I'm using PTRACE_GETSIGINFO to get information over the nature of a SIGTRAP signal. I want to know if the SIGTRAP was triggered by a software breakpoint, a hardware breakpoint, a fork... However, the si_code field from siginfo_t is set to 0x80 when hitting a breakpoint, where it should be 1 looking at header asm/siginfo.h. Do you have any idea of where this value is defined ? I made a small program to reproduce the issue :
#include <sys/ptrace.h>
#include <unistd.h>
#include <stdint.h>
#include <stdio.h>
#include <sys/user.h>
#include <signal.h>
int main() {
pid_t pid;
if(!(pid = fork())) {
ptrace(PTRACE_TRACEME, NULL, NULL, NULL);
__asm__("int3");
return 0;
}
ptrace(PTRACE_ATTACH, pid, NULL, NULL);
struct user_regs_struct regs;
waitpid(pid, NULL, NULL);
ptrace(PTRACE_CONT, pid, NULL, NULL);
waitpid(pid, NULL, NULL);
ptrace(PTRACE_GETREGS, pid, NULL, ®s);
regs.rip--;
uint64_t read_word = ptrace(PTRACE_PEEKDATA, pid, regs.rip, NULL);
printf("Read byte : %x\n", read_word & 0xff);
siginfo_t si;
ptrace(PTRACE_GETSIGINFO, pid, 0, &si);
printf("Signal : %llx\n", si.si_signo);
printf("Code : %llx\n", si.si_code);
return 0;
}
And the output is :
Read byte : cc
Signal : 5
Code : 80