Add comment on memsan + constant-flow testing

commit: 2b80249c043762a991240bc7e04807f4443cc31e [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Jul 22 11:09:28 2020 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jul 28 11:52:01 2020 +0200
tree: 8c30be1801055a50fb6a70defe74b423180b43cd
parent: 5bb6f3c3dba5dba2b6dd5b1f805ad5563f82e7b1 [diff] [blame]
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 02f61d6..f5a256f 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh

@@ -1032,14 +1032,20 @@
 }
 
 component_test_memsan_constant_flow () {
-    msg "build: cmake memsan, full config with constant flow testing"
+    # This tests both (1) accesses to undefined memory, and (2) branches or
+    # memory access depending on secret values. To distinguish between those:
+    # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist?
+    # - or alternatively, change the build type to MemSanDbg, which enables
+    # origin tracking and nicer stack traces (which are useful for debugging
+    # anyway), and check if the origin was TEST_CF_SECRET() or something else.
+    msg "build: cmake MSan (clang), full config with constant flow testing"
     scripts/config.pl full
     scripts/config.pl set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
     scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm
     CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
     make
 
-    msg "test: main suites (memsan constant flow)"
+    msg "test: main suites (Msan + constant flow)"
     make test
 }
commit	2b80249c043762a991240bc7e04807f4443cc31e	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Wed Jul 22 11:09:28 2020 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jul 28 11:52:01 2020 +0200
tree	8c30be1801055a50fb6a70defe74b423180b43cd
parent	5bb6f3c3dba5dba2b6dd5b1f805ad5563f82e7b1 [diff] [blame]