diff --git a/format.c b/format.c
index a1bb7f7..a719492 100644
--- a/format.c
+++ b/format.c
@@ -122,15 +122,9 @@ fd_format_abs(const FdInstr* instr, uint64_t addr, char* buffer, size_t len)
     char* buf = buffer;
     char* end = buffer + len;
 
-    if (FD_HAS_REP(instr))
-        buf = fd_strplcpy(buf, "rep ", end-buf);
-    if (FD_HAS_REPNZ(instr))
-        buf = fd_strplcpy(buf, "repnz ", end-buf);
-    if (FD_HAS_LOCK(instr))
-        buf = fd_strplcpy(buf, "lock ", end-buf);
-
     const char* mnemonic = fdi_name(FD_TYPE(instr));
 
+    bool prefix_rep = false;
     bool prefix_addrsize = false;
     bool prefix_segment = false;
 
@@ -218,10 +212,19 @@ fd_format_abs(const FdInstr* instr, uint64_t addr, char* buffer, size_t len)
     case FDI_SCAS:
     case FDI_INS:
         prefix_addrsize = true;
+        prefix_rep = true;
         break;
     default: break;
     }
 
+    if (prefix_rep) {
+        if (FD_HAS_REP(instr))
+            buf = fd_strplcpy(buf, "rep ", end-buf);
+        if (FD_HAS_REPNZ(instr))
+            buf = fd_strplcpy(buf, "repnz ", end-buf);
+    }
+    if (FD_HAS_LOCK(instr))
+        buf = fd_strplcpy(buf, "lock ", end-buf);
     if (prefix_addrsize) {
         if (FD_IS64(instr) && FD_ADDRSIZE(instr) == 4)
             buf = fd_strplcpy(buf, "addr32 ", end-buf);
diff --git a/tests/test_decode.c b/tests/test_decode.c
index 1cb73ea..b0a4181 100644
--- a/tests/test_decode.c
+++ b/tests/test_decode.c
@@ -100,6 +100,8 @@ main(int argc, char** argv)
     TEST64("\x66\x48\x0F\x01\xE2", "smsw rdx");
     TEST32("\x66\x0f\x20\x00", "mov eax, cr0"); // mod=0, 66h
     TEST64("\x66\x0f\x20\x00", "mov rax, cr0"); // mod=0, 66h
+    TEST32("\xf3\x0f\x20\x00", "mov eax, cr0"); // REP
+    TEST64("\xf3\x0f\x20\x00", "mov rax, cr0"); // REP
     TEST("\x0f\x20\xc8", "UD"); // cr1
     TEST32("\x0f\x20\xd0", "mov eax, cr2"); // cr2
     TEST64("\x0f\x20\xd0", "mov rax, cr2"); // cr2