[*] Binary protection state of dstack
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function printf tear down of dstack
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/dstack @ 0x1190 */
| #include <stdint.h>
|
; (fcn) fcn.00001190 () | void fcn_00001190 () {
0x00001190 lui gp, 2 |
0x00001194 addiu gp, gp, -0x6180 |
0x00001198 addu gp, gp, t9 | gp += t9;
0x0000119c addiu sp, sp, -0x30 |
0x000011a0 lw t9, -0x7fc8(gp) | t9 = sym.prog_vm_lookup;
0x000011a4 sw gp, 0x18(sp) | *(var_18h) = gp;
0x000011a8 sw s1, 0x28(sp) | *(var_28h) = s1;
0x000011ac sw ra, 0x2c(sp) | *(var_2ch) = ra;
0x000011b0 sw s0, 0x24(sp) | *(var_24h) = s0;
0x000011b4 move s1, a1 | s1 = a1;
0x000011b8 bal 0x1a48 | sym_prog_vm_lookup ();
0x000011bc lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x000011c0 beqz v0, 0x11d8 |
0x000011c4 move s0, v0 | s0 = v0;
0x000011c8 lw v0, 0x10(v0) | v0 = *((v0 + 4));
0x000011cc andi v0, v0, 4 | v0 &= 4;
0x000011d0 lw a3, (s0) | a3 = *(s0);
| if (v0 == 0) {
0x000011d4 bnel v0, zero, 0x11ec | goto label_0;
| }
| }
0x000011d8 lw ra, 0x2c(sp) | ra = *(var_2ch);
0x000011dc lw s1, 0x28(sp) | s1 = *(var_28h);
0x000011e0 lw s0, 0x24(sp) | s0 = *(var_24h);
0x000011e4 addiu sp, sp, 0x30 |
0x000011e8 jr ra | return v0;
| label_0:
0x000011ec lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x000011f0 lw v0, 0x18(s0) | v0 = *((s0 + 6));
0x000011f4 lw t9, -0x7f54(gp) | t9 = sym.imp.__printf_chk
0x000011f8 subu a3, s1, a3 | __asm ("subu a3, s1, a3");
0x000011fc move a2, s1 | a2 = s1;
0x00001200 addiu a1, a1, 0x269c | a1 += str._lx__lx__s_;
0x00001204 addiu a0, zero, 1 | a0 = 1;
0x00001208 sw v0, 0x10(sp) | *(var_10h) = v0;
0x0000120c jalr t9 | t9 ();
0x00001210 lw gp, 0x18(sp) | gp = *(var_18h);
0x00001214 move a1, s1 | a1 = s1;
0x00001218 lw t9, -0x7fc4(gp) | t9 = sym.prog_sym_lookup;
0x0000121c move a0, s0 | a0 = s0;
0x00001220 bal 0x1ab0 | sym_prog_sym_lookup ();
0x00001224 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00001228 beqz v0, 0x1248 | goto label_1;
| }
0x0000122c lw a0, 0xc(v0) | a0 = *((v0 + 3));
0x00001230 lw t9, -0x7f24(gp) | t9 = sym.imp.puts;
| do {
0x00001234 lw ra, 0x2c(sp) | ra = *(var_2ch);
0x00001238 lw s1, 0x28(sp) | s1 = *(var_28h);
0x0000123c lw s0, 0x24(sp) | s0 = *(var_24h);
0x00001240 addiu sp, sp, 0x30 |
0x00001244 jr t9 | t9 ();
| label_1:
0x00001248 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x0000124c lw t9, -0x7f24(gp) | t9 = sym.imp.puts;
0x00001250 addiu a0, a0, 0x26a8 | a0 += str.unknown;
0x00001254 b 0x1234 |
| } while (1);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/dstack @ 0xec0 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
| /* [13] -r-x section size 5424 named .text */
0x00000ec0 lui gp, 2 |
0x00000ec4 addiu gp, gp, -0x5eb0 |
0x00000ec8 addu gp, gp, t9 | gp += t9;
0x00000ecc addiu sp, sp, -0x38 |
0x00000ed0 lw t9, -0x7ee4(gp) | t9 = sym.imp.elf_version;
0x00000ed4 sw gp, 0x10(sp) | *(var_10h) = gp;
0x00000ed8 sw ra, 0x34(sp) | *(var_34h) = ra;
0x00000edc sw s2, 0x24(sp) | *(var_24h) = s2;
0x00000ee0 sw s1, 0x20(sp) | *(var_20h) = s1;
0x00000ee4 sw s5, 0x30(sp) | *(var_30h) = s5;
0x00000ee8 move s1, a0 | s1 = a0;
0x00000eec sw s4, 0x2c(sp) | *(var_2ch) = s4;
0x00000ef0 addiu a0, zero, 1 | a0 = 1;
0x00000ef4 sw s3, 0x28(sp) | *(var_28h) = s3;
0x00000ef8 sw s0, 0x1c(sp) | *(var_1ch) = s0;
0x00000efc move s2, a1 | s2 = a1;
0x00000f00 jalr t9 | t9 ();
0x00000f04 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000f08 move a1, s2 | a1 = s2;
0x00000f0c move a0, s1 | a0 = s1;
0x00000f10 lw a2, -0x7fdc(gp) | a2 = *((gp - 8183));
0x00000f14 lw t9, -0x7f44(gp) | t9 = sym.imp.getopt;
0x00000f18 addiu a2, a2, 0x26ec | a2 += 0x26ec;
0x00000f1c jalr t9 | t9 ();
0x00000f20 addiu v1, zero, -1 | v1 = -1;
0x00000f24 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != v1) {
0x00000f28 bne v0, v1, 0xff4 | goto label_1;
| }
0x00000f2c lw v0, -0x7f00(gp) | v0 = *((gp - 8128));
0x00000f30 lw s0, (v0) | s0 = *(v0);
0x00000f34 slt v0, s0, s1 | v0 = (s0 < s1) ? 1 : 0;
0x00000f38 lw s5, -0x7fdc(gp) | s5 = *((gp - 8183));
| if (v0 == 0) {
0x00000f3c beqz v0, 0xfb0 | goto label_2;
| }
0x00000f40 sll s0, s0, 2 | s0 <<= 2;
0x00000f44 sll s1, s1, 2 | s1 <<= 2;
0x00000f48 addu s0, s2, s0 | s0 = s2 + s0;
0x00000f4c addiu s3, zero, -1 | s3 = -1;
0x00000f50 addu s2, s2, s1 | s2 += s1;
0x00000f54 addiu s4, zero, 0x22 | s4 = 0x22;
0x00000f58 addiu s5, s5, 0x2688 | s5 += str.pid__s_not_found._n;
0x00000f5c lw t9, -0x7f38(gp) | t9 = sym.imp.strtoul;
| do {
0x00000f60 lw a0, (s0) | a0 = *(s0);
0x00000f64 move a2, zero | a2 = 0;
0x00000f68 move a1, zero | a1 = 0;
0x00000f6c jalr t9 | t9 ();
0x00000f70 move s1, v0 | s1 = v0;
0x00000f74 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s3) {
0x00000f78 bne v0, s3, 0xf94 |
0x00000f7c lw t9, -0x7f4c(gp) | t9 = sym.imp.__errno_location;
0x00000f80 jalr t9 | t9 ();
0x00000f84 nop |
0x00000f88 lw v0, (v0) | v0 = *(v0);
0x00000f8c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s4) {
0x00000f90 beq v0, s4, 0xfd8 | goto label_3;
| }
| }
0x00000f94 lw t9, -0x7fd8(gp) | t9 = sym.backtrace_pid;
0x00000f98 move a0, s1 | a0 = s1;
0x00000f9c bal 0x1258 | sym_backtrace_pid ();
0x00000fa0 lw gp, 0x10(sp) | gp = *(var_10h);
| label_0:
0x00000fa4 addiu s0, s0, 4 | s0 += 4;
0x00000fa8 lw t9, -0x7f38(gp) | t9 = sym.imp.strtoul;
0x00000fac bne s0, s2, 0xf60 |
| } while (s0 != s2);
| label_2:
0x00000fb0 lw ra, 0x34(sp) | ra = *(var_34h);
0x00000fb4 lw s5, 0x30(sp) | s5 = *(var_30h);
0x00000fb8 lw s4, 0x2c(sp) | s4 = *(var_2ch);
0x00000fbc lw s3, 0x28(sp) | s3 = *(var_28h);
0x00000fc0 lw s2, 0x24(sp) | s2 = *(var_24h);
0x00000fc4 lw s1, 0x20(sp) | s1 = *(var_20h);
0x00000fc8 lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00000fcc move v0, zero | v0 = 0;
0x00000fd0 addiu sp, sp, 0x38 |
0x00000fd4 jr ra | return v0;
| label_3:
0x00000fd8 lw t9, -0x7f54(gp) | t9 = sym.imp.__printf_chk
0x00000fdc lw a2, (s0) | a2 = *(s0);
0x00000fe0 move a1, s5 | a1 = s5;
0x00000fe4 addiu a0, zero, 1 | a0 = 1;
0x00000fe8 jalr t9 | t9 ();
0x00000fec lw gp, 0x10(sp) | gp = *(var_10h);
0x00000ff0 b 0xfa4 | goto label_0;
| label_1:
0x00000ff4 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x00000ff8 lw t9, -0x7f24(gp) | t9 = sym.imp.puts;
0x00000ffc addiu a0, a0, 0x2658 | a0 += str.dstack_0.1_ndstack__options__pids..._n_n_h_thelp;
0x00001000 jalr t9 | t9 ();
0x00001004 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001008 lw t9, -0x7f2c(gp) | t9 = sym.imp.exit;
0x0000100c addiu a0, zero, 1 | a0 = 1;
0x00001010 jalr t9 | t9 ();
0x00001014 nop |
0x00001018 nop |
0x0000101c nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/dstack @ 0x1258 */
| #include <stdint.h>
|
; (fcn) sym.backtrace_pid () | void backtrace_pid () {
0x00001258 lui gp, 2 |
0x0000125c addiu gp, gp, -0x6248 |
0x00001260 addu gp, gp, t9 | gp += t9;
0x00001264 addiu sp, sp, -0x40 |
0x00001268 lw t9, -0x7fc0(gp) | t9 = sym.prog_init;
0x0000126c sw gp, 0x10(sp) | *(var_10h) = gp;
0x00001270 sw s2, 0x24(sp) | *(var_24h) = s2;
0x00001274 sw ra, 0x3c(sp) | *(var_3ch) = ra;
0x00001278 sw s7, 0x38(sp) | *(var_38h) = s7;
0x0000127c sw s6, 0x34(sp) | *(var_34h) = s6;
0x00001280 sw s5, 0x30(sp) | *(var_30h) = s5;
0x00001284 sw s4, 0x2c(sp) | *(var_2ch) = s4;
0x00001288 sw s3, 0x28(sp) | *(var_28h) = s3;
0x0000128c sw s1, 0x20(sp) | *(var_20h) = s1;
0x00001290 sw s0, 0x1c(sp) | *(var_1ch) = s0;
0x00001294 move s2, a0 | s2 = a0;
0x00001298 bal 0x1700 | sym_prog_init ();
0x0000129c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == 0) {
0x000012a0 beqz v0, 0x1444 | goto label_3;
| }
0x000012a4 lw t9, -0x7fbc(gp) | t9 = sym.prog_elf_update;
0x000012a8 move a0, v0 | a0 = v0;
0x000012ac move s1, v0 | s1 = v0;
0x000012b0 bal 0x19dc | sym_prog_elf_update ();
0x000012b4 lw gp, 0x10(sp) | gp = *(var_10h);
0x000012b8 lw t9, -0x7fb8(gp) | t9 = sym.trace_attach;
0x000012bc move a0, s2 | a0 = s2;
0x000012c0 bal 0x14d0 | sym_trace_attach ();
0x000012c4 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x000012c8 beqz v0, 0x12f8 |
0x000012cc lw ra, 0x3c(sp) | ra = *(var_3ch);
0x000012d0 lw s7, 0x38(sp) | s7 = *(var_38h);
0x000012d4 lw s6, 0x34(sp) | s6 = *(var_34h);
0x000012d8 lw s5, 0x30(sp) | s5 = *(var_30h);
0x000012dc lw s4, 0x2c(sp) | s4 = *(var_2ch);
0x000012e0 lw s3, 0x28(sp) | s3 = *(var_28h);
0x000012e4 lw s2, 0x24(sp) | s2 = *(var_24h);
0x000012e8 lw s1, 0x20(sp) | s1 = *(var_20h);
0x000012ec lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x000012f0 addiu sp, sp, 0x40 |
0x000012f4 jr ra | return v0;
| }
0x000012f8 lw t9, -0x7fb4(gp) | t9 = sym.trace_sp;
0x000012fc move a0, s2 | a0 = s2;
0x00001300 bal 0x1e84 | sym_trace_sp ();
0x00001304 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001308 move a0, s2 | a0 = s2;
0x0000130c lw t9, -0x7fb0(gp) | t9 = sym.trace_pc;
0x00001310 move s0, v0 | s0 = v0;
0x00001314 bal 0x1e60 | sym_trace_pc ();
0x00001318 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000131c move s3, v0 | s3 = v0;
0x00001320 move a2, s2 | a2 = s2;
0x00001324 lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x00001328 lw t9, -0x7f54(gp) | t9 = sym.imp.__printf_chk
0x0000132c addiu a1, a1, 0x26c8 | a1 += str.backtrace_of_pid__lu_n;
0x00001330 addiu a0, zero, 1 | a0 = 1;
0x00001334 jalr t9 | t9 ();
0x00001338 lw gp, 0x10(sp) | gp = *(var_10h);
| if (s3 != 0) {
0x0000133c bnez s3, 0x14b4 | goto label_4;
| }
| label_2:
0x00001340 lw t9, -0x7fac(gp) | t9 = sym.arch_has_linkreg;
0x00001344 bal 0x1ea8 | sym_arch_has_linkreg ();
0x00001348 nop |
0x0000134c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00001350 bnez v0, 0x1484 | goto label_5;
| }
| label_1:
0x00001354 lw s3, -0x7fdc(gp) | s3 = *((gp - 8183));
0x00001358 addiu s6, zero, 3 | s6 = 3;
0x0000135c addiu s4, zero, -1 | s4 = -1;
0x00001360 addiu s5, zero, 5 | s5 = 5;
0x00001364 addiu s3, s3, 0x1190 | s3 += fcn.00001190;
0x00001368 b 0x13c8 | goto label_6;
| label_0:
0x0000136c lw v0, 0x10(v0) | v0 = *((v0 + 4));
0x00001370 andi v0, v0, 3 | v0 &= 3;
0x00001374 lw t9, -0x7fa8(gp) | t9 = sym.trace_detach;
| if (v0 == s6) {
0x00001378 bnel v0, s6, 0x1404 | goto label_7;
| }
0x0000137c lw t9, -0x7fa4(gp) | t9 = sym.trace_peek;
0x00001380 move a1, s0 | a1 = s0;
| do {
0x00001384 move a0, s2 | a0 = s2;
0x00001388 bal 0x15b0 | sym_trace_peek ();
0x0000138c lw gp, 0x10(sp) | gp = *(var_10h);
0x00001390 move s7, v0 | s7 = v0;
0x00001394 lw t9, -0x7f4c(gp) | t9 = sym.imp.__errno_location;
| if (v0 == s4) {
0x00001398 bne v0, s4, 0x13b0 |
0x0000139c jalr t9 | t9 ();
0x000013a0 nop |
0x000013a4 lw v0, (v0) | v0 = *(v0);
0x000013a8 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s5) {
0x000013ac beq v0, s5, 0x1400 | goto label_8;
| }
| }
0x000013b0 move a1, s7 | a1 = s7;
0x000013b4 move t9, s3 | t9 = s3;
0x000013b8 move a0, s1 | a0 = s1;
0x000013bc bal 0x1190 | fcn_00001190 ();
0x000013c0 lw gp, 0x10(sp) | gp = *(var_10h);
0x000013c4 addiu s0, s0, 4 | s0 += 4;
| label_6:
0x000013c8 lw v0, 4(s1) | v0 = *((s1 + 1));
0x000013cc lw t9, -0x7fc8(gp) | t9 = sym.prog_vm_lookup;
0x000013d0 sltu v0, v0, s0 | v0 = (v0 < s0) ? 1 : 0;
0x000013d4 move a1, s0 | a1 = s0;
0x000013d8 move a0, s1 | a0 = s1;
| if (v0 == 0) {
0x000013dc beqz v0, 0x13f0 | goto label_9;
| }
0x000013e0 lw v0, 8(s1) | v0 = *((s1 + 2));
0x000013e4 sltu v0, s0, v0 | v0 = (s0 < v0) ? 1 : 0;
0x000013e8 lw t9, -0x7fa4(gp) | t9 = sym.trace_peek;
0x000013ec bnel v0, zero, 0x1384 |
| } while (v0 == 0);
| label_9:
0x000013f0 bal 0x1a48 | sym_prog_vm_lookup ();
0x000013f4 nop |
0x000013f8 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x000013fc bnez v0, 0x136c | goto label_0;
| }
| label_8:
0x00001400 lw t9, -0x7fa8(gp) | t9 = sym.trace_detach;
| label_7:
0x00001404 move a0, s2 | a0 = s2;
0x00001408 bal 0x158c | sym_trace_detach ();
0x0000140c lw gp, 0x10(sp) | gp = *(var_10h);
0x00001410 lw ra, 0x3c(sp) | ra = *(var_3ch);
0x00001414 lw s7, 0x38(sp) | s7 = *(var_38h);
0x00001418 lw s6, 0x34(sp) | s6 = *(var_34h);
0x0000141c lw s5, 0x30(sp) | s5 = *(var_30h);
0x00001420 lw s4, 0x2c(sp) | s4 = *(var_2ch);
0x00001424 lw s3, 0x28(sp) | s3 = *(var_28h);
0x00001428 lw s2, 0x24(sp) | s2 = *(var_24h);
0x0000142c lw s1, 0x20(sp) | s1 = *(var_20h);
0x00001430 lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00001434 lw t9, -0x7f48(gp) | t9 = sym.imp.putchar;
0x00001438 addiu a0, zero, 0xa | a0 = 0xa;
0x0000143c addiu sp, sp, 0x40 |
0x00001440 jr t9 | t9 ();
| label_3:
0x00001444 lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x00001448 lw ra, 0x3c(sp) | ra = *(var_3ch);
0x0000144c lw s7, 0x38(sp) | s7 = *(var_38h);
0x00001450 lw s6, 0x34(sp) | s6 = *(var_34h);
0x00001454 lw s5, 0x30(sp) | s5 = *(var_30h);
0x00001458 lw s4, 0x2c(sp) | s4 = *(var_2ch);
0x0000145c lw s3, 0x28(sp) | s3 = *(var_28h);
0x00001460 lw s1, 0x20(sp) | s1 = *(var_20h);
0x00001464 lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00001468 move a2, s2 | a2 = s2;
0x0000146c lw t9, -0x7f54(gp) | t9 = sym.imp.__printf_chk
0x00001470 lw s2, 0x24(sp) | s2 = *(var_24h);
0x00001474 addiu a1, a1, 0x26b0 | a1 += str.init_of_pid__d_failed_n;
0x00001478 addiu a0, zero, 1 | a0 = 1;
0x0000147c addiu sp, sp, 0x40 |
0x00001480 jr t9 | t9 ();
| label_5:
0x00001484 lw t9, -0x7fa0(gp) | t9 = sym.trace_lr;
0x00001488 move a0, s2 | a0 = s2;
0x0000148c bal 0x1eb0 | sym_trace_lr ();
0x00001490 lw gp, 0x10(sp) | gp = *(var_10h);
| if (s3 == v0) {
0x00001494 beq s3, v0, 0x1354 | goto label_1;
| }
0x00001498 lw t9, -0x7fdc(gp) | t9 = *((gp - 8183));
0x0000149c move a1, v0 | a1 = v0;
0x000014a0 addiu t9, t9, 0x1190 | t9 += fcn.00001190;
0x000014a4 move a0, s1 | a0 = s1;
0x000014a8 bal 0x1190 | fcn_00001190 ();
0x000014ac lw gp, 0x10(sp) | gp = *(var_10h);
0x000014b0 b 0x1354 | goto label_1;
| label_4:
0x000014b4 lw t9, -0x7fdc(gp) | t9 = *((gp - 8183));
0x000014b8 move a1, s3 | a1 = s3;
0x000014bc addiu t9, t9, 0x1190 | t9 += fcn.00001190;
0x000014c0 move a0, s1 | a0 = s1;
0x000014c4 bal 0x1190 | fcn_00001190 ();
0x000014c8 lw gp, 0x10(sp) | gp = *(var_10h);
0x000014cc b 0x1340 | goto label_2;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/dstack @ 0x1b00 */
| #include <stdint.h>
|
; (fcn) sym.elf_vmap_update () | void elf_vmap_update () {
0x00001b00 lui gp, 2 |
0x00001b04 addiu gp, gp, -0x6af0 |
0x00001b08 addu gp, gp, t9 | gp += t9;
0x00001b0c lw v0, -0x7ef8(gp) | v0 = *((gp - 8126));
0x00001b10 addiu sp, sp, -0xf0 |
0x00001b14 lw t9, -0x7f34(gp) | t9 = sym.imp.open;
0x00001b18 sw v0, 0x24(sp) | *(var_24h) = v0;
0x00001b1c lw v0, (v0) | v0 = *(v0);
0x00001b20 sw s4, 0xd8(sp) | *(var_d8h) = s4;
0x00001b24 move s4, a0 | s4 = a0;
0x00001b28 lw a0, 0x18(a0) | a0 = *((a0 + 6));
0x00001b2c sw gp, 0x10(sp) | *(var_10h) = gp;
0x00001b30 sw ra, 0xec(sp) | *(var_ech) = ra;
0x00001b34 sw fp, 0xe8(sp) | *(var_e8h) = fp;
0x00001b38 sw s7, 0xe4(sp) | *(var_e4h) = s7;
0x00001b3c sw s6, 0xe0(sp) | *(var_e0h) = s6;
0x00001b40 sw s5, 0xdc(sp) | *(var_dch) = s5;
0x00001b44 sw s3, 0xd4(sp) | *(var_d4h) = s3;
0x00001b48 sw s2, 0xd0(sp) | *(var_d0h) = s2;
0x00001b4c sw s1, 0xcc(sp) | *(var_cch) = s1;
0x00001b50 sw s0, 0xc8(sp) | *(var_c8h) = s0;
0x00001b54 move a1, zero | a1 = 0;
0x00001b58 sw v0, 0xc4(sp) | *(var_c4h) = v0;
0x00001b5c jalr t9 | t9 ();
0x00001b60 nop |
0x00001b64 sw v0, 0x20(sp) | *(var_20h) = v0;
0x00001b68 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 < 0) {
0x00001b6c bltz v0, 0x1e10 | goto label_7;
| }
0x00001b70 lw t9, -0x7f50(gp) | t9 = sym.imp.elf_begin;
0x00001b74 lw a0, 0x20(sp) | a0 = *(var_20h);
0x00001b78 move a2, zero | a2 = 0;
0x00001b7c addiu a1, zero, 1 | a1 = 1;
0x00001b80 jalr t9 | t9 ();
0x00001b84 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001b88 addiu a1, sp, 0x80 | a1 = sp + 0x80;
0x00001b8c move a0, v0 | a0 = v0;
0x00001b90 lw t9, -0x7ed4(gp) | t9 = sym.imp.gelf_getehdr;
0x00001b94 move s2, v0 | s2 = v0;
0x00001b98 jalr t9 | t9 ();
0x00001b9c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == 0) {
0x00001ba0 beqz v0, 0x1e24 | goto label_8;
| }
0x00001ba4 addiu v0, zero, -1 | v0 = -1;
0x00001ba8 sw zero, 0x1c(sp) | *(var_1ch) = 0;
0x00001bac sw v0, 0x18(sp) | *(var_18h) = v0;
0x00001bb0 move s0, zero | s0 = 0;
0x00001bb4 addiu s6, sp, 0x40 | s6 = sp + 0x40;
0x00001bb8 addiu s5, zero, 1 | s5 = 1;
0x00001bbc addiu fp, sp, 0x28 | fp = sp + 0x28;
| label_0:
0x00001bc0 lw t9, -0x7f58(gp) | t9 = sym.imp.elf_nextscn;
| do {
| label_3:
0x00001bc4 move a1, s0 | a1 = s0;
0x00001bc8 move a0, s2 | a0 = s2;
0x00001bcc jalr t9 | t9 ();
0x00001bd0 move s0, v0 | s0 = v0;
0x00001bd4 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == 0) {
0x00001bd8 beqz v0, 0x1d04 | goto label_9;
| }
| label_1:
0x00001bdc lw t9, -0x7ee0(gp) | t9 = sym.imp.gelf_getshdr;
0x00001be0 move a1, s6 | a1 = s6;
0x00001be4 move a0, s0 | a0 = s0;
0x00001be8 jalr t9 | t9 ();
0x00001bec lw v0, 0x44(sp) | v0 = *(var_44h);
0x00001bf0 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s5) {
0x00001bf4 beq v0, s5, 0x1db0 | goto label_10;
| }
0x00001bf8 addiu v1, zero, 0xb | v1 = 0xb;
0x00001bfc addiu v1, zero, 2 | v1 = 2;
| if (v0 == v1) {
0x00001c00 beq v0, v1, 0x1c0c | goto label_11;
| }
0x00001c04 lw t9, -0x7f58(gp) | t9 = sym.imp.elf_nextscn;
0x00001c08 bne v0, v1, 0x1bc4 |
| } while (v0 != v1);
| label_11:
0x00001c0c lw t9, -0x7f18(gp) | t9 = sym.imp.elf_getdata;
0x00001c10 move a1, zero | a1 = 0;
0x00001c14 move a0, s0 | a0 = s0;
0x00001c18 jalr t9 | t9 ();
0x00001c1c lw gp, 0x10(sp) | gp = *(var_10h);
0x00001c20 lw a2, 0x78(sp) | a2 = *(var_78h);
0x00001c24 lw a3, 0x7c(sp) | a3 = *(var_7ch);
0x00001c28 lw t9, -0x7f94(gp) | t9 = *(gp);
0x00001c2c lw a0, 0x60(sp) | a0 = *(var_60h);
0x00001c30 lw a1, 0x64(sp) | a1 = *(var_64h);
0x00001c34 move s3, v0 | s3 = v0;
0x00001c38 bal 0x1ee0 | fcn_00001ee0 ();
0x00001c3c move s1, v0 | s1 = v0;
0x00001c40 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 <= 0) {
0x00001c44 blez v0, 0x1bc0 | goto label_0;
| }
0x00001c48 move s7, zero | s7 = 0;
0x00001c4c lw t9, -0x7f08(gp) | t9 = sym.imp.gelf_getsym;
| do {
0x00001c50 move a2, fp | a2 = fp;
0x00001c54 move a1, s7 | a1 = s7;
0x00001c58 move a0, s3 | a0 = s3;
0x00001c5c jalr t9 | t9 ();
0x00001c60 lhu v0, 0x2e(sp) | v0 = *(var_2eh);
0x00001c64 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00001c68 beqz v0, 0x1cdc |
0x00001c6c lw v0, 0x38(sp) | v0 = *(var_38h);
0x00001c70 lw a0, 0x3c(sp) | a0 = *(var_3ch);
0x00001c74 or v0, v0, a0 | v0 |= a0;
| if (v0 == 0) {
0x00001c78 beql v0, zero, 0x1ce0 | goto label_12;
| }
0x00001c7c addiu s7, s7, 1 | s7++;
0x00001c80 lw t9, -0x7f0c(gp) | t9 = sym.imp.elf_strptr;
0x00001c84 lw a2, 0x28(sp) | a2 = *(var_28h);
0x00001c88 lw a1, 0x68(sp) | a1 = *(var_68h);
0x00001c8c move a0, s2 | a0 = s2;
0x00001c90 jalr t9 | t9 ();
0x00001c94 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == 0) {
0x00001c98 beqz v0, 0x1cdc | goto label_2;
| }
0x00001c9c lw a1, 0x30(sp) | a1 = *(var_30h);
0x00001ca0 lw a2, 0x38(sp) | a2 = *(var_38h);
0x00001ca4 lw t9, -0x7f90(gp) | t9 = sym.sym_new;
0x00001ca8 move a0, v0 | a0 = v0;
0x00001cac addu a2, a1, a2 | a2 = a1 + a2;
0x00001cb0 bal 0x15e0 | sym_sym_new ();
0x00001cb4 lw a0, 0x14(s4) | a0 = *((s4 + 5));
0x00001cb8 lw gp, 0x10(sp) | gp = *(var_10h);
| if (a0 != 0) {
0x00001cbc beqz a0, 0x1cd4 |
0x00001cc0 lw a3, (v0) | a3 = *(v0);
0x00001cc4 lw a1, (a0) | a1 = *(a0);
0x00001cc8 sltu a1, a3, a1 | a1 = (a3 < a1) ? 1 : 0;
| if (a1 == 0) {
0x00001ccc beql a1, zero, 0x1d9c | goto label_13;
| }
0x00001cd0 lw a1, 0x10(a0) | a1 = *((a0 + 4));
| }
0x00001cd4 sw a0, 0x10(v0) | *((v0 + 4)) = a0;
0x00001cd8 sw v0, 0x14(s4) | *((s4 + 5)) = v0;
| }
| label_2:
0x00001cdc addiu s7, s7, 1 | s7++;
| label_12:
0x00001ce0 lw t9, -0x7f08(gp) | t9 = sym.imp.gelf_getsym;
0x00001ce4 bne s1, s7, 0x1c50 |
| } while (s1 != s7);
0x00001ce8 lw t9, -0x7f58(gp) | t9 = sym.imp.elf_nextscn;
0x00001cec move a1, s0 | a1 = s0;
0x00001cf0 move a0, s2 | a0 = s2;
0x00001cf4 jalr t9 | t9 ();
0x00001cf8 move s0, v0 | s0 = v0;
0x00001cfc lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00001d00 bnez v0, 0x1bdc | goto label_1;
| }
| label_9:
0x00001d04 lhu v1, 0x90(sp) | v1 = *(var_90h);
0x00001d08 addiu v0, zero, 3 | v0 = 3;
| if (v1 == v0) {
0x00001d0c beql v1, v0, 0x1df0 | goto label_14;
| }
0x00001d10 lw v0, 4(s4) | v0 = *((s4 + 1));
| label_4:
0x00001d14 lw v0, 0x18(sp) | v0 = *(var_18h);
0x00001d18 sw v0, 4(s4) | *((s4 + 1)) = v0;
0x00001d1c lw v0, 0x1c(sp) | v0 = *(var_1ch);
0x00001d20 sw v0, 8(s4) | *((s4 + 2)) = v0;
| label_6:
0x00001d24 lw t9, -0x7f30(gp) | t9 = sym.imp.elf_end;
| if (s2 != 0) {
0x00001d28 beqz s2, 0x1d38 |
0x00001d2c move a0, s2 | a0 = s2;
0x00001d30 jalr t9 | t9 ();
0x00001d34 lw gp, 0x10(sp) | gp = *(var_10h);
| }
0x00001d38 lw t9, -0x7f70(gp) | t9 = sym.imp.close;
0x00001d3c lw a0, 0x20(sp) | a0 = *(var_20h);
0x00001d40 jalr t9 | t9 ();
0x00001d44 lw gp, 0x10(sp) | gp = *(var_10h);
| label_5:
0x00001d48 lw v0, 0x24(sp) | v0 = *(var_24h);
0x00001d4c lw v1, 0xc4(sp) | v1 = *(var_c4h);
0x00001d50 lw v0, (v0) | v0 = *(v0);
0x00001d54 lw ra, 0xec(sp) | ra = *(var_ech);
| if (v1 != v0) {
0x00001d58 bne v1, v0, 0x1e54 | goto label_15;
| }
0x00001d5c lw fp, 0xe8(sp) | fp = *(var_e8h);
0x00001d60 lw s7, 0xe4(sp) | s7 = *(var_e4h);
0x00001d64 lw s6, 0xe0(sp) | s6 = *(var_e0h);
0x00001d68 lw s5, 0xdc(sp) | s5 = *(var_dch);
0x00001d6c lw s4, 0xd8(sp) | s4 = *(var_d8h);
0x00001d70 lw s3, 0xd4(sp) | s3 = *(var_d4h);
0x00001d74 lw s2, 0xd0(sp) | s2 = *(var_d0h);
0x00001d78 lw s1, 0xcc(sp) | s1 = *(var_cch);
0x00001d7c lw s0, 0xc8(sp) | s0 = *(var_c8h);
0x00001d80 addiu sp, sp, 0xf0 |
0x00001d84 jr ra | return v0;
| do {
0x00001d88 sltu a2, a2, a3 | a2 = (a2 < a3) ? 1 : 0;
| if (a2 == 0) {
0x00001d8c beql a2, zero, 0x1da8 | goto label_16;
| }
0x00001d90 sw a1, 0x10(v0) | *((v0 + 4)) = a1;
0x00001d94 move a0, a1 | a0 = a1;
0x00001d98 lw a1, 0x10(a0) | a1 = *((a0 + 4));
| label_13:
0x00001d9c lw a2, (a1) | a2 = *(a1);
0x00001da0 bnel a1, zero, 0x1d88 |
| } while (a1 == 0);
0x00001da4 sw a1, 0x10(v0) | *((v0 + 4)) = a1;
| label_16:
0x00001da8 sw v0, 0x10(a0) | *((a0 + 4)) = v0;
0x00001dac b 0x1cdc | goto label_2;
| label_10:
0x00001db0 lw v0, 0x48(sp) | v0 = *(var_48h);
0x00001db4 andi v0, v0, 4 | v0 &= 4;
0x00001db8 lw t9, -0x7f58(gp) | t9 = sym.imp.elf_nextscn;
| if (v0 == 0) {
0x00001dbc beqz v0, 0x1bc4 | goto label_3;
| }
0x00001dc0 lw v1, 0x50(sp) | v1 = *(var_50h);
0x00001dc4 lw v0, 0x60(sp) | v0 = *(var_60h);
0x00001dc8 lw a2, 0x18(sp) | a2 = *(var_18h);
0x00001dcc lw a3, 0x1c(sp) | a3 = *(var_1ch);
0x00001dd0 addu v0, v1, v0 | v0 = v1 + v0;
0x00001dd4 sltu a1, v1, a2 | a1 = (v1 < a2) ? 1 : 0;
0x00001dd8 sltu a0, a3, v0 | a0 = (a3 < v0) ? 1 : 0;
| if (a1 == 0) {
0x00001ddc movn a2, v1, a1 | a2 = v1;
| }
| if (a0 == 0) {
0x00001de0 movn a3, v0, a0 | a3 = v0;
| }
0x00001de4 sw a2, 0x18(sp) | *(var_18h) = a2;
0x00001de8 sw a3, 0x1c(sp) | *(var_1ch) = a3;
0x00001dec b 0x1bc4 | goto label_3;
| label_14:
0x00001df0 lw v1, 0x18(sp) | v1 = *(var_18h);
0x00001df4 sw v0, (s4) | *(s4) = v0;
0x00001df8 addu v1, v1, v0 | v1 += v0;
0x00001dfc sw v1, 0x18(sp) | *(var_18h) = v1;
0x00001e00 lw v1, 0x1c(sp) | v1 = *(var_1ch);
0x00001e04 addu v0, v1, v0 | v0 = v1 + v0;
0x00001e08 sw v0, 0x1c(sp) | *(var_1ch) = v0;
0x00001e0c b 0x1d14 | goto label_4;
| label_7:
0x00001e10 lw t9, -0x7f10(gp) | t9 = sym.imp.perror;
0x00001e14 lw a0, 0x18(s4) | a0 = *((s4 + 6));
0x00001e18 jalr t9 | t9 ();
0x00001e1c lw gp, 0x10(sp) | gp = *(var_10h);
0x00001e20 b 0x1d48 | goto label_5;
| label_8:
0x00001e24 lw t9, -0x7f3c(gp) | t9 = sym.imp.elf_errmsg;
0x00001e28 addiu a0, zero, -1 | a0 = -1;
0x00001e2c jalr t9 | t9 ();
0x00001e30 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001e34 move a2, v0 | a2 = v0;
0x00001e38 addiu a0, zero, 1 | a0 = 1;
0x00001e3c lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x00001e40 lw t9, -0x7f54(gp) | t9 = sym.imp.__printf_chk
0x00001e44 addiu a1, a1, 0x274c | a1 += str.getehdr___failed:__s.;
0x00001e48 jalr t9 | t9 ();
0x00001e4c lw gp, 0x10(sp) | gp = *(var_10h);
0x00001e50 b 0x1d24 | goto label_6;
| label_15:
0x00001e54 lw t9, -0x7f04(gp) | t9 = sym.imp.__stack_chk_fail;
0x00001e58 jalr t9 | t9 ();
0x00001e5c nop |
| }
[*] Function printf used 6 times dstack
