Mac OS X's 'leaks' tool

Mac OS X ships with a command line tool, 'leaks', which helps find memory leaked by a running application. This posting describes how to use 'leaks'.

Invoke 'leaks' with:

leaks pid

where pid is the process id for which you want the information.

The output is a listing of addresses. The addresses were returned to the process by its calls to malloc(), but none of them are referenced anywhere in the process. In other words, the addresses are pointers to memory regions which were allocated but which can not possibly be freed because no pointer to them has been saved.

Of course, if the addresses are encoded in some other way, then 'leaks' will report the addresses even when they are not leaked.

For each leaked memory region, the output includes the size of the allocated region and a hex dump of (some of) the contents of the region. For example:

Leak: 0x08f562c0  size=32
        0x00000001 0x00020000 0x00000000 0x00000001     ................
        0x08f562e0 0x08166118 0x16003000 0x00000000     ..b...a...0.....

One can augment the output to include call stack with each leak by setting an environment variable, 'MallocStackLogging'. The augmented output looks like this:

Leak: 0x003a7450  size=16
        0x0001ffff 0x00000001 0x00000019 0x00000000     ................
        Call stack: [thread 2d037de3]: | 0x1000 | start | start | __darwin_gcc3_preregister_frame_info
          ... XRE_main | js_FindProperty | JS_sprintf_append | JS_sprintf_append | JS_malloc

I've truncated the call stack and formatted it on two lines, above, for readability. One will find the "Call stack" all on one line, and easily parsed.