This is an archive of the discontinued LLVM Phabricator instance.

Differential D158823

[libc++][hardening] Add back the safe mode.
ClosedPublic

Authored by var-const on Aug 25 2023, 1:22 AM.

Details

Reviewers
jdoerfert
ldionne
Group Reviewers
Restricted Project
Commits
rGb85e1862c119: [libc++][hardening] Add back the safe mode.
Summary

The safe mode is in-between the hardened and the debug modes, extending
the checks contained in the hardened mode with certain checks that are
relatively cheap and prevent common sources of errors but aren't
security-critical. Thus, the safe mode trades off some performance for
a wider set of checks, but unlike the debug mode, it can still be used
in production.

Diff Detail

Event Timeline

var-const created this revision.Aug 25 2023, 1:22 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 25 2023, 1:22 AM
Harbormaster completed remote builds in B254830: Diff 553406.Aug 25 2023, 1:31 AM
ldionne published this revision for review.Aug 25 2023, 12:56 PM
ldionne added subscribers: thakis, ldionne.
ldionne added inline comments.
libcxx/CMakeLists.txt
51

We need tests.

53

@thakis We brainstormed on some names here:

_LIBCPP_ENABLE_HARDENED_PLUS_MODE
_LIBCPP_ENABLE_EXTENDED_HARDENED_MODE
_LIBCPP_ENABLE_STRONG_HARDENED_MODE
_LIBCPP_ENABLE_STRICT_MODE
_LIBCPP_ENABLE_PARANOID_MODE
_LIBCPP_ENABLE_FORTIFIED_MODE
_LIBCPP_ENABLE_SAFE_MODE

Do you have any thoughts? Our thoughts so far:

HARDENED_PLUS, EXTENDED_HARDENED, STRONG_HARDENED // those are kind of heavyweight names
PARANOID // has negative connotation and doesn't make it clear whether it is stronger than DEBUG
STRICT // could be confused with the notion of not having non-standard extensions
FORTIFIED // not clear whether it is stronger than HARDENED or not
SAFE // our current preference

In fact, before LLVM 17 we had something called the SAFE mode, and I think what we discovered with Chromium's use case is that it still had its place. Hence, I think what we should do is call this the SAFE mode, backport this change, and rework the way we announced our 17 release notes not to say that we "replaced' the safe mode, but instead that we added new modes and that we changed how the safe mode is enabled. This is IMO a superior design and a superior way of rolling it out based on our experience so far.

libcxx/include/__algorithm/three_way_comp_ref_type.h
53 ↗(On Diff #553406)

I think this should be a separate (almost NFC) patch. There might be more of those, we should fix all.

Herald added a reviewer: jdoerfert. · View Herald TranscriptAug 25 2023, 12:56 PM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: libcxx-commits, jplehr, sstefan1. · View Herald Transcript
Herald added a reviewer: Restricted Project. · View Herald TranscriptAug 25 2023, 12:56 PM
AdvenamTacet added a subscriber: AdvenamTacet.Aug 27 2023, 8:46 PM
var-const updated this revision to Diff 553866.Aug 28 2023, 2:07 AM

Address feedback:

  • "hardened-plus" -> "safe";
  • add tests.
Herald added subscribers: arphaman, arichardson. · View Herald TranscriptAug 28 2023, 2:07 AM
var-const retitled this revision from DRAFT [libc++][hardening] Add the hardened-plus mode. to [libc++][hardening] Add back the safe mode..Aug 28 2023, 2:08 AM
var-const edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B255173: Diff 553866.Aug 28 2023, 2:13 AM
var-const marked 2 inline comments as done.Aug 28 2023, 2:15 AM
var-const added inline comments.
libcxx/include/__algorithm/three_way_comp_ref_type.h
53 ↗(On Diff #553406)

https://reviews.llvm.org/D158970

var-const updated this revision to Diff 553870.Aug 28 2023, 2:17 AM
var-const marked an inline comment as done.

Fix formatting and rebase.

var-const updated this revision to Diff 553874.Aug 28 2023, 2:33 AM

Add a note about the deprecated macro.

var-const mentioned this in D154997: [libc++][hardening] Deprecate `_LIBCPP_ENABLE_ASSERTIONS`..Aug 28 2023, 2:37 AM
Harbormaster completed remote builds in B255178: Diff 553874.Aug 28 2023, 6:34 AM
ldionne added inline comments.Aug 28 2023, 7:44 AM
libcxx/docs/Hardening.rst
58
libcxx/docs/ReleaseNotes/17.rst
104–105
104–105

We should replace all these references to libcxx/docs/Hardening.rst by an internal link to the rst page so that people can actually click on it.

114–115
libcxx/include/__config
281–286

No strong preference, but we could also do #if HARDENED_MODE + SAFE_MODE + DEBUG_MODE > 1.

libcxx/test/libcxx/assertions/modes/debug_mode_disabled_in_tu.pass.cpp
11–13

I don't really understand this REQUIRES anymore. Can you explain?

Mordante added a subscriber: Mordante.Aug 28 2023, 8:38 AM
Mordante added inline comments.
libcxx/cmake/caches/Generic-safe-mode.cmake
2

I really would like to enable modules in this build too. Maybe it would be better to do in a followup when we want to backport this.

libcxx/utils/ci/buildkite-pipeline.yml
508–509
libcxx/utils/libcxx/test/params.py
304–306

I start to feel slightly uncomfortable with these names. To me they are not very descriptive and they are now 4 options. I don't directly have better suggestions, but I think we should spend a bit of time on this.

For example, which is more expensive "safe" or "hardened"?

ldionne added inline comments.Aug 28 2023, 8:58 AM
libcxx/CMakeLists.txt
53

@Mordante Those are the other names we considered.

libcxx/utils/libcxx/test/params.py
304–306

I agree, this is definitely not perfect. This is user facing too, so we need to find something good.

We thought that safe was good given that it is the name we used for this mode historically (in LLVM 15 and LLVM 16). We also thought that it was "reasonably" clear that it was more expensive than hardened, but maybe it isn't. I'll CC you on the comment above that discusses naming.

Mordante added inline comments.Aug 28 2023, 9:38 AM
libcxx/CMakeLists.txt
53

Thanks. If this list SAFE sounds the best to me too.

libcxx/utils/libcxx/test/params.py
304–306

Thanks. As said I don't have a better suggestion either.

crtrott added a subscriber: crtrott.Aug 28 2023, 9:50 AM

I believe this 3-level thing is in general a good idea, and in principle the words "hardened < safe < debug" fell ok-ish to me in terms of expectations how much gets checked.
However, in light of a 3-level mode I may want to rethink for example the asserts in mdspan, and tailor better what is enabled in hardened, vs safe mode. I think the current choices were good in a binary world, in this more nuanced approach I am not sure.

Mordante added inline comments.Aug 28 2023, 10:02 AM
libcxx/utils/libcxx/test/params.py
304–306

I agree, this is definitely not perfect. This is user facing too, so we need to find something good.

We thought that safe was good given that it is the name we used for this mode historically (in LLVM 15 and LLVM 16). We also thought that it was "reasonably" clear that it was more expensive than hardened, but maybe it isn't. I'll CC you on the comment above that discusses naming.

Based on this information and Discord I think we should go with safe. I still think it's not great, but it's consistent with what we did in the past.

var-const updated this revision to Diff 554126.Aug 28 2023, 5:51 PM
var-const marked 10 inline comments as done.

Address feedback

var-const added a comment.Aug 28 2023, 5:51 PM
In D158823#4621784, @crtrott wrote:

I believe this 3-level thing is in general a good idea, and in principle the words "hardened < safe < debug" fell ok-ish to me in terms of expectations how much gets checked.
However, in light of a 3-level mode I may want to rethink for example the asserts in mdspan, and tailor better what is enabled in hardened, vs safe mode. I think the current choices were good in a binary world, in this more nuanced approach I am not sure.

Thanks a lot for your comments! Re. mdspan -- IIRC, we classified most of the assertions in mdspan as valid-element-access, which would enable them in all modes. The only exceptions are:

  • layout_left/right::mapping checks -- IMO those should be enabled in the safe mode;
  • mdspan: size() is not representable as size_type -- I also think this should be on in the safe mode.

(FWIW, my current informal criteria for the safe mode is "any check as long as it's for UB triggered by user input and not too expensive". With that mindset, none of the checks I remember in mdspan strike me as debug-only -- i.e., all of them make sense in the safe mode as well)

libcxx/CMakeLists.txt
53

@Mordante Thank you for the feedback! We spent quite a bit of time on this but unfortunately I don't have a "slam dunk" suggestion. FWIW, I'll outline my reasoning:

  • The first presumption is that we'd rather keep the current naming of "hardened" and "debug" (debug in particular seems like a good descriptive name);
  • In that case, the new mode would be in-between "hardened" and "debug" modes, and two broad alternatives are to either call it the "hardened-something" mode (to stress that it's an extension of the hardened mode, e.g. "hardened extended mode") or by a single unrelated word. The former approach seemed to produce heavyweight, cumbersome names. The problem with the latter approach is that it's hard to find a single word that makes it obvious that this mode provides more guarantees than the hardened mode.
  • My preference for "safe" is partially because it focuses on the (desired) result, not how it is achieved (I think that "hardened" vs "safe" is a little like "optimized" vs "fast"), but in large part because we already have shipped the "safe" mode. I honestly doubt it's possible to find a single word that would unambiguously convey that this mode is stronger than the hardened mode, but "safe" has precedent in its favor, so to speak.
libcxx/docs/ReleaseNotes/17.rst
114–115

Applied (with a few tweaks, please let me know if they look reasonable to you).

libcxx/include/__config
281–286

Thanks! I think it's better (I don't really expect another mode at this point, but if that ever happens, the new form of this check is much easier to modify).

libcxx/utils/libcxx/test/params.py
304–306

(I'm marking these comments as "Done" just so that we can keep this conversation in one thread)

Harbormaster completed remote builds in B255365: Diff 554126.Aug 28 2023, 6:59 PM
var-const updated this revision to Diff 554178.Aug 28 2023, 10:14 PM

Address feedback and rebase.

var-const added inline comments.Aug 28 2023, 10:15 PM
libcxx/cmake/caches/Generic-safe-mode.cmake
2

Thanks! I'll do it in a follow-up like you suggest.

libcxx/include/__config
281–286

Update: unfortunately, with this approach the error is also triggered when setting one of the macros to a bad value (e.g. 2). Reverted to the previous state.

libcxx/test/libcxx/assertions/modes/debug_mode_disabled_in_tu.pass.cpp
11–13

If another hardening mode is enabled (e.g. the safe mode), the assertions will still fire -- basically, we would end up in a situation where _LIBCPP_ENABLE_DEBUG_MODE is 0 but _LIBCPP_ENABLE_SAFE_MODE is 1.

(I changed the assertion type from "uncategorized" to "valid-element-access", btw -- thanks for calling out this test!)

var-const marked 3 inline comments as done.Aug 28 2023, 10:20 PM
var-const added inline comments.
libcxx/cmake/caches/Generic-safe-mode.cmake
2

(https://reviews.llvm.org/D159065)

var-const added a comment.Aug 28 2023, 10:27 PM

@thakis It would be awesome if you could take a look at this patch and see if naming and the approach make sense for Chromium's use case. Thanks!

Harbormaster completed remote builds in B255413: Diff 554178.Aug 28 2023, 11:52 PM
thakis added a comment.Aug 29 2023, 8:09 AM

This looks perfect for us, thanks!

libcxx/CMakeLists.txt
53

As long as it's documented, any of those work for me. Naming tends to be a bikeshed. Here's some more ideas (for the cmake arg), but go with what you like best:

some, most, debug
safe, strict, debug
basic, thorough, debug
minimal, robust, debug
fast, conservative, debug

i.e. maybe renaming the "hardened" level could make the progression clearer. If you want to keep "hardened" as base level, maybe "thorough" or "conservative" are still contenders. But as I said, I don't mind "safe".

libcxx/include/__config
313

TODO when? After a security review of these asserts? Something else? Do you have a rough time frame when this might happen?

ldionne added inline comments.Aug 29 2023, 1:01 PM
libcxx/docs/ReleaseNotes/17.rst
89–90

I would prefer removing this release note entirely. It is misleading, I don't know why I added it in the first place. OOB checks in iterators for string_view require an ABI flag, which needs to be set by vendors. This is not interesting to point out in our release notes IMO.

libcxx/include/__config
225–226
313

IMO this TODO is not necessary. We know we want to remove _LIBCPP_ASSERT_UNCATEGORIZED anyway so it would become moot.

libcxx/test/libcxx/algorithms/alg.sorting/assert.min.max.pass.cpp
13
libcxx/test/libcxx/assertions/modes/debug_mode_disabled_in_tu.pass.cpp
1

For another patch: we need to add tests that ensure that we can enable/disable the various hardening modes on a per-TU basis even if the default configured mode is another mode. For example, configure the library w/ the hardened mode by default, but enable the safe or debug mode inside a single TU via the user macros.

Or the other way around: enable safe mode by default via vendor but enable the hardened mode via users: the result should be that the safe mode set-by-default is disabled and the hardened mode selected by the user is enabled.

Potential way to achieve this?

#if _LIBCPP_ENABLE_HARDENED_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENED
#elif _LIBCPP_ENABLE_SAFE_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_SAFE
#elif _LIBCPP_ENABLE_DEBUG_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_DEBUG
#endif

#define _LIBCPP_UNCHECKED 31
#define _LIBCPP_HARDENED 32
#define _LIBCPP_SAFE 33
#define _LIBCPP_DEBUG 34

#ifndef _LIBCPP_SELECT_HARDENING_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENING_MODE_DEFAULT /* from __config_site */
#endif

_LIBCPP_SELECT_HARDENING_MODE would be internal-only, unless we want to migrate our users again in the next release :/

And if we want to make _LIBCPP_SELECT_HARDENING_MODE user-visible without migrating our users, we could probably do something like:

#ifndef _LIBCPP_SELECT_HARDENING_MODE
#  if _LIBCPP_ENABLE_HARDENED_MODE
#    define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENED
#  elif [...]
#  endif
#endif
9

This comment is misleading otherwise.

11–13

IMO this should be REQUIRES: libcpp-hardening-mode=debug since the test is basically meaningless in unchecked mode.

libcxx/test/libcxx/assertions/modes/debug_mode_enabled_in_tu.pass.cpp
23

UNCATEGORIZED?

var-const updated this revision to Diff 554540.Aug 29 2023, 6:07 PM
var-const marked 6 inline comments as done.

Address feedback

var-const marked 2 inline comments as done.Aug 29 2023, 6:08 PM
var-const added inline comments.
libcxx/include/__config
313

@thakis I certainly want to do this before the next release (i.e., LLVM 18), and ideally even earlier. And yes, that would include a security review.

libcxx/test/libcxx/algorithms/alg.sorting/assert.min.max.pass.cpp
13

Thanks!

Harbormaster completed remote builds in B255662: Diff 554540.Aug 29 2023, 8:22 PM
var-const marked an inline comment as done.Aug 31 2023, 10:20 PM
var-const marked an inline comment as done.Sep 5 2023, 12:10 PM
var-const added inline comments.
libcxx/docs/ReleaseNotes/17.rst
89–90

Addressed in https://reviews.llvm.org/D159171

var-const marked an inline comment as done.Sep 5 2023, 12:10 PM
ldionne accepted this revision.Sep 5 2023, 12:13 PM
This revision is now accepted and ready to land.Sep 5 2023, 12:13 PM
ldionne added a comment.Sep 5 2023, 12:13 PM

CI issues are flakes, this should be good to go.

ldionne added inline comments.Sep 5 2023, 12:17 PM
libcxx/docs/ReleaseNotes/17.rst
82

Note that this patch needs to be rebased on top of another patch that brings the release notes between LLVM 17 and main back into sync.

var-const updated this revision to Diff 556294.Sep 8 2023, 11:46 AM

Rebase

var-const marked an inline comment as done.Sep 8 2023, 11:47 AM
var-const added inline comments.
libcxx/docs/ReleaseNotes/17.rst
82

Rebased on top of https://reviews.llvm.org/D159454..

var-const marked an inline comment as done.Sep 8 2023, 11:48 AM
var-const updated this revision to Diff 556295.Sep 8 2023, 11:56 AM

Fix up the release notes

ldionne accepted this revision.Sep 8 2023, 12:08 PM

LGTM with green CI.

Harbormaster completed remote builds in B256887: Diff 556295.Sep 8 2023, 1:31 PM
var-const updated this revision to Diff 556305.Sep 8 2023, 2:55 PM

Fix the CI.

Harbormaster completed remote builds in B256894: Diff 556305.Sep 8 2023, 4:31 PM
Closed by commit rGb85e1862c119: [libc++][hardening] Add back the safe mode. (authored by var-const). · Explain WhySep 12 2023, 12:02 PM
This revision was automatically updated to reflect the committed changes.
var-const added a commit: rGb85e1862c119: [libc++][hardening] Add back the safe mode..

Revision Contents

PathSize
libcxx/
11 lines
cmake/
caches/
1 line
docs/
56 lines
ReleaseNotes/
13 lines
26 lines
7 lines
include/
45 lines
1 line
test/
libcxx/
algorithms/
alg.sorting/
2 lines
assertions/
modes/
4 lines
10 lines
10 lines
4 lines
enabling_assertions_enables_safe_mode.pass.cpp
enabling_assertions_enables_hardened_mode.pass.cpp
8 lines
3 lines
hardened_and_safe_mutually_exclusive.verify.cpp
hardened_and_debug_mutually_exclusive.verify.cpp
7 lines
10 lines
6 lines
4 lines
safe.pass.cpp
debug.pass.cpp
11 lines
safe_and_debug_mutually_exclusive.verify.cpp
hardened_and_debug_mutually_exclusive.verify.cpp
7 lines
safe_mode_disabled_in_tu.pass.cpp
hardened_mode_disabled_in_tu.pass.cpp
12 lines
safe_mode_enabled_in_tu.pass.cpp
hardened_mode_enabled_in_tu.pass.cpp
8 lines
safe_mode_not_1_or_0.verify.cpp
hardened_and_debug_mutually_exclusive.verify.cpp
8 lines
6 lines
containers/
unord/
unord.map/
2 lines
2 lines
2 lines
unord.multimap/
2 lines
2 lines
2 lines
unord.multiset/
2 lines
2 lines
2 lines
unord.set/
2 lines
2 lines
2 lines
views/
mdspan/
layout_left/
2 lines
layout_right/
2 lines
mdspan/
2 lines
experimental/
memory/
memory.polymorphic.allocator.class/
memory.polymorphic.allocator.mem/
2 lines
memory.resource.adaptor/
memory.resource.adaptor.mem/
2 lines
iterators/
2 lines
2 lines
2 lines
ranges/
range.adaptors/
range.drop.while/
2 lines
range.lazy.split/
range.lazy.split.inner/
2 lines
range.lazy.split.outer/
2 lines
range.factories/
range.repeat.view/
2 lines
2 lines
strings/
string.view/
3 lines
2 lines
thread/
futures/
futures.promise/
2 lines
2 lines
thread.barrier/
2 lines
2 lines
thread.latch/
2 lines
2 lines
2 lines
thread.semaphore/
2 lines
2 lines
utilities/
2 lines
std/
algorithms/
alg.sorting/
alg.heap.operations/
pop.heap/
2 lines
2 lines
alg.clamp/
2 lines
utilities/
utility/
utility.unreachable/
2 lines
utils/
ci/
18 lines
6 lines
libcxx/
test/
5 lines

Diff 556602

libcxx/CMakeLists.txt

Show First 20 LinesShow All 42 Lines▼ Show 20 Lines
#=============================================================================== #===============================================================================
# Setup CMake Options # Setup CMake Options
#=============================================================================== #===============================================================================
include(CMakeDependentOption) include(CMakeDependentOption)
include(HandleCompilerRT) include(HandleCompilerRT)
# Basic options --------------------------------------------------------------- # Basic options ---------------------------------------------------------------
option(LIBCXX_ENABLE_SHARED "Build libc++ as a shared library." ON) option(LIBCXX_ENABLE_SHARED "Build libc++ as a shared library." ON)
ldionneUnsubmitted
Done
ReplyInline Actions

We need tests.

ldionne: We need tests.
option(LIBCXX_ENABLE_STATIC "Build libc++ as a static library." ON) option(LIBCXX_ENABLE_STATIC "Build libc++ as a static library." ON)
option(LIBCXX_ENABLE_FILESYSTEM option(LIBCXX_ENABLE_FILESYSTEM
ldionneUnsubmitted
Done
ReplyInline Actions

@thakis We brainstormed on some names here:

_LIBCPP_ENABLE_HARDENED_PLUS_MODE
_LIBCPP_ENABLE_EXTENDED_HARDENED_MODE
_LIBCPP_ENABLE_STRONG_HARDENED_MODE
_LIBCPP_ENABLE_STRICT_MODE
_LIBCPP_ENABLE_PARANOID_MODE
_LIBCPP_ENABLE_FORTIFIED_MODE
_LIBCPP_ENABLE_SAFE_MODE

Do you have any thoughts? Our thoughts so far:

HARDENED_PLUS, EXTENDED_HARDENED, STRONG_HARDENED // those are kind of heavyweight names
PARANOID // has negative connotation and doesn't make it clear whether it is stronger than DEBUG
STRICT // could be confused with the notion of not having non-standard extensions
FORTIFIED // not clear whether it is stronger than HARDENED or not
SAFE // our current preference

In fact, before LLVM 17 we had something called the SAFE mode, and I think what we discovered with Chromium's use case is that it still had its place. Hence, I think what we should do is call this the SAFE mode, backport this change, and rework the way we announced our 17 release notes not to say that we "replaced' the safe mode, but instead that we added new modes and that we changed how the safe mode is enabled. This is IMO a superior design and a superior way of rolling it out based on our experience so far.

ldionne: @thakis We brainstormed on some names here: ``` _LIBCPP_ENABLE_HARDENED_PLUS_MODE…
ldionneUnsubmitted
Done
ReplyInline Actions

@Mordante Those are the other names we considered.

ldionne: @Mordante Those are the other names we considered.
MordanteUnsubmitted
Done
ReplyInline Actions

Thanks. If this list SAFE sounds the best to me too.

Mordante: Thanks. If this list SAFE sounds the best to me too.
var-constAuthorUnsubmitted
Done
ReplyInline Actions

@Mordante Thank you for the feedback! We spent quite a bit of time on this but unfortunately I don't have a "slam dunk" suggestion. FWIW, I'll outline my reasoning:

  • The first presumption is that we'd rather keep the current naming of "hardened" and "debug" (debug in particular seems like a good descriptive name);
  • In that case, the new mode would be in-between "hardened" and "debug" modes, and two broad alternatives are to either call it the "hardened-something" mode (to stress that it's an extension of the hardened mode, e.g. "hardened extended mode") or by a single unrelated word. The former approach seemed to produce heavyweight, cumbersome names. The problem with the latter approach is that it's hard to find a single word that makes it obvious that this mode provides more guarantees than the hardened mode.
  • My preference for "safe" is partially because it focuses on the (desired) result, not how it is achieved (I think that "hardened" vs "safe" is a little like "optimized" vs "fast"), but in large part because we already have shipped the "safe" mode. I honestly doubt it's possible to find a single word that would unambiguously convey that this mode is stronger than the hardened mode, but "safe" has precedent in its favor, so to speak.
var-const: @Mordante Thank you for the feedback! We spent quite a bit of time on this but unfortunately I…
thakisUnsubmitted
Done
ReplyInline Actions

As long as it's documented, any of those work for me. Naming tends to be a bikeshed. Here's some more ideas (for the cmake arg), but go with what you like best:

some, most, debug
safe, strict, debug
basic, thorough, debug
minimal, robust, debug
fast, conservative, debug

i.e. maybe renaming the "hardened" level could make the progression clearer. If you want to keep "hardened" as base level, maybe "thorough" or "conservative" are still contenders. But as I said, I don't mind "safe".

thakis: As long as it's documented, any of those work for me. Naming tends to be a bikeshed. Here's…
"Whether to include support for parts of the library that rely on a filesystem being "Whether to include support for parts of the library that rely on a filesystem being
available on the platform. This includes things like most parts of <filesystem> and available on the platform. This includes things like most parts of <filesystem> and
others like <fstream>" ON) others like <fstream>" ON)
option(LIBCXX_INCLUDE_TESTS "Build the libc++ tests." ${LLVM_INCLUDE_TESTS}) option(LIBCXX_INCLUDE_TESTS "Build the libc++ tests." ${LLVM_INCLUDE_TESTS})
set(LIBCXX_SUPPORTED_HARDENING_MODES unchecked hardened debug) set(LIBCXX_SUPPORTED_HARDENING_MODES unchecked hardened safe debug)
set(LIBCXX_HARDENING_MODE "unchecked" CACHE STRING set(LIBCXX_HARDENING_MODE "unchecked" CACHE STRING
"Specify the default hardening mode to use. This mode will be used inside the "Specify the default hardening mode to use. This mode will be used inside the
compiled library and will be the default when compiling user code. Note that compiled library and will be the default when compiling user code. Note that
users can override this setting in their own code. This does not affect the users can override this setting in their own code. This does not affect the
ABI. Supported values are ${LIBCXX_SUPPORTED_HARDENING_MODES}.") ABI. Supported values are ${LIBCXX_SUPPORTED_HARDENING_MODES}.")
if (NOT "${LIBCXX_HARDENING_MODE}" IN_LIST LIBCXX_SUPPORTED_HARDENING_MODES) if (NOT "${LIBCXX_HARDENING_MODE}" IN_LIST LIBCXX_SUPPORTED_HARDENING_MODES)
message(FATAL_ERROR message(FATAL_ERROR
"Unsupported hardening mode: '${LIBCXX_HARDENING_MODE}'. Supported values are ${LIBCXX_SUPPORTED_HARDENING_MODES}.") "Unsupported hardening mode: '${LIBCXX_HARDENING_MODE}'. Supported values are ${LIBCXX_SUPPORTED_HARDENING_MODES}.")
▲ Show 20 LinesShow All 706 Lines▼ Show 20 Lines
config_define_if_not(LIBCXX_ENABLE_LOCALIZATION _LIBCPP_HAS_NO_LOCALIZATION) config_define_if_not(LIBCXX_ENABLE_LOCALIZATION _LIBCPP_HAS_NO_LOCALIZATION)
config_define_if_not(LIBCXX_ENABLE_UNICODE _LIBCPP_HAS_NO_UNICODE) config_define_if_not(LIBCXX_ENABLE_UNICODE _LIBCPP_HAS_NO_UNICODE)
config_define_if_not(LIBCXX_ENABLE_WIDE_CHARACTERS _LIBCPP_HAS_NO_WIDE_CHARACTERS) config_define_if_not(LIBCXX_ENABLE_WIDE_CHARACTERS _LIBCPP_HAS_NO_WIDE_CHARACTERS)
config_define_if_not(LIBCXX_ENABLE_STD_MODULES _LIBCPP_HAS_NO_STD_MODULES) config_define_if_not(LIBCXX_ENABLE_STD_MODULES _LIBCPP_HAS_NO_STD_MODULES)
config_define_if_not(LIBCXX_ENABLE_TIME_ZONE_DATABASE _LIBCPP_HAS_NO_TIME_ZONE_DATABASE) config_define_if_not(LIBCXX_ENABLE_TIME_ZONE_DATABASE _LIBCPP_HAS_NO_TIME_ZONE_DATABASE)
config_define_if_not(LIBCXX_ENABLE_VENDOR_AVAILABILITY_ANNOTATIONS _LIBCPP_HAS_NO_VENDOR_AVAILABILITY_ANNOTATIONS) config_define_if_not(LIBCXX_ENABLE_VENDOR_AVAILABILITY_ANNOTATIONS _LIBCPP_HAS_NO_VENDOR_AVAILABILITY_ANNOTATIONS)
if (LIBCXX_HARDENING_MODE STREQUAL "hardened") if (LIBCXX_HARDENING_MODE STREQUAL "hardened")
config_define(1 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT) config_define(1 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_SAFE_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT)
elseif (LIBCXX_HARDENING_MODE STREQUAL "safe")
config_define(0 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT)
config_define(1 _LIBCPP_ENABLE_SAFE_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT) config_define(0 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT)
elseif (LIBCXX_HARDENING_MODE STREQUAL "debug") elseif (LIBCXX_HARDENING_MODE STREQUAL "debug")
config_define(0 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT) config_define(0 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_SAFE_MODE_DEFAULT)
config_define(1 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT) config_define(1 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT)
elseif (LIBCXX_HARDENING_MODE STREQUAL "unchecked") elseif (LIBCXX_HARDENING_MODE STREQUAL "unchecked")
config_define(0 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT) config_define(0 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_SAFE_MODE_DEFAULT)
config_define(0 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT) config_define(0 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT)
endif() endif()
# TODO(LLVM 19): Remove this after branching for LLVM 18, this is a simple # TODO(LLVM 19): Remove this after branching for LLVM 18, this is a simple
# courtesy for vendors to be notified about this change. # courtesy for vendors to be notified about this change.
if (LIBCXX_ENABLE_ASSERTIONS) if (LIBCXX_ENABLE_ASSERTIONS)
message(FATAL_ERROR "LIBCXX_ENABLE_ASSERTIONS has been replaced by LIBCXX_HARDENING_MODE=hardened") message(FATAL_ERROR "LIBCXX_ENABLE_ASSERTIONS has been replaced by LIBCXX_HARDENING_MODE=safe")
endif() endif()
if (LIBCXX_PSTL_CPU_BACKEND STREQUAL "serial") if (LIBCXX_PSTL_CPU_BACKEND STREQUAL "serial")
config_define(1 _LIBCPP_PSTL_CPU_BACKEND_SERIAL) config_define(1 _LIBCPP_PSTL_CPU_BACKEND_SERIAL)
elseif(LIBCXX_PSTL_CPU_BACKEND STREQUAL "std_thread") elseif(LIBCXX_PSTL_CPU_BACKEND STREQUAL "std_thread")
config_define(1 _LIBCPP_PSTL_CPU_BACKEND_THREAD) config_define(1 _LIBCPP_PSTL_CPU_BACKEND_THREAD)
elseif(LIBCXX_PSTL_CPU_BACKEND STREQUAL "libdispatch") elseif(LIBCXX_PSTL_CPU_BACKEND STREQUAL "libdispatch")
config_define(1 _LIBCPP_PSTL_CPU_BACKEND_LIBDISPATCH) config_define(1 _LIBCPP_PSTL_CPU_BACKEND_LIBDISPATCH)
▲ Show 20 LinesShow All 85 LinesShow Last 20 Lines

libcxx/cmake/caches/Generic-safe-mode.cmake

  • This file was added.
set(LIBCXX_HARDENING_MODE "safe" CACHE STRING "")
MordanteUnsubmitted
Done
ReplyInline Actions
+ set(LIBCXX_ENABLE_STD_MODULES ON CACHE BOOL "") # TODO MODULES Remove when enabled automatically.
set(LIBCXX_HARDENING_MODE "safe" CACHE STRING "")

I really would like to enable modules in this build too. Maybe it would be better to do in a followup when we want to backport this.

Mordante: I really would like to enable modules in this build too. Maybe it would be better to do in a…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Thanks! I'll do it in a follow-up like you suggest.

var-const: Thanks! I'll do it in a follow-up like you suggest.
var-constAuthorUnsubmitted
Done
ReplyInline Actions

(https://reviews.llvm.org/D159065)

var-const: (https://reviews.llvm.org/D159065)

libcxx/docs/Hardening.rst

============= ===============
Hardened Mode Hardening Modes
============= ===============
.. contents:: .. contents::
:local: :local:
.. _using-hardened-mode: .. _using-hardening-modes:
Using the hardened mode Using hardening modes
======================= =====================
The hardened mode enables a set of security-critical assertions that prevent The hardened mode enables a set of security-critical assertions that prevent
undefined behavior caused by violating preconditions of the standard library. undefined behavior caused by violating preconditions of the standard library.
These assertions can be done with relatively little overhead in constant time These assertions can be done with relatively little overhead in constant time
and are intended to be used in production. and are intended to be used in production.
In addition to the hardened mode, libc++ also provides the debug mode which In addition to the hardened mode, libc++ also provides two other hardening
contains all the checks from the hardened mode and additionally more expensive modes:
checks that may affect the complexity of algorithms. The debug mode is intended - safe mode;
to be used for testing, not in production. - debug mode.
The safe mode contains all the checks from the hardened mode and additionally
some checks for undefined behavior that incur relatively little overhead but
aren't security-critical. While the performance penalty is somewhat more
significant compared to the hardened mode, the safe mode is still intended to be
usable in production.
The debug mode, in turn, contains all the checks from the safe mode and
additionally more expensive checks that may affect the complexity of algorithms.
The debug mode is intended to be used for testing, not in production.
Vendors can set the default hardening mode by using the Vendors can set the default hardening mode by using the
``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Setting ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Setting
``LIBCXX_HARDENING_MODE`` to ``hardened`` enables the hardened mode, and ``LIBCXX_HARDENING_MODE`` to ``hardened`` enables the hardened mode, and
similarly setting the variable to ``debug`` enables the debug mode. The default similarly setting the variable to ``safe`` enables the safe mode, and to
value is ``unchecked`` which doesn't enable any hardening. ``debug`` enables the debug mode. The default value is ``unchecked`` which
doesn't enable any hardening.
When hardening is enabled, the compiled library is built with the corresponding When hardening is enabled, the compiled library is built with the corresponding
mode enabled, **and** user code will be built with the same mode enabled by mode enabled, **and** user code will be built with the same mode enabled by
default. If the mode is set to "unchecked" at the CMake configuration time, the default. If the mode is set to "unchecked" at the CMake configuration time, the
compiled library will not contain any assertions and the default when building compiled library will not contain any assertions and the default when building
user code will be to have assertions disabled. As a user, you can consult your user code will be to have assertions disabled. As a user, you can consult your
vendor to know which level of hardening is enabled by default. vendor to know which level of hardening is enabled by default.
Furthermore, independently of any vendor-selected default, users can always Furthermore, independently of any vendor-selected default, users can always
control which level of hardening is enabled in their code by defining control which level of hardening is enabled in their code by defining
``_LIBCPP_ENABLE_HARDENED_MODE=0|1`` (or ``_LIBCPP_ENABLE_DEBUG_MODE=0|1``) ``_LIBCPP_ENABLE_HARDENED_MODE=0|1`` (or ``_LIBCPP_ENABLE_SAFE_MODE=0|1``, or
before including any libc++ header (we recommend passing ``_LIBCPP_ENABLE_DEBUG_MODE=0|1``) before including any libc++ header (we
``-D_LIBCPP_ENABLE_HARDENED_MODE=X`` or ``-D_LIBCPP_ENABLE_DEBUG_MODE=X`` to the recommend passing ``-D_LIBCPP_ENABLE_HARDENED_MODE=X``, etc. to the compiler).
compiler). Note that if the compiled library was built by the vendor in the Note that if the compiled library was built by the vendor in the unchecked mode,
unchecked mode, functions compiled inside the static or shared library won't functions compiled inside the static or shared library won't have any hardening
have any hardening enabled even if the user compiles with hardening enabled (the enabled even if the user compiles with hardening enabled (the same is true for
same is true for the inverse case where the static or shared library was the inverse case where the static or shared library was compiled **with**
compiled **with** hardening enabled but the user tries to disable it). However, hardening enabled but the user tries to disable it). However, most of the code
most of the code in libc++ is in the headers, so the user-selected value for in libc++ is in the headers, so the user-selected value for
``_LIBCPP_ENABLE_HARDENED_MODE`` or ``_LIBCPP_ENABLE_DEBUG_MODE`` (if any) will ``_LIBCPP_ENABLE_HARDENED|SAFE|DEBUG_MODE``, if any, will usually be respected.
ldionneUnsubmitted
Done
ReplyInline Actions
in libc++ is in the headers, so the user-selected value for
- ``_LIBCPP_ENABLE_HARDENED_MODE`` (or ``_LIBCPP_ENABLE_HARDENED_MODE``, or
+ ``_LIBCPP_ENABLE_(HARDENED|SAFE|DEBUG)_MODE``
``_LIBCPP_ENABLE_DEBUG_MODE``), if any, will usually be respected.
ldionne:
usually be respected.
Enabling hardening has no impact on the ABI. Enabling hardening has no impact on the ABI.
Iterator bounds checking Iterator bounds checking
------------------------ ------------------------
TODO(hardening) TODO(hardening)

libcxx/docs/ReleaseNotes/17.rst

Show First 20 LinesShow All 73 Lines▼ Show 20 Lines
- P0645 - Text Formatting - P0645 - Text Formatting
- P1652 - Printf corner cases in std::format - P1652 - Printf corner cases in std::format
- P1892 - Extended locale-specific presentation specifiers for std::format - P1892 - Extended locale-specific presentation specifiers for std::format
- P1868 - width: clarifying units of width and precision in std::format - P1868 - width: clarifying units of width and precision in std::format
- P2216 - std::format improvements - P2216 - std::format improvements
- P2418 - Add support for std::generator-like types to std::format - P2418 - Add support for std::generator-like types to std::format
- P2286R8 - Formatting Ranges - P2286R8 - Formatting Ranges
- P2508R1 - Exposing std::basic-format-string - P2508R1 - Exposing std::basic-format-string
ldionneUnsubmitted
Done
ReplyInline Actions

Note that this patch needs to be rebased on top of another patch that brings the release notes between LLVM 17 and main back into sync.

ldionne: Note that this patch needs to be rebased on top of another patch that brings the release notes…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Rebased on top of https://reviews.llvm.org/D159454..

var-const: Rebased on top of https://reviews.llvm.org/D159454..
Improvements and New Features Improvements and New Features
----------------------------- -----------------------------
- ``std::equal``, ``std::ranges::equal``, ``std::find``, and - ``std::equal``, ``std::ranges::equal``, ``std::find``, and
``std::ranges::find`` are now forwarding to ``std::memcmp`` for trivially ``std::ranges::find`` are now forwarding to ``std::memcmp`` for trivially
equality comparable types, which can lead up to 40x performance improvements. equality comparable types, which can lead up to 40x performance improvements.
- The performance of ``dynamic_cast`` on its hot paths is greatly improved and is as efficient as the - The performance of ``dynamic_cast`` on its hot paths is greatly improved and is as efficient as the
ldionneUnsubmitted
Done
ReplyInline Actions

I would prefer removing this release note entirely. It is misleading, I don't know why I added it in the first place. OOB checks in iterators for string_view require an ABI flag, which needs to be set by vendors. This is not interesting to point out in our release notes IMO.

ldionne: I would prefer removing this release note entirely. It is misleading, I don't know why I added…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Addressed in https://reviews.llvm.org/D159171

var-const: Addressed in https://reviews.llvm.org/D159171
``libsupc++`` implementation. Note that the performance improvements are shipped in ``libcxxabi``. ``libsupc++`` implementation. Note that the performance improvements are shipped in ``libcxxabi``.
- `D122780 <https://reviews.llvm.org/D122780>`_ Improved the performance of ``std::sort`` and ``std::ranges::sort`` - `D122780 <https://reviews.llvm.org/D122780>`_ Improved the performance of ``std::sort`` and ``std::ranges::sort``
by up to 50% for arithmetic types and by approximately 10% for other types. by up to 50% for arithmetic types and by approximately 10% for other types.
- The ``<format>`` header is no longer considered experimental. Some - The ``<format>`` header is no longer considered experimental. Some
``std::formatter`` specializations are not yet available since the class used ``std::formatter`` specializations are not yet available since the class used
in the specialization has not been implemented in libc++. This prevents the in the specialization has not been implemented in libc++. This prevents the
feature-test macro to be set. feature-test macro to be set.
- Platforms that don't have support for a filesystem can now still take advantage of some parts of ``<filesystem>``. - Platforms that don't have support for a filesystem can now still take advantage of some parts of ``<filesystem>``.
Anything that does not rely on having an actual filesystem available will now work, such as ``std::filesystem::path``, Anything that does not rely on having an actual filesystem available will now work, such as ``std::filesystem::path``,
``std::filesystem::perms`` and similar classes. ``std::filesystem::perms`` and similar classes.
- The library now provides a hardened mode under which common cases of library undefined behavior will be turned into
a reliable program termination. Vendors can configure whether the hardened mode is enabled by default with the
``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Users can control whether the hardened mode is
enabled on a per translation unit basis using the ``-D_LIBCPP_ENABLE_HARDENED_MODE=1`` macro. See
``libcxx/docs/Hardening.rst`` for more details.
- The library now provides a debug mode which is a superset of the hardened mode, additionally enabling more expensive
checks that are not suitable to be used in production. This replaces the legacy debug mode that was removed in this
release. Unlike the legacy debug mode, this doesn't affect the ABI and doesn't require locking. Vendors can configure
whether the debug mode is enabled by default with the ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time.
Users can control whether the debug mode is enabled on a per translation unit basis using the
``-D_LIBCPP_ENABLE_DEBUG_MODE=1`` macro. See ``libcxx/docs/Hardening.rst`` for more details.
- ASan container annotations have been extended to cover all allocators in ``std::vector``. - ASan container annotations have been extended to cover all allocators in ``std::vector``.
ldionneUnsubmitted
Done
ReplyInline Actions
``libcxx/docs/Hardening.rst`` for more details.
- - The library now provides a debug mode which is a superset of the hardened mode, additionally enabling more expensive
+ - The library now provides a debug mode which is a superset of the safe mode, additionally enabling more expensive
checks that are not suitable to be used in production. This replaces the legacy debug mode that was removed in this
ldionne:
ldionneUnsubmitted
Done
ReplyInline Actions

We should replace all these references to libcxx/docs/Hardening.rst by an internal link to the rst page so that people can actually click on it.

ldionne: We should replace all these references to `libcxx/docs/Hardening.rst` by an internal link to…
- ASan annotations have been added to the ``std::deque`` container, to detect container overflows. - ASan annotations have been added to the ``std::deque`` container, to detect container overflows.
- On Windows, ``std::wcout``, ``wcin``, and ``wcerr`` now work correctly when the underlying - On Windows, ``std::wcout``, ``wcin``, and ``wcerr`` now work correctly when the underlying
stream has been configured in wide mode. stream has been configured in wide mode.
Deprecations and Removals Deprecations and Removals
------------------------- -------------------------
- The legacy debug mode has been removed in this release. The ``LIBCXX_ENABLE_DEBUG_MODE`` CMake variable has been - The legacy debug mode has been removed in this release. The ``LIBCXX_ENABLE_DEBUG_MODE`` CMake variable has been
ldionneUnsubmitted
Done
ReplyInline Actions
-------------------------
- - The "safe" mode is replaced by the hardened mode in this release. The ``LIBCXX_ENABLE_ASSERTIONS`` CMake variable is
+ - The "safe" mode is now controlled via the new generalized support for hardening. The ``LIBCXX_ENABLE_ASSERTIONS`` CMake variable is
deprecated and setting it will trigger an error; use ``LIBCXX_HARDENING_MODE`` instead. Similarly, the
- ``_LIBCPP_ENABLE_ASSERTIONS`` macro is deprecated and setting it to ``1`` now enables the hardened mode. See
- ``libcxx/docs/Hardening.rst`` for more details.
+ ``_LIBCPP_ENABLE_ASSERTIONS`` macro is deprecated and setting it to ``1`` now enables the safe mode. ``_LIBCPP_ENABLE_ASSERTIONS`` will be removed entirely in the next release and setting it will become an error. See ``libcxx/docs/Hardening.rst`` for more details.
- The legacy debug mode has been removed in this release. Setting the macro ``_LIBCPP_ENABLE_DEBUG_MODE`` to ``1`` now
ldionne:
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Applied (with a few tweaks, please let me know if they look reasonable to you).

var-const: Applied (with a few tweaks, please let me know if they look reasonable to you).
removed. For additional context, refer to the `Discourse post removed. For additional context, refer to the `Discourse post
<https://discourse.llvm.org/t/rfc-removing-the-legacy-debug-mode-from-libc/71026>`_. <https://discourse.llvm.org/t/rfc-removing-the-legacy-debug-mode-from-libc/71026>`_.
- The ``<experimental/coroutine>`` header has been removed in this release. The ``<coroutine>`` header - The ``<experimental/coroutine>`` header has been removed in this release. The ``<coroutine>`` header
has been shipping since LLVM 14, so the Coroutines TS implementation is being removed per our policy has been shipping since LLVM 14, so the Coroutines TS implementation is being removed per our policy
for removing TSes. for removing TSes.
- Several incidental transitive includes have been removed from libc++. Those - Several incidental transitive includes have been removed from libc++. Those
▲ Show 20 LinesShow All 111 LinesShow Last 20 Lines

libcxx/docs/ReleaseNotes/18.rst

Show First 20 LinesShow All 49 Lines▼ Show 20 Lines
- P2497R0 - Testing for success or failure of ``<charconv>`` functions - P2497R0 - Testing for success or failure of ``<charconv>`` functions
- P2697R1 - Interfacing ``bitset`` with ``string_view`` - P2697R1 - Interfacing ``bitset`` with ``string_view``
- P2443R1 - ``views::chunk_by`` - P2443R1 - ``views::chunk_by``
Improvements and New Features Improvements and New Features
----------------------------- -----------------------------
- The library now provides a hardened mode under which common cases of library undefined behavior will be turned into
a reliable program termination. Vendors can configure whether the hardened mode is enabled by default with the
``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Users can control whether the hardened mode is
enabled on a per translation unit basis using the ``-D_LIBCPP_ENABLE_HARDENED_MODE=1`` macro. See
:ref:`the hardening documentation <using-hardening-modes>` for more details.
- The safe mode is now a part of hardening modes. Vendors can configure whether the safe mode is enabled by default
with the ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Users can control whether the safe mode
is enabled on a per translation unit basis using the ``-D_LIBCPP_ENABLE_SAFE_MODE=1`` macro. The
``_LIBCPP_ENABLE_ASSERTIONS`` macro that was previously used to enable the safe mode is now deprecated. See
:ref:`the hardening documentation <using-hardening-modes>` for more details.
- The library now provides a debug mode which is a superset of the safe mode, additionally enabling more expensive
checks that are not suitable to be used in production. This replaces the legacy debug mode that was removed in this
release. Unlike the legacy debug mode, this doesn't affect the ABI and doesn't require locking. Vendors can configure
whether the debug mode is enabled by default with the ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time.
Users can control whether the debug mode is enabled on a per translation unit basis using the
``-D_LIBCPP_ENABLE_DEBUG_MODE=1`` macro. See :ref:`the hardening documentation <using-hardening-modes>` for more
details.
Deprecations and Removals Deprecations and Removals
------------------------- -------------------------
- The "safe" mode is now controlled via the new generalized support for hardening. The ``LIBCXX_ENABLE_ASSERTIONS``
CMake variable that was used to enable the safe mode is now deprecated and setting it will trigger an error; use the
``LIBCXX_HARDENING_MODE`` variable with the value ``safe`` instead. Similarly, the ``_LIBCPP_ENABLE_ASSERTIONS`` macro
is deprecated (setting it to ``1`` still enables the safe mode in this release while also issuing a deprecation
warning). ``_LIBCPP_ENABLE_ASSERTIONS`` will be removed entirely in the next release and setting it will become an
error. See :ref:`the hardening documentation <using-hardening-modes>` for more details.
- The base template for ``std::char_traits`` has been removed. If you are using - The base template for ``std::char_traits`` has been removed. If you are using
``std::char_traits`` with types other than ``char``, ``wchar_t``, ``char8_t``, ``std::char_traits`` with types other than ``char``, ``wchar_t``, ``char8_t``,
``char16_t``, ``char32_t`` or a custom character type for which you ``char16_t``, ``char32_t`` or a custom character type for which you
specialized ``std::char_traits``, your code will no longer work. The Standard specialized ``std::char_traits``, your code will no longer work. The Standard
does not mandate that a base template is provided, and such a base template is does not mandate that a base template is provided, and such a base template is
bound to be incorrect for some types, which could previously cause unexpected bound to be incorrect for some types, which could previously cause unexpected
behavior while going undetected. behavior while going undetected.
Show All 32 Lines

libcxx/docs/UsingLibcxx.rst

Show First 20 LinesShow All 217 Lines▼ Show 20 Lines
safety annotations. safety annotations.
**_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS**: **_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS**:
This macro is used to enable -Wthread-safety annotations on libc++'s This macro is used to enable -Wthread-safety annotations on libc++'s
``std::mutex`` and ``std::lock_guard``. By default, these annotations are ``std::mutex`` and ``std::lock_guard``. By default, these annotations are
disabled and must be manually enabled by the user. disabled and must be manually enabled by the user.
**_LIBCPP_ENABLE_HARDENED_MODE**: **_LIBCPP_ENABLE_HARDENED_MODE**:
This macro is used to enable the :ref:`hardened mode <using-hardened-mode>`. This macro is used to enable the :ref:`hardened mode <using-hardening-modes>`.
**_LIBCPP_ENABLE_SAFE_MODE**:
This macro is used to enable the :ref:`safe mode <using-hardening-modes>`.
**_LIBCPP_ENABLE_DEBUG_MODE**: **_LIBCPP_ENABLE_DEBUG_MODE**:
This macro is used to enable the :ref:`debug mode <using-hardened-mode>`. This macro is used to enable the :ref:`debug mode <using-hardening-modes>`.
**_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS**: **_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS**:
This macro is used to disable all visibility annotations inside libc++. This macro is used to disable all visibility annotations inside libc++.
Defining this macro and then building libc++ with hidden visibility gives a Defining this macro and then building libc++ with hidden visibility gives a
build of libc++ which does not export any symbols, which can be useful when build of libc++ which does not export any symbols, which can be useful when
building statically for inclusion into another library. building statically for inclusion into another library.
**_LIBCPP_DISABLE_ADDITIONAL_DIAGNOSTICS**: **_LIBCPP_DISABLE_ADDITIONAL_DIAGNOSTICS**:
▲ Show 20 LinesShow All 359 LinesShow Last 20 Lines

libcxx/include/__config

Show First 20 LinesShow All 198 Lines▼ Show 20 Lines
// #define _LIBCPP_ABI_BOUNDED_ITERATORS // #define _LIBCPP_ABI_BOUNDED_ITERATORS
// } ABI // } ABI
// HARDENING { // HARDENING {
// TODO(hardening): remove this in LLVM 19. // TODO(hardening): remove this in LLVM 19.
// This is for backward compatibility -- make enabling `_LIBCPP_ENABLE_ASSERTIONS` (which predates hardening modes) // This is for backward compatibility -- make enabling `_LIBCPP_ENABLE_ASSERTIONS` (which predates hardening modes)
// equivalent to setting the hardened mode. // equivalent to setting the safe mode.
# ifdef _LIBCPP_ENABLE_ASSERTIONS # ifdef _LIBCPP_ENABLE_ASSERTIONS
# warning "_LIBCPP_ENABLE_ASSERTIONS is deprecated, please use _LIBCPP_ENABLE_HARDENED_MODE instead." # warning "_LIBCPP_ENABLE_ASSERTIONS is deprecated, please use _LIBCPP_ENABLE_SAFE_MODE instead."
# if _LIBCPP_ENABLE_ASSERTIONS != 0 && _LIBCPP_ENABLE_ASSERTIONS != 1 # if _LIBCPP_ENABLE_ASSERTIONS != 0 && _LIBCPP_ENABLE_ASSERTIONS != 1
# error "_LIBCPP_ENABLE_ASSERTIONS must be set to 0 or 1" # error "_LIBCPP_ENABLE_ASSERTIONS must be set to 0 or 1"
# endif # endif
# if _LIBCPP_ENABLE_ASSERTIONS # if _LIBCPP_ENABLE_ASSERTIONS
# define _LIBCPP_ENABLE_HARDENED_MODE 1 # define _LIBCPP_ENABLE_SAFE_MODE 1
# endif # endif
# endif # endif
// Enables the hardened mode which consists of all checks intended to be used in production. Hardened mode prioritizes // Enables the hardened mode which consists of all checks intended to be used in production. Hardened mode prioritizes
// security-critical checks that can be done with relatively little overhead in constant time. Mutually exclusive with // security-critical checks that can be done with relatively little overhead in constant time. Mutually exclusive with
// `_LIBCPP_ENABLE_DEBUG_MODE`. // `_LIBCPP_ENABLE_SAFE_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE`.
// //
// #define _LIBCPP_ENABLE_HARDENED_MODE 1 // #define _LIBCPP_ENABLE_HARDENED_MODE 1
// Enables the safe mode which extends the hardened mode with checks that are relatively cheap and prevent common types
// of errors but are not security-critical. Mutually exclusive with `_LIBCPP_ENABLE_HARDENED_MODE` and
// `_LIBCPP_ENABLE_DEBUG_MODE`.
ldionneUnsubmitted
Done
ReplyInline Actions
// Enables the safe mode which extends the hardened mode with checks that are relatively cheap and prevent common types
- // of errors but are not security-critical.
+ // of errors but are not security-critical. Mutually exclusive with
// `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE`.
//
// #define _LIBCPP_ENABLE_SAFE_MODE 1
ldionne:
//
// #define _LIBCPP_ENABLE_SAFE_MODE 1
// Enables the debug mode which contains all the checks from the hardened mode and additionally more expensive checks // Enables the debug mode which contains all the checks from the hardened mode and additionally more expensive checks
// that may affect the complexity of algorithms. The debug mode is intended to be used for testing, not in production. // that may affect the complexity of algorithms. The debug mode is intended to be used for testing, not in production.
// Mutually exclusive with `_LIBCPP_ENABLE_HARDENED_MODE`. // Mutually exclusive with `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_SAFE_MODE`.
// //
// #define _LIBCPP_ENABLE_DEBUG_MODE 1 // #define _LIBCPP_ENABLE_DEBUG_MODE 1
// Inside the library, assertions are categorized so they can be cherry-picked based on the chosen hardening mode. These // Inside the library, assertions are categorized so they can be cherry-picked based on the chosen hardening mode. These
// macros are only for internal use -- users should only pick one of the high-level hardening modes described above. // macros are only for internal use -- users should only pick one of the high-level hardening modes described above.
// //
// - `_LIBCPP_ASSERT_VALID_INPUT_RANGE` -- checks that ranges (whether expressed as an iterator pair, an iterator and // - `_LIBCPP_ASSERT_VALID_INPUT_RANGE` -- checks that ranges (whether expressed as an iterator pair, an iterator and
// a sentinel, an iterator and a count, or a `std::range`) given as input to library functions are valid: // a sentinel, an iterator and a count, or a `std::range`) given as input to library functions are valid:
Show All 18 Lines
# ifndef _LIBCPP_ENABLE_HARDENED_MODE # ifndef _LIBCPP_ENABLE_HARDENED_MODE
# define _LIBCPP_ENABLE_HARDENED_MODE _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT # define _LIBCPP_ENABLE_HARDENED_MODE _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
# endif # endif
# if _LIBCPP_ENABLE_HARDENED_MODE != 0 && _LIBCPP_ENABLE_HARDENED_MODE != 1 # if _LIBCPP_ENABLE_HARDENED_MODE != 0 && _LIBCPP_ENABLE_HARDENED_MODE != 1
# error "_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1." # error "_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1."
# endif # endif
# ifndef _LIBCPP_ENABLE_SAFE_MODE
# define _LIBCPP_ENABLE_SAFE_MODE _LIBCPP_ENABLE_SAFE_MODE_DEFAULT
# endif
# if _LIBCPP_ENABLE_SAFE_MODE != 0 && _LIBCPP_ENABLE_SAFE_MODE != 1
# error "_LIBCPP_ENABLE_SAFE_MODE must be set to 0 or 1."
# endif
# ifndef _LIBCPP_ENABLE_DEBUG_MODE # ifndef _LIBCPP_ENABLE_DEBUG_MODE
# define _LIBCPP_ENABLE_DEBUG_MODE _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT # define _LIBCPP_ENABLE_DEBUG_MODE _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT
# endif # endif
# if _LIBCPP_ENABLE_DEBUG_MODE != 0 && _LIBCPP_ENABLE_DEBUG_MODE != 1 # if _LIBCPP_ENABLE_DEBUG_MODE != 0 && _LIBCPP_ENABLE_DEBUG_MODE != 1
# error "_LIBCPP_ENABLE_DEBUG_MODE must be set to 0 or 1." # error "_LIBCPP_ENABLE_DEBUG_MODE must be set to 0 or 1."
# endif # endif
# if _LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_DEBUG_MODE # if (_LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_SAFE_MODE) || \
# error "Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled." (_LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_DEBUG_MODE) || \
(_LIBCPP_ENABLE_SAFE_MODE && _LIBCPP_ENABLE_DEBUG_MODE)
# error \
"Only one of _LIBCPP_ENABLE_HARDENED_MODE, _LIBCPP_ENABLE_SAFE_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled."
# endif # endif
ldionneUnsubmitted
Done
ReplyInline Actions

No strong preference, but we could also do #if HARDENED_MODE + SAFE_MODE + DEBUG_MODE > 1.

ldionne: No strong preference, but we could also do `#if HARDENED_MODE + SAFE_MODE + DEBUG_MODE > 1`.
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Thanks! I think it's better (I don't really expect another mode at this point, but if that ever happens, the new form of this check is much easier to modify).

var-const: Thanks! I think it's better (I don't really expect another mode at this point, but if that ever…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Update: unfortunately, with this approach the error is also triggered when setting one of the macros to a bad value (e.g. 2). Reverted to the previous state.

var-const: Update: unfortunately, with this approach the error is also triggered when setting one of the…
// clang-format off
// Hardened mode checks. // Hardened mode checks.
// clang-format off
# if _LIBCPP_ENABLE_HARDENED_MODE # if _LIBCPP_ENABLE_HARDENED_MODE
// Enabled checks. // Enabled checks.
# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message) # define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message) # define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message)
// Disabled checks. // Disabled checks.
// Overlapping ranges will make algorithms produce incorrect results but don't directly lead to a security // Overlapping ranges will make algorithms produce incorrect results but don't directly lead to a security
// vulnerability. // vulnerability.
# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSUME(expression) # define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSUME(expression)
# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSUME(expression) # define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSUME(expression)
# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression) # define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression)
# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSUME(expression) # define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSUME(expression)
// Safe mode checks.
# elif _LIBCPP_ENABLE_SAFE_MODE
// Enabled checks.
# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSERT(expression, message)
thakisUnsubmitted
Done
ReplyInline Actions

TODO when? After a security review of these asserts? Something else? Do you have a rough time frame when this might happen?

thakis: TODO when? After a security review of these asserts? Something else? Do you have a rough time…
ldionneUnsubmitted
Done
ReplyInline Actions

IMO this TODO is not necessary. We know we want to remove _LIBCPP_ASSERT_UNCATEGORIZED anyway so it would become moot.

ldionne: IMO this TODO is not necessary. We know we want to remove `_LIBCPP_ASSERT_UNCATEGORIZED` anyway…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

@thakis I certainly want to do this before the next release (i.e., LLVM 18), and ideally even earlier. And yes, that would include a security review.

var-const: @thakis I certainly want to do this before the next release (i.e., LLVM 18), and ideally even…
// Disabled checks.
# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression)
// Debug mode checks. // Debug mode checks.
# elif _LIBCPP_ENABLE_DEBUG_MODE # elif _LIBCPP_ENABLE_DEBUG_MODE
// All checks enabled. // All checks enabled.
# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message) # define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message) # define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message)
# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSERT(expression, message) # define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSERT(expression, message)
▲ Show 20 LinesShow All 1,137 LinesShow Last 20 Lines

libcxx/include/__config_site.in

Show All 31 Lines
// PSTL backends // PSTL backends
#cmakedefine _LIBCPP_PSTL_CPU_BACKEND_SERIAL #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_SERIAL
#cmakedefine _LIBCPP_PSTL_CPU_BACKEND_THREAD #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_THREAD
#cmakedefine _LIBCPP_PSTL_CPU_BACKEND_LIBDISPATCH #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_LIBDISPATCH
// Hardening. // Hardening.
#cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT #cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
#cmakedefine01 _LIBCPP_ENABLE_SAFE_MODE_DEFAULT
#cmakedefine01 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT #cmakedefine01 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT
// __USE_MINGW_ANSI_STDIO gets redefined on MinGW // __USE_MINGW_ANSI_STDIO gets redefined on MinGW
#ifdef __clang__ #ifdef __clang__
# pragma clang diagnostic push # pragma clang diagnostic push
# pragma clang diagnostic ignored "-Wmacro-redefined" # pragma clang diagnostic ignored "-Wmacro-redefined"
#endif #endif
@_LIBCPP_ABI_DEFINES@ @_LIBCPP_ABI_DEFINES@
@_LIBCPP_EXTRA_SITE_DEFINES@ @_LIBCPP_EXTRA_SITE_DEFINES@
#ifdef __clang__ #ifdef __clang__
# pragma clang diagnostic pop # pragma clang diagnostic pop
#endif #endif
#endif // _LIBCPP___CONFIG_SITE #endif // _LIBCPP___CONFIG_SITE

libcxx/test/libcxx/algorithms/alg.sorting/assert.min.max.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <algorithm> // <algorithm>
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
ldionneUnsubmitted
Done
ReplyInline Actions
// UNSUPPORTED: c++03, c++11, c++14, c++17
- // UNSUPPORTED: !libcpp-hardening-mode=safe && !libcpp-hardening-mode=debug
+ // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing
ldionne:
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Thanks!

var-const: Thanks!
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <algorithm> #include <algorithm>
#include <array> #include <array>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
Show All 9 Lines

libcxx/test/libcxx/assertions/modes/debug.pass.cpp

  • This file was copied to libcxx/test/libcxx/assertions/modes/safe.pass.cpp.
Show All 13 Lines
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// `check_assertion.h` requires Unix headers. // `check_assertion.h` requires Unix headers.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
TEST_LIBCPP_ASSERT_FAILURE([] { TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Should fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire");
}(), "Should fire"); }(), "Should fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/debug_mode_disabled_in_tu.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
ldionneUnsubmitted
Not Done
ReplyInline Actions

For another patch: we need to add tests that ensure that we can enable/disable the various hardening modes on a per-TU basis even if the default configured mode is another mode. For example, configure the library w/ the hardened mode by default, but enable the safe or debug mode inside a single TU via the user macros.

Or the other way around: enable safe mode by default via vendor but enable the hardened mode via users: the result should be that the safe mode set-by-default is disabled and the hardened mode selected by the user is enabled.

Potential way to achieve this?

#if _LIBCPP_ENABLE_HARDENED_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENED
#elif _LIBCPP_ENABLE_SAFE_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_SAFE
#elif _LIBCPP_ENABLE_DEBUG_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_DEBUG
#endif

#define _LIBCPP_UNCHECKED 31
#define _LIBCPP_HARDENED 32
#define _LIBCPP_SAFE 33
#define _LIBCPP_DEBUG 34

#ifndef _LIBCPP_SELECT_HARDENING_MODE
#  define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENING_MODE_DEFAULT /* from __config_site */
#endif

_LIBCPP_SELECT_HARDENING_MODE would be internal-only, unless we want to migrate our users again in the next release :/

And if we want to make _LIBCPP_SELECT_HARDENING_MODE user-visible without migrating our users, we could probably do something like:

#ifndef _LIBCPP_SELECT_HARDENING_MODE
#  if _LIBCPP_ENABLE_HARDENED_MODE
#    define _LIBCPP_SELECT_HARDENING_MODE _LIBCPP_HARDENED
#  elif [...]
#  endif
#endif
ldionne: For another patch: we need to add tests that ensure that we can enable/disable the various…
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can disable the debug mode on a per-TU basis regardless of how the library was built. // This test ensures that we can disable the debug mode on a per-TU basis.
ldionneUnsubmitted
Done
ReplyInline Actions
//===----------------------------------------------------------------------===//
- // This test ensures that we can disable the debug mode on a per-TU basis regardless of how the library was built.
+ // This test ensures that we can disable the debug mode on a per-TU basis.
// Other hardening modes would still make the assertions fire (disabling the hardened mode doesn't disable e.g. the

This comment is misleading otherwise.

ldionne: This comment is misleading otherwise.
// UNSUPPORTED: libcpp-hardening-mode=hardened // Other hardening modes would still make the assertions fire (disabling the debug mode doesn't disable e.g. the
// hardened mode).
// REQUIRES: libcpp-hardening-mode=debug
ldionneUnsubmitted
Done
ReplyInline Actions

I don't really understand this REQUIRES anymore. Can you explain?

ldionne: I don't really understand this `REQUIRES` anymore. Can you explain?
var-constAuthorUnsubmitted
Done
ReplyInline Actions

If another hardening mode is enabled (e.g. the safe mode), the assertions will still fire -- basically, we would end up in a situation where _LIBCPP_ENABLE_DEBUG_MODE is 0 but _LIBCPP_ENABLE_SAFE_MODE is 1.

(I changed the assertion type from "uncategorized" to "valid-element-access", btw -- thanks for calling out this test!)

var-const: If another hardening mode is enabled (e.g. the safe mode), the assertions will still fire…
ldionneUnsubmitted
Done
ReplyInline Actions

IMO this should be REQUIRES: libcpp-hardening-mode=debug since the test is basically meaningless in unchecked mode.

ldionne: IMO this should be `REQUIRES: libcpp-hardening-mode=debug` since the test is basically…
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=0 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=0
#include <cassert> #include <cassert>
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Also should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Also should not fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/debug_mode_enabled_in_tu.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can enable the debug mode on a per-TU basis regardless of how the library was built. // This test ensures that we can enable the debug mode on a per-TU basis.
// Hardened mode would additionally trigger the error that hardened and debug modes are mutually exclusive. // Other hardening modes would additionally trigger the error that they are mutually exclusive.
// UNSUPPORTED: libcpp-hardening-mode=hardened // REQUIRES: libcpp-hardening-mode=unchecked
// `check_assertion.h` is only available starting from C++11 and requires Unix headers. // `check_assertion.h` is only available starting from C++11 and requires Unix headers.
// UNSUPPORTED: c++03, !has-unix-headers // UNSUPPORTED: c++03, !has-unix-headers
// The ability to set a custom abort message is required to compare the assertion message. // The ability to set a custom abort message is required to compare the assertion message.
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=1
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
ldionneUnsubmitted
Done
ReplyInline Actions

UNCATEGORIZED?

ldionne: `UNCATEGORIZED`?
TEST_LIBCPP_ASSERT_FAILURE([] { TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Should fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire");
}(), "Should fire"); }(), "Should fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/debug_mode_not_1_or_0.verify.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that setting the debug mode to a value other than `0` or `1` triggers a compile-time error. // This test verifies that setting the debug mode to a value other than `0` or `1` triggers a compile-time error.
// Hardened mode would additionally trigger the error that hardened and debug modes are mutually exclusive. // Other hardening modes would additionally trigger the error that they are mutually exclusive.
// UNSUPPORTED: libcpp-hardening-mode=hardened // REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=2 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_DEBUG_MODE=2
#include <cassert> #include <cassert>
// expected-error@*:* {{_LIBCPP_ENABLE_DEBUG_MODE must be set to 0 or 1.}} // expected-error@*:* {{_LIBCPP_ENABLE_DEBUG_MODE must be set to 0 or 1.}}

libcxx/test/libcxx/assertions/modes/enabling_assertions_enables_hardened_mode.pass.cpp

  • This file was moved to libcxx/test/libcxx/assertions/modes/enabling_assertions_enables_safe_mode.pass.cpp.

libcxx/test/libcxx/assertions/modes/enabling_assertions_enables_safe_mode.pass.cpp

  • This file was moved from libcxx/test/libcxx/assertions/modes/enabling_assertions_enables_hardened_mode.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// TODO(hardening): remove in LLVM 19. // TODO(hardening): remove in LLVM 19.
// This test ensures that enabling assertions now enables the hardened mode. // This test ensures that enabling assertions now enables the safe mode.
// Other hardening modes would additionally trigger the error that they are mutually exclusive.
// REQUIRES: libcpp-hardening-mode=unchecked
// `check_assertion.h` is only available starting from C++11 and requires Unix headers. // `check_assertion.h` is only available starting from C++11 and requires Unix headers.
// UNSUPPORTED: c++03, !has-unix-headers // UNSUPPORTED: c++03, !has-unix-headers
// The ability to set a custom abort message is required to compare the assertion message. // The ability to set a custom abort message is required to compare the assertion message.
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// Debug mode is mutually exclusive with hardened mode.
// UNSUPPORTED: libcpp-hardening-mode=debug
// Ignore the warning about `_LIBCPP_ENABLE_ASSERTIONS` being deprecated. // Ignore the warning about `_LIBCPP_ENABLE_ASSERTIONS` being deprecated.
// ADDITIONAL_COMPILE_FLAGS: -Wno-error -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-error -D_LIBCPP_ENABLE_ASSERTIONS=1
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
static_assert(_LIBCPP_ENABLE_HARDENED_MODE == 1, "Hardened mode should be implicitly enabled"); static_assert(_LIBCPP_ENABLE_SAFE_MODE == 1, "Safe mode should be implicitly enabled");
_LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
TEST_LIBCPP_ASSERT_FAILURE([] { TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire");
}(), "Should fire"); }(), "Should fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/hardened_and_debug_mutually_exclusive.verify.cpp

  • This file was copied to libcxx/test/libcxx/assertions/modes/hardened_and_safe_mutually_exclusive.verify.cpp, libcxx/test/libcxx/assertions/modes/safe_and_debug_mutually_exclusive.verify.cpp, libcxx/test/libcxx/assertions/modes/safe_mode_not_1_or_0.verify.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive. // This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive.
// REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1
#include <cassert> #include <cassert>
// expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}} // expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE, _LIBCPP_ENABLE_SAFE_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}}

libcxx/test/libcxx/assertions/modes/hardened_and_safe_mutually_exclusive.verify.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/hardened_and_debug_mutually_exclusive.verify.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive. // This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_SAFE_MODE` are mutually exclusive.
// REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_SAFE_MODE=1
#include <cassert> #include <cassert>
// expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}} // expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE, _LIBCPP_ENABLE_SAFE_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}}

libcxx/test/libcxx/assertions/modes/hardened_mode_disabled_in_tu.pass.cpp

  • This file was copied to libcxx/test/libcxx/assertions/modes/safe_mode_disabled_in_tu.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can disable the hardened mode on a per-TU basis regardless of how the library was built. // This test ensures that we can disable the hardened mode on a per-TU basis.
// UNSUPPORTED: libcpp-hardening-mode=debug // Other hardening modes would still make the assertions fire (disabling the hardened mode doesn't disable e.g. the
// debug mode).
// REQUIRES: libcpp-hardening-mode=hardened
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=0 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=0
#include <cassert> #include <cassert>
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Also should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Also should not fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/hardened_mode_enabled_in_tu.pass.cpp

  • This file was copied to libcxx/test/libcxx/assertions/modes/safe_mode_enabled_in_tu.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can enable the hardened mode on a per-TU basis regardless of how the library was built. // This test ensures that we can enable the hardened mode on a per-TU basis.
// Debug mode would additionally trigger the error that hardened and debug modes are mutually exclusive. // Other hardening modes would additionally trigger the error that they are mutually exclusive.
// UNSUPPORTED: libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode=unchecked
// `check_assertion.h` is only available starting from C++11. // `check_assertion.h` is only available starting from C++11.
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// `check_assertion.h` requires Unix headers. // `check_assertion.h` requires Unix headers.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// The ability to set a custom abort message is required to compare the assertion message. // The ability to set a custom abort message is required to compare the assertion message.
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1
Show All 11 Lines

libcxx/test/libcxx/assertions/modes/hardened_mode_not_1_or_0.verify.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that setting the hardened mode to a value other than `0` or `1` triggers a compile-time error. // This test verifies that setting the hardened mode to a value other than `0` or `1` triggers a compile-time error.
// Debug mode would additionally trigger the error that hardened and debug modes are mutually exclusive. // Other hardening modes would additionally trigger the error that they are mutually exclusive.
// UNSUPPORTED: libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=2 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=2
#include <cassert> #include <cassert>
// expected-error@*:* {{_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1.}} // expected-error@*:* {{_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1.}}

libcxx/test/libcxx/assertions/modes/safe.pass.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/debug.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that assertions trigger without the user having to do anything when the debug mode has been enabled // This test ensures that assertions trigger without the user having to do anything when the safe mode has been
// by default. // enabled by default.
// REQUIRES: libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode=safe
// `check_assertion.h` is only available starting from C++11. // `check_assertion.h` is only available starting from C++11.
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// `check_assertion.h` requires Unix headers. // `check_assertion.h` requires Unix headers.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
TEST_LIBCPP_ASSERT_FAILURE([] { TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Should fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire");
}(), "Should fire"); }(), "Should fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/safe_and_debug_mutually_exclusive.verify.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/hardened_and_debug_mutually_exclusive.verify.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive. // This test verifies that `_LIBCPP_ENABLE_SAFE_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive.
// REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_SAFE_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1
#include <cassert> #include <cassert>
// expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}} // expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE, _LIBCPP_ENABLE_SAFE_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}}

libcxx/test/libcxx/assertions/modes/safe_mode_disabled_in_tu.pass.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/hardened_mode_disabled_in_tu.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can disable the hardened mode on a per-TU basis regardless of how the library was built. // This test ensures that we can disable the safe mode on a per-TU basis.
// UNSUPPORTED: libcpp-hardening-mode=debug // Other hardening modes would still make the assertions fire (disabling the safe mode doesn't disable e.g. the debug
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=0 // mode).
// REQUIRES: libcpp-hardening-mode=safe
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_SAFE_MODE=0
#include <cassert> #include <cassert>
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Also should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Also should not fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/safe_mode_enabled_in_tu.pass.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/hardened_mode_enabled_in_tu.pass.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test ensures that we can enable the hardened mode on a per-TU basis regardless of how the library was built. // This test ensures that we can enable the safe mode on a per-TU basis.
// Debug mode would additionally trigger the error that hardened and debug modes are mutually exclusive. // Other hardening modes would additionally trigger the error that they are mutually exclusive.
// UNSUPPORTED: libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode=unchecked
// `check_assertion.h` is only available starting from C++11. // `check_assertion.h` is only available starting from C++11.
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// `check_assertion.h` requires Unix headers. // `check_assertion.h` requires Unix headers.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// The ability to set a custom abort message is required to compare the assertion message. // The ability to set a custom abort message is required to compare the assertion message.
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_SAFE_MODE=1
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
TEST_LIBCPP_ASSERT_FAILURE([] { TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Should fire");
}(), "Should fire"); }(), "Should fire");
return 0; return 0;
} }

libcxx/test/libcxx/assertions/modes/safe_mode_not_1_or_0.verify.cpp

  • This file was copied from libcxx/test/libcxx/assertions/modes/hardened_and_debug_mutually_exclusive.verify.cpp.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// This test verifies that `_LIBCPP_ENABLE_HARDENED_MODE` and `_LIBCPP_ENABLE_DEBUG_MODE` are mutually exclusive. // This test verifies that setting the safe mode to a value other than `0` or `1` triggers a compile-time error.
// Other hardening modes would additionally trigger the error that they are mutually exclusive.
// REQUIRES: libcpp-hardening-mode=unchecked
// Modules build produces a different error ("Could not build module 'std'"). // Modules build produces a different error ("Could not build module 'std'").
// UNSUPPORTED: clang-modules-build // UNSUPPORTED: clang-modules-build
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_HARDENED_MODE=1 -D_LIBCPP_ENABLE_DEBUG_MODE=1 // ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_SAFE_MODE=2
#include <cassert> #include <cassert>
// expected-error@*:* {{Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_DEBUG_MODE can be enabled.}} // expected-error@*:* {{_LIBCPP_ENABLE_SAFE_MODE must be set to 0 or 1.}}

libcxx/test/libcxx/assertions/modes/unchecked.pass.cpp

Show All 11 Lines
// REQUIRES: libcpp-hardening-mode=unchecked // REQUIRES: libcpp-hardening-mode=unchecked
#include <cassert> #include <cassert>
bool executed_condition = false; bool executed_condition = false;
bool f() { executed_condition = true; return false; } bool f() { executed_condition = true; return false; }
int main(int, char**) { int main(int, char**) {
_LIBCPP_ASSERT_UNCATEGORIZED(true, "Should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(true, "Should not fire");
_LIBCPP_ASSERT_UNCATEGORIZED(false, "Also should not fire"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(false, "Also should not fire");
_LIBCPP_ASSERT_UNCATEGORIZED(f(), "Should not execute anything"); _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(f(), "Should not execute anything");
assert(!executed_condition); // Really make sure we did not execute anything. assert(!executed_condition); // Really make sure we did not execute anything.
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.map/assert.bucket.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <unordered_map> // <unordered_map>
// size_type bucket(const key_type& __k) const; // size_type bucket(const key_type& __k) const;
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_map<int, std::string> C; typedef std::unordered_map<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.map/assert.bucket_size.pass.cpp

Show All 10 Lines
// template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>, // template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>,
// class Alloc = allocator<pair<const Key, T>>> // class Alloc = allocator<pair<const Key, T>>>
// class unordered_map // class unordered_map
// size_type bucket_size(size_type n) const // size_type bucket_size(size_type n) const
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_map<int, std::string> C; typedef std::unordered_map<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.map/assert.max_load_factor.pass.cpp

Show All 11 Lines
// class Alloc = allocator<pair<const Key, T>>> // class Alloc = allocator<pair<const Key, T>>>
// class unordered_map // class unordered_map
// float max_load_factor() const; // float max_load_factor() const;
// void max_load_factor(float mlf); // void max_load_factor(float mlf);
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_map<int, std::string> C; typedef std::unordered_map<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0"); TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multimap/assert.bucket.pass.cpp

Show All 10 Lines
// template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>, // template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>,
// class Alloc = allocator<pair<const Key, T>>> // class Alloc = allocator<pair<const Key, T>>>
// class unordered_multimap // class unordered_multimap
// size_type bucket(const key_type& __k) const; // size_type bucket(const key_type& __k) const;
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multimap<int, std::string> C; typedef std::unordered_multimap<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multimap/assert.bucket_size.pass.cpp

Show All 10 Lines
// template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>, // template <class Key, class T, class Hash = hash<Key>, class Pred = equal_to<Key>,
// class Alloc = allocator<pair<const Key, T>>> // class Alloc = allocator<pair<const Key, T>>>
// class unordered_multimap // class unordered_multimap
// size_type bucket_size(size_type n) const // size_type bucket_size(size_type n) const
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multimap<int, std::string> C; typedef std::unordered_multimap<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multimap/assert.max_load_factor.pass.cpp

Show All 11 Lines
// class Alloc = allocator<pair<const Key, T>>> // class Alloc = allocator<pair<const Key, T>>>
// class unordered_multimap // class unordered_multimap
// float max_load_factor() const; // float max_load_factor() const;
// void max_load_factor(float mlf); // void max_load_factor(float mlf);
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_map> #include <unordered_map>
#include <string> #include <string>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multimap<int, std::string> C; typedef std::unordered_multimap<int, std::string> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0"); TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multiset/assert.bucket.pass.cpp

Show All 10 Lines
// template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>, // template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>,
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_multiset // class unordered_multiset
// size_type bucket(const key_type& __k) const; // size_type bucket(const key_type& __k) const;
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multiset<int> C; typedef std::unordered_multiset<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multiset/assert.bucket_size.pass.cpp

Show All 10 Lines
// template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>, // template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>,
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_multiset // class unordered_multiset
// size_type bucket_size(size_type n) const // size_type bucket_size(size_type n) const
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multiset<int> C; typedef std::unordered_multiset<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.multiset/assert.max_load_factor.pass.cpp

Show All 11 Lines
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_multiset // class unordered_multiset
// float max_load_factor() const; // float max_load_factor() const;
// void max_load_factor(float mlf); // void max_load_factor(float mlf);
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_multiset<int> C; typedef std::unordered_multiset<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0"); TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(0), "unordered container::max_load_factor(lf) called with lf <= 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.set/assert.bucket.pass.cpp

Show All 10 Lines
// template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>, // template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>,
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_set // class unordered_set
// size_type bucket(const key_type& __k) const; // size_type bucket(const key_type& __k) const;
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_set<int> C; typedef std::unordered_set<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket(3), "unordered container::bucket(key) called when bucket_count() == 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.set/assert.bucket_size.pass.cpp

Show All 10 Lines
// template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>, // template <class Value, class Hash = hash<Value>, class Pred = equal_to<Value>,
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_set // class unordered_set
// size_type bucket_size(size_type n) const // size_type bucket_size(size_type n) const
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_set<int> C; typedef std::unordered_set<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()"); TEST_LIBCPP_ASSERT_FAILURE(c.bucket_size(3), "unordered container::bucket_size(n) called with n >= bucket_count()");
return 0; return 0;
} }

libcxx/test/libcxx/containers/unord/unord.set/assert.max_load_factor.pass.cpp

Show All 11 Lines
// class Alloc = allocator<Value>> // class Alloc = allocator<Value>>
// class unordered_set // class unordered_set
// float max_load_factor() const; // float max_load_factor() const;
// void max_load_factor(float mlf); // void max_load_factor(float mlf);
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <unordered_set> #include <unordered_set>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
typedef std::unordered_set<int> C; typedef std::unordered_set<int> C;
C c; C c;
TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(-0.5f), TEST_LIBCPP_ASSERT_FAILURE(c.max_load_factor(-0.5f),
"unordered container::max_load_factor(lf) called with lf <= 0"); "unordered container::max_load_factor(lf) called with lf <= 0");
return 0; return 0;
} }

libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.index_operator.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <mdspan> // <mdspan>
// template<class... Indices> // template<class... Indices>
// constexpr index_type operator()(Indices... i) const noexcept; // constexpr index_type operator()(Indices... i) const noexcept;
// //
// Constraints: // Constraints:
▲ Show 20 LinesShow All 65 LinesShow Last 20 Lines

libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.index_operator.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <mdspan> // <mdspan>
// template<class... Indices> // template<class... Indices>
// constexpr index_type operator()(Indices... i) const noexcept; // constexpr index_type operator()(Indices... i) const noexcept;
// //
// Constraints: // Constraints:
▲ Show 20 LinesShow All 65 LinesShow Last 20 Lines

libcxx/test/libcxx/containers/views/mdspan/mdspan/assert.size.pass.cpp

// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <mdspan> // <mdspan>
// constexpr size_type size() const noexcept; // constexpr size_type size() const noexcept;
// //
// Preconditions: The size of the multidimensional index space extents() is representable as a value of type size_type ([basic.fundamental]). // Preconditions: The size of the multidimensional index space extents() is representable as a value of type size_type ([basic.fundamental]).
// //
Show All 33 Lines

libcxx/test/libcxx/experimental/memory/memory.polymorphic.allocator.class/memory.polymorphic.allocator.mem/assert.deallocate.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <experimental/memory_resource> // <experimental/memory_resource>
// template <class T> class polymorphic_allocator // template <class T> class polymorphic_allocator
// T* polymorphic_allocator<T>::deallocate(T*, size_t size) // T* polymorphic_allocator<T>::deallocate(T*, size_t size)
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DISABLE_DEPRECATION_WARNINGS // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DISABLE_DEPRECATION_WARNINGS
#include <experimental/memory_resource> #include <experimental/memory_resource>
#include <type_traits> #include <type_traits>
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
Show All 16 Lines

libcxx/test/libcxx/experimental/memory/memory.resource.adaptor/memory.resource.adaptor.mem/assert.deallocate.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <experimental/memory_resource> // <experimental/memory_resource>
// template <class T> class polymorphic_allocator // template <class T> class polymorphic_allocator
// T* polymorphic_allocator<T>::deallocate(T*, size_t size) // T* polymorphic_allocator<T>::deallocate(T*, size_t size)
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DISABLE_DEPRECATION_WARNINGS // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DISABLE_DEPRECATION_WARNINGS
#include <experimental/memory_resource> #include <experimental/memory_resource>
#include <type_traits> #include <type_traits>
#include <cassert> #include <cassert>
#include "check_assertion.h" #include "check_assertion.h"
Show All 19 Lines

libcxx/test/libcxx/iterators/assert.advance.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <list> // <list>
// Call advance(non-bidi iterator, -1) // Call advance(non-bidi iterator, -1)
#include <iterator> #include <iterator>
Show All 18 Lines

libcxx/test/libcxx/iterators/assert.next.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <list> // <list>
// Call next(non-bidi iterator, -1) // Call next(non-bidi iterator, -1)
#include <iterator> #include <iterator>
Show All 12 Lines

libcxx/test/libcxx/iterators/assert.prev.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <list> // <list>
// Call prev(forward_iterator, -1) // Call prev(forward_iterator, -1)
#include <iterator> #include <iterator>
Show All 18 Lines

libcxx/test/libcxx/ranges/range.adaptors/range.drop.while/assert.begin.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <ranges> // <ranges>
// Call begin() on drop_while_view with empty predicate // Call begin() on drop_while_view with empty predicate
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: no-exceptions // UNSUPPORTED: no-exceptions
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <ranges> #include <ranges>
#include "check_assertion.h" #include "check_assertion.h"
struct Exception {}; struct Exception {};
struct ThrowOnCopyPred { struct ThrowOnCopyPred {
Show All 25 Lines

libcxx/test/libcxx/ranges/range.adaptors/range.lazy.split/range.lazy.split.inner/assert.equal.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <ranges> // <ranges>
// friend constexpr bool operator==(const inner-iterator& x, default_sentinel_t); // friend constexpr bool operator==(const inner-iterator& x, default_sentinel_t);
// //
// Can't compare a default-constructed `inner-iterator` with the default sentinel. // Can't compare a default-constructed `inner-iterator` with the default sentinel.
Show All 18 Lines

libcxx/test/libcxx/ranges/range.adaptors/range.lazy.split/range.lazy.split.outer/assert.equal.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <ranges> // <ranges>
// friend constexpr bool operator==(const inner-iterator& x, default_sentinel_t); // friend constexpr bool operator==(const inner-iterator& x, default_sentinel_t);
// //
// Can't compare a default-constructed `inner-iterator` with the default sentinel. // Can't compare a default-constructed `inner-iterator` with the default sentinel.
Show All 18 Lines

libcxx/test/libcxx/ranges/range.factories/range.repeat.view/ctor.piecewise.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// template<class... TArgs, class... BoundArgs> // template<class... TArgs, class... BoundArgs>
// requires constructible_from<T, TArgs...> && // requires constructible_from<T, TArgs...> &&
// constructible_from<Bound, BoundArgs...> // constructible_from<Bound, BoundArgs...>
// constexpr explicit repeat_view(piecewise_construct_t, // constexpr explicit repeat_view(piecewise_construct_t,
// tuple<TArgs...> value_args, tuple<BoundArgs...> bound_args = tuple<>{}); // tuple<TArgs...> value_args, tuple<BoundArgs...> bound_args = tuple<>{});
Show All 14 Lines

libcxx/test/libcxx/ranges/range.factories/range.repeat.view/ctor.value.bound.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// constexpr explicit repeat_view(W&& value, Bound bound = Bound()); // constexpr explicit repeat_view(W&& value, Bound bound = Bound());
// constexpr explicit repeat_view(const W& value, Bound bound = Bound()); // constexpr explicit repeat_view(const W& value, Bound bound = Bound());
#include <ranges> #include <ranges>
Show All 11 Lines

libcxx/test/libcxx/strings/string.view/assert.ctor.length.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11 // UNSUPPORTED: c++03, c++11
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// Construct a string_view from an invalid length // Construct a string_view from an invalid length
// constexpr basic_string_view( const _CharT* s, size_type len ) // constexpr basic_string_view( const _CharT* s, size_type len )
#include <string_view> #include <string_view>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
char c = 0; char c = 0;
TEST_LIBCPP_ASSERT_FAILURE( TEST_LIBCPP_ASSERT_FAILURE(
std::string_view(&c, -1), "string_view::string_view(_CharT *, size_t): length does not fit in difference_type"); std::string_view(&c, -1), "string_view::string_view(_CharT *, size_t): length does not fit in difference_type");
return 0; return 0;
} }

libcxx/test/libcxx/strings/string.view/assert.ctor.pointer.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14 // UNSUPPORTED: c++03, c++11, c++14
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// Construct a string_view from a null pointer // Construct a string_view from a null pointer
// constexpr basic_string_view( const CharT* s ); // constexpr basic_string_view( const CharT* s );
#include <string_view> #include <string_view>
#include "check_assertion.h" #include "check_assertion.h"
Show All 22 Lines

libcxx/test/libcxx/thread/futures/futures.promise/assert.set_exception.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, no-threads // UNSUPPORTED: c++03, no-threads
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <future> // <future>
// class promise<R> // class promise<R>
// void set_exception(exception_ptr p); // void set_exception(exception_ptr p);
// Test that a null exception_ptr is diagnosed. // Test that a null exception_ptr is diagnosed.
Show All 21 Lines

libcxx/test/libcxx/thread/futures/futures.promise/assert.set_exception_at_thread_exit.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, no-threads // UNSUPPORTED: c++03, no-threads
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <future> // <future>
// class promise<R> // class promise<R>
// void set_exception_on_thread_exit(exception_ptr p); // void set_exception_on_thread_exit(exception_ptr p);
// Test that a null exception_ptr is diagnosed. // Test that a null exception_ptr is diagnosed.
Show All 21 Lines

libcxx/test/libcxx/thread/thread.barrier/assert.arrive.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: no-threads // UNSUPPORTED: no-threads
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// <barrier> // <barrier>
// class barrier; // class barrier;
Show All 22 Lines

libcxx/test/libcxx/thread/thread.barrier/assert.ctor.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: no-threads // UNSUPPORTED: no-threads
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// <barrier> // <barrier>
// class barrier; // class barrier;
Show All 30 Lines

libcxx/test/libcxx/thread/thread.latch/assert.arrive_and_wait.pass.cpp

Show All 11 Lines
// class latch; // class latch;
// void arrive_and_wait(ptrdiff_t __update = 1); // void arrive_and_wait(ptrdiff_t __update = 1);
// Make sure that calling arrive_and_wait with a negative value triggers an assertion. // Make sure that calling arrive_and_wait with a negative value triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <latch> #include <latch>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char **) { int main(int, char **) {
{ {
Show All 9 Lines

libcxx/test/libcxx/thread/thread.latch/assert.count_down.pass.cpp

Show All 12 Lines
// class latch; // class latch;
// void count_down(ptrdiff_t __update = 1); // void count_down(ptrdiff_t __update = 1);
// Make sure that calling count_down with a negative value or a value // Make sure that calling count_down with a negative value or a value
// higher than the internal counter triggers an assertion. // higher than the internal counter triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <latch> #include <latch>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char **) { int main(int, char **) {
{ {
Show All 16 Lines

libcxx/test/libcxx/thread/thread.latch/assert.ctor.pass.cpp

Show All 11 Lines
// class latch; // class latch;
// constexpr explicit latch(ptrdiff_t __expected); // constexpr explicit latch(ptrdiff_t __expected);
// Make sure that calling latch with a negative value triggers an assertion // Make sure that calling latch with a negative value triggers an assertion
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
#include <latch> #include <latch>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char **) { int main(int, char **) {
{ {
Show All 10 Lines

libcxx/test/libcxx/thread/thread.semaphore/assert.ctor.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: no-threads // UNSUPPORTED: no-threads
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// <semaphore> // <semaphore>
// constexpr explicit counting_semaphore(ptrdiff_t __count); // constexpr explicit counting_semaphore(ptrdiff_t __count);
Show All 19 Lines

libcxx/test/libcxx/thread/thread.semaphore/assert.release.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: no-threads // UNSUPPORTED: no-threads
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// <semaphore> // <semaphore>
// void release(ptrdiff_t __update = 1); // void release(ptrdiff_t __update = 1);
Show All 23 Lines

libcxx/test/libcxx/utilities/assert.exception_guard.no_exceptions.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -fno-exceptions // ADDITIONAL_COMPILE_FLAGS: -fno-exceptions
#include <__utility/exception_guard.h> #include <__utility/exception_guard.h>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
TEST_LIBCPP_ASSERT_FAILURE( TEST_LIBCPP_ASSERT_FAILURE(
std::__make_exception_guard([] {}), "__exception_guard not completed with exceptions disabled"); std::__make_exception_guard([] {}), "__exception_guard not completed with exceptions disabled");
} }

libcxx/test/std/algorithms/alg.sorting/alg.heap.operations/pop.heap/assert.pop_heap.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <algorithm> // <algorithm>
// Calling `pop_heap` on an empty range is invalid. // Calling `pop_heap` on an empty range is invalid.
#include <algorithm> #include <algorithm>
Show All 10 Lines

libcxx/test/std/algorithms/alg.sorting/alg.heap.operations/pop.heap/assert.ranges_pop_heap.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <algorithm> // <algorithm>
// Calling `ranges::pop_heap` on an empty range is invalid. // Calling `ranges::pop_heap` on an empty range is invalid.
#include <algorithm> #include <algorithm>
Show All 11 Lines

libcxx/test/std/algorithms/alg.sorting/alg.clamp/assert.ranges_clamp.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// <algorithm> // <algorithm>
// In a call to `ranges::clamp(val, low, high)`, `low` must be `<= high`. // In a call to `ranges::clamp(val, low, high)`, `low` must be `<= high`.
#include <algorithm> #include <algorithm>
#include <functional> #include <functional>
Show All 15 Lines

libcxx/test/std/utilities/utility/utility.unreachable/assert.unreachable.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20 // UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// UNSUPPORTED: !libcpp-hardening-mode=debug // REQUIRES: libcpp-hardening-mode={{safe|debug}}
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// Make sure that reaching std::unreachable() with assertions enabled triggers an assertion. // Make sure that reaching std::unreachable() with assertions enabled triggers an assertion.
#include <utility> #include <utility>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
TEST_LIBCPP_ASSERT_FAILURE(std::unreachable(), "std::unreachable() was reached"); TEST_LIBCPP_ASSERT_FAILURE(std::unreachable(), "std::unreachable() was reached");
return 0; return 0;
} }

libcxx/utils/ci/buildkite-pipeline.yml

Show First 20 LinesShow All 493 Lines▼ Show 20 Lines agents:
queue: "libcxx-builders" queue: "libcxx-builders"
os: "linux" os: "linux"
retry: retry:
automatic: automatic:
- exit_status: -1 # Agent was lost - exit_status: -1 # Agent was lost
limit: 2 limit: 2
timeout_in_minutes: 120 timeout_in_minutes: 120
- label: "Safe mode"
command: "libcxx/utils/ci/run-buildbot generic-safe-mode"
artifact_paths:
- "**/test-results.xml"
- "**/*.abilist"
env:
CC: "clang-${LLVM_HEAD_VERSION}"
CXX: "clang++-${LLVM_HEAD_VERSION}"
MordanteUnsubmitted
Done
ReplyInline Actions
env:
CC: "clang-${LLVM_HEAD_VERSION}"
CXX: "clang++-${LLVM_HEAD_VERSION}"
+ # Note: Modules require and absolute path for clang-scan-deps
+ # https://github.com/llvm/llvm-project/issues/61006
+ CC: "/usr/lib/llvm-${LLVM_HEAD_VERSION}/bin/clang"
+ CXX: "/usr/lib/llvm-${LLVM_HEAD_VERSION}/bin/clang++"
+ CMAKE: "/opt/bin/cmake"
ENABLE_CLANG_TIDY: "On"
Mordante:
ENABLE_CLANG_TIDY: "On"
agents:
queue: "libcxx-builders"
os: "linux"
retry:
automatic:
- exit_status: -1 # Agent was lost
limit: 2
timeout_in_minutes: 120
- label: "Debug mode" - label: "Debug mode"
command: "libcxx/utils/ci/run-buildbot generic-debug-mode" command: "libcxx/utils/ci/run-buildbot generic-debug-mode"
artifact_paths: artifact_paths:
- "**/test-results.xml" - "**/test-results.xml"
- "**/*.abilist" - "**/*.abilist"
env: env:
CC: "clang-${LLVM_HEAD_VERSION}" CC: "clang-${LLVM_HEAD_VERSION}"
CXX: "clang++-${LLVM_HEAD_VERSION}" CXX: "clang++-${LLVM_HEAD_VERSION}"
▲ Show 20 LinesShow All 644 LinesShow Last 20 Lines

libcxx/utils/ci/run-buildbot

Show First 20 LinesShow All 394 Lines▼ Show 20 Linesgeneric-merged)
check-runtimes check-runtimes
;; ;;
generic-hardened-mode) generic-hardened-mode)
clean clean
generate-cmake -C "${MONOREPO_ROOT}/libcxx/cmake/caches/Generic-hardened-mode.cmake" generate-cmake -C "${MONOREPO_ROOT}/libcxx/cmake/caches/Generic-hardened-mode.cmake"
check-runtimes check-runtimes
check-abi-list check-abi-list
;; ;;
generic-safe-mode)
clean
generate-cmake -C "${MONOREPO_ROOT}/libcxx/cmake/caches/Generic-safe-mode.cmake"
check-runtimes
check-abi-list
;;
generic-debug-mode) generic-debug-mode)
clean clean
generate-cmake -C "${MONOREPO_ROOT}/libcxx/cmake/caches/Generic-debug-mode.cmake" generate-cmake -C "${MONOREPO_ROOT}/libcxx/cmake/caches/Generic-debug-mode.cmake"
check-runtimes check-runtimes
check-abi-list check-abi-list
;; ;;
generic-with_llvm_unwinder) generic-with_llvm_unwinder)
clean clean
▲ Show 20 LinesShow All 311 LinesShow Last 20 Lines

libcxx/utils/libcxx/test/params.py

Show First 20 LinesShow All 287 Lines▼ Show 20 Lines Parameter(
choices=[True, False], choices=[True, False],
type=bool, type=bool,
default=True, default=True,
help="Whether to enable tests that take longer to run. This can be useful when running on a very slow device.", help="Whether to enable tests that take longer to run. This can be useful when running on a very slow device.",
actions=lambda enabled: [] if not enabled else [AddFeature("long_tests")], actions=lambda enabled: [] if not enabled else [AddFeature("long_tests")],
), ),
Parameter( Parameter(
name="hardening_mode", name="hardening_mode",
choices=["unchecked", "hardened", "debug"], choices=["unchecked", "hardened", "safe", "debug"],
type=str, type=str,
default="unchecked", default="unchecked",
help="Whether to enable the hardened mode or the debug mode when compiling the test suite. This is only " help="Whether to enable one of the hardening modes when compiling the test suite. This is only "
"meaningful when running the tests against libc++.", "meaningful when running the tests against libc++.",
actions=lambda hardening_mode: filter( actions=lambda hardening_mode: filter(
None, None,
[ [
AddCompileFlag("-D_LIBCPP_ENABLE_HARDENED_MODE=1") if hardening_mode == "hardened" else None, AddCompileFlag("-D_LIBCPP_ENABLE_HARDENED_MODE=1") if hardening_mode == "hardened" else None,
AddCompileFlag("-D_LIBCPP_ENABLE_SAFE_MODE=1") if hardening_mode == "safe" else None,
AddCompileFlag("-D_LIBCPP_ENABLE_DEBUG_MODE=1") if hardening_mode == "debug" else None, AddCompileFlag("-D_LIBCPP_ENABLE_DEBUG_MODE=1") if hardening_mode == "debug" else None,
MordanteUnsubmitted
Done
ReplyInline Actions

I start to feel slightly uncomfortable with these names. To me they are not very descriptive and they are now 4 options. I don't directly have better suggestions, but I think we should spend a bit of time on this.

For example, which is more expensive "safe" or "hardened"?

Mordante: I start to feel slightly uncomfortable with these names. To me they are not very descriptive…
ldionneUnsubmitted
Done
ReplyInline Actions

I agree, this is definitely not perfect. This is user facing too, so we need to find something good.

We thought that safe was good given that it is the name we used for this mode historically (in LLVM 15 and LLVM 16). We also thought that it was "reasonably" clear that it was more expensive than hardened, but maybe it isn't. I'll CC you on the comment above that discusses naming.

ldionne: I agree, this is definitely not perfect. This is user facing too, so we need to find something…
MordanteUnsubmitted
Done
ReplyInline Actions

Thanks. As said I don't have a better suggestion either.

Mordante: Thanks. As said I don't have a better suggestion either.
MordanteUnsubmitted
Done
ReplyInline Actions

I agree, this is definitely not perfect. This is user facing too, so we need to find something good.

We thought that safe was good given that it is the name we used for this mode historically (in LLVM 15 and LLVM 16). We also thought that it was "reasonably" clear that it was more expensive than hardened, but maybe it isn't. I'll CC you on the comment above that discusses naming.

Based on this information and Discord I think we should go with safe. I still think it's not great, but it's consistent with what we did in the past.

Mordante: > I agree, this is definitely not perfect. This is user facing too, so we need to find…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

(I'm marking these comments as "Done" just so that we can keep this conversation in one thread)

var-const: (I'm marking these comments as "Done" just so that we can keep this conversation in one thread)
AddFeature("libcpp-hardening-mode={}".format(hardening_mode)), AddFeature("libcpp-hardening-mode={}".format(hardening_mode)),
], ],
), ),
), ),
Parameter( Parameter(
name="additional_features", name="additional_features",
type=list, type=list,
default=[], default=[],
Show All 20 Lines