自制反汇编逆向分析工具 迭代第三版本

Posted bbqz007

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了自制反汇编逆向分析工具 迭代第三版本相关的知识,希望对你有一定的参考价值。

将一个函数的分支跳转逆向生成cpp文件,使逆向分析过程从分支跳转的分析中解放出来,工具首要的作用是应当解放生产力。 下面是效果图:

技术分享

然后附上上面效果图对应的反汇编源代码和工具逆向生成的cpp文件。

有了这个逆向出来的文件,接下来的逆向工作有点像在做填空,但已经帮大忙。

不能上传附件,贴代码。

某比较大的函数的反汇编代码

QuartzCore`CA::Context::commit_transaction:
->   <+0>:    pushq  %rbp
     <+1>:    movq   %rsp, %rbp
     <+4>:    pushq  %r15
     <+6>:    pushq  %r14
     <+8>:    pushq  %r13
     <+10>:   pushq  %r12
     <+12>:   pushq  %rbx
     <+13>:   subq   $0x198, %rsp
     <+20>:   movq   %rdi, %r12
     <+23>:   movq   0x80d62(%rip), %rax       ; (void *)0x000000010495d070: __stack_chk_guard
     <+30>:   movq   (%rax), %rax
     <+33>:   movq   %rax, -0x30(%rbp)
     <+37>:   movq   %r12, -0x170(%rbp)
     <+44>:   movq   $0x10, -0x178(%rbp)
     <+55>:   movq   $0x10, -0x180(%rbp)
     <+66>:   leaq   -0xb0(%rbp), %rsi
     <+73>:   leaq   -0x178(%rbp), %rdx
     <+80>:   movl   $0x1, %edi
     <+85>:   callq  0x1024014b0               ; CA::Context::retain_all_contexts(bool, CA::Context**, unsigned long&)
     <+90>:   movq   %rax, %r14
     <+93>:   leaq   -0x160(%rbp), %rcx
     <+100>:  movl   $0x5d, %esi
     <+105>:  movl   $0x12, %edx
     <+110>:  movq   %r12, %rdi
     <+113>:  callq  0x102430dcc               ; CA::Transaction::get_value(unsigned int, _CAValueType, void*)
     <+118>:  testb  %al, %al
     <+120>:  jne    0x1024033e5               ; <+133>
     <+122>:  movq   $0x0, -0x160(%rbp)
     <+133>:  movabsq $0x7ff0000000000000, %rax
     <+143>:  movq   %rax, -0x158(%rbp)
     <+150>:  xorl   %esi, %esi
     <+152>:  movq   %r12, %rdi
     <+155>:  callq  0x102431edc               ; CA::Transaction::run_commit_handlers(CATransactionPhase)
     <+160>:  movq   -0x178(%rbp), %rax
     <+167>:  movq   %rax, -0x1c0(%rbp)
     <+174>:  testq  %rax, %rax
     <+177>:  je     0x102403ccc               ; <+2412>
     <+183>:  callq  0x102450a6a               ; symbol stub for: objc_autoreleasePoolPush
     <+188>:  movq   %rax, -0x198(%rbp)
     <+195>:  xorl   %ebx, %ebx
     <+197>:  movq   (%r14,%rbx,8), %r13
     <+201>:  movq   %r13, -0x168(%rbp)
     <+208>:  movq   %r13, 0x50(%r12)
     <+213>:  addq   $0x10, %r13
     <+217>:  movq   %r13, %rdi
     <+220>:  callq  0x102450eb4               ; symbol stub for: pthread_mutex_lock
     <+225>:  movq   -0x168(%rbp), %rax
     <+232>:  movq   0x68(%rax), %rdi
     <+236>:  testq  %rdi, %rdi
     <+239>:  je     0x1024034a6               ; <+326>
     <+241>:  callq  0x10241e773               ; CALayerGetLayer
     <+246>:  movq   %rax, %r15
     <+249>:  lock   
     <+250>:  incl   (%r15)
     <+253>:  movq   %r13, %rdi
     <+256>:  callq  0x102450ec0               ; symbol stub for: pthread_mutex_unlock
     <+261>:  testq  %r15, %r15
     <+264>:  je     0x1024034ae               ; <+334>
     <+266>:  movq   %r15, %rdi
     <+269>:  movq   %r12, %rsi
     <+272>:  callq  0x10240ecd6               ; CA::Layer::layout_and_display_if_needed(CA::Transaction*)
     <+277>:  movq   %r15, %rdi
     <+280>:  movq   %r12, %rsi
     <+283>:  callq  0x10240ef76               ; CA::Layer::prepare_commit(CA::Transaction*)
     <+288>:  movl   $0xffffffff, %eax
     <+293>:  lock   
     <+294>:  xaddl  %eax, (%r15)
     <+298>:  cmpl   $0x1, %eax
     <+301>:  jne    0x1024034ae               ; <+334>
     <+303>:  movq   %r15, %rdi
     <+306>:  callq  0x10240ddca               ; CA::Layer::~Layer()
     <+311>:  movl   $0xb, %edi
     <+316>:  movq   %r15, %rsi
     <+319>:  callq  0x10244af5e               ; x_mem_dealloc_bucket
     <+324>:  jmp    0x1024034ae               ; <+334>
     <+326>:  movq   %r13, %rdi
     <+329>:  callq  0x102450ec0               ; symbol stub for: pthread_mutex_unlock
     <+334>:  incq   %rbx
     <+337>:  movq   -0x178(%rbp), %r15
     <+344>:  cmpq   %r15, %rbx
     <+347>:  jb     0x102403425               ; <+197>
     <+353>:  movq   -0x198(%rbp), %rdi
     <+360>:  callq  0x102450a64               ; symbol stub for: objc_autoreleasePoolPop
     <+365>:  leaq   -0x130(%rbp), %rsi
     <+372>:  leaq   -0x180(%rbp), %rdx
     <+379>:  movl   $0x1, %edi
     <+384>:  callq  0x1024014b0               ; CA::Context::retain_all_contexts(bool, CA::Context**, unsigned long&)
     <+389>:  movq   %rax, -0x198(%rbp)
     <+396>:  xorl   %ebx, %ebx
     <+398>:  leaq   -0xb0(%rbp), %r13
     <+405>:  testq  %r15, %r15
     <+408>:  je     0x102403513               ; <+435>
     <+410>:  movq   (%r14,%rbx,8), %rdi
     <+414>:  movl   $0x1, %esi
     <+419>:  callq  0x102401c8a               ; CA::Context::unref(bool)
     <+424>:  incq   %rbx
     <+427>:  cmpq   %r15, %rbx
     <+430>:  jb     0x1024034fa               ; <+410>
     <+432>:  movq   %r15, %rbx
     <+435>:  cmpq   %r13, %r14
     <+438>:  je     0x10240354d               ; <+493>
     <+440>:  shlq   $0x3, %rbx
     <+444>:  cmpq   $0x190, %rbx
     <+451>:  ja     0x102403542               ; <+482>
     <+453>:  movabsq $0xfffffffff, %rax
     <+463>:  addq   %rax, %rbx
     <+466>:  shrq   $0x4, %rbx
     <+470>:  movl   %ebx, %edi
     <+472>:  movq   %r14, %rsi
     <+475>:  callq  0x10244af5e               ; x_mem_dealloc_bucket
     <+480>:  jmp    0x10240354d               ; <+493>
     <+482>:  movq   %rbx, %rdi
     <+485>:  movq   %r14, %rsi
     <+488>:  callq  0x10244ad84               ; x_mem_dealloc_size
     <+493>:  orb    $0x2, 0x84(%r12)
     <+502>:  movl   $0x3, %esi
     <+507>:  movq   %r12, %rdi
     <+510>:  callq  0x102431edc               ; CA::Transaction::run_commit_handlers(CATransactionPhase)
     <+515>:  callq  0x102450a6a               ; symbol stub for: objc_autoreleasePoolPush
     <+520>:  movq   %rax, %rbx
     <+523>:  movq   (%r12), %rax
     <+527>:  movq   0x28(%rax), %r15
     <+531>:  testq  %r15, %r15
     <+534>:  je     0x10240377b               ; <+1051>
     <+540>:  movq   %rbx, -0x1a0(%rbp)
     <+547>:  movq   %r12, -0x1a8(%rbp)
     <+554>:  movq   %r15, %rbx
     <+557>:  movq   %rbx, %rdi
     <+560>:  callq  0x102431b52               ; CA::Transaction::Fence::run_callbacks() const
     <+565>:  movq   (%rbx), %rbx
     <+568>:  testq  %rbx, %rbx
     <+571>:  jne    0x10240358d               ; <+557>
     <+573>:  movl   $0x0, -0x184(%rbp)
     <+583>:  xorl   %r12d, %r12d
     <+586>:  movq   -0x180(%rbp), %rbx
     <+593>:  cmpl   $0x0, 0xc(%r15)
     <+598>:  je     0x1024035c3               ; <+611>
     <+600>:  cmpl   $0x2, 0x10(%r15)
     <+605>:  jb     0x1024036fe               ; <+926>
     <+611>:  testq  %rbx, %rbx
     <+614>:  je     0x1024036fe               ; <+926>
     <+620>:  xorl   %r13d, %r13d
     <+623>:  movq   -0x198(%rbp), %rax
     <+630>:  movq   (%rax,%r13,8), %rdi
     <+634>:  movl   0x5c(%rdi), %eax
     <+637>:  cmpl   0x8(%r15), %eax
     <+641>:  jne    0x1024036f2               ; <+914>
     <+647>:  cmpl   $0x0, -0x184(%rbp)
     <+654>:  jne    0x102403630               ; <+720>
     <+656>:  movq   0x80c31(%rip), %rax       ; (void *)0x0000000104bdd234: mach_task_self_
     <+663>:  movl   (%rax), %edi
     <+665>:  movl   $0x1, %esi
     <+670>:  leaq   -0x184(%rbp), %rdx
     <+677>:  callq  0x102450d7c               ; symbol stub for: mach_port_allocate
     <+682>:  movq   0x80c17(%rip), %rax       ; (void *)0x0000000104bdd234: mach_task_self_
     <+689>:  movl   (%rax), %edi
     <+691>:  movl   -0x184(%rbp), %esi
     <+697>:  movl   $0x14, %ecx
     <+702>:  movl   %esi, %edx
     <+704>:  callq  0x102450d8e               ; symbol stub for: mach_port_insert_right
     <+709>:  movq   -0x198(%rbp), %rax
     <+716>:  movq   (%rax,%r13,8), %rdi
     <+720>:  callq  0x102402640               ; CA::Context::retain_render_ctx()
     <+725>:  movq   %rax, %r14
     <+728>:  testq  %r14, %r14
     <+731>:  je     0x10240366c               ; <+780>
     <+733>:  movl   0xc(%r15), %ecx
     <+737>:  testl  %ecx, %ecx
     <+739>:  je     0x1024036a4               ; <+836>
     <+741>:  movl   -0x184(%rbp), %esi
     <+747>:  movl   0x10(%r15), %r8d
     <+751>:  xorl   %edx, %edx
     <+753>:  movq   %r14, %rdi
     <+756>:  callq  0x102330eb4               ; CA::Render::Context::set_fence(unsigned int, bool, unsigned int, unsigned int)
     <+761>:  movzbl %al, %eax
     <+764>:  addq   %rax, %r12
     <+767>:  movq   %r14, %rdi
     <+770>:  callq  0x1023585ac               ; CA::Render::Object::unref() const
     <+775>:  jmp    0x1024036f2               ; <+914>
     <+780>:  movq   -0x198(%rbp), %rax
     <+787>:  movq   (%rax,%r13,8), %rax
     <+791>:  movl   0x90(%rax), %edi
     <+797>:  testl  %edi, %edi
     <+799>:  je     0x1024036f2               ; <+914>
     <+801>:  movl   0xc(%r15), %ecx
     <+805>:  testl  %ecx, %ecx
     <+807>:  je     0x1024036ca               ; <+874>
     <+809>:  movl   0x58(%rax), %esi
     <+812>:  movl   -0x184(%rbp), %edx
     <+818>:  movl   0x10(%r15), %r8d
     <+822>:  callq  0x102445cad               ; _CASSetFence
     <+827>:  cmpl   $0x1, %eax
     <+830>:  adcq   $0x0, %r12
     <+834>:  jmp    0x1024036f2               ; <+914>
     <+836>:  movl   0x14(%r15), %ecx
     <+840>:  testl  %ecx, %ecx
     <+842>:  je     0x10240365f               ; <+767>
     <+844>:  movl   -0x184(%rbp), %esi
     <+850>:  xorl   %edx, %edx
     <+852>:  movq   %r14, %rdi
     <+855>:  callq  0x102330ec2               ; CA::Render::Context::set_fence(unsigned int, bool, unsigned int)
     <+860>:  testb  %al, %al
     <+862>:  je     0x10240365f               ; <+767>
     <+864>:  movq   %r15, %rdi
     <+867>:  callq  0x102431af2               ; CA::Transaction::Fence::release_port() const
     <+872>:  jmp    0x102403659               ; <+761>
     <+874>:  movl   0x14(%r15), %ecx
     <+878>:  testl  %ecx, %ecx
     <+880>:  je     0x1024036f2               ; <+914>
     <+882>:  movl   0x58(%rax), %esi
     <+885>:  movl   -0x184(%rbp), %edx
     <+891>:  callq  0x102445e2f               ; _CASSetFenceWithPort
     <+896>:  testl  %eax, %eax
     <+898>:  jne    0x1024036f2               ; <+914>
     <+900>:  movq   %r15, %rdi
     <+903>:  callq  0x102431af2               ; CA::Transaction::Fence::release_port() const
     <+908>:  movzbl %al, %eax
     <+911>:  addq   %rax, %r12
     <+914>:  incq   %r13
     <+917>:  cmpq   %rbx, %r13
     <+920>:  jb     0x1024035cf               ; <+623>
     <+926>:  movq   (%r15), %r15
     <+929>:  testq  %r15, %r15
     <+932>:  jne    0x1024035b1               ; <+593>
     <+938>:  movl   -0x184(%rbp), %edi
     <+944>:  movb   $0x1, %al
     <+946>:  movl   %eax, -0x1ac(%rbp)
     <+952>:  testl  %edi, %edi
     <+954>:  je     0x102403787               ; <+1063>
     <+956>:  movq   %r12, %rsi
     <+959>:  movq   -0x1a0(%rbp), %rbx
     <+966>:  callq  0x10233969c               ; CA::Render::Fence::wait(unsigned int, unsigned long)
     <+971>:  movq   -0x1a8(%rbp), %r12
     <+978>:  xorps  %xmm1, %xmm1
     <+981>:  ucomisd -0x160(%rbp), %xmm1
     <+989>:  jne    0x102403747               ; <+999>
     <+991>:  movsd  %xmm0, -0x160(%rbp)
     <+999>:  movq   0x80ada(%rip), %rax       ; (void *)0x0000000104bdd234: mach_task_self_
     <+1006>: movl   (%rax), %edi
     <+1008>: movl   -0x184(%rbp), %esi
     <+1014>: movl   $0x1, %edx
     <+1019>: movl   $0xffffffff, %ecx
     <+1024>: callq  0x102450d94               ; symbol stub for: mach_port_mod_refs
     <+1029>: movq   0x80abc(%rip), %rax       ; (void *)0x0000000104bdd234: mach_task_self_
     <+1036>: movl   (%rax), %edi
     <+1038>: movl   -0x184(%rbp), %esi
     <+1044>: callq  0x102450d82               ; symbol stub for: mach_port_deallocate
     <+1049>: jmp    0x102403795               ; <+1077>
     <+1051>: movl   $0x0, -0x1ac(%rbp)
     <+1061>: jmp    0x102403795               ; <+1077>
     <+1063>: movq   -0x1a8(%rbp), %r12
     <+1070>: movq   -0x1a0(%rbp), %rbx
     <+1077>: movl   $0x1, %esi
     <+1082>: movq   %r12, %rdi
     <+1085>: callq  0x102431edc               ; CA::Transaction::run_commit_handlers(CATransactionPhase)
     <+1090>: movq   %rbx, %rdi
     <+1093>: callq  0x102450a64               ; symbol stub for: objc_autoreleasePoolPop
     <+1098>: xorpd  %xmm0, %xmm0
     <+1102>: ucomisd -0x160(%rbp), %xmm0
     <+1110>: jne    0x1024037c5               ; <+1125>
     <+1112>: callq  0x102304b1f               ; CACurrentMediaTime
     <+1117>: movsd  %xmm0, -0x160(%rbp)
     <+1125>: xorl   %edi, %edi
     <+1127>: cmpq   $0x0, -0x180(%rbp)
     <+1135>: je     0x102403c88               ; <+2344>
     <+1141>: xorl   %eax, %eax
     <+1143>: movq   %rax, -0x1b8(%rbp)
     <+1150>: xorl   %ecx, %ecx
     <+1152>: movq   %rcx, -0x1a0(%rbp)
     <+1159>: movq   -0x198(%rbp), %rax
     <+1166>: movq   (%rax,%rcx,8), %r14
     <+1170>: movq   %r14, -0x168(%rbp)
     <+1177>: movb   $0x0, -0x138(%rbp)
     <+1184>: addq   $0x10, %r14
     <+1188>: leaq   -0x150(%rbp), %rax
     <+1195>: movq   $0x0, 0x8(%rax)
     <+1203>: movq   $0x0, (%rax)
     <+1210>: movq   %r14, %rdi
     <+1213>: callq  0x102450eb4               ; symbol stub for: pthread_mutex_lock
     <+1218>: movq   -0x168(%rbp), %rax
     <+1225>: movq   %rax, 0x50(%r12)
     <+1230>: leaq   -0x170(%rbp), %rcx
     <+1237>: movq   %rcx, 0xb0(%rax)
     <+1244>: movq   %r12, %rdi
     <+1247>: movq   %r12, %r15
     <+1250>: callq  0x1024306d0               ; CA::Transaction::lock()
     <+1255>: movq   -0x168(%rbp), %rcx
     <+1262>: movq   0x70(%rcx), %rdi
     <+1266>: testq  %rdi, %rdi
     <+1269>: je     0x10240386a               ; <+1290>
     <+1271>: movq   %rdi, -0x148(%rbp)
     <+1278>: callq  0x102330512               ; CA::Render::Context::will_commit()
     <+1283>: movq   -0x168(%rbp), %rcx
     <+1290>: cmpl   $0x0, 0x90(%rcx)
     <+1297>: je     0x102403943               ; <+1507>
     <+1303>: testb  $0x1, 0xc8(%rcx)
     <+1310>: jne    0x102403943               ; <+1507>
     <+1316>: movq   -0x1b8(%rbp), %rax
     <+1323>: testq  %rax, %rax
     <+1326>: jne    0x10240389c               ; <+1340>
     <+1328>: movq   %rsp, %rax
     <+1331>: addq   $-0x8000, %rax
     <+1337>: movq   %rax, %rsp
     <+1340>: movq   %rax, -0x1b8(%rbp)
     <+1347>: movl   $0x1000, %edi
     <+1352>: movl   $0x8000, %edx
     <+1357>: movq   %rax, %rsi
     <+1360>: callq  0x10244d600               ; x_heap_new_with_ptr
     <+1365>: movq   %rax, %r12
     <+1368>: movl   $0x68, %esi
     <+1373>: movq   %r12, %rdi
     <+1376>: callq  0x10244d6e8               ; x_heap_malloc
     <+1381>: movq   %rax, %rbx
     <+1384>: movq   -0x168(%rbp), %rcx
     <+1391>: movl   0x58(%rcx), %r8d
     <+1395>: movsd  -0x160(%rbp), %xmm0
     <+1403>: xorl   %edx, %edx
     <+1405>: movq   %rbx, %rdi
     <+1408>: movq   %r12, %r13
     <+1411>: movq   %r13, %rsi
     <+1414>: callq  0x102379f6a               ; CA::Render::Encoder::Encoder(x_heap_struct*, unsigned int, void*, unsigned int, double)
     <+1419>: movq   %rbx, -0x150(%rbp)
     <+1426>: movq   -0x168(%rbp), %rax
     <+1433>: movq   0x98(%rax), %r12
     <+1440>: testq  %r12, %r12
     <+1443>: jne    0x10240392f               ; <+1487>
     <+1445>: movl   $0x1, %edi
     <+1450>: callq  0x10244ab0a               ; x_mem_alloc_bucket
     <+1455>: movq   %rax, %r12
     <+1458>: movq   %r12, %rdi
     <+1461>: callq  0x102379942               ; CA::Render::Encoder::ObjectCache::ObjectCache()
     <+1466>: movq   -0x168(%rbp), %rax
     <+1473>: movq   %r12, 0x98(%rax)
     <+1480>: movq   -0x150(%rbp), %rbx
     <+1487>: movq   %r13, -0x1a8(%rbp)
     <+1494>: movq   %rbx, %rdi
     <+1497>: movq   %r12, %rsi
     <+1500>: callq  0x102379fac               ; CA::Render::Encoder::set_object_cache(CA::Render::Encoder::ObjectCache*)
     <+1505>: jmp    0x10240394c               ; <+1516>
     <+1507>: xorl   %eax, %eax
     <+1509>: movq   %rax, -0x1a8(%rbp)
     <+1516>: movq   %r15, %rdi
     <+1519>: leaq   -0xdd2(%rip), %rsi        ; CA::Context::commit_deleted(unsigned long, unsigned int, void*)
     <+1526>: leaq   -0x170(%rbp), %rdx
     <+1533>: callq  0x10243178e               ; CA::Transaction::foreach_deleted_id(void (*)(unsigned long, unsigned int, void*), void*)
     <+1538>: movq   -0x168(%rbp), %rax
     <+1545>: movl   0x5c(%rax), %esi
     <+1548>: movq   %r15, %rdi
     <+1551>: leaq   -0xda2(%rip), %rdx        ; CA::Context::commit_command(int, unsigned long, void const*, void*)
     <+1558>: leaq   -0x170(%rbp), %rcx
     <+1565>: callq  0x1024319d6               ; CA::Transaction::foreach_command(unsigned int, void (*)(int, unsigned long, void const*, void*), void*)
     <+1570>: movq   -0x168(%rbp), %rax
     <+1577>: movq   0x68(%rax), %rdi
     <+1581>: xorl   %r13d, %r13d
     <+1584>: testq  %rdi, %rdi
     <+1587>: movl   $0x0, %r12d
     <+1593>: je     0x1024039d0               ; <+1648>
     <+1595>: callq  0x10241e773               ; CALayerGetLayer
     <+1600>: movq   %rax, %rbx
     <+1603>: xorl   %r13d, %r13d
     <+1606>: testq  %rbx, %rbx
     <+1609>: movl   $0x0, %r12d
     <+1615>: je     0x1024039d0               ; <+1648>
     <+1617>: movb   $0x1, %r13b
     <+1620>: movq   %rbx, %rdi
     <+1623>: movq   %r15, %rsi
     <+1626>: leaq   -0xf09(%rip), %rdx        ; CA::Context::commit_layer(CA::Layer*, unsigned int, unsigned int, void*)
     <+1633>: leaq   -0x170(%rbp), %rcx
     <+1640>: callq  0x10240f1c4               ; CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*)
     <+1645>: movq   %rbx, %r12
     <+1648>: movq   %r15, %rdi
     <+1651>: leaq   -0x6a6(%rip), %rsi        ; CA::Context::commit_root(CA::Layer*, void*)
     <+1658>: leaq   -0x170(%rbp), %rdx
     <+1665>: callq  0x1024318fe               ; CA::Transaction::foreach_root(void (*)(CA::Layer*, void*), void*)
     <+1670>: testb  %r13b, %r13b
     <+1673>: je     0x102403a05               ; <+1701>
     <+1675>: movsd  -0x160(%rbp), %xmm0
     <+1683>: movq   %r12, %rdi
     <+1686>: movq   %r15, %rsi
     <+1689>: leaq   -0x158(%rbp), %rdx
     <+1696>: callq  0x1024167fa               ; CA::Layer::collect_animations(CA::Transaction*, double, double*)
     <+1701>: movq   -0x150(%rbp), %rax
     <+1708>: testq  %rax, %rax
     <+1711>: je     0x102403a7a               ; <+1818>
     <+1713>: movq   0x18(%rax), %rcx
     <+1717>: subq   0x10(%rax), %rcx
     <+1721>: cmpq   0x50(%rax), %rcx
     <+1725>: je     0x102403a7a               ; <+1818>
     <+1727>: movb   $0x1, -0x185(%rbp)
     <+1734>: movl   $0x124, %esi
     <+1739>: movl   $0x7, %edx
     <+1744>: movq   %r15, %rdi
     <+1747>: leaq   -0x185(%rbp), %rcx
     <+1754>: callq  0x102430dcc               ; CA::Transaction::get_value(unsigned int, _CAValueType, void*)
     <+1759>: callq  0x102450ea2               ; symbol stub for: pthread_main_np
     <+1764>: testl  %eax, %eax
     <+1766>: sete   %al
     <+1769>: movl   -0x1ac(%rbp), %ecx
     <+1775>: orb    %cl, %al
     <+1777>: jne    0x102403a73               ; <+1811>
     <+1779>: callq  0x10244e4fb               ; x_cpu_has_64bit
     <+1784>: testb  %al, %al
     <+1786>: je     0x102403a73               ; <+1811>
     <+1788>: cmpb   $0x0, -0x185(%rbp)
     <+1795>: je     0x102403a7a               ; <+1818>
     <+1797>: movq   -0x150(%rbp), %rdi
     <+1804>: callq  0x10237c985               ; CA::Render::encode_set_low_latency(CA::Render::Encoder*)
     <+1809>: jmp    0x102403a7a               ; <+1818>
     <+1811>: movb   $0x0, -0x185(%rbp)
     <+1818>: movl   $0xfa, %esi
     <+1823>: movl   $0x12, %edx
     <+1828>: movq   %r15, %rdi
     <+1831>: leaq   -0x190(%rbp), %rcx
     <+1838>: callq  0x102430dcc               ; CA::Transaction::get_value(unsigned int, _CAValueType, void*)
     <+1843>: testb  %al, %al
     <+1845>: je     0x102403ad7               ; <+1911>
     <+1847>: movq   -0x148(%rbp), %rdi
     <+1854>: testq  %rdi, %rdi
     <+1857>: je     0x102403ab0               ; <+1872>
     <+1859>: movsd  -0x190(%rbp), %xmm0
     <+1867>: callq  0x102330dfe               ; CA::Render::Context::add_input_time(double)
     <+1872>: movq   -0x150(%rbp), %rdi
     <+1879>: testq  %rdi, %rdi
     <+1882>: je     0x102403ad7               ; <+1911>
     <+1884>: movq   0x18(%rdi), %rax
     <+1888>: subq   0x10(%rdi), %rax
     <+1892>: cmpq   0x50(%rdi), %rax
     <+1896>: je     0x102403ad7               ; <+1911>
     <+1898>: movsd  -0x190(%rbp), %xmm0
     <+1906>: callq  0x10237c931               ; CA::Render::encode_add_input_time(CA::Render::Encoder*, double)
     <+1911>: movq   %r15, %rdi
     <+1914>: callq  0x1024306ee               ; CA::Transaction::unlock()
     <+1919>: movq   -0x148(%rbp), %rax
     <+1926>: testq  %rax, %rax
     <+1929>: je     0x102403af3               ; <+1939>
     <+1931>: lock   
     <+1932>: andl   $0xfffeffff, 0x8(%rax)
     <+1939>: movq   -0x150(%rbp), %rdi
     <+1946>: xorl   %r13d, %r13d
     <+1949>: testq  %rdi, %rdi
     <+1952>: je     0x102403b7d               ; <+2077>
     <+1954>: movq   0x18(%rdi), %rax
     <+1958>: subq   0x10(%rdi), %rax
     <+1962>: cmpq   0x50(%rdi), %rax
     <+1966>: setne  %al
     <+1969>: movl   -0x1ac(%rbp), %ecx
     <+1975>: orb    %cl, %al
     <+

以上是关于自制反汇编逆向分析工具 迭代第三版本的主要内容,如果未能解决你的问题,请参考以下文章

自制反汇编逆向分析工具 迭代第四版本

android逆向必备工具

android逆向必备工具

android逆向必备工具

C++反汇编与逆向分析技术揭秘的目录

Android 逆向使用 Python 解析 ELF 文件 ( Capstone 反汇编 ELF 文件中的机器码数据 | 创建反汇编解析器实例对象 | 设置汇编解析器显示细节 )(代码片段