enable valgrind tests for full testsuite
As we are adopting valgrind instruments more and more, it would make sense to run all the tests under valgrind in CI. However, for some reason it's disabled when --disable-full-test-suite
is specified and that's the case with the "fedora-valgrind/build" job. I tried to enable it but found quite a few roadblocks:
- the gnulib
valgrind-tests
module usage is incorrect and the current code exercises also for shell-scripts (i.e. bash binary) - we should properly setTEST_EXTENSIONS = .sh
- there are actual memleaks in some code e.g.,
tests/tls13/no-auto-send-ticket.c
- the FIPS library state check is done too late (I don't know why), and the tests manually invalidating the state (e.g.,
tests/x509sign-verify-error.c
) causes memory error deep under nettle primitives, because the gnutls random functions refuses to produce proper value in that case, resulting in the dest memory area uninitialized - some tests (e.g.,
tests/memset.c
) are poorly written, violating the C ABI assumption (those are removed in !1382 (closed))