MAC系统中可执行文件格式(Mach-O)的学习 (一)
struct mach_header_64 {
uint32_t magic;
cpu_type_t cputype;
cpu_subtype_t cpusubtype;
uint32_t filetype;
uint32_t ncmds;
uint32_t sizeofcmds;
uint32_t flags;
uint32_t reserved;
};
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL LIB64 EXECUTE 16 1488 NOUNDEFS DYLDLINK TWOLEVEL WEAK_DEFINES BINDS_TO_WEAK PIE
在文件头之后,紧跟的是Load_Command结构,文件头中ncmds和sizeofcmds分别指定了有多少个Command和LoadCommand总的大小。
可以用 otool -v -l AppPath来显示load command
Load command 0
cmd LC_SEGMENT_64
cmdsize 72
segname __PAGEZERO
vmaddr 0x0000000000000000
vmsize 0x0000000100000000
fileoff 0
filesize 0
maxprot ---
initprot ---
nsects 0
flags (none)
Load command 1
cmd LC_SEGMENT_64
cmdsize 552
segname __TEXT
vmaddr 0x0000000100000000
vmsize 0x0000000000002000
fileoff 0
filesize 8192
maxprot rwx
initprot r-x
nsects 6
flags (none)
Section
sectname __text
segname __TEXT
addr 0x0000000100001060
size 0x0000000000000cbb
offset 4192
align 2^4 (16)
reloff 0
nreloc 0
type S_REGULAR
attributes PURE_INSTRUCTIONS SOME_INSTRUCTIONS
reserved1 0
reserved2 0
Section
sectname __stubs
segname __TEXT
addr 0x0000000100001d1c
size 0x000000000000009c
offset 7452
align 2^1 (2)
reloff 0
nreloc 0
type S_SYMBOL_STUBS
attributes PURE_INSTRUCTIONS SOME_INSTRUCTIONS
reserved1 0 (index into indirect symbol table)
reserved2 6 (size of stubs)
Section
sectname __stub_helper
segname __TEXT
addr 0x0000000100001db8
size 0x00000000000000e2
offset 7608
align 2^2 (4)
reloff 0
nreloc 0
type S_REGULAR
attributes PURE_INSTRUCTIONS SOME_INSTRUCTIONS
reserved1 0
reserved2 0
Section
sectname __gcc_except_tab
segname __TEXT
addr 0x0000000100001e9c
size 0x00000000000000b4
offset 7836
align 2^2 (4)
reloff 0
nreloc 0
type S_REGULAR
attributes (none)
reserved1 0
reserved2 0
Section
sectname __unwind_info
segname __TEXT
addr 0x0000000100001f50
size 0x0000000000000070
offset 8016
align 2^2 (4)
reloff 0
nreloc 0
type S_REGULAR
attributes (none)
reserved1 0
reserved2 0
Section
sectname __eh_frame
segname __TEXT
addr 0x0000000100001fc0
size 0x0000000000000038
offset 8128
align 2^3 (8)
reloff 0
nreloc 0
type S_REGULAR
attributes (none)
reserved1 0
reserved2 0
Load command 2
cmd LC_SEGMENT_64
cmdsize 392
segname __DATA
vmaddr 0x0000000100002000
vmsize 0x0000000000001000
fileoff 8192
filesize 4096
maxprot rwx
initprot rw-
nsects 4
flags (none)
Section
sectname __nl_symbol_ptr
segname __DATA
addr 0x0000000100002000
size 0x0000000000000010
offset 8192
align 2^3 (8)
reloff 0
nreloc 0
type S_NON_LAZY_SYMBOL_POINTERS
attributes (none)
reserved1 26 (index into indirect symbol table)
reserved2 0
Section
sectname __got
segname __DATA
addr 0x0000000100002010
size 0x0000000000000018
offset 8208
align 2^3 (8)
reloff 0
nreloc 0
type S_NON_LAZY_SYMBOL_POINTERS
attributes (none)
reserved1 28 (index into indirect symbol table)
reserved2 0
Section
sectname __la_symbol_ptr
segname __DATA
addr 0x0000000100002028
size 0x00000000000000d0
offset 8232
align 2^3 (8)
reloff 0
nreloc 0
type S_LAZY_SYMBOL_POINTERS
attributes (none)
reserved1 31 (index into indirect symbol table)
reserved2 0
Section
sectname __data
segname __DATA
addr 0x00000001000020f8
size 0x0000000000000005
offset 8440
align 2^0 (1)
reloff 0
nreloc 0
type S_REGULAR
attributes (none)
reserved1 0
reserved2 0
Load command 3
cmd LC_SEGMENT_64
cmdsize 72
segname __LINKEDIT
vmaddr 0x0000000100003000
vmsize 0x0000000000002000
fileoff 12288
filesize 5636
maxprot rwx
initprot r--
nsects 0
flags (none)
Load command 4
cmd LC_DYLD_INFO_ONLY
cmdsize 48
rebase_off 12288
rebase_size 8
bind_off 12296
bind_size 104
weak_bind_off 0
weak_bind_size 0
lazy_bind_off 12400
lazy_bind_size 752
export_off 13152
export_size 112
Load command 5
cmd LC_SYMTAB
cmdsize 24
symoff 13280
nsyms 93
stroff 14996
strsize 2928
Load command 6
cmd LC_DYSYMTAB
cmdsize 80
ilocalsym 0
nlocalsym 64
iextdefsym 64
nextdefsym 4
iundefsym 68
nundefsym 25
tocoff 0
ntoc 0
modtaboff 0
nmodtab 0
extrefsymoff 0
nextrefsyms 0
indirectsymoff 14768
nindirectsyms 57
extreloff 0
nextrel 0
locreloff 0
nlocrel 0
Load command 7
cmd LC_LOAD_DYLINKER
cmdsize 32
name /usr/lib/dyld (offset 12)
Load command 8
cmd LC_UUID
cmdsize 24
uuid 1C6B7DD1-BF2A-3AF5-8C32-9192ECC1DED8
Load command 9
cmd LC_VERSION_MIN_MACOSX
cmdsize 16
version 10.11
sdk 10.11
Load command 10
cmd LC_SOURCE_VERSION
cmdsize 16
version 0.0
Load command 11
cmd LC_MAIN
cmdsize 24
entryoff 4832
stacksize 0
Load command 12
cmd LC_LOAD_DYLIB
cmdsize 48
name /usr/lib/libc++.1.dylib (offset 24)
time stamp 2 Thu Jan 1 08:00:02 1970
current version 120.1.0
compatibility version 1.0.0
Load command 13
cmd LC_LOAD_DYLIB
cmdsize 56
name /usr/lib/libSystem.B.dylib (offset 24)
time stamp 2 Thu Jan 1 08:00:02 1970
current version 1225.1.1
compatibility version 1.0.0
Load command 14
cmd LC_FUNCTION_STARTS
cmdsize 16
dataoff 13264
datasize 16
Load command 15
cmd LC_DATA_IN_CODE
cmdsize 16
dataoff 13280
datasize 0
Command有很多不同的种类,每个种类对应一个结构体但是所有的Command都会有相同的开始结构
struct load_command {
uint32_t cmd;
uint32_t cmdsize;
};
其中第一个参数决定了当前这个是个什么样的load command,第二个参数指明了当前这个load_command的大小。注意这个大小是包括了它的所有内容,包括这个结构体本身所占的大小,它后面所跟的Section结构的大小,和所有的Padding对齐的0.(但是不包括真正的Data,真正的Data一般在FileOffset中指出,根据不同Command会不同)
所以从命令开始处加上第二个成员的大小,就可以直接定位到下一个命令的开始处。
个人觉得这个设计相当的挫,哈哈,为撒,因为你需要先读一个Load_Command结构才能知道当前命令是个什么类型,然后再去读对应的结构,读完以后,还要回到命令开始处,再加上第二个成员的大小去处理下一个命令。比较挫!比如,如果cmd=19,它代表一个Segment_Command_64,也就是从那里开始其实是一个Segment_Command_64结构
struct segment_command_64 {
uint32_t cmd;
uint32_t cmdsize;
char segname[16];
uint64_t vmaddr;
uint64_t vmsize;
uint64_t fileoff;
uint64_t filesize;
vm_prot_t maxprot;
vm_prot_t initprot;
uint32_t nsects;
uint32_t flags;
};
可以看到头上两个对象就是上面的load_command结构体,但是如果我们要读这些内容,可想而知,我们的文件读写指针已经读完了load_command的内容,当前的文件指针是在segname[16]处,但是这时我们才能知道cmd=19,然后重新回到刚才的地方,再把上面的结构体读一遍。相当不好,哈哈,不如汇编指令Call和Jmp的实现,从当前指令指针直接加偏移就可以。
上面的结构包括了段名,和初始化的内存保护掩码,还有虚拟地址和文件偏移,和Windows上的内容差不多。重要的是下面,nsects和flags,这两个一个指明后面跟了多少sections,另一个代表当前的段属性。
如果nsects>0,代表后面有节,而且节的定义紧跟的段定义。
struct section_64 {
char sectname[16];
char segname[16];
uint64_t addr;
uint64_t size;
uint32_t offset;
uint32_t align;
uint32_t reloff;
uint32_t nreloc;
uint32_t flags;
uint32_t reserved1;
uint32_t reserved2;
uint32_t reserved3;
};
和上面一样,有一些内存偏移和文件偏移,还有重定位节的引用,详细的需要以后慢慢理解。重要的也是flags,指明了当前节的属性。其中节属性可能有下面这样的
#define S_ATTR_PURE_INSTRUCTIONS 0x80000000
#define S_ATTR_SOME_INSTRUCTIONS 0x00000400
默认的代码节就是这个2个属性。
如果要观察段和节,可以用size -x -l -m AppPath来观察
Segment __PAGEZERO: 0x100000000 (vmaddr 0x0 fileoff 0)
Segment __TEXT: 0x2000 (vmaddr 0x100000000 fileoff 0)
Section __text: 0xcbb (addr 0x100001060 offset 4192)
Section __stubs: 0x9c (addr 0x100001d1c offset 7452)
Section __stub_helper: 0xe2 (addr 0x100001db8 offset 7608)
Section __gcc_except_tab: 0xb4 (addr 0x100001e9c offset 7836)
Section __unwind_info: 0x70 (addr 0x100001f50 offset 8016)
Section __eh_frame: 0x38 (addr 0x100001fc0 offset 8128)
total 0xf95
Segment __DATA: 0x1000 (vmaddr 0x100002000 fileoff 8192)
Section __nl_symbol_ptr: 0x10 (addr 0x100002000 offset 8192)
Section __got: 0x18 (addr 0x100002010 offset 8208)
Section __la_symbol_ptr: 0xd0 (addr 0x100002028 offset 8232)
Section __data: 0x5 (addr 0x1000020f8 offset 8440)
total 0xfd
Segment __LINKEDIT: 0x2000 (vmaddr 0x100003000 fileoff 12288)
total 0x100005000
可以用otool -s __TEXT __text AppPath来观察段内容,二进制数据,这是看真的内容,上面的是看定义。就是转到真的fileOffset处再读数据。
(__TEXT,__text) section
0000000100001060 55 48 89 e5 48 89 7d f0 48 8b 7d f0 0f be 47 15
0000000100001070 3d 2e 00 00 00 0f 85 3c 00 00 00 48 8b 45 f0 0f
0000000100001080 be 48 16 81 f9 00 00 00 00 0f 84 34 00 00 00 48
0000000100001090 8b 45 f0 0f be 48 16 81 f9 2e 00 00 00 0f 85 14
00000001000010a0 00 00 00 48 8b 45 f0 0f be 48 17 81 f9 00 00 00
00000001000010b0 00 0f 84 0c 00 00 00 c7 45 fc 01 00 00 00 e9 07
00000001000010c0 00 00 00 c7 45 fc 00 00 00 00 8b 45 fc 5d c3 90
00000001000010d0 55 48 89 e5 48 81 ec e0 00 00 00 48 89 7d f8 48
00000001000010e0 89 75 f0 e8 a0 0c 00 00 c7 00 00 00 00 00 48 8b
00000001000010f0 7d f8 e8 a9 0c 00 00 48 89 45 e8 48 81 7d e8 00
0000000100001100 00 00 00 0f 85 05 00 00 00 e9 c6 01 00 00 48 8b
0000000100001110 7d e8 e8 7d 0c 00 00 31 c9 89 85 4c ff ff ff 3b
0000000100001120 8d 4c ff ff ff 0f 8f 1d 00 00 00 48 8d b5 50 ff
0000000100001130 ff ff 8b bd 4c ff ff ff e8 5d 0c 00 00 89 85 44
0000000100001140 ff ff ff e9 16 00 00 00 48 8d b5 50 ff ff ff 48
0000000100001150 8b 7d f8 e8 54 0c 00 00 89 85 44 ff ff ff 8b 85
0000000100001160 44 ff ff ff 3d 00 00 00 00 0f 8d 05 00 00 00 e9
0000000100001170 60 01 00 00 e9 00 00 00 00 e8 0a 0c 00 00 c7 00
0000000100001180 00 00 00 00 48 8b 7d e8 e8 19 0c 00 00 48 89 45
0000000100001190 e0 48 3d 00 00 00 00 0f 85 53 00 00 00 e8 e6 0b
00000001000011a0 00 00 81 38 00 00 00 00 0f 84 3d 00 00 00 e8 d5
00000001000011b0 0b 00 00 8b 08 89 8d 48 ff ff ff 48 8b 7d e8 e8
00000001000011c0 ca 0b 00 00 8b 8d 48 ff ff ff 89 85 40 ff ff ff
00000001000011d0 89 8d 3c ff ff ff e8 ad 0b 00 00 8b 8d 3c ff ff
00000001000011e0 ff 89 08 48 c7 45 e8 00 00 00 00 e9 e4 00 00 00
00000001000011f0 48 8b 7d e0 e8 67 fe ff ff 3d 00 00 00 00 0f 84
0000000100001200 cb 00 00 00 48 8b 45 e0 0f b6 48 14 81 f9 06 00
0000000100001210 00 00 0f 84 78 00 00 00 48 8b 45 e0 0f b6 48 14
0000000100001220 81 f9 02 00 00 00 0f 84 64 00 00 00 48 8b 45 e0
0000000100001230 0f b6 48 14 81 f9 04 00 00 00 0f 84 50 00 00 00
0000000100001240 48 8b 45 e0 0f b6 48 14 81 f9 01 00 00 00 0f 84
0000000100001250 3c 00 00 00 48 8b 45 e0 0f b6 48 14 81 f9 0a 00
0000000100001260 00 00 0f 84 28 00 00 00 48 8b 45 e0 0f b6 48 14
0000000100001270 81 f9 08 00 00 00 0f 84 14 00 00 00 48 8b 45 e0
0000000100001280 0f b6 48 14 81 f9 0c 00 00 00 0f 85 3a 00 00 00
0000000100001290 48 8b 3d 79 0d 00 00 48 8b 45 e0 48 05 15 00 00
00000001000012a0 00 48 89 c6 e8 8b 0a 00 00 48 8b 3d 60 0d 00 00
00000001000012b0 48 8d 35 41 0e 00 00 48 89 85 30 ff ff ff e8 71
00000001000012c0 0a 00 00 48 89 85 28 ff ff ff e9 00 00 00 00 e9
00000001000012d0 a5 fe ff ff 48 81 c4 e0 00 00 00 5d c3 0f 1f 00
00000001000012e0 55 48 89 e5 48 83 ec 10 48 8d 05 0b 0e 00 00 31
00000001000012f0 c9 89 ca c7 45 fc 00 00 00 00 89 7d f8 48 89 75
0000000100001300 f0 48 89 c7 48 89 d6 e8 c4 fd ff ff 31 c0 48 83
0000000100001310 c4 10 5d c3 90 90 90 90 90 90 90 90 90 90 90 90
0000000100001320 55 48 89 e5 48 83 ec 20 48 89 7d f8 48 89 75 f0
0000000100001330 48 8b 7d f8 48 8b 75 f0 48 8b 45 f0 48 89 7d e8
0000000100001340 48 89 c7 48 89 75 e0 e8 dc 09 00 00 48 8b 7d e8
0000000100001350 48 8b 75 e0 48 89 c2 e8 d2 09 00 00 48 83 c4 20
0000000100001360 5d c3 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00
0000000100001370 55 48 89 e5 48 81 ec 80 01 00 00 48 89 bd 48 ff
0000000100001380 ff ff 48 89 b5 40 ff ff ff 48 89 95 38 ff ff ff
0000000100001390 48 8b b5 48 ff ff ff 48 8d bd 28 ff ff ff e8 af
00000001000013a0 09 00 00 e9 00 00 00 00 48 8d 85 28 ff ff ff 48
00000001000013b0 89 85 50 ff ff ff 48 8b 85 50 ff ff ff 8a 08 88
00000001000013c0 8d 07 ff ff ff 8a 85 07 ff ff ff a8 01 0f 85 05
00000001000013d0 00 00 00 e9 99 03 00 00 48 8d 85 10 ff ff ff 48
00000001000013e0 8b 8d 48 ff ff ff 48 89 85 60 ff ff ff 48 89 8d
00000001000013f0 58 ff ff ff 48 8b 85 60 ff ff ff 48 8b 8d 58 ff
0000000100001400 ff ff 48 89 85 70 ff ff ff 48 89 8d 68 ff ff ff
0000000100001410 48 8b 85 70 ff ff ff 48 8b 8d 68 ff ff ff 48 8b
0000000100001420 11 48 8b 52 e8 48 01 d1 48 89 8d 78 ff ff ff 48
0000000100001430 8b 8d 78 ff ff ff 48 89 4d 80 48 8b 4d 80 48 8b
0000000100001440 49 28 48 89 08 48 8b b5 40 ff ff ff 48 8b 85 48
0000000100001450 ff ff ff 48 8b 08 48 8b 49 e8 48 01 c8 48 89 45
0000000100001460 a8 48 8b 45 a8 8b 78 08 48 89 b5 f8 fe ff ff 89
0000000100001470 bd f4 fe ff ff 8b 85 f4 fe ff ff 25 b0 00 00 00
0000000100001480 3d 20 00 00 00 0f 85 1a 00 00 00 48 8b 85 40 ff
0000000100001490 ff ff 48 03 85 38 ff ff ff 48 89 85 e8 fe ff ff
00000001000014a0 e9 0e 00 00 00 48 8b 85 40 ff ff ff 48 89 85 e8
00000001000014b0 fe ff ff 48 8b 85 e8 fe ff ff 48 8b 8d 40 ff ff
00000001000014c0 ff 48 03 8d 38 ff ff ff 48 8b 95 48 ff ff ff 48
00000001000014d0 8b 32 48 8b 76 e8 48 01 f2 48 8b b5 48 ff ff ff
00000001000014e0 48 8b 3e 48 8b 7f e8 48 01 fe 48 89 75 b8 48 8b
00000001000014f0 75 b8 48 89 85 e0 fe ff ff 48 89 8d d8 fe ff ff
0000000100001500 48 89 95 d0 fe ff ff 48 89 b5 c8 fe ff ff e8 0f
0000000100001510 08 00 00 48 8b 8d c8 fe ff ff 8b b1 90 00 00 00
0000000100001520 89 c7 e8 f5 07 00 00 a8 01 0f 85 05 00 00 00 e9
0000000100001530 dc 00 00 00 48 8b 85 c8 fe ff ff 48 89 45 e0 c6
0000000100001540 45 df 20 48 8b 75 e0 48 8d 7d d0 e8 f0 07 00 00
0000000100001550 e9 00 00 00 00 48 8d 45 d0 48 89 45 e8 48 8b 35
0000000100001560 b4 0a 00 00 48 89 c7 e8 ce 07 00 00 48 89 85 c0
0000000100001570 fe ff ff e9 00 00 00 00 8a 45 df 48 8b 8d c0 fe
0000000100001580 ff ff 48 89 4d f8 88 45 f7 48 8b 55 f8 48 8b 32
0000000100001590 48 8b 76 38 0f be 7d f7 89 bd bc fe ff ff 48 89
00000001000015a0 d7 44 8b 85 bc fe ff ff 48 89 b5 b0 fe ff ff 44
00000001000015b0 89 c6 48 8b 95 b0 fe ff ff ff d2 88 85 af fe ff
00000001000015c0 ff e9 2b 00 00 00 89 d1 48 89 45 c8 89 4d c4 48
00000001000015d0 8d 7d d0 e8 86 07 00 00 48 8b 45 c8 8b 4d c4 48
00000001000015e0 89 85 a0 fe ff ff 89 8d 9c fe ff ff e9 12 01 00
00000001000015f0 00 48 8d 7d d0 e8 64 07 00 00 8a 85 af fe ff ff
0000000100001600 0f be c8 48 8b bd c8 fe ff ff 89 8f 90 00 00 00
0000000100001610 48 8b 85 c8 fe ff ff 8b 88 90 00 00 00 88 ca 88
0000000100001620 95 9b fe ff ff 48 8b bd 10 ff ff ff 8a 85 9b fe
0000000100001630 ff ff 44 0f be c8 48 8b b5 f8 fe ff ff 48 8b 95
0000000100001640 e0 fe ff ff 48 8b 8d d8 fe ff ff 4c 8b 85 d0 fe
0000000100001650 ff ff e8 89 01 00 00 48 89 85 90 fe ff ff e9 00
0000000100001660 00 00 00 48 8d 85 08 ff ff ff 48 8b 8d 90 fe ff
0000000100001670 ff 48 89 8d 08 ff ff ff 48 89 45 b0 48 8b 45 b0
0000000100001680 48 81 38 00 00 00 00 0f 85 df 00 00 00 48 8b 85
0000000100001690 48 ff ff ff 48 8b 08 48 8b 49 e8 48 01 c8 48 89
00000001000016a0 45 90 c7 45 8c 05 00 00 00 48 8b 45 90 48 89 45
00000001000016b0 a0 c7 45 9c 05 00 00 00 48 8b 45 a0 8b 50 20 83
00000001000016c0 ca 05 48 89 c7 89 d6 e8 9e 06 00 00 e9 00 00 00
00000001000016d0 00 e9 00 00 00 00 e9 91 00 00 00 89 d1 48 89 85
00000001000016e0 20 ff ff ff 89 8d 1c ff ff ff e9 3a 00 00 00 89
00000001000016f0 d1 48 89 85 a0 fe ff ff 89 8d 9c fe ff ff e9 00
0000000100001700 00 00 00 8b 85 9c fe ff ff 48 8b 8d a0 fe ff ff
0000000100001710 48 8d bd 28 ff ff ff 48 89 8d 20 ff ff ff 89 85
0000000100001720 1c ff ff ff e8 2f 06 00 00 48 8b bd 20 ff ff ff
0000000100001730 e8 41 06 00 00 48 8b bd 48 ff ff ff 48 8b 0f 48
0000000100001740 8b 49 e8 48 01 cf 48 89 85 88 fe ff ff e8 12 06
0000000100001750 00 00 e9 00 00 00 00 e8 20 06 00 00 48 8b 85 48
0000000100001760 ff ff ff 48 81 c4 80 01 00 00 5d c3 e9 00 00 00
0000000100001770 00 48 8d bd 28 ff ff ff e8 db 05 00 00 e9 da ff
0000000100001780 ff ff 89 d1 48 89 85 20 ff ff ff 89 8d 1c ff ff
0000000100001790 ff e8 e6 05 00 00 e9 00 00 00 00 e9 00 00 00 00
00000001000017a0 48 8b bd 20 ff ff ff e8 d6 05 00 00 89 d1 48 89
00000001000017b0 c7 89 8d 84 fe ff ff e8 14 05 00 00 0f 1f 40 00
00000001000017c0 55 48 89 e5 48 83 ec 10 48 89 7d f8 48 8b 7d f8
00000001000017d0 e8 dd 05 00 00 48 83 c4 10 5d c3 0f 1f 44 00 00
00000001000017e0 55 48 89 e5 48 81 ec e0 01 00 00 44 88 c8 48 89
00000001000017f0 bd c8 fe ff ff 48 89 b5 c0 fe ff ff 48 89 95 b8
0000000100001800 fe ff ff 48 89 8d b0 fe ff ff 4c 89 85 a8 fe ff
0000000100001810 ff 88 85 a7 fe ff ff 48 81 bd c8 fe ff ff 00 00
0000000100001820 00 00 0f 85 13 00 00 00 48 8b 85 c8 fe ff ff 48
0000000100001830 89 85 d0 fe ff ff e9 77 04 00 00 48 8b 85 b0 fe
0000000100001840 ff ff 48 8b 8d c0 fe ff ff 48 29 c8 48 89 85 98
0000000100001850 fe ff ff 48 8b 85 a8 fe ff ff 48 89 85 d8 fe ff
0000000100001860 ff 48 8b 85 d8 fe ff ff 48 8b 40 18 48 89 85 90
0000000100001870 fe ff ff 48 8b 85 90 fe ff ff 48 3b 85 98 fe ff
0000000100001880 ff 0f 8e 1d 00 00 00 48 8b 85 98 fe ff ff 48 8b
0000000100001890 8d 90 fe ff ff 48 29 c1 48 89 8d 90 fe ff ff e9
00000001000018a0 0b 00 00 00 48 c7 85 90 fe ff ff 00 00 00 00 48
00000001000018b0 8b 85 b8 fe ff ff 48 8b 8d c0 fe ff ff 48 29 c8
00000001000018c0 48 89 85 88 fe ff ff 48 81 bd 88 fe ff ff 00 00
00000001000018d0 00 00 0f 8e 7b 00 00 00 48 8b 85 c8 fe ff ff 48
00000001000018e0 8b 8d c0 fe ff ff 48 8b 95 88 fe ff ff 48 89 85
00000001000018f0 20 ff ff ff 48 89 8d 18 ff ff ff 48 89 95 10 ff
0000000100001900 ff ff 48 8b 85 20 ff ff ff 48 8b 08 48 8b 49 60
0000000100001910 48 8b b5 18 ff ff ff 48 8b 95 10 ff ff ff 48 89
0000000100001920 c7 ff d1 48 3b 85 88 fe ff ff 0f 84 1e 00 00 00
0000000100001930 48 c7 85 c8 fe ff ff 00 00 00 00 48 8b 85 c8 fe
0000000100001940 ff ff 48 89 85 d0 fe ff ff e9 64 03 00 00 e9 00
0000000100001950 00 00 00 48 81 bd 90 fe ff ff 00 00 00 00 0f 8e
0000000100001960 66 02 00 00 48 8d 85 70 fe ff ff 48 8b 8d 90 fe
0000000100001970 ff ff 8a 95 a7 fe ff ff 48 89 85 38 ff ff ff 48
0000000100001980 89 8d 30 ff ff ff 88 95 2f ff ff ff 48 8b 85 38
0000000100001990 ff ff ff 48 8b 8d 30 ff ff ff 8a 95 2f ff ff ff
00000001000019a0 48 89 85 50 ff ff ff 48 89 8d 48 ff ff ff 88 95
00000001000019b0 47 ff ff ff 48 8b 85 50 ff ff ff 48 89 85 58 ff
00000001000019c0 ff ff 48 8b 8d 58 ff ff ff 48 89 8d 60 ff ff ff
00000001000019d0 48 8b 8d 60 ff ff ff 48 89 8d 68 ff ff ff 48 8b
00000001000019e0 8d 68 ff ff ff 48 89 8d 70 ff ff ff 48 8b b5 48
00000001000019f0 ff ff ff 48 89 c7 0f be 95 47 ff ff ff e8 44 03
0000000100001a00 00 00 48 8d 85 70 fe ff ff 48 8b 8d c8 fe ff ff
0000000100001a10 48 89 85 78 ff ff ff 48 8b 85 78 ff ff ff 48 89
0000000100001a20 45 80 48 8b 45 80 48 89 45 88 48 8b 75 88 48 89
0000000100001a30 75 90 48 8b 75 90 48 89 75 98 48 8b 75 98 0f b6
0000000100001a40 16 81 e2 01 00 00 00 81 fa 00 00 00 00 48 89 8d
0000000100001a50 58 fe ff ff 48 89 85 50 fe ff ff 0f 84 2f 00 00
0000000100001a60 00 48 8b 85 50 fe ff ff 48 89 45 c8 48 8b 4d c8
0000000100001a70 48 89 4d d0 48 8b 4d d0 48 89 4d d8 48 8b 4d d8
0000000100001a80 48 8b 49 10 48 89 8d 48 fe ff ff e9 3d 00 00 00
0000000100001a90 48 8b 85 50 fe ff ff 48 89 45 a0 48 8b 4d a0 48
0000000100001aa0 89 4d a8 48 8b 4d a8 48 89 4d b0 48 8b 4d b0 48
0000000100001ab0 81 c1 01 00 00 00 48 89 4d b8 48 8b 4d b8 48 89
0000000100001ac0 4d c0 48 8b 4d c0 48 89 8d 48 fe ff ff 48 8b 85
0000000100001ad0 48 fe ff ff 48 89 45 e0 48 8b 8d 90 fe ff ff 48
0000000100001ae0 8b 95 58 fe ff ff 48 89 55 f8 48 89 45 f0 48 89
0000000100001af0 4d e8 48 8b 45 f8 48 8b 30 48 8b 76 60 48 8b 7d
0000000100001b00 f0 48 89 bd 40 fe ff ff 48 89 c7 48 8b 85 40 fe
0000000100001b10 ff ff 48 89 b5 38 fe ff ff 48 89 c6 48 89 ca 48
0000000100001b20 8b 8d 38 fe ff ff ff d1 48 89 85 30 fe ff ff e9
0000000100001b30 00 00 00 00 e9 00 00 00 00 48 8b 85 30 fe ff ff
0000000100001b40 48 3b 85 90 fe ff ff 0f 84 48 00 00 00 48 c7 85
0000000100001b50 c8 fe ff ff 00 00 00 00 48 8b 85 c8 fe ff ff 48
0000000100001b60 89 85 d0 fe ff ff c7 85 60 fe ff ff 01 00 00 00
0000000100001b70 e9 2a 00 00 00 48 8d bd 70 fe ff ff 89 d1 48 89
0000000100001b80 85 68 fe ff ff 89 8d 64 fe ff ff e8 bc 01 00 00
0000000100001b90 e9 2d 01 00 00 c7 85 60 fe ff ff 00 00 00 00 48
0000000100001ba0 8d bd 70 fe ff ff e8 a1 01 00 00 8b 85 60 fe ff
0000000100001bb0 ff 83 e8 01 89 85 2c fe ff ff 0f 84 f2 00 00 00
0000000100001bc0 e9 00 00 00 00 e9 00 00 00 00 48 8b 85 b0 fe ff
0000000100001bd0 ff 48 8b 8d b8 fe ff ff 48 29 c8 48 89 85 88 fe
0000000100001be0 ff ff 48 81 bd 88 fe ff ff 00 00 00 00 0f 8e 7b
0000000100001bf0 00 00 00 48 8b 85 c8 fe ff ff 48 8b 8d b8 fe ff
0000000100001c00 ff 48 8b 95 88 fe ff ff 48 89 85 08 ff ff ff 48
0000000100001c10 89 8d 00 ff ff ff 48 89 95 f8 fe ff ff 48 8b 85
0000000100001c20 08 ff ff ff 48 8b 08 48 8b 49 60 48 8b b5 00 ff
0000000100001c30 ff ff 48 8b 95 f8 fe ff ff 48 89 c7 ff d1 48 3b
0000000100001c40 85 88 fe ff ff 0f 84 1e 00 00 00 48 c7 85 c8 fe
0000000100001c50 ff ff 00 00 00 00 48 8b 85 c8 fe ff ff 48 89 85
0000000100001c60 d0 fe ff ff e9 49 00 00 00 e9 00 00 00 00 48 8b
0000000100001c70 85 a8 fe ff ff 48 89 85 f0 fe ff ff 48 c7 85 e8
0000000100001c80 fe ff ff 00 00 00 00 48 8b 85 f0 fe ff ff 48 8b
0000000100001c90 48 18 48 89 8d e0 fe ff ff 48 8b 8d e8 fe ff ff
0000000100001ca0 48 89 48 18 48 8b 85 c8 fe ff ff 48 89 85 d0 fe
0000000100001cb0 ff ff 48 8b 85 d0 fe ff ff 48 81 c4 e0 01 00 00
0000000100001cc0 5d c3 48 8b bd 68 fe ff ff e8 b4 00 00 00 66 90
0000000100001cd0 55 48 89 e5 48 83 ec 10 e8 99 00 00 00 48 89 45
0000000100001ce0 f8 e8 8a 00 00 00 66 2e 0f 1f 84 00 00 00 00 00
0000000100001cf0 55 48 89 e5 89 7d fc 89 75 f8 8b 75 fc 3b 75 f8
0000000100001d00 0f 94 c0 24 01 0f b6 c0 5d c3 66 0f 1f 44 00 00
0000000100001d10 55 48 89 e5 b8 ff ff ff ff 5d c3
-s __TEXT __text 可以用-t代替,-v参数可以查看反汇编代码
otool -v -t AppPath
(__TEXT,__text) section
__Z16file_interestingPK6dirent:
0000000100001060 pushq %rbp
0000000100001061 movq %rsp, %rbp
0000000100001064 movq %rdi, -0x10(%rbp)
0000000100001068 movq -0x10(%rbp), %rdi
000000010000106c movsbl 0x15(%rdi), �x
0000000100001070 cmpl $0x2e, �x
0000000100001075 jne 0x1000010b7
000000010000107b movq -0x10(%rbp), %rax
000000010000107f movsbl 0x16(%rax), �x
0000000100001083 cmpl $0x0, �x
0000000100001089 je 0x1000010c3
000000010000108f movq -0x10(%rbp), %rax
0000000100001093 movsbl 0x16(%rax), �x
0000000100001097 cmpl $0x2e, �x
000000010000109d jne 0x1000010b7
00000001000010a3 movq -0x10(%rbp), %rax
00000001000010a7 movsbl 0x17(%rax), �x
00000001000010ab cmpl $0x0, �x
00000001000010b1 je 0x1000010c3
00000001000010b7 movl $0x1, -0x4(%rbp)
00000001000010be jmp 0x1000010ca
00000001000010c3 movl $0x0, -0x4(%rbp)
00000001000010ca movl -0x4(%rbp), �x
00000001000010cd popq %rbp
00000001000010ce retq
00000001000010cf nop
__Z9print_dirPKcS0_:
00000001000010d0 pushq %rbp
00000001000010d1 movq %rsp, %rbp
00000001000010d4 subq $0xe0, %rsp
00000001000010db movq %rdi, -0x8(%rbp)
00000001000010df movq %rsi, -0x10(%rbp)
00000001000010e3 callq 0x100001d88
00000001000010e8 movl $0x0, (%rax)
00000001000010ee movq -0x8(%rbp), %rdi
00000001000010f2 callq 0x100001da0
00000001000010f7 movq %rax, -0x18(%rbp)
00000001000010fb cmpq $0x0, -0x18(%rbp)
0000000100001103 jne 0x10000110e
0000000100001109 jmp 0x1000012d4
000000010000110e movq -0x18(%rbp), %rdi
0000000100001112 callq 0x100001d94
0000000100001117 xorl �x, �x
0000000100001119 movl �x, -0xb4(%rbp)
000000010000111f cmpl -0xb4(%rbp), �x
0000000100001125 jg 0x100001148
000000010000112b leaq -0xb0(%rbp), %rsi
0000000100001132 movl -0xb4(%rbp), �i
0000000100001138 callq 0x100001d9a
000000010000113d movl �x, -0xbc(%rbp)
0000000100001143 jmp 0x10000115e
0000000100001148 leaq -0xb0(%rbp), %rsi
000000010000114f movq -0x8(%rbp), %rdi
0000000100001153 callq 0x100001dac
0000000100001158 movl �x, -0xbc(%rbp)
000000010000115e movl -0xbc(%rbp), �x
0000000100001164 cmpl $0x0, �x
0000000100001169 jge 0x100001174
000000010000116f jmp 0x1000012d4
0000000100001174 jmp 0x100001179
0000000100001179 callq 0x100001d88
000000010000117e movl $0x0, (%rax)
0000000100001184 movq -0x18(%rbp), %rdi
0000000100001188 callq 0x100001da6
000000010000118d movq %rax, -0x20(%rbp)
0000000100001191 cmpq $0x0, %rax
0000000100001197 jne 0x1000011f0
000000010000119d callq 0x100001d88
00000001000011a2 cmpl $0x0, (%rax)
00000001000011a8 je 0x1000011eb
00000001000011ae callq 0x100001d88
00000001000011b3 movl (%rax), �x
00000001000011b5 movl �x, -0xb8(%rbp)
00000001000011bb movq -0x18(%rbp), %rdi
00000001000011bf callq 0x100001d8e
00000001000011c4 movl -0xb8(%rbp), �x
00000001000011ca movl �x, -0xc0(%rbp)
00000001000011d0 movl �x, -0xc4(%rbp)
00000001000011d6 callq 0x100001d88
00000001000011db movl -0xc4(%rbp), �x
00000001000011e1 movl �x, (%rax)
00000001000011e3 movq $0x0, -0x18(%rbp)
00000001000011eb jmp 0x1000012d4
00000001000011f0 movq -0x20(%rbp), %rdi
00000001000011f4 callq 0x100001060
00000001000011f9 cmpl $0x0, �x
00000001000011fe je 0x1000012cf
0000000100001204 movq -0x20(%rbp), %rax
0000000100001208 movzbl 0x14(%rax), �x
000000010000120c cmpl $0x6, �x
0000000100001212 je 0x100001290
0000000100001218 movq -0x20(%rbp), %rax
000000010000121c movzbl 0x14(%rax), �x
0000000100001220 cmpl $0x2, �x
0000000100001226 je 0x100001290
000000010000122c movq -0x20(%rbp), %rax
0000000100001230 movzbl 0x14(%rax), �x
0000000100001234 cmpl $0x4, �x
000000010000123a je 0x100001290
0000000100001240 movq -0x20(%rbp), %rax
0000000100001244 movzbl 0x14(%rax), �x
0000000100001248 cmpl $0x1, �x
000000010000124e je 0x100001290
0000000100001254 movq -0x20(%rbp), %rax
0000000100001258 movzbl 0x14(%rax), �x
000000010000125c cmpl $0xa, �x
0000000100001262 je 0x100001290
0000000100001268 movq -0x20(%rbp), %rax
000000010000126c movzbl 0x14(%rax), �x
0000000100001270 cmpl $0x8, �x
0000000100001276 je 0x100001290
000000010000127c movq -0x20(%rbp), %rax
0000000100001280 movzbl 0x14(%rax), �x
0000000100001284 cmpl $0xc, �x
000000010000128a jne 0x1000012ca
0000000100001290 movq 0xd79(%rip), %rdi
0000000100001297 movq -0x20(%rbp), %rax
000000010000129b addq $0x15, %rax
00000001000012a1 movq %rax, %rsi
00000001000012a4 callq 0x100001d34
00000001000012a9 movq 0xd60(%rip), %rdi
00000001000012b0 leaq 0xe41(%rip), %rsi
00000001000012b7 movq %rax, -0xd0(%rbp)
00000001000012be callq 0x100001d34
00000001000012c3 movq %rax, -0xd8(%rbp)
00000001000012ca jmp 0x1000012cf
00000001000012cf jmp 0x100001179
00000001000012d4 addq $0xe0, %rsp
00000001000012db popq %rbp
00000001000012dc retq
00000001000012dd nopl (%rax)
_main:
00000001000012e0 pushq %rbp
00000001000012e1 movq %rsp, %rbp
00000001000012e4 subq $0x10, %rsp
00000001000012e8 leaq 0xe0b(%rip), %rax
00000001000012ef xorl �x, �x
00000001000012f1 movl �x, �x
00000001000012f3 movl $0x0, -0x4(%rbp)
00000001000012fa movl �i, -0x8(%rbp)
00000001000012fd movq %rsi, -0x10(%rbp)
0000000100001301 movq %rax, %rdi
0000000100001304 movq %rdx, %rsi
0000000100001307 callq 0x1000010d0
000000010000130c xorl �x, �x
000000010000130e addq $0x10, %rsp
0000000100001312 popq %rbp
0000000100001313 retq
0000000100001314 nop
0000000100001315 nop
0000000100001316 nop
0000000100001317 nop
0000000100001318 nop
0000000100001319 nop
000000010000131a nop
000000010000131b nop
000000010000131c nop
000000010000131d nop
000000010000131e nop
000000010000131f nop
__ZNSt3__1lsINS_11char_traitsIcEEEERNS_13basic_ostreamIcT_EES6_PKc:
0000000100001320 pushq %rbp
0000000100001321 movq %rsp, %rbp
0000000100001324 subq $0x20, %rsp
0000000100001328 movq %rdi, -0x8(%rbp)
000000010000132c movq %rsi, -0x10(%rbp)
0000000100001330 movq -0x8(%rbp), %rdi
0000000100001334 movq -0x10(%rbp), %rsi
0000000100001338 movq -0x10(%rbp), %rax
000000010000133c movq %rdi, -0x18(%rbp)
0000000100001340 movq %rax, %rdi
0000000100001343 movq %rsi, -0x20(%rbp)
0000000100001347 callq 0x100001d28
000000010000134c movq -0x18(%rbp), %rdi
0000000100001350 movq -0x20(%rbp), %rsi
0000000100001354 movq %rax, %rdx
0000000100001357 callq 0x100001d2e
000000010000135c addq $0x20, %rsp
0000000100001360 popq %rbp
0000000100001361 retq
0000000100001362 nopw %cs:(%rax,%rax)
__ZNSt3__124__put_character_sequenceIcNS_11char_traitsIcEEEERNS_13basic_ostreamIT_T0_EES7_PKS4_m:
0000000100001370 pushq %rbp
0000000100001371 movq %rsp, %rbp
0000000100001374 subq $0x180, %rsp ## imm = 0x180
000000010000137b movq %rdi, -0xb8(%rbp)
0000000100001382 movq %rsi, -0xc0(%rbp)
0000000100001389 movq %rdx, -0xc8(%rbp)
0000000100001390 movq -0xb8(%rbp), %rsi
0000000100001397 leaq -0xd8(%rbp), %rdi
000000010000139e callq 0x100001d52
00000001000013a3 jmp 0x1000013a8
00000001000013a8 leaq -0xd8(%rbp), %rax
00000001000013af movq %rax, -0xb0(%rbp)
00000001000013b6 movq -0xb0(%rbp), %rax
00000001000013bd movb (%rax), %cl
00000001000013bf movb %cl, -0xf9(%rbp)
00000001000013c5 movb -0xf9(%rbp), %al
00000001000013cb testb $0x1, %al
00000001000013cd jne 0x1000013d8
00000001000013d3 jmp 0x100001771
00000001000013d8 leaq -0xf0(%rbp), %rax
00000001000013df movq -0xb8(%rbp), %rcx
00000001000013e6 movq %rax, -0xa0(%rbp)
00000001000013ed movq %rcx, -0xa8(%rbp)
00000001000013f4 movq -0xa0(%rbp), %rax
00000001000013fb movq -0xa8(%rbp), %rcx
0000000100001402 movq %rax, -0x90(%rbp)
0000000100001409 movq %rcx, -0x98(%rbp)
0000000100001410 movq -0x90(%rbp), %rax
0000000100001417 movq -0x98(%rbp), %rcx
000000010000141e movq (%rcx), %rdx
0000000100001421 movq -0x18(%rdx), %rdx
0000000100001425 addq %rdx, %rcx
0000000100001428 movq %rcx, -0x88(%rbp)
000000010000142f movq -0x88(%rbp), %rcx
0000000100001436 movq %rcx, -0x80(%rbp)
000000010000143a movq -0x80(%rbp), %rcx
000000010000143e movq 0x28(%rcx), %rcx
0000000100001442 movq %rcx, (%rax)
0000000100001445 movq -0xc0(%rbp), %rsi
000000010000144c movq -0xb8(%rbp), %rax
0000000100001453 movq (%rax), %rcx
0000000100001456 movq -0x18(%rcx), %rcx
000000010000145a addq %rcx, %rax
000000010000145d movq %rax, -0x58(%rbp)
0000000100001461 movq -0x58(%rbp), %rax
0000000100001465 movl 0x8(%rax), �i
0000000100001468 movq %rsi, -0x108(%rbp)
000000010000146f movl �i, -0x10c(%rbp)
0000000100001475 movl -0x10c(%rbp), �x
000000010000147b andl $0xb0, �x
0000000100001480 cmpl $0x20, �x
0000000100001485 jne 0x1000014a5
000000010000148b movq -0xc0(%rbp), %rax
0000000100001492 addq -0xc8(%rbp), %rax
0000000100001499 movq %rax, -0x118(%rbp)
00000001000014a0 jmp 0x1000014b3
00000001000014a5 movq -0xc0(%rbp), %rax
00000001000014ac movq %rax, -0x118(%rbp)
00000001000014b3 movq -0x118(%rbp), %rax
00000001000014ba movq -0xc0(%rbp), %rcx
00000001000014c1 addq -0xc8(%rbp), %rcx
00000001000014c8 movq -0xb8(%rbp), %rdx
00000001000014cf movq (%rdx), %rsi
00000001000014d2 movq -0x18(%rsi), %rsi
00000001000014d6 addq %rsi, %rdx
00000001000014d9 movq -0xb8(%rbp), %rsi
00000001000014e0 movq (%rsi), %rdi
00000001000014e3 movq -0x18(%rdi), %rdi
00000001000014e7 addq %rdi, %rsi
00000001000014ea movq %rsi, -0x48(%rbp)
00000001000014ee movq -0x48(%rbp), %rsi
00000001000014f2 movq %rax, -0x120(%rbp)
00000001000014f9 movq %rcx, -0x128(%rbp)
0000000100001500 movq %rdx, -0x130(%rbp)
0000000100001507 movq %rsi, -0x138(%rbp)
000000010000150e callq 0x100001d22
0000000100001513 movq -0x138(%rbp), %rcx
000000010000151a movl 0x90(%rcx), %esi
0000000100001520 movl �x, �i
0000000100001522 callq 0x100001d1c
0000000100001527 testb $0x1, %al
0000000100001529 jne 0x100001534
000000010000152f jmp 0x100001610
0000000100001534 movq -0x138(%rbp), %rax
000000010000153b movq %rax, -0x20(%rbp)
000000010000153f movb $0x20, -0x21(%rbp)
0000000100001543 movq -0x20(%rbp), %rsi
0000000100001547 leaq -0x30(%rbp), %rdi
000000010000154b callq 0x100001d40
0000000100001550 jmp 0x100001555
0000000100001555 leaq -0x30(%rbp), %rax
0000000100001559 movq %rax, -0x18(%rbp)
000000010000155d movq 0xab4(%rip), %rsi
0000000100001564 movq %rax, %rdi
0000000100001567 callq 0x100001d3a
000000010000156c movq %rax, -0x140(%rbp)
0000000100001573 jmp 0x100001578
0000000100001578 movb -0x21(%rbp), %al
000000010000157b movq -0x140(%rbp), %rcx
0000000100001582 movq %rcx, -0x8(%rbp)
0000000100001586 movb %al, -0x9(%rbp)
0000000100001589 movq -0x8(%rbp), %rdx
000000010000158d movq (%rdx), %rsi
0000000100001590 movq 0x38(%rsi), %rsi
0000000100001594 movsbl -0x9(%rbp), �i
0000000100001598 movl �i, -0x144(%rbp)
000000010000159e movq %rdx, %rdi
00000001000015a1 movl -0x144(%rbp), %r8d
00000001000015a8 movq %rsi, -0x150(%rbp)
00000001000015af movl %r8d, %esi
00000001000015b2 movq -0x150(%rbp), %rdx
00000001000015b9 callq *%rdx
00000001000015bb movb %al, -0x151(%rbp)
00000001000015c1 jmp 0x1000015f1
00000001000015c6 movl �x, �x
00000001000015c8 movq %rax, -0x38(%rbp)
00000001000015cc movl �x, -0x3c(%rbp)
00000001000015cf leaq -0x30(%rbp), %rdi
00000001000015d3 callq 0x100001d5e
00000001000015d8 movq -0x38(%rbp), %rax
00000001000015dc movl -0x3c(%rbp), �x
00000001000015df movq %rax, -0x160(%rbp)
00000001000015e6 movl �x, -0x164(%rbp)
00000001000015ec jmp 0x100001703
00000001000015f1 leaq -0x30(%rbp), %rdi
00000001000015f5 callq 0x100001d5e
00000001000015fa movb -0x151(%rbp), %al
0000000100001600 movsbl %al, �x
0000000100001603 movq -0x138(%rbp), %rdi
000000010000160a movl �x, 0x90(%rdi)
0000000100001610 movq -0x138(%rbp), %rax
0000000100001617 movl 0x90(%rax), �x
000000010000161d movb %cl, %dl
000000010000161f movb %dl, -0x165(%rbp)
0000000100001625 movq -0xf0(%rbp), %rdi
000000010000162c movb -0x165(%rbp), %al
0000000100001632 movsbl %al, %r9d
0000000100001636 movq -0x108(%rbp), %rsi
000000010000163d movq -0x120(%rbp), %rdx
0000000100001644 movq -0x128(%rbp), %rcx
000000010000164b movq -0x130(%rbp), %r8
0000000100001652 callq 0x1000017e0
0000000100001657 movq %rax, -0x170(%rbp)
000000010000165e jmp 0x100001663
0000000100001663 leaq -0xf8(%rbp), %rax
000000010000166a movq -0x170(%rbp), %rcx
0000000100001671 movq %rcx, -0xf8(%rbp)
0000000100001678 movq %rax, -0x50(%rbp)
000000010000167c movq -0x50(%rbp), %rax
0000000100001680 cmpq $0x0, (%rax)
0000000100001687 jne 0x10000176c
000000010000168d movq -0xb8(%rbp), %rax
0000000100001694 movq (%rax), %rcx
0000000100001697 movq -0x18(%rcx), %rcx
000000010000169b addq %rcx, %rax
000000010000169e movq %rax, -0x70(%rbp)
00000001000016a2 movl $0x5, -0x74(%rbp)
00000001000016a9 movq -0x70(%rbp), %rax
00000001000016ad movq %rax, -0x60(%rbp)
00000001000016b1 movl $0x5, -0x64(%rbp)
00000001000016b8 movq -0x60(%rbp), %rax
00000001000016bc movl 0x20(%rax), �x
00000001000016bf orl $0x5, �x
00000001000016c2 movq %rax, %rdi
00000001000016c5 movl �x, %esi
00000001000016c7 callq 0x100001d6a
00000001000016cc jmp 0x1000016d1
00000001000016d1 jmp 0x1000016d6
00000001000016d6 jmp 0x10000176c
00000001000016db movl �x, �x
00000001000016dd movq %rax, -0xe0(%rbp)
00000001000016e4 movl �x, -0xe4(%rbp)
00000001000016ea jmp 0x100001729
00000001000016ef movl �x, �x
00000001000016f1 movq %rax, -0x160(%rbp)
00000001000016f8 movl �x, -0x164(%rbp)
00000001000016fe jmp 0x100001703
0000000100001703 movl -0x164(%rbp), �x
0000000100001709 movq -0x160(%rbp), %rcx
0000000100001710 leaq -0xd8(%rbp), %rdi
0000000100001717 movq %rcx, -0xe0(%rbp)
000000010000171e movl �x, -0xe4(%rbp)
0000000100001724 callq 0x100001d58
0000000100001729 movq -0xe0(%rbp), %rdi
0000000100001730 callq 0x100001d76
0000000100001735 movq -0xb8(%rbp), %rdi
000000010000173c movq (%rdi), %rcx
000000010000173f movq -0x18(%rcx), %rcx
0000000100001743 addq %rcx, %rdi
0000000100001746 movq %rax, -0x178(%rbp)
000000010000174d callq 0x100001d64
0000000100001752 jmp 0x100001757
0000000100001757 callq 0x100001d7c
000000010000175c movq -0xb8(%rbp), %rax
0000000100001763 addq $0x180, %rsp ## imm = 0x180
000000010000176a popq %rbp
000000010000176b retq
000000010000176c jmp 0x100001771
0000000100001771 leaq -0xd8(%rbp), %rdi
0000000100001778 callq 0x100001d58
000000010000177d jmp 0x10000175c
0000000100001782 movl �x, �x
0000000100001784 movq %rax, -0xe0(%rbp)
000000010000178b movl �x, -0xe4(%rbp)
0000000100001791 callq 0x100001d7c
0000000100001796 jmp 0x10000179b
000000010000179b jmp 0x1000017a0
00000001000017a0 movq -0xe0(%rbp), %rdi
00000001000017a7 callq 0x100001d82
00000001000017ac movl �x, �x
00000001000017ae movq %rax, %rdi
00000001000017b1 movl �x, -0x17c(%rbp)
00000001000017b7 callq 0x100001cd0
00000001000017bc nopl (%rax)
__ZNSt3__111char_traitsIcE6lengthEPKc:
00000001000017c0 pushq %rbp
00000001000017c1 movq %rsp, %rbp
00000001000017c4 subq $0x10, %rsp
00000001000017c8 movq %rdi, -0x8(%rbp)
00000001000017cc movq -0x8(%rbp), %rdi
00000001000017d0 callq 0x100001db2
00000001000017d5 addq $0x10, %rsp
00000001000017d9 popq %rbp
00000001000017da retq
00000001000017db nopl (%rax,%rax)
__ZNSt3__116__pad_and_outputIcNS_11char_traitsIcEEEENS_19ostreambuf_iteratorIT_T0_EES6_PKS4_S8_S8_RNS_8ios_baseES4_:
00000001000017e0 pushq %rbp
00000001000017e1 movq %rsp, %rbp
00000001000017e4 subq $0x1e0, %rsp ## imm = 0x1E0
00000001000017eb movb %r9b, %al
00000001000017ee movq %rdi, -0x138(%rbp)
00000001000017f5 movq %rsi, -0x140(%rbp)
00000001000017fc movq %rdx, -0x148(%rbp)
0000000100001803 movq %rcx, -0x150(%rbp)
000000010000180a movq %r8, -0x158(%rbp)
0000000100001811 movb %al, -0x159(%rbp)
0000000100001817 cmpq $0x0, -0x138(%rbp)
0000000100001822 jne 0x10000183b
0000000100001828 movq -0x138(%rbp), %rax
000000010000182f movq %rax, -0x130(%rbp)
0000000100001836 jmp 0x100001cb2
000000010000183b movq -0x150(%rbp), %rax
0000000100001842 movq -0x140(%rbp), %rcx
0000000100001849 subq %rcx, %rax
000000010000184c movq %rax, -0x168(%rbp)
0000000100001853 movq -0x158(%rbp), %rax
000000010000185a movq %rax, -0x128(%rbp)
0000000100001861 movq -0x128(%rbp), %rax
0000000100001868 movq 0x18(%rax), %rax
000000010000186c movq %rax, -0x170(%rbp)
0000000100001873 movq -0x170(%rbp), %rax
000000010000187a cmpq -0x168(%rbp), %rax
0000000100001881 jle 0x1000018a4
0000000100001887 movq -0x168(%rbp), %rax
000000010000188e movq -0x170(%rbp), %rcx
0000000100001895 subq %rax, %rcx
0000000100001898 movq %rcx, -0x170(%rbp)
000000010000189f jmp 0x1000018af
00000001000018a4 movq $0x0, -0x170(%rbp)
00000001000018af movq -0x148(%rbp), %rax
00000001000018b6 movq -0x140(%rbp), %rcx
00000001000018bd subq %rcx, %rax
00000001000018c0 movq %rax, -0x178(%rbp)
00000001000018c7 cmpq $0x0, -0x178(%rbp)
00000001000018d2 jle 0x100001953
00000001000018d8 movq -0x138(%rbp), %rax
00000001000018df movq -0x140(%rbp), %rcx
00000001000018e6 movq -0x178(%rbp), %rdx
00000001000018ed movq %rax, -0xe0(%rbp)
00000001000018f4 movq %rcx, -0xe8(%rbp)
00000001000018fb movq %rdx, -0xf0(%rbp)
0000000100001902 movq -0xe0(%rbp), %rax
0000000100001909 movq (%rax), %rcx
000000010000190c movq 0x60(%rcx), %rcx
0000000100001910 movq -0xe8(%rbp), %rsi
0000000100001917 movq -0xf0(%rbp), %rdx
000000010000191e movq %rax, %rdi
0000000100001921 callq *%rcx
0000000100001923 cmpq -0x178(%rbp), %rax
000000010000192a je 0x10000194e
0000000100001930 movq $0x0, -0x138(%rbp)
000000010000193b movq -0x138(%rbp), %rax
0000000100001942 movq %rax, -0x130(%rbp)
0000000100001949 jmp 0x100001cb2
000000010000194e jmp 0x100001953
0000000100001953 cmpq $0x0, -0x170(%rbp)
000000010000195e jle 0x100001bca
0000000100001964 leaq -0x190(%rbp), %rax
000000010000196b movq -0x170(%rbp), %rcx
0000000100001972 movb -0x159(%rbp), %dl
0000000100001978 movq %rax, -0xc8(%rbp)
000000010000197f movq %rcx, -0xd0(%rbp)
0000000100001986 movb %dl, -0xd1(%rbp)
000000010000198c movq -0xc8(%rbp), %rax
0000000100001993 movq -0xd0(%rbp), %rcx
000000010000199a movb -0xd1(%rbp), %dl
00000001000019a0 movq %rax, -0xb0(%rbp)
00000001000019a7 movq %rcx, -0xb8(%rbp)
00000001000019ae movb %dl, -0xb9(%rbp)
00000001000019b4 movq -0xb0(%rbp), %rax
00000001000019bb movq %rax, -0xa8(%rbp)
00000001000019c2 movq -0xa8(%rbp), %rcx
00000001000019c9 movq %rcx, -0xa0(%rbp)
00000001000019d0 movq -0xa0(%rbp), %rcx
00000001000019d7 movq %rcx, -0x98(%rbp)
00000001000019de movq -0x98(%rbp), %rcx
00000001000019e5 movq %rcx, -0x90(%rbp)
00000001000019ec movq -0xb8(%rbp), %rsi
00000001000019f3 movq %rax, %rdi
00000001000019f6 movsbl -0xb9(%rbp), �x
00000001000019fd callq 0x100001d46
0000000100001a02 leaq -0x190(%rbp), %rax
0000000100001a09 movq -0x138(%rbp), %rcx
0000000100001a10 movq %rax, -0x88(%rbp)
0000000100001a17 movq -0x88(%rbp), %rax
0000000100001a1e movq %rax, -0x80(%rbp)
0000000100001a22 movq -0x80(%rbp), %rax
0000000100001a26 movq %rax, -0x78(%rbp)
0000000100001a2a movq -0x78(%rbp), %rsi
0000000100001a2e movq %rsi, -0x70(%rbp)
0000000100001a32 movq -0x70(%rbp), %rsi
0000000100001a36 movq %rsi, -0x68(%rbp)
0000000100001a3a movq -0x68(%rbp), %rsi
0000000100001a3e movzbl (%rsi), �x
0000000100001a41 andl $0x1, �x
0000000100001a47 cmpl $0x0, �x
0000000100001a4d movq %rcx, -0x1a8(%rbp)
0000000100001a54 movq %rax, -0x1b0(%rbp)
0000000100001a5b je 0x100001a90
0000000100001a61 movq -0x1b0(%rbp), %rax
0000000100001a68 movq %rax, -0x38(%rbp)
0000000100001a6c movq -0x38(%rbp), %rcx
0000000100001a70 movq %rcx, -0x30(%rbp)
0000000100001a74 movq -0x30(%rbp), %rcx
0000000100001a78 movq %rcx, -0x28(%rbp)
0000000100001a7c movq -0x28(%rbp), %rcx
0000000100001a80 movq 0x10(%rcx), %rcx
0000000100001a84 movq %rcx, -0x1b8(%rbp)
0000000100001a8b jmp 0x100001acd
0000000100001a90 movq -0x1b0(%rbp), %rax
0000000100001a97 movq %rax, -0x60(%rbp)
0000000100001a9b movq -0x60(%rbp), %rcx
0000000100001a9f movq %rcx, -0x58(%rbp)
0000000100001aa3 movq -0x58(%rbp), %rcx
0000000100001aa7 movq %rcx, -0x50(%rbp)
0000000100001aab movq -0x50(%rbp), %rcx
0000000100001aaf addq $0x1, %rcx
0000000100001ab6 movq %rcx, -0x48(%rbp)
0000000100001aba movq -0x48(%rbp), %rcx
0000000100001abe movq %rcx, -0x40(%rbp)
0000000100001ac2 movq -0x40(%rbp), %rcx
0000000100001ac6 movq %rcx, -0x1b8(%rbp)
0000000100001acd movq -0x1b8(%rbp), %rax
0000000100001ad4 movq %rax, -0x20(%rbp)
0000000100001ad8 movq -0x170(%rbp), %rcx
0000000100001adf movq -0x1a8(%rbp), %rdx
0000000100001ae6 movq %rdx, -0x8(%rbp)
0000000100001aea movq %rax, -0x10(%rbp)
0000000100001aee movq %rcx, -0x18(%rbp)
0000000100001af2 movq -0x8(%rbp), %rax
0000000100001af6 movq (%rax), %rsi
0000000100001af9 movq 0x60(%rsi), %rsi
0000000100001afd movq -0x10(%rbp), %rdi
0000000100001b01 movq %rdi, -0x1c0(%rbp)
0000000100001b08 movq %rax, %rdi
0000000100001b0b movq -0x1c0(%rbp), %rax
0000000100001b12 movq %rsi, -0x1c8(%rbp)
0000000100001b19 movq %rax, %rsi
0000000100001b1c movq %rcx, %rdx
0000000100001b1f movq -0x1c8(%rbp), %rcx
0000000100001b26 callq *%rcx
0000000100001b28 movq %rax, -0x1d0(%rbp)
0000000100001b2f jmp 0x100001b34
0000000100001b34 jmp 0x100001b39
0000000100001b39 movq -0x1d0(%rbp), %rax
0000000100001b40 cmpq -0x170(%rbp), %rax
0000000100001b47 je 0x100001b95
0000000100001b4d movq $0x0, -0x138(%rbp)
0000000100001b58 movq -0x138(%rbp), %rax
0000000100001b5f movq %rax, -0x130(%rbp)
0000000100001b66 movl $0x1, -0x1a0(%rbp)
0000000100001b70 jmp 0x100001b9f
0000000100001b75 leaq -0x190(%rbp), %rdi
0000000100001b7c movl �x, �x
0000000100001b7e movq %rax, -0x198(%rbp)
0000000100001b85 movl �x, -0x19c(%rbp)
0000000100001b8b callq 0x100001d4c
0000000100001b90 jmp 0x100001cc2
0000000100001b95 movl $0x0, -0x1a0(%rbp)
0000000100001b9f leaq -0x190(%rbp), %rdi
0000000100001ba6 callq 0x100001d4c
0000000100001bab movl -0x1a0(%rbp), �x
0000000100001bb1 subl $0x1, �x
0000000100001bb4 movl �x, -0x1d4(%rbp)
0000000100001bba je 0x100001cb2
0000000100001bc0 jmp 0x100001bc5
0000000100001bc5 jmp 0x100001bca
0000000100001bca movq -0x150(%rbp), %rax
0000000100001bd1 movq -0x148(%rbp), %rcx
0000000100001bd8 subq %rcx, %rax
0000000100001bdb movq %rax, -0x178(%rbp)
0000000100001be2 cmpq $0x0, -0x178(%rbp)
0000000100001bed jle 0x100001c6e
0000000100001bf3 movq -0x138(%rbp), %rax
0000000100001bfa movq -0x148(%rbp), %rcx
0000000100001c01 movq -0x178(%rbp), %rdx
0000000100001c08 movq %rax, -0xf8(%rbp)
0000000100001c0f movq %rcx, -0x100(%rbp)
0000000100001c16 movq %rdx, -0x108(%rbp)
0000000100001c1d movq -0xf8(%rbp), %rax
0000000100001c24 movq (%rax), %rcx
0000000100001c27 movq 0x60(%rcx), %rcx
0000000100001c2b movq -0x100(%rbp), %rsi
0000000100001c32 movq -0x108(%rbp), %rdx
0000000100001c39 movq %rax, %rdi
0000000100001c3c callq *%rcx
0000000100001c3e cmpq -0x178(%rbp), %rax
0000000100001c45 je 0x100001c69
0000000100001c4b movq $0x0, -0x138(%rbp)
0000000100001c56 movq -0x138(%rbp), %rax
0000000100001c5d movq %rax, -0x130(%rbp)
0000000100001c64 jmp 0x100001cb2
0000000100001c69 jmp 0x100001c6e
0000000100001c6e movq -0x158(%rbp), %rax
0000000100001c75 movq %rax, -0x110(%rbp)
0000000100001c7c movq $0x0, -0x118(%rbp)
0000000100001c87 movq -0x110(%rbp), %rax
0000000100001c8e movq 0x18(%rax), %rcx
0000000100001c92 movq %rcx, -0x120(%rbp)
0000000100001c99 movq -0x118(%rbp), %rcx
0000000100001ca0 movq %rcx, 0x18(%rax)
0000000100001ca4 movq -0x138(%rbp), %rax
0000000100001cab movq %rax, -0x130(%rbp)
0000000100001cb2 movq -0x130(%rbp), %rax
0000000100001cb9 addq $0x1e0, %rsp ## imm = 0x1E0
0000000100001cc0 popq %rbp
0000000100001cc1 retq
0000000100001cc2 movq -0x198(%rbp), %rdi
0000000100001cc9 callq 0x100001d82
0000000100001cce nop
___clang_call_terminate:
0000000100001cd0 pushq %rbp
0000000100001cd1 movq %rsp, %rbp
0000000100001cd4 subq $0x10, %rsp
0000000100001cd8 callq 0x100001d76
0000000100001cdd movq %rax, -0x8(%rbp)
0000000100001ce1 callq 0x100001d70
0000000100001ce6 nopw %cs:(%rax,%rax)
__ZNSt3__111char_traitsIcE11eq_int_typeEii:
0000000100001cf0 pushq %rbp
0000000100001cf1 movq %rsp, %rbp
0000000100001cf4 movl �i, -0x4(%rbp)
0000000100001cf7 movl %esi, -0x8(%rbp)
0000000100001cfa movl -0x4(%rbp), %esi
0000000100001cfd cmpl -0x8(%rbp), %esi
0000000100001d00 sete %al
0000000100001d03 andb $0x1, %al
0000000100001d05 movzbl %al, �x
0000000100001d08 popq %rbp
0000000100001d09 retq
0000000100001d0a nopw (%rax,%rax)
__ZNSt3__111char_traitsIcE3eofEv:
0000000100001d10 pushq %rbp
0000000100001d11 movq %rsp, %rbp
0000000100001d14 movl $0xffffffff, �x ## imm = 0xFFFFFFFF
0000000100001d19 popq %rbp
0000000100001d1a retq
otool -v -L AppPath可以用来显示引用库
/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 120.1.0)
time stamp 2 Thu Jan 1 08:00:02 1970
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1225.1.1)
time stamp 2 Thu Jan 1 08:00:02 1970
nm -nm AppPath用来显示符号
(undefined) external __Unwind_Resume (from libSystem)
(undefined) external __ZNKSt3__16locale9use_facetERNS0_2idE (from libc++)
(undefined) external __ZNKSt3__18ios_base6getlocEv (from libc++)
(undefined) external __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6__initEmc (from libc++)
(undefined) external __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev (from libc++)
(undefined) external __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ (from libc++)
(undefined) external __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev (from libc++)
(undefined) external __ZNSt3__14coutE (from libc++)
(undefined) external __ZNSt3__15ctypeIcE2idE (from libc++)
(undefined) external __ZNSt3__16localeD1Ev (from libc++)
(undefined) external __ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv (from libc++)
(undefined) external __ZNSt3__18ios_base5clearEj (from libc++)
(undefined) external __ZSt9terminatev (from libc++)
(undefined) external ___cxa_begin_catch (from libc++)
(undefined) external ___cxa_end_catch (from libc++)
(undefined) external ___error (from libSystem)
(undefined) external ___gxx_personality_v0 (from libc++)
(undefined) external _closedir (from libSystem)
(undefined) external _dirfd (from libSystem)
(undefined) external _fstat$INODE64 (from libSystem)
(undefined) external _opendir$INODE64 (from libSystem)
(undefined) external _readdir$INODE64 (from libSystem)
(undefined) external _stat$INODE64 (from libSystem)
(undefined) external _strlen (from libSystem)
(undefined) external dyld_stub_binder (from libSystem)
0000000100000000 (__TEXT,__text) [referenced dynamically] external __mh_execute_header
0000000100001060 (__TEXT,__text) external __Z16file_interestingPK6dirent
00000001000010d0 (__TEXT,__text) external __Z9print_dirPKcS0_
00000001000012e0 (__TEXT,__text) external _main
0000000100001320 (__TEXT,__text) non-external (was a private external) __ZNSt3__1lsINS_11char_traitsIcEEEERNS_13basic_ostreamIcT_EES6_PKc
0000000100001370 (__TEXT,__text) non-external (was a private external) __ZNSt3__124__put_character_sequenceIcNS_11char_traitsIcEEEERNS_13basic_ostreamIT_T0_EES7_PKS4_m
00000001000017c0 (__TEXT,__text) non-external (was a private external) __ZNSt3__111char_traitsIcE6lengthEPKc
00000001000017e0 (__TEXT,__text) non-external (was a private external) __ZNSt3__116__pad_and_outputIcNS_11char_traitsIcEEEENS_19ostreambuf_iteratorIT_T0_EES6_PKS4_S8_S8_RNS_8ios_baseES4_
0000000100001cd0 (__TEXT,__text) non-external (was a private external) ___clang_call_terminate
0000000100001cf0 (__TEXT,__text) non-external (was a private external) __ZNSt3__111char_traitsIcE11eq_int_typeEii
0000000100001d10 (__TEXT,__text) non-external (was a private external) __ZNSt3__111char_traitsIcE3eofEv
0000000100001e9c (__TEXT,__gcc_except_tab) non-external GCC_except_table4
0000000100001f24 (__TEXT,__gcc_except_tab) non-external GCC_except_table6
设置DYLD_PRINT_LIBRARIES可以使dyld输出加载信息,我还没有试过,有空研究Symbol的时候继续试