From eec74d55dde6285c7aa6fa8ab322414920223974 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= <lzaoral@redhat.com>
Date: Mon, 30 Jan 2023 12:19:24 +0100
Subject: [PATCH] gcc: disable code fortification with sanitizers

Related: https://github.com/google/sanitizers/issues/247#issuecomment-1283500316
---
 py/plugins/gcc.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/py/plugins/gcc.py b/py/plugins/gcc.py
index 1c13b8aa..9817f3ae 100644
--- a/py/plugins/gcc.py
+++ b/py/plugins/gcc.py
@@ -193,6 +193,15 @@ def handle_args(self, parser, args, props):
             self.flags.append_flags(['-g', '-fno-omit-frame-pointer',
                                      '-fsanitize-recover=all'])
 
+            # sanitizers are not compatible with FORTIFY_SOURCE
+            # https://github.com/google/sanitizers/issues/247#issuecomment-1283500316
+            #
+            # annobin should always be present in the buildroot since it is
+            # required by redhat-rpm-config
+            self.flags.append_flags(["-Wp,-U_FORTIFY_SOURCE",
+                                     "-fplugin=annobin",
+                                     "-fplugin-arg-annobin-no-active-checks"])
+
             # create directory for sanitizer's results
             def create_cap_dir_hook(results, mock):
                 cmd = f"mkdir -pv '{SANITIZER_CAPTURE_DIR}'"