as debugged in https://crbug.com/406598 (see comment #50), the current ENABLE_SSP_SMASH_DUMPS_CORE logic in chk_fail.c code is not reliable. see this file for details: sys-libs/glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c it is possible for things to race such that the SIGABRT is not delivered before the SIGKILL is sent & delivered, and the kernel could deliver the SIGKILL thus disabling the possibility to catch the signal or get a coredump. in CrOS, we solved this by calling abort() directly: - INLINE_SYSCALL(kill, 2, pid, SIGABRT); + /* Use abort() directly. https://crbug.com/406598 */ + abort(); the glibc code goes through a lot of effort to actually trigger an abort and not simply kill itself. in Gentoo, we're not keen on calling abort() because chk_fail itself is designed to only make syscalls directly. maybe in this case we can make an exception since ENABLE_SSP_SMASH_DUMPS_CORE is only active when USE=debug is turned on ...
is okay
So who knows if this is still relevant in any way? I don't.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c4ea812e61978466afdbf77e44e04f808762e07 commit 3c4ea812e61978466afdbf77e44e04f808762e07 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2018-04-21 21:24:59 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2018-04-21 21:25:19 +0000 sys-libs/glibc: Remove useflag debug and related logic. Bug 601718. Closes: https://bugs.gentoo.org/601718 Package-Manager: Portage-2.3.27, Repoman-2.3.9 sys-libs/glibc/glibc-9999.ebuild | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=134eb78addb5db67d99bc8e3580b68b38343512d commit 134eb78addb5db67d99bc8e3580b68b38343512d Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2018-05-20 16:04:55 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2018-05-20 16:05:53 +0000 sys-libs/glibc: Stop installing SSP and FORTIFY_SOURCE handler [12:38:42] <Zorry> dilfridge: you can remove the einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" and cp files too [12:38:53] <Zorry> for glibc [12:50:17] <dilfridge> ok [12:50:20] <dilfridge> will do Closes: https://bugs.gentoo.org/601718 Package-Manager: Portage-2.3.36, Repoman-2.3.9 sys-libs/glibc/glibc-9999.ebuild | 9 --------- 1 file changed, 9 deletions(-)