On Tue, Dec 6, 2022 at 3:16 PM Siddhesh Poyarekar <siddhesh(a)redhat.com> wrote:
My full comment in that blog post is:
"We need a proper study of performance and code size to understand the
magnitude of the impact created by _FORTIFY_SOURCE=3 additional
runtime code generation. However the performance and code size
overhead may well be worth it due to the magnitude of improvement in
security coverage."
The key word is *MAY*. That is not considered
to be a conclusion supported by the evidence
presented (at least in any scientific paper I
have reviewed).