El sáb, 07-09-2013 a las 14:37 -0400, Rich Freeman escribió:
> On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth
> <va...@mathematik.uni-wuerzburg.de> wrote:
> > Ryan Hill <dirtye...@gentoo.org> wrote:
> >>
> >> * -fstack-protector{-all}
> >> No thank you. -fstack-protector has very limited coverage
> >
> > I'd say it covers most cases where bugs can be made,
> > practically without a severe impact on execution time or code size.
> > In contrast, -fstack-protector-all should be left to hardened, since
> > its impact is unacceptable to e.g. multimedia systems - the
> > protection is probably over-the-top for normal users.
> > I'd vote for enabling -fstack-protector by default:
> > I am using it since many years (though I do not use hardened profile,
> > since -fstack-protector-all had too much a performance impact for me).
> >
> >> -fstack-protector-strong
> >
> > One can later still change to this when >=gcc-4.9 is available in stable.
>
> ++, ++
>
> No doubt stack-protector-strong is better than stack-protector, but
> stack-protector is still better than nothing, and nothing is the
> current default.
>
> Improvements don't need to be perfect - they just need to be improvements.
>
> Rich
>
Is there any kind of information about performance penalty of
-fstack-protector? I have googled some time and there are various
estimations (from ~2 to ~8%), but I have no idea what have they checked
exactly. Also, multiple comments here refer to "not severe impact" that
looks to me like it will have impact but "not too much" :/. For some
recent computers I would probably use it, but for older ones, I am not
sure if will be happy with that additional impact :|
Thanks for the info
