Re: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1

To: Alexander Nasonov <alnsn%yandex.ru@localhost>
Subject: Re: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
From: Alexander Nasonov <alnsn%yandex.ru@localhost>
Date: Sat, 25 Jul 2015 12:44:20 +0100

Alexander Nasonov wrote:
> This problem has been annoying me for quite some time but I looked at it
> only today. I know that PIE is work in progress but since most things
> work for me, I wonder if anyone sees the same problem.
> 
> I checked out -current today and built everything with MKPIE=yes on
> amd64.
> 
> Then I built GNU make 3.82 with PIE options:
> 
> $ cd make-3.82
> $ ./configure CFLAGS='-O -g -fPIE' CXXFLAGS='-O2 -fPIE' LDFLAGS=-pie
> $ make
> 
> 
> and tried to 'make clean' in luajit-2.0:
> 
> $ cd ../luajit-2.0
> $ gdb $OLDPWD/make
> (gdb) run clean
> 
> Sometimes it works but often it crashes when trying to read protected
> anon page:

Sorry, forgot to include a backtrace.

Below is a new gdb session which I ran in make-3.82 directory. It's very
similar to the previous.

$ gdb ./make
$ run
Program received signal SIGSEGV, Segmentation fault.
0x00007f7ff7c04439 in _rtld_shared_enter () from /usr/libexec/ld.elf_so
(gdb) bt
#0  0x00007f7ff7c04439 in _rtld_shared_enter () from /usr/libexec/ld.elf_so
#1  0x00007f7ff7c030e8 in _rtld_bind () from /usr/libexec/ld.elf_so
#2  0x00007f7ff7c02d7d in _rtld_bind_start () from /usr/libexec/ld.elf_so
#3  0x0000000000000202 in ?? ()
#4  0x0000000000000003 in ?? ()
#5  0x0000000046612cbe in start_job_command (child=0x1) at job.c:1325
#6  0x0000000046612f8e in reap_children (block=block@entry=1, err=err@entry=0) at job.c:617
#7  0x0000000046613e1e in new_job (file=file@entry=0x7dc9e0332a60) at job.c:1812
#8  0x0000000046608fa6 in execute_file_commands (file=file@entry=0x7dc9e0332a60) at commands.c:471
#9  0x000000004661e506 in remake_file (file=0x7dc9e0332a60) at remake.c:1189
#10 update_file_1 (depth=<optimized out>, file=0x7dc9e0332a60) at remake.c:811
#11 update_file (file=file@entry=0x7dc9e0332a60, depth=depth@entry=2) at remake.c:317
#12 0x000000004661d24b in check_dep (file=0x7dc9e0332a60, depth=2, depth@entry=1, this_mtime=this_mtime@entry=1, must_make_ptr=must_make_ptr@entry=0x7f7fffd22d9c)
    at remake.c:1001
#13 0x000000004661dcc8 in update_file_1 (depth=<optimized out>, file=0x7dc9e0332af0) at remake.c:558
#14 update_file (file=<optimized out>, depth=<optimized out>) at remake.c:317
#15 0x000000004661e993 in update_goal_chain (goals=<optimized out>) at remake.c:157
#16 0x0000000046617229 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at main.c:2282
(gdb) disassemble
Dump of assembler code for function _rtld_shared_enter:
   0x00007f7ff7c04430 <+0>:     push   %rbp
   0x00007f7ff7c04431 <+1>:     push   %rbx
   0x00007f7ff7c04432 <+2>:     callq  0x7f7ff7c0c690 <membar_enter>
   0x00007f7ff7c04437 <+7>:     xor    %ebp,%ebp
=> 0x00007f7ff7c04439 <+9>:     mov    0x20d869(%rip),%ebx        # 0x7f7ff7e11ca8 <_rtld_mutex>
   0x00007f7ff7c0443f <+15>:    test   %ebx,%ebx

(gdb) x 0x20d869+0x00007f7ff7c0443f
0x7f7ff7e11ca8 <_rtld_mutex>:   0x00000000
 
(gdb) info threads
  Id   Target Id         Frame
* 1    process 2007      0x00007f7ff7c04439 in _rtld_shared_enter () from /usr/libexec/ld.elf_so

$ pmap 2007
0000000046601000    184K read/exec         /home/alnsn/src/make-3.82/make
000000004682E000      8K read/write        /home/alnsn/src/make-3.82/make
0000000046830000      8K read/write          [ anon ]
00007DC9E0300000     64K read/write          [ anon ]
00007DC9E0310000    960K read/write          [ anon ]
00007DC9E0400000    192K read/exec         /lib/libc.so.12.197
00007DC9E0430000     64K read/exec         /lib/libc.so.12.197
00007DC9E0440000   1104K read/exec         /lib/libc.so.12.197
00007DC9E0554000   2048K                   /lib/libc.so.12.197
00007DC9E0754000     48K read/write        /lib/libc.so.12.197
00007DC9E0760000     76K read/write          [ anon ]
00007DC9E0800000     48K read/exec         /lib/libgcc_s.so.1.0
00007DC9E080C000   2044K                   /lib/libgcc_s.so.1.0
00007DC9E0A0B000      4K read/write        /lib/libgcc_s.so.1.0
00007DC9E0A2C000     40K read/write          [ anon ]
00007F7FF7C00000     68K read/exec         /libexec/ld.elf_so
00007F7FF7C11000   1112K                     [ anon ]
00007F7FF7D27000    936K                     [ anon ]
00007F7FF7E11000      8K                     [ anon ]     <======= CRASH at offset 3240
00007F7FF8000000 124060K                     [ stack ]
00007F7FFF927000   4068K read/write          [ stack ]
00007F7FFFD20000     28K read/write          [ stack ]
 total             6964K

0x7f7ff7e11ca8 <_rtld_mutex>:   0x00000000
(gdb) print 0x20d869+0x00007f7ff7c0443f-0x00007F7FF7E11000
$1 = 3240

Alex

Follow-Ups:
- Re: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
  - From: Alexander Nasonov

References:
- gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
  - From: Alexander Nasonov

Prev by Date: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
Next by Date: Re: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
Previous by Thread: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
Next by Thread: Re: gmake crashes in _rtld_shared_enter when security.pax.aslr.enabled=1
Indexes:

Home | Main Index | Thread Index | Old Index