Common uses include analyzing the output of high-level programming language compilers and their optimizations, recovering source code when the original is lost, performing malware analysis, modifying software (such as binary patching), and software cracking.
Additionally, CPUs often allow dynamic jumps computed at runtime, which makes it impossible to identify all possible locations in the binary that might be executed as instructions.
Encryption, packing, or obfuscation are often applied to computer programs, especially as part of digital rights management to deter reverse engineering and cracking.
These techniques pose additional challenges for disassembly, as the code must first be unpacked or decrypted before meaningful analysis can begin.
The disassembled code will then be updated and displayed instantly, allowing the user to analyze it and make further changes during the same session.
[1] A dynamic disassembler can be integrated into the output of an emulator or hypervisor to trace the real-time execution of machine instructions, displaying them line-by-line.