Reputation: 1305
mprotect: how to get the instruction which causes protection violation?
I am using mprotect to set some memory pages as write protected. When any writing is tried in that memory region, the program gets a SIGSEGV signal. From the signal handler I know in which memory address the write was tried, but I don't know the way how to find out which instruction causes write protection violation. So inside the signal handler I am thinking of reading the program counter(PC) register to get the faulty instruction. Is there a easy way to do this?
Upvotes: 0
Views: 369
Answers (1)
Reputation: 215387
If you install your signal handler using sigaction with the SA_SIGINFO flag, the third argument to the signal handler has type void * but points to a structure of type ucontext_t, which in turn contains a structure of type mcontext_t. The contents of mcontext_t are implementation-defined and generally cpu-architecture-specific, but this is where you will find the saved program counter.
It's also possible that the compiler's builtins (__builtin_return_address with a nonzero argument, I think) along with unwinding tables may be able to trace across the signal handler. While this is in some ways more general (it's not visibly cpu-arch-specific), I think it's also more fragile, and whether it actually works may be cpu-arch- and ABI-specific.
Upvotes: 3
Related Questions
- Alternatives to mprotect()
- assembly, how to use mprotect?
- c++ mprotect for read, write and execute
- mprotect fails after some number of calls
- Toggling flags for injected mprotect calls in multi-threaded applications
- Solving mprotect() syscall failure
- mprotect always returns invalid arguments
- mprotect entire program, to run dangerous code
- Ptrace mprotect debugging trouble
- how to get protection flags of a memory area, flags are PROT_READ /PROT_EXEC in mprotect