[libcxx-commits] [llvm] [libcxx] [libc++][hardening] Rework macros for enabling the hardening mode. (PR #70575)

Louis Dionne via libcxx-commits libcxx-commits at lists.llvm.org
Tue Oct 31 13:51:03 PDT 2023 

================
@@ -58,16 +58,23 @@ Improvements and New Features
 - The library now provides a hardened mode under which common cases of library undefined behavior will be turned into
   a reliable program termination. Vendors can configure whether the hardened mode is enabled by default with the
   ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Users can control whether the hardened mode is
-  enabled on a per translation unit basis using the ``-D_LIBCPP_ENABLE_HARDENED_MODE=1`` macro. See
+  enabled on a per translation unit basis using the ``_LIBCPP_HARDENING_MODE`` macro. See
   :ref:`the hardening documentation <using-hardening-modes>` for more details.
 
-- The library now provides a debug mode which is a superset of the safe mode, additionally enabling more expensive
+- The library now provides a debug-lite mode which is a superset of the hardened mode, additionally enabling checks that
+  catch common logic errors that aren't necessarily security-critical. This mode is largely a replacement for the safe
+  release. Unlike the legacy debug mode, this doesn't affect the ABI and doesn't require locking. Vendors can configure
+  whether the debug-lite mode is enabled by default with the ``LIBCXX_HARDENING_MODE`` variable at CMake configuration
+  time. ``LIBCXX_HARDENING_MODE`` variable at CMake configuration time. Users can control whether the hardened mode is
+  enabled on a per translation unit basis using the ``_LIBCPP_HARDENING_MODE`` macro. See
+  :ref:`the hardening documentation <using-hardening-modes>` for more details.
----------------
ldionne wrote:

```suggestion
- The library now provides a debug-lite mode which is a superset of the hardened mode, additionally enabling checks that
  catch common logic errors that aren't necessarily security-critical. This mode is largely a replacement for the safe
  mode. Vendors can configure
  whether the debug-lite mode is enabled by default with the ``LIBCXX_HARDENING_MODE`` variable at CMake configuration
  time. Users can control whether the hardened mode is
  enabled on a per translation unit basis using the ``_LIBCPP_HARDENING_MODE`` macro. See
  :ref:`the hardening documentation <using-hardening-modes>` for more details.
```

https://github.com/llvm/llvm-project/pull/70575

More information about the libcxx-commits mailing list