Uit Gentoo Linux Wiki

[bewerken] Note

This doesn't work with recent gentoo hardened systems. See discussion and bugs

[bewerken] Why?

Having problems debugging executables with hardened gcc and USE="hardened" turned on? This guide will run through how to debug programs that are proving difficult.

[bewerken] Set Your Flags

Add to your LDFLAGS LDFLAGS="-ggdb", assuming you are using gdb. (aren't we all, though? :-) )

[bewerken] Disable PaX

Turn off all PaX flags on the program with chpax or paxctl.

chpax/paxctl -prmsx /the/executable/you/want

[bewerken] Change your GCC specs

Before compiling, set the GCC_SPECS environment variable like this:

export GCC_SPECS='/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.6/vanilla.specs'

The exact path may vary on your system, depending on your architecture and your GCC version. This will disable all hardened/pie/pic features of gcc.

If your project uses a Makefile, put this line at the top of it:

export GCC_SPECS := /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.6/vanilla.specs

and rebuild entirely (make clean && make).

[bewerken] GDB

If you're debugging an existing ET_DYN executable then try running gdb /lib/ld-linux.so.2, then run /the/executable/you/want from within gdb.

[bewerken] Troubleshooting

If that doesn't work, try compiling with CFLAGS="-nopie". You will lose the ability to have some PaX protections. Remember that shared objects/modules must be compiled with -fPIC.

[bewerken] Real life example

CFLAGS="-g3 -fno-pie -fno-stack-protector-all -nonow -norelro" \
LDFLAGS="-ggdb" FEATURES="nostrip keepwork keeptemp" \
emerge buggyapp

Hope This Helps! Thank solar of hardened-gentoo for this tip I am redistributing.