I had an example in book with GDB output of main function prolog:

0х08048357 <main 0> : push еbр
0х08048358 <main l> : mov  ebp, esp
0х0804835а

But in my system (Manjaro linux) same code and same GDB provide me something like that:

   0x000000000000118e < 0>:     push   rbp
   0x000000000000118f < 1>:     mov    rbp,rsp
   0x0000000000001192 < 4>:     mov    ecx,0x4
   0x0000000000001197 < 9>:     mov    edx,0x3
   0x000000000000119c < 14>:    mov    esi,0x2
   0x00000000000011a1 < 19>:    mov    edi,0x1

I want to know what difference between "R" and "E" starting registers. "Newbie" explain is required.

CodePudding user response：

Short answer: exx registers are 32-bit, rxx registers are 64-bit

Longer answer: The x86 architecture has evolved for decades from its initial 16-bit roots, when the 16-bit registers were called ax, bx, etc. When the 80386 was introduced, the registers were extended to 32 bits, and thus called eax, ebx etc. Referring to the old 16-bit register names on a 80386 accesses the lower 16 bits of these extended registers. When AMD extended the x86 instruction set architecture to 64 bits, they chose 'r' as the prefix of the 64-bit registers, extending the 32-bit registers again, to rax, rbx etc. In the process, they added a few new registers that didn't exist before, r8-r15.