Our libsecp256k1 builds are not instrumented when building with sanitizers (using --with-sanitizers).

For example building with:

./configure --enable-fuzz --with-sanitizers=fuzzer
make

will not instrument secp code paths for fuzzing. Can be checked with objdump, e.g. objdump --disassemble-symbols=secp256k1_xonly_pubkey_serialize src/test/fuzz/fuzz.

As a workaround it is possible to set CFLAGS to use the desired sanitizers (e.g. CFLAGS=-fsanitize=fuzzer-no-link) but ideally our --with-sanitizers configure option would do this automatically.