Hello there.
I'm a student and I'm writing my term paper. Part of it is the record
the trace of x86 ELF on x86_64 Linux. For record I use PANDA. And I
stacked with very strange problem: there is no system calls in my trace.
When I see this I was very surprised and make simple grabber of
translation blocks. As I know I must see in that sysenter (0x0F 0x34)
and int 0x80 (0xCD 0x80). But nothing of them was in my blocks. Maybe
trouble is in TCG? How I can test this and proxing system calls through
PANDA for analyze it?
For example what I mean: I have very stupid binary, it's just write
"Hello world" to file. But PANDA can't catch any calls. Even write
although it is clear that this call must be there.
--
With best wishes, Gnilozub-Volobuev N.I.
