What are the calling conventions for UNIX & Linux system calls on i386 and x86-64

Operating SystemLinuxMCA

A system call is the fundamental interface between an application and the Linux kernel. When a Unix/Linux program does a file I/O, network data transfer or invokes some process which directly or indirectly interact with the low level instructions, then system call is involved. Making these calls usually involves using a library called glibc which contains the functions.


Below is a list of some frequently used system calls and their purpose.

Sr.NoSystem CallPurpose
1chmodchange permissions of a file
2chdirchange working directory
3forkcreate a child process
4unlinkdelete a name and possibly the file it refers to

A systems programmer writes program that will not directly make the systems call, rather than he will just specify which system call to use. This involves using a calling convention which is dependent or the hardware architecture of the system where the kernel sits. Hence different architectures have different calling conventions.

A calling convention is an implementation-level design for how subroutines receive parameters from their caller and how the results are returned. Differences in various implementations include where parameters, return values, return addresses and scope links are placed (registers, stack or memory etc.), and how the tasks of preparing for a function call and restoring the environment afterward are divided between the caller and the callee.

Calling convention variation

Below is a list of some of the scenarios describing how the Calling convention varies between different architecture

  • Which registers the called function must preserve for the caller.
  • How the task of setting up for and cleaning up after a function call is divided between the caller and the callee.
  • How return value is delivered from the callee back to the caller - on the stack, in a register, or within the heap etc.
  • Where parameters, return values and return addresses are placed
  • The order in which actual arguments for formal parameters are passed.

Comparing x86-32 and x86-64 bit

A single CPU architecture always have more than one possible calling convention but the industry has agreed to some general approach across the architectures form different producers. The 32-bit architecture has 32 registers while x64 extends x86's 8 general-purpose registers to be 64-bit. Hence there is a difference in the implementation of calling conventions. Below is comparison of major calling conventions between these two architectures.

x-86 32bitx-86 64 bit
The registers used for system call are - %ebx, %ecx, %edx, %esi, %edi, %ebpThe registers used for system call are - %rdi, %rsi, %rdx, %r10, %r8 and %r9
Parameters are passed on the stack using PUSH mechanism. If there are more than six arguments, %ebx must contain the memory location where the list of arguments is storedSystem-calls are limited to six arguments. If there are more than 6 INTEGER parameters, the 7th INTEGER parameter and later are passed on the stack.
The return value is stored in the register %eax.The return value is stored in the register %rax.
In x86-32 parameters were passed on stack. Last parameter was pushed first on to the stack until all parameters are done and then call instruction was executed.First the parameters are divided into classes. The class of each parameter determines the manner in which it is passed to the called function.
The 32-bit int ABI (application binary interface) is usable in 64-bit codeThe 64-bit ABI calls can not be used in 32-bit system.
Updated on 31-Jan-2020 12:20:25