Ubuntu
xchat-gnome package

  1. Bug #57731
  2. Comment #15

Comment 15 for bug 57731

Revision history for this message
Wayne Salmiaker (hannessteltzer) wrote :

Thanks for your quick answers!
After poking a zero, I performed a little loop to get the system call number (orig_eax) and the next two arguments (ebx, ecx) of the next 20 system calls. This is how it looks:

syscall=240 (1st_arg=-1210085564 2nd_arg=0)
syscall=240 (1st_arg=-1210085564 2nd_arg=1)
syscall=240 (1st_arg=-1210085564 2nd_arg=1)
syscall=13 (1st_arg=-1075451152 2nd_arg=135199597)
syscall=13 (1st_arg=-1075451152 2nd_arg=135199597)
syscall=102 (1st_arg=1 2nd_arg=-1075451340)
syscall=102 (1st_arg=1 2nd_arg=-1075451340)
syscall=221 (1st_arg=11 2nd_arg=2)
syscall=221 (1st_arg=11 2nd_arg=2)
syscall=102 (1st_arg=3 2nd_arg=-1075451340)
syscall=102 (1st_arg=3 2nd_arg=-1075451340)
syscall=102 (1st_arg=9 2nd_arg=-1075451304)
syscall=102 (1st_arg=9 2nd_arg=-1075451304)
syscall=6 (1st_arg=11 2nd_arg=1)
syscall=6 (1st_arg=11 2nd_arg=1)
syscall=174 (1st_arg=17 2nd_arg=0)
syscall=174 (1st_arg=17 2nd_arg=0)
syscall=4 (1st_arg=6 2nd_arg=134908385)
syscall=4 (1st_arg=6 2nd_arg=134908385)
syscall=13 (1st_arg=-1075451152 2nd_arg=135199597)
syscall=13 (1st_arg=-1075451152 2nd_arg=135199597)
syscall=102 (1st_arg=1 2nd_arg=-1075451340)
syscall=102 (1st_arg=1 2nd_arg=-1075451340)
syscall=221 (1st_arg=11 2nd_arg=2)
syscall=221 (1st_arg=11 2nd_arg=2)
syscall=102 (1st_arg=3 2nd_arg=-1075451340)
syscall=102 (1st_arg=3 2nd_arg=-1075451340)
syscall=102 (1st_arg=9 2nd_arg=-1075451304)
syscall=102 (1st_arg=9 2nd_arg=-1075451304)
syscall=6 (1st_arg=11 2nd_arg=1)
syscall=6 (1st_arg=11 2nd_arg=1)
syscall=119 (1st_arg=1 2nd_arg=-1210093580)
syscall=-1 (1st_arg=1 2nd_arg=-1075448172)
syscall=221 (1st_arg=9 2nd_arg=2)
syscall=221 (1st_arg=9 2nd_arg=2)
syscall=102 (1st_arg=3 2nd_arg=-1075448172)
syscall=102 (1st_arg=3 2nd_arg=-1075448172)

This looks a little cryptic now, but you just need to have a look into /usr/include/asm-i486/unistd.h where all the numbers for the different system calls are defined. It seems each system call is represented by 2 output lines. 240 stands for futex. 2nd arguent "0" means FUTEX_WAIT. "1" means FUTEX_WAKE. 119 stands for "sigreturn". This is where the signal handler is left and the process continues with the normal procedure. 221 is fcnt64 which is also part of the debug() call. 102 is socketcall which seems to be a synonym for "connect".