From 0b2112d30459df36b297d36452a8928fc450b6e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 22 Jul 2020 11:09:28 +0200
Subject: [PATCH] Add comment on memsan + constant-flow testing

---
 tests/scripts/all.sh | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9c9247f8f..0a7c441f3 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1075,14 +1075,20 @@ component_test_full_cmake_clang () {
 }
 
 component_test_memsan_constant_flow () {
-    msg "build: cmake memsan, full config with constant flow testing"
+    # This tests both (1) accesses to undefined memory, and (2) branches or
+    # memory access depending on secret values. To distinguish between those:
+    # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist?
+    # - or alternatively, change the build type to MemSanDbg, which enables
+    # origin tracking and nicer stack traces (which are useful for debugging
+    # anyway), and check if the origin was TEST_CF_SECRET() or something else.
+    msg "build: cmake MSan (clang), full config with constant flow testing"
     scripts/config.py full
     scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
     scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm
     CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
     make
 
-    msg "test: main suites (memsan constant flow)"
+    msg "test: main suites (Msan + constant flow)"
     make test
 }