Hi,
--- Hui Zhong Qiu <qiuhuizhong@xxxxxxxxx> wrote:
> Hi guys,
>
> When a system call is made in the userland, how are
> the registers filled?
>
> I read that EAX stores the system call number, EBX
> stores the 1st arg,
> ECX 2nd arg, EDX 3rd arg, ESI 4th arg and EDI 5th
> arg. If there are
> more than 5 arguments, they are pushed into the
> stack.
>
> So, my questions are:
> 1. EAX stores the system call number or does it
> store the absolute (or
> relative) address to the actual system call?
They are numbers if you have your own system call you
have to edit include/asm-i386/unistd.h And
arch/i386/kernel/entry.S
entry.S contains data structure sys_call_table in
which
system call are indexed by numbers.
>
> 2. If there are less than 5 arguments, what are the
> values in some of
> the registers like ESI, EDI etc.
What i understood from your question is what is there
in ESI and EDI,
see this code fragment from the same file
ENTRY(system_call)
pushl %eax # save
orig_eax
SAVE_ALL
GET_CURRENT(%ebx)
testb $0x02,tsk_ptrace(%ebx) # PT_TRACESYS
jne tracesys
cmpl $(NR_syscalls),%eax
jae badsys
call *SYMBOL_NAME(sys_call_table)(,%eax,4)
movl %eax,EAX(%esp)
Actually this file is very informative you have to go
bit in depth.
>
> 3. Can I find the registers values inside the
> hexdump of the kernel
> file itself? I want to look at the assembly codes of
> the portion where
> the oops occur.
>
Thanks
Prasanna
__________________________________
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
