4 Consistent formatting of this file is achieved with:
5 perl ./Porting/podtidy pod/perlhacktips.pod
9 perlhacktips - Tips for Perl core C code hacking
13 This document will help you learn the best way to go about hacking on
14 the Perl core C code. It covers common problems, debugging, profiling,
17 If you haven't read L<perlhack> and L<perlhacktut> yet, you might want
20 =head1 COMMON PROBLEMS
22 Perl source plays by ANSI C89 rules: no C99 (or C++) extensions. In
23 some cases we have to take pre-ANSI requirements into consideration.
24 You don't care about some particular platform having broken Perl? I
25 hear there is still a strong demand for J2EE programmers.
27 =head2 Perl environment problems
33 Not compiling with threading
35 Compiling with threading (-Duseithreads) completely rewrites the
36 function prototypes of Perl. You better try your changes with that.
37 Related to this is the difference between "Perl_-less" and "Perl_-ly"
40 Perl_sv_setiv(aTHX_ ...);
43 The first one explicitly passes in the context, which is needed for
44 e.g. threaded builds. The second one does that implicitly; do not get
45 them mixed. If you are not passing in a aTHX_, you will need to do a
46 dTHX (or a dVAR) as the first thing in the function.
48 See L<perlguts/"How multiple interpreters and concurrency are
49 supported"> for further discussion about context.
53 Not compiling with -DDEBUGGING
55 The DEBUGGING define exposes more code to the compiler, therefore more
56 ways for things to go wrong. You should try it.
60 Introducing (non-read-only) globals
62 Do not introduce any modifiable globals, truly global or file static.
63 They are bad form and complicate multithreading and other forms of
64 concurrency. The right way is to introduce them as new interpreter
65 variables, see F<intrpvar.h> (at the very end for binary
68 Introducing read-only (const) globals is okay, as long as you verify
69 with e.g. C<nm libperl.a|egrep -v ' [TURtr] '> (if your C<nm> has
70 BSD-style output) that the data you added really is read-only. (If it
71 is, it shouldn't show up in the output of that command.)
73 If you want to have static strings, make them constant:
75 static const char etc[] = "...";
77 If you want to have arrays of constant strings, note carefully the
78 right combination of C<const>s:
80 static const char * const yippee[] =
81 {"hi", "ho", "silver"};
83 There is a way to completely hide any modifiable globals (they are all
84 moved to heap), the compilation setting
85 C<-DPERL_GLOBAL_STRUCT_PRIVATE>. It is not normally used, but can be
86 used for testing, read more about it in L<perlguts/"Background and
87 PERL_IMPLICIT_CONTEXT">.
91 Not exporting your new function
93 Some platforms (Win32, AIX, VMS, OS/2, to name a few) require any
94 function that is part of the public API (the shared Perl library) to be
95 explicitly marked as exported. See the discussion about F<embed.pl> in
100 Exporting your new function
102 The new shiny result of either genuine new functionality or your
103 arduous refactoring is now ready and correctly exported. So what could
106 Maybe simply that your function did not need to be exported in the
107 first place. Perl has a long and not so glorious history of exporting
108 functions that it should not have.
110 If the function is used only inside one source code file, make it
111 static. See the discussion about F<embed.pl> in L<perlguts>.
113 If the function is used across several files, but intended only for
114 Perl's internal use (and this should be the common case), do not export
115 it to the public API. See the discussion about F<embed.pl> in
120 =head2 Portability problems
122 The following are common causes of compilation and/or execution
123 failures, not common to Perl as such. The C FAQ is good bedtime
124 reading. Please test your changes with as many C compilers and
125 platforms as possible; we will, anyway, and it's nice to save oneself
126 from public embarrassment.
128 If using gcc, you can add the C<-std=c89> option which will hopefully
129 catch most of these unportabilities. (However it might also catch
130 incompatibilities in your system's header files.)
132 Use the Configure C<-Dgccansipedantic> flag to enable the gcc C<-ansi
133 -pedantic> flags which enforce stricter ANSI rules.
135 If using the C<gcc -Wall> note that not all the possible warnings (like
136 C<-Wunitialized>) are given unless you also compile with C<-O>.
138 Note that if using gcc, starting from Perl 5.9.5 the Perl core source
139 code files (the ones at the top level of the source code distribution,
140 but not e.g. the extensions under ext/) are automatically compiled with
141 as many as possible of the C<-std=c89>, C<-ansi>, C<-pedantic>, and a
142 selection of C<-W> flags (see cflags.SH).
144 Also study L<perlport> carefully to avoid any bad assumptions about the
145 operating system, filesystems, and so forth.
147 You may once in a while try a "make microperl" to see whether we can
148 still compile Perl with just the bare minimum of interfaces. (See
151 Do not assume an operating system indicates a certain compiler.
157 Casting pointers to integers or casting integers to pointers
169 Both are bad, and broken, and unportable. Use the PTR2IV() macro that
170 does it right. (Likewise, there are PTR2UV(), PTR2NV(), INT2PTR(), and
175 Casting between data function pointers and data pointers
177 Technically speaking casting between function pointers and data
178 pointers is unportable and undefined, but practically speaking it seems
179 to work, but you should use the FPTR2DPTR() and DPTR2FPTR() macros.
180 Sometimes you can also play games with unions.
184 Assuming sizeof(int) == sizeof(long)
186 There are platforms where longs are 64 bits, and platforms where ints
187 are 64 bits, and while we are out to shock you, even platforms where
188 shorts are 64 bits. This is all legal according to the C standard. (In
189 other words, "long long" is not a portable way to specify 64 bits, and
190 "long long" is not even guaranteed to be any wider than "long".)
192 Instead, use the definitions IV, UV, IVSIZE, I32SIZE, and so forth.
193 Avoid things like I32 because they are B<not> guaranteed to be
194 I<exactly> 32 bits, they are I<at least> 32 bits, nor are they
195 guaranteed to be B<int> or B<long>. If you really explicitly need
196 64-bit variables, use I64 and U64, but only if guarded by HAS_QUAD.
200 Assuming one can dereference any type of pointer for any type of data
203 long pony = *p; /* BAD */
205 Many platforms, quite rightly so, will give you a core dump instead of
206 a pony if the p happens not be correctly aligned.
212 (int)*p = ...; /* BAD */
214 Simply not portable. Get your lvalue to be of the right type, or maybe
215 use temporary variables, or dirty tricks with unions.
219 Assume B<anything> about structs (especially the ones you don't
220 control, like the ones coming from the system headers)
226 That a certain field exists in a struct
230 That no other fields exist besides the ones you know of
234 That a field is of certain signedness, sizeof, or type
238 That the fields are in a certain order
244 While C guarantees the ordering specified in the struct definition,
245 between different platforms the definitions might differ
251 That the sizeof(struct) or the alignments are the same everywhere
257 There might be padding bytes between the fields to align the fields -
258 the bytes can be anything
262 Structs are required to be aligned to the maximum alignment required by
263 the fields - which for native types is for usually equivalent to
264 sizeof() of the field
272 Assuming the character set is ASCIIish
274 Perl can compile and run under EBCDIC platforms. See L<perlebcdic>.
275 This is transparent for the most part, but because the character sets
276 differ, you shouldn't use numeric (decimal, octal, nor hex) constants
277 to refer to characters. You can safely say 'A', but not 0x41. You can
278 safely say '\n', but not \012. If a character doesn't have a trivial
279 input form, you can create a #define for it in both C<utfebcdic.h> and
280 C<utf8.h>, so that it resolves to different values depending on the
281 character set being used. (There are three different EBCDIC character
282 sets defined in C<utfebcdic.h>, so it might be best to insert the
283 #define three times in that file.)
285 Also, the range 'A' - 'Z' in ASCII is an unbroken sequence of 26 upper
286 case alphabetic characters. That is not true in EBCDIC. Nor for 'a' to
287 'z'. But '0' - '9' is an unbroken range in both systems. Don't assume
288 anything about other ranges.
290 Many of the comments in the existing code ignore the possibility of
291 EBCDIC, and may be wrong therefore, even if the code works. This is
292 actually a tribute to the successful transparent insertion of being
293 able to handle EBCDIC without having to change pre-existing code.
295 UTF-8 and UTF-EBCDIC are two different encodings used to represent
296 Unicode code points as sequences of bytes. Macros with the same names
297 (but different definitions) in C<utf8.h> and C<utfebcdic.h> are used to
298 allow the calling code to think that there is only one such encoding.
299 This is almost always referred to as C<utf8>, but it means the EBCDIC
300 version as well. Again, comments in the code may well be wrong even if
301 the code itself is right. For example, the concept of C<invariant
302 characters> differs between ASCII and EBCDIC. On ASCII platforms, only
303 characters that do not have the high-order bit set (i.e. whose ordinals
304 are strict ASCII, 0 - 127) are invariant, and the documentation and
305 comments in the code may assume that, often referring to something
306 like, say, C<hibit>. The situation differs and is not so simple on
307 EBCDIC machines, but as long as the code itself uses the
308 C<NATIVE_IS_INVARIANT()> macro appropriately, it works, even if the
313 Assuming the character set is just ASCII
315 ASCII is a 7 bit encoding, but bytes have 8 bits in them. The 128 extra
316 characters have different meanings depending on the locale. Absent a
317 locale, currently these extra characters are generally considered to be
318 unassigned, and this has presented some problems. This is being changed
319 starting in 5.12 so that these characters will be considered to be
320 Latin-1 (ISO-8859-1).
324 Mixing #define and #ifdef
326 #define BURGLE(x) ... \
327 #ifdef BURGLE_OLD_STYLE /* BAD */
328 ... do it the old way ... \
330 ... do it the new way ... \
333 You cannot portably "stack" cpp directives. For example in the above
334 you need two separate BURGLE() #defines, one for each #ifdef branch.
338 Adding non-comment stuff after #endif or #else
342 #else !SNOSH /* BAD */
344 #endif SNOSH /* BAD */
346 The #endif and #else cannot portably have anything non-comment after
347 them. If you want to document what is going (which is a good idea
348 especially if the branches are long), use (C) comments:
356 The gcc option C<-Wendif-labels> warns about the bad variant (by
357 default on starting from Perl 5.9.4).
361 Having a comma after the last element of an enum list
369 is not portable. Leave out the last comma.
371 Also note that whether enums are implicitly morphable to ints varies
372 between compilers, you might need to (int).
378 // This function bamfoodles the zorklator. /* BAD */
380 That is C99 or C++. Perl is C89. Using the //-comments is silently
381 allowed by many C compilers but cranking up the ANSI C89 strictness
382 (which we like to do) causes the compilation to fail.
386 Mixing declarations and code
391 set_zorkmids(n); /* BAD */
394 That is C99 or C++. Some C compilers allow that, but you shouldn't.
396 The gcc option C<-Wdeclaration-after-statements> scans for such
397 problems (by default on starting from Perl 5.9.4).
401 Introducing variables inside for()
403 for(int i = ...; ...; ...) { /* BAD */
405 That is C99 or C++. While it would indeed be awfully nice to have that
406 also in C89, to limit the scope of the loop variable, alas, we cannot.
410 Mixing signed char pointers with unsigned char pointers
412 int foo(char *s) { ... }
414 unsigned char *t = ...; /* Or U8* t = ... */
417 While this is legal practice, it is certainly dubious, and downright
418 fatal in at least one platform: for example VMS cc considers this a
419 fatal error. One cause for people often making this mistake is that a
420 "naked char" and therefore dereferencing a "naked char pointer" have an
421 undefined signedness: it depends on the compiler and the flags of the
422 compiler and the underlying platform whether the result is signed or
423 unsigned. For this very same reason using a 'char' as an array index is
428 Macros that have string constants and their arguments as substrings of
431 #define FOO(n) printf("number = %d\n", n) /* BAD */
434 Pre-ANSI semantics for that was equivalent to
436 printf("10umber = %d\10");
438 which is probably not what you were expecting. Unfortunately at least
439 one reasonably common and modern C compiler does "real backward
440 compatibility" here, in AIX that is what still happens even though the
441 rest of the AIX compiler is very happily C89.
445 Using printf formats for non-basic C types
448 printf("i = %d\n", i); /* BAD */
450 While this might by accident work in some platform (where IV happens to
451 be an C<int>), in general it cannot. IV might be something larger. Even
452 worse the situation is with more specific types (defined by Perl's
453 configuration step in F<config.h>):
456 printf("who = %d\n", who); /* BAD */
458 The problem here is that Uid_t might be not only not C<int>-wide but it
459 might also be unsigned, in which case large uids would be printed as
462 There is no simple solution to this because of printf()'s limited
463 intelligence, but for many types the right format is available as with
464 either 'f' or '_f' suffix, for example:
466 IVdf /* IV in decimal */
467 UVxf /* UV is hexadecimal */
469 printf("i = %"IVdf"\n", i); /* The IVdf is a string constant. */
471 Uid_t_f /* Uid_t in decimal */
473 printf("who = %"Uid_t_f"\n", who);
475 Or you can try casting to a "wide enough" type:
477 printf("i = %"IVdf"\n", (IV)something_very_small_and_signed);
479 Also remember that the C<%p> format really does require a void pointer:
482 printf("p = %p\n", (void*)p);
484 The gcc option C<-Wformat> scans for such problems.
488 Blindly using variadic macros
490 gcc has had them for a while with its own syntax, and C99 brought them
491 with a standardized syntax. Don't use the former, and use the latter
492 only if the HAS_C99_VARIADIC_MACROS is defined.
496 Blindly passing va_list
498 Not all platforms support passing va_list to further varargs (stdarg)
499 functions. The right thing to do is to copy the va_list using the
500 Perl_va_copy() if the NEED_VA_COPY is defined.
504 Using gcc statement expressions
506 val = ({...;...;...}); /* BAD */
508 While a nice extension, it's not portable. The Perl code does
509 admittedly use them if available to gain some extra speed (essentially
510 as a funky form of inlining), but you shouldn't.
514 Binding together several statements in a macro
516 Use the macros STMT_START and STMT_END.
524 Testing for operating systems or versions when should be testing for
527 #ifdef __FOONIX__ /* BAD */
531 Unless you know with 100% certainty that quux() is only ever available
532 for the "Foonix" operating system B<and> that is available B<and>
533 correctly working for B<all> past, present, B<and> future versions of
534 "Foonix", the above is very wrong. This is more correct (though still
535 not perfect, because the below is a compile-time check):
541 How does the HAS_QUUX become defined where it needs to be? Well, if
542 Foonix happens to be Unixy enough to be able to run the Configure
543 script, and Configure has been taught about detecting and testing
544 quux(), the HAS_QUUX will be correctly defined. In other platforms, the
545 corresponding configuration step will hopefully do the same.
547 In a pinch, if you cannot wait for Configure to be educated, or if you
548 have a good hunch of where quux() might be available, you can
549 temporarily try the following:
551 #if (defined(__FOONIX__) || defined(__BARNIX__))
561 But in any case, try to keep the features and operating systems
566 =head2 Problematic System Interfaces
572 malloc(0), realloc(0), calloc(0, 0) are non-portable. To be portable
573 allocate at least one byte. (In general you should rarely need to work
574 at this low level, but instead use the various malloc wrappers.)
578 snprintf() - the return type is unportable. Use my_snprintf() instead.
582 =head2 Security problems
584 Last but not least, here are various tips for safer coding.
592 Or we will publicly ridicule you. Seriously.
596 Do not use strcpy() or strcat() or strncpy() or strncat()
598 Use my_strlcpy() and my_strlcat() instead: they either use the native
599 implementation, or Perl's own implementation (borrowed from the public
600 domain implementation of INN).
604 Do not use sprintf() or vsprintf()
606 If you really want just plain byte strings, use my_snprintf() and
607 my_vsnprintf() instead, which will try to use snprintf() and
608 vsnprintf() if those safer APIs are available. If you want something
609 fancier than a plain byte string, use SVs and Perl_sv_catpvf().
615 You can compile a special debugging version of Perl, which allows you
616 to use the C<-D> option of Perl to tell more about what Perl is doing.
617 But sometimes there is no alternative than to dive in with a debugger,
618 either to see the stack trace of a core dump (very useful in a bug
619 report), or trying to figure out what went wrong before the core dump
620 happened, or how did we end up having wrong or unexpected results.
622 =head2 Poking at Perl
624 To really poke around with Perl, you'll probably want to build Perl for
625 debugging, like this:
627 ./Configure -d -D optimize=-g
630 C<-g> is a flag to the C compiler to have it produce debugging
631 information which will allow us to step through a running program, and
632 to see in which C function we are at (without the debugging information
633 we might see only the numerical addresses of the functions, which is
636 F<Configure> will also turn on the C<DEBUGGING> compilation symbol
637 which enables all the internal debugging code in Perl. There are a
638 whole bunch of things you can debug with this: L<perlrun> lists them
639 all, and the best way to find out about them is to play about with
640 them. The most useful options are probably
642 l Context (loop) stack processing
644 o Method and overloading resolution
645 c String/numeric conversions
647 Some of the functionality of the debugging code can be achieved using
650 -Dr => use re 'debug'
653 =head2 Using a source-level debugger
655 If the debugging output of C<-D> doesn't help you, it's time to step
656 through perl's execution with a source-level debugger.
662 We'll use C<gdb> for our examples here; the principles will apply to
663 any debugger (many vendors call their debugger C<dbx>), but check the
664 manual of the one you're using.
668 To fire up the debugger, type
672 Or if you have a core dump:
676 You'll want to do that in your Perl source tree so the debugger can
677 read the source code. You should see the copyright message, followed by
682 C<help> will get you into the documentation, but here are the most
689 Run the program with the given arguments.
691 =item * break function_name
693 =item * break source.c:xxx
695 Tells the debugger that we'll want to pause execution when we reach
696 either the named function (but see L<perlguts/Internal Functions>!) or
697 the given line in the named source file.
701 Steps through the program a line at a time.
705 Steps through the program a line at a time, without descending into
710 Run until the next breakpoint.
714 Run until the end of the current function, then stop again.
718 Just pressing Enter will do the most recent operation again - it's a
719 blessing when stepping through miles of source code.
723 Execute the given C code and print its results. B<WARNING>: Perl makes
724 heavy use of macros, and F<gdb> does not necessarily support macros
725 (see later L</"gdb macro support">). You'll have to substitute them
726 yourself, or to invoke cpp on the source code files (see L</"The .i
727 Targets">) So, for instance, you can't say
733 print Perl_sv_2pv_nolen(sv)
737 You may find it helpful to have a "macro dictionary", which you can
738 produce by saying C<cpp -dM perl.c | sort>. Even then, F<cpp> won't
739 recursively apply those macros for you.
741 =head2 gdb macro support
743 Recent versions of F<gdb> have fairly good macro support, but in order
744 to use it you'll need to compile perl with macro definitions included
745 in the debugging information. Using F<gcc> version 3.1, this means
746 configuring with C<-Doptimize=-g3>. Other compilers might use a
747 different switch (if they support debugging macros at all).
749 =head2 Dumping Perl Data Structures
751 One way to get around this macro hell is to use the dumping functions
752 in F<dump.c>; these work a little like an internal
753 L<Devel::Peek|Devel::Peek>, but they also cover OPs and other
754 structures that you can't get at from Perl. Let's take an example.
755 We'll use the C<$a = $b + $c> we used before, but give it a bit of
756 context: C<$b = "6XXXX"; $c = 2.3;>. Where's a good place to stop and
759 What about C<pp_add>, the function we examined earlier to implement the
762 (gdb) break Perl_pp_add
763 Breakpoint 1 at 0x46249f: file pp_hot.c, line 309.
765 Notice we use C<Perl_pp_add> and not C<pp_add> - see
766 L<perlguts/Internal Functions>. With the breakpoint in place, we can
769 (gdb) run -e '$b = "6XXXX"; $c = 2.3; $a = $b + $c'
771 Lots of junk will go past as gdb reads in the relevant source files and
774 Breakpoint 1, Perl_pp_add () at pp_hot.c:309
775 309 dSP; dATARGET; tryAMAGICbin(add,opASSIGN);
780 We looked at this bit of code before, and we said that
781 C<dPOPTOPnnrl_ul> arranges for two C<NV>s to be placed into C<left> and
782 C<right> - let's slightly expand it:
784 #define dPOPTOPnnrl_ul NV right = POPn; \
786 NV left = USE_LEFT(leftsv) ? SvNV(leftsv) : 0.0
788 C<POPn> takes the SV from the top of the stack and obtains its NV
789 either directly (if C<SvNOK> is set) or by calling the C<sv_2nv>
790 function. C<TOPs> takes the next SV from the top of the stack - yes,
791 C<POPn> uses C<TOPs> - but doesn't remove it. We then use C<SvNV> to
792 get the NV from C<leftsv> in the same way as before - yes, C<POPn> uses
795 Since we don't have an NV for C<$b>, we'll have to use C<sv_2nv> to
796 convert it. If we step again, we'll find ourselves there:
798 Perl_sv_2nv (sv=0xa0675d0) at sv.c:1669
802 We can now use C<Perl_sv_dump> to investigate the SV:
804 SV = PV(0xa057cc0) at 0xa0675d0
807 PV = 0xa06a510 "6XXXX"\0
812 We know we're going to get C<6> from this, so let's finish the
816 Run till exit from #0 Perl_sv_2nv (sv=0xa0675d0) at sv.c:1671
817 0x462669 in Perl_pp_add () at pp_hot.c:311
820 We can also dump out this op: the current op is always stored in
821 C<PL_op>, and we can dump it with C<Perl_op_dump>. This'll give us
822 similar output to L<B::Debug|B::Debug>.
825 13 TYPE = add ===> 14
827 FLAGS = (SCALAR,KIDS)
829 TYPE = null ===> (12)
831 FLAGS = (SCALAR,KIDS)
833 11 TYPE = gvsv ===> 12
839 # finish this later #
841 =head1 SOURCE CODE STATIC ANALYSIS
843 Various tools exist for analysing C source code B<statically>, as
844 opposed to B<dynamically>, that is, without executing the code. It is
845 possible to detect resource leaks, undefined behaviour, type
846 mismatches, portability problems, code paths that would cause illegal
847 memory accesses, and other similar problems by just parsing the C code
848 and looking at the resulting graph, what does it tell about the
849 execution and data flows. As a matter of fact, this is exactly how C
850 compilers know to give warnings about dubious code.
854 The good old C code quality inspector, C<lint>, is available in several
855 platforms, but please be aware that there are several different
856 implementations of it by different vendors, which means that the flags
857 are not identical across different platforms.
859 There is a lint variant called C<splint> (Secure Programming Lint)
860 available from http://www.splint.org/ that should compile on any
863 There are C<lint> and <splint> targets in Makefile, but you may have to
864 diddle with the flags (see above).
868 Coverity (http://www.coverity.com/) is a product similar to lint and as
869 a testbed for their product they periodically check several open source
870 projects, and they give out accounts to open source developers to the
873 =head2 cpd (cut-and-paste detector)
875 The cpd tool detects cut-and-paste coding. If one instance of the
876 cut-and-pasted code changes, all the other spots should probably be
877 changed, too. Therefore such code should probably be turned into a
878 subroutine or a macro.
880 cpd (http://pmd.sourceforge.net/cpd.html) is part of the pmd project
881 (http://pmd.sourceforge.net/). pmd was originally written for static
882 analysis of Java code, but later the cpd part of it was extended to
883 parse also C and C++.
885 Download the pmd-bin-X.Y.zip () from the SourceForge site, extract the
886 pmd-X.Y.jar from it, and then run that on source code thusly:
888 java -cp pmd-X.Y.jar net.sourceforge.pmd.cpd.CPD --minimum-tokens 100 --files /some/where/src --language c > cpd.txt
890 You may run into memory limits, in which case you should use the -Xmx
897 Though much can be written about the inconsistency and coverage
898 problems of gcc warnings (like C<-Wall> not meaning "all the warnings",
899 or some common portability problems not being covered by C<-Wall>, or
900 C<-ansi> and C<-pedantic> both being a poorly defined collection of
901 warnings, and so forth), gcc is still a useful tool in keeping our
904 The C<-Wall> is by default on.
906 The C<-ansi> (and its sidekick, C<-pedantic>) would be nice to be on
907 always, but unfortunately they are not safe on all platforms, they can
908 for example cause fatal conflicts with the system headers (Solaris
909 being a prime example). If Configure C<-Dgccansipedantic> is used, the
910 C<cflags> frontend selects C<-ansi -pedantic> for the platforms where
911 they are known to be safe.
913 Starting from Perl 5.9.4 the following extra flags are added:
927 C<-Wdeclaration-after-statement>
931 The following flags would be nice to have but they would first need
932 their own Augean stablemaster:
946 C<-Wstrict-prototypes>
950 The C<-Wtraditional> is another example of the annoying tendency of gcc
951 to bundle a lot of warnings under one switch (it would be impossible to
952 deploy in practice because it would complain a lot) but it does contain
953 some warnings that would be beneficial to have available on their own,
954 such as the warning about string constants inside macros containing the
955 macro arguments: this behaved differently pre-ANSI than it does in
956 ANSI, and some C compilers are still in transition, AIX being an
959 =head2 Warnings of other C compilers
961 Other C compilers (yes, there B<are> other C compilers than gcc) often
962 have their "strict ANSI" or "strict ANSI with some portability
963 extensions" modes on, like for example the Sun Workshop has its C<-Xa>
964 mode on (though implicitly), or the DEC (these days, HP...) has its
967 =head1 MEMORY DEBUGGERS
969 B<NOTE 1>: Running under memory debuggers such as Purify, valgrind, or
970 Third Degree greatly slows down the execution: seconds become minutes,
971 minutes become hours. For example as of Perl 5.8.1, the
972 ext/Encode/t/Unicode.t takes extraordinarily long to complete under
973 e.g. Purify, Third Degree, and valgrind. Under valgrind it takes more
974 than six hours, even on a snappy computer. The said test must be doing
975 something that is quite unfriendly for memory debuggers. If you don't
976 feel like waiting, that you can simply kill away the perl process.
978 B<NOTE 2>: To minimize the number of memory leak false alarms (see
979 L</PERL_DESTRUCT_LEVEL> for more information), you have to set the
980 environment variable PERL_DESTRUCT_LEVEL to 2.
984 setenv PERL_DESTRUCT_LEVEL 2
986 For Bourne-type shells:
988 PERL_DESTRUCT_LEVEL=2
989 export PERL_DESTRUCT_LEVEL
991 In Unixy environments you can also use the C<env> command:
993 env PERL_DESTRUCT_LEVEL=2 valgrind ./perl -Ilib ...
995 B<NOTE 3>: There are known memory leaks when there are compile-time
996 errors within eval or require, seeing C<S_doeval> in the call stack is
997 a good sign of these. Fixing these leaks is non-trivial, unfortunately,
998 but they must be fixed eventually.
1000 B<NOTE 4>: L<DynaLoader> will not clean up after itself completely
1001 unless Perl is built with the Configure option
1002 C<-Accflags=-DDL_UNLOAD_ALL_AT_EXIT>.
1004 =head2 Rational Software's Purify
1006 Purify is a commercial tool that is helpful in identifying memory
1007 overruns, wild pointers, memory leaks and other such badness. Perl must
1008 be compiled in a specific way for optimal testing with Purify. Purify
1009 is available under Windows NT, Solaris, HP-UX, SGI, and Siemens Unix.
1011 =head3 Purify on Unix
1013 On Unix, Purify creates a new Perl binary. To get the most benefit out
1014 of Purify, you should create the perl to Purify using:
1016 sh Configure -Accflags=-DPURIFY -Doptimize='-g' \
1017 -Uusemymalloc -Dusemultiplicity
1019 where these arguments mean:
1023 =item * -Accflags=-DPURIFY
1025 Disables Perl's arena memory allocation functions, as well as forcing
1026 use of memory allocation functions derived from the system malloc.
1028 =item * -Doptimize='-g'
1030 Adds debugging information so that you see the exact source statements
1031 where the problem occurs. Without this flag, all you will see is the
1032 source filename of where the error occurred.
1034 =item * -Uusemymalloc
1036 Disable Perl's malloc so that Purify can more closely monitor
1037 allocations and leaks. Using Perl's malloc will make Purify report most
1038 leaks in the "potential" leaks category.
1040 =item * -Dusemultiplicity
1042 Enabling the multiplicity option allows perl to clean up thoroughly
1043 when the interpreter shuts down, which reduces the number of bogus leak
1044 reports from Purify.
1048 Once you've compiled a perl suitable for Purify'ing, then you can just:
1052 which creates a binary named 'pureperl' that has been Purify'ed. This
1053 binary is used in place of the standard 'perl' binary when you want to
1054 debug Perl memory problems.
1056 As an example, to show any memory leaks produced during the standard
1057 Perl testset you would create and run the Purify'ed perl as:
1061 ../pureperl -I../lib harness
1063 which would run Perl on test.pl and report any memory problems.
1065 Purify outputs messages in "Viewer" windows by default. If you don't
1066 have a windowing environment or if you simply want the Purify output to
1067 unobtrusively go to a log file instead of to the interactive window,
1068 use these following options to output to the log file "perl.log":
1070 setenv PURIFYOPTIONS "-chain-length=25 -windows=no \
1071 -log-file=perl.log -append-logfile=yes"
1073 If you plan to use the "Viewer" windows, then you only need this
1076 setenv PURIFYOPTIONS "-chain-length=25"
1078 In Bourne-type shells:
1081 export PURIFYOPTIONS
1083 or if you have the "env" utility:
1085 env PURIFYOPTIONS="..." ../pureperl ...
1089 Purify on Windows NT instruments the Perl binary 'perl.exe' on the fly.
1090 There are several options in the makefile you should change to get the
1091 most use out of Purify:
1097 You should add -DPURIFY to the DEFINES line so the DEFINES line looks
1100 DEFINES = -DWIN32 -D_CONSOLE -DNO_STRICT $(CRYPT_FLAG) -DPURIFY=1
1102 to disable Perl's arena memory allocation functions, as well as to
1103 force use of memory allocation functions derived from the system
1106 =item * USE_MULTI = define
1108 Enabling the multiplicity option allows perl to clean up thoroughly
1109 when the interpreter shuts down, which reduces the number of bogus leak
1110 reports from Purify.
1112 =item * #PERL_MALLOC = define
1114 Disable Perl's malloc so that Purify can more closely monitor
1115 allocations and leaks. Using Perl's malloc will make Purify report most
1116 leaks in the "potential" leaks category.
1120 Adds debugging information so that you see the exact source statements
1121 where the problem occurs. Without this flag, all you will see is the
1122 source filename of where the error occurred.
1126 As an example, to show any memory leaks produced during the standard
1127 Perl testset you would create and run Purify as:
1132 purify ../perl -I../lib harness
1134 which would instrument Perl in memory, run Perl on test.pl, then
1135 finally report any memory problems.
1139 The excellent valgrind tool can be used to find out both memory leaks
1140 and illegal memory accesses. As of version 3.3.0, Valgrind only
1141 supports Linux on x86, x86-64 and PowerPC. The special "test.valgrind"
1142 target can be used to run the tests under valgrind. Found errors and
1143 memory leaks are logged in files named F<testfile.valgrind>.
1145 Valgrind also provides a cachegrind tool, invoked on perl as:
1147 VG_OPTS=--tool=cachegrind make test.valgrind
1149 As system libraries (most notably glibc) are also triggering errors,
1150 valgrind allows to suppress such errors using suppression files. The
1151 default suppression file that comes with valgrind already catches a lot
1152 of them. Some additional suppressions are defined in F<t/perl.supp>.
1154 To get valgrind and for more information see
1156 http://developer.kde.org/~sewardj/
1160 Depending on your platform there are various ways of profiling Perl.
1162 There are two commonly used techniques of profiling executables:
1163 I<statistical time-sampling> and I<basic-block counting>.
1165 The first method takes periodically samples of the CPU program counter,
1166 and since the program counter can be correlated with the code generated
1167 for functions, we get a statistical view of in which functions the
1168 program is spending its time. The caveats are that very small/fast
1169 functions have lower probability of showing up in the profile, and that
1170 periodically interrupting the program (this is usually done rather
1171 frequently, in the scale of milliseconds) imposes an additional
1172 overhead that may skew the results. The first problem can be alleviated
1173 by running the code for longer (in general this is a good idea for
1174 profiling), the second problem is usually kept in guard by the
1175 profiling tools themselves.
1177 The second method divides up the generated code into I<basic blocks>.
1178 Basic blocks are sections of code that are entered only in the
1179 beginning and exited only at the end. For example, a conditional jump
1180 starts a basic block. Basic block profiling usually works by
1181 I<instrumenting> the code by adding I<enter basic block #nnnn>
1182 book-keeping code to the generated code. During the execution of the
1183 code the basic block counters are then updated appropriately. The
1184 caveat is that the added extra code can skew the results: again, the
1185 profiling tools usually try to factor their own effects out of the
1188 =head2 Gprof Profiling
1190 gprof is a profiling tool available in many Unix platforms, it uses
1191 F<statistical time-sampling>.
1193 You can build a profiled version of perl called "perl.gprof" by
1194 invoking the make target "perl.gprof" (What is required is that Perl
1195 must be compiled using the C<-pg> flag, you may need to re-Configure).
1196 Running the profiled version of Perl will create an output file called
1197 F<gmon.out> is created which contains the profiling data collected
1198 during the execution.
1200 The gprof tool can then display the collected data in various ways.
1201 Usually gprof understands the following options:
1207 Suppress statically defined functions from the profile.
1211 Suppress the verbose descriptions in the profile.
1215 Exclude the given routine and its descendants from the profile.
1219 Display only the given routine and its descendants in the profile.
1223 Generate a summary file called F<gmon.sum> which then may be given to
1224 subsequent gprof runs to accumulate data over several runs.
1228 Display routines that have zero usage.
1232 For more detailed explanation of the available commands and output
1233 formats, see your own local documentation of gprof.
1237 $ sh Configure -des -Dusedevel -Doptimize='-pg' && make perl.gprof
1238 $ ./perl.gprof someprog # creates gmon.out in current directory
1239 $ gprof ./perl.gprof > out
1242 =head2 GCC gcov Profiling
1244 Starting from GCC 3.0 I<basic block profiling> is officially available
1247 You can build a profiled version of perl called F<perl.gcov> by
1248 invoking the make target "perl.gcov" (what is required that Perl must
1249 be compiled using gcc with the flags C<-fprofile-arcs -ftest-coverage>,
1250 you may need to re-Configure).
1252 Running the profiled version of Perl will cause profile output to be
1253 generated. For each source file an accompanying ".da" file will be
1256 To display the results you use the "gcov" utility (which should be
1257 installed if you have gcc 3.0 or newer installed). F<gcov> is run on
1258 source code files, like this
1262 which will cause F<sv.c.gcov> to be created. The F<.gcov> files contain
1263 the source code annotated with relative frequencies of execution
1264 indicated by "#" markers.
1266 Useful options of F<gcov> include C<-b> which will summarise the basic
1267 block, branch, and function call coverage, and C<-c> which instead of
1268 relative frequencies will use the actual counts. For more information
1269 on the use of F<gcov> and basic block profiling with gcc, see the
1270 latest GNU CC manual, as of GCC 3.0 see
1272 http://gcc.gnu.org/onlinedocs/gcc-3.0/gcc.html
1274 and its section titled "8. gcov: a Test Coverage Program"
1276 http://gcc.gnu.org/onlinedocs/gcc-3.0/gcc_8.html#SEC132
1280 $ sh Configure -des -Dusedevel -Doptimize='-g' \
1281 -Accflags='-fprofile-arcs -ftest-coverage' \
1282 -Aldflags='-fprofile-arcs -ftest-coverage' && make perl.gcov
1283 $ rm -f regexec.c.gcov regexec.gcda
1286 $ view regexec.c.gcov
1288 =head1 MISCELLANEOUS TRICKS
1290 =head2 PERL_DESTRUCT_LEVEL
1292 If you want to run any of the tests yourself manually using e.g.
1293 valgrind, or the pureperl or perl.third executables, please note that
1294 by default perl B<does not> explicitly cleanup all the memory it has
1295 allocated (such as global memory arenas) but instead lets the exit() of
1296 the whole program "take care" of such allocations, also known as
1297 "global destruction of objects".
1299 There is a way to tell perl to do complete cleanup: set the environment
1300 variable PERL_DESTRUCT_LEVEL to a non-zero value. The t/TEST wrapper
1301 does set this to 2, and this is what you need to do too, if you don't
1302 want to see the "global leaks": For example, for "third-degreed" Perl:
1304 env PERL_DESTRUCT_LEVEL=2 ./perl.third -Ilib t/foo/bar.t
1306 (Note: the mod_perl apache module uses also this environment variable
1307 for its own purposes and extended its semantics. Refer to the mod_perl
1308 documentation for more information. Also, spawned threads do the
1309 equivalent of setting this variable to the value 1.)
1311 If, at the end of a run you get the message I<N scalars leaked>, you
1312 can recompile with C<-DDEBUG_LEAKING_SCALARS>, which will cause the
1313 addresses of all those leaked SVs to be dumped along with details as to
1314 where each SV was originally allocated. This information is also
1315 displayed by Devel::Peek. Note that the extra details recorded with
1316 each SV increases memory usage, so it shouldn't be used in production
1317 environments. It also converts C<new_SV()> from a macro into a real
1318 function, so you can use your favourite debugger to discover where
1319 those pesky SVs were allocated.
1321 If you see that you're leaking memory at runtime, but neither valgrind
1322 nor C<-DDEBUG_LEAKING_SCALARS> will find anything, you're probably
1323 leaking SVs that are still reachable and will be properly cleaned up
1324 during destruction of the interpreter. In such cases, using the C<-Dm>
1325 switch can point you to the source of the leak. If the executable was
1326 built with C<-DDEBUG_LEAKING_SCALARS>, C<-Dm> will output SV
1327 allocations in addition to memory allocations. Each SV allocation has a
1328 distinct serial number that will be written on creation and destruction
1329 of the SV. So if you're executing the leaking code in a loop, you need
1330 to look for SVs that are created, but never destroyed between each
1331 cycle. If such an SV is found, set a conditional breakpoint within
1332 C<new_SV()> and make it break only when C<PL_sv_serial> is equal to the
1333 serial number of the leaking SV. Then you will catch the interpreter in
1334 exactly the state where the leaking SV is allocated, which is
1335 sufficient in many cases to find the source of the leak.
1337 As C<-Dm> is using the PerlIO layer for output, it will by itself
1338 allocate quite a bunch of SVs, which are hidden to avoid recursion. You
1339 can bypass the PerlIO layer if you use the SV logging provided by
1340 C<-DPERL_MEM_LOG> instead.
1344 If compiled with C<-DPERL_MEM_LOG>, both memory and SV allocations go
1345 through logging functions, which is handy for breakpoint setting.
1347 Unless C<-DPERL_MEM_LOG_NOIMPL> is also compiled, the logging functions
1348 read $ENV{PERL_MEM_LOG} to determine whether to log the event, and if
1351 $ENV{PERL_MEM_LOG} =~ /m/ Log all memory ops
1352 $ENV{PERL_MEM_LOG} =~ /s/ Log all SV ops
1353 $ENV{PERL_MEM_LOG} =~ /t/ include timestamp in Log
1354 $ENV{PERL_MEM_LOG} =~ /^(\d+)/ write to FD given (default is 2)
1356 Memory logging is somewhat similar to C<-Dm> but is independent of
1357 C<-DDEBUGGING>, and at a higher level; all uses of Newx(), Renew(), and
1358 Safefree() are logged with the caller's source code file and line
1359 number (and C function name, if supported by the C compiler). In
1360 contrast, C<-Dm> is directly at the point of C<malloc()>. SV logging is
1363 Since the logging doesn't use PerlIO, all SV allocations are logged and
1364 no extra SV allocations are introduced by enabling the logging. If
1365 compiled with C<-DDEBUG_LEAKING_SCALARS>, the serial number for each SV
1366 allocation is also logged.
1370 Those debugging perl with the DDD frontend over gdb may find the
1373 You can extend the data conversion shortcuts menu, so for example you
1374 can display an SV's IV value with one click, without doing any typing.
1375 To do that simply edit ~/.ddd/init file and add after:
1377 ! Display shortcuts.
1378 Ddd*gdbDisplayShortcuts: \
1379 /t () // Convert to Bin\n\
1380 /d () // Convert to Dec\n\
1381 /x () // Convert to Hex\n\
1382 /o () // Convert to Oct(\n\
1384 the following two lines:
1386 ((XPV*) (())->sv_any )->xpv_pv // 2pvx\n\
1387 ((XPVIV*) (())->sv_any )->xiv_iv // 2ivx
1389 so now you can do ivx and pvx lookups or you can plug there the sv_peek
1392 Perl_sv_peek(my_perl, (SV*)()) // sv_peek
1394 (The my_perl is for threaded builds.) Just remember that every line,
1395 but the last one, should end with \n\
1397 Alternatively edit the init file interactively via: 3rd mouse button ->
1398 New Display -> Edit Menu
1400 Note: you can define up to 20 conversion shortcuts in the gdb section.
1404 If you see in a debugger a memory area mysteriously full of 0xABABABAB
1405 or 0xEFEFEFEF, you may be seeing the effect of the Poison() macros, see
1408 =head2 Read-only optrees
1410 Under ithreads the optree is read only. If you want to enforce this, to
1411 check for write accesses from buggy code, compile with
1412 C<-DPL_OP_SLAB_ALLOC> to enable the OP slab allocator and
1413 C<-DPERL_DEBUG_READONLY_OPS> to enable code that allocates op memory
1414 via C<mmap>, and sets it read-only at run time. Any write access to an
1415 op results in a C<SIGBUS> and abort.
1417 This code is intended for development only, and may not be portable
1418 even to all Unix variants. Also, it is an 80% solution, in that it
1419 isn't able to make all ops read only. Specifically it
1425 Only sets read-only on all slabs of ops at C<CHECK> time, hence ops
1426 allocated later via C<require> or C<eval> will be re-write
1430 Turns an entire slab of ops read-write if the refcount of any op in the
1431 slab needs to be decreased.
1435 Turns an entire slab of ops read-write if any op from the slab is
1440 It's not possible to turn the slabs to read-only after an action
1441 requiring read-write access, as either can happen during op tree
1442 building time, so there may still be legitimate write access.
1444 However, as an 80% solution it is still effective, as currently it
1445 catches a write access during the generation of F<Config.pm>, which
1446 means that we can't yet build F<perl> with this enabled.
1448 =head2 The .i Targets
1450 You can expand the macros in a F<foo.c> file by saying
1454 which will expand the macros using cpp. Don't be scared by the results.
1458 This document was originally written by Nathan Torkington, and is
1459 maintained by the perl5-porters mailing list.