Some sites generate a SIGTRAP
Closed this issue · 4 comments
Similar to the attached...
63c05b4d-007e_08-DOOBLE-exceptq.txt
This is very odd. Something implanted an "int 3" into the code (the error location actually points behind the "int 3" instruction and as you can see, the following 2 bytes seem to be the leftover of a complete 3-byte instruction whose first byte was overwritten with the "int3" instruction).
That would either happen if
- it is explicitely coded
- if the trace facility dynamically implants an "int 3" breakpoint (if, for example, you do a "trace on jfs", then jfs.ifs will get int3´s implanted at various places in the loaded binary so that it can spit out trace info at those points)
- if a debugger dynamically implants an "int 3" breakpoint (for about the same reason as 2), it would for example be able to display the register contents at that point)
But 1) is not likely as (see above) it seems that a 3-byte instruction had its first byte dynamically overwritten with an "int 3" instruction.
My gut feeling would be that under some circumstances, EXCEPTQ implants dynamic tracepoints by using the "DosDynamicTrace" API (see point 2)) but I don`t know when it would do that.
I got a different SIGTRAP today in some pdfium code - when trying to save a page as PDF
63e8992c-0040_0e-DOOBLE-exceptq.txt
Agree it's a little strange..
A similar SIGTRAP printing to PDF was fixed in b400f57 will create a new ticket including a site URL/steps to reproduce if more are found.