IDA的反编译F5有时会报错 positive sp value has been found
原因是检测到sp被打乱了.
在菜单 Option->通用->选中 显示 stack pointer
__text:0000000102742C0C 060 ADD SP, SP, #0x743
__text:0000000102742C10 -6E3 MOV W8, #0x25F7
__text:0000000102742C14 -6E3 MOVK W8, #0x8CA2,LSL#16
__text:0000000102742C18 -6E3 STUR W8, [X29,#var_20]
__text:0000000102742C1C -6E3 B loc_102742CAC
选中ADD SP, SP这行,右键菜单change stack pointer之后
把值改成
改成0即,按确定,ida刷新之后可以看到sp值变成一样的了.
也就是说__text:0000000102742C0C 060 ADD SP, SP, #0x743这行代码破坏了平衡
The graph is too big (more than 1000 nodes) to be displayed on the screen.
Switching to text mode.
(you can change this limit in the graph options dialog)