Revert "fortify: allow diagnostics without run-time checks"
This reverts commit d7e11b88531665de59de466bbc9ee6c480b00a4f.
Reason for revert: Breaks aosp_x86_64-eng. Will look into it and
unbreak when it's not almost midnight. :)
Change-Id: I21f76efe4d19c70d0b14630e441376d359a45b49
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index eb30690..8078bda 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -237,15 +237,14 @@
#define __BIONIC_FORTIFY_UNKNOWN_SIZE ((size_t) -1)
#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0
-/* FORTIFY can interfere with pattern-matching of clang-tidy/the static analyzer. */
-# if !defined(__clang_analyzer__)
+/*
+ * FORTIFY's _chk functions effectively disable ASAN's stdlib interceptors.
+ * Additionally, the static analyzer/clang-tidy try to pattern match some
+ * standard library functions, and FORTIFY sometimes interferes with this. So,
+ * we turn FORTIFY off in both cases.
+ */
+# if !__has_feature(address_sanitizer) && !defined(__clang_analyzer__)
# define __BIONIC_FORTIFY 1
-/* ASAN has interceptors that FORTIFY's _chk functions can break. */
-# if __has_feature(address_sanitizer)
-# define __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED 0
-# else
-# define __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED 1
-# endif
# endif
#endif