From nobody Mon Feb 14 14:03:54 2022 X-Original-To: freebsd-dtrace@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 01B31194837B for ; Mon, 14 Feb 2022 14:03:57 +0000 (UTC) (envelope-from akamit91@hotmail.com) Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11olkn2041.outbound.protection.outlook.com [40.92.19.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "DigiCert Cloud Services CA-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jy5YS0x0Bz55hK; Mon, 14 Feb 2022 14:03:56 +0000 (UTC) (envelope-from akamit91@hotmail.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ESnnShC6PDJCcR/HVncBowAdhJJo/oN4I8dXU7SKOT8JPdbm0p+Jfhp3dBli1G+LiFoEx97iB678mBGHjKcsYHvl6JY/5lYy8dpLX5cWeXx+EXHPd4h6tCGznyvjcnbJds5yA9D5M15/TGSLiBdoXPvei+pXZrKXQW+XhYoXSGmc+/ctLuxJn9B82TXYbQ2OpEJ3OpT+sYbzDyWV7xs8MZvVdum6OtEhCPowegxsnngJt7yWBjnonZo/Fxz/WaQp5VqDKAxXPywL4JsZ/ISWISlcpKzeu5ikAqHyzEL1xe+J9xVuTMnvdPxluySmXL071D4rbqVHc4NOXCRjBNYWzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fa89e50eDi9DKHq+vOLH5OD6yQFp5VSQA9gWnj7solU=; b=FGOZ0F7pt796Lqc0CIAdcCyT2Yk9E2nH9z50d0LHAqb2UFHWiGuUBHt6N4w2OXEhtl6woAyr4Xkve6S5cANrqvtOs4655QEtUU8f1yFgwCu8cwdAC1FqQHkQa5R5INazGsN3568xA66a0uAvmExE72vQ8aVWac8n46IfIcJFFjh4qkq4BoU741hidYDbWweby8Aeh3IWCKJAL4EPV72wYPr01yQAHA+PfAEBhCkujLmW6OWccblHu6AeklFZbiYED6JxHtYMf0eoP6krK2h4LM9OhUiv19A+NO//U6Vjwe4FKRV5ZtBmCy5LNTr/VrKHQSjOv7zB5o5bPYUbOMjcFQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fa89e50eDi9DKHq+vOLH5OD6yQFp5VSQA9gWnj7solU=; b=Fu/M8/MstTqQx76WYxUcTh/KamWdQEvy5wahUU1BeyMeikoQJtz4z23T4fBTZNNFTB8ZSsylFKcrRTVljgDeCZzPbu4W9hU4VYc1z+dCQiMrcXZlw+J7p0724Lo9OPLEmAwueHOeqaEL65S8rheuyCK9Y6bIs+3jQjuUKxfergejMmWaJg1xtGFjOximjCKJW0JjuYk76m42t01kCX6Lfh4tqpJrql8G0W2XScG2oj9PSN6lCf3Fy+cv4fSS6YM8dIrUhA7HwCGPQPvBTJ2ws/Eqe11zL3YPJBrDhidL8vZUqtGzD89Y9n2mBsTbuQVz5R3+NxBUv7xgT2SYI9Aiiw== Received: from SJ0PR18MB4932.namprd18.prod.outlook.com (2603:10b6:a03:40f::17) by BL1PR18MB4119.namprd18.prod.outlook.com (2603:10b6:208:31a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4975.19; Mon, 14 Feb 2022 14:03:54 +0000 Received: from SJ0PR18MB4932.namprd18.prod.outlook.com ([fe80::7c29:2fa5:e2d9:a913]) by SJ0PR18MB4932.namprd18.prod.outlook.com ([fe80::7c29:2fa5:e2d9:a913%4]) with mapi id 15.20.4975.015; Mon, 14 Feb 2022 14:03:54 +0000 From: Amit kumar To: "markj@FreeBSD.org" CC: "freebsd-dtrace@FreeBSD.org" Subject: Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X Thread-Topic: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X Thread-Index: AQHYIYwcE2zkkoggs0iIye4ydJzSsKyTEWeAgAAA12s= Date: Mon, 14 Feb 2022 14:03:54 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: suggested_attachment_session_id: b2daebb1-b18f-6628-1932-d2a8f402bc18 x-ms-exchange-messagesentrepresentingtype: 1 x-tmn: [ovTTdVg3UVRVauWT1Mr0/IczvjLhJo/2] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a5a7c69f-3a97-401a-0881-08d9efc2d627 x-ms-traffictypediagnostic: BL1PR18MB4119:EE_ x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: G0zI7dEcfN4Lztd0lNrctkWoPrLxB2RIH6GrIHNQjDraOWeKECbpuFpHsG/EBet4yf7expYWpugJRHrpeHtSfhb6BbzmttaKZ+Gg4B5Vcy2L8YSIEOnbSVDVz5/wbiHx7dDxjtn4rCjSJkIzz4Qzcn3/p9Z7TAHtC7Y1lvPiFYT4YezojM8kgW90MJ20ZAhHPZ/H4sAGSueaCh4oumIL97BE/1jok9CPsPGv3ZmkXQhCmgddsbQmpSrU+i/qZyT/y1Cu/DkFRNN7WsT8O7FZgzFk5zJsrk00nbzZOFeutA9OD2KbTvWjEDDRa1OFE8dCf6FOo+iIg4CXl+INzcmcWDAgp9uFcIxkWOr+zV2bxmMCT9S+9rcC6ne35eLxBGmv57oNUMuJsfK9m/WioakmvY0hdUMV6c7fI7uTKIsNTI8T81yYsjDs+3e4e85utXv0T12gVUzC5rPkTBTImvE7R0mUQIN3BhIsqGQvnl/ORkUEATUXbONGXN9n68hBdGufd66gRBkQLhIL+b79HwJpzyPTHGIQ92NbUyvNRvWSYT+zT7fZK2KykMZ4l+/dJiUaGefC49oJLvzLG9IHpv6P1Wu1cTlE/flXAx2dp1vMg3/ykwSPnyeS8ouSTMcqXOWV x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: a8eki4t5y+8YImb1punbr48Ti6VPoR1zLFJnf2t98vAnr41ZydNIxpPeeWbJpxG00eK4O0RzPeQITQvSrzrTCu7JYx2eHmepwVTrHoin9L2QNHDSvdV/FIvb2tkDIiDUSTUMMl4/bjcfuvCJtX68aLrEngTjxhZy5tPs5JYTTvnUAyyxYMRNTX+duXEmd/StUce9zzW47mYPaZdhBIItZOriOUp4+xGywpi4Pe9QiW2di4m628ei1EYxuk6ucwtYQu1ca4Bp3okxbXO46JGrnUHYJBUYe2EC0Ou4Og1KOw6pTRXjSEfG0rD2d1tPh/Yp7s2ww0er3DDvYs39dAe6x64lLUXHWje0k4/Zgy3ulNsdSUDIA7x74ZGYLUlSN6ktulOlEPpU1Q+QiLLJYA48s5N46D9eD9cZMnI/tDay+pTlC9qH7z4iWq4bEaloHSUhBExvzgxzdcylIJmegPeCfj6Gk+TYiBQwJrNCAGL/HbtTIblfbN4+CfPmi7CdG6sRS6p0I3IYc//iTvlgOSEoxSE+n/T7T+UmkbhUasWcXz1QRCg/c4MYINAPtTkKBxlM935nectiPgy5oeN1F+zAdhI3jV0gnWlEW1/d6uj/MAzaOudz6tzwtwqJSLEbmINSK5/nCSSwwHmCvniUbYudVys1jQHc+OYuO5h4G91c6YqcNNi84vSiW08cgE8yCnh68AMaKHLB8SRIub8XLsqd80GVwnABMMl3H3Jb+JN138TajQPtB4VR6prsTPOfM7PCL8TNHTxo0QBeudFUX6LOaLMFCN7kVBgJfyfkR1c7c2kbmUuQRjt2IqcS6a/pKTIICUFGgTtK1qwpJzWVBckSpiGrD8tAC7awJloYY3IeMNTLe1ktY+xGQk1tHl7rKqMR/o/qmdm95lYaALlhuGHlluLEgFO2toDY0E92Ihr3r4QGZWd6Vdv+1wcjqfLnd1bu Content-Type: multipart/alternative; boundary="_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_" List-Id: A discussion list for developers working on DTrace in FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-dtrace List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-dtrace@freebsd.org MIME-Version: 1.0 X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-db494.templateTenant X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR18MB4932.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-Network-Message-Id: a5a7c69f-3a97-401a-0881-08d9efc2d627 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2022 14:03:54.3973 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR18MB4119 X-Rspamd-Queue-Id: 4Jy5YS0x0Bz55hK X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=hotmail.com header.s=selector1 header.b="Fu/M8/Ms"; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=none) header.from=hotmail.com; spf=pass (mx1.freebsd.org: domain of akamit91@hotmail.com designates 40.92.19.41 as permitted sender) smtp.mailfrom=akamit91@hotmail.com X-Spamd-Result: default: False [-5.00 / 15.00]; DWL_DNSWL_NONE(0.00)[hotmail.com:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[hotmail.com:s=selector1]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FREEMAIL_FROM(0.00)[hotmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; R_SPF_ALLOW(-0.20)[+ip4:40.92.0.0/15]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[hotmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[40.92.19.41:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; TO_DN_EQ_ADDR_ALL(0.00)[]; MLMMJ_DEST(0.00)[freebsd-dtrace]; DMARC_POLICY_ALLOW(-0.50)[hotmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[hotmail.com]; ASN(0.00)[asn:8075, ipnet:40.80.0.0/12, country:US]; RCVD_TLS_LAST(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.92.19.41:from] X-ThisMailContainsUnwantedMimeParts: N --_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable >Does the problem persist with allow_wx =3D 1? No In that case there would be no core dump, but the script would time out = after 300 seconds. Doing some manual experiments It seems it fails to set the watchpoint or the probes wont fire # sysctl kern.elf64.allow_wx=3D1 kern.elf64.allow_wx: 0 -> 1 # sysctl kern.elf64.aslr.enable=3D1 kern.elf64.aslr.enable: 1 -> 1 # sysctl kern.elf64.aslr.pie_enable=3D1 kern.elf64.aslr.pie_enable: 1 -> 1 # exec find / > /dev/null 2>&1 & [1] 27041 akumar3-79afpc2-1# dtrace -n pid27041:a.out:: dtrace: description 'pid27041:a.out::' matched 6828 probes CTRL+C -Amit ________________________________ From: Mark Johnston on behalf of markj@FreeBSD.org Sent: Monday, February 14, 2022 7:23 PM To: Amit kumar Cc: freebsd-dtrace@FreeBSD.org Subject: Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X On Mon, Feb 14, 2022 at 11:03:47AM +0000, Amit kumar wrote: > Encountered this issue while running https://github.com/freebsd/freebsd-s= rc/blob/main/cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/pid/tst.em= ptystack.d > > a somewhat simpler method to reproduce > > configuration > file /usr/bin/find > /usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....> > > kern.elf64.allow_wx: 0 > kern.elf64.aslr.pie_enable: 1 > kern.elf64.aslr.enable: 1 Does the problem persist with allow_wx =3D 1? > # dtrace -n pid92817:::entry > dtrace: description 'pid92817:::entry' matched 4380 probes > [2] + trace trap (core dumped) exec find / > /dev/null 2>&1 > > # exec find / > /dev/null 2>&1 & > [1] 85293 > # dtrace -n pid85293:a.out:: > dtrace: description 'pid85293:a.out::' matched 6828 probes > [1] + trace trap (core dumped) exec find / > /dev/null 2>&1 > CPU ID FUNCTION:NAME > 1 89149 find_execute:1f8 > > looking at find core in gdb > (gdb) p $_siginfo > $1 =3D { > si_signo =3D 5, > si_errno =3D 0, > si_code =3D 3, > . > . > . > > Can someone help me understand why am I seeing core due to SIGTRAP TRAP_D= TRACE ? > > Regards > Amit --_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
>Does the problem persist with allow_wx =3D 1?
No In that case there would be no core dump, but the script would time out after 300 seconds.
Doing some manual experiments
I= t seems it fails to set the watchpoint or the probes wont fire
<= br>
#= sysctl kern.elf64.allow_wx=3D1
kern.elf64.allow_wx: 0 -> 1
# sysctl kern.elf64.aslr.enable=3D1
kern.elf64.aslr.enable: 1 -> 1
# sysctl kern.elf64.aslr.pie_enable=3D1
kern.elf64.aslr.pie_enable: 1 -> 1
# exec find / > /dev/null 2>&1 &
[1] 27041
akumar3-79afpc2-1# dtrace -n pid27041:a.out::
dtrace: description 'pid27041:a.out::' matched 6828 probes
<= br>
C= TRL+C 
<= br>
-= Amit
From: Mark Johnston <mar= kjdb@gmail.com> on behalf of markj@FreeBSD.org <markj@freebsd.org>=
Sent: Monday, February 14, 2022 7:23 PM
To: Amit kumar <akamit91@hotmail.com>
Cc: freebsd-dtrace@FreeBSD.org <freebsd-dtrace@freebsd.org> Subject: Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR = and W^X
 
On Mon, Feb 14, 2022 at 11:03:47AM +0000, Amit kum= ar wrote:
> Encountered this issue while running https://github.com/freebsd/freebsd-src/blob/main/cddl/contrib/opensolaris/c= md/dtrace/test/tst/common/pid/tst.emptystack.d
>
> a somewhat simpler method to reproduce
>
> configuration
> file /usr/bin/find
> /usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....>
>
> kern.elf64.allow_wx: 0
> kern.elf64.aslr.pie_enable: 1
> kern.elf64.aslr.enable: 1

Does the problem persist with allow_wx =3D 1?

> # dtrace -n pid92817:::entry
> dtrace: description 'pid92817:::entry' matched 4380 probes
> [2]  + trace trap (core dumped)  exec find / > /dev/null = 2>&1
>
> # exec find / > /dev/null 2>&1 &
> [1] 85293
> # dtrace -n pid85293:a.out::
> dtrace: description 'pid85293:a.out::' matched 6828 probes
> [1] + trace trap (core dumped) exec find / > /dev/null 2>&1<= br> > CPU ID FUNCTION:NAME
> 1 89149 find_execute:1f8
>
> looking at find core in gdb
> (gdb) p $_siginfo
> $1 =3D {
>   si_signo =3D 5,
>   si_errno =3D 0,
>   si_code =3D 3,
>   .
>   .
>   .
>
> Can someone help me understand why am I seeing core due to SIGTRAP TRA= P_DTRACE ?
>
> Regards
> Amit
--_000_SJ0PR18MB4932A03F77D5D999AEAE83C4DC339SJ0PR18MB4932namp_--