# amd64

* `rax` return value, caller saved.
* `rbx` base register (used for mem basepointer)
* `rcx` counter register
* `r10`, `r11` are caller saved.
* `rbx`, `r12`, `r13`, `r14` are callee saved 
* `rdx` data register
* `rbp` is also callee saved(and can be optionally used as a frame pointer)
* `rsp` is callee saved
* `rip` next instruction pointer

## Function argument registers
* `rdi`,`rsi`,`rdx`,`rcx`,`r8 `,`r9 `, called saved.
* Further function args are stored inside its stack frame.


## Overwriting Variables and Padding
* Overwrite an atomic variable behind a buffer
```C
int main ( int argc, char ** argv ) {
    int var = 0 
    char buffer[12];
    
    gets(buffer);
    [...]
}
```
* Stack layout 
```
Bottom 
+------------------+
| Saved registers  |
+------------------+
| int var          |
+------------------+
| char buffer [11] |
| ...              |
| ...              |
| ...              |
| char buffer [0]  |
+------------------+
| char ** argv     |
+------------------+
| char argc        |
+------------------+
Top
```

* Watch out! I.e., a 12 byte array is padded to system memory allocation size.
```
+-------------+----+
|12 byte array| 4b |
+-------------+----+
0            12   16 byte
```