[libfuzzer] Update documentation on UBSan options and Upload Corpus section.

testing/libfuzzer/getting_started.md

Index: testing/libfuzzer/getting_started.md
diff --git a/testing/libfuzzer/getting_started.md b/testing/libfuzzer/getting_started.md
index 4ddbb2c5ac7d1de49b4258a1f3f29841e95f96af..0dc5b5221828785c7f1175e205cca23b9b7f3444 100644
--- a/testing/libfuzzer/getting_started.md
+++ b/testing/libfuzzer/getting_started.md
@@ -25,7 +25,7 @@ Supported sanitizer configurations are:
 |--------------|----|
 | is_asan=true | enables [Address Sanitizer] to catch problems like buffer overruns. |
 | is_msan=true | enables [Memory Sanitizer] to catch problems like uninitialed reads. |
-| is_ubsan_security=true | enables [Undefined Behavior Sanitizer] to catch undefined behavior like integer overflow. |
+| is_ubsan_security=true | enables [Undefined Behavior Sanitizer] to catch<sup>\[[1](#Notes)\]</sup> undefined behavior like integer overflow. |
 
 
 ## Write Fuzzer Function
@@ -101,6 +101,20 @@ a day or two.
 performance and for optimization hints.
 
 
+## Notes
+[1] By default UBSan doesn't crash once undefined behavior has been detected.
+To make it crash the following additional option should be provided:
+
+```bash
+UBSAN_OPTIONS=halt_on_error=1 ./fuzzer <corpus_directory_or_single_testcase_path>
+```
+
+Other useful options (used by ClusterFuzz) are:
+```bash
+UBSAN_OPTIONS=symbolize=1:halt_on_error=1:print_stacktrace=1 ./fuzzer <corpus_directory_or_single_testcase_path>

[aizatsky, 2016/04/19 18:42:43]

FYI: https://bugs.chromium.org/p/chromium/issues/detail?id=604823

[mmoroz, 2016/04/20 12:38:20]

Acknowledged.

+```
+
+
 [Address Sanitizer]: http://clang.llvm.org/docs/AddressSanitizer.html
 [Memory Sanitizer]: http://clang.llvm.org/docs/MemorySanitizer.html
 [Undefined Behavior Sanitizer]: http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html