[Bug 2088289] [NEW] GCC14 -fhardened clashes with default flags

Paul Fee 2088289 at bugs.launchpad.net
Fri Nov 15 17:06:07 UTC 2024 

Public bug reported:

GCC 14 introduces the -fhardened flag as an umbrella for enabling a
collection of security hardening flags.  Ubuntu already enriches the
compiler flags with -D_FORTIFY_SOURCE=3 without the user interaction.
However when GCC sees both -fhardened and -D_FORTIFY_SOURCE specified it
produces a warning.

$ cc -fhardened -O2 hello.c
cc1: warning: ‘_FORTIFY_SOURCE’ is not enabled by ‘-fhardened’ because it was specified in ‘-D’ or ‘-U’ [-Whardened]

This warning noise may discourage adoption of -fhardened.

The -fhardened option includes -D_FORTIFY_SOURCE=3.  Should GCC be
patched to avoid warning when this option is effectively specified twice
with the same value?  The warning isn't helpful.

The issue occurs on Ubuntu 24.04 and 24.10.  Other distros (e.g.
openSUSE Tumbleweed) don't have the issue as they haven't enriched the
flags (for the users convenience/security) to include -D_FORTIFY_SOURCE.

Distro: Ubuntu 24.04.1 LTS and Ubuntu 24.10
Package: gcc-14 14.2.0-4ubuntu2~24.04 and gcc-14 14.2.0-4ubuntu2

** Affects: gcc-14 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gcc-14 in Ubuntu.
https://bugs.launchpad.net/bugs/2088289

Title:
  GCC14 -fhardened clashes with default flags

Status in gcc-14 package in Ubuntu:
  New

Bug description:
  GCC 14 introduces the -fhardened flag as an umbrella for enabling a
  collection of security hardening flags.  Ubuntu already enriches the
  compiler flags with -D_FORTIFY_SOURCE=3 without the user interaction.
  However when GCC sees both -fhardened and -D_FORTIFY_SOURCE specified
  it produces a warning.

  $ cc -fhardened -O2 hello.c
  cc1: warning: ‘_FORTIFY_SOURCE’ is not enabled by ‘-fhardened’ because it was specified in ‘-D’ or ‘-U’ [-Whardened]

  This warning noise may discourage adoption of -fhardened.

  The -fhardened option includes -D_FORTIFY_SOURCE=3.  Should GCC be
  patched to avoid warning when this option is effectively specified
  twice with the same value?  The warning isn't helpful.

  The issue occurs on Ubuntu 24.04 and 24.10.  Other distros (e.g.
  openSUSE Tumbleweed) don't have the issue as they haven't enriched the
  flags (for the users convenience/security) to include
  -D_FORTIFY_SOURCE.

  Distro: Ubuntu 24.04.1 LTS and Ubuntu 24.10
  Package: gcc-14 14.2.0-4ubuntu2~24.04 and gcc-14 14.2.0-4ubuntu2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcc-14/+bug/2088289/+subscriptions

More information about the foundations-bugs mailing list