Blacklist base::VectorBuffer for CFI checking

The conversion from an uninitialized void* to a T* triggers CFI, but this
is as-designed (the caller of VectorBuffer, in this case circular_deque,
is responsible for calling placement new and delete on this buffer).

Change-Id: I375800df238f2a077720e7d73c35a2e9140f91de
Reviewed-on: https://chromium-review.googlesource.com/627017Reviewed-by: Peter Collingbourne <pcc@chromium.org>
Commit-Queue: Brett Wilson <brettw@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496508}

base/containers/vector_buffer.h

@@ -38,9 +38,16 @@ template <typename T>
 class VectorBuffer {
  public:
   VectorBuffer() {}
+
+#if defined(__clang__) && !defined(__native_client__)
+  // This constructor converts an uninitialized void* to a T* which triggers
+  // clang Control Flow Integrity. Since this is as-designed, disable.
+  __attribute__((no_sanitize("cfi-unrelated-cast", "vptr")))
+#endif
   VectorBuffer(size_t count)
       : buffer_(reinterpret_cast<T*>(malloc(sizeof(T) * count))),
-        capacity_(count) {}
+        capacity_(count) {
+  }
   VectorBuffer(VectorBuffer&& other) noexcept
       : buffer_(other.buffer_), capacity_(other.capacity_) {
     other.buffer_ = nullptr;