What do square brackets mean in x86 assembly?

Question

I\'m very new to assembly, and have some very basic questions.

What is the difference between these four commands?

mov ebx, eax
mov [ebx], eax
mov eb         


        

Answer 1

Let's make a very simple example and imagine we have a CPU with only two registers, EAX and EBX.

mov ebx, eax

Simply copies the value in eax to the ebx register

 | EAX : 0123456 |   ---->   | EAX : 0123456 |
 | EBX : 0000000 |   ====>   | EBX : 0123456 |

---

Now let's add some memory space

ADDRESS         VALUE
000000          6543210
000004          5189784
000008          1698791
00000C          9816517
000010          9816875
000014          5498156

mov [ebx], eax

Moves the value in eax to the memory address contained in ebx.

 | EAX : 0123456 |   --no-->   | EAX : 0123456 |
 | EBX : 0000008 | --change--> | EBX : 0000008 |

ADDRESS         VALUE           VALUE
000000          6543210   ----> 6543210   
000004          5189784   ----> 5189784   
000008          1698791   ====> 0123456
00000C          9816517   ----> 9816517   
000010          9816875   ----> 9816875   
000014          5498156   ----> 5498156   

---

mov ebx, [eax]

Moves the value from the memory address contained in eax to ebx.

 | EAX : 0000008 |   ---->   | EAX : 0000008 |
 | EBX : 0123456 |   ====>   | EBX : 1698791 |

ADDRESS         VALUE    
000000          6543210    
000004          5189784  
000008          1698791  
00000C          9816517   
000010          9816875    
000014          5498156    

---

mov [ebx], [eax]

This, finally, you would think would move the value from the memory address contained in eax to the memory address contained in ebx.

 | EAX : 0000008 |   --no-->   | EAX : 0000008 |
 | EBX : 000000c | --change--> | EBX : 000000c |

ADDRESS         VALUE           VALUE
000000          6543210   ----> 6543210   
000004          5189784   ----> 5189784   
000008          1698791   ----> 1698791   
00000C          9816517   ====> 1698791   
000010          9816875   ----> 9816875   
000014          5498156   ----> 5498156 

But this combination is disallowed by the x86 architecture. You cannot move from memory to memory.

The use of brackets is therefore equivalent to a dereferencing operation.

Answer 2

You were missing the operand delimiter , in the instructions. I don't know (yet) of any assembler without it. I fixed that in the quotes.

In x86 assembly some registers can be used as data registers or as address registers (a difference to other architectures). These registers are called GPRs ("General Purpose Registers"). They can contain 32-bit-values or 32-bit addresses. Their "names" are EAX,EBX,ECX,EDX,ESI,EDI,ESP,EBP.

mov ebx, eax

does move the value in EAX to EBX.

mov [ebx], eax

does move the value in EAX to the 32-bit DWORD value pointed to by the 32-bit address in EBX

mov ebx, [eax]

does move the 32-bit DWORD value pointed to by the 32-bit address in EAX to EBX

mov [ebx], [eax]

is an invalid instruction in 32-bit Intel assembly, because basic x86 assembly does not support two memory operands in one (two-operand) instruction. Newer instructions (SSE, AVX) with three or four operands are able to use more than one memory operand. This is a result of a more complex instruction encoding (using instruction prefixes).