Add a flag to lock down isystem include checks.
If this flag is disabled, Bazel continues to behave as previously - includes
reached through isystem paths are completely ignored, i.e., they don't have
to be declared in any rule. This applies primarily to cc_library.includes.
When the flag is enabled, Bazel gives an error for any such header file that
isn't declared in srcs or hdrs of a dependent rule.
Goes towards fixing #1162.
RELNOTES[NEW]: Use --strict_system_includes to apply hdrs_check=strict also to
cc_library.includes, even if sandboxing is disabled.
--
MOS_MIGRATED_REVID=137125638
diff --git a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileAction.java b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileAction.java
index 55ea38e..10f1314 100644
--- a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileAction.java
+++ b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileAction.java
@@ -801,7 +801,9 @@
if (optionalSourceFile != null) {
allowedIncludes.add(optionalSourceFile);
}
- Iterable<PathFragment> ignoreDirs = getValidationIgnoredDirs();
+ Iterable<PathFragment> ignoreDirs = cppConfiguration.isStrictSystemIncludes()
+ ? cppConfiguration.getBuiltInIncludeDirectories()
+ : getValidationIgnoredDirs();
// Copy the sets to hash sets for fast contains checking.
// Avoid immutable sets here to limit memory churn.
diff --git a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileActionBuilder.java b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileActionBuilder.java
index 6a4b88a..02fca80 100644
--- a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileActionBuilder.java
+++ b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppCompileActionBuilder.java
@@ -48,7 +48,7 @@
* Builder class to construct C++ compile actions.
*/
public class CppCompileActionBuilder {
- public static final UUID GUID = UUID.fromString("cee5db0a-d2ad-4c69-9b81-97c936a29075");
+ public static final UUID GUID = UUID.fromString("97493805-894f-493a-be66-9a698f45c31d");
private final ActionOwner owner;
private final List<String> features = new ArrayList<>();
diff --git a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppConfiguration.java b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppConfiguration.java
index 7231f64..2b839de 100644
--- a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppConfiguration.java
+++ b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppConfiguration.java
@@ -2037,6 +2037,10 @@
return cppOptions.shareNativeDeps;
}
+ public boolean isStrictSystemIncludes() {
+ return cppOptions.strictSystemIncludes;
+ }
+
@Override
public Map<String, Object> lateBoundOptionDefaults() {
// --cpu and --compiler initially default to null because their *actual* defaults aren't known
diff --git a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppOptions.java b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppOptions.java
index 0b7b82c..edf780d 100644
--- a/src/main/java/com/google/devtools/build/lib/rules/cpp/CppOptions.java
+++ b/src/main/java/com/google/devtools/build/lib/rules/cpp/CppOptions.java
@@ -546,6 +546,16 @@
)
public boolean shareNativeDeps;
+ @Option(
+ name = "strict_system_includes",
+ defaultValue = "false",
+ category = "strategy",
+ help =
+ "If true, headers found through system include paths (-isystem) are also required to be "
+ + "declared."
+ )
+ public boolean strictSystemIncludes;
+
@Override
public FragmentOptions getHost(boolean fallback) {
CppOptions host = (CppOptions) getDefault();
diff --git a/src/main/java/com/google/devtools/build/lib/rules/cpp/FakeCppCompileAction.java b/src/main/java/com/google/devtools/build/lib/rules/cpp/FakeCppCompileAction.java
index 572853f..5bf6f94 100644
--- a/src/main/java/com/google/devtools/build/lib/rules/cpp/FakeCppCompileAction.java
+++ b/src/main/java/com/google/devtools/build/lib/rules/cpp/FakeCppCompileAction.java
@@ -56,7 +56,7 @@
private static final Logger LOG = Logger.getLogger(FakeCppCompileAction.class.getName());
- public static final UUID GUID = UUID.fromString("b2d95c91-1434-47ae-a786-816017de8494");
+ public static final UUID GUID = UUID.fromString("8ab63589-be01-4a39-b770-b98ae8b03493");
private final PathFragment tempOutputFile;
