Support for -mbranch-protection on aarch64.
I am not much knowledgeable about PAC and would otherwise leave this to somebody else.
Since this is a compile-time check, are we supposed to provide 2 builds of tsan runtime after this change? If yes, should this also include some cmake changes?
Yeah, I would go further: the instructions are hints and no-ops, can't they always be used? Though it would need a mechanism to disable it by default: I see PAC_FLAG is based on the new PAC/BTI feature macros; we'd want to disable this for darwin.
I'm not familiar with the contract around the GNU property and the CFI info and all that, so maybe there's some complication there.