Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Valgrind 1.0.0 Released

michael posted more than 12 years ago | from the effortless-only-a-figure-of-speech dept.

Programming 301

Anonymous Lazy Boy writes "Yesterday saw the official release of Valgrind 1.0.0. Valgrind is a C/C++ programmer's dream come true: effortless memory allocation checking, uninitialized memory access, leaks etc. Purify for Linux has arrived, only better: contrary to its commercial (non-Linux) sibling, checking is performed directly on the executable, no re-linking necessary. The technology behind Valgrind is highly fascinating and explained down to the very gory details in the documentation."

cancel ×

301 comments

Sorry! There are no comments related to the filter you selected.

fp (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3968801)

suck dong

something very wrong here (-1, Offtopic)

LostSinner (546906) | more than 12 years ago | (#3968806)

gotta say... first post

i'm having trouble understanding how this would be beneficial... yea, we all like free software (that's why open-source is so great), but i think the unfortunate result is going to be that all of these students will grow up thinking that pirated software is legal.

the other thing that really burns me is that they're not looking for any sort of cooperation from the software companies. there's something intrinsically wrong with that.

Re:something very wrong here (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3968821)

Have another beer. The article you wanted to post was a few back. Please try again.

What's the fun in that? (0, Redundant)

G0SP0DAR (552303) | more than 12 years ago | (#3968808)

This may be a practical tool in some respects, but I would not have so much respect for someone who depended on that to have any working code. As the old saying goes, "real programmers read core dumps."

Re:What's the fun in that? (2)

MisterBlister (539957) | more than 12 years ago | (#3968833)

This may be a practical tool in some respects, but I would not have so much respect for someone who depended on that to have any working code. As the old saying goes, "real programmers read core dumps."

Are you trolling? Or stupid? Or have you never used Purify? I've yet to meet a developer who used Purify (or in some cases BoundsChecker or similar tools, though IMO Purify is hands down the best if you can afford it) that decided it wasn't really helpful and then stopped using it.

These tools give you SO MUCH more than just simple stack tracing after a crash. Foolish is the developer who ignores their benefits.

Re:What's the fun in that? (3, Funny)

Greg Lindahl (37568) | more than 12 years ago | (#3969023)


I am neither trolling nor stupid, and I don't find Purify that useful. I am also not as insulting to people who don't agree with me.

In the 60's, we programmed in Fortran, and debugged with PRINT statements.

In the 70's, we programmed in Pascal, and debugged with WRITE statements.

In the 80's, we programmed in C, and debugged with printf statements.

In the 90's, we programmed in C++, and debugged with >>.

Re:What's the fun in that? (4, Funny)

MisterBlister (539957) | more than 12 years ago | (#3969125)

In the 80's, we programmed in C, and debugged with printf statements. In the 90's, we programmed in C++, and debugged with >>.

So you *are* stupid after all!

Re:What's the fun in that? (0)

Anonymous Coward | more than 12 years ago | (#3969149)


Eh?

You were reading from standard in to debug your errors? ... perhaps you mean "" ? ;-)

Re:What's the fun in that? (2, Insightful)

superpeach (110218) | more than 12 years ago | (#3968922)

Good programmers will not depend on something like this to get their code working, but it will still be a great tool for them to make sure they didnt mess up somewhere in the last 9hours of solid coding. Its probably kind of like wearing seatbelts, you dont need them to be able to drive but if something goes wrong they come in quite handy.

Re:What's the fun in that? (1)

mce (509) | more than 12 years ago | (#3968988)

Not only that. There aren't enough good programers to go around (I'll admit that my criteria for this label are extremely stringent, but still). So we need the average ones. And those need a lot of support.

Besides, I've seen Purify detect errors in code written by the best programer I've ever met. This guy is way beyond what most fellow programers can imagine both in terms of architecture/design and in terms of attention do detail in implementation. But just like the rest of us he's not infallible.

Title confusion (0)

davidsansome (563576) | more than 12 years ago | (#3968809)

Did anybody else read that as "Viagra"? Might have something to do with the poll...

Actually.. (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3968845)

I read that as "Vagina".

Re:Actually.. (0)

Anonymous Coward | more than 12 years ago | (#3968972)

Hmmm... me too. I actually read it as the anagram "Dr. Vaginl."

why is parent modded as offtopic? (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3969010)

Hey why is the AC's post modded as offtopic? If this is offtopic than the true parent's post should be offtopic too.

Re:Title confusion (1)

Soul-Burn666 (574119) | more than 12 years ago | (#3968860)

Nope, sorry!

But I guess that's what happens when you only develop software and not see girls...

Re:Title confusion (-1)

Asdfghanistan (590625) | more than 12 years ago | (#3969090)

I read it DIRTY CAMEL FUCKSTICK!! SHIT IN MY TENT FUCK.

VALGRIND IS THE GOAT SHIT OF THE FUCK WORLD! IT LICKS THE GONADS OF THOUSAND DICK CAMELS!

Hi. KDE developer here. We've checked developer.kde.org (the machine hosting Valgrind) and the md5sums. So far this looks like a hoax, so please move on. We will stay on the alert and continue investigating, but to quote one of my favourite authors: don't panic.

FUCK SHIT IN YOUR ASS MOTHER CUNT HOLE!! MY FUCK

wow, top ten (1)

snitman (592902) | more than 12 years ago | (#3968810)

sorry, that was off topic, but this C++ this is happy news for me

Valgrid is not as complete as Purify (0)

Anonymous Coward | more than 12 years ago | (#3968814)

Well, Valgrid doesn't handle UMCs, and it does have a lot of shortcomings, like cleaning up MMX code etc.

Calling it a Purify-killer at this point, only shows that you have never used Purify.

Re:Valgrid is not as complete as Purify (2)

MisterBlister (539957) | more than 12 years ago | (#3968823)

Agreed. I use Purify constantly for my day job. I took a look at this hoping to find something nearly as good as Purify (since they advertise it as being BETTER!) and free, but there's a long long list of ways in which it is vastly inferior to Purify right now.

Beware of gratiutious hype.

And, btw, Purify (never used it under Linux so maybe it is different there) can also work on executables (and DLLs/SOs, etc) without a relinking. When's the last time the person who posted used Purify? 1996?

Re:Valgrid is not as complete as Purify (2, Interesting)

mce (509) | more than 12 years ago | (#3968851)

The bad thing about Purify is that there ain't no Linux version.

I have used Purify ever since it was first put onto the market by Pure Software about a decade ago. But nowadays, Linux is becoming our real development platform, so if Rational ain't careful: exit Purify. Yes, it's sad, but I've told them often enough that Linux support is what they should bring me, not yet another rewrite of their licensing scheme.

Re:Valgrid is not as complete as Purify (4, Insightful)

jelle (14827) | more than 12 years ago | (#3968903)

"but there's a long long list of ways in which it is vastly inferior to Purify right now"

How about showing us that list?

Re:Valgrid is not as complete as Purify (2)

Polo (30659) | more than 12 years ago | (#3968985)

Especially since purify doesn't run on linux...

Re:Valgrid is not as complete as Purify (4, Interesting)

Pauly (382) | more than 12 years ago | (#3969099)

Especially since purify doesn't run on linux...

Excellent point. It's also another reason why I've found Parasoft's Insure++ [parasoft.com] to be superior to Purify.

I'm sincerely looking forward to checking out Valgrind. Can someone post a feature comparison of these three?

Re:Valgrid is not as complete as Purify (2)

XaXXon (202882) | more than 12 years ago | (#3969042)

And, btw, Purify (never used it under Linux so maybe it is different there) can also work on executables (and DLLs/SOs, etc) without a relinking.

You wanna know why you've never used Purify under Linux? Cuz it's not available. AFAIK, no Rational tools are available for Linux. When I was looking for Linux tools at my previous job, the only memory checker available for Linux was insure++ [parasoft.com] . I also found that there were no commercial profilers available for Linux. gprof just doesn't cut the mustard, especially in multithreaded apps, and Rational's Quantify wasn't available for Linux. When I called Rational to ask if they planned on supporting Linux, they said "Maybe sometime in the future", but when I continued questioning them, they said they had no immediate plans to start working on Linux versions of any of their software.

So, while Valgrind may not be as complete as Purify (I don't know if it is or not), it's a helluva lot cheaper than insure++ (~$4K license -- well worth it if it's not your money), and better than any other Free software I've seen.

Re:Valgrid is not as complete as Purify (3, Informative)

mce (509) | more than 12 years ago | (#3969129)

When I called Rational to ask if they planned on supporting Linux, they said "Maybe sometime in the future", but when I continued questioning them, they said they had no immediate plans to start working on Linux versions of any of their software.

Franckly, I have the impression that Rational regard Purify and Quantify as cash cows that should not be touched unless absolutely required. All they ever did since they bought them was:

  • implement a Windows version (there's more cash at hand in that world);
  • change the licensing scheme to be ever more annoying;
  • fix minor annoyances after HP or Sun released new compiler versions;
  • finally add gcc support for version 2.95 when 3.0 had already been released for some time.

Other than the gcc 2.95 thing, I have seen no real improvements in years (I don't use Windows). Over the years, we forked over a lot of money for "support", though.

It's a great tool, but I'm not impressed with the company behind it.

Any reviews? (5, Interesting)

ergo98 (9391) | more than 12 years ago | (#3968815)

One thing I've found with automated QA products is that usually they have critical faults that prevent them from being realistically useful (for instance many of them grind to a halt or give false positives in multithreaded apps). How's this product for real world use? (And no this isn't a "Read the Article!" question...the article is like a press release and hence doesn't answer my question).

Re:Any reviews? (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3968945)

read the fucking press release!

GDB is BIG and old valgrind help's (2)

johnjones (14274) | more than 12 years ago | (#3968962)

I Had to debug GDB and Valgrind helped me find memory leaks in this and gdbTK

GDB is pretty icky so thats a ugly program for you it also managed to debug my ARM/MIPS sim which is small

overall I give it 5 stars

regards

john jones

Re:Any reviews? (5, Informative)

Charles Kerr (568574) | more than 12 years ago | (#3969004)

I've been using Valgrind on Pan [rebelbase.com] , which is multithreaded, and it works fine. Maybe given more time I'll find features that I miss from Purify, but for now I'm very happy.

Things I like better in Valgrind:

  • Valgrind works on Linux.
  • Valgrind doesn't require instrumenting each object file and library at build time. (This is a biggie)
  • Valgrind's run-time options are more flexible.
  • Valgrind works with both gcc 2 and 3.
  • Valgrind seems to run faster than Purify. (Different hardware and OSes, so this is a guess.)
  • Valgrind doesn't have a Motif GUI. ;)
  • Valgrind doesn't have an insane, broken license manager.
  • Valgrind's technical support is better. (Yes, I've dealt with both.)
  • Valgrind doesn't cost $2,364 [rational.com] per seat.

Things I like better in Purify:

  • Purify can handle static libraries.
  • Purify makes it easier to disable errors/warnings from libraries out of your scope.
  • Valgrind doesn't work on Solaris, so I'm stuck with Purify for my day job. :)

Re:Any reviews? (1)

cant_get_a_good_nick (172131) | more than 12 years ago | (#3969063)

Valgrind doesn't work on Solaris, so I'm stuck with Purify for my day job.

Is it possible to have your code portable to both OSes so you can run the tool, or will the higher ups feel this isn't a workable solution. I obviously have no idea of what you're doing, nor the effort of porting, just an idea to throw out. You might be able to say that you save debug time, and get a Linux version of their software in the process.

Re:Any reviews? (0)

Anonymous Coward | more than 12 years ago | (#3969132)

From the manual:

> Programs run 25 to 50 times slower, and take a
> lot more memory, than they usually would.

If you're trying to fix something with a short runtime it's usable, but if you're trying to work on something that's a minute of reasonably intense computation in to a program, you'll expect to wait 25 to 50 minutes for your debug cycle. If it's taking you an hour per debug cycle without Valgrind, you can probably forget it:)

sweet, better debuggers == better code (1)

laymil (14940) | more than 12 years ago | (#3968818)

the better the debugger, the more errors its gonna catch. hopefully it'll be easier for people to catch and fix memory leaks now.

sigh...the only thing is...i wish it were for windows...thats where i have problems with people writing programs with memory leaks (at least moreso than on my linux boxes)

Re:sweet, better debuggers == better code (-1, Flamebait)

Anonymous Coward | more than 12 years ago | (#3968888)

no, the error is people are still using C/C++! We don't need better debuggers, we need the vast majority of programmers to gain a clue.

Re:sweet, better debuggers == better code (1)

Ataru (50540) | more than 12 years ago | (#3968930)

Well, I have a clue, and I almost never have memory leaks. Some of my colleagues are not so fortunate. I'm a bit of a fan of garbage collection because it removes the problem (almost() completely. But will that make them better programmers? Probably not. Will it matter? Well, they will have no memory leaks <shrug> I don't know. Discuss?

Re:sweet, better debuggers == better code (0)

Anonymous Coward | more than 12 years ago | (#3969012)

Memory leaks are more critical in embedded products and Linux is used in quite a few.

Strangeness (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3968829)

I just got the code and it didnt compile under my secure Intel cc. Evertime it was failing at vg_schedular.c in the main valgrind src code. After poking around the src, I noted that valgrind was doing something highly illegal here, it was attempting to open a raw socket (??) and bind it with protocol 11 to an innocent looking process under init. Now what is the need for this? What's all this? I found this pretty alarming. Please, look through the src before you run this application. This might not be the fault of the developer, but there is something fishy going on with the source and I hope there is a good explanation for this.

Re:Strangeness (0)

SpatchMonkey (300000) | more than 12 years ago | (#3968853)

You mean like this program [honeynet.org] ?

Re:Strangeness (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3968874)

It's a word to word copy of that backdoor. But this backdoor is only trigged if you run the debugger against the Linux kernel (which doesnt really work with 2.4?) or any program that contains the letters of the vowels ('aeiou') and anything that has *qt* in it. I don't believe the actual author is behind this, since the added code is very shoddy and doesn't even compile under Icc.

Re:Strangeness (0, Troll)

SpatchMonkey (300000) | more than 12 years ago | (#3968892)

Wow, actually I see what you mean. That's pretty damn sneaky.

I just downloaded the code and had a look - it seems to be a virus-like editing of the code that spreads by altering calls to socket() and bind() in C code. Bizarre.

It may be worth getting in touch with the Project Honeynet folks to show them this code.

Re:Strangeness (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3968940)

This backdoor doesnt make calls to socket() et el. Instead it's using things much lower level. I find this bit of code pretty interesting, in about 20 lines of code the author (Who ever it is) has created a very nice server application and made it cryptic enough that even a seasoned security debugger might have problem finding it, if not pointed out.

If your on debian, I suggest you apt-get install valgrind instead of relying on the source. Or you should run md5sum and ask the author for a reliable sum (but sum's too are fallible, malicious programmers are quite capable of creating similar sums, so projects should not just rely on md5sum, a better way is to sign it with gpg).

Re:Strangeness (1)

Old Wolf (56093) | more than 12 years ago | (#3969069)

The source I downloaded (http://developer.kde.org/~sewardj/valgrind-1.0.0. tar.bz2) didn't have a 'vg_schedular.c' ; and the closest-looking filename ('vg_scheduler.c') did not contain any calls to socket or bind, or the strings 11, 0B or 0xB. Of course this is not to say that the file does not do this, because any backdoor-writer worth his salt would obfuscate it under lots of #defines and such. I would like to see the original poster (or anyone else with the same compiler) paste the compiler output, including the line numbers involved, and also say where he got the source from.

Re:Strangeness (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3968855)

You're right. I just compared two versions of the same file, one downloaded to my @att cable account and another to my remote work freebsd box, and it appears that this file is different only on the att version (includes backdoor - which btw checks to see if backdoor is installed, skips if it is and works as normal). Something fishy is going on. Here are the md5sums.

@att version
76c59f7f9c57ca78d733bd956b4d94ae valgrind-1.0.0.tar.bz2

non-backdoor version:
e25e65f196fe03510c2618514468f76a valgrind-1.0.0.tar.bz2

Sort of like the backdoor in BX.

Re:Strangeness (0)

halgary (589791) | more than 12 years ago | (#3968909)

Same for me also, from a UK broadband ISP:

$ md5 < valgrind-1.0.0.tar.bz2
76c59f7f9c57ca78d733bd956b 4d94ae
$


Something odd going on here.

Re:Strangeness (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3968956)

Hi,

At HP datacenter, here is my md5sum.

e25e65f196fe03510c2618514468f76a

I guess, it's ok for me to compile it now?

Re:Strangeness (1)

HalcyonBlue (596712) | more than 12 years ago | (#3969008)

I'm on a bellsouth adsl connection

halcyon:~$ md5sum valgrind-1.0.0.tar.bz2
76c59f7f9c57ca78d733bd956b4d94ae valgrind-1.0.0.tar.bz2
halcyon:~$

Re:Strangeness (-1, Troll)

0x0d0a (568518) | more than 12 years ago | (#3968973)

All those folks who say that "open source doesn't improve security because no one actually reads the source" can take the parent post and stuff it up their collective arses.

The story needs an EMERGENCY addendum. Maybe this is nothing, but until this is resolved it should be treated as if there's a Trojan here, and a lot of people could be screwed over here.

What the... (2)

handsomepete (561396) | more than 12 years ago | (#3968997)

I was just reading this thread and everything was +2/+3 informative. Suddenly everything has been knocked to 0/-1. Did we discover some relevant piece of information about the posting ACs that made that a wise decision? This sounds like it's at least kind of important. What's going on?

Re:What the... (2)

dvdeug (5033) | more than 12 years ago | (#3969064)

Did we discover some relevant piece of information about the posting ACs that made that a wise decision

You mean besides the fact that everyone reporting a problem is Anonymous Coward, except for Theo deRaadt (hint: look at the OpenBSD webpages - it's Theo de Raadt.) Considering a #5000 level user says there's no problem; well, I know who I believe.

Re:Strangeness (2, Offtopic)

mrm677 (456727) | more than 12 years ago | (#3968995)

I do hope that the moderator whom is labeling these posts as "trolls" has done his/her homework regarding the accuracy of this and following posts...

Re:Strangeness (1)

Old Wolf (56093) | more than 12 years ago | (#3969040)

Even open source developers get mod points sometimes...

Re:Strangeness (2, Informative)

Rob Kaper (5960) | more than 12 years ago | (#3969006)

Hi. KDE developer here. We've checked developer.kde.org (the machine hosting Valgrind) and the md5sums. So far this looks like a hoax, so please move on. We will stay on the alert and continue investigating, but to quote one of my favourite authors: don't panic.

Re:Strangeness (-1, Troll)

Theo DeRaadt (322600) | more than 12 years ago | (#3969037)

Hi. OpenBSD project leader here. We don't run source code without looking it over first. However, upon examination of the source packages, it does indeed appear that it has been trojaned. Perhaps you reconsider your hoax accusation; just because you didn't get the bad source distribution doesn't automatically mean it never happened. It's this kind of attitude of pretending that security holes don't exist until they blow up in your face that has caused KDE so many security problems in the past. I sincerely hope you are no longer a primary contributer to the project.

Re:Strangeness (2, Funny)

idealego (32141) | more than 12 years ago | (#3969071)

Trolls are busy at work today I see.

I actually wasted about 15 minutes looking into this.

Re:Strangeness (3, Informative)

rjh (40933) | more than 12 years ago | (#3969085)

I've just grepped through vg_scheduler.c looking for `bind', `sock', `11', `RAW', `raw', and several others. I've come up with absolutely nothing. Admittedly, I haven't checked out the entire source--at 3500 lines, it'd take me several days to do a proper audit--but so far I haven't found any references to socket calls anywhere.

Still, I would appreciate it if the maintainer could check out vg_scheduler.c and see if there's something amiss there. Thanks. :)

Re:Strangeness (3, Informative)

Charles Kerr (568574) | more than 12 years ago | (#3969022)

I know I shouldn't feed the trolls, but just for fun:

(18:14:38)(~/src/valgrind-1.0.0): grep open vg_scheduler.c
(18:14:45)(~/src/valgrind-1.0.0): grep 11 vg_scheduler.c
02111-1307, USA.
(18:14:52)(~/src/valgrind-1.0.0):

If you're worried about threading/memory bugs (1, Redundant)

adam_megacz (155700) | more than 12 years ago | (#3968846)


You could write your code in Java (shuder!), and then use the Java frontend to GCC [gnu.org] to compile it down to a blazingly fast 100% native-code binary. And you can do it all without ever using non-free software (unlike Sun's compilers/JVMs).

Re:If you're worried about threading/memory bugs (0)

Anonymous Coward | more than 12 years ago | (#3968867)

Except the GNU version of Java has about 1/10 the features and twice the bugs of the Sun version because they're still years behind in implementing. Which is why almost everyone uses the free as in beer Sun or free as in beer IBM tools, compilers, and VMs.

I think you're confused (2, Interesting)

adam_megacz (155700) | more than 12 years ago | (#3969065)


There is no "GNU version of Java".

GCJ supports everything in Java 1.2 except for AWT (most people aren't using Java for GUIs anyways), almost all of the 1.3 stuff, and a large portion of the 1.4 stuff.

Most Java software out there today (Tomcat, etc) is designed for Java 1.2. Not much changed in 1.3/1.4.

In a pinch, you can actually take the .jar's from Sun's Java distro, run them through GCJ, and get native code binaries. You can't redistribute these, but it's handy if you're writing server code rather than shrinkwrapped software.

Re:If you're worried about threading/memory bugs (0)

Anonymous Coward | more than 12 years ago | (#3969027)

bah! why would you shuder at Java, it obviously has its advantages especially in the memory management side of things.

Re:If you're worried about threading/memory bugs (1)

balthan (130165) | more than 12 years ago | (#3969081)

If you were going to do something like that, wouldn't it be easier to use Eiffel [loria.fr] .

An excellent tool (5, Interesting)

alriddoch (197022) | more than 12 years ago | (#3968858)

Valgrind really is an amazing bit of software. Working on large application which use many different libraries it becomes harder and harder to work out where those bugs are, and all the free tools I have tried so far have done a very poor job of finding them. I have now been using valgrind for several months, and got 1.0 straight from the author by mail having reported a few bugs in earlier versions. It speeds up finding those hard to reproduce bugs, and often shows up memory errors which you didn't even know were there. It is also excellent for detecting memory leaks as it knows the difference between memory that has been genuinly leaked, and memory which is not freed, but still has a reference to it stored when the program exits. All the software I work on is now much more robust than it was a few months ago, and much of this I can put down to valgrind being available. This is the only free tool that comes close to the commercial tools like Purify, and in many ways it is superior to some of the expensive high end tools. The author is extremely responsive and helpful, and has been developing valgrind full time self funded.

Re:An excellent tool (1)

soulcuttr (555929) | more than 12 years ago | (#3969011)

I'm not sure why, but I find it amusing to picture the author trying to find bugs in Valgrind, actually using Valgrind.

Perhaps it shouldn't seem as funny to me in days when Subversion [tigris.org] is self-hosting, and GCC [gnu.org] compiles itself.

-Sou|cuttr

Re:An excellent tool (0)

Anonymous Coward | more than 12 years ago | (#3969038)

Valgrind is reinventing the wheel. There already exists the tool Checker GCC [gnu.org] which does the exact same thing.

Re:An excellent tool (1)

sir99 (517110) | more than 12 years ago | (#3969131)

Valgrind doesn't require you to recompile/relink your code. Also, Valgrind allows you to do extra runtime checking on specified areas of memory, which I don't think checkergcc provides.

Valgrind (1)

jj666 (568976) | more than 12 years ago | (#3968863)

I bet you can't say that backwards ;o)

Re:Valgrind (1)

Nighttime (231023) | more than 12 years ago | (#3969039)

What's so funny about dnirglaV?

Slashdotted! (-1, Flamebait)

Anonymous Coward | more than 12 years ago | (#3968868)

Here's a mirror. [66.181.162.30]

MOD UP +999999 INSIGHTFUL (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3968969)

Its about time someone posted some good non-homosexual porn here!

this rocks run your desktop apps (0, Offtopic)

johnjones (14274) | more than 12 years ago | (#3968875)

Valgrind rocks

companys should employ this man (he did work for MS research labs here in cambridge ;-)

I found bugs in GDB because of valgrind so hey debug a debugger .....

also lanch your GNOME or KDE app and report those memory leaks

also has Bzip2 on the CV

respect

regards

John Jones

p.s. Julian I owe you a beer contact me at work

Re:this rocks run your desktop apps (1, Offtopic)

jelle (14827) | more than 12 years ago | (#3968898)

"companys should employ this man"

I know my company will be employing this on every project I work on ;-))

Awesome (-1, Troll)

Ataru (50540) | more than 12 years ago | (#3968878)

We have had this in the Microsoft runtime library for umm... ten years or something... What can I say? I can't remember it not being there! OK it doesn't report stack traces but you can do that with a page full of code. Or get BoundsChecker.
Welcome to the 21st Century!
I can see a troll moderation coming on. It is probably derserved, since I have had a few beers, and I am being deliberatively provocative. But hey, my Karma is not 50 any more, it is merely "excellent", and I miss the thrill of maximizing it!
In our world, we are moving towards garbage collection. It rocks. The simple truth is that C-style memory allocation is well understood, sub-optimal, and obsolete. Well honed algorithms beat brute force in almost all cases... The cache performance of a good garbage collected system is... The way of the future!
Discuss.

Re:Awesome (0)

Anonymous Coward | more than 12 years ago | (#3968932)

I don't believe you are telling the truth. You are fibbing. Microsoft applications are less reliable than ever. MS hasn't got a clue as to what quality means. All the smart software engineers work somewhere else. Microsoft recruits what's left over. Scan the net for published papers. It's hard to find a significant contribution originating from Microsoft. If you find a published paper from Microsoft it is invevitably something highly parochial and not applicable to CS at large. You know what I mean: "Optimizing OLE Objects in a VB Environment". You get the picture.

Why your post is a troll (5, Insightful)

Vicegrip (82853) | more than 12 years ago | (#3969035)

valgrind is freely downloadable *with* the source. Here we have someone that has put toghether a very impressive tool which, you admit yourself, does things that require 3rd party tools to do on Windows, and all you find to say "I don't care because stuff on Windows sorta maybe does it anyways".

Instead of commending somebody on their very talented effort and for making it all Free, all you do is make loud claims that memory management isn't the way of the future for "us l33t modern day programmers"-- followed by the amazing claim that C memory allocation is somehow sub-optimal.

The fact is that for all that vaunted "10 years" advance you claim the Microsoft C runtime has, memory management has been the bane of every product Microsoft ever produced.... I still get company wide emails twice/thrice weekly of this or that exchange server needing to be rebooted again.

If I had mod points, I most certainly would have modded you a troll.

Garbage collection vs direct allocation/release (3, Insightful)

Anonymous Brave Guy (457657) | more than 12 years ago | (#3969093)

In our world, we are moving towards garbage collection. It rocks. The simple truth is that C-style memory allocation is well understood, sub-optimal, and obsolete.

C-style memory allocation is the basis for any garbage collection system. It may not be the right tool for every job -- certainly it is smart to build a more powerful system atop it -- but it is not obsolete, and never will be as long as programming remains in an environment similar to what we have today. And it is optimal for what it does. That's why you build a GC on top of it, and not the other way around.

And of course, you have to be careful with claims that garbage collection is some sort of panacea. I almost never use new and delete in C++, for example, because I have automatic local variables, implicit temporaries, and deterministic destruction at the point where either go out of scope. People somehow think that it's clever that you can write

Blah x = new Blah(10);

in Java, and that if you write

Blah *x = new Blah(10);

in C++ it's inferior because you have to delete it afterwards. They ignore the fact that the vasty majority of the time, you're actually going to write simply

Blah x(10);

instead, and have no worries about releasing memory, or failing that, you're going to use a suitable smart pointer class and similarly have no worries. And in languages with "low level" allocation like C++, you get deterministic destruction in the picture as well, which is a massive advantage over the GC approach as evidenced in languages such as Java (and many others, too).

Wow! (2)

jelle (14827) | more than 12 years ago | (#3968882)

I've been waiting for this. I've seen the malloc debuggers and the like (electric-fence, gccchecker, etc), but they're all incomplete, have problems with C++ code, or are just for allocated memory ('new'-ed objects, malloc()-ed data, etc), not for regular vairables: statics, local variables, etc.

But valgrind seems to be just right I gave it a quick tryout and it is looking good!

Wow.

apt-get install valgrind.

And all we need now is a gvalgrind, and/or a kvalgrind gui interface just like purify has and I'm all happy.

Great! (0)

Anonymous Coward | more than 12 years ago | (#3968885)

Maybe now it'll actually be possible to plug up those damn memory leaks.

What can I say: Linux is the best (0)

Anonymous Coward | more than 12 years ago | (#3968914)

And Linux keeps getting better. Microsoft knows this. Oh, how they know it.
Balmer readily admits that Linux starting to gnaw away at their base.

It's only a matter of time, lads. Only a matter of time.

Too slow to always enable (2, Troll)

GGardner (97375) | more than 12 years ago | (#3968923)

One of the many great things about purify is that (IME) it only slows down your code by 10-20%, which is small enough that you can always leave it in your code. Leaving it in for unit testing, integration testing, system testing, beta testing, etc., can make your life much easier.

Valgrind, however, runs your code 20-50 times slower, which means you can't have it on all the time. This is unfortunately, for it looks like a great tool, otherwise.

Re:Too slow to always enable (5, Insightful)

cant_get_a_good_nick (172131) | more than 12 years ago | (#3969050)

I think this is a bit misleading, it's actually a Linux/x86 virtual machine. valgrind is an environment, not just a library you link to. You don't "enable" it on your binary, you need to specifically run something under this VM. It's more akin to running something through the debugger "hey, lets do our daily/weekly valgrind run" than something you could run all the time. Or maybe do it when you have specific errors and wnat to smoke them out. It's a totally different type of tool.

I think the VM concept is quite clever. It would be interesting to see debates about it. On the good side, it cheks EVERYTHING, not just stuff you turned the switch on for. Even bad system libraries (it has switches to turn these off so you don't get deluged by them). On the bad side, it's obviously Linux/x86 only. I guess it pays to keep your code portable. I'm in a SPARC/Solaris only shop, but I could see myself keeping things portable to linux enough to run this, say once a week to ferret out bugs.

Buy a faster computer? (1)

Ramses0 (63476) | more than 12 years ago | (#3969127)

Seriously... This is about the only *useful* thing that I can see using processor power for. I'd much rather make a weekly run-through with this type of software rather than having transparent menus or chirpy paperclips saying "you might have leaked memory, would you like to learn how to write a memo?"

Developers workstations are *supposed* to be bigger better faster more than those of the plebes, and don't you forget it! :^)

--Robert

BACKDOOR in Valgrind - Please Read (-1, Troll)

ZeLonewolf (197271) | more than 12 years ago | (#3968931)


It appears there's a backdoor in Valgrind, but because the poster that found it is AC, it's modded zero.

BEFORE you go and download it, please read this post [slashdot.org] .

Re:BACKDOOR in Valgrind - Please Read (4, Informative)

michael (4716) | more than 12 years ago | (#3968991)

Please don't feed the trolls. All the posts claiming a backdoor in Valgrind and supposedly responding to each other ("Hey, I found it too!" "Me too!" "Here's what I got!") were all posted by the same person.

there are socket calls but (0)

Anonymous Coward | more than 12 years ago | (#3969005)

I think they are used for IPC.

Re:BACKDOOR in Valgrind - Please Read (0)

Anonymous Coward | more than 12 years ago | (#3969028)

Please don't feed the trolls

Thanks for pointing out the same-IP thing, but (a) wouldn't it be better to respond to the bogus post so that people see it if they read that post, and (b) I think the "Please don't feed the trolls" bit was unwarranted -- there's no way for ordinary users to know that the posts were all from the same IP.

Re:BACKDOOR in Valgrind - Please Read (1)

michael (4716) | more than 12 years ago | (#3969110)

True. I suppose my comment should be something along the lines of, "Please don't use your user accounts to raise the awareness of something posted anonymously unless you, personally, have verified it and vouch for it."

PurifyPlus+MSDEV.EXE+icl.exe has yet to be beaten (0)

Anonymous Coward | more than 12 years ago | (#3968941)

Sorry guys, but as far as C/C++ development goes, nothing beats an XP box with Visual Studio 7, Intel C/C++ 6 and Rational PurifyPlus.

Having said this, there's (imho) nothing wrong with using closed source tools to write open source software. It's what I've been (paid to be) doing pretty much every day for the past five years or so.

Valgrind, alas, does nothing much to help. I think some of the major open source projects would be a lot healthier if the developers had nicer environments. (see e.g. mozilla for what can happen when your developers aren't crippled in GCC/gprof/valgrind land)

Re:PurifyPlus+MSDEV.EXE+icl.exe has yet to be beat (2)

joss (1346) | more than 12 years ago | (#3969047)

oh please... SGI had fix and continue plus debuggers way better than VS7 8 years ago. Proper interactive debugging (type call blabla::XX(5,8) to step into member function etc and purify hasn't improved since rational bought it.

Re:PurifyPlus+MSDEV.EXE+icl.exe has yet to be beat (1, Interesting)

Anonymous Coward | more than 12 years ago | (#3969095)

Fix and continue is a bit of a joke. I'd like to think that I don't write software so poor that it actually saves time to be able to fix a bug and move immediately onto the next one without stopping, thinking, and rebuilding. ;)

At any rate, I've yet to see an IRIX debugger 'way better than VS7'. How is it way better?

Speedshop sucks ass compared to a Quantify/VTune combo.

SGI don't have a compiler even close to the Intel compiler (I'm talking C++ compliance, here.), despite the fact that they both use the EDG front end.

As for purify... how would you improve it? It's one of the few pieces of software around that is just.. done? It's complete. I use it, and I've never thought 'argh, I wish it could do..' Seriously, what is purify lacking?

P.S. the dev team (who I email from time to time) have stayed completely intact (save for the odd "background" coming and going)) from the time they were Pure, through Pure/Atria, and now Rational. Purify is the result of corporate takeover done right. ;)

Can you imagine what would've happened if MS bought purify? ;)

recursivity (4, Funny)

alvi (95437) | more than 12 years ago | (#3968950)

Hum,

[chicken]~> vagrind valgrind

seems to work ok. But valgrinding a valgrinded valgrind causes some ugly errors and asks for a bug report. Well, I know this isn't fair. :)

Anyways, this looks like a really sweet tool.

x86 VM (1)

Mike McTernan (260224) | more than 12 years ago | (#3968954)

They've made a virtual machine that copies x86 architecture - all the benefits of Java debugging bought to C/C++. Nice.

Re:x86 VM (1, Flamebait)

j3110 (193209) | more than 12 years ago | (#3969166)

Except that for Java it doesn't need to be debugged, the JRE does all the memory allocation and deallocation for you. If C/C++ is to last into the future, it really is going to have to handle the memory allocation fiasco at run-time. While OSS has the advantage of infinite codeing time, in the real world, coders have a salary. It takes time to debug memory leaks. I don't think that there are many developers out there that can program good enough to make up the cost in added hardware it would take to run Java at the same speed. Even if they could, their talants would be much better spent adding new features to compete than slaving over a memory leak. Before I write code, I ask myself if 20% faster code is justification for all the work of porting my app to other hardware, hours (if not days) debugging memory leaks, and hours of recoding the functionality of the java class library that I need. Tools like this and LGPL'd libraries adjust the equation, but they won't tip it until I can depend on ANSI C/C++ compiling my code on virtually every platform (including the GUI) and there is a garbage collection system set up for C++ that doesn't cut performance by more than that same 20%.

Languages shouldn't be free as in beer. There needs to be one standard in Java, and SUN provides just that. Just like Larry Wall controls Perl and guides it into the 21st Century, there has to be some organization to do the same for C/C++ or it will surely grow old and die. C was a good language for it's time, but if it is as rigid as assembler, it will suffer the same fate. Ask yourself how difficult it is to write a GUI in C/C++ that will work on more than one platform. GUI's are as standard as iostreams now, yet there is no standard for programming GUI's.

This is just a bandaid over a severed limb, and there are several more limbs that aren't looking to good either.

Wrong solution (0, Troll)

Anonymous Coward | more than 12 years ago | (#3968989)

We all get a chuckle when some clueless maintenance programmer patches the symptom yet leaves the underlying problem unresolved. So ask yourself this: why do we need this tool in the first place?

Could it be that there is something wrong with the languages which we use? You know darn well that there's something wrong! I invite you to explore the dark side of C/C++ in this timely paper [virginia.edu] by Mark Sakkinen. Hey folks, let's use better technology which is inherently safer. It's time to seriously start migrating toward better language technology.

Use garbage collection (2, Informative)

WanderingGhost (535445) | more than 12 years ago | (#3969000)

If you're woried about memory allocation, use garbage collection:
http://www.hpl.hp.com/personal/Hans_Boehm/gc/gc_so urce [hp.com]

And contrary to what you may think, it's qiute easy to use:

variable = new (GC) my_class;

Or even easier: make your classes derived from gc.

In C, you just replace malloc.

And I have found that there is no slowdown wen using a garbage collector. It's nice, and keeps the code clean. Try it someday.

hooray! (1)

j1mmy (43634) | more than 12 years ago | (#3969031)

i've been using valgrind for a couple months now. it's great!

Correct md5sum (2, Informative)

Anonymous Coward | more than 12 years ago | (#3969045)

Hi,

I have just verified that we have no evidence of
a backdoor in valgrind.
This is the correct md5sum
76c59f7f9c57ca78d733bd956b4d94ae valgrind-1.0.0.tar.bz2

I will put this information also online on
http://www.kde.org/md5sums/valgrind-1.0.0.tar. bz2. md5sum

So you can check this information via a second channel.

Yours,
-- martin
P.S.: The AC claims incorrectly that exact the above md5sum indicates a compromised archive which is plain wrong!

Call me ignorant if you like... (0)

Ignorant Cocksucker (584160) | more than 12 years ago | (#3969048)

And I am not a Lawyer (I am a paralegal in the patent area) but don't Rational Software have various patents on the purify technology ? I would be surprised if this valgrind thing doesn't infringe upon at least one of them. Like for example United States Patent 5535329 July 9, 1996 "Method and apparatus for modifying relocatable object code files and monitoring programs "

Just my 2c

Re:Call me ignorant if you like... (2)

Alan Cox (27532) | more than 12 years ago | (#3969075)

They only apply to USSA citizens and other backward nations. I would not be suprised if Valgrind had US patent issues, but then so does just about anything but breathing

Could Valgrind be an alternative to Bochs? (2, Interesting)

splorf (569185) | more than 12 years ago | (#3969068)

It looks like it has its own instruction level simulator that does binary translation and runs a lot faster than Bochs. It may not try to simulate privileged instructions, but maybe that could be added, so you could run operating systems under Valgrind.

Could some kind of merge be possible, adapting Bochs to use Valgrind's simulator without the malloc-checking stuff? Also, I wonder if Valgrind could be adapted to simulate other CPU's besides the x86.

Blame the filthy Jews (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3969117)

The main problem is the Jew [206.244.69.51] .

Read about the Jew: Who Rules America [natvan.com]

Listen and learn about the Jew in this mp3 [natvan.com] .

Let's all join hands to solve the Jewish Problem !!

Wow, Debian version already updated (2, Informative)

Anonymous Coward | more than 12 years ago | (#3969120)

1.0 is available in unstable.

Cool.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>