https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112897
--- Comment #2 from Agostino Sarubbo <ago at gentoo dot org> --- I don't know if I was able to provide the concept, but in other words if we know that something like -fstack-clash-protection is widely used nowadays, it make no sense rebase patches for 10 years and then in the 2033 make the proper configure option :) > What's the flag you want to enable this time? I'm not a gcc downstream maintainer so I can speak for what I can see as external people, so you might want to involve downstream maintainers. >From what I can see I'd say that a starting point is: -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=3 -fstack-clash-protection -fcf-protection -z,relro / -z now _GLIBCXX_ASSERTIONS -Wformat -Wformat-security
