[lldb-dev] Can't debug with a -g compiled binary as a non-root user on OS X 10.11 El Capitan

Jason Molenda via lldb-dev lldb-dev at lists.llvm.org
Fri Oct 2 17:59:07 PDT 2015 

Hi Tony.  There are new security mechanisms in Mac OS X 10.11 El Capitan, called System Integrity Protection, but I don't recognize this failure mode.  Try a stripped down example, like

$ echo 'int main () { }' > /tmp/a.c
$ xcrun clang /tmp/a.c -o /tmp/a.out
$ xcrun lldb /tmp/a.out
(lldb) br s -n main
(lldb) r

That should work.  That's a baseline, then we can start working on why your example isn't working.



> On Oct 2, 2015, at 2:35 PM, Tony Perrie via lldb-dev <lldb-dev at lists.llvm.org> wrote:
> 
> I can only seem to debug our binary as the root user om 10.11.  I rebooted at one point, and lldb did work briefly with a system user but then after the machine ran for a bit, it proceeded to not work again.  Rebooted again, and again, lldb failes with this error...
> 
> lldb /opt/aspera/bin/ascp
> (lldb) target create "/opt/aspera/bin/ascp"
> 2015-10-02 14:24:17.091 lldb[1721:12884] Metadata.framework [Error]: couldn't get the client port
> Current executable set to '/opt/aspera/bin/ascp' (x86_64).
> (lldb) r -i ~/.ssh/id_rsa /tmp/mp_source/* localhost:/tmp/mp_dest/
> error: process exited with status -1 (unable to attach)
> 
> As root, I can reproduce the error:
> 
> root# lldb /opt/aspera/bin/ascp
> (lldb) target create "/opt/aspera/bin/ascp"
> 2015-10-02 14:30:40.515 lldb[1864:14630] Metadata.framework [Error]: couldn't get the client port
> Current executable set to '/opt/aspera/bin/ascp' (x86_64).
> (lldb) r -i /var/root/.ssh/id_rsa /tmp/mp_source/* localhost:/tmp/mp_dest/
> Process 1866 launched: '/opt/aspera/bin/ascp' (x86_64)
> 
> Session Stop  (Error: Session initiation failed, Server process failed to start: permissions?)
> Process 1866 exited with status = 1 (0x00000001) 
> 
> I have another machine running OS X 10.9 and lldb where everything works flawlessly.
> 
> The problem with out binary seems to be that OS X is prohibiting our binary from starting another process (even as root).  Not sure if this is the right list for that question though.  Assume it's something to do with 10.11's security model.
> 
> _______________________________________________
> lldb-dev mailing list
> lldb-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev

More information about the lldb-dev mailing list