+If the library is built with the C<crypto-mdebug> option, then one
+function, CRYPTO_get_alloc_counts(), and two additional environment
+variables, B<OPENSSL_MALLOC_FAILURES> and B<OPENSSL_MALLOC_FD>,
+are available.
+
+The function CRYPTO_get_alloc_counts() fills in the number of times
+each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been
+called, into the values pointed to by B<mcount>, B<rcount>, and B<fcount>,
+respectively. If a pointer is NULL, then the corresponding count is not stored.
+
+The variable
+B<OPENSSL_MALLOC_FAILURES> controls how often allocations should fail.
+It is a set of fields separated by semicolons, which each field is a count
+(defaulting to zero) and an optional atsign and percentage (defaulting
+to 100). If the count is zero, then it lasts forever. For example,
+C<100;@25> or C<100@0;0@25> means the first 100 allocations pass, then all
+other allocations (until the program exits or crashes) have a 25% chance of
+failing.
+
+If the variable B<OPENSSL_MALLOC_FD> is parsed as a positive integer, then
+it is taken as an open file descriptor, and a record of all allocations is
+written to that descriptor. If an allocation will fail, and the platform
+supports it, then a backtrace will be written to the descriptor. This can
+be useful because a malloc may fail but not be checked, and problems will
+only occur later. The following example in classic shell syntax shows how
+to use this (will not work on all platforms):
+
+ OPENSSL_MALLOC_FAILURES='200;@10'
+ export OPENSSL_MALLOC_FAILURES
+ OPENSSL_MALLOC_FD=3
+ export OPENSSL_MALLOC_FD
+ ...app invocation... 3>/tmp/log$$
+
+