csci 4931 - rational purify 1 rational purify overview michel izygon - jim helm
TRANSCRIPT
CSCI 4931 - Rational Purify 1
Rational Purify OverviewMichel Izygon - Jim Helm
CSCI 4931 - Rational Purify 2
Purify
• Tool supporting Testing/Reliability Diagnostics• Locate hard to find run-time errors• Start using as soon as code is written• Languages: C, C++,
CSCI 4931 - Rational Purify 3
Purify Key Features
• Detect following types of errors:
array bounds errrors
accesses through dangling pointer
uninitialized memory read
memory allocation errors
memory leaks• Provide filtering and detail level customization• GUI and command line interface• Integrated with VC++, ClearQuest, TestFactory
CSCI 4931 - Rational Purify 4
Runtime Debugger Technology• Two main techniques:
Object Code Insertion: – Instrumentation of the code happens on the executable file
– Involves the instrumentation of each object file and library by adding special instructions to every store and read instructions
– Allow to debug even if you don’t have the source code
Source Code Insertion– Instrumentation of the code happens on the source file
– Involves parsing, analyzing and conveting the original code into a new equivalent source code. Then Compile the new code.
– Generally more accurate and has access to more information about the program pointers and meory blocks. Can detect errors at compile time also.
• Purify uses Object Code Insertion
CSCI 4931 - Rational Purify 5
Array bounds errors
• Program writes memory past the bounds of an allocated block
example:
• Memory corrupted may be used much later in the program• Symptom far away from the cause• Program may behave in an unpredictable way, dependent
upon the values accessed in the memory block corrupted.• Purify reports Array Bounds Read and Array Bounds Write
CSCI 4931 - Rational Purify 6
Accesses through dangling pointer
• Access to a freed dynamically allocated block of memory
• Outcome of program is unpredictable: if memory block not reallocated, expected
value might still be there, and program seems OK
if memory block reallocated program might fail, dependent on timing issues, memory allocation pattern,…
• Access can be a Read or a Write• Purify reports Free Memory Read and Free
Memory Write
CSCI 4931 - Rational Purify 7
Uninitialized memory read
• Access to an allocated block of memory which has not yet been initialized.
• Outcome of program is unpredictable, depending on the context.
• If memory contains value remaining from previous memory use, program will behave erratically
• Purify reports Uninitialized Memory Read
CSCI 4931 - Rational Purify 8
Memory allocation errors
• Memory allocated with new but freed with free may cause corruption of heap structures.
• If these structures are accessed, program can fail.• Attempt to free a local variable on the stack
might succeed and corrupt local variables or function return.
• Purify reports Freeing Mismatched Memory and Freeing Invalid Memory
CSCI 4931 - Rational Purify 9
Memory leaks
• Memory allocated but never freed, and for which no pointers exist.
• Memory blocks cannot be used nor freed, and occupy address space.
• Performance of the program degrades and eventually it fails from lack of memory
• Purify reports Memory Leaks
CSCI 4931 - Rational Purify 10
Other Features
• Filtering Messages• Comparing program runs• Just in time debugging• API functions• Submit Change Request to ClearQuest directly
from Purify
CSCI 4931 - Rational Purify 11
Caution
• Purify can detect memory corruption errors, but only in dynamic memory.
• Purify does not detect corruption on the stack or in static memory at all, because the fence technique only works for dynamic memory.