ci: add libcpp hardening flags to macOS fuzz job #33462

pull fanquake wants to merge 1 commits into bitcoin:master from fanquake:macos_fuzz_hardening changing 1 files +1 −1
  1. fanquake commented at 2:38 pm on September 23, 2025: member
    Follows up to #33425 (comment).
  2. DrahtBot added the label Tests on Sep 23, 2025
  3. DrahtBot commented at 2:38 pm on September 23, 2025: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33462.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK maflcko

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    No conflicts as of last run.

  4. fanquake commented at 3:11 pm on September 23, 2025: member
    Ah, this probably isn’t doing anything, because we are using the oldest supported Apple Clang here. Will push something else.
  5. fanquake force-pushed on Sep 23, 2025
  6. in .github/workflows/ci.yml:149 in f76eb16cf6 
    145@@ -146,7 +146,7 @@ jobs:
146           # doc/release-notes-empty-template.md and providing at least the
147           # minimum clang version denoted in doc/dependencies.md.
148           # See: https://developer.apple.com/documentation/xcode-release-notes/xcode-15-release-notes
149-          sudo xcode-select --switch /Applications/Xcode_15.0.app
150+          #sudo xcode-select --switch /Applications/Xcode_15.0.app
    maflcko commented at 3:39 pm on September 23, 2025:

    hardening was added in xcode 16: https://developer.apple.com/documentation/xcode-release-notes/xcode-16-release-notes#C++-Standard-Library

     0diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
 1index 52d21ef3ab..a0902e2700 100644
 2--- a/.github/workflows/ci.yml
 3+++ b/.github/workflows/ci.yml
 4@@ -145,8 +145,8 @@ jobs:
 5           # Use the earliest Xcode supported by the version of macOS denoted in
 6           # doc/release-notes-empty-template.md and providing at least the
 7           # minimum clang version denoted in doc/dependencies.md.
 8-          # See: https://developer.apple.com/documentation/xcode-release-notes/xcode-15-release-notes
 9-          sudo xcode-select --switch /Applications/Xcode_15.0.app
10+          # See: https://developer.apple.com/documentation/xcode-release-notes/xcode-16-release-notes
11+          sudo xcode-select --switch /Applications/Xcode_16.0.app
12           clang --version
13 
14       - name: Install Homebrew packages
15diff --git a/doc/release-notes-empty-template.md b/doc/release-notes-empty-template.md
16index 0e8dc7704e..7f419cbf42 100644
17--- a/doc/release-notes-empty-template.md
18+++ b/doc/release-notes-empty-template.md
19@@ -36,7 +36,7 @@ Compatibility
20 ==============
21 
22 Bitcoin Core is supported and tested on operating systems using the
23-Linux Kernel 3.17+, macOS 13+, and Windows 10+. Bitcoin
24+Linux Kernel 3.17+, macOS 14+, and Windows 10+. Bitcoin
25 Core should also work on most other Unix-like systems but is not as
26 frequently tested on them. It is not recommended to use Bitcoin Core on
27 unsupported systems.

    and macos 13 is unsupported: https://en.wikipedia.org/wiki/MacOS_Ventura

    maflcko commented at 5:31 am on September 29, 2025:
    Done in https://github.com/bitcoin/bitcoin/pull/33489
    fanquake commented at 6:34 pm on September 29, 2025:
    Rebased on #33489.
  7. fanquake commented at 6:03 pm on September 23, 2025: member

    Looks like this does pass with the correct Clang (https://github.com/bitcoin/bitcoin/actions/runs/17950891735/job/51049620756#step:3:16):

    0 Apple clang version 17.0.0 (clang-1700.0.13.5)
1Target: arm64-apple-darwin24.6.0
2Thread model: posix
3InstalledDir: /Applications/Xcode_16.4.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin

    with some slowdown. i.e on master:

    0tx_pool_standard: succeeded against 919 files in 22s.
1utxo_total_supply: succeeded against 831 files in 98s.

    in this PR:

    0tx_pool_standard: succeeded against 919 files in 152s.
1 utxo_total_supply: succeeded against 831 files in 126s.
  8. fanquake force-pushed on Sep 29, 2025
  9. glozow referenced this in commit 919e6d01e9 on Oct 6, 2025
  10. ci: add libcpp hardening flags to macOS fuzz job 
    Follows up to
https://github.com/bitcoin/bitcoin/pull/33425#issuecomment-3323149107.
    e4c04f7759
  11. fanquake force-pushed on Oct 8, 2025
  12. fanquake commented at 9:43 am on October 8, 2025: member
    Rebased after #33489.
  13. maflcko commented at 9:53 am on October 8, 2025: member
    lgtm ACK e4c04f7759b0b390189410f5ef3ad5faa5354698. The qa-assets repo has a libc++ debug run, so this isn’t required, but it seems fast enough to not hurt.
  14. fanquake requested review from dergoegge on Oct 13, 2025
  15. fanquake merged this on Oct 15, 2025
  16. fanquake closed this on Oct 15, 2025
  17. fanquake deleted the branch on Oct 15, 2025


fanquake DrahtBot maflcko


dergoegge

Labels
Tests

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-10-19 12:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me