| # Copyright 2015 The Chromium Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| declare_args() { |
| # Compile for Address Sanitizer to find memory bugs. |
| is_asan = false |
| |
| # Compile for Leak Sanitizer to find leaks. |
| is_lsan = false |
| |
| # Compile for Memory Sanitizer to find uninitialized reads. |
| is_msan = false |
| |
| # Compile for Thread Sanitizer to find threading bugs. |
| is_tsan = false |
| |
| # Compile for Undefined Behaviour Sanitizer to find various types of |
| # undefined behaviour (excludes vptr checks). |
| is_ubsan = false |
| |
| # Halt the program if a problem is detected. |
| is_ubsan_no_recover = false |
| |
| # Compile for Undefined Behaviour Sanitizer's vptr checks. |
| is_ubsan_vptr = false |
| |
| # Track where uninitialized memory originates from. From fastest to slowest: |
| # 0 - no tracking, 1 - track only the initial allocation site, 2 - track the |
| # chain of stores leading from allocation site to use site. |
| msan_track_origins = 2 |
| |
| # Use dynamic libraries instrumented by one of the sanitizers instead of the |
| # standard system libraries. Set this flag to download prebuilt binaries from |
| # GCS. |
| use_prebuilt_instrumented_libraries = false |
| |
| # Enable building with SyzyAsan which can find certain types of memory |
| # errors. Only works on Windows. See |
| # https://github.com/google/syzygy/wiki/SyzyASanHowTo |
| is_syzyasan = false |
| |
| # Compile with Control Flow Integrity to protect virtual calls and casts. |
| # See http://clang.llvm.org/docs/ControlFlowIntegrity.html |
| # |
| # TODO(pcc): Remove this flag if/when CFI is enabled in official builds. |
| is_cfi = false |
| |
| # By default, Control Flow Integrity will crash the program if it detects a |
| # violation. Set this to true to print detailed diagnostics instead. |
| use_cfi_diag = false |
| |
| # Compile for fuzzing with LLVM LibFuzzer. |
| # See http://www.chromium.org/developers/testing/libfuzzer |
| use_libfuzzer = false |
| |
| # Enables core ubsan security features. Will later be removed once it matches |
| # is_ubsan. |
| is_ubsan_security = false |
| |
| # Compile for fuzzing with Dr. Fuzz |
| # See http://www.chromium.org/developers/testing/dr-fuzz |
| use_drfuzz = false |
| |
| # Helper variable for testing builds with disabled libfuzzer. |
| # Not for client use. |
| disable_libfuzzer = false |
| |
| # Value for -fsanitize-coverage flag. Setting this causes |
| # use_sanitizer_coverage to be enabled. |
| # Default value when unset and use_sanitizer_coverage=true: |
| # edge,indirect-calls,8bit-counters |
| sanitizer_coverage_flags = "" |
| } |
| |
| # Args that are in turn dependent on other args must be in a separate |
| # declare_args block. User overrides are only applied at the end of a |
| # declare_args block. |
| declare_args() { |
| # Use libc++ (buildtools/third_party/libc++ and |
| # buildtools/third_party/libc++abi) instead of stdlibc++ as standard library. |
| # This is intended to be used for instrumented builds. |
| use_custom_libcxx = (is_asan && is_linux) || is_tsan || is_msan || is_ubsan || |
| is_ubsan_security || use_libfuzzer |
| |
| # Enable -fsanitize-coverage. |
| use_sanitizer_coverage = use_libfuzzer || sanitizer_coverage_flags != "" |
| } |
| |
| if (use_sanitizer_coverage && sanitizer_coverage_flags == "") { |
| sanitizer_coverage_flags = "edge,indirect-calls,8bit-counters" |
| } |
| |
| using_sanitizer = is_asan || is_lsan || is_tsan || is_msan || is_ubsan || |
| is_ubsan_vptr || is_ubsan_security |
| |
| assert(!using_sanitizer || is_clang, |
| "Sanitizers (is_*san) require setting is_clang = true in 'gn args'") |
| |
| # MSan only links Chrome properly in release builds (brettw -- 9/1/2015). The |
| # same is possibly true for the other non-ASan sanitizers. But regardless of |
| # whether it links, one would normally never run a sanitizer in debug mode. |
| # Running in debug mode probably indicates you forgot to set the "is_debug = |
| # false" flag in the build args. ASan seems to run fine in debug mode. |
| # |
| # If you find a use-case where you want to compile a sanitizer in debug mode |
| # and have verified it works, ask brettw and we can consider removing it from |
| # this condition. We may also be able to find another way to enable your case |
| # without having people accidentally get broken builds by compiling an |
| # unsupported or unadvisable configurations. |
| # |
| # For one-off testing, just comment this assertion out. |
| assert( |
| !is_debug || !(is_msan || is_lsan || is_tsan || is_ubsan || is_ubsan_vptr), |
| "Sanitizers should generally be used in release (set is_debug=false).") |