libsecp256k1 not instrumented when building with sanitizers #27990

Our libsecp256k1 builds are not instrumented when building with sanitizers (using --with-sanitizers).

For example building with:

./configure --enable-fuzz --with-sanitizers=fuzzer
make

will not instrument secp code paths for fuzzing. Can be checked with objdump, e.g. objdump --disassemble-symbols=secp256k1_xonly_pubkey_serialize src/test/fuzz/fuzz.

As a workaround it is possible to set CFLAGS to use the desired sanitizers (e.g. CFLAGS=-fsanitize=fuzzer-no-link) but ideally our --with-sanitizers configure option would do this automatically.

Is this needed for anything? I guess it is odd that msan didn't complain about this, but other than that there shouldn't be anything needed here.

Is this needed for anything? I guess it is odd that msan didn't complain about this, but other than that there shouldn't be anything needed here.

Our MSan job actually passes the correct CFLAGS otherwise it would (i assume) not work properly. Our oss-fuzz builds are also not affected since they also set their own CFLAGS and don't use --with-sanitizers.

I think it would be useful to do this for our fuzz targets that call secp code (e.g. the targets added in #27479), otherwise we end up with less seeds/coverage in our corpus. Just seems annoying to have to remember to set CFLAGS.

FWIW, the libsecp256k1 is instrumented properly when using the CMake-based build system (see the full prototype branch from #25797):

$ objdump --disassemble=secp256k1_xonly_pubkey_serialize build/src/test/fuzz/fuzz | grep __sanitizer_cov
  d42e90:  e8 8b 23 c0 ff         call   945220 <__sanitizer_cov_trace_const_cmp8>
  d42ff2:  e8 39 21 c0 ff         call   945130 <__sanitizer_cov_trace_pc_indir>
  d43018:  e8 13 21 c0 ff         call   945130 <__sanitizer_cov_trace_pc_indir>
  d43042:  e8 e9 20 c0 ff         call   945130 <__sanitizer_cov_trace_pc_indir>