Figure 10- 27 Inspect cross references
Refresh sending service? This name is very informative. Let’s head directly to
[CKPendingConversation refreshComposeSendingServiceForAddresses:withCompletionBlock:]
as shown in figure 10-28 for more details. In this method, sub_26984530 is obviously the 2nd
argument of refreshStatusForAddresses:withCompletionBlock:, namely the completionBlock, as
shown in figure 10-28.
Figure 10- 28 [CKPendingConversation refreshComposeSendingServiceForAddresses:withCompletionBlock:]Although sub_26984530 appears in this method, it just acts as an argument of
objc_msgSend, hence is not called directly. Well, who is the direct caller on earth? Actually,
we’ve already mastered the solution of such problems: reinput the address, set a breakpoint at
the beginning of sub_26984530 and then press “return” to trigger the breakpoint.
Process 30928 stopped
* thread #1: tid = 0x78d0, 0x30b36530 ChatKit`__86-[CKPendingConversation
refreshComposeSendingServiceForAddresses:withCompletionBlock:]_block_invoke, queue =
'com.apple.main-thread, stop reason = breakpoint 6.1
frame #0: 0x30b36530 ChatKit`__86-[CKPendingConversation
refreshComposeSendingServiceForAddresses:withCompletionBlock:]_block_invoke
ChatKit`__86-[CKPendingConversation
refreshComposeSendingServiceForAddresses:withCompletionBlock:]_block_invoke:
0x30b36530: push {r4, r5, r6, r7, lr}
0x30b36532: add r7, sp, #12
0x30b36534: push.w {r8, r10}
0x30b36538: sub sp, #4
(lldb) p/x $lr
(unsigned int) $38 = 0x30b364bb
LR without offset is 0x30b364bb - 0xa1b2000 = 0x269844BB. Locate it in IDA, as shown in
figure 10-29.