Menu
This has been long pending question in my mind. I see that GDB tells us the signal causing process termination.
How do I find the source of the signal from a core?
In two different occasions my two application received SIGEMT and SIGUSR1. I know that there are other applications in production which can send these signals.
Also, I know that the sender information can be seen within running program and the data would be present in siginfo_t structure. But I don't have that luxury and in fact we don't have handler for this signal at all.
837
Recent-enough versions of the Linux kernel store this information in the core file. And, recent-enough versions of gdb can read it. Then you can use print $_siginfo with a core file just as you would when debugging live.
67
You can also read this information from core dump by eu-readelf:
$ eu-readelf --notes coredump | head
Note segment of 3180 bytes at offset 0x4a0:
Owner Data size Type
CORE 336 PRSTATUS
info.si_signo: 6, info.si_code: 0, info.si_errno: 0, cursig: 6
sigpend: <>
sighold: <>
pid: 28046, ppid: 3774, pgrp: 28046, sid: 3774
utime: 0.000000, stime: 0.002895, cutime: 0.000000, cstime: 0.000000
orig_rax: 35, fpvalid: 1
Note info.si_signo: 6, which means that process was killed by SIGABRT.
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
