Debugging Memory Problems with MemoryScape : Chapter 1 Locating Memory Problems : Batch Scripting and Using the CLI : Using the -dheap Command : Block Painting: dheap -paint
Block Painting: dheap -paint
When your program allocates or deallocates a block, MemoryScape can paint the block with a bit pattern. This makes it easy to identify uninitialized blocks, or blocks pointed to by dangling pointers.
Here are the commands that enable block painting:
*dheap -paint -set_alloc on
*dheap -paint -set_dealloc on
*dheap -paint -set_zalloc on
Use the dheap -paint command to check the kind of painting that occurs and what the current painting pattern is. For example:
d1.<> dheap -paint
Alloc Dealloc
process: Alloc Dealloc AllocZero pattern pattern
1 (1012): yes yes no 0xa110ca7f 0xdea110cf
Some heap allocation routines such as calloc() return memory initialized to zero. Using the -set_zalloc_on command allows you to separately enable the painting of the memory blocks altered by these kinds of routines. If you do enable painting for routines that set memory to zero, MemoryScape uses the same pattern that it uses for a normal allocation.
Here’s an example of painted memory:
d1.<> dprint *(red_balls)
*(red_balls) = {
value = 0xa110ca7f (-1592735105)
x = -2.05181867705792e-149
y = -2.05181867705792e-149
spare = 0xa110ca7f (-1592735105)
colour = 0xa110ca7f -> <Bad address: 0xa110ca7f>
}
The 0xall0ca7f allocation pattern resembles the word “allocate”. Similarly, the 0xdea110cf deallocation pattern resembles “deallocate”.
Notice that all of the values in the red_balls structure in this example aren’t set to 0xall0ca7f. This is because the amount of memory used by elements of the variable use more bits than the 0xall0ca7f bit pattern. The following two CLI statements show the result of printing the x variable, and then casting it into an array of two integers:
d1.<> dprint (red_balls)->x
(red_balls)->x = -2.05181867705792e-149
d1.<> dprint {*(int[2]*)&(red_balls)->x}
*(int[2]*)&(red_balls)->x = {
[0] = 0xa110ca7f (-1592735105)
[1] = 0xa110ca7f (-1592735105)
(Diving in the GUI is much easier.)
You can tell MemoryScape to use a different pattern by using the following two commands:
*dheap -paint -set_alloc_pattern pattern
*dheap -paint -set_dealloc_pattern pattern