XP
Nah, it'll be Mach an Micro Kernels not compiled after version 4.1.2 of the GCC which was about the time 3.6.6 started getting a lot more C++ added to it before the production of VX in X86 along with transparent filing systems.
GCC 7 is being worked on and it now produces error correction with the correct parenthesis.
But even some of it's maintainers have complained about it's deep "dynamic linking" and how it hooks into different libraries at compile time, for example if you update your system with SSL just as an example, it will compile it "dynamically" for every application that use's it, which is a diabolical state of affairs if one of those applications or libraries ends up compromised.
Sandboxing will only do so much and thankfully there are alternatives, like as you say: XP
But I would much rather prefer Windows NT 5.1 with a custom shell like LiteSTEP and no Windows Explorer!