Clever Geek Handbook

Is there any argonomic way to get the instruction pointer to SIGTRAP?

I'm looking for an algorithmic way to get the instruction pointer (AKA program counter) of the last command attempt (or one of it) that SIGTRAP was generated from, in terms of traceability ptrace

.

The argo-dependent way is use PTRACE_GETREGS

and selection, for example. EIP

on i386, RIP

on x86_64, PC

on ARM, etc.

I've tried using siginfo.si_addr

as well as siginfo.si_ptr

from the PTRACE_GETSIGINFO

-returned struct, but these values ​​look completely wrong (4 hex digits instead of 8 and don't even look like the true address), so they don't seem to be what I want.

On Linux, I also tried to use the 30th field /proc/<pid>/task/<tid>/stat

that the kernel fills in fs/proc/array.c:do_task_stat()

with KSTK_EIP(task)

(which, despite being named x86-centric, appears for many other architectures). But for some reason, on my ARMv6 Linux 4.9.28+ (Raspbian 8), I get zeros for both the program counter and the stack pointer.

So, is there any arch independent way of defining the current / next address as defined by POSIX, or at least available in Linux?

+3


source to share


1 answer


You can use /proc/[pid]/syscall

.

mark@ubuntu:~$ gdb python
...
...
... 
Program received signal SIGINT, Interrupt.
0x00007ffff78ed573 in __select_nocancel () at ../sysdeps/unix/syscall-template.S:84
84  ../sysdeps/unix/syscall-template.S: No such file or directory.
(gdb) 

mark@ubuntu:~/$ ps aux | grep python
mark      77858  0.2  0.7  90216 37780 pts/2    S+   15:13   0:00 gdb python
mark      77860  0.0  0.1  38416  6424 pts/2    t    15:13   0:00 /usr/bin/python

(see picture 77860

- t

)

mark@ubuntu:~/$ sudo cat /proc/77860/syscall
23 0x1 0x7fffffffd980 0x0 0x0 0x0 0x7ffff7fdb700 0x7fffffffd958 0x7ffff78ed573


0x7fffffffd958

- sp

, and 0x7ffff78ed573

- program counter.

I was unable to find a call ptrace

that helps here.

http://man7.org/linux/man-pages/man5/proc.5.html

   /proc/[pid]/syscall (since Linux 2.6.27)
          This file exposes the system call number and argument regis‐
          ters for the system call currently being executed by the
          process, followed by the values of the stack pointer and pro‐
          gram counter registers.  The values of all six argument regis‐
          ters are exposed, although most system calls use fewer regis‐
          ters.

          If the process is blocked, but not in a system call, then the
          file displays -1 in place of the system call number, followed
          by just the values of the stack pointer and program counter.
          If process is not blocked, then the file contains just the
          string "running".
+2


source






More articles:


All Articles