Add calls to setmalloctag() in libc where it wraps malloc and friends. This ensures leak(1) will point to the buggy user code rather than the innocent library code. -Steve