Why do I need to use [ ] (square brackets) when moving data from register to memory, but not when other way around?

Issue

This is the code I have and it works fine:

section .bss
    bufflen equ 1024
    buff: resb bufflen

    whatread: resb 4

section .data

section .text

global main

main:
    nop
    read:
        mov eax,3           ; Specify sys_read
        mov ebx,0           ; Specify standard input
        mov ecx,buff        ; Where to read to...
        mov edx,bufflen     ; How long to read
        int 80h             ; Tell linux to do its magic

                            ; Eax currently has the return value from linux system call..
        add eax, 30h        ; Convert number to ASCII digit
        mov [whatread],eax  ; Store how many bytes has been read to memory at loc **whatread**

        mov eax,4           ; Specify sys_write
        mov ebx,1           ; Specify standart output
        mov ecx,whatread    ; Get the address of whatread to ecx
        mov edx,4           ; number of bytes to be written
        int 80h             ; Tell linux to do its work

        mov eax, 1; 
        mov ebx, 0; 
        int 80h

Here is a simple run and output:

[email protected]:~/asm/buffasm$ nasm -f elf -g -F dwarf buff.asm
[email protected]:~/asm/buffasm$ gcc -o buff buff.o
[email protected]:~/asm/buffasm$ ./buff
p
[email protected]:~/asm/buffasm$ ./buff
ppp
[email protected]:~/asm/buffasm$ 

My question is: What is with these 2 instructions:

        mov [whatread],eax  ; Store how many byte reads info to memory at loc whatread
        mov ecx,whatread    ; Get the address of whatread in ecx

Why the first one works with [] but the other one without?

When I try replacing the second line above with:

        mov ecx,[whatread]  ; Get the address of whatread in ecx

the executable will not run properly, it will not shown anything in the console.

Solution

Using brackets and not using brackets are basically two different things:

A bracket means that the value in the memory at the given address is meant.

An expression without a bracket means that the address (or value) itself is meant.

Examples:

mov ecx, 1234

Means: Write the value 1234 to the register ecx

mov ecx, [1234]

Means: Write the value that is stored in memory at address 1234 to the register ecx

mov [1234], ecx

Means: Write the value stored in ecx to the memory at address 1234

mov 1234, ecx

… makes no sense (in this syntax) because 1234 is a constant number which cannot be changed.

Linux “write” syscall (INT 80h, EAX=4) requires the address of the value to be written, not the value itself!

This is why you do not use brackets at this position!

Answered By – Martin Rosenau

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published