fortify-source

the fortify-source will make functions like strcat to __strcat_chk... Its a builtin optimization way in modern gcc
to close it, you can add -fno-stack-protector -D_FORTIFY_SOURCE=0 in the CFLAGS.

it's interesting that the -Os optimizationi option will add -D_FORTIFY_SOURCE=2 internally

another thing is that if there is a FOTIFY_SOURCE configure in configure.in
you should add

CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_FORTIFY_SOURCE=0"

in configure.in
and then

export CPPFLAGS=-D_FORTIFY_SOURCE=0
export CFLAGS=-D_FORTIFY_SOURCE=0
./configure && make

no return

there is no ret instruction in the void defination functions.
because in this program, the JS_throw will call abort(), so the compiler wont return to here ...

protect methods

https://introspelliam.github.io/2017/09/30/linux%E7%A8%8B%E5%BA%8F%E7%9A%84%E5%B8%B8%E7%94%A8%E4%BF%9D%E6%8A%A4%E6%9C%BA%E5%88%B6/

two choice now

1. the stackoverflow
2. the jsC_error