1e41f4b71Sopenharmony_ci# Disassembler反汇编工具 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci## 简介 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ciDisassembler是ArkTS反汇编工具,如果开发者需要分析方舟字节码文件(\*.abc)相关问题,可使用Disassembler将字节数据反汇编成可阅读的汇编指令。 6e41f4b71Sopenharmony_ci 7e41f4b71Sopenharmony_ci工具随DevEco Studio SDK发布,以windows平台为例,Disassembler工具位置为:[DevEco Studio安装目录]\sdk\[SDK版本]\openharmony\toolchains\ark_disasm.exe。 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci## 命令行说明 10e41f4b71Sopenharmony_ci 11e41f4b71Sopenharmony_ci反汇编命令: 12e41f4b71Sopenharmony_ci 13e41f4b71Sopenharmony_ci``` 14e41f4b71Sopenharmony_ciark_disasm.exe [options] input_file output_file 15e41f4b71Sopenharmony_ci``` 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci参数说明: 18e41f4b71Sopenharmony_ci 19e41f4b71Sopenharmony_ci| 参数 | 是否可缺省 | 描述 | 20e41f4b71Sopenharmony_ci| -------- | -------- | -------- | 21e41f4b71Sopenharmony_ci| [options] | 可缺省 | 命令选项,详见下文options选项说明。 | 22e41f4b71Sopenharmony_ci| input_file | 不可缺省 | 待反汇编的方舟字节码文件路径。 | 23e41f4b71Sopenharmony_ci| output_file | 不可缺省 | 反汇编内容的输出文件路径。 | 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_cioptions选项说明: 26e41f4b71Sopenharmony_ci 27e41f4b71Sopenharmony_ci| 选项 | 是否可缺省 | 是否存在入参 | 描述 | 28e41f4b71Sopenharmony_ci| -------- | -------- | -------- | -------- | 29e41f4b71Sopenharmony_ci| --debug | 可缺省 | 不带参数 | 使能输出调试信息,默认输出到屏幕。 | 30e41f4b71Sopenharmony_ci| --debug-file | 可缺省 | 带参数 | 如果使能了--debug,指定调试信息的输出文件。 | 31e41f4b71Sopenharmony_ci| --help | 可缺省 | 不带参数 | 打印帮助提示。 | 32e41f4b71Sopenharmony_ci| --skip-string-literals | 可缺省 | 不带参数 | 跳过对字符串字面量的反汇编。 | 33e41f4b71Sopenharmony_ci| --quiet | 可缺省 | 不带参数 | 使能所有'--skip-'开头的选项。 | 34e41f4b71Sopenharmony_ci| --verbose | 可缺省 | 不带参数 | 使能输出额外信息(字节位置、方舟字节码格式、操作码)。 | 35e41f4b71Sopenharmony_ci| --version | 可缺省 | 不带参数 | 显示配套方舟字节码文件版本号以及最低支持的方舟字节码文件版本。 | 36e41f4b71Sopenharmony_ci 37e41f4b71Sopenharmony_ci## 使用示例 38e41f4b71Sopenharmony_ci 39e41f4b71Sopenharmony_ci假设已存在方舟字节码文件:test.abc,其源代码如下: 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci``` 42e41f4b71Sopenharmony_cilet i = 99; 43e41f4b71Sopenharmony_cifunction show(){return i;} 44e41f4b71Sopenharmony_cishow(); 45e41f4b71Sopenharmony_ci``` 46e41f4b71Sopenharmony_ci 47e41f4b71Sopenharmony_ci 48e41f4b71Sopenharmony_ci执行如下命令,就能生成反汇编文件:test.txt。生成的反汇编文件内带有操作码及格式等信息。 49e41f4b71Sopenharmony_ci 50e41f4b71Sopenharmony_ci``` 51e41f4b71Sopenharmony_ciark_disasm.exe test.abc test.txt 52e41f4b71Sopenharmony_ci``` 53e41f4b71Sopenharmony_ci 54e41f4b71Sopenharmony_ci查看反汇编文件的内容。 55e41f4b71Sopenharmony_ci 56e41f4b71Sopenharmony_ci 57e41f4b71Sopenharmony_ci``` 58e41f4b71Sopenharmony_cicat test.txt 59e41f4b71Sopenharmony_ci``` 60e41f4b71Sopenharmony_ci 61e41f4b71Sopenharmony_ci内容如下 62e41f4b71Sopenharmony_ci 63e41f4b71Sopenharmony_ci``` 64e41f4b71Sopenharmony_ci# source binary: test.abc // 反汇编的方舟字节码文件 65e41f4b71Sopenharmony_ci 66e41f4b71Sopenharmony_ci.language ECMAScript 67e41f4b71Sopenharmony_ci 68e41f4b71Sopenharmony_ci# ==================== 69e41f4b71Sopenharmony_ci# LITERALS // 字面量数据 70e41f4b71Sopenharmony_ci 71e41f4b71Sopenharmony_ci0 0x203 { 0 [ 72e41f4b71Sopenharmony_ci MODULE_REQUEST_ARRAY: { 73e41f4b71Sopenharmony_ci }; 74e41f4b71Sopenharmony_ci]} 75e41f4b71Sopenharmony_ci 76e41f4b71Sopenharmony_ci# ==================== 77e41f4b71Sopenharmony_ci# RECORDS // 模块定义数据 78e41f4b71Sopenharmony_ci 79e41f4b71Sopenharmony_ci.record _ESConcurrentModuleRequestsAnnotation { // _开头这些都是固定的模块数据 80e41f4b71Sopenharmony_ci} 81e41f4b71Sopenharmony_ci 82e41f4b71Sopenharmony_ci.record test { // 一个js文件对应一个模块数据,包含了模块的相关信息(在方舟字节码文件中的位置,是否是commonjs ...) 83e41f4b71Sopenharmony_ci u8 isCommonjs = 0x0 84e41f4b71Sopenharmony_ci u32 moduleRecordIdx = 0x203 85e41f4b71Sopenharmony_ci ...... 86e41f4b71Sopenharmony_ci} 87e41f4b71Sopenharmony_ci 88e41f4b71Sopenharmony_ci# ==================== 89e41f4b71Sopenharmony_ci# METHODS // 方法定义数据 90e41f4b71Sopenharmony_ci 91e41f4b71Sopenharmony_ciL_ESSlotNumberAnnotation: 92e41f4b71Sopenharmony_ci u32 slotNumberIdx { 0x0 } 93e41f4b71Sopenharmony_ci.function any test.#*#show(any a0, any a1, any a2) <static> { // 此方法源码中的show方法,同时这里也说明了,它属于test模块 94e41f4b71Sopenharmony_ci ldlexvar 0x0, 0x0 95e41f4b71Sopenharmony_ci ...... 96e41f4b71Sopenharmony_ci} 97e41f4b71Sopenharmony_ci 98e41f4b71Sopenharmony_ciL_ESSlotNumberAnnotation: 99e41f4b71Sopenharmony_ci u32 slotNumberIdx { 0x3 } 100e41f4b71Sopenharmony_ci.function any test.func_main_0(any a0, any a1, any a2) <static> { // 此方法是自动生成的,可以理解成整个js文件就是一个方法,方法名为func_main_0 101e41f4b71Sopenharmony_ci newlexenv 0x1 102e41f4b71Sopenharmony_ci ...... 103e41f4b71Sopenharmony_ci} 104e41f4b71Sopenharmony_ci 105e41f4b71Sopenharmony_ci# ==================== 106e41f4b71Sopenharmony_ci# STRING // 符号表信息 107e41f4b71Sopenharmony_ci 108e41f4b71Sopenharmony_ci[offset:0x88, name_value:i] 109e41f4b71Sopenharmony_ci``` 110e41f4b71Sopenharmony_ci 111e41f4b71Sopenharmony_ci使用参数--verbose,可打印偏移量等更多详细信息。 112e41f4b71Sopenharmony_ci 113e41f4b71Sopenharmony_ci 114e41f4b71Sopenharmony_ci``` 115e41f4b71Sopenharmony_ciark_disasm.exe --verbose test.abc test.txt 116e41f4b71Sopenharmony_ci``` 117e41f4b71Sopenharmony_ci 118e41f4b71Sopenharmony_ci此处列出部分示例。 119e41f4b71Sopenharmony_ci 120e41f4b71Sopenharmony_ci``` 121e41f4b71Sopenharmony_ci.record _ESSlotNumberAnnotation { # offset: 0x00cd, size: 0x0026 (38) // 这里打印了模块在方舟字节码文件中具体的位置和大小 122e41f4b71Sopenharmony_ci} 123e41f4b71Sopenharmony_ci 124e41f4b71Sopenharmony_ci.record test { # offset: 0x00f3, size: 0x0098 (152) // 这里打印了模块在方舟字节码文件中具体的位置 125e41f4b71Sopenharmony_ci u32 moduleRecordIdx = 0x203 # offset: 0x0144 // 这里打印了模块信息的位置 126e41f4b71Sopenharmony_ci} 127e41f4b71Sopenharmony_ci...... 128e41f4b71Sopenharmony_ci.function any test.#*#show(any a0, any a1, any a2) <static> { # offset: 0x0153, code offset: 0x0245 // 这里打印了方法信息具体的位置和方法中指令的具体位置 129e41f4b71Sopenharmony_ci# CODE: 130e41f4b71Sopenharmony_ci ldlexvar 0x0, 0x0 # offset: 0x0249, [IMM4_IMM4].........[0x3c 0x00] // 这里打印了每条指令的具体位置 131e41f4b71Sopenharmony_ci ...... 132e41f4b71Sopenharmony_ci} 133e41f4b71Sopenharmony_ci``` 134