CS107 x86-64 Reference Sheet

Common instructions push src add to top of stack

mov src, dst dst = src Mem[--%rsp] = src
movsbl src, dst byte to int, sign-extend pop dst remove top from stack
movzbl src, dst byte to int, zero-fill dst = Mem[%rsp++]
cmov src, reg reg = src when condition holds, call fn push %rip, jmp to fn
using same condition suffixes as jmp ret pop %rip

lea addr, dst dst = addr Condition codes/flags

ZF Zero flag
add src, dst dst += src SF Sign flag
sub src, dst dst -= src CF Carry flag
imul src, dst dst *= src OF Overflow flag
neg dst dst = -dst (arith inverse)

imulq S signed full multiply Addressing modes

R[%rdx]:R[%rax] <- S * R[%rax] Example source operands to mov
mulq S unsigned full multiply
same effect as imulq Immediate
mov $0x5, dst
idivq S signed divide $val
R[%rdx] <- R[%rdx]:R[%rax] mod S source is constant value
R[%rax] <- R[%rdx]:R[%rax] / S
divq S unsigned divide - same effect as idivq Register
cqto R[%rdx]:R[%rax] <- SignExtend(R[%rax]) mov %rax, dst
%R
sal count, dst dst <<= count R is reg ister
sar count, dst dst >>= count (arith shift) source in %R register
shr count, dst dst >>= count (logical shift)
and src, dst dst &= src Direct
or src, dst dst |= src mov 0x4033d0, dst
xor src, dst dst ^= src 0xaddr
not dst dst = ~dst (bitwise inverse) source read from Mem[0xaddr]

cmp a, b b-a, set flags Indirect

test a, b a&b, set flags mov (%rax), dst
(%R)
set dst sets byte at dst to 1 when condition R is register
holds, 0 otherwise, using same source read from Mem[%R]
condition suffixes as jmp
Indirect displacement
jmp label jump to label (unconditional) mov 8(%rax), dst
je label jump equal ZF=1 D(%R)
jne label jump not equal ZF=0 R is register
js label jump negative SF=1 D is displacement
jns label jump not negative SF=0 source read from Mem[%R + D]
jg label jump > (signed) ZF=0 and SF=OF
jge label jump >= (signed) SF=OF Indirect scaled-index
jl label jump < (signed) SF!=OF mov 8(%rsp, %rcx, 4), dst
D(%RB,%RI,S)
jle label jump <= (signed) ZF=1 or SF!=OF
ja label jump > (unsigned) CF=0 and ZF=0 RB is register for base
RI is register for index (0 if empty)
jae label jump >= (unsigned) CF=0
D is displacement (0 if empty)
jb label jump < (unsigned) CF=1
S is scale 1, 2, 4 or 8 (1 if empty)
jbe label jump <= (unsigned) CF=1 or ZF=1
source read from:
Mem[%RB + D + S*%RI]
 CS107 x86-64 Reference Sheet
Registers Instruction suffixes
%rip Instruction pointer b byte
%rsp Stack pointer w word (2 bytes)
%rax Return value l long /doubleword (4 bytes)
%rdi 1st argument q quadword (8 bytes)
%rsi 2nd argument
Suffix is elided when can be inferred from
%rdx 3rd argument
operands. e.g. operand %rax implies q,
%rcx 4th argument
%eax implies l, and so on
%r8 5th argument
%r9 6th argument
%r10,%r11 Callee-owned
%rbx,%rbp,
%r12-%15 Caller-owned

Register Names
64-bit register 32-bit sub-register 16-bit sub-register 8-bit sub-register
%rax %eax %ax %al
%rbx %ebx %bx %bl
%rcx %ecx %cx %cl
%rdx %edx %dx %dl
%rsi %esi %si %sil
%rdi %edi %di %dil
%rbp %ebp %bp %bpl
%rsp %esp %sp %spl
%r8 %r8d %r8w %r8b
%r9 %r9d %r9w %r9b
%r10 %r10d %r10w %r10b
%r11 %r11d %r11w %r11b
%r12 %r12d %r12w %r12b
%r13 %r13d %r13w %r13b
%r14 %r14d %r14w %r14b
%r15 %r15d %r15w %r15b