| amd64 is just an extension on x86. I took the (64bit) syscalls from a kernel header, that i can't find now, so you can take from that header you found. C calling convention for x86 is to push everything on the stack (and use call, that is short for "push instruction pointer and jmp", ret being the reverse), while the linux kernel uses a variant of fastcall (aka put stuff in registers (then use int 80)). When i was learning i found a lot of x86 examples and tutorials (and a book, can't remember the name (is free)), and not much on amd64. Just play with it, it'l get easy when you go over the wall. With "normal" C calling convention you have to care about the stack pointer (esp) (i think it's the callee's responsibility (of the called function)), maybe even the bottom pointer (ebp) (i remember the wikipedia page on calling conventions explains it). The other difference between x86 and amd64 is floating point math, where sse is the default on amd64 and x87 on x86 (x87 works on stacks of numbers, the reverse-polish using a stack way IIRC). Useful tools are: objdump -d ("-M intel" for the intel notation), strace to trace system calls, and fdbg since GDB can't make sense of a valid ELF file. You can also join the flat assembler and/or nasm forums. I like fasm better then nasm for no strong reason, but nasm is a bit easier. glhf |