Update build tools on CI
Change-Id: Ib92b2ae60b12cf6b854ebce8273c3b10272e61bd
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65028
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/util/bot/DEPS b/util/bot/DEPS
index b645ca3..9f004bc 100644
--- a/util/bot/DEPS
+++ b/util/bot/DEPS
@@ -26,9 +26,9 @@
# cipd describe PACKAGE_NAME -version latest
# infra/3pp/tools/cmake/linux-amd64
- 'cmake_version': 'version:2@3.27.7.chromium.8',
+ 'cmake_version': 'version:2@3.28.1.chromium.8',
# infra/3pp/tools/go/linux-amd64
- 'go_version': 'version:2@1.21.2',
+ 'go_version': 'version:2@1.21.5',
# infra/3pp/tools/perl/windows-amd64
'perl_version': 'version:2@5.32.1.1',
@@ -36,8 +36,8 @@
# https://chromium.googlesource.com/chromium/src/+/main/DEPS
'android_sdk_platform-tools_version': 'HWVsGs2HCKgSVv41FsOcsfJbNcB0UFiNrF6Tc4yRArYC',
'libfuzzer_revision': '758bd21f103a501b362b1ca46fa8fcb692eaa303',
- 'libcxx_revision': '8fc17971d629c19a17b006d0c4fc41e721cc2f7f',
- 'libcxxabi_revision': 'db9800c042df3ee2691031a58b5e37e89a7356a3',
+ 'libcxx_revision': 'd0429f0628dd5c2c83a197012b2153b979aff674',
+ 'libcxxabi_revision': '8806fb8bb26e20206241ea2dfcee4fd2d4157b83',
'ninja_version': 'version:2@1.11.1.chromium.6',
# The Android NDK cannot be updated on CI for two reasons:
diff --git a/util/bot/libcxx-config/__config_site b/util/bot/libcxx-config/__config_site
index eb16b9d..9684162 100644
--- a/util/bot/libcxx-config/__config_site
+++ b/util/bot/libcxx-config/__config_site
@@ -9,4 +9,13 @@
#define _LIBCPP_PSTL_CPU_BACKEND_THREAD
#endif
+// We only use our custom libc++ for testing, so enable all checks.
+#define _LIBCPP_HARDENING_MODE _LIBCPP_HARDENING_MODE_DEBUG
+
+// libc++ headers disable std::string ASan annotations if this is not defined.
+// This is to avoid false positives when libc++'s runtime components are
+// uninstrumented. When building our custom libc++, libc++ will be as
+// instrumented as the caller, so we can safely enable this.
+#define _LIBCPP_INSTRUMENTED_WITH_ASAN
+
#endif // BORINGSSL_LIBCXX_CONFIG_SITE_
diff --git a/util/bot/update_clang.py b/util/bot/update_clang.py
index 96066f0..b47c008 100644
--- a/util/bot/update_clang.py
+++ b/util/bot/update_clang.py
@@ -29,8 +29,8 @@
# CLANG_REVISION and CLANG_SUB_REVISION determine the build of clang
# to use. These should be synced with tools/clang/scripts/update.py in
# Chromium.
-CLANG_REVISION = 'llvmorg-18-init-7785-geef35c28'
-CLANG_SUB_REVISION = 1
+CLANG_REVISION = 'llvmorg-18-init-14420-gea3a3b25'
+CLANG_SUB_REVISION = 3
PACKAGE_VERSION = '%s-%s' % (CLANG_REVISION, CLANG_SUB_REVISION)
