No. He probably doesn't even know about this proposal yet, since it was just published
yesterday. This is not the sort of thing that matters for desktop performance, where we
care about orders of magnitude rather than a few percent improvement here or there. Even
if extra bounds checking makes code 10% slower, which seems very unlikely, the benefit of
the extra hardening would still be worth it. _FORTIFY_SOURCE=3 is going to make it harder
to hack Fedora users, converting code execution vulnerabilities into denial of service
vulnerabilities. That's worth a small performance cost. Reasonable educated users will
want to make that trade even if we don't know exactly how much the cost is.
Ordinarily I would not have even felt any need to comment on a proposal like this, except
it comes immediately after the rejection of frame pointers, which leaves us unable to
measure where Fedora performance problems occur without rebuilding the world. People who
care about performance should be *very* upset about that decision. Anyway, the effort that
went into that change proposal has established new expectations for any change that will
impact system performance: the new flags should be benchmarked in an environment where all
Fedora packages have been rebuilt with the new flags, so we can critique the change based
on benchmarks that are not representative of real-world usage and reject it if they show a
2% performance hit, regardless of value to Fedora. If you don't like the idea of
rebuilding all packages with the new flags, then maybe it was a mistake to require
developers to do just that if they want to profile applications successfully.