1

I'm wondering why I have to use the syscall numbers from /usr/include/asm/unistd_32.h, not unistd_64.h, even though I'm using the 64 Bit Registers and assembling and linking with (I think) the appropriate commands:

$ yasm -f elf64 hellow.asm 
$ ld -m elf_x86_64 -o hey hellow.o

The file hellow.asm is (I'm aware I'm using the numbers 4 for write and 1 for exit as in the 32.h, because using the ones from 64.h doesn't work. Write is 1 there, and exit 60, and I tried those with no result.)

section .data
msg db "hey you beauty", 0xe 
len equ $ - msg ; length of string

section .text

global _start ; for linker
_start:   ;linker entry point
    mov rdx,len ;message length
    mov rcx,msg ;msg to write
    mov rbx,1 ;file descriptor (stdout)
    mov rax,4 ;system call number (write)
    int 0x80 ; call kernel

    mov rax,1 ; system call (exit)
    int 0x80 ; call kernel

file on the executable and the object file gives back:

object file: ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped

executable: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped

My /usr/include/unistd.h is:

#ifndef _ASM_X86_UNISTD_H
#define _ASM_X86_UNISTD_H

/* x32 syscall flag bit */
#define __X32_SYSCALL_BIT   0x40000000

# ifdef __i386__
#  include <asm/unistd_32.h>
# elif defined(__ILP32__)
#  include <asm/unistd_x32.h>
# else
#  include <asm/unistd_64.h>
# endif

#endif /* _ASM_X86_UNISTD_H */

If you've made it this far through this post, you've earned to know why my "hello world" program says "hey you beauty" instead: I like it when my computer talks to me like a dirty old man in a bar.

curious_weather
  • 194
  • 1
  • 7
  • 2
    x86-64 64-bit Linux doesn't use `int 0x80` for syscalls, it uses `syscall` (shocking, I know, so unexpected, you couldn't *possibly* have found this info with a simple google search). – EOF Jun 08 '16 at 11:12
  • 3
    @EOF I understand the your feelings but lets try to [be nice](https://stackoverflow.com/help/be-nice). – Margaret Bloom Jun 08 '16 at 11:30
  • 1
    Replace `int 0x80` with the `syscall` instruction and use the 64-bit _SYSCALL_ numbers. Ryan Chapman's [page](http://blog.rchapman.org/post/36801038863/linux-system-call-table-for-x86-64) is a good start. – Michael Petch Jun 08 '16 at 11:58
  • Thanks for your input. I had read [here](http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html) that you can use int 0x80 for syscalls on Linux ("The Linux system call interface is a single instruction: int 0x80. All system calls are done via this interrupt.") but I didn't know this wasn't the case on x86-64. If you write it as an answer I will accept it, if you want, or I can answer it myself. – curious_weather Jun 08 '16 at 12:38
  • @EOF By the way, I found your comment hurtful. Before I had posted the question I had, of course, googled quite a bit and I was pretty sure that there was an answer out there. But because of my limited knowledge as an amateur I was unable to find an answer, which is why I came to Stack Overflow - a community for learning. And I took time and effort to formulate my question clearly, only to be downvoted and talked down to. I could not find an answer on my own. So I asked. Someone answered. That is beautiful. Why do you have to be hurtful? – curious_weather Jun 08 '16 at 13:33
  • 2
    @krork: You are right, my comment was rather too abrasive. I see a lot of questions here that could have easily been answered by a quick look at the relevant manpage, or a search here or on google. I'm sorry you found misleading information about this topic online. – EOF Jun 08 '16 at 13:43
  • 1
    @krork: See also the [x86 tag wiki](http://stackoverflow.com/tags/x86/info) for lots of good links. – Peter Cordes Jun 08 '16 at 18:56

0 Answers0