Bug#791985: Please support ARM64 (ucontext_t)

Guy develop at faert.net
Tue Jul 14 06:52:21 UTC 2015

I checked again the source code and made some tests. For what I saw, 
that arch specififc code is no longer needed. On older systems, 
backtrace() returned everything but the instruction pointer of the place 
where the segmentation fault occured (obviously the most interesting 
one). This was due to the way how signal handling worked. The arch 
specific code tried to fetch the corresponding address and store it in 
the array before passing it to backtrace_symbols() for looking up the 
function names.

My tests showed that this behaviour is different today. I don't know 
whether a change in the kernel or libc is the reason, but it looks as if 
the arch specififc code is no longer needed and thus, in libguytools 
2.0.4, it has been commented out. 2.0.4 is available on Sourceforge.

Another thing that needs attention: Due to several code optimisations, 
notably frame pointer elimination (but others also), backtracing not 
always works. The code in toolsignal.cpp should be regarded as a best 
effort for getting valuable information in case a program causes a segfault.

Guy Voncken

More information about the forensics-devel mailing list