Code Dump Tricks

single handling

normally , the call stack is :

6391f1.inline.png
void show_stackframe() {
  void *trace[16];
  int i, trace_size = 0;

  trace_size = backtrace(trace, 16);
  for (i=0; i<trace_size; ++i)
    printf("[bt] %p\n", trace[i]);
}

single handling

however, if single handling is caught, things get complicated. if function B called function A, which in turn caused a SIGSEGV, a plain backtrace would list these entry points:

your_sig_handler()
sigaction() in libc.so
func_B()
main()

and no trace of the call to function A would be found.

one solution

http://www.linuxjournal.com/article/6391

get the pointer from stack

stack top in low address 

|----------------|
|  ebp(1)            | <---- 
|----------------|
|                       | < return address of sig_action() in libc.so
|----------------|
  ..
|  ebp(2)            | <---- ebp(1)
|----------------|
|    sigframe        | 
|----------------|

how to retrieve sigcontext->eip from stack ?

struct sigframe
{
   char *pretcode;
   int sig;
   struct sigcontext sc;
   struct _fpstate fpstate;
 };

   void **fp;
   struct sigframe * sig_frame;
   struct sigcontext *sig_context;

   asm volatile("movl %%ebp,%0" : "=r" (fp));

  void *trace[16];
  int trace_size = 0;

  trace_size = backtrace(trace, 16);

   depth = 1;
   for(int i = 0; i < depth; i++) {
       fp = (void**)*fp;
   }
   sig_frame = (struct sigframe*)(fp+1);
   sig_context = &(sig_frame->sc);
   trace[0] = (void*)sig_context->eip;

google codeump

http://stackoverflow.com/questions/318647/what-is-a-good-way-to-dump-a-linux-core-file-from-inside-a-process

Google has a library for generating coredumps from inside a running process called google-coredumper. This should ignore ulimit and other mechanisms.
http://code.google.com/p/google-coredumper/

quiet launch gdb

http://serverfault.com/questions/61659/can-you-get-any-program-in-linux-to-print-a-stack-trace-if-it-segfaults

eCrash

http://m.linuxjournal.com/article/8724

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License