https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104816
Fangrui Song <i at maskray dot me> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |i at maskray dot me --- Comment #13 from Fangrui Song <i at maskray dot me> --- I created https://gcc.gnu.org/pipermail/gcc-patches/2024-January/643303.html before I realized that there is a trade-off between two modes. * (current default, -mno-cet-switch) NOTRACK indirect jump + case handlers without ENDBR, GCC -mno-cet-switch. Vulnerable to unconstrained indirect jump and Branch Target Injection. * (-mcet-switch) tracked indirect jump + case handlers with ENDBR. Increases the number of gadgets. Whether they can be usefully exploited depends on the program. It seems that the majority of the opinions so far are about the concern of NOTRACK, so enabling -mcet-switch by default perhaps still makes sense. -fno-jump-tables isn't a bad choice if users are really concerned about the gadgets...