Memory leaks are among the most frustrating bugs to track down in C and C++ applications. They silently consume resources, degrade performance, and can eventually cause your application to crash.
Fortunately, Valgrind offers a powerful suite of tools to help identify and fix these elusive issues. In this guide, we’ll explore how to effectively use Valgrind to detect and resolve memory leaks in your applications.
Valgrind is an instrumentation framework used to build dynamic analysis tools that detect memory management and threading bugs. Its most popular tool, Memcheck, identifies memory-related errors such as:
Originally developed for Linux, Valgrind now supports multiple platforms including macOS and FreeBSD.
Read: How to fix high memory usage in Ubuntu
Before detecting memory leaks, ensure Valgrind is installed on your system:
# For Debian-based systems (Ubuntu)
sudo apt install valgrind
# For Red Hat-based systems (CentOS, Fedora)
sudo yum install valgrind
# For Arch-based systems
sudo pacman -Syu valgrind
# For FreeBSD
sudo pkg ins valgrind
The simplest way to use Valgrind is by running your executable through it:
valgrind ./your_program arg1 arg2 This command runs your program with Memcheck enabled and reports any issues found.
For thorough memory leak detection, use:
valgrind --leak-check=full
--show-leak-kinds=all
--track-origins=yes
--verbose
--log-file=valgrind-out.txt
./your_program arg1 arg2
This command provides detailed leak reports, tracks the origins of uninitialized values, and logs the output for review.
Read: Monitor and Optimize Memory Usage on Ubuntu 22.04 for Peak Performance
After analysis, Valgrind outputs a detailed report. For example:
HEAP SUMMARY:
in use at exit: 0 bytes in 0 blocks
total heap usage: 636 allocs, 636 frees, 25,393 bytes allocated
All heap blocks were freed -- no leaks are possible
ERROR SUMMARY: 0 errors from 0 contexts
This indicates that all allocated memory was properly freed. If leaks are detected, Valgrind will list details for each lost memory block.
To get detailed, line-by-line information about memory issues, compile your program with debug flags:
# Standard compilation
gcc -o executable -std=c11 -Wall main.c
# With debug information
gcc -o executable -std=c11 -Wall -ggdb3 main.c
This enables Valgrind to report the exact source file and line number where the leak occurred. For optimizations that preserve debuggability, use -Og instead.
Example:
#include
int main() {
char* string = malloc(5 * sizeof(char)); // LEAK: not freed!
return 0;
}
Solution: Always free dynamically allocated memory when done.
#include
int main() {
char* string = malloc(5 * sizeof(char));
// Use string...
free(string); // Memory freed
return 0;
}
Example:
#include
#include
struct _List {
int32_t* data;
int32_t length;
};
typedef struct _List List;
List* resizeArray(List* array) {
int32_t* dPtr = array->data;
dPtr = realloc(dPtr, 15 * sizeof(int32_t)); // Leak: original pointer not updated
return array;
}
int main() {
List* array = calloc(1, sizeof(List));
array->data = calloc(10, sizeof(int32_t));
array = resizeArray(array);
free(array->data);
free(array);
return 0;
}
Solution: Update the original pointer when using realloc:
List* resizeArray(List* array) {
array->data = realloc(array->data, 15 * sizeof(int32_t)); // Fixed
return array;
}
Example:
#include
#include
int main() {
char* alphabet = calloc(26, sizeof(char));
for(uint8_t i = 0; i < 26; i++) {
*(alphabet + i) = 'A' + i;
}
*(alphabet + 26) = ''; // Out-of-bounds write
free(alphabet);
return 0;
}
Solution: Allocate sufficient memory to include the null terminator:
#include
#include
int main() {
char* alphabet = calloc(27, sizeof(char)); // Now space for ''
for(uint8_t i = 0; i < 26; i++) {
*(alphabet + i) = 'A' + i;
}
*(alphabet + 26) = '';
free(alphabet);
return 0;
}
Some libraries maintain internal caches or pools that may be reported as leaks. For example, the SDL library might report leaks due to its internal resource management. Use suppression files to ignore known, non-critical leaks.
# mysuppressions.supp example
{
SDL_Init_leak
Memcheck:Leak
match-leak-kinds: definite
fun:SDL_Init
}
Then run Valgrind with:
valgrind --leak-check=full --suppressions=mysuppressions.supp ./your_program Other useful tools include:
valgrind --tool=massif ./your_program Analyze with:
ms_print massif.out.PID valgrind --tool=cachegrind ./your_program valgrind --tool=helgrind ./your_program For optimal results, integrate Valgrind into your CI/CD pipeline, generate baseline memory usage reports, and set up automated alerts for unexpected memory growth.
If Valgrind is too slow, try running a subset of your application’s functionality or using --leak-check=summary for a faster overview. Use suppression files to manage false positives from custom memory allocators or platform-specific optimizations.
Memory leaks can be challenging to track down, but Valgrind provides a powerful toolkit to identify and resolve these issues. By incorporating Valgrind into your development workflow and following best practices for memory management, you can significantly reduce memory-related problems in your applications.
Valgrind typically slows down programs by 20-50x, depending on the options used and the nature of your program.
Valgrind can detect most leaks, but may miss those involving custom memory management or highly optimized code paths.
Yes, Valgrind supports multi-threaded applications. Use Helgrind for detecting threading errors.
Simply append the arguments after your program name, e.g., valgrind --leak-check=full ./your_program arg1 arg2.
“Still reachable” memory is still referenced at program exit and is usually not a critical issue since the OS reclaims it, but it might indicate that not all allocated memory was explicitly freed.
Valgrind does not directly support Windows. Alternatives include Dr. Memory or Visual Studio’s memory profiler.
Examine the stack trace provided by Valgrind. If it references your source files, the leak is likely in your code; if it only shows library functions, it might be part of the library’s design.
The post Detecting and Fixing Memory Leaks with Valgrind appeared first on net2.
In July 2025, git received CVE-2025-48384, a high vulnerability allowing arbitrary code execution when cloning…
Last year, we collaborated with two design student teams from Loughborough University in the UK.…
January 15, 2026 – Canonical, the publisher of Ubuntu and provider of open source security,…
How to install GitLab on Ubuntu 24.04 will be explained in this blog post with…
Do you know what was always there but has increased multiple times in the last…
The Digital Operational Resilience Act (DORA) came into force across the EU on January 17,…