| C declaration | Intel data type  | Assembly-code suffix | Size (bytes) |
|---------------|------------------|----------------------|--------------|
| char          | Byte             | b                    | 1            |
| short         | Word             | w                    | 2            |
| int           | Double word      | 1                    | 4            |
| long          | Quad word        | q                    | 8            |
| char *        | Quad word        | q                    | 8            |
| float         | Single precision | S                    | 4            |
| double        | Double precision | 1                    | 8            |

Figure 3.1 Sizes of C data types in x86-64. With a 64-bit machine, pointers are 8 bytes long.

| 63   | 31    | 15    | 7 0   |               |
|------|-------|-------|-------|---------------|
| %rax | %eax  | %ax   | %al   | Return value  |
| %rbx | %ebx  | %bx   | %bl   | Callee saved  |
| %rcx | %ecx  | %cx   | %cl   | 4th argument  |
| %rdx | %edx  | %dx   | %dl   | 3rd argument  |
| %rsi | %esi  | %si   | %sil  | 2nd argument  |
| %rdi | %edi  | %di   | %dil  | 1st argument  |
| %rbp | %ebp  | %bp   | %bpl  | Callee saved  |
| %rsp | %esp  | %sp   | %spl  | Stack pointer |
| %r8  | %r8d  | %r8w  | %r8b  | 5th argument  |
| %r9  | %r9d  | %r9w  | %r9b  | 6th argument  |
| %r10 | %r10d | %r10w | %r10b | Caller saved  |
| %r11 | %r11d | %r11w | %r11b | Caller saved  |
| %r12 | %r12d | %r12w | %r12b | Callee saved  |
| %r13 | %r13d | %r13w | %r13b | Callee saved  |
| %r14 | %r14d | %r14w | %r14b | Callee saved  |
| %r15 | %r15d | %r15w | %r15b | Callee saved  |

**Figure 3.2** Integer registers. The low-order portions of all 16 registers can be accessed as byte, word (16-bit), double word (32-bit), and quad word (64-bit) quantities.

| Туре      | Form                             | Operand value                                        | Name                |
|-----------|----------------------------------|------------------------------------------------------|---------------------|
| Immediate | \$Imm                            | Imm                                                  | Immediate           |
| Register  | <b>r</b> <sub>a</sub>            | $R[\mathtt{r}_a]$                                    | Register            |
| Memory    | Imm                              | M[ <i>Imm</i> ]                                      | Absolute            |
| Memory    | $(r_a)$                          | $M[R[r_a]]$                                          | Indirect            |
| Memory    | $Imm(r_b)$                       | $M[Imm + R[r_b]]$                                    | Base + displacement |
| Memory    | $(\mathbf{r}_b,\mathbf{r}_i)$    | $M[R[r_b] + R[r_i]]$                                 | Indexed             |
| Memory    | $Imm(\mathbf{r}_b,\mathbf{r}_i)$ | $M[Imm + R[r_b] + R[r_i]]$                           | Indexed             |
| Memory    | $(,\mathbf{r}_i,s)$              | $M[R[r_i] \cdot s]$                                  | Scaled indexed      |
| Memory    | $Imm(, \mathbf{r}_i, s)$         | $M[Imm + R[r_i] \cdot s]$                            | Scaled indexed      |
| Memory    | $(\mathbf{r}_b,\mathbf{r}_i,s)$  | $M[R[r_b] + R[r_i] \cdot s]$                         | Scaled indexed      |
| Memory    | $Imm(r_b, r_i, s)$               | $M[Imm + R[\mathtt{r}_b] + R[\mathtt{r}_i] \cdot s]$ | Scaled indexed      |

**Figure 3.3 Operand forms.** Operands can denote immediate (constant) values, register values, or values from memory. The scaling factor *s* must be either 1, 2, 4, or 8.

| Instruction |      | Effect           | Description             |
|-------------|------|------------------|-------------------------|
| MOV         | S, D | $D \leftarrow S$ | Move                    |
| movb        |      |                  | Move byte               |
| movw        |      |                  | Move word               |
| movl        |      |                  | Move double word        |
| movq        |      |                  | Move quad word          |
| movabsq     | I, R | $R \leftarrow I$ | Move absolute quad word |

Figure 3.4 Simple data movement instructions.

| Instruction | Effect                              | Description                            |
|-------------|-------------------------------------|----------------------------------------|
| MOVZ S, R   | $R \leftarrow \text{ZeroExtend}(S)$ | Move with zero extension               |
| movzbw      |                                     | Move zero-extended byte to word        |
| movzbl      |                                     | Move zero-extended byte to double word |
| movzwl      |                                     | Move zero-extended word to double word |
| movzbq      |                                     | Move zero-extended byte to quad word   |
| movzwq      |                                     | Move zero-extended word to quad word   |

**Figure 3.5** Zero-extending data movement instructions. These instructions have a register or memory location as the source and a register as the destination.

| Instruction | Effect                              | Description                                 |
|-------------|-------------------------------------|---------------------------------------------|
| MOVS S, R   | $R \leftarrow \text{SignExtend}(S)$ | Move with sign extension                    |
| movsbw      |                                     | Move sign-extended byte to word             |
| movsbl      |                                     | Move sign-extended byte to double word      |
| movswl      |                                     | Move sign-extended word to double word      |
| movsbq      |                                     | Move sign-extended byte to quad word        |
| movswq      |                                     | Move sign-extended word to quad word        |
| movslq      |                                     | Move sign-extended double word to quad word |
| cltq        | %rax ← SignExtend(%eax)             | Sign-extend %eax to %rax                    |

**Figure 3.6** Sign-extending data movement instructions. The MOVS instructions have a register or memory location as the source and a register as the destination. The cltq instruction is specific to registers %eax and %rax.

| Instruction | Effect                            | Description    |
|-------------|-----------------------------------|----------------|
| pushq S     | $R[%rsp] \leftarrow R[%rsp] - 8;$ | Push quad word |
|             | $M[R[\%rsp]] \leftarrow S$        |                |
| popq $D$    | $D \leftarrow M[R[\text{%rsp}]];$ | Pop quad word  |
|             | $R[%rsp] \leftarrow R[%rsp] + 8$  |                |

Figure 3.8 Push and pop instructions.



**Figure 3.9 Illustration of stack operation.** By convention, we draw stacks upside down, so that the "top" of the stack is shown at the bottom. With x86-64, stacks grow toward lower addresses, so pushing involves decrementing the stack pointer (register %rsp) and storing to memory, while popping involves reading from memory and incrementing the stack pointer.

| Instru | ction | Effect                        | Description              |
|--------|-------|-------------------------------|--------------------------|
| leaq   | S, D  | $D \leftarrow \&S$            | Load effective address   |
| INC    | D     | $D \leftarrow D+1$            | Increment                |
| DEC    | D     | $D \leftarrow D-1$            | Decrement                |
| NEG    | D     | $D \leftarrow -D$             | Negate                   |
| NOT    | D     | $D \leftarrow ~ ~ D$          | Complement               |
| ADD    | S, D  | $D \leftarrow D + S$          | Add                      |
| SUB    | S, D  | $D \leftarrow D - S$          | Subtract                 |
| IMUL   | S, D  | $D \leftarrow D * S$          | Multiply                 |
| XOR    | S, D  | $D \leftarrow D^{s} S$        | Exclusive-or             |
| OR     | S, D  | $D \leftarrow D \mid S$       | Or                       |
| AND    | S, D  | $D \leftarrow D \& S$         | And                      |
| SAL    | k, D  | $D \leftarrow D << k$         | Left shift               |
| SHL    | k, D  | $D \leftarrow D << k$         | Left shift (same as SAL) |
| SAR    | k, D  | $D \leftarrow D >>_A k$       | Arithmetic right shift   |
| SHR    | k, D  | $D \leftarrow D >>_{\rm L} k$ | Logical right shift      |

Figure 3.10 Integer arithmetic operations. The load effective address (leaq) instruction is commonly used to perform simple arithmetic. The remaining ones are more standard unary or binary operations. We use the notation  $>>_A$  and  $>>_L$  to denote arithmetic and logical right shift, respectively. Note the nonintuitive ordering of the operands with ATT-format assembly code.

| Instruction       | Effect                                                                                                                                                                                      | Description                                    |  |
|-------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------|--|
| imulq S<br>mulq S | $\begin{array}{rcl} R[\texttt{%rdx}]: R[\texttt{%rax}] & \leftarrow & S \times R[\texttt{%rax}] \\ R[\texttt{%rdx}]: R[\texttt{%rax}] & \leftarrow & S \times R[\texttt{%rax}] \end{array}$ | Signed full multiply<br>Unsigned full multiply |  |
| cqto              | $R[%rdx]:R[%rax] \leftarrow SignExtend(R[%rax])$                                                                                                                                            | Convert to oct word                            |  |
| idivq S           | $\begin{array}{llllllllllllllllllllllllllllllllllll$                                                                                                                                        | Signed divide                                  |  |
| divq S            | $\begin{array}{llllllllllllllllllllllllllllllllllll$                                                                                                                                        | Unsigned divide                                |  |

**Figure 3.12 Special arithmetic operations.** These operations provide full 128-bit multiplication and division, for both signed and unsigned numbers. The pair of registers %rdx and %rax are viewed as forming a single 128-bit oct word.

CF: Carry flag. The most recent operation generated a carry out of the most significant bit. Used to detect overflow for unsigned operations.

## Condition Flag Registers

ZF: Zero flag. The most recent operation yielded zero.

SF: Sign flag. The most recent operation yielded a negative value.

OF: Overflow flag. The most recent operation caused a two's-complement overflow—either negative or positive.

| Instruction |            | Based on     | Description         |
|-------------|------------|--------------|---------------------|
| СМР         | $S_1, S_2$ | $S_2 - S_1$  | Compare             |
| cmpb        |            |              | Compare byte        |
| cmpw        |            |              | Compare word        |
| cmpl        |            |              | Compare double word |
| cmpq        |            |              | Compare quad word   |
| TEST        | $S_1, S_2$ | $S_1 \& S_2$ | Test                |
| testb       |            |              | Test byte           |
| testw       |            |              | Test word           |
| testl       |            |              | Test double word    |
| testq       |            |              | Test quad word      |

Figure 3.13 Comparison and test instructions. These instructions set the condition codes without updating any other registers.

| Instruc | tion | Synonym | Effect                                                   | Set condition                |
|---------|------|---------|----------------------------------------------------------|------------------------------|
| sete    | D    | setz    | $D \leftarrow ZF$                                        | Equal / zero                 |
| setne   | D    | setnz   | $D \leftarrow ~ ZF$                                      | Not equal / not zero         |
| sets    | D    |         | $D \leftarrow SF$                                        | Negative                     |
| setns   | D    |         | $D \leftarrow ~$ SF                                      | Nonnegative                  |
| setg    | D    | setnle  | $D \leftarrow \sim (SF \cap OF) \& \sim ZF$              | Greater (signed >)           |
| setge   | D    | setnl   | $D \leftarrow \sim (SF \cap OF)$                         | Greater or equal (signed >=) |
| setl    | D    | setnge  | $D \leftarrow SF \cap OF$                                | Less (signed <)              |
| setle   | D    | setng   | $D \leftarrow (\text{SF} \cap \text{OF}) \mid \text{ZF}$ | Less or equal (signed <=)    |
| seta    | D    | setnbe  | $D \leftarrow \text{~~CF \& ~ZF}$                        | Above (unsigned >)           |
| setae   | D    | setnb   | $D \leftarrow \sim CF$                                   | Above or equal (unsigned >=) |
| setb    | D    | setnae  | $D \leftarrow CF$                                        | Below (unsigned <)           |
| setbe   | D    | setna   | $D \leftarrow CF \mid ZF$                                | Below or equal (unsigned <=) |

**Figure 3.14** The SET instructions. Each instruction sets a single byte to 0 or 1 based on some combination of the condition codes. Some instructions have "synonyms," that is, alternate names for the same machine instruction.

| Instr | uction   | Synonym | Jump condition   | Description                  |
|-------|----------|---------|------------------|------------------------------|
| jmp   | Label    |         | 1                | Direct jump                  |
| jmp   | *Operand |         | 1                | Indirect jump                |
| je    | Label    | jz      | ZF               | Equal / zero                 |
| jne   | Label    | jnz     | ~ZF              | Not equal / not zero         |
| js    | Label    |         | SF               | Negative                     |
| jns   | Label    |         | ~SF              | Nonnegative                  |
| jg    | Label    | jnle    | ~(SF ^ OF) & ~ZF | Greater (signed >)           |
| jge   | Label    | jnl     | ~(SF ^ OF)       | Greater or equal (signed >=) |
| jl    | Label    | jnge    | SF ^ OF          | Less (signed <)              |
| jle   | Label    | jng     | (SF ^ OF)   ZF   | Less or equal (signed <=)    |
| ja    | Label    | jnbe    | ~CF & ~ZF        | Above (unsigned >)           |
| jae   | Label    | jnb     | ~CF              | Above or equal (unsigned >=) |
| jb    | Label    | jnae    | CF               | Below (unsigned <)           |
| jbe   | Label    | jna     | CF   ZF          | Below or equal (unsigned <=) |

**Figure 3.15** The jump instructions. These instructions jump to a labeled destination when the jump condition holds. Some instructions have "synonyms," alternate names for the same machine instruction.

| Instruction |                     | Synonym | Move condition   | Description                  |
|-------------|---------------------|---------|------------------|------------------------------|
| cmove       | S, R                | cmovz   | ZF               | Equal / zero                 |
| cmovne      | S, R                | cmovnz  | ~ZF              | Not equal / not zero         |
| cmovs       | S, R                |         | SF               | Negative                     |
| cmovns      | S, R                |         | ~SF              | Nonnegative                  |
| cmovg       | S, R                | cmovnle | ~(SF ^ OF) & ~ZF | Greater (signed >)           |
| cmovge      | S, R                | cmovnl  | ~(SF ^ OF)       | Greater or equal (signed >=) |
| cmovl       | S, R                | cmovnge | SF ^ OF          | Less (signed <)              |
| cmovle      | S, R                | cmovng  | (SF ^ OF)   ZF   | Less or equal (signed <=)    |
| cmova       | <i>S</i> , <i>R</i> | cmovnbe | ~CF & ~ZF        | Above (unsigned >)           |
| cmovae      | S, R                | cmovnb  | ~CF              | Above or equal (Unsigned >=) |
| cmovb       | S, R                | cmovnae | CF               | Below (unsigned <)           |
| cmovbe      | S, R                | cmovna  | CF   ZF          | Below or equal (unsigned <=) |

Figure 3.18 The conditional move instructions. These instructions copy the source value S to its destination R when the move condition holds. Some instructions have "synonyms," alternate names for the same machine instruction.

The x86-64 hardware will work correctly regardless of the alignment of data. However, Intel recommends that data be aligned to improve memory system performance. Their alignment rule is based on the principle that any primitive object of K bytes must have an address that is a multiple of K. We can see that this rule leads to the following alignments:

## Alignment

- K Types
- 1 char
- 2 short
- 4 int, float
- 8 long, double, char \*



Figure 3.26 Illustration of call and ret functions. The call instruction transfers control to the start of a function, while the ret instruction returns back to the instruction following the call.