backtrace when corrupt stack

Cristian Zamfir cristian.zamfir@epfl.ch
Fri Feb 5 15:24:00 GMT 2010


Hi, 

I am trying to debug a bug that leads to a corrupt stack and I do not get an accurate backtrace with gdb. 

Is it possible to get an accurate backtrace in this case?

There is  "Backtrace stopped: previous frame inner to this frame (corrupt stack?)" indicates that the backtrace stopped later than the function I am interested in. 

I would like to get the function name and the arguments from frame 5 (see output below) --- the one called from the function Log()). The backtrace suggests this is __stack_chk_fail () from libc but that is not correct.

I tried this with gdb 7.0 and I also compiled gdb 7.0.1 but I get the same result.

This is the output:

*** stack smashing detected ***: /home/zamf/code/pin/source/tools/ddb/klee/examples/ghttpd-1.4-4/ghttpd terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0x651de8]
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0x651da0]
/home/zamf/code/pin/source/tools/ddb/klee/examples/ghttpd-1.4-4/ghttpd[0x804b4da]
[0x61616161]
======= Memory map: ========
00320000-0032a000 r-xp 00000000 08:41 131689     /lib/tls/i686/cmov/libnss_files-2.10.1.so
0032a000-0032b000 r--p 00009000 08:41 131689     /lib/tls/i686/cmov/libnss_files-2.10.1.so
0032b000-0032c000 rw-p 0000a000 08:41 131689     /lib/tls/i686/cmov/libnss_files-2.10.1.so
00571000-006af000 r-xp 00000000 08:41 131672     /lib/tls/i686/cmov/libc-2.10.1.so
006af000-006b1000 r--p 0013e000 08:41 131672     /lib/tls/i686/cmov/libc-2.10.1.so
006b1000-006b2000 rw-p 00140000 08:41 131672     /lib/tls/i686/cmov/libc-2.10.1.so
006b2000-006b5000 rw-p 00000000 00:00 0 
007ad000-007c0000 r-xp 00000000 08:41 131683     /lib/tls/i686/cmov/libnsl-2.10.1.so
007c0000-007c1000 r--p 00012000 08:41 131683     /lib/tls/i686/cmov/libnsl-2.10.1.so
007c1000-007c2000 rw-p 00013000 08:41 131683     /lib/tls/i686/cmov/libnsl-2.10.1.so
007c2000-007c4000 rw-p 00000000 00:00 0 
00895000-0089e000 r-xp 00000000 08:41 131693     /lib/tls/i686/cmov/libnss_nis-2.10.1.so
0089e000-0089f000 r--p 00008000 08:41 131693     /lib/tls/i686/cmov/libnss_nis-2.10.1.so
0089f000-008a0000 rw-p 00009000 08:41 131693     /lib/tls/i686/cmov/libnss_nis-2.10.1.so
008b1000-008cc000 r-xp 00000000 08:41 521        /lib/ld-2.10.1.so
008cc000-008cd000 r--p 0001a000 08:41 521        /lib/ld-2.10.1.so
008cd000-008ce000 rw-p 0001b000 08:41 521        /lib/ld-2.10.1.so
00a5c000-00a62000 r-xp 00000000 08:41 131685     /lib/tls/i686/cmov/libnss_compat-2.10.1.so
00a62000-00a63000 r--p 00005000 08:41 131685     /lib/tls/i686/cmov/libnss_compat-2.10.1.so
00a63000-00a64000 rw-p 00006000 08:41 131685     /lib/tls/i686/cmov/libnss_compat-2.10.1.so
00be9000-00c05000 r-xp 00000000 08:41 571        /lib/libgcc_s.so.1
00c05000-00c06000 r--p 0001b000 08:41 571        /lib/libgcc_s.so.1
00c06000-00c07000 rw-p 0001c000 08:41 571        /lib/libgcc_s.so.1
00c93000-00c94000 r-xp 00000000 00:00 0          [vdso]
08048000-0804c000 r-xp 00000000 08:43 657039     /home/zamf/code/pin/source/tools/ddb/klee/examples/ghttpd-1.4-4/ghttpd
0804c000-0804d000 r--p 00003000 08:43 657039     /home/zamf/code/pin/source/tools/ddb/klee/examples/ghttpd-1.4-4/ghttpd
0804d000-0804f000 rw-p 00004000 08:43 657039     /home/zamf/code/pin/source/tools/ddb/klee/examples/ghttpd-1.4-4/ghttpd
0804f000-08071000 rw-p 00000000 00:00 0          [heap]
b7feb000-b7fec000 rw-p 00000000 00:00 0 
b7ffd000-b8000000 rw-p 00000000 00:00 0 
bffeb000-c0000000 rw-p 00000000 00:00 0          [stack]

Program received signal SIGABRT, Aborted.
0x00c93422 in __kernel_vsyscall ()
(gdb) bt
#0  0x00c93422 in __kernel_vsyscall ()
#1  0x0059b4d1 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2  0x0059e932 in *__GI_abort () at abort.c:92
#3  0x005d1ee5 in __libc_message (do_abort=2, fmt=0x69359d "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#4  0x00651de8 in *__GI___fortify_fail (msg=0x693585 "stack smashing detected") at fortify_fail.c:32
#5  0x00651da0 in __stack_chk_fail () at stack_chk_fail.c:29
#6  0x0804b4da in Log (format=0x804b8bc "Connection from %s, request = \"GET %s\"") at util.c:274
#7  0x61616161 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)


Thank you,
Cristi



More information about the Gdb mailing list