• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2015 The Chromium Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5declare_args() {
6  # Compile for Address Sanitizer to find memory bugs.
7  is_asan = false
8
9  # Compile for Leak Sanitizer to find leaks.
10  is_lsan = false
11
12  # Compile for Memory Sanitizer to find uninitialized reads.
13  is_msan = false
14
15  # Compile for Thread Sanitizer to find threading bugs.
16  is_tsan = false
17
18  # Compile for Undefined Behaviour Sanitizer to find various types of
19  # undefined behaviour (excludes vptr checks).
20  is_ubsan = false
21
22  # Halt the program if a problem is detected.
23  is_ubsan_no_recover = false
24
25  # Compile for Undefined Behaviour Sanitizer's vptr checks.
26  is_ubsan_vptr = false
27
28  # Track where uninitialized memory originates from. From fastest to slowest:
29  # 0 - no tracking, 1 - track only the initial allocation site, 2 - track the
30  # chain of stores leading from allocation site to use site.
31  msan_track_origins = 2
32
33  # Use dynamic libraries instrumented by one of the sanitizers instead of the
34  # standard system libraries. Set this flag to download prebuilt binaries from
35  # GCS.
36  use_prebuilt_instrumented_libraries = false
37
38  # Enable building with SyzyAsan which can find certain types of memory
39  # errors. Only works on Windows. See
40  # https://github.com/google/syzygy/wiki/SyzyASanHowTo
41  is_syzyasan = false
42
43  # Compile with Control Flow Integrity to protect virtual calls and casts.
44  # See http://clang.llvm.org/docs/ControlFlowIntegrity.html
45  #
46  # TODO(pcc): Remove this flag if/when CFI is enabled in official builds.
47  is_cfi = false
48
49  # By default, Control Flow Integrity will crash the program if it detects a
50  # violation. Set this to true to print detailed diagnostics instead.
51  use_cfi_diag = false
52
53  # Compile for fuzzing with LLVM LibFuzzer.
54  # See http://www.chromium.org/developers/testing/libfuzzer
55  use_libfuzzer = false
56
57  # Enables core ubsan security features. Will later be removed once it matches
58  # is_ubsan.
59  is_ubsan_security = false
60
61  # Compile for fuzzing with Dr. Fuzz
62  # See http://www.chromium.org/developers/testing/dr-fuzz
63  use_drfuzz = false
64
65  # Helper variable for testing builds with disabled libfuzzer.
66  # Not for client use.
67  disable_libfuzzer = false
68
69  # Value for -fsanitize-coverage flag. Setting this causes
70  # use_sanitizer_coverage to be enabled.
71  # Default value when unset and use_sanitizer_coverage=true:
72  #     edge,indirect-calls,8bit-counters
73  sanitizer_coverage_flags = ""
74}
75
76# Args that are in turn dependent on other args must be in a separate
77# declare_args block. User overrides are only applied at the end of a
78# declare_args block.
79declare_args() {
80  # Use libc++ (buildtools/third_party/libc++ and
81  # buildtools/third_party/libc++abi) instead of stdlibc++ as standard library.
82  # This is intended to be used for instrumented builds.
83  use_custom_libcxx = (is_asan && is_linux) || is_tsan || is_msan || is_ubsan ||
84                      is_ubsan_security || use_libfuzzer
85
86  # Enable -fsanitize-coverage.
87  use_sanitizer_coverage = use_libfuzzer || sanitizer_coverage_flags != ""
88}
89
90if (use_sanitizer_coverage && sanitizer_coverage_flags == "") {
91  sanitizer_coverage_flags = "edge,indirect-calls,8bit-counters"
92}
93
94using_sanitizer = is_asan || is_lsan || is_tsan || is_msan || is_ubsan ||
95                  is_ubsan_vptr || is_ubsan_security
96
97assert(!using_sanitizer || is_clang,
98       "Sanitizers (is_*san) require setting is_clang = true in 'gn args'")
99
100# MSan only links Chrome properly in release builds (brettw -- 9/1/2015). The
101# same is possibly true for the other non-ASan sanitizers. But regardless of
102# whether it links, one would normally never run a sanitizer in debug mode.
103# Running in debug mode probably indicates you forgot to set the "is_debug =
104# false" flag in the build args. ASan seems to run fine in debug mode.
105#
106# If you find a use-case where you want to compile a sanitizer in debug mode
107# and have verified it works, ask brettw and we can consider removing it from
108# this condition. We may also be able to find another way to enable your case
109# without having people accidentally get broken builds by compiling an
110# unsupported or unadvisable configurations.
111#
112# For one-off testing, just comment this assertion out.
113assert(
114    !is_debug || !(is_msan || is_lsan || is_tsan || is_ubsan || is_ubsan_vptr),
115    "Sanitizers should generally be used in release (set is_debug=false).")
116