gdb and problematic core dumps for MKPIE executables

To: tech-userlevel%NetBSD.org@localhost
Subject: gdb and problematic core dumps for MKPIE executables
From: Leonardo Taccari <leot%NetBSD.org@localhost>
Date: Mon, 23 May 2016 11:49:52 +0200

Hello to the entire tech-userlevel@ mailing list!
On recent-ish NetBSD/amd64 -current (just few weeks old, prior to PaX
MPROTECT update, but probably this isn't relevant) it seems that core
dump generated from MKPIE executables can not be interpreted by gdb.

Here a complete test case to reproduce that (a Makefile and the source
of `abortpies' program are attached in this email).

With MKPIE=no I have:

 $ make MKDEBUG=yes MKPIE=no && ./abortpies ; gdb -core ./abortpies.core -ex 'bt' -ex 'quit' ./abortpies | awk '/New process/,NL'
 [...]
 Sleeping a bit!
 Abort (core dumped) 
 [New process 1]
 Core was generated by `abortpies'.
 Program terminated with signal SIGABRT, Aborted.
 #0  0x000073d7c9b24dfa in _lwp_kill () from /usr/lib/libc.so.12
 #0  0x000073d7c9b24dfa in _lwp_kill () from /usr/lib/libc.so.12
 #1  0x000073d7c9b24a15 in abort () at /usr/src/lib/libc/stdlib/abort.c:74
 #2  0x0000000000400930 in main (argc=<optimized out>, argv=<optimized out>) at abortpies.c:15

...with MKPIE=yes:

 $ make MKDEBUG=yes MKPIE=yes && ./abortpies ; gdb -core ./abortpies.core -ex 'bt' -ex 'quit' ./abortpies | awk '/New process/,NL'
 [...]
 Sleeping a bit!
 Abort (core dumped) 
 [New process 1]
 Core was generated by `abortpies'.
 Program terminated with signal SIGABRT, Aborted.
 #0  0x000073e88f724dfa in ?? ()
 #0  0x000073e88f724dfa in ?? ()
 #1  0x000073e88f724a15 in ?? ()
 #2  0xffffffffffffffdf in ?? ()
 #3  0xffffffffffffffff in ?? ()
 #4  0x0000770a8a3a0fe0 in ?? ()
 #5  0x000000004b4019e8 in ?? ()
 #6  0x00007958a5901280 in ?? ()
 #7  0x000000004b4018ce in ?? ()
 #8  0x00000001e343c180 in ?? ()
 #9  0x0000770a8a3a0fe0 in ?? ()
 #10 0x0000000000000000 in ?? ()

...running the program directly from gdb (or attaching to it) seems to
correctly work though:

 $ gdb -ex 'run' -ex 'bt' ./abortpies
 (gdb) run
 [...]
 Sleeping a bit!
 
 Program received signal SIGABRT, Aborted.
 0x000073dd97924dfa in _lwp_kill () from /usr/lib/libc.so.12
 (gdb) bt
 #0  0x000073dd97924dfa in _lwp_kill () from /usr/lib/libc.so.12
 #1  0x000073dd97924a15 in abort () at /usr/src/lib/libc/stdlib/abort.c:74
 #2  0x00000001270019e8 in main (argc=<optimized out>, argv=<optimized out>) at abortpies.c:15
 [...]

It seems that I have similar result if I enable/disable ASLR via
`security.pax.aslr.enabled' and `security.pax.aslr.global'.

Unfortunately I was not able to debug and investigate this issue further
but I'm very happy to help debugging that. Please also note that this
issue is related to bin/48250.


Please let me know if further information are needed or if it's better
that I open a PR!
Thank you very much for the attention!
Ciao,
L.

#	$NetBSD$

NOMAN=	# defined

PROG=	abortpies

.include <bsd.prog.mk>

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>


/*
 * Just sleep() a bit and then abort() in order to generate a core dump.
 */
int
main(int argc, char *argv[])
{

	printf("Sleeping a bit!\n");
	sleep(10);
	abort();

	return EXIT_SUCCESS;
}

Follow-Ups:
- Re: gdb and problematic core dumps for MKPIE executables
  - From: Christos Zoulas

Prev by Date: Option for apropos(1) and whatis(1) to accept man.conf path
Next by Date: Re: computer-friendly way of accessing ifconfig
Previous by Thread: Option for apropos(1) and whatis(1) to accept man.conf path
Next by Thread: Re: gdb and problematic core dumps for MKPIE executables
Indexes:

Home | Main Index | Thread Index | Old Index