dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Amit kumar <akamit91_at_hotmail.com>
Date: Mon, 14 Feb 2022 11:03:47 UTC

Encountered this issue while running https://github.com/freebsd/freebsd-src/blob/main/cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/pid/tst.emptystack.d

a somewhat simpler method to reproduce

configuration
file /usr/bin/find
/usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....>

kern.elf64.allow_wx: 0
kern.elf64.aslr.pie_enable: 1
kern.elf64.aslr.enable: 1

# dtrace -n pid92817:::entry
dtrace: description 'pid92817:::entry' matched 4380 probes
[2]  + trace trap (core dumped)  exec find / > /dev/null 2>&1

# exec find / > /dev/null 2>&1 &
[1] 85293
# dtrace -n pid85293:a.out::
dtrace: description 'pid85293:a.out::' matched 6828 probes
[1] + trace trap (core dumped) exec find / > /dev/null 2>&1
CPU ID FUNCTION:NAME
1 89149 find_execute:1f8

looking at find core in gdb
(gdb) p $_siginfo
$1 = {
  si_signo = 5,
  si_errno = 0,
  si_code = 3,
  .
  .
  .

Can someone help me understand why am I seeing core due to SIGTRAP TRAP_DTRACE ?

Regards
Amit