I think it's a reasonable change to remove the flag as it has most
likely not seen much use (if any) yet. I'm not sure what it does, but I
assume it's something to improve exploit protection the source code. But
if it doesn't work, we can't use it.
We could also consider disabling the flag for the specific file where we
have the problem, if we think it's useful to keep the flag.
/Erik
On 2014-11-21 15:57, Erik Helin wrote:
Hi all,
this patch removes the usage of the flag -fsanitize=undefined introduced
in GCC 4.9. The reason for not using this flag is that the implementation
in GCC still seem to have some bugs [0] (which I have encountered). The
flag is currently only enabled for slowdebug builds.
My suggestion is that we remove the flag for now, since the only supported
GCC version is 4.8.2 [1]. Then we can revisit this decisision when we upgrade
the supported compiler to GCC 4.9.x, since hopefully the bugs in GCC have
been fixed by then.
What do you think?
Webrev:
http://cr.openjdk.java.net/~ehelin/8065648/webrev.00/
Bug:
https://bugs.openjdk.java.net/browse/JDK-8065648
Testing:
- Verified that generated-configure.sh no longer tries to enable the flag.
Thanks,
Erik
[0]: https://bugzilla.redhat.com/show_bug.cgi?id=1166173
[1]: http://mail.openjdk.java.net/pipermail/jdk9-dev/2014-October/001489.html