Go disaasembled code help [Capstone disassembler]

Hi all,

This is my go program:
package main

import (
    "fmt"
)

func main() {
    i := 3

    fmt.Println(i)
}

I build this program, with this command: env GOOS=unix GOARCH=x86 go build main.go
I then use this dissasembler https://gist.github.com/grantseltzer/3efa8ecc5de1fb566e8091533050d608

In the dissasembler code I have poiunted to the path of the resulting ELF file, and I made it use gapstone.CS_ARCH_X86, gapstone.CS_MODE_64 as config values.

The output is moong and tells me nothing about how much memory is allocated on the i:=3 line:

…truncated…

SYMBOL fmt.glob…func1
0x80bf5b0: mov ecx, dword ptr gs:[rip]
0x80bf5b7: mov ecx, dword ptr [rcx - 4]
0x80bf5bd: cmp esp, dword ptr [rcx + 8]
0x80bf5c0: jbe 0x80bf5e9
0x80bf5c2: sub esp, 8
0x80bf5c5: lea eax, [rip + 0x80de5a0]
0x80bf5cb: mov dword ptr [rsp], eax
0x80bf5ce: call 0x8051700
0x80bf5d3: mov eax, dword ptr [rsp + 4]
0x80bf5d7: lea ecx, [rip + 0x80e13e0]
0x80bf5dd: mov dword ptr [rsp + 0xc], ecx
0x80bf5e1: mov dword ptr [rsp + 0x10], eax
0x80bf5e5: add esp, 8
0x80bf5e8: ret
0x80bf5e9: call 0x808fab0
0x80bf5ee: jmp 0x80bf5b0

SYMBOL fmt.init.ializers
0x80bf5f0: mov ecx, dword ptr gs:[rip]
0x80bf5f7: mov ecx, dword ptr [rcx - 4]
0x80bf5fd: cmp esp, dword ptr [rcx + 8]
0x80bf600: jbe 0x80bf693
0x80bf606: sub esp, 0x10
0x80bf609: lea eax, [rip + 0x80eb29c]
0x80bf60f: mov dword ptr [rsp], eax
0x80bf612: mov dword ptr [rsp + 4], 0x24
0x80bf61a: call 0x8095390
0x80bf61f: mov eax, dword ptr [rsp + 8]
0x80bf623: mov ecx, dword ptr [rsp + 0xc]
0x80bf627: mov dword ptr [rip + 0x8170e48], eax
0x80bf62d: mov eax, dword ptr [rip + 0x8181cc0]
0x80bf633: test eax, eax
0x80bf635: jne 0x80bf684
0x80bf637: mov dword ptr [rip + 0x8170e4c], ecx
0x80bf63d: lea eax, [rip + 0x80e9f4b]
0x80bf643: mov dword ptr [rsp], eax
0x80bf646: mov dword ptr [rsp + 4], 0x1d
0x80bf64e: call 0x8095390
0x80bf653: mov eax, dword ptr [rsp + 8]
0x80bf657: mov ecx, dword ptr [rsp + 0xc]
0x80bf65b: mov dword ptr [rip + 0x8170e40], eax
0x80bf661: mov eax, dword ptr [rip + 0x8181cc0]
0x80bf667: test eax, eax
0x80bf669: jne 0x80bf675
0x80bf66b: mov dword ptr [rip + 0x8170e44], ecx
0x80bf671: add esp, 0x10
0x80bf674: ret
0x80bf675: lea edi, [rip + 0x8170e44]
0x80bf67b: mov eax, ecx
0x80bf67d: call 0x8091220
0x80bf682: jmp 0x80bf671
0x80bf684: lea edi, [rip + 0x8170e4c]
0x80bf68a: mov eax, ecx
0x80bf68c: call 0x8091220
0x80bf691: jmp 0x80bf63d
0x80bf693: call 0x808fab0
0x80bf698: jmp 0x80bf5f0

SYMBOL fmt.init
0x80bf6a0: mov ecx, dword ptr gs:[rip]
0x80bf6a7: mov ecx, dword ptr [rcx - 4]
0x80bf6ad: cmp esp, dword ptr [rcx + 8]
0x80bf6b0: jbe 0x80bf6fa
0x80bf6b2: movzx eax, byte ptr [rip + 0x8181b60]
0x80bf6b9: cmp al, 1
0x80bf6bc: jbe 0x80bf6bf
0x80bf6be: ret
0x80bf6bf: jne 0x80bf6c8
0x80bf6c1: call 0x806b350
0x80bf6c6: ud2
0x80bf6c8: mov byte ptr [rip + 0x8181b60], 1
0x80bf6cf: call 0x809bd80
0x80bf6d4: call 0x80b47b0
0x80bf6d9: call 0x80b4a70
0x80bf6de: call 0x80b7a10
0x80bf6e3: call 0x80ad740
0x80bf6e8: call 0x809dfd0
0x80bf6ed: call 0x80bf5f0
0x80bf6f2: mov byte ptr [rip + 0x8181b60], 2
0x80bf6f9: ret
0x80bf6fa: call 0x808fab0
0x80bf6ff: jmp 0x80bf6a0

SYMBOL type…hash.fmt.fmt
0x80bf710: mov ecx, dword ptr gs:[rip]
0x80bf717: mov ecx, dword ptr [rcx - 4]
0x80bf71d: cmp esp, dword ptr [rcx + 8]
0x80bf720: jbe 0x80bf76c
0x80bf722: sub esp, 0x10
0x80bf725: mov eax, dword ptr [rsp + 0x14]
0x80bf729: mov dword ptr [rsp], eax
0x80bf72c: mov ecx, dword ptr [rsp + 0x18]
0x80bf730: mov dword ptr [rsp + 4], ecx
0x80bf734: mov dword ptr [rsp + 8], 0xd
0x80bf73c: call 0x804e530
0x80bf741: mov eax, dword ptr [rsp + 0xc]
0x80bf745: mov ecx, dword ptr [rsp + 0x14]
0x80bf749: add ecx, 0x10
0x80bf74c: mov dword ptr [rsp], ecx
0x80bf74f: mov dword ptr [rsp + 4], eax
0x80bf753: mov dword ptr [rsp + 8], 0x4c
0x80bf75b: call 0x804e530
0x80bf760: mov eax, dword ptr [rsp + 0xc]
0x80bf764: mov dword ptr [rsp + 0x1c], eax
0x80bf768: add esp, 0x10
0x80bf76b: ret
0x80bf76c: call 0x808fab0
0x80bf771: jmp 0x80bf710

SYMBOL type…eq.fmt.fmt
0x80bf780: mov ecx, dword ptr gs:[rip]
0x80bf787: mov ecx, dword ptr [rcx - 4]
0x80bf78d: cmp esp, dword ptr [rcx + 8]
0x80bf790: jbe 0x80bf7fd
0x80bf792: sub esp, 0x10
0x80bf795: mov eax, dword ptr [rsp + 0x18]
0x80bf799: mov ecx, dword ptr [rax]
0x80bf79b: mov edx, dword ptr [rsp + 0x14]
0x80bf79f: cmp dword ptr [rdx], ecx
0x80bf7a1: je 0x80bf7d4
0x80bf7a3: xor ecx, ecx
0x80bf7a5: test cl, cl
0x80bf7a7: jne 0x80bf7b3
0x80bf7a9: xor eax, eax
0x80bf7ab: mov byte ptr [rsp + 0x1c], al
0x80bf7af: add esp, 0x10
0x80bf7b2: ret
0x80bf7b3: lea ecx, [rdx + 0x10]
0x80bf7b6: mov dword ptr [rsp], ecx
0x80bf7b9: add eax, 0x10
0x80bf7bc: mov dword ptr [rsp + 4], eax
0x80bf7c0: mov dword ptr [rsp + 8], 0x4c
0x80bf7c8: call 0x8049e80
0x80bf7cd: movzx eax, byte ptr [rsp + 0xc]
0x80bf7d2: jmp 0x80bf7ab
0x80bf7d4: lea ecx, [rdx + 4]
0x80bf7d7: mov dword ptr [rsp], ecx
0x80bf7da: lea ecx, [rax + 4]
0x80bf7dd: mov dword ptr [rsp + 4], ecx
0x80bf7e1: mov dword ptr [rsp + 8], 9
0x80bf7e9: call 0x8049e80
0x80bf7ee: movzx ecx, byte ptr [rsp + 0xc]
0x80bf7f3: mov eax, dword ptr [rsp + 0x18]
0x80bf7f7: mov edx, dword ptr [rsp + 0x14]
0x80bf7fb: jmp 0x80bf7a5
0x80bf7fd: call 0x808fab0
0x80bf802: jmp 0x80bf780

SYMBOL main.main
0x80bf810: mov ecx, dword ptr gs:[rip]
0x80bf817: mov ecx, dword ptr [rcx - 4]
0x80bf81d: cmp esp, dword ptr [rcx + 8]
0x80bf820: jbe 0x80bf888
0x80bf822: sub esp, 0x28
0x80bf825: mov dword ptr [rsp], 3
0x80bf82c: call 0x804f420
0x80bf831: mov eax, dword ptr [rsp + 4]
0x80bf835: mov dword ptr [rsp + 0x20], 0
0x80bf83d: mov dword ptr [rsp + 0x24], 0
0x80bf845: lea ecx, [rip + 0x80d2220]
0x80bf84b: mov dword ptr [rsp + 0x20], ecx
0x80bf84f: mov dword ptr [rsp + 0x24], eax
0x80bf853: nop
0x80bf854: mov eax, dword ptr [rip + 0x8170db8]
0x80bf85a: lea ecx, [rip + 0x80fc760]
0x80bf860: mov dword ptr [rsp], ecx
0x80bf863: mov dword ptr [rsp + 4], eax
0x80bf867: lea eax, [rsp + 0x20]
0x80bf86b: mov dword ptr [rsp + 8], eax
0x80bf86f: mov dword ptr [rsp + 0xc], 1
0x80bf877: mov dword ptr [rsp + 0x10], 1
0x80bf87f: call 0x80ba2d0
0x80bf884: add esp, 0x28
0x80bf887: ret
0x80bf888: call 0x808fab0
0x80bf88d: jmp 0x80bf810

SYMBOL main.init
0x80bf890: mov ecx, dword ptr gs:[rip]
0x80bf897: mov ecx, dword ptr [rcx - 4]
0x80bf89d: cmp esp, dword ptr [rcx + 8]
0x80bf8a0: jbe 0x80bf8cc
0x80bf8a2: movzx eax, byte ptr [rip + 0x8181b66]
0x80bf8a9: cmp al, 1
0x80bf8ac: jbe 0x80bf8af
0x80bf8ae: ret
0x80bf8af: jne 0x80bf8b8
0x80bf8b1: call 0x806b350
0x80bf8b6: ud2
0x80bf8b8: mov byte ptr [rip + 0x8181b66], 1
0x80bf8bf: call 0x80bf6a0
0x80bf8c4: mov byte ptr [rip + 0x8181b66], 2
0x80bf8cb: ret
0x80bf8cc: call 0x808fab0
0x80bf8d1: jmp 0x80bf890

How can I find out, how much memory is being allocated on the i := 3 line, in my main fuction ? This dissasembled code is nice but it is not telling me anything readable. To be honest, I also do not know assembly language.

0x80bf825: mov dword ptr [rsp], 3
is where 3 is assigned to i.

4 bytes
Data structures containing such different sized words refer to them as WORD (16 bits/2 bytes), DWORD (32 bits/4 bytes) and QWORD (64 bits/8 bytes) respectively.

3 Likes

And, given “rsp”, this is at the top of the stack. So no separate allocation per se.

1 Like

By the way, if you’re not required to use Capstone, you might find Compiler Explorer useful.

It runs in your browser at https://godbolt.org/ and shows instant disassembly of Go code while you’re typing code. It lets you pick version of Go and also supports many other languages.

If you want to use Intel assembly syntax for Go and other languages, then checkout PeachPy. It can generate Go assembly files and more.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.