Current code in analyze_syscall depends on debuggee bitness, this is wrong. It should instead check the syscall instruction. This would be different for all: int 0x80 is 32-bit completely, syscall is 64-bit completely, sysenter is 32 bit and needs special handling for 6th parameter.
Current code in
analyze_syscalldepends on debuggee bitness, this is wrong. It should instead check the syscall instruction. This would be different for all:int 0x80is 32-bit completely,syscallis 64-bit completely,sysenteris 32 bit and needs special handling for 6th parameter.