From a4df804d841f3a3df4f9e4a8276ac7cd45c4d36d Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Mon, 17 Feb 2020 19:25:01 -0500 Subject: [PATCH] Fix: tracepoint.h: Disable address sanitizer on pointer array section variables The tracepoint header declares pointer global variables meant to be placed contiguously within the __tracepoints_ptrs section, and then used as an array of pointers when loading an executable or shared object. Clang Address Sanitizer adds redzones around each variable, thus leading to detection of a global buffer overflow. Those redzones should not be placed within this section, because it defeats its purpose. Therefore, teach asan not to add redzones around those variables with an attribute. Note that there does not appear to be any issue with gcc (tested with gcc-8 with address sanitization enabled), and gcc ignores the no_sanitize_address attribute when applied to a global variable. Fixes: #1238 Signed-off-by: Mathieu Desnoyers --- include/lttng/tracepoint.h | 3 ++- include/lttng/ust-compiler.h | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/include/lttng/tracepoint.h b/include/lttng/tracepoint.h index 0d978a5f..4d56f35a 100644 --- a/include/lttng/tracepoint.h +++ b/include/lttng/tracepoint.h @@ -398,7 +398,8 @@ extern struct lttng_ust_tracepoint * const __stop___tracepoints_ptrs[] }; \ static struct lttng_ust_tracepoint * \ __tracepoint_ptr_##_provider##___##_name \ - __attribute__((used, section("__tracepoints_ptrs"))) = \ + __attribute__((section("__tracepoints_ptrs"), used)) \ + __lttng_ust_variable_attribute_no_sanitize_address = \ &__tracepoint_##_provider##___##_name; static void lttng_ust_notrace __attribute__((constructor)) diff --git a/include/lttng/ust-compiler.h b/include/lttng/ust-compiler.h index 1d04da1a..31eaf73c 100644 --- a/include/lttng/ust-compiler.h +++ b/include/lttng/ust-compiler.h @@ -27,4 +27,20 @@ #define lttng_ust_notrace __attribute__((no_instrument_function)) #define LTTNG_PACKED __attribute__((__packed__)) +/* + * Clang supports the no_sanitize variable attribute on global variables. + * GCC only supports the no_sanitize_address function attribute, which is + * not what we need. + */ +#if defined(__clang__) +# if __has_feature(address_sanitizer) +# define __lttng_ust_variable_attribute_no_sanitize_address \ + __attribute__((no_sanitize("address"))) +# else +# define __lttng_ust_variable_attribute_no_sanitize_address +# endif +#else +# define __lttng_ust_variable_attribute_no_sanitize_address +#endif + #endif /* _LTTNG_UST_COMPILER_H */ -- 2.34.1