[PATCH 2/2] stack trace support: print full instruction pointer in addition to offset

Mike Frysinger vapier at gentoo.org
Sat Nov 15 22:43:04 UTC 2014


On 06 Nov 2014 21:07, Thomas De Schampheleire wrote:
> On Thu, Nov 6, 2014 at 5:55 PM, Masatake YAMATO wrote:
> >>  unwind.c |   18 +++++++++++++-----
> >>  1 files changed, 13 insertions(+), 5 deletions(-)
> >>
> >> Note: I would find it more logical to only show the full instruction pointer,
> >> instead of both the instruction pointer and the offset. But I'm not sure if
> >> everyone would agree to that.
> >
> > In any environment, can we exepct a library or execrable file is mapped to
> > predictable address?
> 
> No, you're absolutely right.
> I was not properly considering shared libraries. These are compiled as
> PIC (position-independent code), and are relocated at run-time. In
> this case, you indeed need the true_offset to be able to decode.
> For the main executable, no runtime relocation is performed, and to
> decode addresses you need the full ip.

that's frequently not the case anymore.  most distros build network/set*id 
programs as PIEs (like sshd or sudo), and some hardened distros build all 
applications as PIEs.  also, for targets that support bFLT or FDPIC ELF 
(usually nommu arches), the program is always loaded into a random address.
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20141115/3d2f9b8b/attachment.bin>


More information about the Strace-devel mailing list