add comments for why we dont have basic/plain mode

Author: Ariel Ben-Yehuda

compiler/rustc_codegen_llvm/src/lib.rs

@@ -287,7 +287,7 @@ impl CodegenBackend for LlvmCodegenBackend {
         buffer overflow (even in the presence of undefined behavior).
 
         This provides similar security guarantees to Clang's
-        `-fstack-protector=strong`.
+        `-fstack-protector-strong`.
 
         The exact rules are unstable and subject to change, but
         currently, it generates stack protectors for functions that,

src/doc/rustc/src/codegen-options/index.md

@@ -687,7 +687,7 @@ Supported values for this option are:
   buffer overflow (even in the presence of undefined behavior).
 
   This provides similar security guarantees to Clang's
-  `-fstack-protector=strong`.
+  `-fstack-protector-strong`.
 
   The exact rules are unstable and subject to change, but
   currently, it generates stack protectors for functions that,
@@ -697,6 +697,15 @@ Supported values for this option are:
   determined by static control flow).
  - `all`: Generate stack canaries in all functions
 
+rustc does not have a mode equivalent to Clang's (or GCC's)
+plain `-fstack-protector` - `-fstack-protector` is an older heuristic
+designed for C, that only protects functions that allocate a
+`char buf[N];` buffer on the stack, making it prone to buffer overflows
+from length miscalculations. This heuristic is poorly suited for Rust
+code. Even in C codebases, `-fstack-protector-strong` is nowadays
+preferred because plain `-fstack-protector` misses many stack
+buffer overflows.
+
 Stack protectors are not supported on many GPU targets, use of stack
 protectors on these targets is an error.