• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2014 The Chromium Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import("//build/config/clang/clang.gni")
6import("//build/config/ohos/config.gni")
7import("//build/config/sanitizers/sanitizers.gni")
8import("//build/misc/overrides/build.gni")
9import("//build/ohos_var.gni")
10import("//build/toolchain/toolchain.gni")
11
12# Contains the dependencies needed for sanitizers to link into executables and
13# shared_libraries.
14group("deps") {
15  if (using_sanitizer && !is_mingw) {
16    public_configs = [
17      ":sanitizer_options_link_helper",
18
19      # Even when a target removes default_sanitizer_flags, it may be depending
20      # on a library that did not remove default_sanitizer_flags. Thus, we need
21      # to add the ldflags here as well as in default_sanitizer_flags.
22      ":default_sanitizer_ldflags",
23    ]
24    if (use_musl) {
25      public_configs -= [ ":sanitizer_options_link_helper" ]
26      public_configs -= [ ":default_sanitizer_ldflags" ]
27    }
28    deps = [ ":options_sources" ]
29    if (is_win) {
30      exe = ".exe"
31    } else {
32      exe = ""
33    }
34    data = [
35      "//tools/valgrind/asan/",
36      "$clang_base_path/bin/llvm-symbolizer${exe}",
37    ]
38    if (use_prebuilt_instrumented_libraries ||
39        use_locally_built_instrumented_libraries) {
40      deps += [ "//third_party/instrumented_libraries:deps" ]
41    }
42
43    # ASAN is supported on iOS but the runtime library depends on the compiler
44    # used (Chromium version of clang versus Xcode version of clang). Only copy
45    # the ASAN runtime on iOS if building with Chromium clang.
46    if (is_win || is_mac || !use_xcode_clang) {
47      data_deps = [ ":copy_asan_runtime" ]
48    }
49    if (is_mac || !use_xcode_clang) {
50      public_deps = [ ":asan_runtime_bundle_data" ]
51    }
52  }
53}
54
55if ((is_mac || is_win || !use_xcode_clang || is_ohos) && using_sanitizer) {
56  if (is_mac) {
57    _clang_rt_dso_path = "darwin/libclang_rt.asan_osx_dynamic.dylib"
58  } else if (is_win && target_cpu == "x86") {
59    _clang_rt_dso_path = "windows/clang_rt.asan_dynamic-i386.dll"
60  } else if (is_win && target_cpu == "x64") {
61    _clang_rt_dso_path = "windows/clang_rt.asan_dynamic-x86_64.dll"
62  } else if (is_ohos) {
63    if (target_cpu == "arm64") {
64      _clang_rt_dso_path = "aarch64-linux-ohos/libclang_rt.asan.so"
65    } else if (target_cpu == "arm") {
66      _clang_rt_dso_path = "arm-linux-ohos/libclang_rt.asan.so"
67    } else if (target_cpu == "x86_64") {
68      _clang_rt_dso_path = "x86_64-linux-ohos/libclang_rt.asan.so"
69    }
70  }
71
72  _clang_rt_dso_full_path =
73      "$clang_base_path/lib/clang/$clang_version/lib/$_clang_rt_dso_path"
74
75  copy("copy_asan_runtime") {
76    sources = [ _clang_rt_dso_full_path ]
77    outputs = [ "$root_out_dir/{{source_file_part}}" ]
78  }
79
80  if (is_mac || !use_xcode_clang) {
81    bundle_data("asan_runtime_bundle_data") {
82      sources = get_target_outputs(":copy_asan_runtime")
83      outputs = [ "{{bundle_executable_dir}}/{{source_file_part}}" ]
84      public_deps = [ ":copy_asan_runtime" ]
85    }
86  }
87}
88
89config("sanitizer_options_link_helper") {
90  if (is_mac) {
91    ldflags = [ "-Wl,-U,_sanitizer_options_link_helper" ]
92  } else if (!is_win && !is_mingw) {
93    ldflags = [ "-Wl,-u_sanitizer_options_link_helper" ]
94  }
95}
96
97static_library("options_sources") {
98  # This is a static_library instead of a source_set, as it shouldn't be
99  # unconditionally linked into targets.
100  visibility = [
101    ":deps",
102    "//:gn_visibility",
103  ]
104  sources = [ "//build/misc/sanitizers/sanitizer_options.cc" ]
105
106  # Don't compile this target with any sanitizer code. It can be called from
107  # the sanitizer runtimes, so instrumenting these functions could cause
108  # recursive calls into the runtime if there is an error.
109  configs -= [ "//build/config/sanitizers:default_sanitizer_flags" ]
110
111  if (is_asan) {
112    if (!defined(asan_suppressions_file)) {
113      asan_suppressions_file = "//build/misc/sanitizers/asan_suppressions.cc"
114    }
115    sources += [ asan_suppressions_file ]
116  }
117
118  if (is_lsan) {
119    if (!defined(lsan_suppressions_file)) {
120      lsan_suppressions_file = "//build/misc/sanitizers/lsan_suppressions.cc"
121    }
122    sources += [ lsan_suppressions_file ]
123  }
124
125  if (is_tsan) {
126    if (!defined(tsan_suppressions_file)) {
127      tsan_suppressions_file = "//build/misc/sanitizers/tsan_suppressions.cc"
128    }
129    sources += [ tsan_suppressions_file ]
130  }
131}
132
133# Applies linker flags necessary when either :deps or :default_sanitizer_flags
134# are used.
135config("default_sanitizer_ldflags") {
136  visibility = [
137    ":default_sanitizer_flags",
138    ":deps",
139  ]
140
141  if (is_posix && !is_mingw) {
142    ldflags = []
143    if (is_asan) {
144      if (!use_musl) {
145        ldflags += [ "-fsanitize=address" ]
146      }
147      if (is_mac) {
148        # https://crbug.com/708707
149        ldflags += [ "-fno-sanitize-address-use-after-scope" ]
150      } else {
151        ldflags += [ "-fsanitize-address-use-after-scope" ]
152      }
153      ldflags += [ "-fsanitize-recover=address" ]
154    }
155    if (is_lsan) {
156      ldflags += [ "-fsanitize=leak" ]
157    }
158    if (is_tsan) {
159      ldflags += [ "-fsanitize=thread" ]
160    }
161    if (is_msan) {
162      ldflags += [ "-fsanitize=memory" ]
163    }
164    if (is_ubsan || is_ubsan_security) {
165      ldflags += [ "-fsanitize=undefined" ]
166    }
167    if (is_ubsan_null) {
168      ldflags += [ "-fsanitize=null" ]
169    }
170    if (is_ubsan_vptr) {
171      ldflags += [ "-fsanitize=vptr" ]
172    }
173    if (is_safestack) {
174      ldflags += [ "-fsanitize=safe-stack" ]
175    }
176
177    if (use_sanitizer_coverage) {
178      if (use_libfuzzer && !is_mac) {
179        ldflags += [ "-fsanitize=fuzzer-no-link" ]
180        fuzzer_lib_path = rebase_path(
181                "$clang_base_path/lib/clang/$clang_version/lib/$abi_target/libclang_rt.fuzzer_no_main.a",
182                root_build_dir)
183        ldflags += [
184          "-Wl,--whole-archive",
185          "$fuzzer_lib_path",
186          "-Wl,--no-whole-archive",
187        ]
188      } else {
189        ldflags += [ "-fsanitize-coverage=$sanitizer_coverage_flags" ]
190      }
191    }
192
193    if (is_cfi && current_toolchain == default_toolchain) {
194      ldflags += [ "-fsanitize=cfi-vcall" ]
195      if (use_cfi_cast) {
196        ldflags += [
197          "-fsanitize=cfi-derived-cast",
198          "-fsanitize=cfi-unrelated-cast",
199        ]
200      }
201      if (use_cfi_icall) {
202        ldflags += [ "-fsanitize=cfi-icall" ]
203      }
204      if (use_cfi_diag) {
205        ldflags += [ "-fno-sanitize-trap=cfi" ]
206        if (use_cfi_recover) {
207          ldflags += [ "-fsanitize-recover=cfi" ]
208        }
209      }
210    }
211  } else if (is_win) {
212    # Windows directly calls link.exe instead of the compiler driver when
213    # linking.  Hence, pass the runtime libraries instead of -fsanitize=address
214    # or -fsanitize=fuzzer.
215    if (is_asan && is_component_build) {
216      # In the static-library build, ASan libraries are different for
217      # executables and dlls, see link_executable and link_shared_library below.
218      # This here handles only the component build.
219      if (target_cpu == "x64") {
220        # Windows 64-bit.
221        libs = [
222          "clang_rt.asan_dynamic-x86_64.lib",
223          "clang_rt.asan_dynamic_runtime_thunk-x86_64.lib",
224        ]
225      } else {
226        assert(target_cpu == "x86", "WinASan unsupported architecture")
227        libs = [
228          "clang_rt.asan_dynamic-i386.lib",
229          "clang_rt.asan_dynamic_runtime_thunk-i386.lib",
230        ]
231      }
232    }
233    if (use_libfuzzer) {
234      assert(target_cpu == "x64", "LibFuzzer unsupported architecture")
235      assert(!is_component_build,
236             "LibFuzzer only supports non-component builds on Windows")
237
238      # Incremental linking causes padding that messes up SanitizerCoverage.
239      # Don't do it.
240      ldflags = [ "/INCREMENTAL:NO" ]
241      libs = [ "clang_rt.fuzzer_no_main-x86_64.lib" ]
242    }
243  }
244}
245
246config("common_sanitizer_flags") {
247  cflags = []
248
249  if (using_sanitizer && !is_mingw) {
250    assert(is_clang, "sanitizers only supported with clang")
251    assert(!is_official_build, "sanitizers not supported in official builds")
252
253    cflags += [
254      # Column info in debug data confuses Visual Studio's debugger, so don't
255      # use this by default.  However, clusterfuzz needs it for good
256      # attribution of reports to CLs, so turn it on there.
257      "-gcolumn-info",
258    ]
259
260    # Frame pointers are controlled in //build/config/compiler:default_stack_frames
261  }
262}
263
264config("asan_flags") {
265  cflags = []
266  if (is_asan && !is_mingw) {
267    cflags += [ "-fsanitize=address" ]
268    if (!is_mac) {
269      cflags += [ "-fsanitize-address-use-after-scope" ]
270    } else {
271      # https://crbug.com/708707
272      cflags += [ "-fno-sanitize-address-use-after-scope" ]
273    }
274    if (!asan_globals) {
275      cflags += [
276        "-mllvm",
277        "-asan-globals=0",
278      ]
279    }
280    cflags += [ "-fsanitize-recover=address" ]
281  }
282}
283
284config("link_executable") {
285  if (is_asan && is_win && !is_component_build) {
286    if (target_cpu == "x64") {
287      ldflags = [ "-wholearchive:clang_rt.asan-x86_64.lib" ]
288    } else {
289      assert(target_cpu == "x86", "WinASan unsupported architecture")
290      ldflags = [ "-wholearchive:clang_rt.asan-i386.lib" ]
291    }
292  } else if (is_asan && is_ohos) {
293    libs = [ "$_clang_rt_dso_full_path" ]
294    if (target_cpu == "arm") {
295      ldflags = [ "-Wl,--dynamic-linker=/lib/ld-musl-arm-asan.so.1" ]
296    } else if (target_cpu == "arm64") {
297      ldflags = [ "-Wl,--dynamic-linker=/lib/ld-musl-aarch64-asan.so.1" ]
298    }
299  }
300}
301
302config("link_shared_library") {
303  if (is_asan && is_win && !is_component_build) {
304    if (target_cpu == "x64") {
305      libs = [ "clang_rt.asan_dll_thunk-x86_64.lib" ]
306    } else {
307      assert(target_cpu == "x86", "WinASan unsupported architecture")
308      libs = [ "clang_rt.asan_dll_thunk-i386.lib" ]
309    }
310  } else if (is_asan && is_ohos) {
311    libs = [ "$_clang_rt_dso_full_path" ]
312  }
313}
314
315config("cfi_flags") {
316  cflags = []
317  if (is_cfi && current_toolchain == default_toolchain) {
318    if (!defined(cfi_blocklist_path)) {
319      cfi_blocklist_path =
320          rebase_path("//tools/cfi/blocklist.txt", root_build_dir)
321    }
322    cflags += [
323      "-fsanitize=cfi-vcall",
324      "-fsanitize-blacklist=$cfi_blocklist_path",
325    ]
326
327    if (use_cfi_cast) {
328      cflags += [
329        "-fsanitize=cfi-derived-cast",
330        "-fsanitize=cfi-unrelated-cast",
331      ]
332    }
333
334    if (use_cfi_icall) {
335      cflags += [ "-fsanitize=cfi-icall" ]
336    }
337
338    if (use_cfi_diag) {
339      cflags += [ "-fno-sanitize-trap=cfi" ]
340      if (is_win) {
341        cflags += [
342          "/Oy-",
343          "/Ob0",
344        ]
345      } else {
346        cflags += [
347          "-fno-inline-functions",
348          "-fno-inline",
349          "-fno-omit-frame-pointer",
350          "-O1",
351        ]
352      }
353      if (use_cfi_recover) {
354        cflags += [ "-fsanitize-recover=cfi" ]
355      }
356    }
357  }
358}
359
360# crbug.com/785442: Fix cfi-icall failures for code that casts pointer argument
361# types in function pointer type signatures.
362config("cfi_icall_generalize_pointers") {
363  if (is_clang && is_cfi && use_cfi_icall) {
364    cflags = [ "-fsanitize-cfi-icall-generalize-pointers" ]
365  }
366}
367
368config("cfi_icall_disable") {
369  if (is_clang && is_cfi && use_cfi_icall) {
370    cflags = [ "-fno-sanitize=cfi-icall" ]
371  }
372}
373
374config("coverage_flags") {
375  cflags = []
376  if (use_sanitizer_coverage) {
377    # Used by sandboxing code to allow coverage dump to be written on the disk.
378    defines = [ "SANITIZER_COVERAGE" ]
379
380    if (use_libfuzzer && !is_mac) {
381      # Adding -fsanitize=fuzzer-no-link will add -fsanitize-coverage=inline-8bit-counters,
382      # indirect-calls, trace-cmp, pc-table
383      cflags += [ "-fsanitize=fuzzer-no-link" ]
384    } else {
385      cflags += [
386        "-fsanitize-coverage=$sanitizer_coverage_flags",
387        "-mllvm",
388        "-sanitizer-coverage-prune-blocks=1",
389      ]
390      if (current_cpu == "arm") {
391        # http://crbug.com/517105
392        cflags += [
393          "-mllvm",
394          "-sanitizer-coverage-block-threshold=0",
395        ]
396      }
397    }
398  }
399}
400
401config("lsan_flags") {
402  if (is_lsan) {
403    cflags = [ "-fsanitize=leak" ]
404  }
405}
406
407config("msan_flags") {
408  if (is_msan) {
409    assert(is_linux, "msan only supported on linux x86_64")
410    if (!defined(msan_blocklist_path)) {
411      msan_blocklist_path =
412          rebase_path("//tools/msan/blocklist.txt", root_build_dir)
413    }
414    cflags = [
415      "-fsanitize=memory",
416      "-fsanitize-memory-track-origins=$msan_track_origins",
417      "-fsanitize-blacklist=$msan_blocklist_path",
418    ]
419  }
420}
421
422config("safestack_flags") {
423  if (is_safestack) {
424    cflags = [ "-fsanitize=safe-stack" ]
425  }
426}
427
428config("tsan_flags") {
429  if (is_tsan) {
430    assert(is_linux, "tsan only supported on linux x86_64")
431    if (!defined(tsan_blocklist_path)) {
432      tsan_blocklist_path =
433          rebase_path("//tools/memory/tsan_v2/ignores.txt", root_build_dir)
434    }
435    cflags = [
436      "-fsanitize=thread",
437      "-fsanitize-blacklist=$tsan_blocklist_path",
438    ]
439  }
440}
441
442config("ubsan_flags") {
443  cflags = []
444  if (is_ubsan) {
445    if (!defined(ubsan_blocklist_path)) {
446      ubsan_blocklist_path =
447          rebase_path("//tools/ubsan/blocklist.txt", root_build_dir)
448    }
449    cflags += [
450      # Yasm dies with an "Illegal instruction" error when bounds checking is
451      # enabled. See http://crbug.com/489901
452      # "-fsanitize=bounds",
453      "-fsanitize=float-divide-by-zero",
454      "-fsanitize=integer-divide-by-zero",
455      "-fsanitize=null",
456      "-fsanitize=object-size",
457      "-fsanitize=pointer-overflow",
458      "-fsanitize=return",
459      "-fsanitize=returns-nonnull-attribute",
460      "-fsanitize=shift-exponent",
461      "-fsanitize=signed-integer-overflow",
462      "-fsanitize=unreachable",
463      "-fsanitize=vla-bound",
464      "-fsanitize-blacklist=$ubsan_blocklist_path",
465    ]
466
467    # Chromecast ubsan builds fail to compile with these
468    # experimental flags, so only add them to non-chromecast ubsan builds.
469    if (!is_chromecast) {
470      cflags += [
471        # Employ the experimental PBQP register allocator to avoid slow
472        # compilation on files with too many basic blocks.
473        # See http://crbug.com/426271.
474        "-mllvm",
475        "-regalloc=pbqp",
476
477        # Speculatively use coalescing to slightly improve the code generated
478        # by PBQP regallocator. May increase compile time.
479        "-mllvm",
480        "-pbqp-coalescing",
481      ]
482    }
483  }
484}
485
486config("ubsan_no_recover") {
487  if (is_ubsan_no_recover) {
488    cflags = [ "-fno-sanitize-recover=undefined" ]
489  }
490}
491
492config("ubsan_security_flags") {
493  if (is_ubsan_security) {
494    if (!defined(ubsan_security_blocklist_path)) {
495      ubsan_security_blocklist_path =
496          rebase_path("//tools/ubsan/security_blocklist.txt", root_build_dir)
497    }
498    cflags = [
499      "-fsanitize=function",
500      "-fsanitize=pointer-overflow",
501      "-fsanitize=shift",
502      "-fsanitize=signed-integer-overflow",
503      "-fsanitize=vla-bound",
504      "-fsanitize=vptr",
505      "-fsanitize-blacklist=$ubsan_security_blocklist_path",
506    ]
507  }
508}
509
510config("ubsan_null_flags") {
511  if (is_ubsan_null) {
512    cflags = [ "-fsanitize=null" ]
513  }
514}
515
516config("ubsan_vptr_flags") {
517  if (is_ubsan_vptr) {
518    if (!defined(ubsan_vptr_blocklist_path)) {
519      ubsan_vptr_blocklist_path =
520          rebase_path("//tools/ubsan/vptr_blocklist.txt", root_build_dir)
521    }
522    cflags = [
523      "-fsanitize=vptr",
524      "-fsanitize-blacklist=$ubsan_vptr_blocklist_path",
525    ]
526  }
527}
528
529config("fuzzing_build_mode") {
530  if (use_fuzzing_engine && optimize_for_fuzzing) {
531    defines = [ "FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" ]
532  }
533}
534
535all_sanitizer_configs = [
536  ":common_sanitizer_flags",
537  ":coverage_flags",
538  ":default_sanitizer_ldflags",
539  ":asan_flags",
540  ":cfi_flags",
541  ":lsan_flags",
542  ":msan_flags",
543  ":safestack_flags",
544  ":tsan_flags",
545  ":ubsan_flags",
546  ":ubsan_no_recover",
547  ":ubsan_null_flags",
548  ":ubsan_security_flags",
549  ":ubsan_vptr_flags",
550  ":fuzzing_build_mode",
551]
552
553# This config is applied by default to all targets. It sets the compiler flags
554# for sanitizer usage, or, if no sanitizer is set, does nothing.
555#
556# This needs to be in a separate config so that targets can opt out of
557# sanitizers (by removing the config) if they desire. Even if a target
558# removes this config, executables & shared libraries should still depend on
559# :deps if any of their dependencies have not opted out of sanitizers.
560# Keep this list in sync with default_sanitizer_flags_but_ubsan_vptr.
561config("default_sanitizer_flags") {
562  configs = all_sanitizer_configs
563}
564
565# This config is equivalent to default_sanitizer_flags, but excludes ubsan_vptr.
566# This allows to selectively disable ubsan_vptr, when needed. In particular,
567# if some third_party code is required to be compiled without rtti, which
568# is a requirement for ubsan_vptr.
569config("default_sanitizer_flags_but_ubsan_vptr") {
570  configs = all_sanitizer_configs - [ ":ubsan_vptr_flags" ]
571}
572
573config("default_sanitizer_flags_but_coverage") {
574  configs = all_sanitizer_configs - [ ":coverage_flags" ]
575}
576
577# This config is used by parts of code that aren't targeted in fuzzers and
578# therefore don't need coverage instrumentation and possibly won't need
579# sanitizer instrumentation either. The config also tells the compiler to
580# perform additional optimizations on the configured code and ensures that
581# linking it to the rest of the binary which is instrumented with sanitizers
582# works. The config only does anything if the build is a fuzzing build.
583config("not_fuzzed") {
584  if (use_fuzzing_engine) {
585    # Since we aren't instrumenting with coverage, code size is less of a
586    # concern, so use a more aggressive optimization level than
587    # optimize_for_fuzzing (-O1). When given multiple optimization flags, clang
588    # obeys the last one, so as long as this flag comes after -O1, it should work.
589    # Since this config will always be depended on after
590    # "//build/config/compiler:default_optimization" (which adds -O1 when
591    # optimize_for_fuzzing is true), -O2 should always be the second flag. Even
592    # though this sounds fragile, it isn't a big deal if it breaks, since proto
593    # fuzzers will still work, they will just be slightly slower.
594    cflags = [ "-O2" ]
595
596    # We need to include this config when we remove default_sanitizer_flags or
597    # else there will be linking errors. We would remove default_sanitizer_flags
598    # here as well, but gn doesn't permit this.
599    if (!is_msan) {
600      # We don't actually remove sanitization when MSan is being used so there
601      # is no need to add default_sanitizer_ldflags in that case
602      configs = [ ":default_sanitizer_ldflags" ]
603    }
604  }
605}
606
607config("sanitizer_trap_all_flags") {
608  cflags = [
609    "-fsanitize-trap=all",
610    "-ftrap-function=abort",
611  ]
612  ldflags = cflags
613}
614
615# By default, cfi is in release mode
616config("cfi_config_release") {
617  _cfi_blocklist_path = "//build/config/sanitizers/cfi_blocklist.txt"
618
619  configs = [ "//build/config/gcc:symbol_visibility_default" ]
620  cflags = [
621    "-flto",
622    "-fsanitize=cfi",
623    "-fsanitize-blacklist=" + rebase_path(_cfi_blocklist_path, root_build_dir),
624  ]
625
626  # Remove some platforms because version-script is only meaningful for elf platform that support shared libraries.
627  # Add a cfi version script to ensure cfi related symbols can be exported.
628  if (!is_mac && !is_win && !is_mingw) {
629    _cfi_version_script =
630        rebase_path("//build/config/sanitizers/cfi.versionscript")
631    ldflags = [ "-Wl,--version-script=${_cfi_version_script}" ]
632  }
633}
634
635# Debug mode, add no-trap and recover options over release mode
636config("cfi_config_debug") {
637  configs = [ ":cfi_config_release" ]
638  cflags = [
639    "-fno-sanitize-trap=cfi",
640    "-fsanitize-recover=cfi,undefined",
641  ]
642}
643
644config("cfi_cross_dso_release") {
645  configs = [ ":cfi_config_release" ]
646  cflags = [ "-fsanitize-cfi-cross-dso" ]
647  ldflags = [
648    "-flto",
649    "-fsanitize=cfi",
650    "-fsanitize-cfi-cross-dso",
651  ]
652}
653
654config("cfi_cross_dso_debug") {
655  configs = [ ":cfi_cross_dso_release" ]
656  cflags = [
657    "-fno-sanitize-trap=cfi",
658    "-fsanitize-recover=cfi,undefined",
659  ]
660  ldflags = cflags
661}
662
663config("shadow_call_stack_config") {
664  if (target_cpu == "arm64") {
665    cflags = [
666      # See https://clang.llvm.org/docs/ShadowCallStack.html
667      "-fsanitize=shadow-call-stack",
668    ]
669    ldflags = cflags
670    configs = [ ":sanitizer_trap_all_flags" ]
671  }
672}
673
674template("config_plus_compiler_rt") {
675  forward_variables_from(invoker, [ "compiler_rt_shared_lib_names" ])
676  not_needed([ "compiler_rt_shared_lib_names" ])
677
678  _clang_rt_dso_paths = []
679  if ((host_os == "linux" || host_os == "mac") && target_os == "ohos" &&
680      !is_mingw && is_ohos) {
681    _dso_names = []
682    foreach(dso_name, compiler_rt_shared_lib_names) {
683      # Add runtime shared library support
684      _dso_names += [ "${abi_target}/libclang_rt.${dso_name}.so" ]
685    }
686
687    foreach(rt_lib, _dso_names) {
688      _clang_rt_dso_paths += [ "$clang_lib_base_path/${rt_lib}" ]
689    }
690  }
691
692  config(target_name) {
693    forward_variables_from(invoker,
694                           [
695                             "cflags",
696                             "cflags_cc",
697                             "asmflags",
698                             "ldflags",
699                             "libs",
700                             "configs",
701                           ])
702
703    # Link library by its fullpath
704    if (defined(libs)) {
705      libs += _clang_rt_dso_paths
706    } else {
707      libs = _clang_rt_dso_paths
708    }
709  }
710}
711
712config_plus_compiler_rt("scudo_config") {
713  cflags = [ "-fsanitize=scudo" ]
714  configs = [ ":sanitizer_trap_all_flags" ]
715  compiler_rt_shared_lib_names = [ "scudo_minimal" ]
716}
717
718config("all_undefined_behavior_sanitize_config_release") {
719  cflags = [
720    "-fsanitize=undefined",
721    "-fno-sanitize-trap=integer,undefined",
722    "-fno-sanitize-recover=integer,undefined",
723  ]
724}
725
726config("all_undefined_behavior_sanitize_config_debug") {
727  cflags = [
728    "-fsanitize=undefined",
729    "-fno-sanitize-trap=integer,undefined",
730    "-fsanitize-recover=integer,undefined",
731  ]
732}
733
734config("undefined_behavior_sanitize_config_release") {
735  cflags = [
736    "-fsanitize=bool,integer-divide-by-zero,return,returns-nonnull-attribute,shift-exponent,unreachable,vla-bound",
737    "-fno-sanitize-trap=integer,undefined",
738    "-fno-sanitize-recover=integer,undefined",
739    "-fno-sanitize=implicit-integer-sign-change",
740  ]
741}
742
743config("undefined_behavior_sanitize_config_debug") {
744  cflags = [
745    "-fsanitize=bool,integer-divide-by-zero,return,returns-nonnull-attribute,shift-exponent,unreachable,vla-bound",
746    "-fno-sanitize-trap=integer,undefined",
747    "-fsanitize-recover=integer,undefined",
748    "-fno-sanitize=implicit-integer-sign-change",
749  ]
750}
751
752config("boundary_sanitize_config_release") {
753  cflags = [
754    "-fsanitize=bounds",
755    "-fno-sanitize-trap=integer,undefined",
756    "-fno-sanitize-recover=integer,undefined",
757    "-fno-sanitize=implicit-integer-sign-change",
758  ]
759}
760
761config("boundary_sanitize_config_debug") {
762  cflags = [
763    "-fsanitize=bounds",
764    "-fno-sanitize-trap=integer,undefined",
765    "-fsanitize-recover=integer,undefined",
766    "-fno-sanitize=implicit-integer-sign-change",
767  ]
768}
769
770config("common_integer_overflow_config_release") {
771  _integer_overflow_blocklist = "./integer_overflow_blocklist.txt"
772  cflags = [
773    "-fsanitize-blacklist=" +
774        rebase_path(_integer_overflow_blocklist, root_build_dir),
775    "-fno-sanitize-trap=integer,undefined",
776    "-fno-sanitize-recover=integer,undefined",
777  ]
778}
779
780config("common_integer_overflow_config_debug") {
781  _integer_overflow_blocklist = "./integer_overflow_blocklist.txt"
782  cflags = [
783    "-fsanitize-blacklist=" +
784        rebase_path(_integer_overflow_blocklist, root_build_dir),
785    "-fno-sanitize-trap=integer,undefined",
786    "-fsanitize-recover=integer,undefined",
787  ]
788}
789
790config("signed_integer_overflow_config") {
791  cflags = [ "-fsanitize=signed-integer-overflow" ]
792}
793
794config("unsigned_integer_overflow_config") {
795  cflags = [ "-fsanitize=unsigned-integer-overflow" ]
796}
797
798config_plus_compiler_rt("compiler_rt_debug") {
799  compiler_rt_shared_lib_names = [ "ubsan_standalone" ]
800}
801
802config_plus_compiler_rt("compiler_rt_release") {
803  cflags = [ "-fsanitize-minimal-runtime" ]
804  compiler_rt_shared_lib_names = [ "ubsan_minimal" ]
805}
806