Search notes:

x86/x64 assembler: registers

General purpose registers	`AX`, `EAX`, `CX`, `ECX`, `DX`, `EDX`, `BX`, `EBX`, `DI`, `EDI`, `SI`, `ESI`, `BP`, `EBP`, `SP`, `ESP`, `RSP`, `R8W`, `R8D`, `R9W`, `R9D`, `R12D`, `R13W`, `R13D`, `R14W`, `R14D`
Special registers	`CR0`, `CR2`, `CR3`, `DR0`, `DR1`, `DR2`, `DR3`, `DR6`, `DR7`, `TR3`, `TR4`, `TR5`, `TR6`, `TR7`
Byte registers	`AL`, `AH`, `BL`, `BH`, `CL`, `CH`, `DL`, `DH`, `R8B`, `R9B`, `R10B`, `R11B`, `R12B`, `R13B`, `R14B`, `R15B`
QWord Registers	`RAX`, `RCX`, `RDX`, `RBX`, `RDI`, `RSI`, `RBP`, `R8`, `R9`, `R10`, `R11`, `R12`, `R13`, `R14`, `R15`
FPU registers	`ST expr`
SIMD Registers	`MM0`, `MM1`, `MM2`, `MM3`, `MM4`, `MM5`, `MM6`, `MM7`, `xmmRegister`, `YMM0`, `YMM1`, `YMM2`, `YMM3`, `YMM4`, `YMM5`, `YMM6`, `YMM7`, `YMM8`, `YMM9`, `YMM10`, `YMM11`, `YMM12`, `YMM13`, `YMM14`, `YMM15`
Segment registers	`CS`, `DS`, `ES`, `FS`, `GS`, `SS`

eax, ebx, ecx, edx: 32 bit general purpose register (GPR)

ah, bh, ch, dh: Upper 16 bits of respective GPRs

al, bl, cl, dl: Lower 16 bits of respective GPRs

64 Bit version like 32 bit, but with RAX, RBX …

Originally, the A, B, C and D stood for:

A = Accumulator
B = Base
C = Counter
D = Data

The eax register is used to return values from functions. it has also a special semantic for arithmic functions.

ecx has special semantic for looping functions.

esp: stack pointer

ebp: base pointer, can be used in high level languages for to reference function parameters and local variables on the stack.

esi: source for string operations

edi: destination for string operations

Some instructions, such as rep stosb, rep movsb or rep scasb, can only be done using these two registers.

eip: instruction pointer

Debug registers: dr0, dr1, dr2, dr3, dr6 and dr7.

Control registers: cr0, cr2, cr3, cr4 (are they loaded with the mov instruction?)

System table registers: gdtr, ldtr, idtr

MSR registers

MMX registers: mm0 through mm7

XXM regisgters: xmm0 through xmm7

Registers that are (apparently exclusively) used in real mode:

cs: code segment
ds: data segment
ss: stack segment
es, fs, gs: arbitrary segments

In a Win32 environment, the FS register points to the current thread's TIB, in a Win64 environment, it's the GS register.

Apparently, recent x86 models feature a thermal status register.

x87 fpu registers st0 through st7

FLAGS / status register

eflags, rflags

Control flags: they control the CPU's operation.

Status flags:

carry flag (CF): set if result of unsigned arithmetic operation is too large for destination.
overthrow flag (OF): set if result of signed arithmetic operation is too large for destination.
sign flag (SF): set if arithmetic or logical operation results in a negative outcome.
zero flag (ZF): set if result of arithmetic or logical operation is zero.
auxiliary carry flag (AC)
parity flag (PF)

Direction flag

The Direction flag applies to REP-instructions such as MOVS, MOVSD, MOVSW etc.

If it is set, strings are processed from highest to lowest address (»auto decrementing«), if it is cleared, strings are processed from lowest to highest address (»auto incrementing«).

The direction flag is cleared with the CLD istruction and set with the STD instruction.

Segment registers

An instruction that refers to a memory address implicitly uses a segment register. For example, a jump instruction uses cs, a push instruction uses ss.

Most segment registers can be assigned a value with the mov instruction. However cs can only be assigned with jmp and call.

There are six segment registers: cs, ds, ss, es, fs and gs.

x86_64

The registers were extended to 64 bits: rax … rdx, rsp etc.

General purpose registers were added: r8 … r15. The lower 32/16/8 bits of these registers are referred to as rXd, rXw and rXb.

On x64, an operation that writes to a 32-bit register zero-extends the result.

Clobber registers

With respect to an API (such as the WinAPI), registers that can be overwritten in a function of this API are called clobber registers.

In the 32-bit WinAPI, the clobber registers are eax, ecx and edx. In the 64-bit WinAPI, all registers are clobber registers except rbp, rbx, rdi, rsi, r12, r13, r14 and r15.

TSC

Some Intel and AMD processors feature a 64-bit TSC register whose value monotonously increases by one, usually at the rate of the processor clock.

The rdtsc or rdtscp instructions allows to read the value of this register with low access time, typically less than hundreds or even tens of machine cycles.

The TSC register is based on a crystal oscillator whose frequency is not known in advance, hence, the frequency must be calibrated to use it for time measurement.

It should be noted that there are non-invariant TSC registers where the frequency of value increase might vary.

TODO

The CONTEXT structure (that is defined in winnt.h.

MSVC comes with intrinsics to read the fs and gs registers: __readfs* and __readgs*.