fortify: allow diagnostics without run-time checks (attempt #2)

In configs like ASAN, we can't use _chk functions. This CL builds off of
previous work to allow us to still emit diagnostics in conditions like
these.

Wasn't 100% sure what a good test story would look like here. Opinions
appreciated.

Bug: 141267932
Test: checkbuild on internal-master. TreeHugger for x86_64.
Change-Id: I65da9ecc9903d51a09f740e38ab413b9beaeed88
diff --git a/libc/include/bits/fortify/strings.h b/libc/include/bits/fortify/strings.h
index cc268db..1ebaf39 100644
--- a/libc/include/bits/fortify/strings.h
+++ b/libc/include/bits/fortify/strings.h
@@ -33,13 +33,13 @@
         __overloadable
         __clang_error_if(__bos_unevaluated_lt(__bos0(dst), len),
                          "'bcopy' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
     size_t bos = __bos0(dst);
     if (!__bos_trivially_ge(bos, len)) {
         __builtin___memmove_chk(dst, src, len, bos);
         return;
     }
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
     __builtin_memmove(dst, src, len);
 }
 
@@ -48,13 +48,13 @@
         __overloadable
         __clang_error_if(__bos_unevaluated_lt(__bos0(b), len),
                          "'bzero' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
     size_t bos = __bos0(b);
     if (!__bos_trivially_ge(bos, len)) {
         __builtin___memset_chk(b, 0, len, bos);
         return;
     }
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
     __builtin_memset(b, 0, len);
 }