Comparing GCC and Clang security features

FYI: finegrained forward-edge CFI verifies that indirect jumps go to a function with the right prototype. (An even finer-grained mode could be imagined that validates that at least some indirect calls for which this sort of thing is statically computable call only those functions which it is known that it is possible for that call-site to indirectly call, ruling out even some functions with the right prototype. A good intermediate state might be able to rule out indirect calls to functions whose address is never taken, even if they have the right prototype. Since most functions' addresses are never taken, this might reduce the set of ROP gadgets significantly.)