{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Juvenile、少年° 的问题《What is callq instruction?》','https://www.manongdao.com/q-612584.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have some gnu assembler code for the x86_64 architecture generated by a tool and there are these instructions:
movq %rsp, %rbp
leaq str(%rip), %rdi
callq puts
movl $0, %eax
I can not find actual documentation on the "callq" instruction.
I have looked at http://support.amd.com/TechDocs/24594.pdf which is "AMD64 Architecture Programmer’s Manual Volume 3: General-Purpose and System Instructions" but they only describe CALL near and far instructions.
I have looked at documentation for gnu assembler https://sourceware.org/binutils/docs/as/index.html but could not find the section detailing the instructions it supports.
I understand that its a call to a function, but I would like to know the details. Where can I find them?
callq refers to a relocatable call in shared libraries/dynamic libraries. The idea is push 0, then push the symbol of to search then call a function so search for it on the first call. In the relocatable table of the program, it replaces the call to the actual location of the function on the first call of the function. Subsequent calls refer to the relocation table that was created at run time.
It's just
call. Use Intel-syntax disassembly if you want to be able to look up instructions in the Intel/AMD manuals.The
qoperand-size suffix does technically apply (it pushes a 64-bit return address and treats RIP as a 64-bit register), but there's no way to override it with instruction prefixes. i.e.calllandcallwaren't encodeable in 64-bit mode, so it's just annoying that some AT&T syntax tools show it ascallqinstead ofcall. This of course applies toretqas well.Different tools are different in 32 vs. 64-bit mode. (Godbolt)
call/ret. Nice.callq/retqandcalll/retl. At least it's consistently annoying.objdump -d:
callq/retq(explicit 64-bit) andcall/ret(implicit for 32-bit). Inconsistent and kinda dumb because 64-bit has no choice of operand-size, but 32-bit does. (Not a useful choice, though:callwtruncates EIP to 16 bits.)Although on the other hand, the default operand size (without a REX.W prefix) for most instructions in 64-bit mode is still 32. But
add $1, (%rdi)needs an operand-size suffix; the assembler won't pick 32-bit for you if nothing implies one. OTOH,pushis implicitlypushq, even thoughpushw $1andpushq $1are both encodeable (and usable in practice) in 64-bit mode.From Intel's instruction-set ref manual (linked above):
In 32-bit mode, you can encode a 16-bit
call rel16that truncates EIP to 16 bits, or acall r/m16that uses an absolute 16-bit address. But as the manual says, the operand-size is fixed in 64-bit mode.