Code Dump Tricks

single handling

normally , the call stack is :

void show_stackframe() {
  void *trace[16];
  int i, trace_size = 0;

  trace_size = backtrace(trace, 16);
  for (i=0; i<trace_size; ++i)
    printf("[bt] %p\n", trace[i]);

single handling

however, if single handling is caught, things get complicated. if function B called function A, which in turn caused a SIGSEGV, a plain backtrace would list these entry points:

sigaction() in

and no trace of the call to function A would be found.

one solution

get the pointer from stack

stack top in low address 

|  ebp(1)            | <---- 
|                       | < return address of sig_action() in
|  ebp(2)            | <---- ebp(1)
|    sigframe        | 

how to retrieve sigcontext->eip from stack ?

struct sigframe
   char *pretcode;
   int sig;
   struct sigcontext sc;
   struct _fpstate fpstate;

   void **fp;
   struct sigframe * sig_frame;
   struct sigcontext *sig_context;

   asm volatile("movl %%ebp,%0" : "=r" (fp));

  void *trace[16];
  int trace_size = 0;

  trace_size = backtrace(trace, 16);

   depth = 1;
   for(int i = 0; i < depth; i++) {
       fp = (void**)*fp;
   sig_frame = (struct sigframe*)(fp+1);
   sig_context = &(sig_frame->sc);
   trace[0] = (void*)sig_context->eip;

google codeump

Google has a library for generating coredumps from inside a running process called google-coredumper. This should ignore ulimit and other mechanisms.

quiet launch gdb


Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License