARM
instrumentation issues, and VS2015 crashes.
The changes between 1.10.0 and version 1.9.0 include:
- Added preliminary 64-bit Dr. Memory support for Windows and Linux (but
not MacOS yet). This does not yet include uninitialized read checking,
so we still recommend compiling your application as 32-bit.
- Added preliminary Linux/ARM and Android/ARM 32-bit Dr. Memory support.
This does not yet include uninitialized read checking.
- Added support for Windows 10 1511.
- Fixed incremental error output to the console for graphical
applications, which was missing in prior versions when using certain
consoles such as cmd.
- Removed the -fuzz_mutator option and replaced it with separate options
for each component of the mutator.
- Added custom mutator support to Dr. Fuzz.
- Changed the mutator option passing scheme for Dr. Fuzz to take in
an argv-style array of parameters, to better support custom mutators.
- Added checking that the program counter points to valid memory,
controlled by the on-by-default -check_pc option.
- Added a new option -malloc_callstacks for recording malloc callstacks
to include in alloc/free error reports when leaks are disabled.
The option is off by default due to the additional overhead that
it incurs.
- Added code coverage measurement via a new option -coverage.
- By default, without the \p -show_reachable option, reachable leak
callstacks are no longer compared to suppressions, in order to reduce
overhead.
The changes between version 1.9.0 and version 1.8.0 include:
- Added support for Mac OSX Yosemite.
- Added Dr. Fuzz, a fuzz testing framework that facilitates repeated
execution of any program function while mutating the arguments.
- Added a fuzz testing mode to Dr. Memory. Use new options -fuzz_target
and -fuzz_mutator to fuzz test any C or C++ target function having a
buffer argument and a corresponding buffer size argument.
- Switched the Windows installer from an NSIS-based executable to
a WIX-based .msi file. The new installer automatically adds
Dr. Memory to the PATH for the current user.
- Added an unaddressable warning report on a write to read-only memory.
- Added support for the VALGRIND_DO_LEAK_CHECK annotation.
The changes between version 1.8.0 and version 1.7.0 include:
- Dropped official support for Windows 2000.
- Enabled -delay_frees_stack by default.
- The Windows installer now automatically adds Dr. Memory as an External
Tool for every installation of Visual Studio on the machine.
- Changed details of the callstack maximum frame options.
Added two new options: -malloc_max_frames, used for leak reports (and
mismatch aux info), and -free_max_frames, used for -delay_frees_stack.
Changed the default -callstack_max_frames to 20. -malloc_max_frames
defaults to the original 12, and -free_max_frames is at 6.
- Added a new option -check_uninit_blacklist to reduce overhead on modules
where no uninitialized read error reporting is desired.
Dr. Memory automatically adds to this list when it sees a whole-module
suppression.
- Disabled checks for mixing C library heap routines with Windows API heap
routines (-check_heap_mismatch) for modules that contain static libc.
- Changed the drsymcache_lookup() interface.
- Added extra information to unaddressable error titles to make
several common types of such errors easier to identify:
"UNADDRESSABLE ACCESS of freed memory",
"UNADDRESSABLE ACCESS beyond heap bounds", and
"UNADDRESSABLE ACCESS beyond top of stack".
- Renamed option -stderr to -use_stderr.
The changes between version 1.7.0 and version 1.6.1 include:
- Added a Beta version of Dr. Memory for Mac. Be aware that this
is a work in progress, but is far enough along to use on small
applications.
- Changed Windows PDB symbols to collapse template parameters to "<>"
to shrink and simplify callstacks and suppressions. The old behavior
can be requested by passing 0x1000 to the -callstack_style option.
- Changed Linux and MinGW symbols to omit the "()" in C++ symbol names.
- Added a new Dr. Memory Framework Extension, Dr. SymCache or drsymcache,
which provides persistent caching of symbol lookup data to reduce
startup time overhead on large applications.
- Clarified the final parameter to umbra_get_shadow_memory_type() and
umbra_shadow_memory_is_shared() to be umbra_shadow_memory_type_t
rather than uint.
- Clarified the 2nd parameter to umbra_create_shadow_memory() to be
umbra_shadow_memory_flags_t rather than uint.
- Clarified the umbra_shadow_memory_info_t shadow_type field to be
umbra_shadow_memory_type_t rather than uint.
- Clarified the umbra_map_options_t flags field to be
umbra_map_flags_t rather than uint.
- Added static library versions of drsyscall and umbra.
- On Windows, handle leak detection (-check_handle_leaks) is now on by default
in full mode. However, it is still experimental and conservative,
placing leaks it's not sure about in potential_errors.txt.
- Added preliminary shadowing of xmm registers for better Visual Studio
2013 support.
- Added preliminary shadowing of mmx registers.
- Augmented the Dr. Syscall API for MacOS support by adding
drsys_cur_syscall_result(), drsys_arg_t.value64, and
drsys_pre_syscall_arg64().
- The pause in cmd on a frontend error is now bypassable by -batch.
- Added an option -exit_code_if_errors to return a non-zero exit code
when errors are detected.
- Replaced the perl front-end \p drmemory.pl on Linux with an executable.
- Various bug fixes.
The changes between version 1.6.1 and version 1.6.0 include:
- Added Windows 8.1 support
- Added -handle_leaks_only feature for low-overhead handle leak checking
- Added the -crash_at_unaddressable and -crash_at_error options
- Added the -no_callstack_use_fp and -callstack_conservative options
- Various bug fixes
The changes between version 1.6.0 and version 1.5.1 include:
- Added a separate category of error report, "potential errors", stored in
potential_errors.txt. These are errors that are suspected of being
false positives or limited to system libraries. It is possible that
they are in fact true application errors, however. This separation of
errors can be disabled with the option -lib_blacklist_frames 0, and
tuned via the options -lib_blacklist and -lib_blacklist_frames.
- Added options -lib_whitelist and -lib_whitelist_frames to support
only displaying errors whose top N frames reference a whitelisted
module. Any error that does not match the whitelist is separated
as a "potential error" (see the prior blacklist entry).
- Removed -srcfilter option and replaced with new options -src_whitelist
and -src_whitelist_frames to support only displaying errors whose top N
frames reference a whitelisted source file. Any error that does not
match the whitelist is separated as a "potential error" (see the earlier
blacklist entry).
- Added full support for applications linked with the debug Visual Studio
C library.
- Added checks for mixing of C library heap routines with Windows API heap
routines on the same allocation, under a new on-by-default new option
-check_heap_mismatch.
- Switched to replacing the malloc implementation with Dr. Memory's own
allocator, rather than wrapping the system allocator, for improved
performance and stability and improved interoperability with
the Visual Studio debug C library.
- Improved still-reachable allocation reporting, adding suppression
support, de-duplication, and hiding of system allocations.
- Added option -check_prefetch to make it easier to turn off the warnings
on prefetching unaddressable memory.
- The GDI error on using a DC by more than one thread is now off by
default. It can be enabled with the -check_gdi_multithread option.
- Added drsys_syscall_gateway() to the Dr. Syscall library.
- Extended -soft_kills to handle the most common job termination sequences.
- Further reduced false positives in Windows system libraries by
continuing to make progress on Windows system call handling.
- Added a source file package to the release process.
- Improved Windows 8 support.
- Improved Visual Studio 2012 support.
- Added non-ASCII symbol support.
- Added the total execution time to the logfile.
- Added default suppressions for real bugs in the Visual Studio C
and C++ libraries detected by Dr. Memory.
- Various bug fixes.
The changes between version 1.5.1 and version 1.5.0 include:
- Re-organized and improved the documentation.
- Added Visual Studio External Tool support (-visual_studio option)
- Added experimental support for Windows 8. However, false positives
may occur on graphical or networked applications on Windows 8.
Future releases will add full support.
- Added Dr. Syscall library and Dr. Memory Framework for building other
tools from Dr. Memory's feature base. Future releases will add other
libraries and add further tool-building support.
- Added \p drstrace, an initial version of a system call tracer.
Future releases will expand its capabilities.
- Added heuristics to distinguish substrings that look like pointers and
thus reduce false negatives in leak reporting. See
the -strings_vs_pointers option.
- Added a new, experimental lightweight mode: \p -unaddr_only.
- Added non-ASCII application support.
- Added option \p -show_duplicates to list details on duplicate errors.
- Eliminated reliance on the WDK/DDK when building from sources.
- Fixed PATH limit issue with the NSIS installer.
- Reduced false positives from bitfields.
- Fixed problems with debug C libraries on Windows.
- Fixed some problems in callstack walking.
- Various bug fixes.
The changes between version 1.5.0 and 1.4.6 include:
- Compatibility change: GDI usage errors are no longer of type WARNING
but have their own type GDI USAGE ERROR. This affects any existing
suppressions.
- Added online symbols for Linux, which enables -results_to_stderr. The
-aggregate and -skip_results post-processing features are temporarily
disabled until a future release adds them for both Windows and Linux.
- Added support for the Microsoft Visual Studio dynamic debug C library
- Added automated retrieval of certain system library debug files
at the end of a run for better error reports in future runs.
- Added -log_suppressed_errors option
- Added -show_duplicates option
- Support wildcards in instruction lines in suppressions
- Improved callstack walking
- Added -callstack_exe_hide
- Eliminated most false positives with bitwise operations
- Various bug fixes
The changes between version 1.4.6 and 1.4.5 include:
- Added MinGW support
- Added GDI API usage error reports
- Added -light mode that does not detect uninitialized reads
or leaks but is more performant
- Added -pause_at_error option
- Added mod!... suppression wildcard
- Reduced false positives from graphical operations
- Various performance improvements
- Various bug fixes
The changes between version 1.4.5 and 1.4.4 include:
- The tool now detects mismatched use of malloc/new/new[] vs
free/delete/delete[]
- Added a script to convert Memcheck suppression files to
the Dr. Memory format.
- Performance improvements on large applications via a symbol cache
- Renamed the -check_cmps option to -check_uninit_cmps
- Renamed the -check_non_moves option to -check_uninit_non_moves
- Various bug fixes
The changes between version 1.4.4 and 1.4.3 include:
- Fix for missing output in cmd on Win7 SP1
- Check for /MDd and abort
The changes between version 1.4.3 and 1.4.2 include:
- Changed the default callstack printing style and added control
over the style via the -callstack_style runtime option
- On Windows, printing errors to stderr is now on by default
- On Windows, several options now control simplifying callstacks:
-callstack_truncate_below, -callstack_srcfile_prefix,
-callstack_modname_hide, -callstack_srcfile_hide.
The -brief option sets these to common defaults and hides
absolute addresses for simpler reports.
- Callstack walking in presence of FPO is now supported.
- Added a new mode that is several times faster but does not check
for uninitialized reads: -no_check_uninitialized.
- Thread creation stack traces are now available in the global.pid.log
file for identifying threads.
- Suppressions can take names, and the list of used suppressions is
printed out in the results file.
- Increased default -redzone_size to 16
- Suppression can take instruction specifiers for narrower scope.
- The Valgrind Memcheck suppression format is supported for legacy
suppression files: however, C++ symbols must be de-mangled at this time.
- Various bug fixes
The changes between version 1.4.2 and 1.4.1 include:
- Initial graphical system call support to reduce false positives
- Various bug fixes
The changes between version 1.4.1 and 1.4.0 include:
- Full Windows 7 support
- Various bug fixes
The changes between version 1.4.0 and 1.3.1 include:
- Initial Windows 7 support
- Performance improvements
- Various bug fixes
- Release build is used by default
The changes between version 1.3.1 and 1.3.0 include:
- Performance improvements
- Various bug fixes
The changes between version 1.3.0 and 1.2.1 include:
- Enabled -check_leaks and -possible_leaks by default (Issue 8)
- Improved suppression support: support for vertical wildcards "..."
- Locate target app on path on Linux (Issue 33)
- Various bug fixes
The changes between version 1.2.1 and 1.2.0 include:
- Fix bug in symbol lookup causing debug build asserts
The changes between version 1.2.0 and 1.1.0 include:
- Avoid false positives and false negatives when using debug versions of
msvcrt, whose own debugging facilities conflicted with Dr. Memory's
- Added -perturb feature that uses random delays to attempt to trigger
data races such as use-after-free accesses, which Dr. Memory will
immediately detect
- Separate indirect leaks from direct leaks
- Added -version option to front end
- Generalized "invalid free" to "invalid heap argument"
- Improved performance of many instruction types including string instructions
- Improved performance of heap routines accessing heap headers
- Improved performance of stack adjustments
- Improved performance of shadow table accesses
- Improved performance of hashtables via dynamic resizing
- Display messages in cmd window, where DynamoRIO has trouble printing
- Switch to online symbol processing on Windows, greatly simplifying the
Windows design and making it more robust by eliminating perl entirely
- Eliminate need for admin privileges to run on Windows
- Added wildcard support to suppressions
- Various bug fixes
The changes between version 1.1.0 and 1.0.1 include:
- Eliminated common C++ cases of false positives in possible leaks
- Report additional information on unaddressable errors: list the nearest
malloc chunks above and below, and whether the access was to freed memory
- Report timestamp and thread id of reported errors
- Added -leaks_only feature for low-overhead leak checking
- Improved support for heaps used as stacks when such stacks are small
and are adjacent to non-stack data
- Improved Linux system call parameter handling to reduce false positives
- Added default suppression file
- Added -aggregate option to combine error listings and eliminate
duplicates among a set of processes
- Report the total number of leaked bytes
- Perform error duplication checks in the client
- Reduce memory usage of callstacks stored on each malloc
- Eliminate false positives from libc string routines by replacing them
- Switch to true reachability-based leak detection, trigger-able from a
nudge at any time during a run
- Split possible leaks from certain leaks
- Improved documentation
- Improve performance of consecutive similar memory references
- Improve performance of 64K-boundary-crossing stack adjustments
- Many other performance improvements
- Many bug fixes
***************************************************************************
\htmlonly
<table width=100% bgcolor="#000000" cellspacing=0 cellpadding=2 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td><table width=100% bgcolor="#0000C0" cellspacing=0 cellpadding=1 border=0>
<tr><td></td></tr></table></td></tr></table></td></tr></table>
\endhtmlonly
\section sec_limits Limitations
Dr. Memory is still under development. It has some missing features and undoubtedly
some bugs. The missing features include:
- Uninitialized read checking is not yet supported for 64-bit applications
nor for ARM platforms.
- Windows system call parameters are not all known, which can
result in false positives and false negatives, especially on graphical
applications on more recent versions of Windows.
Often, these false positives are solely in system library code.
Dr. Memory attempts to separate such errors into potential_errors.txt.
- Definedness is tracked at the byte level, not at the bit level,
which when bitfields are in use can lead to false positives.
- Race corner cases:
- Pathological races between mallocs and frees can result in Dr. Memory's
shadow memory structures becoming mis-aligned with subsequent false
positives. However, such a scenario will always be preceded by
an invalid free error.
- General races between memory accesses and Dr. Memory's shadow memory
can occur but errors will only occur with the presence of erroneous
race conditions in the application.
- This release can produce false positives if multiple threads write
to adjacent bytes simultaneously. Future releases will provide
options to trade off performance, memory usage, and accuracy.
\subsection sec_interop Interoperability
Dr. Memory may have conflicts with security software or with other software
that injects into the same process as Dr. Memory. There are known
interoperability problems with some anti-virus applications, including
Avast 8.0.
****************************************************************************
****************************************************************************
*/