Hi Nobuhiro,
On 11/23/25 01:22, Nobuhiro Iwamatsu wrote:
As you pointed out, handling 'FORTIFY_SOURCE' records requires specific measures. However, I think this patch won't function correctly. In this patch, after ‘-U_FORTIFY_SOURCE’ disables it, ‘-D_FORTIFY_SOURCE=2’ becomes active. Consequently, ‘-D_FORTIFY_SOURCE=2’ remains in effect instead of ‘-D_FORTIFY_SOURCE=3’. I reviewed the Ubuntu build log, and it follows the same processing as described above. https://launchpadlibrarian.net/832860814/buildlog_ubuntu-resolute-amd64v3.mmc-utils_1.0-1ubuntu1_BUILDING.txt.gz ``` cc -Wdate-time -D_FORTIFY_SOURCE=3 -U_FORTIFY_SOURCE -Wall -Werror -Wuninitialized -Wundef -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 -DVERSION=\"1.0\" -g -O2 -Werror=implicit-function-declaration -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/<<PKGBUILDDIR>>=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -march=x86-64-v3 -fdebug-prefix-map=/<<PKGBUILDDIR>>=/usr/src/mmc-utils-1.0-1ubuntu1 -Wp,-MMD,./.mmc.o.d,-MT,mmc.o -c mmc.c -o mmc.o ``` This appears to be working correctly, but it will cause FTBFS with other issues, when ‘-D_FORTIFY_SOURCE=3’ is enabled. Therefore, if my understanding is correct, the fix would involve removing ‘-D_FORTIFY_SOURCE=2’ from the Makefile rather than modifying debian/rules.
Thanks for considering the patch and taking some time to look into it. Removing `-D_FORTIFY_SOURCE=2` from the Makefile was among the previous Ubuntu delta. I've considered keeping it, but the issue is that the upstream sources actually don't build with `-D_FORTIFY_SOURCE=3`. That is why I proposed this patch, at least until upstream officially supports building with `-D_FORTIFY_SOURCE=3`. But if you want to actually carry the patch disabling `-D_FORTIFY_SOURCE=2` in the Makefile, that would be fine too, except that Ubuntu would have to change its delta to actually disable `-D_FORTIFY_SOURCE=3` and go back to `2`, and we would be back to the package not being sync'd again. Last, but more complicated solution, is to work on supporting building with `-D_FORTIFY_SOURCE=3`. Unfortunately, I don't have the time (nor the skills at the moment!) myself to take on that work. Either way, the choice is yours, and we will adapt :-) Skia
