Bug 1465549 Enable -fsanitize=cfi-icall on the LTO build
MozReview-Commit-ID: 2n5ze5ha694
new file mode 100644
--- /dev/null
+++ b/build/build-clang/alias.patch
@@ -0,0 +1,16 @@
+Index: lib/Transforms/IPO/LowerTypeTests.cpp
+===================================================================
+--- a/llvm/lib/Transforms/IPO/LowerTypeTests.cpp (revision 332262)
++++ b/llvm/lib/Transforms/IPO/LowerTypeTests.cpp (working copy)
+@@ -1716,6 +1716,11 @@
+ F->clearMetadata();
+ }
+
++ // Update the linkage for extern_weak declarations when a definition
++ // exists.
++ if (Linkage == CFL_Definition && F->hasExternalWeakLinkage())
++ F->setLinkage(GlobalValue::ExternalLinkage);
++
+ // If the function in the full LTO module is a declaration, replace its
+ // type metadata with the type metadata we found in cfi.functions. That
+ // metadata is presumed to be more accurate than the metadata attached
--- a/build/build-clang/clang-6-linux64.json
+++ b/build/build-clang/clang-6-linux64.json
@@ -1,20 +1,20 @@
{
- "llvm_revision": "326563",
+ "llvm_revision": "334637",
"stages": "3",
"build_libcxx": true,
"build_type": "Release",
"assertions": false,
- "llvm_repo": "https://llvm.org/svn/llvm-project/llvm/tags/RELEASE_600/final",
- "clang_repo": "https://llvm.org/svn/llvm-project/cfe/tags/RELEASE_600/final",
- "lld_repo": "https://llvm.org/svn/llvm-project/lld/tags/RELEASE_600/final",
- "compiler_repo": "https://llvm.org/svn/llvm-project/compiler-rt/tags/RELEASE_600/final",
- "libcxx_repo": "https://llvm.org/svn/llvm-project/libcxx/tags/RELEASE_600/final",
- "libcxxabi_repo": "https://llvm.org/svn/llvm-project/libcxxabi/tags/RELEASE_600/final",
+ "llvm_repo": "https://llvm.org/svn/llvm-project/llvm/trunk",
+ "clang_repo": "https://llvm.org/svn/llvm-project/cfe/trunk",
+ "lld_repo": "https://llvm.org/svn/llvm-project/lld/trunk",
+ "compiler_repo": "https://llvm.org/svn/llvm-project/compiler-rt/trunk",
+ "libcxx_repo": "https://llvm.org/svn/llvm-project/libcxx/trunk",
+ "libcxxabi_repo": "https://llvm.org/svn/llvm-project/libcxxabi/trunk",
"python_path": "/usr/bin/python2.7",
"gcc_dir": "/builds/worker/workspace/build/src/gcc",
"cc": "/builds/worker/workspace/build/src/gcc/bin/gcc",
"cxx": "/builds/worker/workspace/build/src/gcc/bin/g++",
"as": "/builds/worker/workspace/build/src/gcc/bin/gcc",
"patches": [
"find_symbolizer_linux.patch"
]
old mode 100755
new mode 100644
--- a/build/moz.configure/toolchain.configure
+++ b/build/moz.configure/toolchain.configure
@@ -1337,16 +1337,26 @@ def lto(value, c_compiler):
if len(value) and value[0].lower() == 'full':
flags.append("-flto")
ldflags.append("-flto")
elif value:
flags.append("-flto=thin")
ldflags.append("-flto=thin")
+ flags.append("-fsanitize=cfi-icall")
+ flags.append("-fsanitize-cfi-icall-generalize-pointers")
+ flags.append("-fno-sanitize-trap=cfi")
+ flags.append("-fsanitize-recover=cfi")
+
+ ldflags.append("-fsanitize=cfi-icall")
+ ldflags.append("-fsanitize-cfi-icall-generalize-pointers")
+ ldflags.append("-fno-sanitize-trap=cfi")
+ ldflags.append("-fsanitize-recover=cfi")
+
# gcc and other compilers
elif value:
num_cores = multiprocessing.cpu_count()
flags.append("-flto")
flags.append("-flifetime-dse=1")
ldflags.append("-flto=%s" % num_cores)
ldflags.append("-flifetime-dse=1")
--- a/config/rules.mk
+++ b/config/rules.mk
@@ -912,17 +912,17 @@ ifneq (WINNT,$(OS_ARCH))
# some crates's build scripts (!), so disable it for now.
ifndef MOZ_ASAN
ifndef MOZ_TSAN
# Cargo needs the same linker flags as the C/C++ compiler,
# but not the final libraries. Filter those out because they
# cause problems on macOS 10.7; see bug 1365993 for details.
# Also, we don't want to pass PGO flags until cargo supports them.
target_cargo_env_vars := \
- MOZ_CARGO_WRAP_LDFLAGS="$(filter-out -framework Cocoa -lobjc AudioToolbox ExceptionHandling -fprofile-%,$(LDFLAGS))" \
+ MOZ_CARGO_WRAP_LDFLAGS="$(filter-out -fsanitize=cfi% -framework Cocoa -lobjc AudioToolbox ExceptionHandling -fprofile-%,$(LDFLAGS))" \
MOZ_CARGO_WRAP_LD="$(CC)" \
$(cargo_linker_env_var)=$(topsrcdir)/build/cargo-linker
endif # MOZ_TSAN
endif # MOZ_ASAN
endif # ifneq WINNT
ifdef RUST_LIBRARY_FILE
