> It also probably finds more architecture-specific issues and may need > compatibility fixes for them. I could mark it as compatible with only > arm64 and x86(_64) since they're what I've tested to build and work at > runtime and the compile-time errors could be turned into warnings for > now, if it's mandatory that FORTIFY_SOURCE=y doesn't find problems at > compile-time anywhere. If it's a warning, it will still catch the > issue > at runtime like the rest where the size isn't a constant.
I'm already leaving out intra-object overflow checks and the alloc_size attributes in this initial submission to make it easier to land so scaling it back a bit more (errors -> warnings, gating on archs) isn't a problem if it's needed to get started.
