Writing

Software, technology, sysadmin war stories, and more. Feed
Friday, December 14, 2012

Ignoring whining about OpenSSL in Valgrind

When it comes to sanity-checking my code for memory leaks or other silly oversights, it's hard to top Valgrind. I've always been fond of the useful information it's been able to provide over the years. It's saved me a lot of manual hunting through code.

There is one small annoyance from time to time, though: other libraries. Not every library behaves in such a way that will make Valgrind totally happy. Some of them, like OpenSSL, tend to use uninitialized pages on purpose, apparently to "add a little entropy" to their randomness generation. I won't get into whether that's sane or not, but the fact is that if you link against OpenSSL and run a default valgrind setup, you're going to get extra spew in your results.

It took some digging around to find the appropriate "suppression" syntax to make these things go away. I'm now using something like this:

{
   Ignore OpenSSL malloc
   Memcheck:Leak
   fun:malloc
   fun:CRYPTO_malloc
   ...
   obj:*libcrypto*
}
 
{
   Ignore OpenSSL realloc
   Memcheck:Leak
   fun:realloc
   fun:CRYPTO_realloc
   ...
   obj:*libcrypto*
}

That lives in a dot file in my home directory, and I have a script to run valgrind with --suppressions=(that path).

This follows my general principle of "don't bother me if I can't do anything reasonable about it". I'm not about to recompile that library to be "purify" friendly, so this is the next best thing.

Once you get the hang of that suppressions format, it becomes trivial to dump more things in there as necessary. With all of your system's bogus background noise filtered, you can focus on cleaning up your own messes.

Valgrind catches more than just leaks. If you haven't tried it yet, you really should. It's quite a useful suite of tools.