We currently use, via config files, -D_LIBCPP_ENABLE_ASSERTIONS for < LLVM 18 and we use -D_LIBCPP_ENABLE_HARDENED_MODE for >= LLVM 18 for Gentoo Hardened.
The proposal here sounds great - even though we’re free to control the level on a distribution level, breaking ABI isn’t really within our gift and not something we’re interested in, so seeing work on trying to do as-best-as-possible within ABI constraints is promising.
In particular, the range here would let us consider enabling some checks unconditionally (in vanilla Gentoo) while reserving some which may impact performance just for Gentoo Hardened.
Supporting -fhardened is also rather welcome.
So, all in all, this sounds great and I’m looking forward to seeing it happening.
Aside: The last-minute change there for LLVM 17 wasn’t great, especially given it wasn’t tested in an RC (see ⚙ D159171 [libc++][hardening] Remove hardening from release notes, undeprecate safe mode), but it is what it is. But it’d be very much appreciated if something like that could be avoided in future. The relevant vendors group wasn’t even CC’d to the patch 