#include <execinfo.h> #include <stdio.h> #include <stdlib.h> #include <signal.h> /* A dummy function to make the backtrace more interesting. */ void dummy_function(void) { volatile int *ptr = 0; *ptr = 0xDEAD; } void dump(int signo) { void *array[32]; size_t size; char **strings; size_t i; size = backtrace(array, 32); strings = backtrace_symbols(array, size); printf("Obtained %d stack frames.\n", size); for (i = 0; i < size; i++) { printf("frame %d: %s\n", i, strings[i]); } free(strings); exit(0); } int main(void) { signal(SIGSEGV, &dump); dummy_function(); return 0; }
gcc -g -rdynamic test.c
./a.out
Obtained 5 stack frames.
frame 0: ./a.out(dump+0x1f) [0x80486bb]
frame 1: [0xd0d420]
frame 2: ./a.out(main+0x2a) [0x8048761]
frame 3: /lib/libc.so.6(__libc_start_main+0xdc) [0x89ae9c]
frame 4: ./a.out [0x80485d1]
objdump -d a.out
addr2line 0x8048761
test.c:36
a.out: file format elf32-i386
Disassembly of section .init:
08048504 <_init>:
8048504: 55 push %ebp
8048505: 89 e5 mov %esp,%ebp
8048507: 83 ec 08 sub $0x8,%esp
804850a: e8 c5 00 00 00 call 80485d4 <call_gmon_start>
804850f: e8 4c 01 00 00 call 8048660 <frame_dummy>
8048514: e8 d7 02 00 00 call 80487f0 <__do_global_ctors_aux>
8048519: c9 leave
804851a: c3 ret
Disassembly of section .plt:
0804851c <signal@plt-0x10>:
804851c: ff 35 cc 99 04 08 pushl 0x80499cc
8048522: ff 25 d0 99 04 08 jmp *0x80499d0
8048528: 00 00 add %al,(%eax)
...
0804852c <signal@plt>:
804852c: ff 25 d4 99 04 08 jmp *0x80499d4
8048532: 68 00 00 00 00 push $0x0
8048537: e9 e0 ff ff ff jmp 804851c <_init+0x18>
0804853c <__gmon_start__@plt>:
804853c: ff 25 d8 99 04 08 jmp *0x80499d8
8048542: 68 08 00 00 00 push $0x8
8048547: e9 d0 ff ff ff jmp 804851c <_init+0x18>
0804854c <__libc_start_main@plt>:
804854c: ff 25 dc 99 04 08 jmp *0x80499dc
8048552: 68 10 00 00 00 push $0x10
8048557: e9 c0 ff ff ff jmp 804851c <_init+0x18>
0804855c <free@plt>:
804855c: ff 25 e0 99 04 08 jmp *0x80499e0
8048562: 68 18 00 00 00 push $0x18
8048567: e9 b0 ff ff ff jmp 804851c <_init+0x18>
0804856c <backtrace_symbols@plt>:
804856c: ff 25 e4 99 04 08 jmp *0x80499e4
8048572: 68 20 00 00 00 push $0x20
8048577: e9 a0 ff ff ff jmp 804851c <_init+0x18>
0804857c <printf@plt>:
804857c: ff 25 e8 99 04 08 jmp *0x80499e8
8048582: 68 28 00 00 00 push $0x28
8048587: e9 90 ff ff ff jmp 804851c <_init+0x18>
0804858c <backtrace@plt>:
804858c: ff 25 ec 99 04 08 jmp *0x80499ec
8048592: 68 30 00 00 00 push $0x30
8048597: e9 80 ff ff ff jmp 804851c <_init+0x18>
0804859c <exit@plt>:
804859c: ff 25 f0 99 04 08 jmp *0x80499f0
80485a2: 68 38 00 00 00 push $0x38
80485a7: e9 70 ff ff ff jmp 804851c <_init+0x18>
Disassembly of section .text:
080485b0 <_start>:
80485b0: 31 ed xor %ebp,%ebp
80485b2: 5e pop %esi
80485b3: 89 e1 mov %esp,%ecx
80485b5: 83 e4 f0 and $0xfffffff0,%esp
80485b8: 50 push %eax
80485b9: 54 push %esp
80485ba: 52 push %edx
80485bb: 68 70 87 04 08 push $0x8048770
80485c0: 68 80 87 04 08 push $0x8048780
80485c5: 51 push %ecx
80485c6: 56 push %esi
80485c7: 68 37 87 04 08 push $0x8048737
80485cc: e8 7b ff ff ff call 804854c <__libc_start_main@plt>
80485d1: f4 hlt
80485d2: 90 nop
80485d3: 90 nop
080485d4 <call_gmon_start>:
80485d4: 55 push %ebp
80485d5: 89 e5 mov %esp,%ebp
80485d7: 53 push %ebx
80485d8: 83 ec 04 sub $0x4,%esp
80485db: e8 00 00 00 00 call 80485e0 <call_gmon_start+0xc>
80485e0: 5b pop %ebx
80485e1: 81 c3 e8 13 00 00 add $0x13e8,%ebx
80485e7: 8b 93 fc ff ff ff mov 0xfffffffc(%ebx),%edx
80485ed: 85 d2 test %edx,%edx
80485ef: 74 05 je 80485f6 <call_gmon_start+0x22>
80485f1: e8 46 ff ff ff call 804853c <__gmon_start__@plt>
80485f6: 58 pop %eax
80485f7: 5b pop %ebx
80485f8: c9 leave
80485f9: c3 ret
80485fa: 90 nop
80485fb: 90 nop
80485fc: 90 nop
80485fd: 90 nop
80485fe: 90 nop
80485ff: 90 nop
08048600 <__do_global_dtors_aux>:
8048600: 55 push %ebp
8048601: 89 e5 mov %esp,%ebp
8048603: 53 push %ebx
8048604: 83 ec 04 sub $0x4,%esp
8048607: 80 3d fc 99 04 08 00 cmpb $0x0,0x80499fc
804860e: 75 3f jne 804864f <__do_global_dtors_aux+0x4f>
8048610: b8 ec 98 04 08 mov $0x80498ec,%eax
8048615: 2d e8 98 04 08 sub $0x80498e8,%eax
804861a: c1 f8 02 sar $0x2,%eax
804861d: 8d 58 ff lea 0xffffffff(%eax),%ebx
8048620: a1 f8 99 04 08 mov 0x80499f8,%eax
8048625: 39 c3 cmp %eax,%ebx
8048627: 76 1f jbe 8048648 <__do_global_dtors_aux+0x48>
8048629: 8d b4 26 00 00 00 00 lea 0x0(%esi),%esi
8048630: 83 c0 01 add $0x1,%eax
8048633: a3 f8 99 04 08 mov %eax,0x80499f8
8048638: ff 14 85 e8 98 04 08 call *0x80498e8(,%eax,4)
804863f: a1 f8 99 04 08 mov 0x80499f8,%eax
8048644: 39 c3 cmp %eax,%ebx
8048646: 77 e8 ja 8048630 <__do_global_dtors_aux+0x30>
8048648: c6 05 fc 99 04 08 01 movb $0x1,0x80499fc
804864f: 83 c4 04 add $0x4,%esp
8048652: 5b pop %ebx
8048653: 5d pop %ebp
8048654: c3 ret
8048655: 8d 74 26 00 lea 0x0(%esi),%esi
8048659: 8d bc 27 00 00 00 00 lea 0x0(%edi),%edi
08048660 <frame_dummy>:
8048660: 55 push %ebp
8048661: 89 e5 mov %esp,%ebp
8048663: 83 ec 08 sub $0x8,%esp
8048666: a1 f0 98 04 08 mov 0x80498f0,%eax
804866b: 85 c0 test %eax,%eax
804866d: 74 12 je 8048681 <frame_dummy+0x21>
804866f: b8 00 00 00 00 mov $0x0,%eax
8048674: 85 c0 test %eax,%eax
8048676: 74 09 je 8048681 <frame_dummy+0x21>
8048678: c7 04 24 f0 98 04 08 movl $0x80498f0,(%esp)
804867f: ff d0 call *%eax
8048681: c9 leave
8048682: c3 ret
8048683: 90 nop
08048684 <dummy_function>:
8048684: 55 push %ebp
8048685: 89 e5 mov %esp,%ebp
8048687: 83 ec 10 sub $0x10,%esp
804868a: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
8048691: 8b 45 fc mov 0xfffffffc(%ebp),%eax
8048694: c7 00 ad de 00 00 movl $0xdead,(%eax)
804869a: c9 leave
804869b: c3 ret
0804869c <dump>:
804869c: 55 push %ebp
804869d: 89 e5 mov %esp,%ebp
804869f: 81 ec a8 00 00 00 sub $0xa8,%esp
80486a5: c7 44 24 04 20 00 00 movl $0x20,0x4(%esp)
80486ac: 00
80486ad: 8d 85 74 ff ff ff lea 0xffffff74(%ebp),%eax
80486b3: 89 04 24 mov %eax,(%esp)
80486b6: e8 d1 fe ff ff call 804858c <backtrace@plt>
80486bb: 89 45 f4 mov %eax,0xfffffff4(%ebp)
80486be: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
80486c1: 89 44 24 04 mov %eax,0x4(%esp)
80486c5: 8d 85 74 ff ff ff lea 0xffffff74(%ebp),%eax
80486cb: 89 04 24 mov %eax,(%esp)
80486ce: e8 99 fe ff ff call 804856c <backtrace_symbols@plt>
80486d3: 89 45 f8 mov %eax,0xfffffff8(%ebp)
80486d6: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
80486d9: 89 44 24 04 mov %eax,0x4(%esp)
80486dd: c7 04 24 40 88 04 08 movl $0x8048840,(%esp)
80486e4: e8 93 fe ff ff call 804857c <printf@plt>
80486e9: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
80486f0: eb 26 jmp 8048718 <dump+0x7c>
80486f2: 8b 45 fc mov 0xfffffffc(%ebp),%eax
80486f5: c1 e0 02 shl $0x2,%eax
80486f8: 03 45 f8 add 0xfffffff8(%ebp),%eax
80486fb: 8b 00 mov (%eax),%eax
80486fd: 89 44 24 08 mov %eax,0x8(%esp)
8048701: 8b 45 fc mov 0xfffffffc(%ebp),%eax
8048704: 89 44 24 04 mov %eax,0x4(%esp)
8048708: c7 04 24 5b 88 04 08 movl $0x804885b,(%esp)
804870f: e8 68 fe ff ff call 804857c <printf@plt>
8048714: 83 45 fc 01 addl $0x1,0xfffffffc(%ebp)
8048718: 8b 45 fc mov 0xfffffffc(%ebp),%eax
804871b: 3b 45 f4 cmp 0xfffffff4(%ebp),%eax
804871e: 72 d2 jb 80486f2 <dump+0x56>
8048720: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
8048723: 89 04 24 mov %eax,(%esp)
8048726: e8 31 fe ff ff call 804855c <free@plt>
804872b: c7 04 24 00 00 00 00 movl $0x0,(%esp)
8048732: e8 65 fe ff ff call 804859c <exit@plt>
08048737 <main>:
8048737: 8d 4c 24 04 lea 0x4(%esp),%ecx
804873b: 83 e4 f0 and $0xfffffff0,%esp
804873e: ff 71 fc pushl 0xfffffffc(%ecx)
8048741: 55 push %ebp
8048742: 89 e5 mov %esp,%ebp
8048744: 51 push %ecx
8048745: 83 ec 14 sub $0x14,%esp
8048748: c7 44 24 04 9c 86 04 movl $0x804869c,0x4(%esp)
804874f: 08
8048750: c7 04 24 0b 00 00 00 movl $0xb,(%esp)
8048757: e8 d0 fd ff ff call 804852c <signal@plt>
804875c: e8 23 ff ff ff call 8048684 <dummy_function>
8048761: b8 00 00 00 00 mov $0x0,%eax
8048766: 83 c4 14 add $0x14,%esp
8048769: 59 pop %ecx
804876a: 5d pop %ebp
804876b: 8d 61 fc lea 0xfffffffc(%ecx),%esp
804876e: c3 ret
804876f: 90 nop
08048770 <__libc_csu_fini>:
8048770: 55 push %ebp
8048771: 89 e5 mov %esp,%ebp
8048773: 5d pop %ebp
8048774: c3 ret
8048775: 8d 74 26 00 lea 0x0(%esi),%esi
8048779: 8d bc 27 00 00 00 00 lea 0x0(%edi),%edi
08048780 <__libc_csu_init>:
8048780: 55 push %ebp
8048781: 89 e5 mov %esp,%ebp
8048783: 57 push %edi
8048784: 56 push %esi
8048785: 53 push %ebx
8048786: e8 5e 00 00 00 call 80487e9 <__i686.get_pc_thunk.bx>
804878b: 81 c3 3d 12 00 00 add $0x123d,%ebx
8048791: 83 ec 1c sub $0x1c,%esp
8048794: e8 6b fd ff ff call 8048504 <_init>
8048799: 8d 83 18 ff ff ff lea 0xffffff18(%ebx),%eax
804879f: 89 45 f0 mov %eax,0xfffffff0(%ebp)
80487a2: 8d 83 18 ff ff ff lea 0xffffff18(%ebx),%eax
80487a8: 29 45 f0 sub %eax,0xfffffff0(%ebp)
80487ab: c1 7d f0 02 sarl $0x2,0xfffffff0(%ebp)
80487af: 8b 55 f0 mov 0xfffffff0(%ebp),%edx
80487b2: 85 d2 test %edx,%edx
80487b4: 74 2b je 80487e1 <__libc_csu_init+0x61>
80487b6: 31 ff xor %edi,%edi
80487b8: 89 c6 mov %eax,%esi
80487ba: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
80487c0: 8b 45 10 mov 0x10(%ebp),%eax
80487c3: 83 c7 01 add $0x1,%edi
80487c6: 89 44 24 08 mov %eax,0x8(%esp)
80487ca: 8b 45 0c mov 0xc(%ebp),%eax
80487cd: 89 44 24 04 mov %eax,0x4(%esp)
80487d1: 8b 45 08 mov 0x8(%ebp),%eax
80487d4: 89 04 24 mov %eax,(%esp)
80487d7: ff 16 call *(%esi)
80487d9: 83 c6 04 add $0x4,%esi
80487dc: 39 7d f0 cmp %edi,0xfffffff0(%ebp)
80487df: 75 df jne 80487c0 <__libc_csu_init+0x40>
80487e1: 83 c4 1c add $0x1c,%esp
80487e4: 5b pop %ebx
80487e5: 5e pop %esi
80487e6: 5f pop %edi
80487e7: 5d pop %ebp
80487e8: c3 ret
080487e9 <__i686.get_pc_thunk.bx>:
80487e9: 8b 1c 24 mov (%esp),%ebx
80487ec: c3 ret
80487ed: 90 nop
80487ee: 90 nop
80487ef: 90 nop
080487f0 <__do_global_ctors_aux>:
80487f0: 55 push %ebp
80487f1: 89 e5 mov %esp,%ebp
80487f3: 53 push %ebx
80487f4: bb e0 98 04 08 mov $0x80498e0,%ebx
80487f9: 83 ec 04 sub $0x4,%esp
80487fc: a1 e0 98 04 08 mov 0x80498e0,%eax
8048801: 83 f8 ff cmp $0xffffffff,%eax
8048804: 74 0c je 8048812 <__do_global_ctors_aux+0x22>
8048806: 83 eb 04 sub $0x4,%ebx
8048809: ff d0 call *%eax
804880b: 8b 03 mov (%ebx),%eax
804880d: 83 f8 ff cmp $0xffffffff,%eax
8048810: 75 f4 jne 8048806 <__do_global_ctors_aux+0x16>
8048812: 83 c4 04 add $0x4,%esp
8048815: 5b pop %ebx
8048816: 5d pop %ebp
8048817: c3 ret
Disassembly of section .fini:
08048818 <_fini>:
8048818: 55 push %ebp
8048819: 89 e5 mov %esp,%ebp
804881b: 53 push %ebx
804881c: 83 ec 04 sub $0x4,%esp
804881f: e8 00 00 00 00 call 8048824 <_fini+0xc>
8048824: 5b pop %ebx
8048825: 81 c3 a4 11 00 00 add $0x11a4,%ebx
804882b: e8 d0 fd ff ff call 8048600 <__do_global_dtors_aux>
8048830: 59 pop %ecx
8048831: 5b pop %ebx
8048832: c9 leave
8048833: c3 ret