In older versions of linux architecture, system calls would always generate an interrupt during their execution. They would be executed by setting the system call number into %eax and parameters into %ebx, %ecx and so on, followed by issuing the specific interrupt int 0x80. Thus, system calls could be said to be a common cause of software interrupts on a system.
However, on modern architectures of x86_64 there is a specific system call instruction "syscall", which bypasses the need to use interrupt 0x80, and thus, the interrupt descriptor table at all. While I believe the previous method of generating an interrupt for syscall is still supported, the syscall instruction seems to be the way it's done in practice.
Thus, my question is: Is it no longer correct to say that system calls generate interrupts? Would a system call still increment the number seen in the "interrupts" column output of vmstat, for example?
Best Answer
Yes, modern C code for Linux x86_64 uses the syscall instruction, see for example glibc sysdeps/unix/sysv/linux/x86_64/syscall.S. No, this does not mean system call interrupts go away, due to compatibility.
And for read only syscalls (gettimeofday) there is vDSO which does not enter kernel mode at all.
system calls can be profiled in a few ways, such as ftrace or eBPF. In addition to being obsolete in 64 bit mode, interrupts happen for reasons other than system calls.