While going through Vivek Ramachandran’s course on 64bit Assembly Language on Linux, I came across a lecture of his where he introduces an ASM keyword called “ds.” Here’s his example:
The highlighted line in the gdb (GNU Debugger) screenshot above references this command:
mov rsi, QWORD PTR ds:0x60017c
This threw me because I didn’t know what it was saying. After some digging around I found a post on Stack Overflow that defined ds as Data Segment. However it still didn’t clarify things for me… is data segment related to the .data section in the Assembly script? For that answer, I found an article on this at tutorialspoint. According to that article:
Data segment − It is represented by .data section and the .bss. The .data section is used to declare the memory region, where data elements are stored for the program. This section cannot be expanded after the data elements are declared, and it remains static throughout the program.
The .bss section is also a static memory section that contains buffers for data to be declared later in the program. This buffer memory is zero-filled. -Tutorialspoint
So yes, ds (or Data Segment) is a reference to the items defined in the .data section of the Assembly code.
His Assembly script at this point was written like so:
mov rsi, [sample2]
In the data section of the Assembly script, sample2 is defined as:
sample2: dq 0x1122334455667788
What the above is saying is, define a qword (dq) of value 0x1122334455667788.
Ok, back to the call mov rsi, [sample2], what he’s instructing here is to load the contents of the label sample2 into the RSI register. In this case the contents are 0x1122334455667788.
So we can see the flow here:
- The script has a data section with a label called sample2, who’s value is a defined qword of 0x1122334455667788
- The script makes a call to load this value from sample2 into rsi, using mov rsi, [sample2]
- gdb displays this action as: mov rsi, QWORD PTR ds:0x60017c
So what does mov rsi, QWORD PTR ds:0x60017c mean? What gdb is showing us is what is actually happening when we move the value of sample2 into rsi. It means this:
Move a QWORD pointer from data section for register 0x60017c into RSI.
The above makes an instruction move the value of sample2 into RSI.