freebsd-src/crypto/openssl/NOTES-VALGRIND.md

Notes on Valgrind
=================

Valgrind is a test harness that includes many tools such as memcheck,
which is commonly used to check for memory leaks, etc. The default tool
run by Valgrind is memcheck. There are other tools available, but this
will focus on memcheck.

Valgrind runs programs in a virtual machine, this means OpenSSL unit
tests run under Valgrind will take longer than normal.

Requirements
------------

1. Platform supported by Valgrind
   See <http://valgrind.org/info/platforms.html>
2. Valgrind installed on the platform
   See <http://valgrind.org/downloads/current.html>
3. OpenSSL compiled
   See [INSTALL.md](INSTALL.md)

Running Tests
-------------

Test behavior can be modified by adjusting environment variables.

`EXE_SHELL`

This variable is used to specify the shell used to execute OpenSSL test
programs. The default wrapper (`util/wrap.pl`) initializes the environment
to allow programs to find shared libraries. The variable can be modified
to specify a different executable environment.

    EXE_SHELL=\
    "`/bin/pwd`/util/wrap.pl valgrind --error-exitcode=1 --leak-check=full -q"

This will start up Valgrind with the default checker (`memcheck`).
The `--error-exitcode=1` option specifies that Valgrind should exit with an
error code of 1 when memory leaks occur.
The `--leak-check=full` option specifies extensive memory checking.
The `-q` option prints only error messages.
Additional Valgrind options may be added to the `EXE_SHELL` variable.

`OPENSSL_ia32cap`

This variable controls the processor-specific code on Intel processors.
By default, OpenSSL will attempt to figure out the capabilities of a
processor, and use it to its fullest capability. This variable can be
used to control what capabilities OpenSSL uses.

As of valgrind-3.15.0 on Linux/x86_64, instructions up to AVX2 are
supported. Setting the following disables instructions beyond AVX2:

`OPENSSL_ia32cap=":0"`

This variable may need to be set to something different based on the
processor and Valgrind version you are running tests on. More information
may be found in [doc/man3/OPENSSL_ia32cap.pod](doc/man3/OPENSSL_ia32cap.pod).

Additional variables (such as `VERBOSE` and `TESTS`) are described in the
file [test/README.md](test/README.md).

Example command line:

    $ make test EXE_SHELL="`/bin/pwd`/util/wrap.pl valgrind --error-exitcode=1 \
        --leak-check=full -q" OPENSSL_ia32cap=":0"

If an error occurs, you can then run the specific test via the `TESTS` variable
with the `VERBOSE` or `VF` or `VFP` options to gather additional information.

    $ make test VERBOSE=1 TESTS=test_test EXE_SHELL="`/bin/pwd`/util/wrap.pl \
       valgrind --error-exitcode=1 --leak-check=full -q" OPENSSL_ia32cap=":0"
openssl: Vendor import of OpenSSL-3.0.8 Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.8.tar.gz Differential Revision: https://reviews.freebsd.org/D38835 Test Plan: ``` $ git status On branch vendor/openssl-3.0 nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.8.tar.gz 14 MB 4507 kBps 04s openssl-3.0.8.tar.gz.asc 833 B 10 MBps 00s $ set \| egrep '(XLIST\|OSSLVER)=' OSSLVER=3.0.8 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/ngie/.gnupg/pubring.kbx ----------------------------- pub rsa4096 2014-10-04 [SC] 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C uid [ unknown] Richard Levitte <richard@levitte.org> uid [ unknown] Richard Levitte <levitte@lp.se> uid [ unknown] Richard Levitte <levitte@openssl.org> sub rsa4096 2014-10-04 [E] $ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Feb 7 05:43:55 2023 PST gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown] gpg: aka "Richard Levitte <levitte@lp.se>" [unknown] gpg: aka "Richard Levitte <levitte@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C $ (cd vendor.checkout/; git status; find . -type f -or -type l \| cut -c 3- \| sort > ../old) On branch vendor/openssl-3.0 nothing to commit, working tree clean $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . $ cat .git gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout $ diff -arq ../openssl-3.0.8 . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 nothing to commit, working tree clean $ ``` Reviewers: emaste, jkim Subscribers: imp, andrew, dab Differential Revision: https://reviews.freebsd.org/D38835 2023-03-01 04:21:31 +00:00			`Notes on Valgrind`
			`=================`

			`Valgrind is a test harness that includes many tools such as memcheck,`
			`which is commonly used to check for memory leaks, etc. The default tool`
			`run by Valgrind is memcheck. There are other tools available, but this`
			`will focus on memcheck.`

			`Valgrind runs programs in a virtual machine, this means OpenSSL unit`
			`tests run under Valgrind will take longer than normal.`

			`Requirements`
			`------------`

			`1. Platform supported by Valgrind`
			`See <http://valgrind.org/info/platforms.html>`
			`2. Valgrind installed on the platform`
			`See <http://valgrind.org/downloads/current.html>`
			`3. OpenSSL compiled`
			`See [INSTALL.md](INSTALL.md)`

			`Running Tests`
			`-------------`

			`Test behavior can be modified by adjusting environment variables.`

			`EXE_SHELL`

			`This variable is used to specify the shell used to execute OpenSSL test`
			programs. The default wrapper (`util/wrap.pl`) initializes the environment
			`to allow programs to find shared libraries. The variable can be modified`
			`to specify a different executable environment.`

			`EXE_SHELL=\`
			"`/bin/pwd`/util/wrap.pl valgrind --error-exitcode=1 --leak-check=full -q"

			This will start up Valgrind with the default checker (`memcheck`).
			The `--error-exitcode=1` option specifies that Valgrind should exit with an
			`error code of 1 when memory leaks occur.`
			The `--leak-check=full` option specifies extensive memory checking.
			The `-q` option prints only error messages.
			Additional Valgrind options may be added to the `EXE_SHELL` variable.

			`OPENSSL_ia32cap`

			`This variable controls the processor-specific code on Intel processors.`
			`By default, OpenSSL will attempt to figure out the capabilities of a`
			`processor, and use it to its fullest capability. This variable can be`
			`used to control what capabilities OpenSSL uses.`

			`As of valgrind-3.15.0 on Linux/x86_64, instructions up to AVX2 are`
			`supported. Setting the following disables instructions beyond AVX2:`

			`OPENSSL_ia32cap=":0"`

			`This variable may need to be set to something different based on the`
			`processor and Valgrind version you are running tests on. More information`
			`may be found in [doc/man3/OPENSSL_ia32cap.pod](doc/man3/OPENSSL_ia32cap.pod).`

			Additional variables (such as `VERBOSE` and `TESTS`) are described in the
			`file [test/README.md](test/README.md).`

			`Example command line:`

			$ make test EXE_SHELL="`/bin/pwd`/util/wrap.pl valgrind --error-exitcode=1 \
			`--leak-check=full -q" OPENSSL_ia32cap=":0"`

			If an error occurs, you can then run the specific test via the `TESTS` variable
			with the `VERBOSE` or `VF` or `VFP` options to gather additional information.

			$ make test VERBOSE=1 TESTS=test_test EXE_SHELL="`/bin/pwd`/util/wrap.pl \
			`valgrind --error-exitcode=1 --leak-check=full -q" OPENSSL_ia32cap=":0"`