re: http://www.mail-archive.com/openssl-dev@openssl.org/msg24270.html
I don't quite approve of the established openssl tradition of using uninitialized memory for entropy, but I wanted to point out that if you want to do that, and you want valgrind to understand that those bits count as "valid" and should not trigger warnings when your control flow branches based on those bits, or when you use those bits are arguments to a system call, then you can just call VALGRIND_MAKE_MEM_DEFINED_IF_ADDRESSABLE, as described in the valgrind manual on this page: [1]. A nice explanation of what this means in valgrind's elegant error detection scheme is on this page: [2].
I haven't tried this myself, but if it works as advertised then it allows openssl to continue functioning the same way when in valgrind mode, and completely suppresses the false alarms without suppressing any other weirdness that might show up.
Regards, Zooko [1] http://valgrind.org/docs/manual/mc-manual.html#mc-manual.clientreqs [2] http://valgrind.org/docs/manual/mc-manual.html#mc-manual.machine ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
