I worked out why valgrind wasn't being applied to nbdkit when run by
many of the tests (patches 1-2). Unfortunately I'm not able to make
it actually fail tests when valgrind fails. Although the situation is
marginally improved in that you can now manually examine the *.log
files and find valgrind failures that way. Also adds valgrinding of
the Python plugin (patch 3).
Along the way I found that when we create a TLS session object we
never free it, which is a bit of a problem (although easy to fix -
patch 4).
I'll need to backport this fix to every stable branch. It's not clear
how exploitable this is -- it's my feeling that you'd need to open
millions of TLS sessions which would take forever, and the result
would only be a denial of service as nbdkit runs out of memory and
crashes.
Rich.