On 2026-02-02 13:07, Richard Biener via Gcc wrote:
I guess we'd need to track duplications (and removals!) as well then. In the end it's probably the memcpy calls somehow surviving and then (for a single source memcpy) the ratio of fortified vs. non-fortified copies.
For fortification metrics specifically, I had used __bdos success as a proxy:
https://github.com/siddhesh/fortify-metrics Sid
