Linux x64: why does r10 come before r8 and r9 in syscalls?

Question

I decided to take a crack at assembly the other day, and I\'ve been playing around with really basic things like printing stuff from argv to stdout. I found this great list

Answer 1

see x86-64.orgs abi documentation page 124

1. User-level applications use as integer registers for passing the sequence %rdi, %rsi, %rdx, %rcx, %r8 and %r9. The kernel interface uses %rdi, %rsi, %rdx, %r10, %r8 and %r9.

2. A system-call is done via the syscall instruction. The kernel destroys registers %rcx and %r11.

This is saying that when you use the syscall instruction the kernel destroys %rcx so you need to use %r10 instead.

---

Also the comment from @technosaurus explains that the kernel is using %rcx to store the entry point in case of an interrupt during a syscall.

Answer 2

RCX, along with R11, is used by the syscall instruction, being immediately destroyed by it. Thus these registers are not only not saved after syscall, but they can't even be used for parameter passing. Thus R10 was chosen to replace unusable RCX to pass fourth parameter.

See also this answer for a bit more information on how syscall uses these registers.

Reference: Intel's Instruction Set Reference, look for SYSCALL.