Merge "Disable FORTIFY on ASAN builds"
am: 7ac99d3ff6
Change-Id: Ib469956edc364bd0d4af59dc5a79439528bf5efd
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 71d8426..58eebc5 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -239,9 +239,18 @@
#define __BIONIC_FORTIFY_UNKNOWN_SIZE ((size_t) -1)
-#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \
- (defined(__clang__) || (defined(__OPTIMIZE__) && __OPTIMIZE__ > 0))
-# define __BIONIC_FORTIFY 1
+#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0
+# if defined(__clang__)
+/* FORTIFY's _chk functions effectively disable ASAN's stdlib interceptors. */
+# if !__has_feature(address_sanitizer)
+# define __BIONIC_FORTIFY 1
+# endif
+# elif defined(__OPTIMIZE__) && __OPTIMIZE__ > 0
+# define __BIONIC_FORTIFY 1
+# endif
+#endif
+
+#if defined(__BIONIC_FORTIFY)
# if _FORTIFY_SOURCE == 2
# define __bos_level 1
# else
diff --git a/tests/Android.bp b/tests/Android.bp
index 084d393..ea3f39f 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -192,6 +192,26 @@
},
}
+// If building this fails, then we have both FORTIFY and ASAN enabled, which
+// isn't desirable. (Ideally, we'd emit FORTIFY diagnostics even with ASAN
+// enabled, but that's not a reality today.) This is meant to be otherwise
+// unused.
+cc_test_library {
+ name: "fortify_disabled_for_asan",
+ cflags: [
+ "-Werror",
+ "-D_FORTIFY_SOURCE=2",
+ // "sanitize: address" doesn't work on platforms where libasan isn't
+ // enabled. Since the intent is just to build this, we can get away with
+ // passing this flag on its own.
+ "-fsanitize=address",
+ ],
+ // Ignore that we don't have ASAN symbols linked in.
+ allow_undefined_symbols: true,
+ srcs: ["fortify_compilation_test.cpp"],
+ clang: true,
+}
+
cc_test_library {
name: "libfortify1-tests-clang",
defaults: ["bionic_fortify_tests_defaults", "bionic_tests_defaults"],