APPENDIX A. X86 APPENDIX A. X86

Appendix A

x86

A.1 Terminology.

Common for 16-bit (8086/80286), 32-bit (80386, etc), 64-bit.

byte8-bit. The DB assembly directive is used for defining variables and arrays of bytes. Bytes are passed in the 8-bit part

of registers:AL/BL/CL/DL/AH/BH/CH/DH/SIL/DIL/R*L.

word16-bit. DW assembly directive —”—. Words are passed in the 16-bit part of the registers:AX/BX/CX/DX/SI/DI/R*W.

double word(“dword”) 32-bit. DD assembly directive —”—. Double words are passed in registers (x86) or in the 32-bit

part of registers (x64). In 16-bit code, double words are passed in 16-bit register pairs.

quad word(“qword”) 64-bit. DQ assembly directive —”—. In 32-bit environment, quad words are passed in 32-bit register

pairs.

tbyte(10 bytes) 80-bit or 10 bytes (used for IEEE 754 FPU registers).

paragraph(16 bytes)— term was popular in MS-DOS environment.

Data types of the same width (BYTE, WORD, DWORD) are also the same in WindowsAPI.

A.2 General purpose registers

It is possible to access many registers by byte or 16-bit word parts. It is all inheritance from older Intel CPUs (up to the 8-bit

8080) still supported for backward compatibility. Older 8-bit CPUs (8080) had 16-bit registers divided by two. Programs

written for 8080 could access the low byte part of 16-bit registers, high byte part or the whole 16-bit register. Probably, this

feature was left in 8086 as a helper for easier porting. This feature is usually not present inRISCCPUs.

Registers prefixed with R- appeared in x86-64, and those prefixed with E—-in 80386. Thus, R-registers are 64-bit, and

E-registers—32-bit.

8 moreGPR’s were added in x86-86: R8-R15.

N.B.: In the Intel manuals the byte parts of these registers are prefixed byL, e.g.:R8L, butIDAnames these registers by

adding theBsuffix, e.g.:R8B.

A.2.1 RAX/EAX/AX/AL.

7th(byte number) 6th 5th 4th 3rd 2nd 1st 0th

RAXx64

EAX

AX

AH AL

AKAaccumulator. The result of a function if usually returned via this register.