This similarly matches what we do in libc; compiling libssp with
-fstack-protector* is actively harmful. For instance, if the canary ctor
ends up with a stack protector then it will trivially trigger a false
positive as the canary's being initialized.
This was noted by the reporter as irc/ircd-hybrid started crashing at start
after our libssp was MFC'd to stable/11, as its build will explicitly link
in libssp. On FreeBSD, this isn't necessary as SSP bits are included in
libc, but it should absolutely not trigger runtime breakage -- it does mean
that the canary will get initialized twice, but as this is happening early
on in application startup it should just be redundant work.
Reported by: Tod McQuillin <devin@sevenlayer.studio>
MFC after: 3 days
projects / FreeBSD / FreeBSD.git / commit