Date: Mon, 14 Feb 2022 14:03:54 +0000 From: Amit kumar <akamit91@hotmail.com> To: "markj@FreeBSD.org" <markj@FreeBSD.org> Cc: "freebsd-dtrace@FreeBSD.org" <freebsd-dtrace@FreeBSD.org> Subject: Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X Message-ID: <SJ0PR18MB4932A03F77D5D999AEAE83C4DC339@SJ0PR18MB4932.namprd18.prod.outlook.com> In-Reply-To: <Ygpe285ALGK1d5lm@nuc> References: <SJ0PR18MB49326C3D1DF915EB841CC2D8DC339@SJ0PR18MB4932.namprd18.prod.outlook.com> <Ygpe285ALGK1d5lm@nuc>
next in thread | previous in thread | raw e-mail | index | archive | help
--_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable >Does the problem persist with allow_wx =3D 1? No In that case there would be no core dump, but the script would time out = after 300 seconds. Doing some manual experiments It seems it fails to set the watchpoint or the probes wont fire # sysctl kern.elf64.allow_wx=3D1 kern.elf64.allow_wx: 0 -> 1 # sysctl kern.elf64.aslr.enable=3D1 kern.elf64.aslr.enable: 1 -> 1 # sysctl kern.elf64.aslr.pie_enable=3D1 kern.elf64.aslr.pie_enable: 1 -> 1 # exec find / > /dev/null 2>&1 & [1] 27041 akumar3-79afpc2-1# dtrace -n pid27041:a.out:: dtrace: description 'pid27041:a.out::' matched 6828 probes CTRL+C -Amit ________________________________ From: Mark Johnston <markjdb@gmail.com> on behalf of markj@FreeBSD.org <mar= kj@freebsd.org> Sent: Monday, February 14, 2022 7:23 PM To: Amit kumar <akamit91@hotmail.com> Cc: freebsd-dtrace@FreeBSD.org <freebsd-dtrace@freebsd.org> Subject: Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X On Mon, Feb 14, 2022 at 11:03:47AM +0000, Amit kumar wrote: > Encountered this issue while running https://github.com/freebsd/freebsd-s= rc/blob/main/cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/pid/tst.em= ptystack.d > > a somewhat simpler method to reproduce > > configuration > file /usr/bin/find > /usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....> > > kern.elf64.allow_wx: 0 > kern.elf64.aslr.pie_enable: 1 > kern.elf64.aslr.enable: 1 Does the problem persist with allow_wx =3D 1? > # dtrace -n pid92817:::entry > dtrace: description 'pid92817:::entry' matched 4380 probes > [2] + trace trap (core dumped) exec find / > /dev/null 2>&1 > > # exec find / > /dev/null 2>&1 & > [1] 85293 > # dtrace -n pid85293:a.out:: > dtrace: description 'pid85293:a.out::' matched 6828 probes > [1] + trace trap (core dumped) exec find / > /dev/null 2>&1 > CPU ID FUNCTION:NAME > 1 89149 find_execute:1f8 > > looking at find core in gdb > (gdb) p $_siginfo > $1 =3D { > si_signo =3D 5, > si_errno =3D 0, > si_code =3D 3, > . > . > . > > Can someone help me understand why am I seeing core due to SIGTRAP TRAP_D= TRACE ? > > Regards > Amit --_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > <style type=3D"text/css" style=3D"display:none;"> P {margin-top:0;margin-bo= ttom:0;} </style> </head> <body dir=3D"ltr"> <div style=3D"font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;= color: rgb(0, 0, 0);"> <span style=3D"font-family:"Segoe UI", "Segoe UI Web (West E= uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica = Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 2= 55);display:inline !important">>Does the problem persist with allow_wx =3D 1?</span><br> </div> <div style=3D"font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;= color: rgb(0, 0, 0);"> <span style=3D"font-family:"Segoe UI", "Segoe UI Web (West E= uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica = Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 2= 55);display:inline !important">No In that case there would be no core dump, but the script would time out after 300 seconds.</span></div> <div style=3D"font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;= color: rgb(0, 0, 0);"> <span style=3D"font-family:"Segoe UI", "Segoe UI Web (West E= uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica = Neue", sans-serif;font-size:14.6667px;background-color:rgb(255, 255, 2= 55);display:inline !important">Doing some manual experiments</span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;">I= t seems it fails to set the watchpoint or the probes wont fire</span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;"><= br> </span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;">#= sysctl kern.elf64.allow_wx=3D1 <div>kern.elf64.allow_wx: 0 -> 1</div> <div># sysctl kern.elf64.aslr.enable=3D1</div> <div>kern.elf64.aslr.enable: 1 -> 1</div> <div># sysctl kern.elf64.aslr.pie_enable=3D1</div> <div>kern.elf64.aslr.pie_enable: 1 -> 1</div> <div># exec find / > /dev/null 2>&1 &</div> <div>[1] 27041</div> <div>akumar3-79afpc2-1# dtrace -n pid27041:a.out::</div> dtrace: description 'pid27041:a.out::' matched 6828 probes</span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;"><= br> </span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;">C= TRL+C </span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;"><= br> </span></div> <div style=3D"color: rgb(0, 0, 0);"><span style=3D"font-size: 14.6667px;">-= Amit</span></div> <div id=3D"appendonsend"></div> <hr style=3D"display:inline-block;width:98%" tabindex=3D"-1"> <div id=3D"divRplyFwdMsg" dir=3D"ltr"><font face=3D"Calibri, sans-serif" st= yle=3D"font-size:11pt" color=3D"#000000"><b>From:</b> Mark Johnston <mar= kjdb@gmail.com> on behalf of markj@FreeBSD.org <markj@freebsd.org>= <br> <b>Sent:</b> Monday, February 14, 2022 7:23 PM<br> <b>To:</b> Amit kumar <akamit91@hotmail.com><br> <b>Cc:</b> freebsd-dtrace@FreeBSD.org <freebsd-dtrace@freebsd.org><br= > <b>Subject:</b> Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR = and W^X</font> <div> </div> </div> <div class=3D"BodyFragment"><font size=3D"2"><span style=3D"font-size:11pt;= "> <div class=3D"PlainText">On Mon, Feb 14, 2022 at 11:03:47AM +0000, Amit kum= ar wrote:<br> > Encountered this issue while running <a href=3D"https://github.com/fre= ebsd/freebsd-src/blob/main/cddl/contrib/opensolaris/cmd/dtrace/test/tst/com= mon/pid/tst.emptystack.d"> https://github.com/freebsd/freebsd-src/blob/main/cddl/contrib/opensolaris/c= md/dtrace/test/tst/common/pid/tst.emptystack.d</a><br> > <br> > a somewhat simpler method to reproduce<br> > <br> > configuration<br> > file /usr/bin/find<br> > /usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....><br> > <br> > kern.elf64.allow_wx: 0<br> > kern.elf64.aslr.pie_enable: 1<br> > kern.elf64.aslr.enable: 1<br> <br> Does the problem persist with allow_wx =3D 1?<br> <br> > # dtrace -n pid92817:::entry<br> > dtrace: description 'pid92817:::entry' matched 4380 probes<br> > [2] + trace trap (core dumped) exec find / > /dev/null = 2>&1<br> > <br> > # exec find / > /dev/null 2>&1 &<br> > [1] 85293<br> > # dtrace -n pid85293:a.out::<br> > dtrace: description 'pid85293:a.out::' matched 6828 probes<br> > [1] + trace trap (core dumped) exec find / > /dev/null 2>&1<= br> > CPU ID FUNCTION:NAME<br> > 1 89149 find_execute:1f8<br> > <br> > looking at find core in gdb<br> > (gdb) p $_siginfo<br> > $1 =3D {<br> > si_signo =3D 5,<br> > si_errno =3D 0,<br> > si_code =3D 3,<br> > .<br> > .<br> > .<br> > <br> > Can someone help me understand why am I seeing core due to SIGTRAP TRA= P_DTRACE ?<br> > <br> > Regards<br> > Amit<br> </div> </span></font></div> </body> </html> --_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?SJ0PR18MB4932A03F77D5D999AEAE83C4DC339>