- `-fstack-protection-strong` enables stack canaries for functions where
addresses of local variables are taken or arrays/structures
containing arrays are allocated on the stack.
- `-fstrict-flex-arrays=2` causes the compiler to only treat arrays with
unknown bounds (`[]`) or zero-length-arrays (`[0]`) as *flexible array
members*, allowing the sanitizers to emit bounds checks for structs
with proper arrays as their last member.
More rigorous options (such as AArch64 pointer authentication, Control
Flow Integrity, _FORTIFY_SOURCE) should be investigated in the future,
however this is a good baseline.
If no header includes the prototype of a function, then it cannot be
used from outside the translation unit it was defined in. In that case,
it should be marked as `static`, in order to avoid possible ODR
problems, unnecessary exported symbols, and allow the compiler to better
optimize those.
If this warning triggers in a function defined in a header, `inline`
needs to be added, otherwise if the header is included in more than one
TU, it will fail to link with a duplicate definition error.
The reason this diff got so big is that Lagom-only code wasn't built
with this flag even in Serenity times.
These used to be enabled in `serenity_compile_options.cmake` for
Serenity builds and were removed in 9b05fb98. This is a slightly more
conservative subset of those, with ones that are enabled by default
omitted.
This should prevent our code quality regressing in the long run.
This patch removes the explicit compile flag that only works for g++
(`-fdiagnostics-color=always`; clang++ needs `-fcolor-diagnostics`) and
uses CMake's built in variable that can control color output.
Now both compilers should output colored diagnostics.
ASAN was crying way too much when running the LibJS JIT since the old
OFFSET_OF implementation was too wild for its liking.
By turning off the invalid-offsetof warnings, we can use the offsetof
builtin instead. However, I'm leaving this as a wrapper macro, since
we may still want to do something different for other compilers.
FP contraction is a standard-conforming behavior which allows the
compiler to calculate intermediate results of expressions containing
floating point numbers with a greater precision than the expression type
allows. And in theory, it enables additional optimizations, such as
replacing `a * b + c` with fma(a, b, c).
Unfortunately, it is extremely hard to predict when the contraction will
happen. For example, Clang 17 on x86_64 with the default options will
use FMA only for constant-folded non-constexpr expressions. So, in
practice, FP contraction leads to hard-to-find bugs and inconsistencies
between executables compiled with different toolchains or for different
OSes. And we had two instances of this happening last week.
Since we did not ever used -mfma on x86_64, this patch can only possibly
regress performance on Apple ARM devices, where FMA is enabled by
default. However, this regression will likely be negligible since the
difference would be one additional add instruction, which would be then
likely executed in parallel with something else.
This warning warns about variable-length arrays being a non-standard
extension to the C++ language. We still have a few instances of VLAs, so
let's disable the warning for now.
This does not interfere with `-Wvla`, which we use to completely forbid
this (potentially dangerous) feature in the Kernel and LibCrypto.
GCC 13 was released on 2023-04-26. This commit fixes Lagom build errors
when using an updated host toolchain:
- Adds a workaround for a bug in constraint handling, which made LibJS
fail to compile: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109683
- Silences the new `-Wdangling-reference` diagnostic globally. It
produces multiple false positives with no clear way to silence them
without `#pragmas`.
- Silences `-Wself-move` in `RefPtr` tests as GCC 13 adds this
previously Clang-exclusive warning.
For the most part no behavior change, except that we now pass
-Wno-implicit-const-int-float-conversion and -Wno-literal-suffix
only to clang and gcc each in both lagom and serenity builds,
while we previously passed them to both in lagom builds (and
passed them to one each in serenity builds). The former is
a clang flag, the latter a gcc flag, but since we also use
-Wno-unknown-warning-option it doesn't really matter.