Merge bitcoin/bitcoin#34143: build: Prevent system header fallback and include path pollution

65134c7e5f99500baed18d575b576e33a6294ecf depends: Prefix include path for headers-only `systemtap` package (Hennadii Stepanov) 94a692b6aa09d2e5df97bbc9cc810854818f9333 cmake: Add missed `USDT::headers` (Hennadii Stepanov) b5375c44ed16ed6aae3d46ac6316b3981330f100 depends: Prefix include path for headers-only `boost` package (Hennadii Stepanov) d73378ffcca2de43a79c4903221e8164cf256469 cmake: Add missed `Boost::headers` (Hennadii Stepanov) Pull request description: Currently, header-only dependencies in the depends subsystem are installed into the standard `include/` subdirectory. This inadvertently exposes their headers to the compiler via `-I` flags brought in by other dependencies (e.g., `libevent` or `sqlite`). This "include path pollution" masks missing dependencies in the build configuration. While the build might succeed by accident due to this overlap, it creates a fragile state. If the overlapping library is removed, the build will break, or, worse, the compiler may silently fall back to the host system's default paths (e.g., `/usr/include`). This PR improves build system security and hygiene by enforcing strict, distinguished include paths for header-only dependencies. The missing dependencies revealed by this change (`Boost::headers`, `USDT::headers`) have been fixed in separate commits. ACKs for top commit: theuni: re-ACK 65134c7e5f99500baed18d575b576e33a6294ecf fanquake: ACK 65134c7e5f99500baed18d575b576e33a6294ecf Tree-SHA512: 41667b46c3bd2f872951a5651b30f7d1468f49f1265196b7868233ed44b2eb0e33f1f69a1af348b55f07a8d1f594e276eb49b724e80b8eae85aed1c9bacae197
2026-03-02 09:46:14 +00:00 · 2026-02-11 17:43:10 +00:00 · 2026-02-11 17:43:10 +00:00 · 55c49ff8f4
commit 55c49ff8f4
parent c134b1a4bc 65134c7e5f
5 changed files with 12 additions and 3 deletions
--- a/depends/packages/boost.mk
+++ b/depends/packages/boost.mk
@ -13,6 +13,8 @@ define $(package)_set_vars
  $(package)_config_opts += -DBOOST_INSTALL_LAYOUT=system
  $(package)_config_opts += -DBUILD_TESTING=OFF
  $(package)_config_opts += -DCMAKE_DISABLE_FIND_PACKAGE_ICU=ON
+  # Install to a unique path to prevent accidental inclusion via other dependencies' -I flags.
+  $(package)_config_opts += -DCMAKE_INSTALL_INCLUDEDIR=$(package)/include
 endef

 define $(package)_config_cmds
--- a/depends/packages/systemtap.mk
+++ b/depends/packages/systemtap.mk
@ -6,7 +6,11 @@ $(package)_sha256_hash=966a360fb73a4b65a8d0b51b389577b3c4f92a327e84aae58682103e8
 $(package)_patches=remove_SDT_ASM_SECTION_AUTOGROUP_SUPPORT_check.patch

 define $(package)_preprocess_cmds
-  patch -p1 < $($(package)_patch_dir)/remove_SDT_ASM_SECTION_AUTOGROUP_SUPPORT_check.patch && \
-  mkdir -p $($(package)_staging_prefix_dir)/include/sys && \
-  cp includes/sys/sdt.h $($(package)_staging_prefix_dir)/include/sys/sdt.h
+  patch -p1 < $($(package)_patch_dir)/remove_SDT_ASM_SECTION_AUTOGROUP_SUPPORT_check.patch
+endef
+
+# Install to a unique path to prevent accidental inclusion via other dependencies' -I flags.
+define $(package)_stage_cmds
+  mkdir -p $($(package)_staging_prefix_dir)/$(package)/include/sys && \
+  cp includes/sys/sdt.h $($(package)_staging_prefix_dir)/$(package)/include/sys/sdt.h
 endef
--- a/depends/toolchain.cmake.in
+++ b/depends/toolchain.cmake.in
@ -163,6 +163,7 @@ if("@usdt_packages@" MATCHES "^[ ]*$")
  set(WITH_USDT OFF CACHE BOOL "")
 else()
  set(WITH_USDT ON CACHE BOOL "")
+  set(USDT_INCLUDE_DIR "${CMAKE_CURRENT_LIST_DIR}/systemtap/include" CACHE PATH "")
 endif()

 set(ipc_packages @ipc_packages@)
--- a/src/ipc/CMakeLists.txt
+++ b/src/ipc/CMakeLists.txt
@ -20,6 +20,7 @@ target_link_libraries(bitcoin_ipc
  PRIVATE
    core_interface
    univalue
+    Boost::headers
 )

 if(BUILD_TESTS)
--- a/src/test/CMakeLists.txt
+++ b/src/test/CMakeLists.txt
@ -164,6 +164,7 @@ target_link_libraries(test_bitcoin
  secp256k1
  Boost::headers
  libevent::extra
+  $<TARGET_NAME_IF_EXISTS:USDT::headers>
 )

 if(ENABLE_WALLET)