[libFuzzer] Update documentation regarding MSan.

Summary: -fsanitize=fuzzer,memory now works out-of-the-box. Reviewers: kcc Reviewed By: kcc Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D49441 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@337476 91177308-0d34-0410-b5e6-96231b3b80d8
2024-11-30 23:21:04 +00:00 · 2018-07-19 17:59:11 +00:00 · 2018-07-19 17:59:11 +00:00 · 5b81b48075
commit 5b81b48075
parent ae72a8c570
1 changed files with 3 additions and 5 deletions
--- a/docs/LibFuzzer.rst
+++ b/docs/LibFuzzer.rst
@ -75,11 +75,13 @@ Recent versions of Clang (starting from 6.0) include libFuzzer, and no extra ins

 In order to build your fuzzer binary, use the `-fsanitize=fuzzer` flag during the
 compilation and linking. In most cases you may want to combine libFuzzer with
-AddressSanitizer_ (ASAN), UndefinedBehaviorSanitizer_ (UBSAN), or both::
+AddressSanitizer_ (ASAN), UndefinedBehaviorSanitizer_ (UBSAN), or both.  You can
+also build with MemorySanitizer_ (MSAN), but support is experimental::

   clang -g -O1 -fsanitize=fuzzer                         mytarget.c # Builds the fuzz target w/o sanitizers
   clang -g -O1 -fsanitize=fuzzer,address                 mytarget.c # Builds the fuzz target with ASAN
   clang -g -O1 -fsanitize=fuzzer,signed-integer-overflow mytarget.c # Builds the fuzz target with a part of UBSAN
+   clang -g -O1 -fsanitize=fuzzer,memory                  mytarget.c # Builds the fuzz target with MSAN

 This will perform the necessary instrumentation, as well as linking with the libFuzzer library.
 Note that ``-fsanitize=fuzzer`` links in the libFuzzer's ``main()`` symbol.
@ -93,10 +95,6 @@ instrumentation without linking::
 Then libFuzzer can be linked to the desired driver by passing in
 ``-fsanitize=fuzzer`` during the linking stage.

-Using MemorySanitizer_ (MSAN) with libFuzzer is possible too, but tricky.
-The exact details are out of scope, we expect to simplify this in future
-versions.
-
 .. _libfuzzer-corpus:

 Corpus