mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-12-01 01:36:09 +03:00
264 lines
9.9 KiB
Plaintext
264 lines
9.9 KiB
Plaintext
# Copyright 2015 The Chromium Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
import("//build/config/chrome_build.gni")
|
|
import("//build/config/chromecast_build.gni")
|
|
import("//build/config/coverage/coverage.gni")
|
|
import("//build/toolchain/toolchain.gni")
|
|
|
|
declare_args() {
|
|
# Compile for Address Sanitizer to find memory bugs.
|
|
is_asan = false
|
|
|
|
# Compile for Leak Sanitizer to find leaks.
|
|
is_lsan = false
|
|
|
|
# Compile for Memory Sanitizer to find uninitialized reads.
|
|
is_msan = false
|
|
|
|
# Compile for Thread Sanitizer to find threading bugs.
|
|
is_tsan = false
|
|
|
|
# Compile for Undefined Behaviour Sanitizer to find various types of
|
|
# undefined behaviour (excludes vptr checks).
|
|
is_ubsan = false
|
|
|
|
# Halt the program if a problem is detected.
|
|
is_ubsan_no_recover = false
|
|
|
|
# Compile for Undefined Behaviour Sanitizer's null pointer checks.
|
|
is_ubsan_null = false
|
|
|
|
# Compile for Undefined Behaviour Sanitizer's vptr checks.
|
|
is_ubsan_vptr = false
|
|
|
|
# Compile with SafeStack shadow stack support.
|
|
is_safestack = false
|
|
|
|
# Track where uninitialized memory originates from. From fastest to slowest:
|
|
# 0 - no tracking, 1 - track only the initial allocation site, 2 - track the
|
|
# chain of stores leading from allocation site to use site.
|
|
msan_track_origins = 2
|
|
|
|
# Use dynamic libraries instrumented by one of the sanitizers instead of the
|
|
# standard system libraries. Set this flag to download prebuilt binaries from
|
|
# GCS.
|
|
use_prebuilt_instrumented_libraries = false
|
|
|
|
# Use dynamic libraries instrumented by one of the sanitizers instead of the
|
|
# standard system libraries. Set this flag to build the libraries from source.
|
|
use_locally_built_instrumented_libraries = false
|
|
|
|
# Compile with Control Flow Integrity to protect virtual calls and casts.
|
|
# See http://clang.llvm.org/docs/ControlFlowIntegrity.html
|
|
#
|
|
# TODO(pcc): Remove this flag if/when CFI is enabled in all official builds.
|
|
is_cfi = target_os == "linux" && !is_chromeos && target_cpu == "x64" &&
|
|
is_official_build
|
|
|
|
# Enable checks for bad casts: derived cast and unrelated cast.
|
|
# TODO(krasin): remove this, when we're ready to add these checks by default.
|
|
# https://crbug.com/626794
|
|
use_cfi_cast = false
|
|
|
|
# Enable checks for indirect function calls via a function pointer.
|
|
# TODO(pcc): remove this when we're ready to add these checks by default.
|
|
# https://crbug.com/701919
|
|
use_cfi_icall = target_os == "linux" && !is_chromeos && target_cpu == "x64" &&
|
|
is_official_build
|
|
|
|
# Print detailed diagnostics when Control Flow Integrity detects a violation.
|
|
use_cfi_diag = false
|
|
|
|
# Let Control Flow Integrity continue execution instead of crashing when
|
|
# printing diagnostics (use_cfi_diag = true).
|
|
use_cfi_recover = false
|
|
|
|
# Compile for fuzzing with LLVM LibFuzzer.
|
|
# See http://www.chromium.org/developers/testing/libfuzzer
|
|
use_libfuzzer = false
|
|
|
|
# Compile for fuzzing with AFL.
|
|
use_afl = false
|
|
|
|
# Enables core ubsan security features. Will later be removed once it matches
|
|
# is_ubsan.
|
|
is_ubsan_security = false
|
|
|
|
# Compile for fuzzing with Dr. Fuzz
|
|
# See http://www.chromium.org/developers/testing/dr-fuzz
|
|
use_drfuzz = false
|
|
|
|
# Helper variable for testing builds with disabled libfuzzer.
|
|
# Not for client use.
|
|
disable_libfuzzer = false
|
|
|
|
# Optimize for coverage guided fuzzing (balance between speed and number of
|
|
# branches). Can be also used to remove non-determinism and other issues.
|
|
optimize_for_fuzzing = false
|
|
|
|
# Value for -fsanitize-coverage flag. Setting this causes
|
|
# use_sanitizer_coverage to be enabled.
|
|
# This flag is not used for libFuzzer (use_libfuzzer=true). Instead, we use:
|
|
# -fsanitize=fuzzer-no-link
|
|
# Default value when unset and use_afl=true:
|
|
# trace-pc-guard
|
|
# Default value when unset and use_sanitizer_coverage=true:
|
|
# trace-pc-guard,indirect-calls
|
|
sanitizer_coverage_flags = ""
|
|
}
|
|
|
|
# Disable sanitizers for non-default toolchains.
|
|
if (current_toolchain != default_toolchain) {
|
|
is_asan = false
|
|
is_cfi = false
|
|
is_lsan = false
|
|
is_msan = false
|
|
is_tsan = false
|
|
is_ubsan = false
|
|
is_ubsan_null = false
|
|
is_ubsan_no_recover = false
|
|
is_ubsan_security = false
|
|
is_ubsan_vptr = false
|
|
msan_track_origins = 0
|
|
sanitizer_coverage_flags = ""
|
|
use_afl = false
|
|
use_cfi_diag = false
|
|
use_cfi_recover = false
|
|
use_drfuzz = false
|
|
use_libfuzzer = false
|
|
use_prebuilt_instrumented_libraries = false
|
|
use_locally_built_instrumented_libraries = false
|
|
use_sanitizer_coverage = false
|
|
}
|
|
|
|
# Whether we are doing a fuzzer build. Normally this should be checked instead
|
|
# of checking "use_libfuzzer || use_afl" because often developers forget to
|
|
# check for "use_afl".
|
|
use_fuzzing_engine = use_libfuzzer || use_afl
|
|
|
|
# Args that are in turn dependent on other args must be in a separate
|
|
# declare_args block. User overrides are only applied at the end of a
|
|
# declare_args block.
|
|
declare_args() {
|
|
use_sanitizer_coverage =
|
|
!use_clang_coverage &&
|
|
(use_fuzzing_engine || sanitizer_coverage_flags != "")
|
|
|
|
# Detect overflow/underflow for global objects.
|
|
#
|
|
# Mac: http://crbug.com/352073
|
|
asan_globals = !is_mac
|
|
}
|
|
|
|
if (use_fuzzing_engine && sanitizer_coverage_flags == "") {
|
|
sanitizer_coverage_flags = "trace-pc-guard"
|
|
} else if (use_sanitizer_coverage && sanitizer_coverage_flags == "") {
|
|
sanitizer_coverage_flags = "trace-pc-guard,indirect-calls"
|
|
}
|
|
|
|
# Whether we are linking against a debugging sanitizer runtime library. Among
|
|
# other things, this changes the default symbol level and other settings in
|
|
# order to prepare to create stack traces "live" using the sanitizer runtime.
|
|
using_sanitizer =
|
|
is_asan || is_lsan || is_tsan || is_msan || is_ubsan || is_ubsan_null ||
|
|
is_ubsan_vptr || is_ubsan_security || use_sanitizer_coverage || use_cfi_diag
|
|
|
|
assert(!using_sanitizer || is_clang,
|
|
"Sanitizers (is_*san) require setting is_clang = true in 'gn args'")
|
|
|
|
assert(!is_cfi || is_clang,
|
|
"is_cfi requires setting is_clang = true in 'gn args'")
|
|
|
|
assert(!is_safestack || is_clang,
|
|
"is_safestack requires setting is_clang = true in 'gn args'")
|
|
|
|
prebuilt_instrumented_libraries_available =
|
|
is_msan && (msan_track_origins == 0 || msan_track_origins == 2)
|
|
|
|
if (use_libfuzzer && is_linux) {
|
|
if (is_asan) {
|
|
# We do leak checking with libFuzzer on Linux. Set is_lsan for code that
|
|
# relies on LEAK_SANITIZER define to avoid false positives.
|
|
is_lsan = true
|
|
}
|
|
if (is_msan) {
|
|
use_prebuilt_instrumented_libraries = true
|
|
}
|
|
}
|
|
|
|
# MSan only links Chrome properly in release builds (brettw -- 9/1/2015). The
|
|
# same is possibly true for the other non-ASan sanitizers. But regardless of
|
|
# whether it links, one would normally never run a sanitizer in debug mode.
|
|
# Running in debug mode probably indicates you forgot to set the "is_debug =
|
|
# false" flag in the build args. ASan seems to run fine in debug mode.
|
|
#
|
|
# If you find a use-case where you want to compile a sanitizer in debug mode
|
|
# and have verified it works, ask brettw and we can consider removing it from
|
|
# this condition. We may also be able to find another way to enable your case
|
|
# without having people accidentally get broken builds by compiling an
|
|
# unsupported or unadvisable configurations.
|
|
#
|
|
# For one-off testing, just comment this assertion out.
|
|
assert(!is_debug || !(is_msan || is_ubsan || is_ubsan_null || is_ubsan_vptr),
|
|
"Sanitizers should generally be used in release (set is_debug=false).")
|
|
|
|
assert(!is_msan || (is_linux && current_cpu == "x64"),
|
|
"MSan currently only works on 64-bit Linux and ChromeOS builds.")
|
|
|
|
assert(!is_lsan || is_asan, "is_lsan = true requires is_asan = true also.")
|
|
|
|
# ASAN build on Windows is not working in debug mode. Intercepting memory
|
|
# allocation functions is hard on Windows and not yet implemented in LLVM.
|
|
assert(!is_win || !is_debug || !is_asan,
|
|
"ASan on Windows doesn't work in debug (set is_debug=false).")
|
|
|
|
# Make sure that if we recover on detection (i.e. not crash), diagnostics are
|
|
# printed.
|
|
assert(!use_cfi_recover || use_cfi_diag,
|
|
"Only use CFI recovery together with diagnostics.")
|
|
|
|
# TODO(crbug.com/753445): the use_sanitizer_coverage arg is currently
|
|
# not supported by the Chromium mac_clang_x64 toolchain on iOS distribution.
|
|
# The coverage works with iOS toolchain but it is broken when the mac
|
|
# toolchain is used as a secondary one on iOS distribution. E.g., it should be
|
|
# possible to build the "net" target for iOS with the sanitizer coverage
|
|
# enabled.
|
|
assert(
|
|
!(use_sanitizer_coverage && is_mac && target_os == "ios"),
|
|
"crbug.com/753445: use_sanitizer_coverage=true is not supported by the " +
|
|
"Chromium mac_clang_x64 toolchain on iOS distribution. Please set " +
|
|
"the argument value to false.")
|
|
|
|
# Use these lists of configs to disable instrumenting code that is part of a
|
|
# fuzzer, but which isn't being targeted (such as libprotobuf-mutator, *.pb.cc
|
|
# and libprotobuf when they are built as part of a proto fuzzer). Adding or
|
|
# removing these lists does not have any effect if use_libfuzzer or use_afl are
|
|
# not passed as arguments to gn.
|
|
not_fuzzed_remove_configs = []
|
|
not_fuzzed_remove_nonasan_configs = []
|
|
|
|
if (use_fuzzing_engine) {
|
|
# Removing coverage should always just work.
|
|
not_fuzzed_remove_configs += [ "//build/config/coverage:default_coverage" ]
|
|
not_fuzzed_remove_nonasan_configs +=
|
|
[ "//build/config/coverage:default_coverage" ]
|
|
|
|
if (!is_msan) {
|
|
# Allow sanitizer instrumentation to be removed if we are not using MSan
|
|
# since binaries cannot be partially instrumented with MSan.
|
|
not_fuzzed_remove_configs +=
|
|
[ "//build/config/sanitizers:default_sanitizer_flags" ]
|
|
|
|
# Certain parts of binaries must be instrumented with ASan if the rest of
|
|
# the binary is. For these, only remove non-ASan sanitizer instrumentation.
|
|
if (!is_asan) {
|
|
not_fuzzed_remove_nonasan_configs +=
|
|
[ "//build/config/sanitizers:default_sanitizer_flags" ]
|
|
|
|
assert(not_fuzzed_remove_nonasan_configs == not_fuzzed_remove_configs)
|
|
}
|
|
}
|
|
}
|