Rational Purify Overview
Michel Izygon - Jim Helm
CSCI 4931 - Rational Purify
1
Purify
•
•
•
•
Tool supporting Testing/Reliability Diagnostics
Locate hard to find run-time errors
Start using as soon as code is written
Languages: C, C++,
CSCI 4931 - Rational Purify
2
Purify Key Features
• Detect following types of errors:

array bounds errrors

accesses through dangling pointer

uninitialized memory read

memory allocation errors
memory leaks
• Provide filtering and detail level customization
• GUI and command line interface
• Integrated with VC++, ClearQuest, TestFactory

CSCI 4931 - Rational Purify
3
Runtime Debugger Technology
• Two main techniques:

Object Code Insertion:
– Instrumentation of the code happens on the executable file
– Involves the instrumentation of each object file and library by
adding special instructions to every store and read instructions
– Allow to debug even if you don’t have the source code

Source Code Insertion
– Instrumentation of the code happens on the source file
– Involves parsing, analyzing and conveting the original code into a
new equivalent source code. Then Compile the new code.
– Generally more accurate and has access to more information
about the program pointers and meory blocks. Can detect errors
at compile time also.
• Purify uses Object Code Insertion
CSCI 4931 - Rational Purify
4
Array bounds errors
• Program writes memory past the bounds of an allocated
block
 example:
• Memory corrupted may be used much later in the program
• Symptom far away from the cause
• Program may behave in an unpredictable way, dependent
upon the values accessed in the memory block corrupted.
• Purify reports Array Bounds Read and Array Bounds Write
CSCI 4931 - Rational Purify
5
Accesses through dangling pointer
• Access to a freed dynamically allocated block of memory
• Outcome of program is unpredictable:
 if memory block not reallocated, expected value
might still be there, and program seems OK
 if memory block reallocated program might fail,
dependent on timing issues, memory allocation
pattern,…
• Access can be a Read or a Write
• Purify reports Free Memory Read and Free Memory
Write
CSCI 4931 - Rational Purify
6
Uninitialized memory read
• Access to an allocated block of memory which has not
yet been initialized.
• Outcome of program is unpredictable, depending on the
context.
• If memory contains value remaining from previous
memory use, program will behave erratically
• Purify reports Uninitialized Memory Read
CSCI 4931 - Rational Purify
7
Memory allocation errors
• Memory allocated with new but freed with free may
cause corruption of heap structures.
• If these structures are accessed, program can fail.
• Attempt to free a local variable on the stack might
succeed and corrupt local variables or function return.
• Purify reports Freeing Mismatched Memory and Freeing
Invalid Memory
CSCI 4931 - Rational Purify
8
Memory leaks
• Memory allocated but never freed, and for which no
pointers exist.
• Memory blocks cannot be used nor freed, and occupy
address space.
• Performance of the program degrades and eventually it
fails from lack of memory
• Purify reports Memory Leaks
CSCI 4931 - Rational Purify
9
Other Features
•
•
•
•
•
Filtering Messages
Comparing program runs
Just in time debugging
API functions
Submit Change Request to ClearQuest directly from
Purify
CSCI 4931 - Rational Purify
10
Caution
• Purify can detect memory corruption errors, but only in
dynamic memory.
• Purify does not detect corruption on the stack or in static
memory at all, because the fence technique only works
for dynamic memory.
CSCI 4931 - Rational Purify
11