x86 Syscall

Old system calls vs New system calls (64 bits only)

Intel syntax

section .text
	global _start

section .data
	msg_old		db 'Hello, old world!', 10
	len_old		equ $-msg_old

	msg_new		db 'Hello, new world!', 10
	len_new		equ $-msg_new

_start:
	; Old way
	mov	rcx, msg_old	; Message to write
	mov	rdx, len_old	; Message length
	mov	rax, 4		; sys_write
	mov	rbx, 1		; Stdout
	int	0x80		; Call kernel

	; New way
	mov	rsi, msg_new	; Message to write
	mov	rdx, len_new	; Message length
	mov	rax, 1		; sys_write
	mov	rdi, 1		; Stdout
	syscall

	; Exit
	mov	rax, 0x3c	; sys_exit
	mov	rdi, 0		; Exit code
	syscall			; Call kernel

$ yasm -felf64 -o hello.o hello.asm
$ ld -o hello hello.o

AT&T syntax

.text
.global _start

.data
	msg_old:	.ascii	"Hello, old world!\n"
	len_old		= . - msg_old

	msg_new:	.ascii	"Hello, new world!\n"
	len_new		= . - msg_new

_start:
	# Old way
	mov	$msg_old ,%rcx	# Message to write
	mov	$len_old,%rdx	# Message length
	mov	$4, %rax	# sys_write
	mov	$1, %rbx	# Stdout
	int	$0x80		# Call kernel

	# New way
	mov	$msg_new, %rsi	# Message to write
	mov	$len_new, %rdx	# Message length
	mov	$1, %rax	# sys_write
	mov	$1, %rdi	# Stdout
	syscall

	# Exit
	mov	$0x3c, %rax	# sys_exit
	mov	$0, %rdi	# Exit code
	syscall			# Call kernel

$ as -o hello.o hello.S
$ ld -o hello hello.o

Notes

The number of the system calls differ between the two architectures, sys_write is 4 on x86 and 1 on x86_64. This can be seen in on /usr/include/asm/unistd_(32|64).h or something like that.

Executing the syscall instruction on x86 will result in a SIGILL, Illegal instruction.

Yet Another Code Dump

x86 Syscall

Intel syntax

AT&T syntax

Notes