# X86

x86 is a family of backward compatible instruction set architectures based on the Intel 8086 CPU and its Intel 8088 variant.

If you want an explanation of the structure of the opcodes, look at this answer on SO

Instruction Pseudocode Description
bt arg, index it sets the cf as the bit indexed by index of arg
lea idx(regA), regB regB = regA + idx load effective address, just compute the addess of the operand without dereferencing it
pop reg reg = *(esp++) loads into reg the value pointed by the stack pointer and then increments esp
push reg *(--esp) = reg decrements esp and store reg in the stack
pusha sp[0] = ax sp[-1] = cx sp[-2] = dx sp[-3] = bx sp[-4] = sp sp[-5] = bp sp[-6] = si sp[-7] = di sp -= 8 Push all general registers in this order: ax, cx, dx, bx, sp, bp, si, di; The value of sp pushed is the value before the instruction is executed
pushad the same as pusha but for 32 bit registers
pushf pushes all the flags in the stack
scasb zf = (eax == *(edi++)) it compares the content of al against the value pointed by edi and sets the zero flag
test arg1, arg2 arg1 & arg2 equivalent to and arg1, arg2 but discards the result in the final register, the flags sf, zf and pf are set, of and cf are set to 0

## AMD64

x86-64 is the 64-bit version of the x86 instruction set.

1. User-level applications use as integer registers for passing the sequence %rdi, %rsi, %rdx, %rcx, %r8 and %r9. The kernel interface uses %rdi, %rsi, %rdx, %r10, %r8 and %r9.
2. A system-call is done via the syscall instruction. The kernel destroys registers %rcx and %r11.
3. The number of the syscall has to be passed in register %rax.
4. System-calls are limited to six arguments, no argument is passed directly on the stack.
5. Returning from the syscall, register %rax contains the result of the system-call. A value in the range between -4095 and -1 indicates an error, it is -errno.
6. Only values of class INTEGER or class MEMORY are passed to the kernel.