Wrap every call to $XT_MULTI with valgrind, or actually a wrapper script
which does the valgrind wrap and stores the log if it contains something
relevant.
Carefully name the wrapper script(s) so that test cases' checks on
$XT_MULTI name stay intact.
This mode slows down testsuite execution horribly. Luckily, it's not
meant for constant use, though.
For now, ignore commands with non-zero exit status - error paths
typically hit direct exit() calls and therefore leave reachable memory
in place.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/tests/shell/run-tests.sh | 47 +++++++++++++++++++++++++++++++
1 file changed, 47 insertions(+)
diff --git a/iptables/tests/shell/run-tests.sh b/iptables/tests/shell/run-tests.sh
index d71c13729b3ee..2125e2cb119bb 100755
--- a/iptables/tests/shell/run-tests.sh
+++ b/iptables/tests/shell/run-tests.sh
@@ -46,6 +46,10 @@ while [ -n "$1" ]; do
NFT_ONLY=y
shift
;;
+ -V|--valgrind)
+ VALGRIND=y
+ shift
+ ;;
*${RETURNCODE_SEPARATOR}+([0-9]))
SINGLE+=" $1"
VERBOSE=y
@@ -67,6 +71,49 @@ else
XTABLES_LEGACY_MULTI="xtables-legacy-multi"
fi
+printscript() { # (cmd, tmpd)
+ cat <<EOF
+#!/bin/bash
+
+CMD="$1"
+
+# note: valgrind man page warns about --log-file with --trace-children, the
+# last child executed overwrites previous reports unless %p or %q is used.
+# Since libtool wrapper calls exec but none of the iptables tools do, this is
+# perfect for us as it effectively hides bash-related errors
+
+valgrind --log-file=$2/valgrind.log --trace-children=yes \
+ --leak-check=full --show-leak-kinds=all \$CMD "\$@"
+RC=\$?
+
+# don't keep uninteresting logs
+if grep -q 'no leaks are possible' $2/valgrind.log; then
+ rm $2/valgrind.log
+else
+ mv $2/valgrind.log $2/valgrind_\$\$.log
+fi
+
+# drop logs for failing commands for now
+[ \$RC -eq 0 ] || rm $2/valgrind_\$\$.log
+
+exit \$RC
+EOF
+}
+
+if [ "$VALGRIND" == "y" ]; then
+ tmpd=$(mktemp -d)
+ msg_info "writing valgrind logs to $tmpd"
+ chmod a+rx $tmpd
+ printscript "$XTABLES_NFT_MULTI" "$tmpd" >${tmpd}/xtables-nft-multi
+ printscript "$XTABLES_LEGACY_MULTI" "$tmpd" >${tmpd}/xtables-legacy-multi
+ trap "rm ${tmpd}/xtables-*-multi" EXIT
+ chmod a+x ${tmpd}/xtables-nft-multi ${tmpd}/xtables-legacy-multi
+
+ XTABLES_NFT_MULTI="${tmpd}/xtables-nft-multi"
+ XTABLES_LEGACY_MULTI="${tmpd}/xtables-legacy-multi"
+
+fi
+
find_tests() {
if [ ! -z "$SINGLE" ] ; then
echo $SINGLE
--
2.25.1
