[*] Binary protection state of ir
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function system tear down of ir
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ir @ 0x4018bc */
| #include <stdint.h>
|
; (fcn) method.ScheduleIR.Start_int__int__bool_ () | void method_ScheduleIR_Start_int_int_bool_ () {
| /* ScheduleIR::Start(int, int, bool) */
0x004018bc lui gp, 2 |
0x004018c0 addiu gp, gp, -0x688c |
0x004018c4 addu gp, gp, t9 | gp += t9;
0x004018c8 addiu sp, sp, -0x1060 |
0x004018cc sw ra, 0x105c(sp) | *(var_105ch) = ra;
0x004018d0 sw fp, 0x1058(sp) | *(var_1058h) = fp;
0x004018d4 sw s1, 0x1054(sp) | *(var_1054h) = s1;
0x004018d8 sw s0, 0x1050(sp) | *(var_1050h) = s0;
0x004018dc move fp, sp | fp = sp;
0x004018e0 sw gp, 0x10(sp) | *(var_10h) = gp;
0x004018e4 sw a0, 0x24(fp) | *(arg_24h) = a0;
0x004018e8 sw a1, 0x20(fp) | *(arg_20h) = a1;
0x004018ec sw a2, 0x1c(fp) | *(arg_1ch) = a2;
0x004018f0 move t8, a3 | t8 = a3;
0x004018f4 sb t8, 0x18(fp) | *(arg_18h) = t8;
0x004018f8 lw t8, -0x7f38(gp) | t8 = *((gp - 8142));
0x004018fc lw t8, (t8) | t8 = *(t8);
0x00401900 sw t8, 0x104c(fp) | *(arg_104ch) = t8;
0x00401904 addiu t8, fp, 0x34 | t8 = fp + 0x34;
0x00401908 move a0, t8 | a0 = t8;
0x0040190c lw t8, -0x7fb4(gp) | t8 = *(gp);
0x00401910 move t9, t8 | t9 = t8;
0x00401914 jalr t9 | t9 ();
0x00401918 nop |
0x0040191c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401920 addiu t8, fp, 0x34 | t8 = fp + 0x34;
0x00401924 move a0, t8 | a0 = t8;
0x00401928 lw t8, -0x7fd4(gp) | t8 = *(gp);
| /* str.Rule11 */
0x0040192c addiu a1, t8, 0x2080 | a1 = t8 + 0x2080;
0x00401930 move a2, zero | a2 = 0;
0x00401934 lw t8, -0x7f88(gp) | t8 = *(gp);
0x00401938 move t9, t8 | t9 = t8;
0x0040193c jalr t9 | t9 ();
0x00401940 nop |
0x00401944 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401948 addiu t8, fp, 0x34 | t8 = fp + 0x34;
0x0040194c move a0, t8 | a0 = t8;
0x00401950 lw t8, -0x7fd4(gp) | t8 = *(gp);
| /* str.Etag */
0x00401954 addiu a1, t8, 0x2088 | a1 = t8 + 0x2088;
0x00401958 lw t8, -0x7f70(gp) | t8 = *(gp);
0x0040195c move t9, t8 | t9 = t8;
0x00401960 jalr t9 | t9 ();
0x00401964 nop |
0x00401968 lw gp, 0x10(fp) | gp = *(arg_10h);
0x0040196c move t8, v0 | t8 = v0;
0x00401970 sw t8, 0x2c(fp) | *(arg_2ch) = t8;
0x00401974 lbu t8, 0x18(fp) | t8 = *(arg_18h);
| if (t8 != 0) {
0x00401978 beqz t8, 0x4019a4 |
0x0040197c nop |
0x00401980 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401984 lw v0, 4(t8) | v0 = *((t8 + 1));
0x00401988 lw t8, 0x2c(fp) | t8 = *(arg_2ch);
| if (v0 == t8) {
0x0040198c beq v0, t8, 0x4019a4 | goto label_0;
| }
0x00401990 nop |
0x00401994 move s0, zero | s0 = 0;
0x00401998 move s1, zero | s1 = 0;
0x0040199c b 0x4019a8 | goto label_1;
0x004019a0 nop |
| }
| label_0:
0x004019a4 addiu s1, zero, 1 | s1 = 1;
| label_1:
0x004019a8 addiu t8, fp, 0x34 | t8 = fp + 0x34;
0x004019ac move a0, t8 | a0 = t8;
0x004019b0 lw t8, -0x7f78(gp) | t8 = sym.imp.TinyDB::TinyDB__;
0x004019b4 move t9, t8 | t9 = t8;
0x004019b8 jalr t9 | t9 ();
0x004019bc nop |
0x004019c0 lw gp, 0x10(fp) | gp = *(arg_10h);
0x004019c4 addiu t8, zero, 1 | t8 = 1;
| if (s1 == t8) {
0x004019c8 bne s1, t8, 0x401a94 |
0x004019cc nop |
0x004019d0 nop |
0x004019d4 lbu t8, 0x18(fp) | t8 = *(arg_18h);
| if (t8 != 0) {
0x004019d8 beqz t8, 0x401a08 |
0x004019dc nop |
0x004019e0 lw t8, -0x7fd4(gp) | t8 = *(gp);
| /* str.send_cmd_watchdog_650 */
0x004019e4 addiu a0, t8, 0x2090 | a0 = t8 + 0x2090;
0x004019e8 lw t8, -0x7f3c(gp) | t8 = sym.imp.system
0x004019ec move t9, t8 | t9 = t8;
0x004019f0 jalr t9 | t9 ();
0x004019f4 nop |
0x004019f8 lw gp, 0x10(fp) | gp = *(arg_10h);
0x004019fc move s0, zero | s0 = 0;
0x00401a00 b 0x401a94 | goto label_2;
0x00401a04 nop |
| }
0x00401a08 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401a0c lbu t8, (t8) | t8 = *(t8);
| if (t8 != 0) {
0x00401a10 beqz t8, 0x401a24 |
0x00401a14 nop |
0x00401a18 addiu s0, zero, 1 | s0 = 1;
0x00401a1c b 0x401a94 | goto label_2;
0x00401a20 nop |
| }
0x00401a24 lw t8, -0x7fd4(gp) | t8 = *(gp);
| /* str.send_cmd_watchdog_651 */
0x00401a28 addiu a0, t8, 0x20a8 | a0 = t8 + 0x20a8;
0x00401a2c lw t8, -0x7f3c(gp) | t8 = sym.imp.system
0x00401a30 move t9, t8 | t9 = t8;
0x00401a34 jalr t9 | t9 ();
0x00401a38 nop |
0x00401a3c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401a40 lw a0, -0x7f6c(gp) | a0 = *((gp - 8155));
0x00401a44 lw t8, -0x7fd4(gp) | t8 = *(gp);
| /* str.day_mode */
0x00401a48 addiu a1, t8, 0x20c0 | a1 = t8 + 0x20c0;
0x00401a4c lw t8, -0x7f58(gp) | t8 = *(gp);
0x00401a50 move t9, t8 | t9 = t8;
0x00401a54 jalr t9 | t9 ();
0x00401a58 nop |
0x00401a5c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401a60 move t8, v0 | t8 = v0;
0x00401a64 move a0, t8 | a0 = t8;
0x00401a68 lw a1, -0x7f90(gp) | a1 = *((gp - 8164));
0x00401a6c lw t8, -0x7f84(gp) | t8 = *(gp);
0x00401a70 move t9, t8 | t9 = t8;
0x00401a74 jalr t9 | t9 ();
0x00401a78 nop |
0x00401a7c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401a80 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401a84 addiu v0, zero, 1 | v0 = 1;
0x00401a88 sb v0, (t8) | *(t8) = v0;
0x00401a8c lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401a90 lbu s0, (t8) | s0 = *(t8);
| }
| label_2:
0x00401a94 move t8, s0 | t8 = s0;
0x00401a98 move v0, t8 | v0 = t8;
0x00401a9c lw t8, -0x7f38(gp) | t8 = *((gp - 8142));
0x00401aa0 lw v1, 0x104c(fp) | v1 = *(arg_104ch);
0x00401aa4 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00401aa8 beq v1, t8, 0x401bfc |
0x00401aac nop |
0x00401ab0 b 0x401bec | goto label_3;
0x00401ab4 nop |
| label_3:
0x00401bec lw t8, -0x7f60(gp) | t8 = sym.imp.__stack_chk_fail;
0x00401bf0 move t9, t8 | t9 = t8;
0x00401bf4 jalr t9 | t9 ();
0x00401bf8 nop |
| }
0x00401bfc move sp, fp |
0x00401c00 lw ra, 0x105c(sp) | ra = *(var_105ch);
0x00401c04 lw fp, 0x1058(sp) | fp = *(var_1058h);
0x00401c08 lw s1, 0x1054(sp) | s1 = *(var_1054h);
0x00401c0c lw s0, 0x1050(sp) | s0 = *(var_1050h);
0x00401c10 addiu sp, sp, 0x1060 |
0x00401c14 jr ra | return v1;
0x00401c18 nop |
| }
[*] Function system used 3 times ir
