I know that in Linux x64 "syscall" and "int 0x80" assembler instructions generate an interrupt in software asking the kernel to do some work. They have different opcodes (0F 05 vs CD 80) and the former is faster.
It's not clear to me if there is any relationship between them: are they really independent? (i.e.: does "syscall" call "int 0x80"?)
Thank you.
6
votes
3 Answers
6
votes
The syscall (x86-64) and sysenter (x86-32) instructions are newer and faster, and so are used when available; but the int 0x80 mechanism is preserved for compatibility with old binaries. There is no semantic difference -- system call numbering is the same regardless of which instruction is used to transfer control into the kernel, and I think the arguments are all in the same places as well.
I have a dim recollection of there being a small number of system calls that could only be made using int 0x80 because of their unusual stack-related behavior (clone? execve? sigreturn?) but that might no longer be true.
1
votes
int 0x80 is rumored to be obsolete (since slow). BTW, you really want to use vdso(7)
AFAIK, both instructions are going inside the kernel, and each has some (short) sequence of kernel processing which ultimately jump into the syscall table.
syscall. See stackoverflow.com/questions/2535989/… for details on how (and on how to useint 0x80in 32-bit code.) – Peter Cordesint 0x80invokes the 32-bit ABI (with its calling convention and syscall numbers) even when executed in a 64-bit process. This is never a good idea and ther's no benefit (syscallis faster). e.g.eax=1/int 0x80is sys_exit(), buteax=1/syscallis sys_write(). stackoverflow.com/questions/2500362/… – Peter Cordes