Hello, here is the new webrev with the "-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0"
Set for the lower level optimization flags : http://cr.openjdk.java.net/~mbaesken/webrevs/8130017.1/ I would suggest to leave the pre-gcc4.8 cleanup to a separate change. Best regards, Matthias > > Configure will protest if GCC version is less than 4.8 (see toolchain.m4 > *_MINIMUM_VERSION variables). > > That said, as long as we conditionally set the FDLIBM_CFLAGS like this, > I would say we need to continue honoring the result of that check. You > could also remove the check altogether since it seems to no longer be > needed. > > /Erik > > On 2019-05-09 07:14, Baesken, Matthias wrote: > > Hello, > > I tried setting > > > > "-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0" > > > > And this seems indeed to work , no warning any more . > > > > Let's hope gcc does not change the command line parsing . > > > > Btw. is there a gcc version that a) still compiles jdk/jdk and b) > > would > show the issue ? > > > > (with our internally used gcc's we are always > 4.6 in jdk/jdk ) > > > > Best regards, Matthias > > > > > >> -----Original Message----- > >> From: Erik Joelsson <erik.joels...@oracle.com> > >> Sent: Donnerstag, 9. Mai 2019 15:18 > >> To: Baesken, Matthias <matthias.baes...@sap.com>; David Holmes > >> <david.hol...@oracle.com>; 'build-dev@openjdk.java.net' <build- > >> d...@openjdk.java.net> > >> Subject: Re: RFR: 8130017: use _FORTIFY_SOURCE in gcc fastdebug builds - > >> was : RE: gcc FORTIFY_SOURCE application security flags > >> > >> Hello, > >> > >> I just tried this and you are correct. However, it does seem to work if > >> you instead use -U_FORTIFY_SOURCE. > >> > >> /Erik > >> > >> On 2019-05-09 05:36, Baesken, Matthias wrote: > >>> Hi Erik, while setting -O<x> and -O<y> (with x != y ) in one gcc/g++ > >> command line call works , > >>> setting together -D_FORTIFY_SOURCE=2 and - > D_FORTIFY_SOURCE=0 > >> in one command line call generates a warning , so I think we cannot do > that . > >>> > >>> Best regards, Matthias > >>>