Skip to content

Commit

Permalink
Merge bitcoin#31704: doc: add a section in the fuzzing documentation …
Browse files Browse the repository at this point in the history 
…about using MSan

5c3e4d8 doc: add a section about using MSan (Antoine Poinsot)

Pull request description:

  Just a couple lines in a subsection of the sanitizers section mentioning that using the memory sanitizer is a bit more involve than other sanitizers, describing the steps and pointing to an example.

ACKs for top commit:
  fanquake:
    ACK 5c3e4d8
  dergoegge:
    ACK 5c3e4d8

Tree-SHA512: 4ff73c2dd0f25cb96148e54bd867b8d340bd0fbc9b9a736a705125039352eb1d40bd724f9f262a44d3dbd1bea8f03166cf30e571d882fec02ceb1dd399ef7422
  • Loading branch information
@fanquake
fanquake committed Jan 23, 2025
2 parents 188b021 + 5c3e4d8 commit 9914e73
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions doc/fuzzing.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,18 @@ INFO: seed corpus: files: 991 min: 1b max: 1858b total: 288291b rss: 150Mb
```
## Using the MemorySanitizer (MSan)
MSan [requires](https://clang.llvm.org/docs/MemorySanitizer.html#handling-external-code)
that all linked code be instrumented. The exact steps to achieve this may vary
but involve compiling `clang` from source, using the built `clang` to compile
an instrumentalized libc++, then using it to build [Bitcoin Core dependencies
from source](../depends/README.md) and finally the Bitcoin Core fuzz binary
itself. One can use the MSan CI job as an example for how to perform these
steps.
Valgrind is an alternative to MSan that does not require building a custom libc++.
## Run without sanitizers for increased throughput
Fuzzing on a harness compiled with `-DSANITIZERS=address,fuzzer,undefined` is
Expand Down

0 comments on commit 9914e73

Please sign in to comment.