https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87875
--- Comment #2 from Martin Liška <marxin at gcc dot gnu.org> --- So I can confirm it's caused by nested functions, more precisely by nested function trampolines as documented here: https://gcc.gnu.org/onlinedocs/gccint/Trampolines.html ``` GCC has traditionally supported nested functions by creating an executable trampoline at run time when the address of a nested function is taken. This is a small piece of code which normally resides on the stack, in the stack frame of the containing function. The trampoline loads the static chain register and then jumps to the real address of the nested function. ``` Which means the FakeStack has to really have PROT_EXEC. It will require mainline change in libsanitizer.
