summaryrefslogtreecommitdiffstats
path: root/third_party/libwebrtc/build/config/sanitizers
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/libwebrtc/build/config/sanitizers')
-rw-r--r--third_party/libwebrtc/build/config/sanitizers/BUILD.gn610
-rw-r--r--third_party/libwebrtc/build/config/sanitizers/OWNERS3
-rw-r--r--third_party/libwebrtc/build/config/sanitizers/sanitizers.gni298
3 files changed, 911 insertions, 0 deletions
diff --git a/third_party/libwebrtc/build/config/sanitizers/BUILD.gn b/third_party/libwebrtc/build/config/sanitizers/BUILD.gn
new file mode 100644
index 0000000000..8c31a78085
--- /dev/null
+++ b/third_party/libwebrtc/build/config/sanitizers/BUILD.gn
@@ -0,0 +1,610 @@
+# Copyright 2014 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import("//build/config/chrome_build.gni")
+import("//build/config/chromecast_build.gni")
+import("//build/config/clang/clang.gni")
+import("//build/config/sanitizers/sanitizers.gni")
+import("//build/toolchain/toolchain.gni")
+import("//build_overrides/build.gni")
+
+if (is_ios) {
+ import("//build/config/ios/ios_sdk.gni")
+}
+
+# Contains the dependencies needed for sanitizers to link into executables and
+# shared_libraries.
+group("deps") {
+ if (using_sanitizer) {
+ public_configs = [
+ ":sanitizer_options_link_helper",
+
+ # Even when a target removes default_sanitizer_flags, it may be depending
+ # on a library that did not remove default_sanitizer_flags. Thus, we need
+ # to add the ldflags here as well as in default_sanitizer_flags.
+ ":default_sanitizer_ldflags",
+ ]
+ deps = [ ":options_sources" ]
+ if (is_win) {
+ exe = ".exe"
+ } else {
+ exe = ""
+ }
+ data = [
+ "//tools/valgrind/asan/",
+ "$clang_base_path/bin/llvm-symbolizer${exe}",
+ ]
+ if (use_prebuilt_instrumented_libraries ||
+ use_locally_built_instrumented_libraries) {
+ deps += [ "//third_party/instrumented_libraries:deps" ]
+ }
+ }
+ if (is_asan) {
+ # ASAN is supported on iOS but the runtime library depends on the compiler
+ # used (Chromium version of clang versus Xcode version of clang). Only copy
+ # the ASAN runtime on iOS if building with Chromium clang.
+ if (is_win || is_mac || (is_ios && !use_xcode_clang)) {
+ data_deps = [ ":copy_asan_runtime" ]
+ }
+ if (is_mac || (is_ios && !use_xcode_clang)) {
+ public_deps = [ ":asan_runtime_bundle_data" ]
+ }
+ }
+}
+
+assert(!(is_win && is_asan && target_cpu == "x86"),
+ "ASan is only supported in 64-bit builds on Windows.")
+
+if ((is_mac || is_win || (is_ios && !use_xcode_clang)) && is_asan) {
+ if (is_mac) {
+ _clang_rt_dso_path = "darwin/libclang_rt.asan_osx_dynamic.dylib"
+ } else if (is_ios) {
+ _clang_rt_dso_path = "darwin/libclang_rt.asan_iossim_dynamic.dylib"
+ } else if (is_win && target_cpu == "x64") {
+ _clang_rt_dso_path = "windows/clang_rt.asan_dynamic-x86_64.dll"
+ }
+
+ _clang_rt_dso_full_path =
+ "$clang_base_path/lib/clang/$clang_version/lib/$_clang_rt_dso_path"
+
+ if (!is_ios) {
+ copy("copy_asan_runtime") {
+ sources = [ _clang_rt_dso_full_path ]
+ outputs = [ "$root_out_dir/{{source_file_part}}" ]
+ }
+ } else {
+ # On iOS, the runtime library need to be code signed (adhoc signature)
+ # starting with Xcode 8, so use an action instead of a copy on iOS.
+ action("copy_asan_runtime") {
+ script = "//build/config/ios/codesign.py"
+ sources = [ _clang_rt_dso_full_path ]
+ outputs = [ "$root_out_dir/" + get_path_info(sources[0], "file") ]
+ args = [
+ "code-sign-file",
+ "--identity=" + ios_code_signing_identity,
+ "--output=" + rebase_path(outputs[0], root_build_dir),
+ rebase_path(sources[0], root_build_dir),
+ ]
+ }
+ }
+
+ if (is_apple) {
+ bundle_data("asan_runtime_bundle_data") {
+ sources = get_target_outputs(":copy_asan_runtime")
+ outputs = [ "{{bundle_executable_dir}}/{{source_file_part}}" ]
+ public_deps = [ ":copy_asan_runtime" ]
+ }
+ }
+}
+
+config("sanitizer_options_link_helper") {
+ if (is_apple) {
+ ldflags = [ "-Wl,-U,_sanitizer_options_link_helper" ]
+ } else if (!is_win) {
+ ldflags = [ "-Wl,-u_sanitizer_options_link_helper" ]
+ }
+}
+
+static_library("options_sources") {
+ # This is a static_library instead of a source_set, as it shouldn't be
+ # unconditionally linked into targets.
+ visibility = [
+ ":deps",
+ "//:gn_visibility",
+ ]
+ sources = [ "//build/sanitizers/sanitizer_options.cc" ]
+
+ # Don't compile this target with any sanitizer code. It can be called from
+ # the sanitizer runtimes, so instrumenting these functions could cause
+ # recursive calls into the runtime if there is an error.
+ configs -= [ "//build/config/sanitizers:default_sanitizer_flags" ]
+
+ if (is_asan) {
+ if (!defined(asan_suppressions_file)) {
+ asan_suppressions_file = "//build/sanitizers/asan_suppressions.cc"
+ }
+ sources += [ asan_suppressions_file ]
+ }
+
+ if (is_lsan) {
+ if (!defined(lsan_suppressions_file)) {
+ lsan_suppressions_file = "//build/sanitizers/lsan_suppressions.cc"
+ }
+ sources += [ lsan_suppressions_file ]
+ }
+
+ if (is_tsan) {
+ if (!defined(tsan_suppressions_file)) {
+ tsan_suppressions_file = "//build/sanitizers/tsan_suppressions.cc"
+ }
+ sources += [ tsan_suppressions_file ]
+ }
+}
+
+# Applies linker flags necessary when either :deps or :default_sanitizer_flags
+# are used.
+config("default_sanitizer_ldflags") {
+ visibility = [
+ ":default_sanitizer_flags",
+ ":deps",
+
+ # https://crbug.com/360158.
+ "//tools/ipc_fuzzer/fuzzer:ipc_fuzzer",
+ ]
+
+ if (is_posix || is_fuchsia) {
+ ldflags = []
+ if (is_asan) {
+ ldflags += [ "-fsanitize=address" ]
+ }
+ if (is_hwasan) {
+ ldflags += [ "-fsanitize=hwaddress" ]
+ }
+ if (is_lsan) {
+ ldflags += [ "-fsanitize=leak" ]
+ }
+ if (is_tsan) {
+ ldflags += [ "-fsanitize=thread" ]
+ }
+ if (is_msan) {
+ ldflags += [ "-fsanitize=memory" ]
+ }
+ if (is_ubsan || is_ubsan_security) {
+ ldflags += [ "-fsanitize=undefined" ]
+ }
+ if (is_ubsan_null) {
+ ldflags += [ "-fsanitize=null" ]
+ }
+ if (is_ubsan_vptr) {
+ ldflags += [ "-fsanitize=vptr" ]
+ }
+
+ if (use_sanitizer_coverage) {
+ if (use_libfuzzer) {
+ ldflags += [ "-fsanitize=fuzzer-no-link" ]
+ if (is_mac) {
+ # TODO(crbug.com/926588): on macOS, dead code stripping does not work
+ # well with `pc-table` instrumentation enabled by `fuzzer-no-link`.
+ ldflags += [ "-fno-sanitize-coverage=pc-table" ]
+ }
+ } else {
+ ldflags += [ "-fsanitize-coverage=$sanitizer_coverage_flags" ]
+ }
+ }
+
+ if (is_cfi && current_toolchain == default_toolchain) {
+ ldflags += [ "-fsanitize=cfi-vcall" ]
+ if (use_cfi_cast) {
+ ldflags += [
+ "-fsanitize=cfi-derived-cast",
+ "-fsanitize=cfi-unrelated-cast",
+ ]
+ }
+ if (use_cfi_icall) {
+ ldflags += [ "-fsanitize=cfi-icall" ]
+ }
+ if (use_cfi_diag) {
+ ldflags += [ "-fno-sanitize-trap=cfi" ]
+ if (use_cfi_recover) {
+ ldflags += [ "-fsanitize-recover=cfi" ]
+ }
+ }
+ }
+ } else if (is_win) {
+ # Windows directly calls link.exe instead of the compiler driver when
+ # linking. Hence, pass the runtime libraries instead of -fsanitize=address
+ # or -fsanitize=fuzzer.
+ if (is_asan && is_component_build) {
+ # In the static-library build, ASan libraries are different for
+ # executables and dlls, see link_executable and link_shared_library below.
+ # This here handles only the component build.
+ if (target_cpu == "x64") {
+ # Windows 64-bit.
+ libs = [
+ "clang_rt.asan_dynamic-x86_64.lib",
+ "clang_rt.asan_dynamic_runtime_thunk-x86_64.lib",
+ ]
+ } else {
+ assert(target_cpu == "x86", "WinASan unsupported architecture")
+ libs = [
+ "clang_rt.asan_dynamic-i386.lib",
+ "clang_rt.asan_dynamic_runtime_thunk-i386.lib",
+ ]
+ }
+ }
+ if (use_libfuzzer) {
+ assert(target_cpu == "x64", "LibFuzzer unsupported architecture")
+ assert(!is_component_build,
+ "LibFuzzer only supports non-component builds on Windows")
+
+ # Incremental linking causes padding that messes up SanitizerCoverage.
+ # Don't do it.
+ ldflags = [ "/INCREMENTAL:NO" ]
+ }
+ }
+}
+
+config("common_sanitizer_flags") {
+ cflags = []
+
+ if (using_sanitizer) {
+ assert(is_clang, "sanitizers only supported with clang")
+
+ # Allow non-default toolchains to enable sanitizers in toolchain_args even
+ # in official builds.
+ assert(current_toolchain != default_toolchain || !is_official_build,
+ "sanitizers not supported in official builds")
+
+ cflags += [
+ # Column info in debug data confuses Visual Studio's debugger, so don't
+ # use this by default. However, clusterfuzz needs it for good
+ # attribution of reports to CLs, so turn it on there.
+ "-gcolumn-info",
+ ]
+
+ # Frame pointers are controlled in //build/config/compiler:default_stack_frames
+ }
+}
+
+config("asan_flags") {
+ cflags = []
+ if (is_asan) {
+ cflags += [ "-fsanitize=address" ]
+ if (is_win) {
+ if (!defined(asan_win_blocklist_path)) {
+ asan_win_blocklist_path =
+ rebase_path("//tools/memory/asan/blocklist_win.txt", root_build_dir)
+ }
+ cflags += [ "-fsanitize-ignorelist=$asan_win_blocklist_path" ]
+ }
+ }
+}
+
+config("link_executable") {
+ if (is_asan && is_win && !is_component_build) {
+ if (target_cpu == "x64") {
+ ldflags = [ "-wholearchive:clang_rt.asan-x86_64.lib" ]
+ } else {
+ assert(target_cpu == "x86", "WinASan unsupported architecture")
+ ldflags = [ "-wholearchive:clang_rt.asan-i386.lib" ]
+ }
+ }
+}
+
+config("link_shared_library") {
+ if (is_asan && is_win && !is_component_build) {
+ if (target_cpu == "x64") {
+ libs = [ "clang_rt.asan_dll_thunk-x86_64.lib" ]
+ } else {
+ assert(target_cpu == "x86", "WinASan unsupported architecture")
+ libs = [ "clang_rt.asan_dll_thunk-i386.lib" ]
+ }
+ }
+}
+
+config("cfi_flags") {
+ cflags = []
+ if (is_cfi && current_toolchain == default_toolchain) {
+ if (!defined(cfi_ignorelist_path)) {
+ cfi_ignorelist_path =
+ rebase_path("//tools/cfi/ignores.txt", root_build_dir)
+ }
+ cflags += [
+ "-fsanitize=cfi-vcall",
+ "-fsanitize-ignorelist=$cfi_ignorelist_path",
+ ]
+
+ if (use_cfi_cast) {
+ cflags += [
+ "-fsanitize=cfi-derived-cast",
+ "-fsanitize=cfi-unrelated-cast",
+ ]
+ }
+
+ if (use_cfi_icall) {
+ cflags += [ "-fsanitize=cfi-icall" ]
+ }
+
+ if (use_cfi_diag) {
+ cflags += [ "-fno-sanitize-trap=cfi" ]
+ if (is_win) {
+ cflags += [
+ "/Oy-",
+ "/Ob0",
+ ]
+ } else {
+ cflags += [
+ "-fno-inline-functions",
+ "-fno-inline",
+ "-fno-omit-frame-pointer",
+ "-O1",
+ ]
+ }
+ if (use_cfi_recover) {
+ cflags += [ "-fsanitize-recover=cfi" ]
+ }
+ }
+ }
+}
+
+# crbug.com/785442: Fix cfi-icall failures for code that casts pointer argument
+# types in function pointer type signatures.
+config("cfi_icall_generalize_pointers") {
+ if (is_clang && is_cfi && use_cfi_icall) {
+ cflags = [ "-fsanitize-cfi-icall-generalize-pointers" ]
+ }
+}
+
+config("cfi_icall_disable") {
+ if (is_clang && is_cfi && use_cfi_icall) {
+ cflags = [ "-fno-sanitize=cfi-icall" ]
+ }
+}
+
+config("coverage_flags") {
+ cflags = []
+ if (use_sanitizer_coverage) {
+ # Used by sandboxing code to allow coverage dump to be written on the disk.
+ defines = [ "SANITIZER_COVERAGE" ]
+
+ if (use_libfuzzer) {
+ cflags += [ "-fsanitize=fuzzer-no-link" ]
+ if (is_mac) {
+ # TODO(crbug.com/926588): on macOS, dead code stripping does not work
+ # well with `pc-table` instrumentation enabled by `fuzzer-no-link`.
+ cflags += [ "-fno-sanitize-coverage=pc-table" ]
+ }
+ } else {
+ cflags += [
+ "-fsanitize-coverage=$sanitizer_coverage_flags",
+ "-mllvm",
+ "-sanitizer-coverage-prune-blocks=1",
+ ]
+ if (target_cpu == "arm") {
+ # http://crbug.com/517105
+ cflags += [
+ "-mllvm",
+ "-sanitizer-coverage-block-threshold=0",
+ ]
+ }
+ }
+ }
+}
+
+config("hwasan_flags") {
+ if (is_hwasan) {
+ asmflags = [ "-fsanitize=hwaddress" ]
+ cflags = [ "-fsanitize=hwaddress" ]
+ }
+}
+
+config("lsan_flags") {
+ if (is_lsan) {
+ cflags = [ "-fsanitize=leak" ]
+ }
+}
+
+config("msan_flags") {
+ if (is_msan) {
+ assert(is_linux || is_chromeos,
+ "msan only supported on linux x86_64/ChromeOS")
+ if (!defined(msan_ignorelist_path)) {
+ msan_ignorelist_path =
+ rebase_path("//tools/msan/ignorelist.txt", root_build_dir)
+ }
+ cflags = [
+ "-fsanitize=memory",
+ "-fsanitize-memory-track-origins=$msan_track_origins",
+ "-fsanitize-ignorelist=$msan_ignorelist_path",
+ ]
+ }
+}
+
+config("tsan_flags") {
+ if (is_tsan) {
+ assert(is_linux || is_chromeos, "tsan only supported on linux x86_64")
+ if (!defined(tsan_ignorelist_path)) {
+ tsan_ignorelist_path =
+ rebase_path("//tools/memory/tsan_v2/ignores.txt", root_build_dir)
+ }
+ cflags = [
+ "-fsanitize=thread",
+ "-fsanitize-ignorelist=$tsan_ignorelist_path",
+ ]
+ }
+}
+
+config("ubsan_flags") {
+ cflags = []
+ if (is_ubsan) {
+ if (!defined(ubsan_ignorelist_path)) {
+ ubsan_ignorelist_path =
+ rebase_path("//tools/ubsan/ignorelist.txt", root_build_dir)
+ }
+ cflags += [
+ "-fsanitize=bool",
+ "-fsanitize=bounds",
+ "-fsanitize=builtin",
+ "-fsanitize=float-divide-by-zero",
+ "-fsanitize=integer-divide-by-zero",
+ "-fsanitize=null",
+ "-fsanitize=object-size",
+ "-fsanitize=return",
+ "-fsanitize=returns-nonnull-attribute",
+ "-fsanitize=shift-exponent",
+ "-fsanitize=signed-integer-overflow",
+ "-fsanitize=unreachable",
+ "-fsanitize=vla-bound",
+ "-fsanitize-ignorelist=$ubsan_ignorelist_path",
+ ]
+
+ # Chromecast ubsan builds fail to compile with these
+ # experimental flags, so only add them to non-chromecast ubsan builds.
+ if (!is_chromecast) {
+ cflags += [
+ # Employ the experimental PBQP register allocator to avoid slow
+ # compilation on files with too many basic blocks.
+ # See http://crbug.com/426271.
+ "-mllvm",
+ "-regalloc=pbqp",
+
+ # Speculatively use coalescing to slightly improve the code generated
+ # by PBQP regallocator. May increase compile time.
+ "-mllvm",
+ "-pbqp-coalescing",
+ ]
+ }
+ }
+}
+
+config("ubsan_no_recover") {
+ if (is_ubsan_no_recover) {
+ cflags = [ "-fno-sanitize-recover=undefined" ]
+ }
+}
+
+config("ubsan_security_flags") {
+ if (is_ubsan_security) {
+ if (!defined(ubsan_security_ignorelist_path)) {
+ ubsan_security_ignorelist_path =
+ rebase_path("//tools/ubsan/security_ignorelist.txt", root_build_dir)
+ }
+ cflags = [
+ "-fsanitize=function",
+ "-fsanitize=shift",
+ "-fsanitize=signed-integer-overflow",
+ "-fsanitize=vla-bound",
+ "-fsanitize-ignorelist=$ubsan_security_ignorelist_path",
+ ]
+ }
+}
+
+config("ubsan_null_flags") {
+ if (is_ubsan_null) {
+ cflags = [ "-fsanitize=null" ]
+ }
+}
+
+config("ubsan_vptr_flags") {
+ if (is_ubsan_vptr) {
+ if (!defined(ubsan_vptr_ignorelist_path)) {
+ ubsan_vptr_ignorelist_path =
+ rebase_path("//tools/ubsan/vptr_ignorelist.txt", root_build_dir)
+ }
+ cflags = [
+ "-fsanitize=vptr",
+ "-fsanitize-ignorelist=$ubsan_vptr_ignorelist_path",
+ ]
+ }
+}
+
+config("fuzzing_build_mode") {
+ if (use_fuzzing_engine && optimize_for_fuzzing) {
+ defines = [ "FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" ]
+ }
+}
+
+all_sanitizer_configs = [
+ ":common_sanitizer_flags",
+ ":coverage_flags",
+ ":default_sanitizer_ldflags",
+ ":asan_flags",
+ ":cfi_flags",
+ ":hwasan_flags",
+ ":lsan_flags",
+ ":msan_flags",
+ ":tsan_flags",
+ ":ubsan_flags",
+ ":ubsan_no_recover",
+ ":ubsan_null_flags",
+ ":ubsan_security_flags",
+ ":ubsan_vptr_flags",
+ ":fuzzing_build_mode",
+]
+
+# This config is applied by default to all targets. It sets the compiler flags
+# for sanitizer usage, or, if no sanitizer is set, does nothing.
+#
+# This needs to be in a separate config so that targets can opt out of
+# sanitizers (by removing the config) if they desire. Even if a target
+# removes this config, executables & shared libraries should still depend on
+# :deps if any of their dependencies have not opted out of sanitizers.
+# Keep this list in sync with default_sanitizer_flags_but_ubsan_vptr.
+config("default_sanitizer_flags") {
+ configs = all_sanitizer_configs
+
+ if (use_sanitizer_configs_without_instrumentation) {
+ configs = []
+ }
+}
+
+# This config is equivalent to default_sanitizer_flags, but excludes ubsan_vptr.
+# This allows to selectively disable ubsan_vptr, when needed. In particular,
+# if some third_party code is required to be compiled without rtti, which
+# is a requirement for ubsan_vptr.
+config("default_sanitizer_flags_but_ubsan_vptr") {
+ configs = all_sanitizer_configs - [ ":ubsan_vptr_flags" ]
+
+ if (use_sanitizer_configs_without_instrumentation) {
+ configs = []
+ }
+}
+
+config("default_sanitizer_flags_but_coverage") {
+ configs = all_sanitizer_configs - [ ":coverage_flags" ]
+
+ if (use_sanitizer_configs_without_instrumentation) {
+ configs = []
+ }
+}
+
+# This config is used by parts of code that aren't targeted in fuzzers and
+# therefore don't need coverage instrumentation and possibly wont need
+# sanitizer instrumentation either. The config also tells the compiler to
+# perform additional optimizations on the configured code and ensures that
+# linking it to the rest of the binary which is instrumented with sanitizers
+# works. The config only does anything if the build is a fuzzing build.
+config("not_fuzzed") {
+ if (use_fuzzing_engine) {
+ # Since we aren't instrumenting with coverage, code size is less of a
+ # concern, so use a more aggressive optimization level than
+ # optimize_for_fuzzing (-O1). When given multiple optimization flags, clang
+ # obeys the last one, so as long as this flag comes after -O1, it should work.
+ # Since this config will always be depended on after
+ # "//build/config/compiler:default_optimization" (which adds -O1 when
+ # optimize_for_fuzzing is true), -O2 should always be the second flag. Even
+ # though this sounds fragile, it isn't a big deal if it breaks, since proto
+ # fuzzers will still work, they will just be slightly slower.
+ cflags = [ "-O2" ]
+
+ # We need to include this config when we remove default_sanitizer_flags or
+ # else there will be linking errors. We would remove default_sanitizer_flags
+ # here as well, but gn doesn't permit this.
+ if (!is_msan) {
+ # We don't actually remove sanitization when MSan is being used so there
+ # is no need to add default_sanitizer_ldflags in that case
+ configs = [ ":default_sanitizer_ldflags" ]
+ }
+ }
+}
diff --git a/third_party/libwebrtc/build/config/sanitizers/OWNERS b/third_party/libwebrtc/build/config/sanitizers/OWNERS
new file mode 100644
index 0000000000..f6a122b518
--- /dev/null
+++ b/third_party/libwebrtc/build/config/sanitizers/OWNERS
@@ -0,0 +1,3 @@
+inferno@chromium.org
+metzman@chromium.org
+ochang@chromium.org
diff --git a/third_party/libwebrtc/build/config/sanitizers/sanitizers.gni b/third_party/libwebrtc/build/config/sanitizers/sanitizers.gni
new file mode 100644
index 0000000000..3bb41df05f
--- /dev/null
+++ b/third_party/libwebrtc/build/config/sanitizers/sanitizers.gni
@@ -0,0 +1,298 @@
+# Copyright 2015 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import("//build/config/chrome_build.gni")
+import("//build/config/chromecast_build.gni")
+import("//build/config/chromeos/args.gni")
+import("//build/config/chromeos/ui_mode.gni")
+import("//build/config/profiling/profiling.gni")
+import("//build/toolchain/toolchain.gni")
+
+declare_args() {
+ # Compile for Address Sanitizer to find memory bugs.
+ is_asan = false
+
+ # Compile for Hardware-Assisted Address Sanitizer to find memory bugs
+ # (android/arm64 only).
+ # See http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html
+ is_hwasan = false
+
+ # Compile for Leak Sanitizer to find leaks.
+ is_lsan = false
+
+ # Compile for Memory Sanitizer to find uninitialized reads.
+ is_msan = false
+
+ # Compile for Thread Sanitizer to find threading bugs.
+ is_tsan = false
+
+ # Compile for Undefined Behaviour Sanitizer to find various types of
+ # undefined behaviour (excludes vptr checks).
+ is_ubsan = false
+
+ # Halt the program if a problem is detected.
+ is_ubsan_no_recover = false
+
+ # Compile for Undefined Behaviour Sanitizer's null pointer checks.
+ is_ubsan_null = false
+
+ # Track where uninitialized memory originates from. From fastest to slowest:
+ # 0 - no tracking, 1 - track only the initial allocation site, 2 - track the
+ # chain of stores leading from allocation site to use site.
+ msan_track_origins = 2
+
+ # Use dynamic libraries instrumented by one of the sanitizers instead of the
+ # standard system libraries. Set this flag to build the libraries from source.
+ use_locally_built_instrumented_libraries = false
+
+ # Compile with Control Flow Integrity to protect virtual calls and casts.
+ # See http://clang.llvm.org/docs/ControlFlowIntegrity.html
+ #
+ # TODO(pcc): Remove this flag if/when CFI is enabled in all official builds.
+ #
+ # Disable this on linux-chromeos to avoid using ThinLTO there;
+ # crbug.com/1033839. Similarly, don't use this on ARC builds.
+ #
+ # TODO(crbug.com/1159424): Reassess the validity of the next expression.
+ is_cfi =
+ is_official_build &&
+ (((target_os == "linux" || is_chromeos_lacros) && target_cpu == "x64") ||
+ ((is_chromeos_ash || is_chromeos_lacros) && is_chromeos_device))
+
+ # Enable checks for indirect function calls via a function pointer.
+ # TODO(pcc): remove this when we're ready to add these checks by default.
+ # https://crbug.com/701919
+ #
+ # TODO(crbug.com/1159424): Reassess the validity of the next expression.
+ use_cfi_icall = (target_os == "linux" || is_chromeos_lacros) &&
+ target_cpu == "x64" && is_official_build
+
+ # Print detailed diagnostics when Control Flow Integrity detects a violation.
+ use_cfi_diag = false
+
+ # Let Control Flow Integrity continue execution instead of crashing when
+ # printing diagnostics (use_cfi_diag = true).
+ use_cfi_recover = false
+
+ # Compile for fuzzing with LLVM LibFuzzer.
+ # See http://www.chromium.org/developers/testing/libfuzzer
+ use_libfuzzer = false
+
+ # Compile for fuzzing with AFL.
+ use_afl = false
+
+ # Compile for fuzzing with an external engine (e.g., Grammarinator).
+ use_external_fuzzing_engine = false
+
+ # Enables core ubsan security features. Will later be removed once it matches
+ # is_ubsan.
+ is_ubsan_security = false
+
+ # Helper variable for testing builds with disabled libfuzzer.
+ # Not for client use.
+ disable_libfuzzer = false
+
+ # Optimize for coverage guided fuzzing (balance between speed and number of
+ # branches). Can be also used to remove non-determinism and other issues.
+ optimize_for_fuzzing = false
+
+ # Value for -fsanitize-coverage flag. Setting this causes
+ # use_sanitizer_coverage to be enabled.
+ # This flag is not used for libFuzzer (use_libfuzzer=true). Instead, we use:
+ # -fsanitize=fuzzer-no-link
+ # Default value when unset and use_fuzzing_engine=true:
+ # trace-pc-guard
+ # Default value when unset and use_sanitizer_coverage=true:
+ # trace-pc-guard,indirect-calls
+ sanitizer_coverage_flags = ""
+
+ # When enabled, only relevant sanitizer defines are set, but compilation
+ # happens with no extra flags. This is useful when in component build
+ # enabling sanitizers only in some of the components.
+ use_sanitizer_configs_without_instrumentation = false
+
+ # When true, seed corpora archives are built.
+ archive_seed_corpus = true
+}
+
+declare_args() {
+ # Enable checks for bad casts: derived cast and unrelated cast.
+ # TODO(krasin): remove this, when we're ready to add these checks by default.
+ # https://crbug.com/626794
+ use_cfi_cast = is_cfi && (is_chromeos_ash || is_chromeos_lacros)
+
+ # Compile for Undefined Behaviour Sanitizer's vptr checks.
+ is_ubsan_vptr = is_ubsan_security
+}
+
+assert(!is_hwasan || (target_os == "android" && target_cpu == "arm64"),
+ "HWASan only supported on Android ARM64 builds.")
+
+# Disable sanitizers for non-target toolchains.
+if (!is_a_target_toolchain) {
+ is_asan = false
+ is_cfi = false
+ is_hwasan = false
+ is_lsan = false
+ is_msan = false
+ is_tsan = false
+ is_ubsan = false
+ is_ubsan_null = false
+ is_ubsan_no_recover = false
+ is_ubsan_security = false
+ is_ubsan_vptr = false
+ msan_track_origins = 0
+ sanitizer_coverage_flags = ""
+ use_afl = false
+ use_cfi_diag = false
+ use_cfi_recover = false
+ use_libfuzzer = false
+ use_locally_built_instrumented_libraries = false
+ use_sanitizer_coverage = false
+} else if (target_cpu != "arm64") {
+ is_hwasan = false
+}
+
+# Use dynamic libraries instrumented by one of the sanitizers instead of the
+# standard system libraries. We have instrumented system libraries for msan,
+# which requires them to prevent false positives.
+# TODO(thakis): Maybe remove this variable.
+use_prebuilt_instrumented_libraries = is_msan
+
+# Whether we are doing a fuzzer build. Normally this should be checked instead
+# of checking "use_libfuzzer || use_afl" because often developers forget to
+# check for "use_afl".
+use_fuzzing_engine = use_libfuzzer || use_afl || use_external_fuzzing_engine
+
+# Args that are in turn dependent on other args must be in a separate
+# declare_args block. User overrides are only applied at the end of a
+# declare_args block.
+declare_args() {
+ # Generates an owners file for each fuzzer test.
+ # TODO(crbug.com/1194183): Remove this arg when finding OWNERS is faster.
+ generate_fuzzer_owners = use_fuzzing_engine
+
+ use_sanitizer_coverage =
+ !use_clang_coverage &&
+ (use_fuzzing_engine || sanitizer_coverage_flags != "")
+
+ # https://crbug.com/1002058: Code coverage works inside the sandbox via the
+ # help of several helper IPCs. Unfortunately, the sandbox-only path does not
+ # work well for fuzzing builds. Since fuzzing builds already disable the
+ # sandbox when dumping coverage, limit the sandbox-only path to non-fuzzing
+ # builds.
+ # Everything is IPC on Fuchsia, so this workaround for code coverage inside
+ # the sandbox does not apply.
+ use_clang_profiling_inside_sandbox =
+ use_clang_profiling && !use_fuzzing_engine && !is_fuchsia
+}
+
+if (use_fuzzing_engine && sanitizer_coverage_flags == "") {
+ sanitizer_coverage_flags = "trace-pc-guard"
+} else if (use_sanitizer_coverage && sanitizer_coverage_flags == "") {
+ sanitizer_coverage_flags = "trace-pc-guard,indirect-calls"
+}
+
+# Whether we are linking against a sanitizer runtime library. Among other
+# things, this changes the default symbol level and other settings in order to
+# prepare to create stack traces "live" using the sanitizer runtime.
+using_sanitizer = is_asan || is_hwasan || is_lsan || is_tsan || is_msan ||
+ is_ubsan || is_ubsan_null || is_ubsan_vptr ||
+ is_ubsan_security || use_sanitizer_coverage || use_cfi_diag
+
+assert(!using_sanitizer || is_clang,
+ "Sanitizers (is_*san) require setting is_clang = true in 'gn args'")
+
+assert(!is_cfi || is_clang,
+ "is_cfi requires setting is_clang = true in 'gn args'")
+
+prebuilt_instrumented_libraries_available =
+ is_msan && (msan_track_origins == 0 || msan_track_origins == 2)
+
+if (use_libfuzzer && (is_linux || is_chromeos)) {
+ if (is_asan) {
+ # We do leak checking with libFuzzer on Linux. Set is_lsan for code that
+ # relies on LEAK_SANITIZER define to avoid false positives.
+ is_lsan = true
+ }
+}
+
+# MSan only links Chrome properly in release builds (brettw -- 9/1/2015). The
+# same is possibly true for the other non-ASan sanitizers. But regardless of
+# whether it links, one would normally never run a sanitizer in debug mode.
+# Running in debug mode probably indicates you forgot to set the "is_debug =
+# false" flag in the build args. ASan seems to run fine in debug mode.
+#
+# If you find a use-case where you want to compile a sanitizer in debug mode
+# and have verified it works, ask brettw and we can consider removing it from
+# this condition. We may also be able to find another way to enable your case
+# without having people accidentally get broken builds by compiling an
+# unsupported or unadvisable configurations.
+#
+# For one-off testing, just comment this assertion out.
+assert(!is_debug || !(is_msan || is_ubsan || is_ubsan_null || is_ubsan_vptr),
+ "Sanitizers should generally be used in release (set is_debug=false).")
+
+assert(!is_msan || ((is_linux || is_chromeos) && target_cpu == "x64"),
+ "MSan currently only works on 64-bit Linux and ChromeOS builds.")
+
+assert(!is_lsan || is_asan, "is_lsan = true requires is_asan = true also.")
+
+# ASAN build on Windows is not working in debug mode. Intercepting memory
+# allocation functions is hard on Windows and not yet implemented in LLVM.
+assert(!is_win || !is_debug || !is_asan,
+ "ASan on Windows doesn't work in debug (set is_debug=false).")
+
+# libFuzzer targets can fail to build or behave incorrectly when built without
+# ASAN on Windows.
+assert(!is_win || !use_libfuzzer || is_asan,
+ "use_libfuzzer on Windows requires setting is_asan = true")
+
+# Make sure that if we recover on detection (i.e. not crash), diagnostics are
+# printed.
+assert(!use_cfi_recover || use_cfi_diag,
+ "Only use CFI recovery together with diagnostics.")
+
+# TODO(crbug.com/753445): the use_sanitizer_coverage arg is currently
+# not supported by the Chromium mac_clang_x64 toolchain on iOS distribution.
+# The coverage works with iOS toolchain but it is broken when the mac
+# toolchain is used as a secondary one on iOS distribution. E.g., it should be
+# possible to build the "net" target for iOS with the sanitizer coverage
+# enabled.
+assert(
+ !(use_sanitizer_coverage && is_mac && target_os == "ios"),
+ "crbug.com/753445: use_sanitizer_coverage=true is not supported by the " +
+ "Chromium mac_clang_x64 toolchain on iOS distribution. Please set " +
+ "the argument value to false.")
+
+# Use these lists of configs to disable instrumenting code that is part of a
+# fuzzer, but which isn't being targeted (such as libprotobuf-mutator, *.pb.cc
+# and libprotobuf when they are built as part of a proto fuzzer). Adding or
+# removing these lists does not have any effect if use_libfuzzer or use_afl are
+# not passed as arguments to gn.
+not_fuzzed_remove_configs = []
+not_fuzzed_remove_nonasan_configs = []
+
+if (use_fuzzing_engine) {
+ # Removing coverage should always just work.
+ not_fuzzed_remove_configs += [ "//build/config/coverage:default_coverage" ]
+ not_fuzzed_remove_nonasan_configs +=
+ [ "//build/config/coverage:default_coverage" ]
+
+ if (!is_msan) {
+ # Allow sanitizer instrumentation to be removed if we are not using MSan
+ # since binaries cannot be partially instrumented with MSan.
+ not_fuzzed_remove_configs +=
+ [ "//build/config/sanitizers:default_sanitizer_flags" ]
+
+ # Certain parts of binaries must be instrumented with ASan if the rest of
+ # the binary is. For these, only remove non-ASan sanitizer instrumentation.
+ if (!is_asan) {
+ not_fuzzed_remove_nonasan_configs +=
+ [ "//build/config/sanitizers:default_sanitizer_flags" ]
+
+ assert(not_fuzzed_remove_nonasan_configs == not_fuzzed_remove_configs)
+ }
+ }
+}