[libcxx-commits] [libcxx] [libc++][hardening] Always enable all checks during constant evaluation (PR #107713)
Konstantin Varlamov via libcxx-commits
libcxx-commits at lists.llvm.org
Sat Oct 5 19:25:04 PDT 2024
var-const wrote:
At least in my mind, the primary benefit of hardening is preventing security vulnerabilities, and to a lesser extent logic bugs; I don't see it as a general-purpose bug-finding tool. I think it's useful to distinguish between library-level and language-level undefined behavior, but at the same time a lot, perhaps most, of library-level UB will actually manifest as language-level UB; thus, in a mode where (at least aspirationally) language-level UB cannot happen, the benefits of checking for library-level UB are significantly reduced. This approach also has a compile-time cost and no way to turn it off. I also think that conceptually, hardening and constant evaluation are completely orthogonal and shouldn't be tied together, especially in an implicit way. I would consider an optional opt-in switch that enables hardening in `constexpr` regardless of the runtime setting (honestly, I don't think it's very valuable but I don't have a strong objection to that if others find it useful), but I don't think we should enable this unconditionally or even by default.
https://github.com/llvm/llvm-project/pull/107713
More information about the libcxx-commits
mailing list