Avoid backtrace from __stack_chk_fail [BZ #12189]

__stack_chk_fail is called on corrupted stack.  Stack backtrace is very
unreliable against corrupted stack.  __libc_message is changed to accept
enum __libc_message_action and call BEFORE_ABORT only if action includes
do_backtrace.  __fortify_fail_abort is added to avoid backtrace from
__stack_chk_fail.

	[BZ #12189]
	* debug/Makefile (CFLAGS-tst-ssp-1.c): New.
	(tests): Add tst-ssp-1 if -fstack-protector works.
	* debug/fortify_fail.c: Include <stdbool.h>.
	(_fortify_fail_abort): New function.
	(__fortify_fail): Call _fortify_fail_abort.
	(__fortify_fail_abort): Add a hidden definition.
	* debug/stack_chk_fail.c: Include <stdbool.h>.
	(__stack_chk_fail): Call __fortify_fail_abort, instead of
	__fortify_fail.
	* debug/tst-ssp-1.c: New file.
	* include/stdio.h (__libc_message_action): New enum.
	(__libc_message): Replace int with enum __libc_message_action.
	(__fortify_fail_abort): New hidden prototype.
	* malloc/malloc.c (malloc_printerr): Update __libc_message calls.
	* sysdeps/posix/libc_fatal.c (__libc_message): Replace int
	with enum __libc_message_action.  Call BEFORE_ABORT only if
	action includes do_backtrace.
	(__libc_fatal): Update __libc_message call.

debug/fortify_fail.c

@@ -17,17 +17,28 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdbool.h>
 
 
 extern char **__libc_argv attribute_hidden;
 
 void
 __attribute__ ((noreturn)) internal_function
-__fortify_fail (const char *msg)
+__fortify_fail_abort (_Bool do_backtrace, const char *msg)
 {
   /* The loop is added only to keep gcc happy.  */
   while (1)
-    __libc_message (2, "*** %s ***: %s terminated\n",
+    __libc_message (do_backtrace ? (do_abort | do_backtrace) : do_abort,
+		    "*** %s ***: %s terminated\n",
 		    msg, __libc_argv[0] ?: "<unknown>");
 }
+
+void
+__attribute__ ((noreturn)) internal_function
+__fortify_fail (const char *msg)
+{
+  __fortify_fail_abort (true, msg);
+}
+
 libc_hidden_def (__fortify_fail)
+libc_hidden_def (__fortify_fail_abort)