What is block function blocks in the previous article? Describes the disassembly implementation of block function blocks defined in a function, and I have repeatedly pointed out that __block variables and block function blocks are both stack-based and not entirely suitable for use outside the scope of defining them, including asynchronous callbacks. This post on my manual reverse function
Libsystem_blocks.dylib ' _block_copy_internal. From the name can be seen blocks programming system-provided programming framework, _block_copy_internal is the block function blocks copy method, is to make block function blocks suitable for asynchronous callback necessary operation.
Nsstackblock the inverse of the definition, please refer to the previous article "What is block function blocks?" , the following is the inverse C + + code for the function:
Attach a snapshot of the disassembly fragment that is referenced by the reverse:
Libsystem_blocks.dylib '_block_copy_internal:0x10ce28458 <+0: Pushq%rbp 0x10ce28459 <+1: Movq%rsp,%RBP 0x10ce2845c <+4: Pushq%r15 0x10ce2845e <+6: Pushq%r14 0x10ce28460 <+8: Pushq%r13 0x10ce28462 <+Ten: Pushq%r12 0x10ce28464 <+ A: Pushq%rbx 0x10ce28465 <+ -: Pushq%rax 0x10ce28466 <+ -: Movq%rdi,%RBX 0x10ce28469 <+ -: Xorl%eax,%eax 0x10ce2846b <+ +: Testq%rbx,%RBX 0x10ce2846e <+ A:JE0x10ce28534;<+220>0x10ce28474 <+ -: Leaq 0x8 (%RBX),%RCX 0x10ce28478 <+ +: Testl $0x1000000, 0x8 (%RBX) 0x10ce2847f <+ the:jne0x10ce284db;<+131>0x10ce28481 <+ A: Testl $0x8000000, (%RCX) 0x10ce28487 <+ -:jne0x10ce284f8;<+160>0x10ce28489 <+ the: Testl $0x10000000, (%RCX) 0x10ce2848f <+ -:jne0x10ce28531;<+217>0x10ce28495 <+ A: Movb 0xbad (%rip),%al;ISGC0x10ce2849b <+ the: Testb%al,%al 0x10ce2849d <+ the:JE0x10ce28543;<+235>0X10CE284A3 <+ the: Movl 0x8 (%RBX),%r13d 0x10ce284a7 <+ -: Movl%r13d,%r12d 0x10ce284aa <+ the: Andl $0x4000000,%r12d 0x10ce284b1 <+ the: Movq 0xb48 (%rip),%R8;_block_allocator0x10ce284b8 <+ the: Movq 0x18 (%RBX),%rax 0X10CE284BC <+ -: Movq 0x8 (%rax),%rdi 0x10ce284c0 <+104: Movb $0x1,%dl 0x10ce284c2 <+106:jne0x10ce285b8;<+352>0x10ce284c8 <+ the: Testl $0x40000000, (%RCX) 0x10ce284ce <+118:jne0x10ce285a2;<+330>0x10ce284d4 <+124: Xorl%edx,%edx 0x10ce284d6 <+126:jmp0x10ce285b8;<+352>0x10ce284db <+131: Movl (%RCX),%eax 0X10CE284DD <+133: Movl%eax,%edx 0x10ce284df <+135: Andl $0xfffe,%edx 0x10ce284e5 <+141: Cmpl $0xfffe,%edx 0x10ce284eb <+147:JE0x10ce28531;<+217>0x10ce284ed <+149: Leal 0x2 (%rax),%edx 0x10ce284f0 <+ the:Lock0x10ce284f1 <+153: Cmpxchgl%edx, (%RCX) 0x10ce284f4 <+156:jne0x10ce284db;<+131>0x10ce284f6 <+158:jmp0x10ce28531;<+217>0x10ce284f8 <+ the: Testb%sil,%sil 0x10ce284fb <+163:JE0x10ce28531;<+217>0X10CE284FD <+165: Movl (%RCX),%eax 0x10ce284ff <+167: Movl%eax,%edx 0x10ce28501 <+169: Andl $0xfffe,%edx 0x10ce28507 <+175: Cmpl $0xfffe,%edx 0x10ce2850d <+181:JE0x10ce28531;<+217>0x10ce2850f <+183: Leal 0x2 (%rax),%edx 0x10ce28512 <+186:Lock0x10ce28513 <+187: Cmpxchgl%edx, (%RCX) 0x10ce28516 <+ the:jne0x10ce284fd;<+165>0x10ce28518 <+192: Andl $0xfffe,%edx 0x10ce2851e <+198: Cmpl $0x2,%edx 0x10ce28521 <+201:jne0x10ce28531;<+217>0x10ce28523 <+203: Movl $0x1,%esi 0x10ce28528 <+208: Movq%rbx,%rdi 0x10ce2852b <+211: Callq *0xae7 (%rip);_block_sethasrefcount0x10ce28531 <+217: Movq%rbx,%rax 0x10ce28534 <+ -: Addq $0x8,%rsp 0x10ce28538 <+224: Popq%rbx 0x10ce28539 <+225: Popq%r12 0x10ce2853b <+227: Popq%r13 0x10ce2853d <+229: Popq%r14 0x10ce2853f <+231: Popq%r15 0x10ce28541 <+233: Popq%rbp 0x10ce28542 <+234: retq 0x10ce28543 <+235: Movq 0x18 (%RBX),%r15 0x10ce28547 <+239: Movq 0x8 (%R15),%rdi 0x10ce2854b <+243: Callq 0x10ce28b34;symbol stub For:malloc0x10ce28550 <+248: Movq%rax,%r14 0x10ce28553 <+251: Xorl%eax,%eax 0x10ce28555 <+253: Testq%r14,%r14 0x10ce28558 <+ the:JE0x10ce28534;<+220>0x10ce2855a <+258: Movq 0x8 (%R15),%RDX 0x10ce2855e <+262: Movq%r14,%rdi 0x10ce28561 <+265: Movq%rbx,%rsi 0x10ce28564 <+268: Callq 0x10ce28b52;symbol stub for:memmove0x10ce28569 <+273: Andl $0xffff0000, 0x8 (%r14) 0x10ce28571 <+281: Orl $0x1000002, 0x8 (%r14) 0x10ce28579 <+289: Leaq 0xbd0 (%rip),%rax;_nsconcretemallocblock0x10ce28580 <+296: Movq%rax, (%r14) 0x10ce28583 <+299: Testl $0x2000000, 0x8 (%RBX) 0x10ce2858a <+306:JE0x10ce28629;<+465>0x10ce28590 <+312: Movq 0x18 (%RBX),%rax 0x10ce28594 <+ the: Movq%r14,%rdi 0x10ce28597 <+319: Movq%rbx,%rsi 0x10ce2859a <+322: Callq *0x10 (%rax) 0x10ce2859d <+325:jmp0x10ce28629;<+465>0X10CE285A2 <+ the: Leaq 0x10 (%rax),%RDX 0x10ce285a6 <+334: Testl $0x2000000, (%RCX) 0x10ce285ac <+340: Cmoveq%rax,%RDX 0x10ce285b0 <+344: Cmpq $0x0, 0x18 (%RDX) 0x10ce285b5 <+349:Setne%dl 0x10ce285b8 <+352: Movzbl%sil,%r15d 0X10CE285BC <+356: Movzbl%dl,%edx 0x10ce285bf <+359: Movl%r15d,%esi 0x10ce285c2 <+362: callq *%r8 0x10ce285c5 <+365: Movq%rax,%r14 0x10ce285c8 <+368: Xorl%eax,%eax 0x10ce285ca <+370: Testq%r14,%r14 0x10ce285cd <+373:JE0x10ce28534;<+220>0x10ce285d3 <+379: Movq 0x18 (%RBX),%rax 0x10ce285d7 <+383: Movq 0x8 (%rax),%RDX 0x10ce285db <+387: Movq%r14,%rdi 0x10ce285de <+390: Movq%rbx,%rsi 0x10ce285e1 <+393: Callq 0x10ce28b52;symbol stub for:memmove0x10ce285e6 <+398: Andl $0xf6ff0000,%r13d 0x10ce285ed <+405: Addl%r15d,%r15d 0x10ce285f0 <+408: Orl%r13d,%r15d 0x10ce285f3 <+411: Orl $0x8000000,%r15d 0x10ce285fa <+418: Movl%r15d, 0x8 (%r14) 0x10ce285fe <+422: Testl $0x2000000, 0x8 (%RBX) 0x10ce28605 <+429:JE0x10ce28614;<+444>0x10ce28607 <+431: Movq 0x18 (%RBX),%rax 0x10ce2860b <+435: Movq%r14,%rdi 0x10ce2860e <+438: Movq%rbx,%rsi 0x10ce28611 <+441: Callq *0x10 (%rax) 0x10ce28614 <+444: Testl%r12d,%r12d 0x10ce28617 <+447: Leaq 0xc32 (%rip),%rax;_nsconcreteautoblock0X10CE2861E <+454: Cmovneq 0x19ea (%rip),%rax;(void *) 0x000000010ce29350: _nsconcretefinalizingblock0x10ce28626 <+462: Movq%rax, (%r14) 0x10ce28629 <+465: Movq%r14,%rax 0x10ce2862c <+468:jmp0x10ce28534;<+220>
PS: Blog Park image Server is not working properly, the data after uploading the server back to Http500, Park Fang Slow, delay has not been resolved. Take a placehoder here first. After the garden side to solve the problem again.
OBJC disassembly analysis, manual reverse Libsystem_blocks.dylib