-
Notifications
You must be signed in to change notification settings - Fork 38
/
Copy pathSanitizers.xcconfig
118 lines (88 loc) · 6.68 KB
/
Sanitizers.xcconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
// Copyright (C) 2023-2024 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
// 1. Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in the
// documentation and/or other materials provided with the distribution.
//
// THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
// PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
// CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
// EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
// OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// This configures any WebKit project to build with clang sanitizers simply
// by setting ENABLE_*_SANITIZER Xcode variables to YES during a build.
// Requires SDKVariant.xcconfig.
WK_SANITIZER_GCC_OPTIMIZATION_LEVEL = $(WK_SANITIZER_GCC_OPTIMIZATION_LEVEL_$(CONFIGURATION));
WK_SANITIZER_GCC_OPTIMIZATION_LEVEL_Debug = 0;
WK_SANITIZER_GCC_OPTIMIZATION_LEVEL_Production = 1;
WK_SANITIZER_GCC_OPTIMIZATION_LEVEL_Release = 1;
WK_SANITIZER_OTHER_CFLAGS = $(WK_ANY_SANITIZER_CFLAGS_$(WK_ANY_SANITIZER_ENABLED)) $(WK_ADDRESS_SANITIZER_OTHER_CFLAGS_$(ENABLE_ADDRESS_SANITIZER)) $(WK_UNDEFINED_BEHAVIOR_SANITIZER_OTHER_CFLAGS_$(ENABLE_UNDEFINED_BEHAVIOR_SANITIZER)) $(WK_FUZZILLI_OTHER_CFLAGS_$(ENABLE_FUZZILLI)) $(WK_LIBFUZZER_OTHER_CFLAGS_$(ENABLE_LIBFUZZER));
WK_SANITIZER_OTHER_CPLUSPLUSFLAGS = $(WK_ADDRESS_SANITIZER_OTHER_CPLUSPLUSFLAGS_$(ENABLE_ADDRESS_SANITIZER));
WK_SANITIZER_OTHER_LDFLAGS = $(WK_ANY_SANITIZER_LDFLAGS_$(WK_ANY_SANITIZER_ENABLED)) $(WK_ADDRESS_SANITIZER_OTHER_LDFLAGS_$(ENABLE_ADDRESS_SANITIZER)) $(WK_FUZZILLI_OTHER_LDFLAGS_$(ENABLE_FUZZILLI)) $(WK_LIBFUZZER_OTHER_LDFLAGS_$(ENABLE_LIBFUZZER));
WK_SANITIZER_OTHER_TAPI_FLAGS = $(WK_SANITIZER_OTHER_TAPI_FLAGS_ASAN_$(ENABLE_ADDRESS_SANITIZER)) $(WK_SANITIZER_OTHER_TAPI_FLAGS_LIBFUZZER_$(ENABLE_LIBFUZZER)) $(WK_SANITIZER_OTHER_TAPI_FLAGS_TSAN_$(ENABLE_THREAD_SANITIZER)) $(WK_SANITIZER_OTHER_TAPI_FLAGS_UBSAN_$(ENABLE_UNDEFINED_BEHAVIOR_SANITIZER));
WK_SANITIZER_OTHER_TAPI_FLAGS_ASAN_YES = -Xparser -fsanitize=address;
WK_SANITIZER_OTHER_TAPI_FLAGS_LIBFUZZER_YES = -Xparser -fsanitize=fuzzer;
WK_SANITIZER_OTHER_TAPI_FLAGS_TSAN_YES = -Xparser -fsanitize=thread;
WK_SANITIZER_OTHER_TAPI_FLAGS_UBSAN_YES = -Xparser -fsanitize=undefined;
WK_SANITIZER_WARNING_CFLAGS = $(WK_STATIC_ANALYZER_WARNING_CFLAGS_$(RUN_CLANG_STATIC_ANALYZER));
// All Sanitizers
// FIXME: Tell Xcode not to compile host-side tools with sanitizers enabled (see <rdar://99386433>).
// Workaround is to use `WK_SANITIZER_DISALLOWED = YES`.
WK_ANY_SANITIZER_ENABLED = $(WK_AND_$(WK_OR_$(ENABLE_ADDRESS_SANITIZER)_$(WK_OR_$(ENABLE_THREAD_SANITIZER)_$(WK_OR_$(ENABLE_UNDEFINED_BEHAVIOR_SANITIZER)_$(ENABLE_LIBFUZZER))))_$(WK_NOT_$(WK_SANITIZER_DISALLOWED)));
// -DRELEASE_WITHOUT_OPTIMIZATIONS is from <wtf/Compiler.h>.
WK_ANY_SANITIZER_CFLAGS_YES = -DRELEASE_WITHOUT_OPTIMIZATIONS -fno-omit-frame-pointer -g;
// Workaround for <rdar://problem/49498092>.
WK_ANY_SANITIZER_LDFLAGS_YES = -Wl,-rpath,@executable_path/Frameworks;
// Address Sanitizer
// Add -fsanitize-address-use-after-return=never to disable ASan's "fake stack" to fix JSC garbage collection.
WK_ADDRESS_SANITIZER_OTHER_CFLAGS_YES = -fsanitize-address-use-after-return=never $(WK_NEEDS_ASAN_USE_AFTER_SCOPE_WORKAROUND_FOR_$(PRODUCT_NAME)_$(WK_NEEDS_ASAN_USE_AFTER_SCOPE_WORKAROUND));
WK_ADDRESS_SANITIZER_OTHER_LDFLAGS_YES = -fsanitize-address-use-after-return=never;
WK_ADDRESS_SANITIZER_OTHER_CPLUSPLUSFLAGS_YES = -U_LIBCPP_HAS_NO_ASAN;
// Workaround ASan false positive in certain Xcode versions: <https://bugs.webkit.org/show_bug.cgi?id=236001>.
WK_NEEDS_ASAN_USE_AFTER_SCOPE_WORKAROUND_FOR_bmalloc_YES = -DWK_WORKAROUND_RDAR_87613908_ASAN_STACK_USE_AFTER_SCOPE;
WK_NEEDS_ASAN_USE_AFTER_SCOPE_WORKAROUND = $(WK_NOT_$(WK_OR_$(WK_XCODE_VERSION_BEFORE_13_3_$(XCODE_VERSION_MAJOR))_$(WK_XCODE_VERSION_AFTER_13_3_$(XCODE_VERSION_MAJOR))));
WK_XCODE_VERSION_BEFORE_13_3_0800 = YES;
WK_XCODE_VERSION_BEFORE_13_3_0900 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1000 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1100 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1200 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1300 = $(WK_XCODE_VERSION_BEFORE_13_3_1300_$(XCODE_VERSION_MINOR));
WK_XCODE_VERSION_BEFORE_13_3_1300_1300 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1300_1310 = YES;
WK_XCODE_VERSION_BEFORE_13_3_1300_1320 = YES;
WK_XCODE_VERSION_AFTER_13_3_1400 = YES;
WK_XCODE_VERSION_AFTER_13_3_1500 = YES;
WK_XCODE_VERSION_AFTER_13_3_1600 = YES;
WK_XCODE_VERSION_AFTER_13_3_1700 = YES;
// Undefined Behavior Sanitizer
// FIXME: <rdar://105760852> Tune list of Undefined Behavior (UBSan) checkers
// FIXME: UBSan checker -fsanitize=vptr is incompatible with GCC_ENABLE_CPP_RTTI=NO.
// -fno-delete-null-pointer-checks: do not let the compiler remove nullptr checks that could otherwise be removed because they are considered undefined behavior.
// -fno-optimize-sibling-calls: disable tail call elimination for more accurate crash stacks.
WK_UNDEFINED_BEHAVIOR_SANITIZER_OTHER_CFLAGS_YES = -fno-delete-null-pointer-checks -fno-optimize-sibling-calls -fno-sanitize=vptr -fsanitize=enum,local-bounds,return;
// Sanitizer Coverage
WK_SANITIZER_COVERAGE = $(WK_SANITIZER_COVERAGE_FUZZILLI_$(ENABLE_FUZZILLI));
WK_SANITIZER_COVERAGE_FUZZILLI_ = inline-8bit-counters,trace-cmp;
WK_SANITIZER_COVERAGE_FUZZILLI_NO = $(WK_SANITIZER_COVERAGE_FUZZILLI_);
WK_SANITIZER_COVERAGE_FUZZILLI_YES = trace-pc-guard;
WK_SANITIZER_COVERAGE_OTHER_FLAGS = -fsanitize-coverage=$(WK_SANITIZER_COVERAGE);
// LibFuzzer
WK_LIBFUZZER_OTHER_CFLAGS_YES = $(WK_SANITIZER_COVERAGE_OTHER_FLAGS) -Wno-error -DENABLE_LIBFUZZER=1;
WK_LIBFUZZER_OTHER_LDFLAGS_YES = $(WK_SANITIZER_COVERAGE_OTHER_FLAGS);
// Fuzzilli for JavaScriptCore
WK_FUZZILLI_OTHER_CFLAGS_YES = $(WK_SANITIZER_COVERAGE_OTHER_FLAGS) -DENABLE_FUZZILLI=1;
WK_FUZZILLI_OTHER_LDFLAGS_YES = $(WK_SANITIZER_COVERAGE_OTHER_FLAGS);
// Clang Static Analyzer
// FIXME: Remove -Wno-elaborated-enum-base once <rdar://121475724> is resolved.
WK_STATIC_ANALYZER_WARNING_CFLAGS_YES = -Wno-elaborated-enum-base;