Chapter 6. Changes in toolchain since RHEL 7

The following sections list changes in toolchain since the release of the described components in Red Hat Enterprise Linux 7. See also Release notes for Red Hat Enterprise Linux 8.0.

6.1. Changes in GCC in RHEL 8

In Red Hat Enterprise Linux 8, the GCC toolchain is based on the GCC 8.2 release series. Notable changes since Red Hat Enterprise Linux 7 include:

  • Numerous general optimizations have been added, such as alias analysis, vectorizer improvements, identical code folding, inter-procedural analysis, store merging optimization pass, and others.
  • The Address Sanitizer has been improved.
  • The Leak Sanitizer for detection of memory leaks has been added.
  • The Undefined Behavior Sanitizer for detection of undefined behavior has been added.
  • Debug information can now be produced in the DWARF5 format. This capability is experimental.
  • The source code coverage analysis tool GCOV has been extended with various improvements.
  • Support for the OpenMP 4.5 specification has been added. Additionally, the offloading features of the OpenMP 4.0 specification are now supported by the C, C++, and Fortran compilers.
  • New warnings and improved diagnostics have been added for static detection of certain likely programming errors.
  • Source locations are now tracked as ranges rather than points, which allows much richer diagnostics. The compiler now offers “fix-it” hints, suggesting possible code modifications. A spell checker has been added to offer alternative names and ease detecting typos.

Security

GCC has been extended to provide tools to ensure additional hardening of the generated code.

For more details, see Section 6.2, “Security enhancements in GCC in RHEL 8”.

Architecture and processor support

Improvements to architecture and processor support include:

  • Multiple new architecture-specific options for the Intel AVX-512 architecture, a number of its microarchitectures, and Intel Software Guard Extensions (SGX) have been added.
  • Code generation can now target the 64-bit ARM architecture LSE extensions, ARMv8.2-A 16-bit Floating-Point Extensions (FPE), and ARMv8.2-A, ARMv8.3-A, and ARMv8.4-A architecture versions.
  • Handling of the -march=native option on the ARM and 64-bit ARM architectures has been fixed.
  • Support for the z13 and z14 processors of the IBM Z architecture has been added.

Languages and standards

Notable changes related to languages and standards include:

  • The default standard used when compiling code in the C language has changed to C17 with GNU extensions.
  • The default standard used when compiling code in the C++ language has changed to C++14 with GNU extensions.
  • The C++ runtime library now supports the C++11 and C++14 standards.
  • The C++ compiler now implements the C++14 standard with many new features such as variable templates, aggregates with non-static data member initializers, the extended constexpr specifier, sized deallocation functions, generic lambdas, variable-length arrays, digit separators, and others.
  • Support for the C language standard C11 has been improved: ISO C11 atomics, generic selections, and thread-local storage are now available.
  • The new __auto_type GNU C extension provides a subset of the functionality of C++11 auto keyword in the C language.
  • The _FloatN and _FloatNx type names specified by the ISO/IEC TS 18661-3:2015 standard are now recognized by the C front end.
  • The default standard used when compiling code in the C language has changed to C17 with GNU extensions. This has the same effect as using the --std=gnu17 option. Previously, the default was C89 with GNU extensions.
  • GCC can now experimentally compile code using the C++17 language standard, and certain features from the C++20 standard.
  • Passing an empty class as an argument now takes up no space on the Intel 64 and AMD64 architectures, as required by the platform ABI. Passing or returning a class with only deleted copy and move constructors now uses the same calling convention as a class with a non-trivial copy or move constructor.
  • The value returned by the C++11 alignof operator has been corrected to match the C _Alignof operator and return minimum alignment. To find the preferred alignment, use the GNU extension __alignof__.
  • The main version of the libgfortran library for Fortran language code has been changed to 5.
  • Support for the Ada (GNAT), GCC Go, and Objective C/C++ languages has been removed. Use the Go Toolset for Go code development.

6.2. Security enhancements in GCC in RHEL 8

This section decribes in detail the changes in GCC related to security and added since the release of Red Hat Enterprise Linux 7.0.

New warnings

These warning options have been added:

OptionDisplays warnings for

-Wstringop-truncation

Calls to bounded string manipulation functions such as strncat, strncpy, and stpncpy that might either truncate the copied string or leave the destination unchanged.

-Wclass-memaccess

Objects of non-trivial class types manipulated in potentially unsafe ways by raw memory functions such as memcpy, or realloc.

The warning helps detect calls that bypass user-defined constructors or copy-assignment operators, corrupt virtual table pointers, data members of const-qualified types or references, or member pointers. The warning also detects calls that would bypass access controls to data members.

-Wmisleading-indentation

Places where the indentation of the code gives a misleading idea of the block structure of the code to a human reader.

-Walloc-size-larger-than=size

Calls to memory allocation functions where the amount of memory to allocate exceeds size. Works also with functions where the allocation is specified by multiplying two parameters, and with any functions decorated with attribute alloc_size.

-Walloc-zero

Calls to memory allocation functions that attempt to allocate zero amount of memory. Works also with functions where the allocation is specified by multiplying two parameters, and with any functions decorated with attribute alloc_size.

-Walloca

All calls to the alloca function.

-Walloca-larger-than=size

Calls to the alloca function where the requested memory is more than size.

-Wvla-larger-than=size

Definitions of Variable Length Arrays (VLA) that can either exceed the specified size or whose bound is not known to be sufficiently constrained.

-Wformat-overflow=level

Both certain and likely buffer overflow in calls to the sprintf family of formatted output functions. For more details and explanation of the level value, see the gcc(1) manual page.

-Wformat-truncation=level

Both certain and likely output truncation in calls to the snprintf family of formatted output functions. For more details and explanation of the level value, see the gcc(1) manual page.

-Wstringop-overflow=type

Buffer overflow in calls to string handling functions such as memcpy and strcpy. For more details and explanation of the level value, see the gcc(1) manual page.

Warning improvements

These GCC warnings have been improved:

  • The -Warray-bounds option has been improved to detect more instances of out-of-bounds array indices and pointer offsets. For example, negative or excessive indices into flexible array members and string literals are detected.
  • The -Wrestrict option introduced in GCC 7 has been enhanced to detect many more instances of overlapping accesses to objects via restrict-qualified arguments to standard memory and string manipulation functions such as memcpy and strcpy.
  • The -Wnonnull option has been enhanced to detect a broader set of cases of passing null pointers to functions that expect a non-null argument (decorated with attribute nonnull).

New UndefinedBehaviorSanitizer

A new run-time sanitizer for detecting undefined behavior called UndefinedBehaviorSanitizer has been added. The following options are noteworthy:

OptionCheck

-fsanitize=float-divide-by-zero

Detect floating-point division by zero.

-fsanitize=float-cast-overflow

Check that the result of floating-point type to integer conversions do not overflow.

-fsanitize=bounds

Enable instrumentation of array bounds and detect out-of-bounds accesses.

-fsanitize=alignment

Enable alignment checking and detect various misaligned objects.

-fsanitize=object-size

Enable object size checking and detect various out-of-bounds accesses.

-fsanitize=vptr

Enable checking of C++ member function calls, member accesses and some conversions between pointers to base and derived classes. Additonally, detect when referenced objects do not have correct dynamic type.

-fsanitize=bounds-strict

Enable strict checking of array bounds. This enables -fsanitize=bounds as well as instrumentation of flexible array member-like arrays.

-fsanitize=signed-integer-overflow

Diagnose arithmetic overflows even on arithmetic operations with generic vectors.

-fsanitize=builtin

Diagnose at run time invalid arguments to __builtin_clz or __builtin_ctz prefixed builtins. Includes checks from -fsanitize=undefined.

-fsanitize=pointer-overflow

Perform cheap run time tests for pointer wrapping. Includes checks from -fsanitize=undefined.

New options for AddressSanitizer

These options have been added to AddressSanitizer:

OptionCheck

-fsanitize=pointer-compare

Warn about comparison of pointers that point to a different memory object.

-fsanitize=pointer-subtract

Warn about subtraction of pointers that point to a different memory object.

-fsanitize-address-use-after-scope

Sanitize variables whose address is taken and used after a scope where the variable is defined.

Other sanitizers and instrumentation

  • The option -fstack-clash-protection has been added to insert probes when stack space is allocated statically or dynamically to reliably detect stack overflows and thus mitigate the attack vector that relies on jumping over a stack guard page provided by the operating system.
  • A new option -fcf-protection=[full|branch|return|none] has been added to perform code instrumentation and increase program security by checking that target addresses of control-flow transfer instructions (such as indirect function call, function return, indirect jump) are valid.

Additional resources

  • For more details and explanation of the values supplied to some of the options above, see the gcc(1) manual page:

    $ man gcc

6.3. Compatibility-breaking changes in GCC in RHEL 8

C++ ABI change in std::string and std::list

The Application Binary Interface (ABI) of the std::string and std::list classes from the libstdc++ library changed between RHEL 7 (GCC 4.8) and RHEL 8 (GCC 8) to conform to the C++11 standard. The libstdc++ library supports both the old and new ABI, but some other C++ system libraries do not. As a consequence, applications that dynamically link against these libraries will need to be rebuilt. This affects all C++ standard modes, including C++98. It also affects applications built with Red Hat Developer Toolset compilers for RHEL 7, which kept the old ABI to maintain compatibility with the system libraries.

GCC no longer builds Ada, Go, and Objective C/C++ code

Capability for building code in the Ada (GNAT), GCC Go, and Objective C/C++ languages has been removed from the GCC compiler.

To build Go code, use the Go Toolset instead.