Feature Request ASan: suppress indirect leaks

[sbeyer]

A nice feature of the AddressSanitizer/LeakSanitizer is that it can distinguish direct from indirect leaks. It would be great if it was possible to suppress the output of indirect leaks (instead only an informational note like "Output of 1337 indirect leaks omitted." should be printed).

[kcc]

Just curious: why do you think it would be useful?
(I mean, it may be marginally useful in some cases, but is it useful enough to introduce yet another flag, of which we already have too many?)

[sbeyer]

Just curious: why do you think it would be useful?

It is useful in cases where you have one direct leak yielding a myriad of indirect leaks. I stumbled over such a case yesterday and it was horrible to deal with. First I had to enlarge the scrollback buffer of my terminal, run the binary again, and always scroll up to find the direct leak. Also, direct leaks and indirect leaks have no real visual distinction, so I could have missed another direct leak in between of all those indirect leaks.

In my case it would not have been only marginally useful, it would have helped a lot to have such an option.

In hindsight, I probably should have redirected the error output into a file or pipe through grep. But that's not something I would do every time I use AddressSanitizer/LeakSanitizer, whereas I would put suppress_indirect=1 into my general LSAN_OPTIONS.

but is it useful enough to introduce yet another flag, of which we already have too many?

I cannot tell.

Instead of adding another LSAN_OPTIONS flag, one could also think of adding some suppression file syntax, something like leak:indirect or leak-indirect:true etc.

[kcc]

Note that lsan prints all direct leaks first, and only then prints indirect ones.
Our typical recommendation is to look at the first report and fix it, before looking at other reports.

I am happy to keep this request open in case more users want to ask for the same.
But for now I am reluctant to introduce this new option.

[sbeyer]

Note that lsan prints all direct leaks first, and only then prints indirect ones.
Our typical recommendation is to look at the first report and fix it, before looking at other reports.

This is an important note! That means that I can get a good result by using the max_leaks LSan flag with a reasonable number. I think that solves the issue for me.

[kcc]

Cool! Closing, but feel free to reopen if there is a use case.

[DDvO]

Cool! Closing, but feel free to reopen if there is a use case.

There are such use cases - see for instance openssl/openssl#22303 (comment)

[DDvO]

At OpenSSL we are having a hard time working around the limitations of max_leaks.
It would be much preferred to have an additional option (or maybe a fix of the existing option)
that prevents outputting (or even more efficiently, already prevents producing internally)
all that messy data on indirect leaks,
while still showing all (or a limited number of) direct leaks.

So please re-open this issue.

[DDvO]

Here is an example how extremely bulky and inefficient the mem leak output can be
as long as the indirect leaks are included:
https://github.com/openssl/openssl/actions/runs/6411070545/job/17405721691?pr=18916

[DDvO]

Since this issue (for whatever reason) was not re-opened within reasonable time, I revived it in #1712.