GCC 4.8.3+ Does anybody aware of Stack Smashing Protection ?

Dmitry Samersoff dmitry.samersoff at oracle.com
Fri Jun 5 19:31:41 UTC 2015

Hi Everybody,

I'm not sure it affects hotspot but should we care about it?


Beginning with GCC 4.8.3, Stack Smashing Protection (SSP) will be
enabled by default.  The 4.8 series will enable -fstack-protector
while 4.9 and later enable -fstack-protector-strong.

SSP is a security feature that attempts to mitigate stack-based buffer
overflows by placing a canary value on the stack after the function
return pointer and checking for that value before the function returns.
If a buffer overflow occurs and the canary value is overwritten, the
program aborts.

There is a small performance cost to these features.  They can be
disabled with -fno-stack-protector.

For more information these options, refer to the GCC Manual, or the
following articles.



Dmitry Samersoff
Oracle Java development team, Saint Petersburg, Russia
* I would love to change the world, but they won't give me the sources.

More information about the hotspot-dev mailing list