Revert "fortify: allow diagnostics without run-time checks"
This reverts commit d7e11b88531665de59de466bbc9ee6c480b00a4f.
Reason for revert: Breaks aosp_x86_64-eng. Will look into it and
unbreak when it's not almost midnight. :)
Change-Id: I21f76efe4d19c70d0b14630e441376d359a45b49
diff --git a/tests/Android.bp b/tests/Android.bp
index ee4f02e..1755053 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -312,20 +312,26 @@
},
}
-// Ensures that FORTIFY checks aren't run when ASAN is on.
-cc_test {
- name: "bionic-fortify-runtime-asan-test",
+// If building this fails, then we have both FORTIFY and ASAN enabled, which
+// isn't desirable. (Ideally, we'd emit FORTIFY diagnostics even with ASAN
+// enabled, but that's not a reality today.) This is meant to be otherwise
+// unused.
+cc_test_library {
+ name: "fortify_disabled_for_asan",
defaults: [
"bionic_clang_fortify_tests_w_flags",
],
cflags: [
"-Werror",
"-D_FORTIFY_SOURCE=2",
+ // "sanitize: address" doesn't work on platforms where libasan isn't
+ // enabled. Since the intent is just to build this, we can get away with
+ // passing this flag on its own.
+ "-fsanitize=address",
],
- sanitize: {
- address: true,
- },
- srcs: ["clang_fortify_asan.cpp"],
+ // Ignore that we don't have ASAN symbols linked in.
+ allow_undefined_symbols: true,
+ srcs: ["clang_fortify_tests.cpp"],
}
// Ensure we don't use FORTIFY'ed functions with the static analyzer/clang-tidy:
diff --git a/tests/clang_fortify_asan.cpp b/tests/clang_fortify_asan.cpp
deleted file mode 100644
index 51656eb..0000000
--- a/tests/clang_fortify_asan.cpp
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * This test ensures that ensures that FORTIFY's run-time bits aren't enabled with ASAN on. Most
- * ways of getting FORTIFY to break turn into UB unless you get creative. Rather than remaking the
- * entire FORTIFY test-suite with this added constraint, we pick a function with well-defined
- * behavior when a FORTIFY check would fail (umask), and hope that the success of that is indicative
- * of the rest working.
- */
-
-#ifndef __clang__
-#error "Non-clang isn't supported"
-#endif
-
-#ifndef _FORTIFY_SOURCE
-#error "_FORTIFY_SOURCE must be defined"
-#endif
-
-#include <sys/cdefs.h>
-
-#if defined(__BIONIC__) && __has_feature(address_sanitizer)
-#include <sys/stat.h>
-#include <gtest/gtest.h>
-
-TEST(ClangFortifyASAN, NoRuntimeChecksAreEnabled) {
- volatile mode_t unknown = 01000;
- mode_t previous = umask(unknown);
-
- // Not necessary, but polite.
- umask(previous);
-}
-#endif