Rich Freeman <rich0 <at> gentoo.org> writes:
> > '-fstack-protector-strong' is supported as of gcc-4.9.x - unless you > > upgrade, you'll forced to use the regular one. > > I think it's not even that unlikely that you don't even want the strong > > version. > Ironically enough, your last sentence overflowed my parsing stack. :) From: https://securityblog.redhat.com/tag/stack-protector/ "The GCC flags -fstack-protector and -fstack-protector-all activate the Stack Smashing Protector (SSP). When any of these flags are used, GCC instruments the function return instruction with a probabilistic check that the stack frame is not corrupted. " From: http://www.outflux.net/blog/archives/2014/01/27/fstack-protector-strong/ "The stack protector feature itself adds a known canary to the stack during function preamble, and checks it when the function returns. " Bug 517428 was/is a request to setup Ftrace/trace-cmd/KernelShark as a fine-grained tool, for such issuses as fstack-protector events. As we all know, I'm still struggling with learning the ebuild_gymnasitcs, but bug 517428 is looking(begging) for a knowledgable person to get an Ftrace/trace-cmd/kernelshark ebuild working. This will provide a fantastic tool for low-level as well as application code diagnostics. :) hth, James [1] http://en.wikipedia.org/wiki/Ftrace
