Preventing atomic-context violations in Rust code with klint

But this is exactly why I think "leaks" are a red herring. You've gone from "leak" to "unbounded memory allocation" and now there's a big problem, but the two are only related colloquially.

The sort of leaks that leakdice is written to investigate count as both and are surely a bug which must be fixed. But when you try to write down formally what isn't OK, you discover that the leak wasn't the problem, it was the unbounded thirst for memory.

"We can optimise this movie player by loading all the quarter million frames into RAM and then flipping through them" blows up just as badly on a 1990s PC with 4MB of RAM regardless of whether you wrote code to free all those images at the end, we're never getting that far.

And yes, it's not UB to drop dead once you're out of other options. For an OS kernel rebooting might be a reasonable option, and so might power off, neither of which is Undefined Behaviour.