GCC's -fstack-protector-strong (default in Debian, Ubuntu, and Fedora since the mid-2010s) implements exactly the canary check you are tracing, and the 'stack smashing detected' message it prints is one of the most common crash signatures in Linux server logs. CTF challenges routinely require leaking this canary via a format-string bug before a return-address overwrite can succeed.