http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59148
--- Comment #6 from Jack Howarth <howarth at nitro dot med.uc.edu> --- (In reply to Alexander Potapenko from comment #3) > GCC emits calls to __strcpy_chk and __strncpy_chk in this test, which > happens because of source fortification being on by default on Darwin. > In Clang we're passing -D_FORTIFY_SOURCE=0 when compiling with > -fsanitize=address. > > I've checked that manually adding -D_FORTIFY_SOURCE=0 fixes > strncpy-overflow-1.c > > Jack, can you please make the changes in the GCC driver? Yes, I can confirm that... Index: gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c =================================================================== --- gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c (revision 205290) +++ gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c (working copy) @@ -1,5 +1,5 @@ /* { dg-do run } */ -/* { dg-options "-fno-builtin-malloc -fno-builtin-strncpy" } */ +/* { dg-options "-D_FORTIFY_SOURCE=0 -fno-builtin-malloc -fno-builtin-strncpy" } */ /* { dg-shouldfail "asan" } */ #include <string.h> suppresses the problem. I can also confirm with current llvm/compiler-rt/clang 3.4 branch that... /sw/opt/llvm-3.4/bin/clang -fsanitize=address -g -fdiagnostics-color=never -O0 -fno-builtin-malloc -fno-builtin-strncpy -lm -m64 -D_FORTIFY_SOURCE=2 -o ./strncpy-overflow-1.exe strncpy-overflow-1.c also produces a binary that 'fails' by 'passing'.