# DP: Document distro specific compiler flags turned on by default

--- a/src/gcc/doc/invoke.texi
+++ b/src/gcc/doc/invoke.texi
@@ -11859,6 +11859,13 @@ also turns on the following optimization
 Please note the warning under @option{-fgcse} about
 invoking @option{-O2} on programs that use computed gotos.
 
+NOTE: In Ubuntu 8.10 and later versions, @option{-D_FORTIFY_SOURCE=2},
+in Ubuntu 24.04 and later versions, @option{-D_FORTIFY_SOURCE=3}, is
+set by default, and is activated when @option{-O} is set to 2 or higher.
+This enables additional compile-time and run-time checks for several libc
+functions.  To disable, specify either @option{-U_FORTIFY_SOURCE} or
+@option{-D_FORTIFY_SOURCE=0}.
+
 @opindex O3
 @item -O3
 Optimize yet more.  @option{-O3} turns on all optimizations specified
@@ -15421,6 +15428,9 @@ value of a shared integer constant.
 The minimum size of buffers (i.e.@: arrays) that receive stack smashing
 protection when @option{-fstack-protector} is used.
 
+This default before Ubuntu 10.10 was "8". Currently it is "4", to increase
+the number of functions protected by the stack protector.
+
 @item min-size-for-stack-sharing
 The minimum size of variables taking part in stack slot sharing when not
 optimizing.
@@ -17127,6 +17137,10 @@ Currently the x86 GNU/Linux target provi
 on Intel Control-flow Enforcement Technology (CET) which works for
 i686 processor or newer.
 
+NOTE: In Ubuntu 19.10 and later versions, @option{-fcf-protection}
+is enabled by default for C, C++, ObjC, ObjC++, if none of
+@option{-fno-cf-protection} nor @option{-fcf-protection=*} are found.
+
 @opindex fharden-compares
 @item -fharden-compares
 For every logical test that survives gimple optimizations and is
@@ -17169,6 +17183,11 @@ references to local frame addresses.  On
 allocated on the stack are considered, optimized away variables or variables
 allocated in registers don't count.
 
+NOTE: In Ubuntu 14.10 and later versions,
+@option{-fstack-protector-strong} is enabled by default for C,
+C++, ObjC, ObjC++, if none of @option{-fno-stack-protector},
+@option{-nostdlib}, nor @option{-ffreestanding} are found.
+
 @opindex fstack-protector-explicit
 @item -fstack-protector-explicit
 Like @option{-fstack-protector} but only protects those functions which
@@ -17232,6 +17251,10 @@ allocations.  @option{-fstack-clash-prot
 protection for static stack allocations if the target supports
 @option{-fstack-check=specific}.
 
+NOTE: In Ubuntu 19.10 and later versions,
+@option{-fstack-clash-protection} is enabled by default for C,
+C++, ObjC, ObjC++, unless @option{-fno-stack-clash-protection} is found.
+
 @opindex fstack-limit-register
 @opindex fstack-limit-symbol
 @opindex fno-stack-limit
@@ -17959,6 +17982,9 @@ For example, @option{-Wl,-Map,output.map
 linker.  When using the GNU linker, you can also get the same effect with
 @option{-Wl,-Map=output.map}.
 
+NOTE: In Ubuntu 8.10 and later versions, for LDFLAGS, the option
+@option{-Wl,-z,relro} is used.  To disable, use @option{-Wl,-z,norelro}.
+
 @opindex u
 @item -u @var{symbol}
 Pretend the symbol @var{symbol} is undefined, to force linking of