non backport change: fix identify_executable argument in security-check.py
The argument name was wrong, and shown as unused by my IDE.
It happenend to work by accident because in the loop where `identify` executable is called there is a local variable `filename` which happened to be the expected thing.
----
> test: use subprocess.run() in test-security-check.py
https://github.com/bitcoin/bitcoin/pull/18434/commits/9fe71a57a6780569e618cf9a8d4f1acf6321017f
----
> build: build Boost with -fcf-protection when targeting Darwin
>
> The LLVM Clang we use for cross-compilation supports this option, and it's expected
> that any builders on macOS will also be using an Apple Clang that supports it.
> scripts: test for MACHO control flow instrumentation
core#21889
----
> build: don't use cf-protection when targeting arm-apple-darwin
>
> After two reports on IRC of issues building depends on an Apple M1
> machine, it turns out that this option can't be used when targeting
> arm-apple-darwin. For now, just use it for x86_64-apple-darwin.
>
> ```bash
> Apple clang version 12.0.5 (clang-1205.0.22.9)
> Target: x86_64-apple-darwin20.4.0
>
> error: option 'cf-protection=return' cannot be specified on this target
> error: option 'cf-protection=branch' cannot be specified on this target
> 2 errors generated.
> ```
core#22070
----
> scripts: prevent GCC optimising test symbols in test-symbol-check
>
> I noticed in core#22381 that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of pow (used here). Our CIs use Focal (glibc 2.31) and the version of pow was the optimized version introduced in glibc 2.29:
>
> * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf.
>
> This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC?
>
> Turns out GCC is optimizing away that call to pow at all optimization levels,
core#22645
----
> build: Use and test PE binutils with --reloc-section
>
> Also fix test-security-check.py to account for new PE PIE failure
> indication.
https://github.com/bitcoin/bitcoin/pull/22381/commits/a8127b34bce3597b8091e14057c926197966a234
This fixes TestSecurityChecks.test_PE, I can now make it work on my machine.
`contrib/devtools/test-security-check.py TestSecurityChecks.test_PE`