Need debugging version of malloc()/free()

[Steve Nuchia]

In a past life I wrote such a "checkout" version of a memory
allocator.  It was a bit more complex than malloc/free, it
implemented a code-driven virtual memory facility, but the
error checking techniques are portable.

Start with a working malloc implementation -- one based on a
huge static array would be fine.  Make the header include
the size of the block and keep either an active block chain
and ensure that you can step through the array based on the
sizes.  This allows you to cross-check the chain integrity
against the constraint that all memory (in the array) belong
to some block.

When allocating a block add a buffer zone on both sides of the
data you give to the process.  Fill this with a pattern, I used
the address of each word XORed with a convenient constant.  When
freeing (at a minimum) check that the pattern is undisturbed.

Another useful thing to keep in the header is a tag indicating
which malloc call created it.  If you can make malloc a macro
and have it pass in __FILE__ and __LINE__ you can get to the
line that called malloc from a suspect block.  If you have a
service wrapped around malloc you may need to extend this up
a level.

Periodicaly call a function that passes over the malloc data
structure and validates it against whatever constraints you
can think of.  At a minimum check chain and contiguity constraints
and all buffer zones.  You may want to also ensure that the counts
of certain types haven't exceeded some maximum -- whatever needs to
be diagnosed.  Sprinkle calles to this function wherever you think
it might be needed, then move them around to isolate your problem.

Sorry I don't have any code, but this didn't take more than an hour
to put together, and I found a lot of bugs with it.
-- 
Steve Nuchia	      South Coast Computing Services
uunet!nuchat!steve    POB 890952  Houston, Texas  77289
(713) 964 2462	      Consultation & Systems, Support for PD Software.