bitcoin-core: Enable libc++ "Debug" hardening mode #11725
Conversation
|
hebasto is a new contributor to projects/bitcoin-core. The PR must be approved by known contributors before it can be merged. The past contributors are: fanquake, guidovranken, dergoegge, maflcko, achow101 |
|
Seems fine, looking at the CI output. Previously: https://github.com/google/oss-fuzz/actions/runs/7656996295/job/20866632302#step:7:9774 |
|
@fanquake Any objections? |
|
Seems fine as long as we still have LTO. Although not sure if the flags will make any difference here? given builds are with libc++, and the LLVM debug mode wont work as-is as far as I'm aware (It's also the legacy mode). |
|
Right, |
There was a problem hiding this comment.
Based on the comments in the PR I'm not entirely sure if the Bitcoin maintainers would like to see this merged? @maflcko
|
I think it is fine, but let's wait for clang-18-trunk, so that it can be tested :) |
If Clang is bumped to 18 then bitcoin/bitcoin#29781 will also be needed, as the current macro will still be a no-op. |
5efebc0 depends: add the new LLVM debug macro (fanquake) Pull request description: `LIBCXX_HARDENING_MODE` is the new macro, the previous one was removed in LLVM 18. See https://libcxx.llvm.org/Hardening.html. Required before google/oss-fuzz#11725 will do anything (with the bump to 18.x). Seems reasonable to do now that almost all our test infra is using LLVM 18. ACKs for top commit: theuni: ACK 5efebc0 Tree-SHA512: 43078eeb5940c55ef4f95c72682f8a372dcd3eb97956b3114149c16d9f59b067a999b2aab7f34ffb57eab191524514408e2bba154ff4a6ea0cd6ec4d119c5d18
|
This should be good to go now. Please merge or rebase with master. |
hebasto
force-pushed
the
240324-cppflags
branch
from
c011cc1 to
09f783a
Compare
Rebased. |
|
The added comment says we aren't using CPPFLAGS, but then a few lines down we do use it. Given we established the other flags mentioned in your PR description don't actually matter (could also be re-written now that it's outdated), why not just put |
hebasto
changed the title
linux_debug_CPPFLAGS in depends
Thanks! Reworked. |
|
@DavidKorczynski this is ready for merge |
|
cc @DavidKorczynski . Anything left to do here for this project patch? |
|
Apologies for the delay! Will land this once the CI is green! |
5efebc0 depends: add the new LLVM debug macro (fanquake) Pull request description: `LIBCXX_HARDENING_MODE` is the new macro, the previous one was removed in LLVM 18. See https://libcxx.llvm.org/Hardening.html. Required before google/oss-fuzz#11725 will do anything (with the bump to 18.x). Seems reasonable to do now that almost all our test infra is using LLVM 18. ACKs for top commit: theuni: ACK 5efebc0 Tree-SHA512: 43078eeb5940c55ef4f95c72682f8a372dcd3eb97956b3114149c16d9f59b067a999b2aab7f34ffb57eab191524514408e2bba154ff4a6ea0cd6ec4d119c5d18
5efebc0 depends: add the new LLVM debug macro (fanquake) Pull request description: `LIBCXX_HARDENING_MODE` is the new macro, the previous one was removed in LLVM 18. See https://libcxx.llvm.org/Hardening.html. Required before google/oss-fuzz#11725 will do anything (with the bump to 18.x). Seems reasonable to do now that almost all our test infra is using LLVM 18. ACKs for top commit: theuni: ACK 5efebc0 Tree-SHA512: 43078eeb5940c55ef4f95c72682f8a372dcd3eb97956b3114149c16d9f59b067a999b2aab7f34ffb57eab191524514408e2bba154ff4a6ea0cd6ec4d119c5d18
This PR enables libc++ "Debug" hardening mode.
See #11725 (comment).