Developer(s) | Micro Focus |
---|---|
Stable release | 12.1.40 / 5 March 2021 |
Operating system | Windows |
Type | Profiler / Memory debugger |
License | Proprietary software |
Website | www |
BoundsChecker is a memory checking and API call validation tool used for C++ software development with Microsoft Visual C++. It was created by NuMega in the early 1990s. When NuMega was purchased by Compuware in 1997, BoundsChecker became part of a larger tool suite, DevPartner Studio. Micro Focus purchased the product line from Compuware in 2009. [1] Comparable tools include Purify, Insure++ and Valgrind.
BoundsChecker may be run in two distinct modes: ActiveCheck, which will work against any application as is, or FinalCheck, which makes use of instrumentation added to the application when it is built.
ActiveCheck performs a less intrusive analysis and monitors all calls by the application to the C Runtime Library, Windows API and calls to COM objects. By monitoring memory allocations and releases, it can detect memory leaks and overruns. Monitoring API and COM calls enables ActiveCheck to check parameters, returns and exceptions and report exceptions when they occur. Thread deadlocks can also be detected by monitoring of the synchronization objects and calls giving actual and potential deadlock detection.
FinalCheck requires an instrumented build and gives a much deeper but more intrusive analysis. It provides all of the detection features of ActiveCheck plus the ability to detect buffer overflows (read and write) and uninitialized memory accesses. It monitors every scope change, and tracks pointers referencing memory objects.
API calls are monitored, their input parameters verified before the function calls are actually performed, warning of possible problems. The API return codes are also monitored, and error codes are logged. Such validation is limited to such APIs as are known to BoundsChecker, currently several thousand in number. If Memory Tracking is enabled, API Call Validation can make use of the information gathered for more precise validation of memory pointers.
When both memory tracking and API validation are enabled, it becomes possible to detect many kinds of array and buffer overrun conditions. Compiler instrumentation enhances this ability. This is the feature for which the product was originally named.
API, COM method and .NET Interop function calls can be logged in detail, noting the call parameter values and the resulting return values. This feature is limited in value, as non-trivial applications often result in the session log quickly becoming too large.
A report can be generated analyzing .NET Interop, garbage collection and finalizer activity over the life of the process under test.
Certain kinds of deadly embraces and other such lockups can be detected.
The current version (12.1.40) of BoundsChecker supports 32-bit and 64-bit native applications on Windows 10 (2020 Spring Update). MS-DOS, 16-bit Windows, Windows 2000, Windows XP and Windows 7 environments are no longer supported. As part of DevPartner Studio, the product integrates with 2017 Update 15.9.33 and 2019 Update 16.9 [2]
As of March 2021, the Deadlock Analysis feature is not yet supported in X64 applications.
SoftICE is a kernel mode debugger for DOS and Windows up to Windows XP. It is designed to run underneath Windows, so that the operating system is unaware of its presence. Unlike an application debugger, SoftICE is capable of suspending all operations in Windows when instructed. Due to its low-level capabilities, SoftICE is also popular as a software cracking tool.
The Windows API, informally WinAPI, is the foundational application programming interface (API) that allows a computer program to access the features of the Microsoft Windows operating system in which the program is running.
Microsoft Foundation Class Library (MFC) is a C++ object-oriented library for developing desktop applications for Windows.
Delphi is a general-purpose programming language and a software product that uses the Delphi dialect of the Object Pascal programming language and provides an integrated development environment (IDE) for rapid application development of desktop, mobile, web, and console software, currently developed and maintained by Embarcadero Technologies.
PurifyPlus is a memory debugger program used by software developers to detect memory access errors in programs, especially those written in C or C++. It was originally written by Reed Hastings of Pure Software. Pure Software later merged with Atria Software to form Pure Atria Software, which in turn was later acquired by Rational Software, which in turn was acquired by IBM, and then divested to UNICOM Systems, Inc. on Dec 31, 2014. It is functionally similar to other memory debuggers, such as Insure++, Valgrind and BoundsChecker.
Microsoft Visual Studio Express was a set of integrated development environments (IDEs) that Microsoft developed and released free of charge. They are function-limited version of the non-free Visual Studio and require mandatory registration. Express editions started with Visual Studio 2005.
Windows Installer is a software component and application programming interface (API) of Microsoft Windows used for the installation, maintenance, and removal of software. The installation information, and optionally the files themselves, are packaged in installation packages, loosely relational databases structured as COM Structured Storages and commonly known as "MSI files", from their default filename extensions. The packages with the file extensions mst
contain Windows Installer "Transformation Scripts", those with the msm
extensions contain "Merge Modules" and the file extension pcp
is used for "Patch Creation Properties". Windows Installer contains significant changes from its predecessor, Setup API. New features include a GUI framework and automatic generation of the uninstallation sequence. Windows Installer is positioned as an alternative to stand-alone executable installer frameworks such as older versions of InstallShield and NSIS.
NuMega Technologies, Inc., was a software company founded in 1987 by Frank Grossman and Jim Moskun in Nashua, New Hampshire. The company developed a Kernel mode debugger, now SoftICE, for DOS and the Windows NT family.
Dependency Walker or depends.exe is a free program for Microsoft Windows used to list the imported and exported functions of a portable executable file. It also displays a recursive tree of all the dependencies of the executable file. Dependency Walker was included in Microsoft Visual Studio until Visual Studio 2005 and Windows XP SP2 support tools. The latest version v2.2.10011 is not available on dependencywalker.com website but is included in the Windows Driver Kit v10.
Borland C++ was a C and C++ IDE released by Borland for MS-DOS and Microsoft Windows. It was the successor to Turbo C++ and included a better debugger, the Turbo Debugger, which was written in protected mode DOS.
The Microsoft Windows operating system supports a form of shared libraries known as "dynamic-link libraries", which are code libraries that can be used by multiple processes while only one copy is loaded into memory. This article provides an overview of the core libraries that are included with every modern Windows installation, on top of which most Windows applications are built.
This article describes the calling conventions used when programming x86 architecture microprocessors.
Windows Vista contains a range of new technologies and features that are intended to help network administrators and power users better manage their systems. Notable changes include a complete replacement of both the Windows Setup and the Windows startup processes, completely rewritten deployment mechanisms, new diagnostic and health monitoring tools such as random access memory diagnostic program, support for per-application Remote Desktop sessions, a completely new Task Scheduler, and a range of new Group Policy settings covering many of the features new to Windows Vista. Subsystem for UNIX Applications, which provides a POSIX-compatible environment is also introduced.
DevPartner is a set of software development and testing tools developed by NuMega, acquired by Compuware in 1997, which on June 1, 2009 sold it to Micro Focus. There are two versions: one for native and .NET Windows applications, and another for Java applications. It is currently sold by Micro Focus.
Visual Studio is an integrated development environment (IDE) developed by Microsoft. It is used to develop computer programs including websites, web apps, web services and mobile apps. Visual Studio uses Microsoft software development platforms including Windows API, Windows Forms, Windows Presentation Foundation (WPF), Microsoft Store and Microsoft Silverlight. It can produce both native code and managed code.
Microsoft SQL Server is a proprietary relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network. Microsoft markets at least a dozen different editions of Microsoft SQL Server, aimed at different audiences and for workloads ranging from small single-machine applications to large Internet-facing applications with many concurrent users.
Windows XP, which is the next version of Windows NT after Windows 2000 and the successor to the consumer-oriented Windows Me, has been released in several editions since its original release in 2001.
CSS HTML Validator is an HTML editor and CSS editor for Windows that helps web developers create syntactically correct and accessible HTML/HTML5, XHTML, and CSS documents by locating errors, potential problems like browser compatibility issues, and common mistakes. It is also able to check links, check spelling, suggest improvements, alert developers to deprecated, obsolete, or proprietary tags, attributes, and CSS properties, and find issues that can affect search engine optimization.
A code sanitizer is a programming tool that detects bugs in the form of undefined or suspicious behavior by a compiler inserting instrumentation code at runtime. The class of tools was first introduced by Google's AddressSanitizer of 2012, which uses directly mapped shadow memory to detect memory corruption such as buffer overflows or accesses to a dangling pointer (use-after-free).