[Bug 279443] LIBCPP assertions are enabled in optimized builds when -DNDEBUG is given to clang

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 01 Jun 2024 01:39:44 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279443

--- Comment #5 from Mark Millard <marklmi26-fbsd@yahoo.com> ---
(In reply to Yuri Victorovich from comment #4)

FYI: for NDEBUG vs. _LIBCPP_HARDENING_MODE

# grep -r "NDEBUG" /usr/include/c++/v1/ | more
/usr/include/c++/v1/module.modulemap:  // <cassert>'s use of NDEBUG requires
textual inclusion.

Nothing in the standards say that the C++ standard library has to ever use
assert
from <cassert> . NDEBUG is only defined relative to <cassert> and its assert
use,
not for any other context. _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS does not trace
back
to a use of assert in the libc++ code.

# grep -r "cassert" /usr/include/c++/v1/ | more
/usr/include/c++/v1/cassert:    cassert synopsis
/usr/include/c++/v1/__std_clang_module:#include <cassert>
/usr/include/c++/v1/module.modulemap:module std_cassert [system] {
/usr/include/c++/v1/module.modulemap:  // <cassert>'s use of NDEBUG requires
textual inclusion.
/usr/include/c++/v1/module.modulemap:  textual header "cassert"

libc++ does not use <cassert> or its assert(. . .), which is completely
standard compliant.

There is a separate libc++ specific mechanism that does not involve assert or
NDEBUG : alternate values for _LIBCPP_HARDENING_MODE

/usr/include/c++/v1/__config indicates:

// The library provides the macro `_LIBCPP_HARDENING_MODE` which can be set to
one of the following values:
//
// - `_LIBCPP_HARDENING_MODE_NONE`;
// - `_LIBCPP_HARDENING_MODE_FAST`;
// - `_LIBCPP_HARDENING_MODE_EXTENSIVE`;
// - `_LIBCPP_HARDENING_MODE_DEBUG`.
//
// These values have the following effects:
//
// - `_LIBCPP_HARDENING_MODE_NONE` -- sets the hardening mode to "none" which
disables all runtime hardening checks;
// 
// - `_LIBCPP_HARDENING_MODE_FAST` -- sets that hardening mode to "fast". The
fast mode enables security-critical checks
//   that can be done with relatively little runtime overhead in constant time;
//
// - `_LIBCPP_HARDENING_MODE_EXTENSIVE` -- sets the hardening mode to
"extensive". The extensive mode is a superset of
//   the fast mode that additionally enables checks that are relatively cheap
and prevent common types of logic errors
//   but are not necessarily security-critical;
//
// - `_LIBCPP_HARDENING_MODE_DEBUG` -- sets the hardening mode to "debug". The
debug mode is a superset of the extensive
//   mode and enables all checks available in the library, including internal
assertions. Checks that are part of the
//   debug mode can be very expensive and thus the debug mode is intended to be
used for testing, not in production.

-- 
You are receiving this mail because:
You are the assignee for the bug.