malloc leak detection available in -current

OpenBSD -current just grew a new tool for developers working on OpenBSD to detect unsafe behaviors in their code. OpenBSD lets you more easily track memory allocations and whether allocations are properly freed after use.

In a message to tech@, Otto Moerbeek (otto@) announced the new functionality:

Subject:    malloc leak detection available in -current
From:       Otto Moerbeek <otto () drijf ! net>
Date:       2023-04-17 6:43:19

Hi,

OpenBSD current now has built-in malloc leak detection.

Make sure you run current and have debug symbols (OpenBSD base
libraries have debug symbols, compile your own program with -g).

To record the leak report:
$ MALLOC_OPTIONS=D ktrace -tu a.out

To view the leak report:
$ kdump -u malloc

Example output:

******** Start dump a.out *******
M=8 I=1 F=0 U=0 J=1 R=0 X=0 C=0 cache=64 G=0
Leak report:
                 f     sum      #    avg
               0x0 1088864   9722    112 addr2line -e '?' 0x0
       0xf4b73093c   31136    278    112 addr2line -e a.out 0x1093c

******** End dump a.out *******

$ addr2line -e a.out 0x1093c
/home/otto/x.c:6

Some additional info:

The null "f" values (call sites) are due to the sampling nature of
small allocations. Recording all call sites of all potential leaks
introduces too much overhead.

Note that aggresssive optimizations might confuse the line numbers
reported.

For -static programs, compile with -nopie to make addr2line work.

In some cases will want to use the packaged version of addr2line
(gaddr2line, in the binutils package) as the base addr2line does not
grok all debug info formats.

	-Otto

This represents one important step in the ongoing work of making OpenBSD the better environment for developing secure, well behaved code.