Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ malloc.dbg(3C) — sys5 — Apollo Domain/OS SR10.3.5

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

csh(1)

sh(1)

tb(1)

abort(3C)

malloc(3C)

MALLOC.DBG(3C)                  Domain/OS SysV                  MALLOC.DBG(3C)



NAME
     malloc, free, realloc, calloc - memory allocator with debugging support

SYNOPSIS
     char *malloc(size)
     unsigned size;

     free(ptr)
     char *ptr;

     char *realloc(ptr, size)
     char *ptr;
     unsigned size;

     char *calloc(nelem, elsize)
     unsigned nelem, elsize;

DESCRIPTION
     /usr/apollo/lib/libmalloc.dbg is an installed library providing, in
     addition to all of the functionality of the routines described in
     malloc(3C), additional checking and statistics gathering during
     execution.  The routines in this library are useful, therefore, in
     debugging programs in whose failure malloc, free, realloc, or calloc is
     implicated.

     This version of these routines checks for the truth of the following
     assertions:

     ⊕  The current block is in use (op->ov_magic == MAGIC).  This assertion
        will fail if the block already has been freed or was not acquired
        through malloc.  It also could fail if a program wrote into memory
        before the current block or after the previous block.

     ⊕  The magic number at the beginning of the block is still intact
        (op->ov_rmagic == RMAGIC).  This assertion could fail because a
        program wrote into memory before the start of this block or beyond the
        end of the previous block.  It possibly also could fail because this
        block was not acquired through malloc.

     ⊕  The magic number at the end of the block is still intact (*(u_short
        *)((caddr_t)(op + 1) + op->ov_size) == RMAGIC).  This assertion could
        fail because a program wrote into memory beyond the end of the size of
        its allocated block.

     To use these routines, you must install /usr/apollo/lib/libmalloc.dbg at
     the level of the shell in which the target program is to run.  Do this by
     way of the shell's inlib command:

          $ inlib /usr/apollo/lib/libmalloc.dbg

     Upon detecting a violation of one of these assertions, these routines
     print a message telling you the assertion violated, the address of the
     corrupted block, and memory allocation statistics.  Then, they call
     abort(3), producing a process dump that can be analyzed with tb(1).

EXAMPLE
     Let's say a program running with this module installed fails with the
     following message:

     Malloc assertion violated: *(u_short *)((caddr_t)(op + 1) + op->ov_size) == RMAGIC
     on block 0x00010400
     Memory allocation statistics at failure
     2**sz:       3   4   5   6   7   8   9  10  ... 26  27  28  29  30  31  32
     free:        0   0  31   0   0   0   0   0  ...  0   0   0   0   0   0   0
     used:        0   0   1   0   0   0   0   0  ...  0   0   0   0   0   0   0
          Total in use: 32, total free: 992
     IOT trap

     This message indicates that the program wrote into memory beyond the end
     of the size of its allocated block (violated the assertion that the magic
     number stored at the end of the block was still intact).  The corrupted
     block begins at address 0x00010400 (useful information when running the
     program again under a debugger).

     Interpret the memory allocation statistics like this:

     2**sz:   This row indicates from which free list the allocated memory
              came.  malloc(3) maintains free lists by size of memory block
              allocated, ranging from 2**3 bytes to 2**32 bytes.  The numbers
              in this row represent the logarithm to the base 2 of S, where S
              is the size of the memory blocks maintained by the associated
              free list.

     free:    The numbers in this row indicate how many blocks of the size 2
              to the power of the number in the first row of the same column
              are free.

     used:    The numbers in this row indicate how many blocks of the size 2
              to the power of the number in the first row of the same column
              are allocated.

     In this example, only one 32-byte block has been allocated.  Presumably,
     this block is the corrupted one.

     The "IOT trap" message is returned by the shell, a result of abort having
     been called from this library.  The resulting process dump contains
     specific information useful in debugging.  Use tb(1) to see this
     information.

FILES
     /usr/apollo/lib/libmalloc.dbg   library module

SEE ALSO
     csh(1), sh(1), tb(1), abort(3C), malloc(3C).
     Domain Binder and Librarian Reference

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026