On 5/16/08, Ross Cameron <[EMAIL PROTECTED]> wrote: > Mmmmmmm this isn't the first time I've heard of bogus reports from Valgrind. > How does one politely inform the Debian project to not trust it explicitly > and to human audit anything it flags?
I think people are placing too much blame on valgrind. valgrind doesn't tell you "Delete this line of code." It says "You are using uninitialized memory here." The correct fix is to initialize the memory, not delete the line of code. It's not about trusting or not trusting the tool; it's about responding correctly. I've seen innocuous valgrind reports, but never wrong ones. I also saw a valgrind report ignored as innocuous because it didn't seem to cause trouble, only to be the root cause of a problem that cost a minimum of $50,000 to resolve later.
