phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-04-29 14:59:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

doc: add a section about using MSan

Browse source 
Thanks to Niklas Pieter and Michael for the pointers.
This commit is contained in:
Antoine Poinsot 2025-01-21 14:51:41 -05:00
parent 5691fa93c4
commit 5c3e4d8b29
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
doc/fuzzing.md
View file

@ -101,6 +101,18 @@ INFO: seed corpus: files: 991 min: 1b max: 1858b total: 288291b rss: 150Mb
``` ```
## Using the MemorySanitizer (MSan)
MSan [requires](https://clang.llvm.org/docs/MemorySanitizer.html#handling-external-code)
that all linked code be instrumented. The exact steps to achieve this may vary
but involve compiling `clang` from source, using the built `clang` to compile
an instrumentalized libc++, then using it to build [Bitcoin Core dependencies
from source](../depends/README.md) and finally the Bitcoin Core fuzz binary
itself. One can use the MSan CI job as an example for how to perform these
steps.
Valgrind is an alternative to MSan that does not require building a custom libc++.
## Run without sanitizers for increased throughput ## Run without sanitizers for increased throughput
Fuzzing on a harness compiled with `-DSANITIZERS=address,fuzzer,undefined` is Fuzzing on a harness compiled with `-DSANITIZERS=address,fuzzer,undefined` is