Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X

Reply: Amit kumar : "Re: dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X"
In reply to: Amit kumar : "dtrace fails to trace on FreeBSD-14(CURRENT) with ASLR and W^X"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: markj@FreeBSD.org <markj_at_freebsd.org>
Date: Mon, 14 Feb 2022 13:53:31 UTC

On Mon, Feb 14, 2022 at 11:03:47AM +0000, Amit kumar wrote:
> Encountered this issue while running https://github.com/freebsd/freebsd-src/blob/main/cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/pid/tst.emptystack.d
> 
> a somewhat simpler method to reproduce
> 
> configuration
> file /usr/bin/find
> /usr/bin/find: ELF 64-bit LSB shared object, x86-64, <.....>
> 
> kern.elf64.allow_wx: 0
> kern.elf64.aslr.pie_enable: 1
> kern.elf64.aslr.enable: 1

Does the problem persist with allow_wx = 1?

> # dtrace -n pid92817:::entry
> dtrace: description 'pid92817:::entry' matched 4380 probes
> [2]  + trace trap (core dumped)  exec find / > /dev/null 2>&1
> 
> # exec find / > /dev/null 2>&1 &
> [1] 85293
> # dtrace -n pid85293:a.out::
> dtrace: description 'pid85293:a.out::' matched 6828 probes
> [1] + trace trap (core dumped) exec find / > /dev/null 2>&1
> CPU ID FUNCTION:NAME
> 1 89149 find_execute:1f8
> 
> looking at find core in gdb
> (gdb) p $_siginfo
> $1 = {
>   si_signo = 5,
>   si_errno = 0,
>   si_code = 3,
>   .
>   .
>   .
> 
> Can someone help me understand why am I seeing core due to SIGTRAP TRAP_DTRACE ?
> 
> Regards
> Amit