gs10.c

#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>

int main()
{
	unsigned int gs10;
	pid_t pid, pid10;
	FILE *fp;
	char buf[256];

	__asm__ volatile (
		"movl %%gs:0x10, %%eax"
		: "=a"(gs10)
	);
	printf("syscall point = %p\n", gs10);
	pid = getpid();
	__asm__ volatile ( "\t"
		"movl $20, %%eax\n\t"
		"call *%%gs:0x10\n\t"
		: "=a"(pid10)
	);
	printf("pid = %u, pid10 = %u\n", pid, pid10);

	fp = fopen("/proc/self/maps", "r");
	while(fgets(buf, sizeof(buf), fp) != NULL){
		fputs(buf, stdout);
	}
	fclose(fp);
}

kernel_syscall.txt

$ gdb ./a.out 
GNU gdb (GDB) Fedora 7.7.1-13.fc20
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./a.out...done.
(gdb) start
Temporary breakpoint 1 at 0x804856c: file gscall.c, line 12.
Starting program: /home/yuryu/src/a.out 

Temporary breakpoint 1, main () at gscall.c:12
12		__asm__ volatile (
Missing separate debuginfos, use: debuginfo-install glibc-2.18-12.fc20.i686
(gdb) n
16		printf("syscall point = %p\n", gs10);
(gdb) 
syscall point = 0xb7ffd414
17		pid = getpid();
(gdb) disas 0xb7ffd414
Dump of assembler code for function __kernel_vsyscall:
   0xb7ffd414 <+0>:	push   %ecx
   0xb7ffd415 <+1>:	push   %edx
   0xb7ffd416 <+2>:	push   %ebp
   0xb7ffd417 <+3>:	mov    %esp,%ebp
   0xb7ffd419 <+5>:	sysenter 
   0xb7ffd41b <+7>:	nop
   0xb7ffd41c <+8>:	nop
   0xb7ffd41d <+9>:	nop
   0xb7ffd41e <+10>:	nop
   0xb7ffd41f <+11>:	nop
   0xb7ffd420 <+12>:	nop
   0xb7ffd421 <+13>:	nop
   0xb7ffd422 <+14>:	int    $0x80
   0xb7ffd424 <+16>:	pop    %ebp
   0xb7ffd425 <+17>:	pop    %edx
   0xb7ffd426 <+18>:	pop    %ecx
   0xb7ffd427 <+19>:	ret    
End of assembler dump.

result.txt

$ ./a.out 
syscall point = 0xb775a414
pid = 13734, pid10 = 13734
08048000-08049000 r-xp 00000000 fd:00 812670     /home/yuryu/src/a.out
08049000-0804a000 r--p 00000000 fd:00 812670     /home/yuryu/src/a.out
0804a000-0804b000 rw-p 00001000 fd:00 812670     /home/yuryu/src/a.out
09370000-09391000 rw-p 00000000 00:00 0          [heap]
b7568000-b7569000 rw-p 00000000 00:00 0 
b7569000-b7721000 r-xp 00000000 fd:00 391110     /usr/lib/libc-2.18.so
b7721000-b7723000 r--p 001b8000 fd:00 391110     /usr/lib/libc-2.18.so
b7723000-b7724000 rw-p 001ba000 fd:00 391110     /usr/lib/libc-2.18.so
b7724000-b7727000 rw-p 00000000 00:00 0 
b7738000-b773b000 rw-p 00000000 00:00 0 
b773b000-b775a000 r-xp 00000000 fd:00 397102     /usr/lib/ld-2.18.so
b775a000-b775b000 r-xp 00000000 00:00 0          [vdso]
b775b000-b775c000 r--p 0001f000 fd:00 397102     /usr/lib/ld-2.18.so
b775c000-b775d000 rw-p 00020000 fd:00 397102     /usr/lib/ld-2.18.so
bfed0000-bfef1000 rw-p 00000000 00:00 0          [stack]