Information regarding Internal signal handler table in Linux?

Question

In Linux suppose I install a signal handler for a user defined signal number (say for signal 10). Something like: signal(fun, 10); //fun() as signal handler for user defined signal 10

I wanted to inquire what is going in the background behind this. I know that there is an internal signal handler table for each process. But I couldn't find any more information about that table.

So, my question is that for a process. where is this information regarding signals and the address of their corresponding signal handlers stored? And how can I view/examine this information via gdb?

That signal processing table is inside the kernel. You cannot view it with gdb. — Basile Starynkevitch, Aug 12 '13 at 05:23

score 1 · Answer 1 · answered Aug 21 '13 at 15:11

In Linux signal handlers are stored per task in objects of type struct sighand_struct

struct sighand_struct {
    atomic_t        count;
    struct k_sigaction  action[_NSIG];
    spinlock_t      siglock;
};

This object is referenced from struct task_struct through sighand field. Instead of gdb (which is a tool for user space), use crash.

Reading from task_struct:

crash> p/x *((struct task_struct*)0xdfcb04c0).sighand
$9 = {
  count = {
    counter = 0x4
  }, 
  action = {{
      sa = {
        sa_handler = 0x0, 
        sa_flags = 0x0, 
        sa_restorer = 0x0, 
        sa_mask = {
          sig = {0x0, 0x0}
        }
      }
    }, {
      sa = {
        sa_handler = 0x0, 
        sa_flags = 0x0, 
        sa_restorer = 0x0, 
        sa_mask = {
          sig = {0x0, 0x0}
        }
      }
    }, {
      sa = {
        sa_handler = 0x0, 
        sa_flags = 0x0, 
        sa_restorer = 0x0, 
        sa_mask = {
          sig = {0x0, 0x0}
        }
      }
    }, {
      sa = {
        sa_handler = 0x4006ac0d, 
        sa_flags = 0x10000004, 
        sa_restorer = 0x0, 
        sa_mask = {
          sig = {0x0, 0x0}
        }
      }
...

So, we see that for signal 4 (SIGILL, signal with id 0 doesn't exist) user process installed function pointed by address 0x4006ac0d. And this we can confirm with simple command:

crash> sig 0xdfcb04c0
PID: 19658  TASK: dfcb04c0  CPU: 0   COMMAND: "FinalizerWatchd"
SIGNAL_STRUCT: e49f33c0  NR_THREADS: 4
 SIG SIGACTION  HANDLER       MASK       FLAGS   
 [1]  e49e8004  SIG_DFL 0000000000000000 0 
 [2]  e49e8018  SIG_DFL 0000000000000000 0 
 [3]  e49e802c  SIG_DFL 0000000000000000 0 
 [4]  e49e8040 4006ac0d 0000000000000000 10000004 (SA_SIGINFO|SA_RESTART)
 [5]  e49e8054  SIG_DFL 0000000000000000 0 
 [6]  e49e8068 4006ac0d 0000000000000000 10000004 (SA_SIGINFO|SA_RESTART)
 [7]  e49e807c 4006ac0d 0000000000000000 10000004 (SA_SIGINFO|SA_RESTART)
 [8]  e49e8090 4006ac0d 0000000000000000 10000004 (SA_SIGINFO|SA_RESTART)

Read more about signal handling here and about crash here

Information regarding Internal signal handler table in Linux?

1 Answers1