Skip to content

Instantly share code, notes, and snippets.

@janwilmans

janwilmans/linux-signal-handlers.md

Last active December 7, 2019 23:15
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save janwilmans/49489fb4d5b5936ffcafaaddc437f292 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save janwilmans/49489fb4d5b5936ffcafaaddc437f292 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
linux-signal-handlers.md

When a process causes a segmentation fault, or receives SIGSEGV (11) by default it generates a coredump file and terminates. Some libraries, for ex. (http://icanprogram.com/simpl/) install custom handlers to many signals and just calls _exit(0);

sigaction(SIGHUP, &sigact, NULL);
sigaction(SIGILL, &sigact, NULL);
sigaction(SIGABRT, &sigact, NULL);
sigaction(SIGINT, &sigact, NULL);
sigaction(SIGSEGV, &sigact, NULL);
sigaction(SIGTERM, &sigact, NULL);
sigaction(SIGPIPE, &sigact, NULL);

Instead of calling _exit(0), simpl could instead call this method:

  // this will restore the original handler and call it
  void default_sighandler(int signum)
  {
    signal(signum, SIG_DFL);
    raise(signum);
  }

So the default signal handlers will be invoked and crashdumps will be generated

Setting up core dumps

To setup quick, dirty and temporarily, you can do this:

# mkdir /var/coredumps
# chmod 777 /var/coredumps
# echo "/var/coredumps/core.%E.%p.%h" > /proc/sys/kernel/core_pattern
# ulimit -c unlimited

However, already running processes will be unaffected, because the ulimit setting is environment specific.

Permanent generation of coredump files must be enabled in a couple of steps:

# first make a place to put the coredump files 
$ mkdir /var/coredumps
$ chmod 777 /var/coredumps
# add to /etc/security/limits.conf
# this is the permanent equivalent of 'ulimit -c unlimited'
*               soft    core            unlimited
root            soft    core            unlimited
# add to /etc/sysctl.conf
# this is the permanent equivalent of 'echo "/var/coredumps/core.%E.%p.%h" > /proc/sys/kernel/core_pattern'
kernel.core_pattern=/var/coredumps/core.%E.%p.%h

# this line allows processes running as root (have the suid flag set) to also create coredumps
# this is *NOT SECURE* as coredump files may contain sensitive information
# its not generally recommended to use this in production
#fs.suid_dumpable=1

test with:

$ bash                   # start a new bash
$ kill -s SIGSEGV $$     # order bash to self terminate

This page: http://man7.org/linux/man-pages/man7/signal.7.html describes the default behavior for signals (see the Standard signals table).

If a signal is 'handled' like in this example, the signal will be ignored, which in case of SIGSEGV is Very_Bad(tm)!

void sig_handler(int signo)
{
   std::cerr << "received signal: "  << signo << "\n";
}

int main(int argc, char *argv[])
{
   signal(SIGSEGV, sig_handler);
   const int * i = 0;
   volatile int j = *i;    
   print("ah - ah - ah - stay'n alive\n");
}

references:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment