Create a new function after "int 0x80" (used instead of "ret")

[uvicorn]

Description

The output of radare2. Attention to address 0x08048436

│           0x080483ff      e832000000     call 0x8048436              ; int main(int argc, char **argv, char **envp)
│           0x08048404      31c0           xor eax, eax
│           0x08048406      0205849a0408   add al, byte [0x8049a84]    ; [0x8049a84:1]=0
│           0x0804840c      83f800         cmp eax, 0
│       ┌─< 0x0804840f      7405           je 0x8048416
│       │   0x08048411      b801000000     mov eax, 1
│       │   ; CODE XREF from main @ 0x804840f
│       └─> 0x08048416      c1e002         shl eax, 2
│           0x08048419      8b80179d0408   mov eax, dword [eax + 0x8049d17]
│           0x0804841f      50             push eax
│           0x08048420      689a9d0408     push str._r_n_s_r_n_s       ; 0x8049d9a ; "\r\n%s\r\n%s" ; const char *format
│           0x08048425      e832060000     call sym.imp.printf         ; int printf(const char *format)
│           0x0804842a      b801000000     mov eax, 1
│           0x0804842f      bb00000000     mov ebx, 0
│           0x08048434      cd80           int 0x80
│           ; CALL XREF from main @ 0x80483ff
│           0x08048436      be959a0408     mov esi, 0x8049a95    ; new function should be here
│           ; CODE XREF from main @ 0x80488eb

Ida output:

[condret]

int 0x80 is not always sys_exit. this requires some deeper esil analysis to reliably determine the syscall

[Lazula]

if we can track when an instruction causes program termination (including a sys_exit syscall like this example), we can just treat that as a function terminator like a ret. maybe some similar functionality already exists?

[trufae]

Yes. Any call to a noreturn function results in this too. Thats whats also named tailcall optimizations