https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112470
--- Comment #5 from Richard Sandiford <rsandifo at gcc dot gnu.org> --- Could you quantify the performance impact that you're seeing? Figures relative to no protection and to unpatched -fstack-protector-strong would be useful. -fstack-protector-strong adds a large overhead to small functions like this [https://godbolt.org/z/x1v7hvsq1]. And the option explicitly asks for statically sized arrays to be “protected”. Users who only want variable-length arrays to be protected would instead use -fstack-protector. So given that the function has the kind of array that the user wants to be protected, it seems safer to provide the same kind of protection as other targets do, in the same way, rather than try to do our own thing. We've already been bitten once by this. For example, on other targets, -fstack-protector-strong effectively protects against underflow as well as overflow, in the sense that underflow can't overwrite the function's saved registers. The proposed patch would change that for AArch64: writing at negative indices would allow the saved registers to be overwritten.
