GN: Add an explicit gn arg for recovery in CFI

build/config/sanitizers/sanitizers.gni

Index: build/config/sanitizers/sanitizers.gni
diff --git a/build/config/sanitizers/sanitizers.gni b/build/config/sanitizers/sanitizers.gni
index 17f4d9633f0e141f84c0dfe130de02982e79dead..f6cdef3f19d00f8f754e6ef2f7c334a86e469542 100644
--- a/build/config/sanitizers/sanitizers.gni
+++ b/build/config/sanitizers/sanitizers.gni
@@ -67,10 +67,13 @@ declare_args() {
   # https://crbug.com/701919
   use_cfi_icall = false
 
-  # By default, Control Flow Integrity will crash the program if it detects a
-  # violation. Set this to true to print detailed diagnostics instead.
+  # Print detailed diagnostics when Control Flow Integrity detects a violation.
   use_cfi_diag = false
 
+  # Let Control Flow Integrity continue execution instead of crashing when
+  # printing diagnostics (use_cfi_diag = true).
+  use_cfi_recover = false
+
   # Compile for fuzzing with LLVM LibFuzzer.
   # See http://www.chromium.org/developers/testing/libfuzzer
   use_libfuzzer = false
@@ -122,6 +125,7 @@ if (current_toolchain != default_toolchain) {
   sanitizer_coverage_flags = ""
   use_afl = false
   use_cfi_diag = false
+  use_cfi_recover = false
   use_custom_libcxx = false
   use_drfuzz = false
   use_libfuzzer = false
@@ -201,3 +205,8 @@ assert(!is_msan || (is_linux && current_cpu == "x64"),
 # allocation functions is hard on Windows and not yet implemented in LLVM.
 assert(!is_win || !is_debug || !is_asan,
        "ASan on Windows doesn't work in debug (set is_debug=false).")
+
+# Make sure that if we recover on detection (i.e. not crash), diagnostics are
+# printed.
+assert(!use_cfi_recover || use_cfi_diag,
+       "Only use CFI recovery together with diagnostics.")