[*] Binary protection state of nandwrite
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of nandwrite
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x10be0 */
| #include <stdint.h>
|
; (fcn) fcn.00010be0 () | void fcn_00010be0 () {
| int32_t var_0h_2;
| int32_t var_50h;
| int32_t var_1b8h;
| int32_t var_0h;
| int32_t var_4h;
| /* [10] -r-x section size 18252 named .text */
0x00010be0 push {r0, r1, r2, lr} |
0x00010be4 bl 0x10b5c | errno_location ();
0x00010be8 ldr r5, [pc, 0x40] |
0x00010bec ldr r2, [pc, 0x40] | r2 = stderr;
0x00010bf0 ldr r1, [pc, 0x40] | r1 = "libmtd";
0x00010bf4 ldr r4, [r0] | r4 = *(r0);
0x00010bf8 ldr r0, [r5] | r0 = *(0x10c2c);
0x00010bfc bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5)
0x00010c00 mov r0, r4 | r0 = r4;
0x00010c04 ldr r5, [r5] | r5 = *(0x10c2c);
0x00010c08 bl 0x10a18 | strerror (r0);
0x00010c0c str r4, [sp] | *(sp) = r4;
0x00010c10 ldr r3, [pc, 0x24] | r3 = "_s:_error_:_out_of_memory";
0x00010c14 mov r2, 8 | r2 = 8;
0x00010c18 ldr r1, [pc, 0x20] | r1 = *(0x10c3c);
0x00010c1c str r0, [sp, 4] | var_4h = r0;
0x00010c20 mov r0, r5 | r0 = r5;
0x00010c24 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_out_of_memory", r4)
0x00010c28 mvn r0, 0 | r0 = ~0;
0x00010c2c bl 0x10b68 | exit (r0);
0x00010c30 ldrdeq r7, r8, [r2], -r0 | __asm ("ldrdeq r7, r8, [r2], -r0");
| if (? != ?) {
0x00010c34 muleq r1, sp, r0 | r1 = sp * r0;
| }
| if (? != ?) {
0x00010c38 andeq r5, r1, sl, asr 27 | r5 = r1 & (sl >> 27);
| }
| if (? != ?) {
0x00010c3c andeq r6, r1, r6, ror 3 | r6 = r1 & (r6 >>> 3);
| }
| /* Beware that this jump is a conditional jump.
| * r2dec transformed it as a return, due being the
| * last instruction. Please, check 'pdda' output
| * for more hints. */
0x00010c40 andeq r5, r1, r4, lsr fp | return r5 = r1 & (r4 >> fp);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x11d6c */
| #include <stdint.h>
|
; (fcn) fcn.00011d6c () | void fcn_00011d6c (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| char * * endptr;
| int32_t var_14h;
| r0 = arg1;
| r1 = arg2;
0x00011d6c push {r4, r5, r6, r7, lr} |
0x00011d70 sub sp, sp, 0x14 |
0x00011d74 mov r5, r1 | r5 = r1;
0x00011d78 mov r2, 0 | r2 = 0;
0x00011d7c add r1, sp, 0xc | r1 += endptr;
0x00011d80 mov r4, r0 | r4 = r0;
0x00011d84 bl 0x10a6c | strtoll (r0, r1, r2);
0x00011d88 ldrb r3, [r4] | r3 = *(r4);
0x00011d8c cmp r3, 0 |
0x00011d90 mov r6, r0 | r6 = r0;
0x00011d94 mov r7, r1 | r7 = r1;
| if (r3 != 0) {
0x00011d98 beq 0x11dac |
0x00011d9c ldr r3, [sp, 0xc] | r3 = endptr;
0x00011da0 ldrb r3, [r3] | r3 = *(r3);
0x00011da4 cmp r3, 0 |
| if (r3 == 0) {
0x00011da8 beq 0x11dd0 | goto label_0;
| }
| }
0x00011dac ldr r0, [pc, 0x2c] |
0x00011db0 str r4, [sp] | *(sp) = r4;
0x00011db4 ldr r3, [pc, 0x28] | r3 = stderr;
0x00011db8 ldr r2, [pc, 0x28] | r2 = "strtoll";
0x00011dbc ldr r1, [pc, 0x28] | r1 = "nandwrite";
0x00011dc0 ldr r0, [r0] | r0 = *(0x11ddc);
0x00011dc4 bl 0x10ab4 | fprintf (r0, "nandwrite", "strtoll", r3, r4)
0x00011dc8 mov r3, 1 | r3 = 1;
0x00011dcc str r3, [r5] | *(r5) = r3;
| label_0:
0x00011dd0 mov r0, r6 | r0 = r6;
0x00011dd4 mov r1, r7 | r1 = r7;
0x00011dd8 add sp, sp, 0x14 |
0x00011ddc pop {r4, r5, r6, r7, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x11df0 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.00011df0 () | void fcn_00011df0 (char * s) {
| int32_t var_120h;
| int32_t var_11ch;
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_18h_2;
| int32_t var_18h;
| r0 = s;
0x00011df0 push {r4, r5, r6, r7, r8, fp, lr} |
0x00011df4 add fp, sp, 0x18 |
0x00011df8 sub sp, sp, 0x114 |
0x00011dfc mov r5, r0 | r5 = r0;
0x00011e00 ldr r0, [r0, 0xc] | r0 = *((r0 + 0xc));
0x00011e04 bl 0x10b80 | r0 = strlen (r0);
0x00011e08 add r0, r0, 0x11 | r0 += 0x11;
0x00011e0c bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x00011e10 sub sp, sp, r0 |
0x00011e14 ldr r0, [r5] | r0 = *(r5);
0x00011e18 bl 0x10b2c | r0 = opendir ();
0x00011e1c subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x00011e20 addne r7, sp, 8 | r7 += var_8h;
| }
| if (r4 == r0) {
0x00011e24 ldrne r8, [pc, 0x1a0] | r8 = "mtd%d%s";
| }
| if (r4 != r0) {
0x00011e28 bne 0x11e84 | goto label_3;
| }
0x00011e2c bl 0x10b5c | r0 = errno_location ();
0x00011e30 ldr r6, [r0] | r6 = *(r0);
0x00011e34 cmp r6, 2 |
| if (r6 != 2) {
0x00011e38 streq r4, [r0] | *(r0) = r4;
| }
| if (r6 == 2) {
0x00011e3c beq 0x11edc | goto label_1;
| }
0x00011e40 ldr r4, [pc, 0x188] |
0x00011e44 ldr r3, [r5] | r3 = *(r5);
0x00011e48 ldr r2, [pc, 0x184] | r2 = stderr;
0x00011e4c ldr r1, [pc, 0x184] | r1 = "libmtd";
0x00011e50 ldr r0, [r4] | r0 = "mtd%d%s";
0x00011e54 bl 0x10ab4 | fprintf ("mtd%d%s", "libmtd", r2, r3, "mtd%d%s")
0x00011e58 mov r0, r6 | r0 = r6;
0x00011e5c ldr r4, [r4] | r4 = "mtd%d%s";
0x00011e60 bl 0x10a18 | strerror (r0);
0x00011e64 ldr r3, [pc, 0x170] | r3 = "_s:_error_:_cannot_open___s_";
0x00011e68 ldr r1, [pc, 0x170] | r1 = *(0x11fdc);
0x00011e6c mov r2, 8 | r2 = 8;
0x00011e70 str r6, [sp] | *(sp) = r6;
0x00011e74 str r0, [sp, 4] | var_4h = r0;
0x00011e78 mov r0, r4 | r0 = r4;
| label_0:
0x00011e7c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4, r5, r6)
0x00011e80 b 0x11ed8 |
| while (r0 != 1) {
| label_3:
0x00011e84 mov r0, r4 | r0 = r4;
0x00011e88 bl 0x10ae4 | r0 = readdir64 ();
0x00011e8c cmp r0, 0 |
| if (r0 == 0) {
0x00011e90 beq 0x11f60 | goto label_4;
| }
0x00011e94 add r6, r0, 0x13 | r6 = r0 + 0x13;
0x00011e98 mov r0, r6 | r0 = r6;
0x00011e9c bl 0x10b80 | r0 = strlen (r0);
0x00011ea0 cmp r0, 0xfe |
| if (r0 >= 0xfe) {
0x00011ea4 bls 0x11ee8 |
0x00011ea8 ldr r0, [pc, 0x120] |
0x00011eac str r6, [sp] | *(sp) = r6;
0x00011eb0 ldr r2, [pc, 0x11c] | r2 = stderr;
0x00011eb4 ldr r3, [r5] | r3 = *(r5);
0x00011eb8 ldr r1, [pc, 0x124] | r1 = "_serror__d___s_";
0x00011ebc ldr r0, [r0] | r0 = "mtd%d%s";
0x00011ec0 bl 0x10ab4 | r0 = fprintf ("mtd%d%s", "_serror__d___s_", r2, r3, r4, r5, r6)
0x00011ec4 bl 0x10b5c | errno_location ();
0x00011ec8 mov r3, 0x16 | r3 = 0x16;
0x00011ecc str r3, [r0] | *(r0) = r3;
0x00011ed0 mov r0, r4 | r0 = r4;
0x00011ed4 bl 0x10ba4 | closedir ();
0x00011ed8 mvn r4, 0 | r4 = ~0;
| label_1:
0x00011edc mov r0, r4 | r0 = r4;
0x00011ee0 sub sp, fp, 0x18 |
0x00011ee4 pop {r4, r5, r6, r7, r8, fp, pc} |
| }
0x00011ee8 sub r3, fp, 0x11c | r3 -= var_11ch;
0x00011eec sub r2, fp, 0x120 | r2 -= var_120h;
0x00011ef0 mov r1, r8 | r1 = r8;
0x00011ef4 mov r0, r6 | r0 = r6;
0x00011ef8 bl 0x10afc | r0 = sscanf (r0, r1, r2);
0x00011efc cmp r0, 1 |
0x00011f00 bne 0x11e84 |
| }
0x00011f04 ldr r6, [fp, -0x120] | r6 = var_120h;
| do {
0x00011f08 mov r0, r4 | r0 = r4;
0x00011f0c bl 0x10ba4 | r0 = closedir ();
0x00011f10 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x00011f14 beq 0x11f68 | goto label_5;
| }
0x00011f18 bl 0x10b5c | errno_location ();
0x00011f1c ldr r6, [pc, 0xac] | r6 = "mtd%d%s";
0x00011f20 ldr r3, [r5] | r3 = *(r5);
0x00011f24 ldr r2, [pc, 0xa8] | r2 = stderr;
0x00011f28 ldr r1, [pc, 0xb8] | r1 = "_s:_error_:_invalid_entry_in__s:___s_";
0x00011f2c ldr r4, [r0] | r4 = *(r0);
0x00011f30 ldr r0, [r6] | r0 = "mtd%d%s";
0x00011f34 bl 0x10ab4 | fprintf ("mtd%d%s", "_s:_error_:_invalid_entry_in__s:___s_", r2, r3, r4, r5, "mtd%d%s")
0x00011f38 ldr r5, [r6] | r5 = "mtd%d%s";
| label_2:
0x00011f3c mov r0, r4 | r0 = r4;
0x00011f40 bl 0x10a18 | strerror (r0);
0x00011f44 str r4, [sp] | *(sp) = r4;
0x00011f48 ldr r3, [pc, 0x8c] | r3 = "_s:_error_:_cannot_open___s_";
0x00011f4c mov r2, 8 | r2 = 8;
0x00011f50 ldr r1, [pc, 0x88] | r1 = *(0x11fdc);
0x00011f54 str r0, [sp, 4] | var_4h = r0;
0x00011f58 mov r0, r5 | r0 = r5;
0x00011f5c b 0x11e7c | goto label_0;
| label_4:
0x00011f60 mvn r6, 0 | r6 = ~0;
0x00011f64 b 0x11f08 |
| } while (1);
| label_5:
0x00011f68 cmn r6, 1 |
| if (r6 == 1) {
0x00011f6c beq 0x11edc | goto label_1;
| }
0x00011f70 mov r2, r6 | r2 = r6;
0x00011f74 ldr r1, [r5, 0xc] | r1 = *((r5 + 0xc));
0x00011f78 mov r0, r7 | r0 = r7;
0x00011f7c bl 0x10b44 | sprintf (r0, r1, r2);
0x00011f80 mov r1, 0x80000 | r1 = 0x80000;
0x00011f84 mov r0, r7 | r0 = r7;
0x00011f88 bl 0x10b20 | r0 = open64 ();
0x00011f8c cmn r0, 1 |
| if (r0 == 1) {
0x00011f90 beq 0x11edc | goto label_1;
| }
0x00011f94 bl 0x10bbc | r0 = close (r0);
0x00011f98 cmp r0, 0 |
| if (r0 == 0) {
0x00011f9c moveq r4, 1 | r4 = 1;
| goto label_6;
| }
| if (r0 == 0) {
| label_6:
0x00011fa0 beq 0x11edc | goto label_1;
| }
0x00011fa4 bl 0x10b5c | errno_location ();
0x00011fa8 ldr r5, [pc, 0x20] |
0x00011fac mov r3, r7 | r3 = r7;
0x00011fb0 ldr r2, [pc, 0x1c] | r2 = stderr;
0x00011fb4 ldr r1, [pc, 0x30] | r1 = "%s: error!: closedir failed on \"%s\"\n";
0x00011fb8 ldr r4, [r0] | r4 = *(r0);
0x00011fbc ldr r0, [r5] | r0 = "mtd%d%s";
0x00011fc0 bl 0x10ab4 | fprintf ("mtd%d%s", "%s: error!: closedir failed on \"%s\"\n", r2, r3, r4, "mtd%d%s")
0x00011fc4 ldr r5, [r5] | r5 = "mtd%d%s";
0x00011fc8 b 0x11f3c | goto label_2;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x11ff0 */
| #include <stdint.h>
|
; (fcn) fcn.00011ff0 () | void fcn_00011ff0 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| void * buf;
| int32_t var_10h;
| r0 = arg1;
| r1 = arg2;
0x00011ff0 push {r0, r1, r2, r3, r4, r5, r6, r7, r8, lr} |
0x00011ff4 mov r8, r1 | r8 = r1;
0x00011ff8 mov r1, 0x80000 | r1 = 0x80000;
0x00011ffc mov r5, r0 | r5 = r0;
0x00012000 mov r7, r2 | r7 = r2;
0x00012004 bl 0x10b20 | r0 = open64 ();
0x00012008 cmn r0, 1 |
0x0001200c mov r4, r0 | r4 = r0;
| if (r0 == 1) {
0x00012010 beq 0x12158 | goto label_2;
| }
0x00012014 mov r2, r7 | r2 = r7;
0x00012018 mov r1, r8 | r1 = r8;
0x0001201c bl 0x10ad8 | r0 = read (r0, r1, r2);
0x00012020 cmn r0, 1 |
0x00012024 mov r6, r0 | r6 = r0;
| if (r0 != 1) {
0x00012028 bne 0x12080 | goto label_3;
| }
| label_0:
0x0001202c bl 0x10b5c | errno_location ();
0x00012030 ldr r7, [pc, 0x12c] | r7 = *(0x12160);
0x00012034 mov r3, r5 | r3 = r5;
0x00012038 ldr r2, [pc, 0x128] | r2 = stderr;
0x0001203c ldr r1, [pc, 0x128] | r1 = "libmtd";
0x00012040 ldr r6, [r0] | r6 = *(r0);
0x00012044 ldr r0, [r7] | r0 = *(0x12160);
0x00012048 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x0001204c mov r0, r6 | r0 = r6;
0x00012050 ldr r5, [r7] | r5 = *(0x12160);
0x00012054 bl 0x10a18 | strerror (r0);
0x00012058 str r6, [sp] | *(sp) = r6;
0x0001205c ldr r3, [pc, 0x10c] | r3 = "_s:_error_:_cannot_read___s_";
0x00012060 mov r2, 8 | r2 = 8;
0x00012064 ldr r1, [pc, 0x108] | r1 = *(0x12170);
0x00012068 str r0, [sp, 4] | var_4h = r0;
0x0001206c mov r0, r5 | r0 = r5;
0x00012070 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4, r5, r6)
| do {
0x00012074 mov r0, r4 | r0 = r4;
0x00012078 bl 0x10bbc | close (r0);
0x0001207c b 0x12154 | goto label_4;
| label_3:
0x00012080 cmp r7, r0 |
| if (r7 != r0) {
0x00012084 bne 0x120b0 | goto label_5;
| }
0x00012088 ldr r0, [pc, 0xd4] |
0x0001208c mov r3, r5 | r3 = r5;
0x00012090 ldr r2, [pc, 0xd0] | r2 = stderr;
0x00012094 ldr r1, [pc, 0xdc] | r1 = "_serror__d___s_";
0x00012098 ldr r0, [r0] | r0 = *(0x12160);
0x0001209c bl 0x10ab4 | r0 = fprintf (r0, "_serror__d___s_", r2, r3)
| label_1:
0x000120a0 bl 0x10b5c | errno_location ();
0x000120a4 mov r3, 0x16 | r3 = 0x16;
0x000120a8 str r3, [r0] | *(r0) = r3;
0x000120ac b 0x12074 |
| } while (1);
| label_5:
0x000120b0 mov r3, 0 | r3 = 0;
0x000120b4 strb r3, [r8, r0] | *((r8 + r0)) = r3;
0x000120b8 mov r2, 1 | r2 = 1;
0x000120bc add r1, sp, 0xc | r1 += buf;
0x000120c0 mov r0, r4 | r0 = r4;
0x000120c4 bl 0x10ad8 | r0 = read (r0, r1, r2);
0x000120c8 cmp r0, 1 |
| if (r0 == 1) {
0x000120cc beq 0x1202c | goto label_0;
| }
0x000120d0 cmp r0, 0 |
| if (r0 != 0) {
0x000120d4 beq 0x120f8 |
0x000120d8 ldr r0, [pc, 0x84] |
0x000120dc str r7, [sp] | *(sp) = r7;
0x000120e0 mov r3, r5 | r3 = r5;
0x000120e4 ldr r2, [pc, 0x7c] | r2 = stderr;
0x000120e8 ldr r1, [pc, 0x8c] | r1 = "_s:_error_:_contents_of___s__is_too_long";
0x000120ec ldr r0, [r0] | r0 = *(0x12160);
0x000120f0 bl 0x10ab4 | fprintf (r0, "_s:_error_:_contents_of___s__is_too_long", r2, r3)
0x000120f4 b 0x120a0 | goto label_1;
| }
0x000120f8 mov r0, r4 | r0 = r4;
0x000120fc bl 0x10bbc | r0 = close (r0);
0x00012100 cmp r0, 0 |
| if (r0 != 0) {
0x00012104 moveq r4, r6 | r4 = r6;
| }
| if (r0 != 0) {
0x00012108 beq 0x12158 |
0x0001210c bl 0x10b5c | errno_location ();
0x00012110 ldr r6, [pc, 0x4c] | r6 = *(0x12160);
0x00012114 mov r3, r5 | r3 = r5;
0x00012118 ldr r2, [pc, 0x48] | r2 = stderr;
0x0001211c ldr r1, [pc, 0x5c] | r1 = "_s:_error_:_file___s__contains_too_much_data_____d_bytes_";
0x00012120 ldr r4, [r0] | r4 = *(r0);
0x00012124 ldr r0, [r6] | r0 = *(0x12160);
0x00012128 bl 0x10ab4 | fprintf (r0, "_s:_error_:_file___s__contains_too_much_data_____d_bytes_", r2, r3, r4, r5, r6)
0x0001212c mov r0, r4 | r0 = r4;
0x00012130 ldr r5, [r6] | r5 = *(0x12160);
0x00012134 bl 0x10a18 | strerror (r0);
0x00012138 str r4, [sp] | *(sp) = r4;
0x0001213c ldr r3, [pc, 0x2c] | r3 = "_s:_error_:_cannot_read___s_";
0x00012140 mov r2, 8 | r2 = 8;
0x00012144 ldr r1, [pc, 0x28] | r1 = *(0x12170);
0x00012148 str r0, [sp, 4] | var_4h = r0;
0x0001214c mov r0, r5 | r0 = r5;
0x00012150 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4)
| label_4:
0x00012154 mvn r4, 0 | r4 = ~0;
| }
| label_2:
0x00012158 mov r0, r4 | r0 = r4;
0x0001215c add sp, sp, 0x10 |
0x00012160 pop {r4, r5, r6, r7, r8, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x12184 */
| #include <stdint.h>
|
; (fcn) fcn.00012184 () | void fcn_00012184 (int32_t arg1, char * arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| char * buf;
| int32_t var_4ch;
| r0 = arg1;
| r1 = arg2;
0x00012184 push {r4, r5, r6, r7, lr} |
0x00012188 sub sp, sp, 0x4c |
0x0001218c mov r5, r0 | r5 = r0;
0x00012190 mov r2, 0x32 | r2 = 0x32;
0x00012194 mov r6, r1 | r6 = r1;
0x00012198 add r0, sp, 0x14 | r0 += buf;
0x0001219c mov r1, 0 | r1 = 0;
0x000121a0 bl 0x10b14 | memset (r0, r1, r2);
0x000121a4 mov r1, 0x80000 | r1 = 0x80000;
0x000121a8 mov r0, r5 | r0 = r5;
0x000121ac bl 0x10b20 | r0 = open64 ();
0x000121b0 cmn r0, 1 |
0x000121b4 mov r4, r0 | r4 = r0;
| if (r0 == 1) {
0x000121b8 beq 0x12304 | goto label_2;
| }
0x000121bc mov r2, 0x32 | r2 = 0x32;
0x000121c0 add r1, sp, 0x14 | r1 += buf;
0x000121c4 bl 0x10ad8 | r0 = read (r0, r1, r2);
0x000121c8 cmn r0, 1 |
| if (r0 != 1) {
0x000121cc bne 0x12224 | goto label_3;
| }
0x000121d0 bl 0x10b5c | errno_location ();
0x000121d4 ldr r7, [pc, 0x134] | r7 = *(0x1230c);
0x000121d8 mov r3, r5 | r3 = r5;
0x000121dc ldr r2, [pc, 0x130] | r2 = stderr;
0x000121e0 ldr r1, [pc, 0x130] | r1 = "libmtd";
0x000121e4 ldr r6, [r0] | r6 = *(r0);
0x000121e8 ldr r0, [r7] | r0 = *(0x1230c);
0x000121ec bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x000121f0 mov r0, r6 | r0 = r6;
0x000121f4 ldr r5, [r7] | r5 = *(0x1230c);
0x000121f8 bl 0x10a18 | strerror (r0);
0x000121fc str r6, [sp] | *(sp) = r6;
0x00012200 ldr r3, [pc, 0x114] | r3 = "_s:_error_:_cannot_read___s_";
0x00012204 mov r2, 8 | r2 = 8;
0x00012208 ldr r1, [pc, 0x110] | r1 = *(0x1231c);
0x0001220c str r0, [sp, 4] | var_4h = r0;
0x00012210 mov r0, r5 | r0 = r5;
0x00012214 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4, r5, r6)
| do {
0x00012218 mov r0, r4 | r0 = r4;
0x0001221c bl 0x10bbc | close (r0);
0x00012220 b 0x12300 | goto label_4;
| label_3:
0x00012224 cmp r0, 0x32 |
| if (r0 != 0x32) {
0x00012228 bne 0x12254 | goto label_5;
| }
0x0001222c ldr r2, [pc, 0xe0] | r2 = stderr;
0x00012230 ldr r1, [pc, 0xec] | r1 = "_serror__d___s_";
0x00012234 mov r3, r5 | r3 = r5;
| label_0:
0x00012238 ldr r0, [pc, 0xd0] |
0x0001223c ldr r0, [r0] | r0 = *(0x1230c);
0x00012240 bl 0x10ab4 | r0 = fprintf (r0, "_serror__d___s_", r2, r3)
| label_1:
0x00012244 bl 0x10b5c | errno_location ();
0x00012248 mov r3, 0x16 | r3 = 0x16;
0x0001224c str r3, [r0] | *(r0) = r3;
0x00012250 b 0x12218 |
| } while (1);
| label_5:
0x00012254 mov r2, r6 | r2 = r6;
0x00012258 ldr r1, [pc, 0xc8] | r1 = "_s:_error_:_contents_of___s__is_too_long";
0x0001225c add r0, sp, 0x14 | r0 += buf;
0x00012260 bl 0x10afc | r0 = sscanf (r0, "_s:_error_:_contents_of___s__is_too_long", r2);
0x00012264 cmp r0, 1 |
| if (r0 == 1) {
0x00012268 movne r3, r5 | r3 = r5;
| }
| if (r0 == 1) {
0x0001226c ldrne r2, [pc, 0xa0] | r2 = "libmtd";
| }
| if (r0 != 1) {
0x00012270 ldrne r1, [pc, 0xb4] | r1 = "%s: error!: cannot read integer from \"%s\"\n\n";
| goto label_6;
| }
| if (r0 != 1) {
| label_6:
0x00012274 bne 0x12238 | goto label_0;
| }
0x00012278 ldrd r2, r3, [r6] | __asm ("ldrd r2, r3, [r6]");
0x0001227c cmp r2, 0 |
0x00012280 sbcs r1, r3, 0 | __asm ("sbcs r1, r3, 0");
| if (r2 < 0) {
0x00012284 bge 0x122a8 |
0x00012288 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x0001228c ldr r3, [pc, 0x7c] | r3 = *(0x1230c);
0x00012290 str r5, [sp, 8] | var_8h = r5;
0x00012294 ldr r2, [pc, 0x78] | r2 = stderr;
0x00012298 ldr r1, [pc, 0x90] | r1 = "%s: error!: cannot read integer from \"%s\"\n\n";
0x0001229c ldr r0, [r3] | r0 = *(0x1230c);
0x000122a0 bl 0x10ab4 | fprintf (r0, "%s: error!: cannot read integer from \"%s\"\n\n", r2, r3, r4, r5)
0x000122a4 b 0x12244 | goto label_1;
| }
0x000122a8 mov r0, r4 | r0 = r4;
0x000122ac bl 0x10bbc | r0 = close (r0);
0x000122b0 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x000122b4 beq 0x12304 |
0x000122b8 bl 0x10b5c | errno_location ();
0x000122bc ldr r6, [pc, 0x4c] | r6 = *(0x1230c);
0x000122c0 mov r3, r5 | r3 = r5;
0x000122c4 ldr r2, [pc, 0x48] | r2 = stderr;
0x000122c8 ldr r1, [pc, 0x64] | r1 = "%s: error!: negative value %lld in \"%s\"\n";
0x000122cc ldr r4, [r0] | r4 = *(r0);
0x000122d0 ldr r0, [r6] | r0 = *(0x1230c);
0x000122d4 bl 0x10ab4 | fprintf (r0, "%s: error!: negative value %lld in \"%s\"\n", r2, r3, r4, r5, r6)
0x000122d8 mov r0, r4 | r0 = r4;
0x000122dc ldr r5, [r6] | r5 = *(0x1230c);
0x000122e0 bl 0x10a18 | strerror (r0);
0x000122e4 str r4, [sp] | *(sp) = r4;
0x000122e8 ldr r3, [pc, 0x2c] | r3 = "_s:_error_:_cannot_read___s_";
0x000122ec mov r2, 8 | r2 = 8;
0x000122f0 ldr r1, [pc, 0x28] | r1 = *(0x1231c);
0x000122f4 str r0, [sp, 4] | var_4h = r0;
0x000122f8 mov r0, r5 | r0 = r5;
0x000122fc bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4)
| label_4:
0x00012300 mvn r4, 0 | r4 = ~0;
| }
| label_2:
0x00012304 mov r0, r4 | r0 = r4;
0x00012308 add sp, sp, 0x4c |
0x0001230c pop {r4, r5, r6, r7, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x12338 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.00012338 () | void fcn_00012338 (int32_t arg1, int32_t arg2) {
| int32_t var_8h;
| char * s;
| int32_t var_1ch;
| int32_t var_14h_2;
| int32_t var_14h;
| r0 = arg1;
| r1 = arg2;
0x00012338 push {r4, r5, r6, r7, fp, lr} |
0x0001233c add fp, sp, 0x14 |
0x00012340 sub sp, sp, 0x18 |
0x00012344 mov r7, r1 | r7 = r1;
0x00012348 mov r6, r0 | r6 = r0;
0x0001234c mov r5, r2 | r5 = r2;
0x00012350 bl 0x10b80 | strlen (r0);
0x00012354 mov r2, r7 | r2 = r7;
0x00012358 mov r1, r6 | r1 = r6;
0x0001235c add r0, r0, 0x39 | r0 += 0x39;
0x00012360 bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x00012364 sub sp, sp, r0 |
0x00012368 add r4, sp, 0x10 | r4 += s;
0x0001236c mov r0, r4 | r0 = r4;
0x00012370 bl 0x10b44 | sprintf (r0, r1, r2);
0x00012374 sub r1, fp, 0x1c | r1 -= s;
0x00012378 mov r0, r4 | r0 = r4;
0x0001237c bl 0x12184 | r0 = fcn_00012184 (r0, r1);
0x00012380 cmp r0, 0 |
| if (r0 == 0) {
0x00012384 bne 0x123c4 |
0x00012388 ldrd r2, r3, [fp, -0x1c] | __asm ("ldrd r2, r3, [s]");
0x0001238c cmp r2, 0x80000000 |
0x00012390 sbcs r1, r3, 0 | __asm ("sbcs r1, r3, 0");
| if (r2 >= 0x80000000) {
0x00012394 strlt r2, [r5] | *(r5) = r2;
| }
| if (r2 < 0x80000000) {
0x00012398 blt 0x123c8 | goto label_0;
| }
0x0001239c strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x000123a0 ldr r3, [pc, 0x28] | r3 = *(0x123cc);
0x000123a4 str r4, [sp, 8] | var_8h = r4;
0x000123a8 ldr r2, [pc, 0x24] | r2 = stderr;
0x000123ac ldr r0, [r3] | r0 = *(0x123cc);
0x000123b0 ldr r1, [pc, 0x20] | r1 = "libmtd";
0x000123b4 bl 0x10ab4 | r0 = fprintf (r0, "libmtd", r2, r3, r4)
0x000123b8 bl 0x10b5c | errno_location ();
0x000123bc mov r3, 0x16 | r3 = 0x16;
0x000123c0 str r3, [r0] | *(r0) = r3;
| }
0x000123c4 mvn r0, 0 | r0 = ~0;
| label_0:
0x000123c8 sub sp, fp, 0x14 |
0x000123cc pop {r4, r5, r6, r7, fp, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x123dc */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.000123dc () | void fcn_000123dc (int32_t arg_78h, int32_t arg_80h, int32_t arg_84h, int32_t arg_88h, uint32_t request, uint32_t arg_90h, int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_14h;
| int32_t var_18h;
| int32_t var_24h;
| int32_t var_2ch;
| int32_t var_30h;
| int32_t var_34h;
| void * s;
| int32_t var_38h_2;
| int32_t var_44h;
| int32_t var_48h;
| int32_t var_4ch;
| int32_t var_54h;
| r0 = arg1;
| r1 = arg2;
0x000123dc push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000123e0 ldr r8, [pc, 0x2d0] | r8 = *(0x126b4);
0x000123e4 sub sp, sp, 0x54 |
0x000123e8 mov r4, r1 | r4 = r1;
0x000123ec mov r5, r0 | r5 = r0;
0x000123f0 mov r1, 0 | r1 = 0;
0x000123f4 mov sb, r2 | sb = r2;
0x000123f8 add r0, sp, 0x38 | r0 += s;
0x000123fc mov r2, 0x18 | r2 = 0x18;
0x00012400 ldrd sl, fp, [sp, 0x78] | __asm ("ldrd sl, fp, [arg_78h]");
0x00012404 bl 0x10b14 | memset (r0, r1, r2);
0x00012408 mov r3, 0 | r3 = 0;
0x0001240c ldr r2, [sp, 0x8c] | r2 = *(request);
0x00012410 str r3, [sp, 0x2c] | var_2ch = r3;
0x00012414 str r3, [sp, 0x30] | var_30h = r3;
0x00012418 str r3, [sp, 0x34] | var_34h = r3;
0x0001241c ldr r3, [pc, 0x298] | r3 = "MEMREADOOB64";
0x00012420 cmp r2, r3 |
0x00012424 ldr r2, [pc, 0x294] | r2 = *(0x126bc);
0x00012428 ldr r3, [pc, 0x294] | r3 = "MEMREADOOB";
| if (r2 != r3) {
0x0001242c moveq r3, r2 | r3 = r2;
| }
0x00012430 str r3, [sp, 0x24] | var_24h = r3;
0x00012434 ldr r3, [pc, 0x28c] | r3 = "MEMWRITEOOB";
0x00012438 ldr r2, [r4, 0xe4] | r2 = *((r4 + 0xe4));
| if (r2 == r3) {
0x0001243c movne r8, r3 | r8 = r3;
| }
0x00012440 ldr r3, [r4, 0xe0] | r3 = *((r4 + 0xe0));
0x00012444 smull r0, r1, r3, r2 | r0:r1 = r3 * r2;
0x00012448 cmp r1, fp |
0x0001244c cmpeq r0, sl | __asm ("cmpeq r0, sl");
| if (r1 > fp) {
0x00012450 bhi 0x12498 | goto label_2;
| }
0x00012454 strd r0, r1, [sp, 0x10] | __asm ("strd r0, r1, [var_10h]");
0x00012458 ldr r2, [pc, 0x26c] | r2 = "MEMWRITEOOB64";
0x0001245c str r3, [sp, 0xc] | var_ch = r3;
0x00012460 ldr r3, [r4] | r3 = *(r4);
0x00012464 ldr r1, [pc, 0x264] | r1 = "libmtd";
0x00012468 str r3, [sp, 8] | var_8h = r3;
0x0001246c ldr r3, [pc, 0x260] | r3 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012470 strd sl, fp, [sp] | __asm ("strd sl, fp, [sp]");
0x00012474 ldr r0, [r3] | r0 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012478 bl 0x10ab4 | r0 = fprintf (r0, "libmtd", "MEMWRITEOOB64", r3)
| do {
| label_1:
0x0001247c bl 0x10b5c | errno_location ();
0x00012480 mvn r7, 0 | r7 = ~0;
0x00012484 mov r3, 0x16 | r3 = 0x16;
0x00012488 str r3, [r0] | *(r0) = r3;
| label_0:
0x0001248c mov r0, r7 | r0 = r7;
0x00012490 add sp, sp, 0x54 |
0x00012494 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_2:
0x00012498 ldr r3, [r4, 0xe8] | r3 = *((r4 + 0xe8));
0x0001249c ldrd r0, r1, [sp, 0x80] | __asm ("ldrd r0, r1, [arg_80h]");
0x000124a0 ldr r2, [r4, 0xf0] | r2 = *((r4 + 0xf0));
0x000124a4 sub r3, r3, 1 | r3--;
0x000124a8 and r3, r3, sl | r3 &= sl;
0x000124ac adds r0, r0, r3 | r0 += r3;
0x000124b0 adc r1, r1, r3, asr 31 | __asm ("adc r1, r1, r3, asr 31");
0x000124b4 mov r6, r0 | r6 = r0;
0x000124b8 mov r7, r1 | r7 = r1;
0x000124bc ldr r0, [sp, 0x80] | r0 = *(arg_80h);
0x000124c0 asr r1, r2, 0x1f | r1 = r2 >> 0x1f;
0x000124c4 ldr ip, [sp, 0x84] | ip = *(arg_84h);
0x000124c8 cmp r7, r1 |
0x000124cc cmpeq r6, r2 | __asm ("cmpeq r6, r2");
| if (r7 <= r1) {
0x000124d0 movhi r1, 1 | r1 = 1;
| }
| if (r7 > r1) {
0x000124d4 movls r1, 0 | r1 = 0;
| }
0x000124d8 orrs r0, r0, ip | r0 |= ip;
| if (r0 != r0) {
0x000124dc moveq r1, 1 | r1 = 1;
| }
0x000124e0 cmp r1, 0 |
| if (r1 == 0) {
0x000124e4 beq 0x1251c | goto label_3;
| }
0x000124e8 str r2, [sp, 0x18] | var_18h = r2;
0x000124ec ldr r2, [r4] | r2 = *(r4);
0x000124f0 str r3, [sp, 0x10] | var_10h = r3;
0x000124f4 str r2, [sp, 0x14] | var_14h = r2;
0x000124f8 ldrd r2, r3, [sp, 0x80] | __asm ("ldrd r2, r3, [arg_80h]");
0x000124fc ldr r1, [pc, 0x1d4] | r1 = stderr;
0x00012500 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00012504 ldr r3, [pc, 0x1c8] | r3 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012508 strd sl, fp, [sp, 8] | __asm ("strd sl, fp, [var_ch]");
0x0001250c ldr r2, [pc, 0x1b8] | r2 = "MEMWRITEOOB64";
0x00012510 ldr r0, [r3] | r0 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012514 bl 0x10ab4 | fprintf ("_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_", r1, r2, r3)
0x00012518 b 0x1247c |
| } while (1);
| label_3:
0x0001251c ldr r3, [sp, 0x80] | r3 = *(arg_80h);
0x00012520 strd sl, fp, [sp, 0x38] | __asm ("strd sl, fp, [s]");
0x00012524 str r3, [sp, 0x44] | var_44h = r3;
0x00012528 ldr r3, [sp, 0x88] | r3 = *(arg_88h);
0x0001252c str r1, [sp, 0x4c] | var_4ch = r1;
0x00012530 str r3, [sp, 0x48] | var_48h = r3;
0x00012534 ldrb r3, [r5, 0x34] | r3 = *((r5 + 0x34));
0x00012538 tst r3, 2 |
| if ((r3 & 2) != 0) {
0x0001253c bne 0x125e8 | goto label_4;
| }
0x00012540 add r2, sp, 0x38 | r2 += s;
0x00012544 ldr r1, [sp, 0x8c] | r1 = *(request);
0x00012548 mov r0, sb | r0 = sb;
0x0001254c bl 0x10a00 | r0 = ioctl (r0, r1);
0x00012550 subs r7, r0, 0 | r7 = r0 - 0;
| if (r7 == r0) {
0x00012554 beq 0x1248c | goto label_0;
| }
0x00012558 bl 0x10b5c | r0 = errno_location ();
0x0001255c ldr r7, [r0] | r7 = *(r0);
0x00012560 cmp r7, 0x19 |
| if (r7 == 0x19) {
0x00012564 bne 0x12574 |
0x00012568 ldrb r3, [r5, 0x34] | r3 = *((r5 + 0x34));
0x0001256c tst r3, 6 |
| if ((r3 & 6) == 0) {
0x00012570 beq 0x125d8 | goto label_5;
| }
| }
0x00012574 ldr r2, [r4, 0xe4] | r2 = *((r4 + 0xe4));
0x00012578 mov r0, sl | r0 = sl;
0x0001257c asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00012580 mov r1, fp | r1 = fp;
0x00012584 bl 0x15184 | fcn_00015184 (r0, r1);
0x00012588 ldr r6, [pc, 0x144] | r6 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x0001258c strd sl, fp, [sp, 8] | __asm ("strd sl, fp, [var_ch]");
0x00012590 ldr r2, [pc, 0x134] | r2 = "MEMWRITEOOB64";
0x00012594 strd r0, r1, [sp, 0x10] | __asm ("strd r0, r1, [var_10h]");
0x00012598 ldr r3, [r4] | r3 = *(r4);
0x0001259c ldr r1, [pc, 0x138] | r1 = "_s:_error_:_Cannot_write__llu_OOB_bytes_to_address__llu__OOB_offset__u____mtd_d_OOB_size_is_only__d_bytes";
0x000125a0 str r3, [sp] | *(sp) = r3;
0x000125a4 mov r3, r8 | r3 = r8;
0x000125a8 ldr r0, [r6] | r0 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x000125ac bl 0x10ab4 | fprintf (r0, "_s:_error_:_Cannot_write__llu_OOB_bytes_to_address__llu__OOB_offset__u____mtd_d_OOB_size_is_only__d_bytes", "MEMWRITEOOB64", r3, r4, r5, "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_")
0x000125b0 mov r0, r7 | r0 = r7;
0x000125b4 ldr r8, [r6] | r8 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x000125b8 bl 0x10a18 | strerror (r0);
0x000125bc str r7, [sp] | *(sp) = r7;
0x000125c0 ldr r3, [pc, 0x118] | r3 = "%s: error!: %s ioctl failed for mtd%d, offset %llu (eraseblock %llu)\n";
0x000125c4 mov r2, 8 | r2 = 8;
0x000125c8 ldr r1, [pc, 0x114] | r1 = *(0x126e0);
0x000125cc str r0, [sp, 4] | var_4h = r0;
0x000125d0 mov r0, r8 | r0 = r8;
0x000125d4 bl 0x10ab4 | fprintf (r0, r1, r2, "%s: error!: %s ioctl failed for mtd%d, offset %llu (eraseblock %llu)\n")
| label_5:
0x000125d8 ldrb r3, [r5, 0x34] | r3 = *((r5 + 0x34));
0x000125dc bic r3, r3, 4 | r3 = BIT_MASK (r3, 4);
0x000125e0 orr r3, r3, 2 | r3 |= 2;
0x000125e4 strb r3, [r5, 0x34] | *((r5 + 0x34)) = r3;
| label_4:
0x000125e8 ldrd r2, r3, [sp, 0x38] | __asm ("ldrd r2, r3, [s]");
0x000125ec mov r1, 0 | r1 = 0;
0x000125f0 mvn r0, 0 | r0 = ~0;
0x000125f4 cmp r3, r1 |
0x000125f8 cmpeq r2, r0 | __asm ("cmpeq r2, r0");
| if (r3 >= r1) {
0x000125fc bls 0x1261c |
0x00012600 ldr r0, [pc, 0xcc] |
0x00012604 mvn r3, 0 | r3 = ~0;
0x00012608 ldr r2, [pc, 0xbc] | r2 = "MEMWRITEOOB64";
0x0001260c ldr r1, [pc, 0xd4] | r1 = "_serror__d___s_";
0x00012610 ldr r0, [r0] | r0 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012614 bl 0x10ab4 | fprintf ("_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_", "_serror__d___s_", "MEMWRITEOOB64", r3)
0x00012618 b 0x1247c | goto label_1;
| }
0x0001261c ldr r3, [sp, 0x44] | r3 = var_44h;
0x00012620 str r2, [sp, 0x2c] | var_2ch = r2;
0x00012624 str r3, [sp, 0x30] | var_30h = r3;
0x00012628 ldr r3, [sp, 0x88] | r3 = *(arg_88h);
0x0001262c add r2, sp, 0x2c | r2 += var_2ch;
0x00012630 ldr r1, [sp, 0x90] | r1 = *(arg_90h);
0x00012634 mov r0, sb | r0 = sb;
0x00012638 str r3, [sp, 0x34] | var_34h = r3;
0x0001263c bl 0x10a00 | r0 = ioctl (r0, r1);
0x00012640 subs r7, r0, 0 | r7 = r0 - 0;
| if (r7 >= r0) {
0x00012644 bge 0x1248c | goto label_0;
| }
0x00012648 bl 0x10b5c | errno_location ();
0x0001264c ldr r2, [r4, 0xe4] | r2 = *((r4 + 0xe4));
0x00012650 mov r1, fp | r1 = fp;
0x00012654 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00012658 ldr r8, [pc, 0x74] | r8 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x0001265c ldr r5, [r0] | r5 = *(r0);
0x00012660 mov r0, sl | r0 = sl;
0x00012664 bl 0x15184 | fcn_00015184 (r0, r1);
0x00012668 strd sl, fp, [sp, 8] | __asm ("strd sl, fp, [var_ch]");
0x0001266c ldr r2, [pc, 0x58] | r2 = "MEMWRITEOOB64";
0x00012670 strd r0, r1, [sp, 0x10] | __asm ("strd r0, r1, [var_10h]");
0x00012674 ldr r3, [r4] | r3 = *(r4);
0x00012678 ldr r1, [pc, 0x5c] | r1 = "_s:_error_:_Cannot_write__llu_OOB_bytes_to_address__llu__OOB_offset__u____mtd_d_OOB_size_is_only__d_bytes";
0x0001267c str r3, [sp] | *(sp) = r3;
0x00012680 ldr r3, [sp, 0x24] | r3 = var_24h;
0x00012684 ldr r0, [r8] | r0 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012688 bl 0x10ab4 | fprintf (r0, "_s:_error_:_Cannot_write__llu_OOB_bytes_to_address__llu__OOB_offset__u____mtd_d_OOB_size_is_only__d_bytes", "MEMWRITEOOB64", r3)
0x0001268c mov r0, r5 | r0 = r5;
0x00012690 ldr r4, [r8] | r4 = "_s:_error_:_bad_page_address__llu__mtd_d_has__d_eraseblocks___llu_bytes_";
0x00012694 bl 0x10a18 | strerror (r0);
0x00012698 str r5, [sp] | *(sp) = r5;
0x0001269c ldr r3, [pc, 0x3c] | r3 = "%s: error!: %s ioctl failed for mtd%d, offset %llu (eraseblock %llu)\n";
0x000126a0 mov r2, 8 | r2 = 8;
0x000126a4 ldr r1, [pc, 0x38] | r1 = *(0x126e0);
0x000126a8 str r0, [sp, 4] | var_4h = r0;
0x000126ac mov r0, r4 | r0 = r4;
0x000126b0 bl 0x10ab4 | fprintf (r0, r1, r2, "%s: error!: %s ioctl failed for mtd%d, offset %llu (eraseblock %llu)\n", r4, r5)
0x000126b4 b 0x1248c | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x126ec */
| #include <stdint.h>
|
; (fcn) fcn.000126ec () | void fcn_000126ec (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
| r0 = arg1;
| r1 = arg2;
0x000126ec subs r3, r1, 0 | r3 = r1 - 0;
0x000126f0 push {r0, r1, r2, lr} |
0x000126f4 ldr r2, [r0, 0xe0] | r2 = *((r0 + 0xe0));
| if (r3 >= r1) {
0x000126f8 blt 0x12708 |
0x000126fc cmp r3, r2 |
| if (r3 >= r2) {
0x00012700 movlt r0, 0 | r0 = 0;
| }
| if (r3 < r2) {
0x00012704 blt 0x12738 | goto label_0;
| }
| }
0x00012708 str r2, [sp, 4] | var_4h = r2;
0x0001270c ldr r2, [r0] | r2 = *(r0);
0x00012710 ldr r0, [pc, 0x28] |
0x00012714 str r2, [sp] | *(sp) = r2;
0x00012718 ldr r1, [pc, 0x24] | r1 = stderr;
0x0001271c ldr r2, [pc, 0x24] | r2 = "%s: error!: bad eraseblock number %d, mtd%d has %d eraseblocks\n";
0x00012720 ldr r0, [r0] | r0 = *(0x1273c);
0x00012724 bl 0x10ab4 | r0 = fprintf (r0, r1, r2)
0x00012728 bl 0x10b5c | errno_location ();
0x0001272c mov r3, 0x16 | r3 = 0x16;
0x00012730 str r3, [r0] | *(r0) = r3;
0x00012734 mvn r0, 0 | r0 = ~0;
| label_0:
0x00012738 add sp, sp, 0xc |
0x0001273c pop {pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x1274c */
| #include <stdint.h>
|
; (fcn) fcn.0001274c () | void fcn_0001274c (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| r0 = arg1;
| r1 = arg2;
0x0001274c push {r0, r1, r4, r5, r6, r7, r8, lr} |
0x00012750 ldr r5, [pc, 0x5c] |
0x00012754 mov r7, r1 | r7 = r1;
0x00012758 mov r6, r2 | r6 = r2;
0x0001275c mov r8, r0 | r8 = r0;
0x00012760 bl 0x10b5c | errno_location ();
0x00012764 mov r3, r6 | r3 = r6;
0x00012768 ldr r2, [pc, 0x48] | r2 = stderr;
0x0001276c ldr r1, [pc, 0x48] | r1 = "libmtd";
0x00012770 ldr r4, [r0] | r4 = *(r0);
0x00012774 stm sp, {r7, r8} | *(sp) = r7;
| *((sp + 4)) = r8;
0x00012778 ldr r0, [r5] | r0 = *(0x127b0);
0x0001277c bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4)
0x00012780 mov r0, r4 | r0 = r4;
0x00012784 ldr r5, [r5] | r5 = *(0x127b0);
0x00012788 bl 0x10a18 | strerror (r0);
0x0001278c str r4, [sp] | *(sp) = r4;
0x00012790 ldr r3, [pc, 0x28] | r3 = "%s: error!: %s ioctl failed for eraseblock %d (mtd%d)\n";
0x00012794 mov r2, 8 | r2 = 8;
0x00012798 ldr r1, [pc, 0x24] | r1 = *(0x127c0);
0x0001279c str r0, [sp, 4] | var_4h = r0;
0x000127a0 mov r0, r5 | r0 = r5;
0x000127a4 bl 0x10ab4 | fprintf (r0, r1, r2, "%s: error!: %s ioctl failed for eraseblock %d (mtd%d)\n", r4)
0x000127a8 mvn r0, 0 | r0 = ~0;
0x000127ac add sp, sp, 8 |
0x000127b0 pop {r4, r5, r6, r7, r8, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x127c8 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.000127c8 () | void fcn_000127c8 (int32_t arg2, char * s) {
| char * var_50h;
| int32_t var_0h;
| int32_t var_4h;
| char * var_8h;
| int32_t var_18h_2;
| int32_t var_18h;
| r1 = arg2;
| r0 = s;
0x000127c8 push {r4, r5, r6, r7, r8, fp, lr} |
0x000127cc add fp, sp, 0x18 |
0x000127d0 sub sp, sp, 0x44 |
0x000127d4 ldr r7, [r0] | r7 = *(r0);
0x000127d8 mov r8, r1 | r8 = r1;
0x000127dc mov r0, r7 | r0 = r7;
0x000127e0 mov r6, r3 | r6 = r3;
0x000127e4 mov r5, r2 | r5 = r2;
0x000127e8 bl 0x10b80 | strlen (r0);
0x000127ec mov r2, r8 | r2 = r8;
0x000127f0 mov r1, r7 | r1 = r7;
0x000127f4 add r0, r0, 0x39 | r0 += 0x39;
0x000127f8 bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x000127fc sub sp, sp, r0 |
0x00012800 add r4, sp, 8 | r4 += var_8h;
0x00012804 mov r0, r4 | r0 = r4;
0x00012808 bl 0x10b44 | sprintf (r0, r1, r2);
0x0001280c mov r2, 0x32 | r2 = 0x32;
0x00012810 sub r1, fp, 0x50 | r1 -= var_50h;
0x00012814 mov r0, r4 | r0 = r4;
0x00012818 bl 0x11ff0 | r0 = fcn_00011ff0 (r0, r1);
0x0001281c cmp r0, 0 |
| if (r0 < 0) {
0x00012820 blt 0x12868 | goto label_1;
| }
0x00012824 mov r3, r6 | r3 = r6;
0x00012828 mov r2, r5 | r2 = r5;
0x0001282c ldr r1, [pc, 0x8c] | r1 = *(0x128bc);
0x00012830 sub r0, fp, 0x50 | r0 -= var_50h;
0x00012834 bl 0x10afc | r0 = sscanf (r0, r1, r2);
0x00012838 cmp r0, 2 |
| if (r0 == 2) {
0x0001283c beq 0x12870 | goto label_2;
| }
0x00012840 bl 0x10b5c | errno_location ();
0x00012844 mov r3, 0x16 | r3 = 0x16;
0x00012848 ldr r2, [pc, 0x74] | r2 = "_d:_d";
0x0001284c ldr r1, [pc, 0x74] | r1 = "libmtd";
0x00012850 str r3, [r0] | *(r0) = r3;
0x00012854 ldr r0, [pc, 0x70] |
0x00012858 mov r3, r4 | r3 = r4;
0x0001285c ldr r0, [r0] | r0 = "%s: error!: \"%s\" does not have major:minor format\n";
0x00012860 bl 0x10ab4 | fprintf ("%s: error!: \"%s\" does not have major:minor format\n", "libmtd", "_d:_d", r3)
| label_0:
0x00012864 mvn r0, 0 | r0 = ~0;
| do {
| label_1:
0x00012868 sub sp, fp, 0x18 |
0x0001286c pop {r4, r5, r6, r7, r8, fp, pc} |
| label_2:
0x00012870 ldr r3, [r5] | r3 = *(r5);
0x00012874 cmp r3, 0 |
| if (r3 < 0) {
0x00012878 blt 0x1288c | goto label_3;
| }
0x0001287c ldr r3, [r6] | r3 = *(r6);
0x00012880 cmp r3, 0 |
| if (r3 < 0) {
0x00012884 movge r0, 0 | r0 = 0;
| }
0x00012888 bge 0x12868 |
| } while (r3 >= 0);
| label_3:
0x0001288c bl 0x10b5c | errno_location ();
0x00012890 mov r3, 0x16 | r3 = 0x16;
0x00012894 ldr r2, [pc, 0x28] | r2 = "_d:_d";
0x00012898 ldr r1, [pc, 0x30] | r1 = stderr;
0x0001289c str r3, [r0] | *(r0) = r3;
0x000128a0 ldr r0, [pc, 0x24] |
0x000128a4 ldr r3, [r6] | r3 = *(r6);
0x000128a8 str r4, [sp, 4] | var_4h = r4;
0x000128ac str r3, [sp] | *(sp) = r3;
0x000128b0 ldr r3, [r5] | r3 = *(r5);
0x000128b4 ldr r0, [r0] | r0 = "%s: error!: \"%s\" does not have major:minor format\n";
0x000128b8 bl 0x10ab4 | fprintf ("%s: error!: \"%s\" does not have major:minor format\n", r1, "_d:_d", r3, r4)
0x000128bc b 0x12864 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x12c14 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.00012c14 () | void fcn_00012c14 () {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
0x00012c14 push {r0, r1, r2, r4, r5, lr} |
0x00012c18 mov r1, 0x38 | r1 = 0x38;
0x00012c1c mov r0, 1 | r0 = 1;
0x00012c20 bl 0x10a9c | r0 = calloc (r0, r1);
0x00012c24 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x00012c28 bne 0x12c78 |
0x00012c2c bl 0x10b5c | errno_location ();
0x00012c30 ldr r5, [pc, 0x1ec] |
0x00012c34 ldr r2, [pc, 0x1ec] | r2 = stderr;
0x00012c38 ldr r1, [pc, 0x1ec] | r1 = "libmtd";
0x00012c3c ldr r4, [r0] | r4 = *(r0);
0x00012c40 ldr r0, [r5] | r0 = *(0x12e20);
0x00012c44 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5)
0x00012c48 mov r0, r4 | r0 = r4;
0x00012c4c ldr r5, [r5] | r5 = *(0x12e20);
0x00012c50 bl 0x10a18 | strerror (r0);
0x00012c54 str r4, [sp] | *(sp) = r4;
0x00012c58 ldr r3, [pc, 0x1d0] | r3 = "_s:_error_:_out_of_memory";
0x00012c5c mov r2, 8 | r2 = 8;
0x00012c60 ldr r1, [pc, 0x1cc] | r1 = *(0x12e30);
0x00012c64 str r0, [sp, 4] | var_4h = r0;
0x00012c68 mov r0, r5 | r0 = r5;
0x00012c6c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_out_of_memory", r4)
0x00012c70 mvn r0, 0 | r0 = ~0;
0x00012c74 bl 0x10b68 | exit (r0);
| }
0x00012c78 ldrb r3, [r4, 0x34] | r3 = *((r4 + 0x34));
0x00012c7c ldr r1, [pc, 0x1b4] | r1 = "_serror__d___s_";
0x00012c80 bic r3, r3, 6 | r3 = BIT_MASK (r3, 6);
0x00012c84 strb r3, [r4, 0x34] | *((r4 + 0x34)) = r3;
0x00012c88 ldr r0, [pc, 0x1ac] | r0 = "class/mtd";
0x00012c8c bl 0x12b24 | r0 = fcn_00012b24 ("class/mtd", r1);
0x00012c90 cmp r0, 0 |
0x00012c94 str r0, [r4] | *(r4) = r0;
| if (r0 == 0) {
0x00012c98 beq 0x12e18 | goto label_1;
| }
0x00012c9c ldr r1, [pc, 0x19c] | r1 = "/sys";
0x00012ca0 bl 0x12b24 | r0 = fcn_00012b24 (r0, "/sys");
0x00012ca4 cmp r0, 0 |
0x00012ca8 str r0, [r4, 4] | *((r4 + 4)) = r0;
| if (r0 == 0) {
0x00012cac beq 0x12e18 | goto label_1;
| }
0x00012cb0 ldr r1, [pc, 0x18c] | r1 = *(0x12e40);
0x00012cb4 bl 0x12b24 | r0 = fcn_00012b24 (r0, r1);
0x00012cb8 cmp r0, 0 |
0x00012cbc str r0, [r4, 0xc] | *((r4 + 0xc)) = r0;
| if (r0 == 0) {
0x00012cc0 beq 0x12e18 | goto label_1;
| }
0x00012cc4 mov r0, r4 | r0 = r4;
0x00012cc8 bl 0x11df0 | r0 = fcn_00011df0 (r0);
0x00012ccc subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 != r0) {
0x00012cd0 bne 0x12d1c | goto label_2;
| }
0x00012cd4 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012cd8 bl 0x10bd4 | free (r0);
0x00012cdc ldr r0, [r4] | r0 = *(r4);
0x00012ce0 bl 0x10bd4 | free (r0);
0x00012ce4 ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00012ce8 bl 0x10bd4 | free (r0);
0x00012cec str r5, [r4] | *(r4) = r5;
0x00012cf0 str r5, [r4, 4] | *((r4 + 4)) = r5;
0x00012cf4 str r5, [r4, 0xc] | *((r4 + 0xc)) = r5;
0x00012cf8 bl 0x146ac | r0 = fcn_000146ac ();
0x00012cfc subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 != r0) {
0x00012d00 bne 0x12d10 | goto label_3;
| }
0x00012d04 mov r0, r4 | r0 = r4;
0x00012d08 bl 0x10bd4 | free (r0);
| label_0:
0x00012d0c mov r4, 0 | r4 = 0;
| do {
| label_3:
0x00012d10 mov r0, r4 | r0 = r4;
0x00012d14 add sp, sp, 0xc |
0x00012d18 pop {r4, r5, pc} |
| label_2:
0x00012d1c ldr r1, [pc, 0x124] | r1 = "name";
0x00012d20 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d24 bl 0x12b24 | r0 = fcn_00012b24 (r0, "name");
0x00012d28 cmp r0, 0 |
0x00012d2c str r0, [r4, 8] | *((r4 + 8)) = r0;
| if (r0 == 0) {
0x00012d30 beq 0x12e18 | goto label_1;
| }
0x00012d34 ldr r1, [pc, 0x110] | r1 = *(0x12e48);
0x00012d38 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d3c bl 0x12b24 | r0 = fcn_00012b24 (r0, r1);
0x00012d40 cmp r0, 0 |
0x00012d44 str r0, [r4, 0x10] | *((r4 + 0x10)) = r0;
| if (r0 == 0) {
0x00012d48 beq 0x12e18 | goto label_1;
| }
0x00012d4c ldr r1, [pc, 0xfc] | r1 = "type";
0x00012d50 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d54 bl 0x12b24 | r0 = fcn_00012b24 (r0, "type");
0x00012d58 cmp r0, 0 |
0x00012d5c str r0, [r4, 0x14] | *((r4 + 0x14)) = r0;
| if (r0 == 0) {
0x00012d60 beq 0x12e18 | goto label_1;
| }
0x00012d64 ldr r1, [pc, 0xe8] | r1 = "erasesize";
0x00012d68 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d6c bl 0x12b24 | r0 = fcn_00012b24 (r0, "erasesize");
0x00012d70 cmp r0, 0 |
0x00012d74 str r0, [r4, 0x18] | *((r4 + 0x18)) = r0;
| if (r0 == 0) {
0x00012d78 beq 0x12e18 | goto label_1;
| }
0x00012d7c ldr r1, [pc, 0xd4] | r1 = *(0x12e54);
0x00012d80 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d84 bl 0x12b24 | r0 = fcn_00012b24 (r0, r1);
0x00012d88 cmp r0, 0 |
0x00012d8c str r0, [r4, 0x1c] | *((r4 + 0x1c)) = r0;
| if (r0 == 0) {
0x00012d90 beq 0x12e18 | goto label_1;
| }
0x00012d94 ldr r1, [pc, 0xc0] | r1 = "writesize";
0x00012d98 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012d9c bl 0x12b24 | r0 = fcn_00012b24 (r0, "writesize");
0x00012da0 cmp r0, 0 |
0x00012da4 str r0, [r4, 0x20] | *((r4 + 0x20)) = r0;
| if (r0 == 0) {
0x00012da8 beq 0x12e18 | goto label_1;
| }
0x00012dac ldr r1, [pc, 0xac] | r1 = "subpagesize";
0x00012db0 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012db4 bl 0x12b24 | r0 = fcn_00012b24 (r0, "subpagesize");
0x00012db8 cmp r0, 0 |
0x00012dbc str r0, [r4, 0x24] | *((r4 + 0x24)) = r0;
| if (r0 == 0) {
0x00012dc0 beq 0x12e18 | goto label_1;
| }
0x00012dc4 ldr r1, [pc, 0x98] | r1 = "oobsize";
0x00012dc8 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012dcc bl 0x12b24 | r0 = fcn_00012b24 (r0, "oobsize");
0x00012dd0 cmp r0, 0 |
0x00012dd4 str r0, [r4, 0x28] | *((r4 + 0x28)) = r0;
| if (r0 == 0) {
0x00012dd8 beq 0x12e18 | goto label_1;
| }
0x00012ddc ldr r1, [pc, 0x84] | r1 = "oobavail";
0x00012de0 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012de4 bl 0x12b24 | r0 = fcn_00012b24 (r0, "oobavail");
0x00012de8 cmp r0, 0 |
0x00012dec str r0, [r4, 0x2c] | *((r4 + 0x2c)) = r0;
| if (r0 == 0) {
0x00012df0 beq 0x12e18 | goto label_1;
| }
0x00012df4 ldr r1, [pc, 0x70] | r1 = "numeraseregions";
0x00012df8 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00012dfc bl 0x12b24 | r0 = fcn_00012b24 (r0, "numeraseregions");
0x00012e00 cmp r0, 0 |
| if (r0 == 0) {
0x00012e04 ldrbne r3, [r4, 0x34] | r3 = *((r4 + 0x34));
| }
0x00012e08 str r0, [r4, 0x30] | *((r4 + 0x30)) = r0;
| if (r0 == 0) {
0x00012e0c orrne r3, r3, 1 | r3 |= 1;
| }
| if (r0 == 0) {
0x00012e10 strbne r3, [r4, 0x34] | *((r4 + 0x34)) = r3;
| }
0x00012e14 bne 0x12d10 |
| } while (r0 != 0);
| label_1:
0x00012e18 mov r0, r4 | r0 = r4;
0x00012e1c bl 0x12b98 | fcn_00012b98 (r0);
0x00012e20 b 0x12d0c | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x12ef0 */
| #include <stdint.h>
|
; (fcn) fcn.00012ef0 () | void fcn_00012ef0 (int32_t arg1, void * s) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_0h_2;
| r0 = arg1;
| r1 = s;
| label_3:
0x00012940 ldrb r3, [r1, 0xc] | r3 = *((r1 + 0xc));
0x00012944 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x00012948 orr r3, r3, 1 | r3 |= 1;
0x0001294c sub sp, sp, 0x110 |
0x00012950 strb r3, [r1, 0xc] | *((r1 + 0xc)) = r3;
0x00012954 mov r5, r0 | r5 = r0;
0x00012958 ldr r0, [r0] | r0 = *(r0);
0x0001295c mov r4, r1 | r4 = r1;
0x00012960 bl 0x10b2c | r0 = opendir ();
0x00012964 mov r8, r0 | r8 = r0;
0x00012968 bl 0x10b5c | errno_location ();
0x0001296c cmp r8, 0 |
0x00012970 mov r6, r0 | r6 = r0;
| if (r8 != 0) {
0x00012974 bne 0x129c4 | goto label_4;
| }
0x00012978 ldr r4, [r0] | r4 = *(r0);
0x0001297c ldr r6, [pc, 0x17c] | r6 = *(0x12afc);
0x00012980 ldr r3, [r5] | r3 = *(r5);
0x00012984 ldr r2, [pc, 0x178] | r2 = stderr;
0x00012988 ldr r1, [pc, 0x178] | r1 = "libmtd";
| label_2:
0x0001298c ldr r0, [r6] | r0 = *(r6);
0x00012990 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x00012994 mov r0, r4 | r0 = r4;
0x00012998 ldr r5, [r6] | r5 = *(r6);
0x0001299c bl 0x10a18 | strerror (r0);
0x000129a0 str r4, [sp] | *(sp) = r4;
0x000129a4 ldr r3, [pc, 0x160] | r3 = "_s:_error_:_cannot_open___s_";
0x000129a8 mov r2, 8 | r2 = 8;
0x000129ac ldr r1, [pc, 0x15c] | r1 = *(0x12b0c);
0x000129b0 str r0, [sp, 4] | var_4h = r0;
0x000129b4 mov r0, r5 | r0 = r5;
0x000129b8 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4)
| do {
0x000129bc mvn r0, 0 | r0 = ~0;
0x000129c0 b 0x12af8 | goto label_5;
| label_4:
0x000129c4 ldr sl, [pc, 0x148] | sl = "mtd%d%s";
0x000129c8 mvn r3, 0x80000000 | r3 = ~0x80000000;
0x000129cc mov sb, 0 | sb = 0;
0x000129d0 str r3, [r4, 4] | *((r4 + 4)) = r3;
| label_0:
0x000129d4 str sb, [r6] | *(r6) = sb;
0x000129d8 mov r0, r8 | r0 = r8;
0x000129dc bl 0x10ae4 | r0 = readdir64 ();
0x000129e0 cmp r0, 0 |
| if (r0 == 0) {
0x000129e4 beq 0x12a74 | goto label_6;
| }
0x000129e8 add r7, r0, 0x13 | r7 = r0 + 0x13;
0x000129ec mov r0, r7 | r0 = r7;
0x000129f0 bl 0x10b80 | r0 = strlen (r0);
0x000129f4 cmp r0, 0xfe |
| if (r0 < 0xfe) {
0x000129f8 bls 0x12a2c | goto label_7;
| }
0x000129fc ldr r0, [pc, 0xfc] |
0x00012a00 str r7, [sp] | *(sp) = r7;
0x00012a04 ldr r2, [pc, 0xf8] | r2 = stderr;
0x00012a08 ldr r3, [r5] | r3 = *(r5);
0x00012a0c ldr r1, [pc, 0x104] | r1 = "mtd%d%s";
0x00012a10 ldr r0, [r0] | r0 = *(0x12afc);
0x00012a14 bl 0x10ab4 | fprintf (r0, "mtd%d%s", r2, r3)
0x00012a18 mov r3, 0x16 | r3 = 0x16;
0x00012a1c str r3, [r6] | *(r6) = r3;
| label_1:
0x00012a20 mov r0, r8 | r0 = r8;
0x00012a24 bl 0x10ba4 | closedir ();
0x00012a28 b 0x129bc |
| } while (1);
| label_7:
0x00012a2c add r3, sp, 0x10 | r3 += var_10h;
0x00012a30 add r2, sp, 0xc | r2 += var_ch;
0x00012a34 mov r1, sl | r1 = sl;
0x00012a38 mov r0, r7 | r0 = r7;
0x00012a3c bl 0x10afc | r0 = sscanf (r0, r1, r2);
0x00012a40 cmp r0, 1 |
| if (r0 != 1) {
0x00012a44 bne 0x129d4 | goto label_0;
| }
0x00012a48 ldr r3, [r4] | r3 = *(r4);
0x00012a4c ldr r2, [r4, 8] | r2 = *((r4 + 8));
0x00012a50 add r3, r3, 1 | r3++;
0x00012a54 str r3, [r4] | *(r4) = r3;
0x00012a58 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00012a5c cmp r2, r3 |
0x00012a60 ldr r2, [r4, 4] | r2 = *((r4 + 4));
| if (r2 >= r3) {
0x00012a64 strlt r3, [r4, 8] | *((r4 + 8)) = r3;
| }
0x00012a68 cmp r3, r2 |
| if (r3 >= r2) {
0x00012a6c strlt r3, [r4, 4] | *((r4 + 4)) = r3;
| }
0x00012a70 b 0x129d4 | goto label_0;
| label_6:
0x00012a74 ldr r7, [r6] | r7 = *(r6);
0x00012a78 cmp r7, 0 |
| if (r7 != 0) {
0x00012a7c beq 0x12ac4 |
0x00012a80 ldr r4, [pc, 0x78] |
0x00012a84 ldr r3, [r5] | r3 = *(r5);
0x00012a88 ldr r2, [pc, 0x74] | r2 = stderr;
0x00012a8c ldr r1, [pc, 0x88] | r1 = "_s:_error_:_invalid_entry_in__s:___s_";
0x00012a90 ldr r0, [r4] | r0 = *(0x12afc);
0x00012a94 bl 0x10ab4 | fprintf (r0, "_s:_error_:_invalid_entry_in__s:___s_", r2, r3, r4)
0x00012a98 mov r0, r7 | r0 = r7;
0x00012a9c ldr r4, [r4] | r4 = *(0x12afc);
0x00012aa0 bl 0x10a18 | strerror (r0);
0x00012aa4 str r7, [sp] | *(sp) = r7;
0x00012aa8 ldr r3, [pc, 0x5c] | r3 = "_s:_error_:_cannot_open___s_";
0x00012aac mov r2, 8 | r2 = 8;
0x00012ab0 ldr r1, [pc, 0x58] | r1 = *(0x12b0c);
0x00012ab4 str r0, [sp, 4] | var_4h = r0;
0x00012ab8 mov r0, r4 | r0 = r4;
0x00012abc bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_")
0x00012ac0 b 0x12a20 | goto label_1;
| }
0x00012ac4 mov r0, r8 | r0 = r8;
0x00012ac8 bl 0x10ba4 | r0 = closedir ();
0x00012acc cmp r0, 0 |
| if (r0 != 0) {
0x00012ad0 beq 0x12aec |
0x00012ad4 ldr r4, [r6] | r4 = *(r6);
0x00012ad8 ldr r3, [r5] | r3 = *(r5);
0x00012adc ldr r6, [pc, 0x1c] | r6 = *(0x12afc);
0x00012ae0 ldr r2, [pc, 0x1c] | r2 = stderr;
0x00012ae4 ldr r1, [pc, 0x34] | r1 = "%s: error!: readdir failed on \"%s\"\n";
0x00012ae8 b 0x1298c | goto label_2;
| }
0x00012aec ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x00012af0 cmn r3, 0x80000001 |
| if (r3 != 0x80000001) {
0x00012af4 streq r0, [r4, 4] | *((r4 + 4)) = r0;
| }
| label_5:
0x00012af8 add sp, sp, 0x110 |
0x00012afc pop {r4, r5, r6, r7, r8, sb, sl, pc} |
0x00012ef0 mov r3, r1 | r3 = r1;
0x00012ef4 push {r4, lr} |
0x00012ef8 mov r2, 0x10 | r2 = 0x10;
0x00012efc mov r4, r0 | r4 = r0;
0x00012f00 mov r1, 0 | r1 = 0;
0x00012f04 mov r0, r3 | r0 = r3;
0x00012f08 bl 0x10b14 | memset (r0, r1, r2);
0x00012f0c ldrb r2, [r4, 0x34] | r2 = *((r4 + 0x34));
0x00012f10 tst r2, 1 |
| if ((r2 & 1) == 0) {
0x00012f14 bne 0x12f20 |
0x00012f18 pop {r4, lr} |
0x00012f1c b 0x14794 |
| } else {
0x00012f20 mov r1, r0 | r1 = r0;
0x00012f24 mov r0, r4 | r0 = r4;
0x00012f28 pop {r4, lr} |
0x00012f2c b 0x12940 | goto label_3;
| }
0x00014794 push {r4, lr} |
0x00014798 sub sp, sp, 0xa0 |
0x0001479c mov r4, r0 | r4 = r0;
0x000147a0 mov r0, sp | r0 = sp;
0x000147a4 bl 0x14524 | r0 = fcn_00014524 (r0);
0x000147a8 cmp r0, 0 |
| if (r0 != 0) {
0x000147ac mvneq r3, 0x80000000 | r3 = ~0x80000000;
| }
| if (r0 == 0) {
0x000147b0 beq 0x147e4 | goto label_8;
| }
0x000147b4 mvn r0, 0 | r0 = ~0;
0x000147b8 b 0x147f8 | goto label_9;
| do {
0x000147bc ldr r3, [r4] | r3 = *(r4);
0x000147c0 ldr r2, [r4, 8] | r2 = *((r4 + 8));
0x000147c4 add r3, r3, 1 | r3++;
0x000147c8 str r3, [r4] | *(r4) = r3;
0x000147cc ldr r3, [sp] | r3 = *(sp);
0x000147d0 cmp r3, r2 |
0x000147d4 ldr r2, [r4, 4] | r2 = *((r4 + 4));
| if (r3 <= r2) {
0x000147d8 strgt r3, [r4, 8] | *((r4 + 8)) = r3;
| }
0x000147dc cmp r3, r2 |
| if (r3 < r2) {
0x000147e0 bge 0x147e8 |
| label_8:
0x000147e4 str r3, [r4, 4] | *((r4 + 4)) = r3;
| }
0x000147e8 mov r0, sp | r0 = sp;
0x000147ec bl 0x143c0 | r0 = fcn_000143c0 (r0);
0x000147f0 cmp r0, 0 |
0x000147f4 bne 0x147bc |
| } while (r0 != 0);
| label_9:
0x000147f8 add sp, sp, 0xa0 |
0x000147fc pop {r4, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x12f30 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.00012f30 () | void fcn_00012f30 (int32_t arg1, int32_t arg2) {
| int32_t var_68h;
| int32_t var_64h;
| char * buf;
| int32_t var_24h;
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| char * s;
| int32_t var_sp_64h;
| int32_t var_20h_2;
| int32_t var_20h;
| r0 = arg1;
| r1 = arg2;
0x00012f30 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00012f34 add r6, r2, 4 | r6 = r2 + 4;
0x00012f38 add fp, sp, 0x20 |
0x00012f3c sub sp, sp, 0x5c |
0x00012f40 mov r5, r1 | r5 = r1;
0x00012f44 mov r7, r0 | r7 = r0;
0x00012f48 mov r4, r2 | r4 = r2;
0x00012f4c mov r1, 0 | r1 = 0;
0x00012f50 mov r2, 0xfc | r2 = 0xfc;
0x00012f54 mov r0, r6 | r0 = r6;
0x00012f58 bl 0x10b14 | memset (r0, r1, r2);
0x00012f5c str r5, [r4] | *(r4) = r5;
0x00012f60 mov r1, r5 | r1 = r5;
0x00012f64 mov r0, r7 | r0 = r7;
0x00012f68 bl 0x12e70 | r0 = fcn_00012e70 (r0, r1);
0x00012f6c cmp r0, 0 |
| if (r0 != 0) {
0x00012f70 bne 0x12f88 | goto label_4;
| }
0x00012f74 bl 0x10b5c | errno_location ();
0x00012f78 mov r3, 0x13 | r3 = 0x13;
0x00012f7c str r3, [r0] | *(r0) = r3;
| do {
| label_0:
0x00012f80 mvn r5, 0 | r5 = ~0;
0x00012f84 b 0x12fa4 | goto label_1;
| label_4:
0x00012f88 ldrb r3, [r7, 0x34] | r3 = *((r7 + 0x34));
0x00012f8c tst r3, 1 |
| if ((r3 & 1) == 0) {
0x00012f90 bne 0x12fb0 |
0x00012f94 mov r0, r5 | r0 = r5;
0x00012f98 mov r1, r4 | r1 = r4;
0x00012f9c bl 0x14eb8 | r0 = fcn_00014eb8 (r0, r1);
0x00012fa0 mov r5, r0 | r5 = r0;
| label_1:
0x00012fa4 mov r0, r5 | r0 = r5;
0x00012fa8 sub sp, fp, 0x20 |
0x00012fac pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| }
0x00012fb0 add r3, r4, 8 | r3 = r4 + 8;
0x00012fb4 mov r2, r6 | r2 = r6;
0x00012fb8 mov r1, r5 | r1 = r5;
0x00012fbc add r0, r7, 8 | r0 = r7 + 8;
0x00012fc0 bl 0x127c8 | r0 = fcn_000127c8 (r0, r1);
0x00012fc4 subs sl, r0, 0 | sl = r0 - 0;
0x00012fc8 bne 0x12f80 |
| } while (sl != r0);
0x00012fcc ldr r8, [r7, 0xc] | r8 = *((r7 + 0xc));
0x00012fd0 mov sb, sp | sb = sp;
0x00012fd4 mov r0, r8 | r0 = r8;
0x00012fd8 bl 0x10b80 | strlen (r0);
0x00012fdc mov r2, r5 | r2 = r5;
0x00012fe0 mov r1, r8 | r1 = r8;
0x00012fe4 add r6, r4, 0x51 | r6 = r4 + 0x51;
0x00012fe8 add r0, r0, 0x6b | r0 += 0x6b;
0x00012fec bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x00012ff0 sub sp, sp, r0 |
0x00012ff4 add r3, sp, 0x10 | r3 += s;
0x00012ff8 mov r0, r3 | r0 = r3;
0x00012ffc str r3, [fp, -0x68] | var_68h = r3;
0x00013000 bl 0x10b44 | sprintf (r0, r1, r2);
0x00013004 ldr r3, [fp, -0x68] | r3 = var_68h;
0x00013008 mov r2, 0x80 | r2 = 0x80;
0x0001300c mov r1, r6 | r1 = r6;
0x00013010 mov r0, r3 | r0 = r3;
0x00013014 bl 0x11ff0 | fcn_00011ff0 (r0, r1);
0x00013018 mov sp, sb |
0x0001301c cmp r0, 0 |
| if (r0 < 0) {
0x00013020 blt 0x12f80 | goto label_0;
| }
0x00013024 add r6, r6, r0 | r6 += r0;
0x00013028 strb sl, [r6, -1] | *((r6 - 1)) = sl;
0x0001302c ldr r6, [r7, 0x10] | r6 = *((r7 + 0x10));
0x00013030 add r8, r4, 0x10 | r8 = r4 + 0x10;
0x00013034 mov r0, r6 | r0 = r6;
0x00013038 bl 0x10b80 | strlen (r0);
0x0001303c mov r2, r5 | r2 = r5;
0x00013040 mov r1, r6 | r1 = r6;
0x00013044 add r0, r0, 0x6b | r0 += 0x6b;
0x00013048 bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x0001304c sub sp, sp, r0 |
0x00013050 add r3, sp, 0x10 | r3 += s;
0x00013054 mov r0, r3 | r0 = r3;
0x00013058 str r3, [fp, -0x68] | var_68h = r3;
0x0001305c bl 0x10b44 | sprintf (r0, r1, r2);
0x00013060 ldr r3, [fp, -0x68] | r3 = var_68h;
0x00013064 mov r2, 0x41 | r2 = 0x41;
0x00013068 mov r1, r8 | r1 = r8;
0x0001306c mov r0, r3 | r0 = r3;
0x00013070 bl 0x11ff0 | fcn_00011ff0 (r0, r1);
0x00013074 mov sp, sb |
0x00013078 cmp r0, 0 |
| if (r0 < 0) {
0x0001307c blt 0x12f80 | goto label_0;
| }
0x00013080 add r0, r8, r0 | r0 = r8 + r0;
0x00013084 strb sl, [r0, -1] | *((r0 - 1)) = sl;
0x00013088 add r2, r4, 0xe4 | r2 = r4 + 0xe4;
0x0001308c mov r1, r5 | r1 = r5;
0x00013090 ldr r0, [r7, 0x14] | r0 = *((r7 + 0x14));
0x00013094 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x00013098 cmp r0, 0 |
| if (r0 != 0) {
0x0001309c bne 0x12f80 | goto label_0;
| }
0x000130a0 ldr sl, [r7, 0x18] | sl = *((r7 + 0x18));
0x000130a4 mov r0, sl | r0 = sl;
0x000130a8 bl 0x10b80 | strlen (r0);
0x000130ac mov r2, r5 | r2 = r5;
0x000130b0 mov r1, sl | r1 = sl;
0x000130b4 add r0, r0, 0x39 | r0 += 0x39;
0x000130b8 bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x000130bc sub sp, sp, r0 |
0x000130c0 add r6, sp, 0x10 | r6 += s;
0x000130c4 mov r0, r6 | r0 = r6;
0x000130c8 bl 0x10b44 | sprintf (r0, r1, r2);
0x000130cc add r1, r4, 0xd8 | r1 = r4 + 0xd8;
0x000130d0 mov r0, r6 | r0 = r6;
0x000130d4 bl 0x12184 | fcn_00012184 (r0, r1);
0x000130d8 mov sp, sb |
0x000130dc cmp r0, 0 |
| if (r0 != 0) {
0x000130e0 bne 0x12f80 | goto label_0;
| }
0x000130e4 add r2, r4, 0xe8 | r2 = r4 + 0xe8;
0x000130e8 mov r1, r5 | r1 = r5;
0x000130ec ldr r0, [r7, 0x1c] | r0 = *((r7 + 0x1c));
0x000130f0 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x000130f4 cmp r0, 0 |
| if (r0 != 0) {
0x000130f8 bne 0x12f80 | goto label_0;
| }
0x000130fc add r2, r4, 0xec | r2 = r4 + 0xec;
0x00013100 mov r1, r5 | r1 = r5;
0x00013104 ldr r0, [r7, 0x20] | r0 = *((r7 + 0x20));
0x00013108 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x0001310c cmp r0, 0 |
| if (r0 != 0) {
0x00013110 bne 0x12f80 | goto label_0;
| }
0x00013114 add r2, r4, 0xf0 | r2 = r4 + 0xf0;
0x00013118 mov r1, r5 | r1 = r5;
0x0001311c ldr r0, [r7, 0x24] | r0 = *((r7 + 0x24));
0x00013120 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x00013124 cmp r0, 0 |
| if (r0 != 0) {
0x00013128 bne 0x12f80 | goto label_0;
| }
0x0001312c add r2, r4, 0xf4 | r2 = r4 + 0xf4;
0x00013130 mov r1, r5 | r1 = r5;
0x00013134 ldr r0, [r7, 0x28] | r0 = *((r7 + 0x28));
0x00013138 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x0001313c cmp r0, 0 |
| if (r0 != 0) {
0x00013140 beq 0x1315c |
0x00013144 mov r0, r5 | r0 = r5;
0x00013148 bl 0x149a0 | r0 = fcn_000149a0 (r0);
0x0001314c cmp r0, 0 |
| if (r0 >= 0) {
0x00013150 movlt r3, 0 | r3 = 0;
| }
| if (r0 < 0) {
0x00013154 strge r0, [r4, 0xf4] | *((r4 + 0xf4)) = r0;
| }
| if (r0 < 0) {
0x00013158 strlt r3, [r4, 0xf4] | *((r4 + 0xf4)) = r3;
| goto label_5;
| }
| }
| label_5:
0x0001315c add r2, r4, 0xf8 | r2 = r4 + 0xf8;
0x00013160 mov r1, r5 | r1 = r5;
0x00013164 ldr r0, [r7, 0x2c] | r0 = *((r7 + 0x2c));
0x00013168 bl 0x12338 | r0 = fcn_00012338 (r0, r1);
0x0001316c subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 != r0) {
0x00013170 bne 0x12f80 | goto label_0;
| }
0x00013174 ldr r7, [r7, 0x30] | r7 = *((r7 + 0x30));
0x00013178 mov sl, sp | sl = sp;
0x0001317c mov r0, r7 | r0 = r7;
0x00013180 bl 0x10b80 | strlen (r0);
0x00013184 mov r2, r5 | r2 = r5;
0x00013188 mov r1, r7 | r1 = r7;
0x0001318c add r0, r0, 0x39 | r0 += 0x39;
0x00013190 bic r0, r0, 7 | r0 = BIT_MASK (r0, 7);
0x00013194 sub sp, sp, r0 |
0x00013198 add sb, sp, 0x10 | sb += s;
0x0001319c mov r0, sb | r0 = sb;
0x000131a0 bl 0x10b44 | sprintf (r0, r1, r2);
0x000131a4 mov r1, 0x80000 | r1 = 0x80000;
0x000131a8 mov r0, sb | r0 = sb;
0x000131ac bl 0x10b20 | r0 = open64 ();
0x000131b0 cmn r0, 1 |
0x000131b4 mov r5, r0 | r5 = r0;
| if (r0 == 1) {
0x000131b8 bne 0x131c4 |
0x000131bc mov sp, sl |
0x000131c0 b 0x12fa4 | goto label_1;
| }
0x000131c4 mov r2, 0x32 | r2 = 0x32;
0x000131c8 sub r1, fp, 0x58 | r1 -= buf;
0x000131cc bl 0x10ad8 | r0 = read (r0, r1, r2);
0x000131d0 cmn r0, 1 |
| if (r0 != 1) {
0x000131d4 bne 0x1322c | goto label_6;
| }
0x000131d8 bl 0x10b5c | errno_location ();
0x000131dc ldr r6, [pc, 0x294] |
0x000131e0 mov r3, sb | r3 = sb;
0x000131e4 ldr r2, [pc, 0x290] | r2 = stderr;
0x000131e8 ldr r1, [pc, 0x290] | r1 = "libmtd";
0x000131ec ldr r4, [r0] | r4 = *(r0);
0x000131f0 ldr r0, [r6] | r0 = *(0x13474);
0x000131f4 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x000131f8 mov r0, r4 | r0 = r4;
0x000131fc ldr r6, [r6] | r6 = *(0x13474);
0x00013200 bl 0x10a18 | strerror (r0);
0x00013204 str r4, [sp] | *(sp) = r4;
0x00013208 ldr r3, [pc, 0x274] | r3 = "_s:_error_:_cannot_read___s_";
0x0001320c mov r2, 8 | r2 = 8;
0x00013210 ldr r1, [pc, 0x270] | r1 = *(0x13484);
0x00013214 str r0, [sp, 4] | var_4h = r0;
0x00013218 mov r0, r6 | r0 = r6;
0x0001321c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4)
| do {
0x00013220 mov r0, r5 | r0 = r5;
0x00013224 bl 0x10bbc | close (r0);
0x00013228 b 0x13314 | goto label_7;
| label_6:
0x0001322c cmp r0, 0x32 |
| if (r0 != 0x32) {
0x00013230 bne 0x1325c | goto label_8;
| }
0x00013234 ldr r2, [pc, 0x240] | r2 = stderr;
0x00013238 ldr r1, [pc, 0x24c] | r1 = "_serror__d___s_";
0x0001323c mov r3, sb | r3 = sb;
| label_2:
0x00013240 ldr r0, [pc, 0x230] |
0x00013244 ldr r0, [r0] | r0 = *(0x13474);
0x00013248 bl 0x10ab4 | r0 = fprintf (r0, "_serror__d___s_", r2, r3)
| label_3:
0x0001324c bl 0x10b5c | errno_location ();
0x00013250 mov r3, 0x16 | r3 = 0x16;
0x00013254 str r3, [r0] | *(r0) = r3;
0x00013258 b 0x13220 |
| } while (1);
| label_8:
0x0001325c sub r3, fp, 0x24 | r3 -= var_24h;
0x00013260 add r0, r3, r0 | r0 = r3 + r0;
0x00013264 strb r6, [r0, -0x34] | *((r0 - 0x34)) = r6;
0x00013268 sub r2, fp, 0x64 | r2 -= var_64h;
0x0001326c ldr r1, [pc, 0x21c] | r1 = "_s:_error_:_contents_of___s__is_too_long";
0x00013270 sub r0, fp, 0x58 | r0 -= buf;
0x00013274 bl 0x10afc | r0 = sscanf (r0, "_s:_error_:_contents_of___s__is_too_long", r2);
0x00013278 cmp r0, 1 |
| if (r0 == 1) {
0x0001327c movne r3, sb | r3 = sb;
| }
| if (r0 == 1) {
0x00013280 ldrne r2, [pc, 0x1f4] | r2 = "libmtd";
| }
| if (r0 != 1) {
0x00013284 ldrne r1, [pc, 0x208] | r1 = "%s: error!: cannot read integer from \"%s\"\n\n";
| goto label_9;
| }
| if (r0 != 1) {
| label_9:
0x00013288 bne 0x13240 | goto label_2;
| }
0x0001328c ldrd r2, r3, [fp, -0x64] | __asm ("ldrd r2, r3, [var_64h]");
0x00013290 cmp r2, 0 |
0x00013294 sbcs r1, r3, 0 | __asm ("sbcs r1, r3, 0");
| if (r2 < 0) {
0x00013298 bge 0x132bc |
0x0001329c strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x000132a0 ldr r3, [pc, 0x1d0] | r3 = *(0x13474);
0x000132a4 str sb, [sp, 8] | var_8h = sb;
0x000132a8 ldr r2, [pc, 0x1cc] | r2 = stderr;
0x000132ac ldr r1, [pc, 0x1e4] | r1 = "%s: error!: cannot read integer from \"%s\"\n\n";
0x000132b0 ldr r0, [r3] | r0 = *(0x13474);
0x000132b4 bl 0x10ab4 | fprintf (r0, "%s: error!: cannot read integer from \"%s\"\n\n", r2, r3)
0x000132b8 b 0x1324c | goto label_3;
| }
0x000132bc mov r0, r5 | r0 = r5;
0x000132c0 bl 0x10bbc | r0 = close (r0);
0x000132c4 subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 == r0) {
0x000132c8 beq 0x1331c | goto label_10;
| }
0x000132cc bl 0x10b5c | errno_location ();
0x000132d0 ldr r5, [pc, 0x1a0] |
0x000132d4 mov r3, sb | r3 = sb;
0x000132d8 ldr r2, [pc, 0x19c] | r2 = stderr;
0x000132dc ldr r1, [pc, 0x1b8] | r1 = "%s: error!: negative value %lld in \"%s\"\n";
0x000132e0 ldr r4, [r0] | r4 = *(r0);
0x000132e4 ldr r0, [r5] | r0 = *(0x13474);
0x000132e8 bl 0x10ab4 | fprintf (r0, "%s: error!: negative value %lld in \"%s\"\n", r2, r3, r4, r5)
0x000132ec mov r0, r4 | r0 = r4;
0x000132f0 ldr r5, [r5] | r5 = *(0x13474);
0x000132f4 bl 0x10a18 | strerror (r0);
0x000132f8 str r4, [sp] | *(sp) = r4;
0x000132fc ldr r3, [pc, 0x180] | r3 = "_s:_error_:_cannot_read___s_";
0x00013300 mov r2, 8 | r2 = 8;
0x00013304 ldr r1, [pc, 0x17c] | r1 = *(0x13484);
0x00013308 str r0, [sp, 4] | var_4h = r0;
0x0001330c mov r0, r5 | r0 = r5;
0x00013310 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4)
| do {
| label_7:
0x00013314 mov sp, sl |
0x00013318 b 0x12f80 | goto label_0;
| label_10:
0x0001331c ldrd r2, r3, [fp, -0x64] | __asm ("ldrd r2, r3, [var_64h]");
0x00013320 mov r1, 0 | r1 = 0;
0x00013324 adds r6, r2, 0x80000000 | r6 = r2 + 0x80000000;
0x00013328 adc r7, r3, 0 | __asm ("adc r7, r3, 0");
0x0001332c mvn r0, 0 | r0 = ~0;
0x00013330 cmp r7, r1 |
0x00013334 cmpeq r6, r0 | __asm ("cmpeq r6, r0");
| if (r7 < r1) {
0x00013338 bls 0x13368 | goto label_11;
| }
0x0001333c strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00013340 ldr r3, [pc, 0x130] | r3 = *(0x13474);
0x00013344 str sb, [sp, 8] | var_8h = sb;
0x00013348 ldr r2, [pc, 0x12c] | r2 = stderr;
0x0001334c ldr r0, [r3] | r0 = *(0x13474);
0x00013350 ldr r1, [pc, 0x148] | r1 = "_s:_error_:_close_failed_on___s_";
0x00013354 bl 0x10ab4 | r0 = fprintf (r0, "_s:_error_:_close_failed_on___s_", r2, r3)
0x00013358 bl 0x10b5c | errno_location ();
0x0001335c mov r3, 0x16 | r3 = 0x16;
0x00013360 str r3, [r0] | *(r0) = r3;
0x00013364 b 0x13314 |
| } while (1);
| label_11:
0x00013368 lsl r3, r2, 0x15 | r3 = r2 << 0x15;
0x0001336c ldrb r2, [r4, 0xfc] | r2 = *((r4 + 0xfc));
0x00013370 mov sp, sl |
0x00013374 bic r2, r2, 1 | r2 = BIT_MASK (r2, 1);
0x00013378 orr r2, r2, r3, lsr 31 | r2 |= (r3 >> 31);
0x0001337c strb r2, [r4, 0xfc] | *((r4 + 0xfc)) = r2;
0x00013380 ldr r2, [r4, 0xe4] | r2 = *((r4 + 0xe4));
0x00013384 ldrd r0, r1, [r4, 0xd8] | __asm ("ldrd r0, r1, [r4, 0xd8]");
0x00013388 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x0001338c bl 0x150b0 | fcn_000150b0 (r0);
0x00013390 ldr r1, [pc, 0x10c] | r1 = "_s:_error_:_value__lld_read_from_file___s__is_out_of_range";
0x00013394 str r0, [r4, 0xe0] | *((r4 + 0xe0)) = r0;
0x00013398 mov r0, r8 | r0 = r8;
0x0001339c bl 0x10b38 | r0 = strcmp (r0, r1);
0x000133a0 cmp r0, 0 |
| if (r0 != 0) {
0x000133a4 moveq r0, 4 | r0 = 4;
| }
| if (r0 != 0) {
0x000133a8 beq 0x13450 |
0x000133ac ldr r1, [pc, 0xf4] | r1 = *(0x134a4);
0x000133b0 mov r0, r8 | r0 = r8;
0x000133b4 bl 0x10b38 | r0 = strcmp (r0, r1);
0x000133b8 cmp r0, 0 |
| if (r0 != 0) {
0x000133bc moveq r0, 8 | r0 = 8;
| }
| if (r0 == 0) {
0x000133c0 beq 0x13450 | goto label_12;
| }
0x000133c4 ldr r1, [pc, 0xe0] | r1 = "mlc-nand";
0x000133c8 mov r0, r8 | r0 = r8;
0x000133cc bl 0x10b38 | r0 = strcmp (r0, "mlc-nand");
0x000133d0 cmp r0, 0 |
| if (r0 != 0) {
0x000133d4 moveq r0, 3 | r0 = 3;
| }
| if (r0 == 0) {
0x000133d8 beq 0x13450 | goto label_12;
| }
0x000133dc ldr r1, [pc, 0xcc] | r1 = "nor";
0x000133e0 mov r0, r8 | r0 = r8;
0x000133e4 bl 0x10b38 | r0 = strcmp (r0, "nor");
0x000133e8 cmp r0, 0 |
| if (r0 != 0) {
0x000133ec moveq r0, 2 | r0 = 2;
| }
| if (r0 == 0) {
0x000133f0 beq 0x13450 | goto label_12;
| }
0x000133f4 ldr r1, [pc, 0xb8] | r1 = "rom";
0x000133f8 mov r0, r8 | r0 = r8;
0x000133fc bl 0x10b38 | r0 = strcmp (r0, "rom");
0x00013400 cmp r0, 0 |
| if (r0 == 0) {
0x00013404 beq 0x13450 | goto label_12;
| }
0x00013408 ldr r1, [pc, 0xa8] | r1 = "absent";
0x0001340c mov r0, r8 | r0 = r8;
0x00013410 bl 0x10b38 | r0 = strcmp (r0, "absent");
0x00013414 cmp r0, 0 |
| if (r0 != 0) {
0x00013418 moveq r0, 6 | r0 = 6;
| }
| if (r0 == 0) {
0x0001341c beq 0x13450 | goto label_12;
| }
0x00013420 ldr r1, [pc, 0x94] | r1 = "dataflash";
0x00013424 mov r0, r8 | r0 = r8;
0x00013428 bl 0x10b38 | r0 = strcmp (r0, "dataflash");
0x0001342c cmp r0, 0 |
| if (r0 != 0) {
0x00013430 moveq r0, 1 | r0 = 1;
| }
| if (r0 == 0) {
0x00013434 beq 0x13450 | goto label_12;
| }
0x00013438 ldr r1, [pc, 0x80] | r1 = *(0x134bc);
0x0001343c mov r0, r8 | r0 = r8;
0x00013440 bl 0x10b38 | r0 = strcmp (r0, r1);
0x00013444 cmp r0, 0 |
| if (r0 != 0) {
0x00013448 moveq r0, 7 | r0 = 7;
| }
| if (r0 != 0) {
0x0001344c mvnne r0, 0 | r0 = ~0;
| goto label_12;
| }
| }
| label_12:
0x00013450 str r0, [r4, 0xc] | *((r4 + 0xc)) = r0;
0x00013454 sub r0, r0, 4 | r0 -= 4;
0x00013458 bics r3, r0, 4 | __asm ("bics r3, r0, 4");
0x0001345c ldrb r3, [r4, 0xfc] | r3 = *((r4 + 0xfc));
0x00013460 bic r2, r3, 2 | r2 = BIT_MASK (r3, 2);
| if (r0 != 0) {
0x00013464 moveq r3, 2 | r3 = 2;
| }
| if (r0 == 0) {
0x00013468 movne r3, 0 | r3 = 0;
| }
0x0001346c orr r3, r3, r2 | r3 |= r2;
0x00013470 strb r3, [r4, 0xfc] | *((r4 + 0xfc)) = r3;
0x00013474 b 0x12fa4 | goto label_1;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x134c4 */
| #include <stdint.h>
|
; (fcn) fcn.000134c4 () | void fcn_000134c4 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_14h;
| int32_t var_18h;
| int32_t var_20h;
| int32_t var_30h;
| int32_t var_40h;
| int32_t var_40h_2;
| int32_t var_88h;
| r0 = arg1;
| r1 = arg2;
0x000134c4 ldrb r3, [r0, 0x34] | r3 = *((r0 + 0x34));
0x000134c8 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x000134cc tst r3, 1 |
0x000134d0 sub sp, sp, 0x88 |
0x000134d4 mov r4, r1 | r4 = r1;
0x000134d8 mov r7, r2 | r7 = r2;
| if ((r3 & 1) != 0) {
0x000134dc bne 0x134f4 | goto label_3;
| }
0x000134e0 mov r1, r2 | r1 = r2;
0x000134e4 mov r0, r4 | r0 = r4;
0x000134e8 bl 0x149cc | fcn_000149cc (r0, r1);
| do {
| label_2:
0x000134ec add sp, sp, 0x88 |
0x000134f0 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_3:
0x000134f4 mov r5, r0 | r5 = r0;
0x000134f8 add r1, sp, 0x20 | r1 += var_20h;
0x000134fc mov r0, r4 | r0 = r4;
0x00013500 bl 0x10a24 | r0 = stat64 ();
0x00013504 cmp r0, 0 |
| if (r0 == 0) {
0x00013508 beq 0x1355c | goto label_4;
| }
0x0001350c bl 0x10b5c | errno_location ();
0x00013510 ldr r6, [pc, 0x144] | r6 = *(0x13658);
0x00013514 mov r3, r4 | r3 = r4;
0x00013518 ldr r2, [pc, 0x140] | r2 = stderr;
0x0001351c ldr r1, [pc, 0x140] | r1 = "libmtd";
0x00013520 ldr r5, [r0] | r5 = *(r0);
0x00013524 ldr r0, [r6] | r0 = *(0x13658);
0x00013528 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x0001352c mov r0, r5 | r0 = r5;
0x00013530 ldr r4, [r6] | r4 = *(0x13658);
0x00013534 bl 0x10a18 | strerror (r0);
0x00013538 str r5, [sp] | *(sp) = r5;
0x0001353c ldr r3, [pc, 0x124] | r3 = "%s: error!: cannot get information about \"%s\"\n";
0x00013540 mov r2, 8 | r2 = 8;
0x00013544 ldr r1, [pc, 0x120] | r1 = *(0x13668);
0x00013548 str r0, [sp, 4] | var_4h = r0;
0x0001354c mov r0, r4 | r0 = r4;
0x00013550 bl 0x10ab4 | fprintf (r0, r1, r2, "%s: error!: cannot get information about \"%s\"\n", r4, r5)
| label_0:
0x00013554 mvn r0, 0 | r0 = ~0;
0x00013558 b 0x134ec |
| } while (1);
| label_4:
0x0001355c ldr r3, [sp, 0x30] | r3 = var_30h;
0x00013560 and r3, r3, 0xf000 | r3 &= 0xf000;
0x00013564 cmp r3, 0x2000 |
| if (r3 != 0x2000) {
0x00013568 beq 0x13594 |
0x0001356c ldr r0, [pc, 0xe8] |
0x00013570 mov r3, r4 | r3 = r4;
0x00013574 ldr r2, [pc, 0xe4] | r2 = stderr;
0x00013578 ldr r1, [pc, 0xf0] | r1 = "_serror__d___s_";
0x0001357c ldr r0, [r0] | r0 = *(0x13658);
0x00013580 bl 0x10ab4 | r0 = fprintf (r0, "_serror__d___s_", r2, r3)
0x00013584 bl 0x10b5c | errno_location ();
0x00013588 mov r3, 0x16 | r3 = 0x16;
0x0001358c str r3, [r0] | *(r0) = r3;
0x00013590 b 0x13554 | goto label_0;
| }
0x00013594 ldrd r8, sb, [sp, 0x40] | __asm ("ldrd r8, sb, [var_40h]");
0x00013598 mov r0, r8 | r0 = r8;
0x0001359c mov r1, sb | r1 = sb;
0x000135a0 bl 0x10a3c | gnu_dev_major ();
0x000135a4 mov r1, sb | r1 = sb;
0x000135a8 mov sl, r0 | sl = r0;
0x000135ac mov r0, r8 | r0 = r8;
0x000135b0 bl 0x10a78 | gnu_dev_minor ();
0x000135b4 add r1, sp, 0x10 | r1 += var_10h;
0x000135b8 mov r8, r0 | r8 = r0;
0x000135bc mov r0, r5 | r0 = r5;
0x000135c0 bl 0x12ef0 | r0 = fcn_00012ef0 (r0, r1);
0x000135c4 cmp r0, 0 |
| if (r0 != 0) {
0x000135c8 bne 0x13554 | goto label_0;
| }
0x000135cc bl 0x10b5c | errno_location ();
0x000135d0 ldr r4, [sp, 0x14] | r4 = var_14h;
0x000135d4 add sb, r5, 8 | sb = r5 + 8;
0x000135d8 mov r6, r0 | r6 = r0;
| do {
0x000135dc ldr r3, [sp, 0x18] | r3 = var_18h;
0x000135e0 cmp r4, r3 |
| if (r4 > r3) {
0x000135e4 bgt 0x13620 | goto label_5;
| }
0x000135e8 add r3, sp, 0xc | r3 += var_ch;
0x000135ec add r2, sp, 8 | r2 += var_8h;
0x000135f0 mov r1, r4 | r1 = r4;
0x000135f4 mov r0, sb | r0 = sb;
0x000135f8 bl 0x127c8 | r0 = fcn_000127c8 (r0, r1);
0x000135fc cmp r0, 0 |
| if (r0 == 0) {
0x00013600 beq 0x1362c | goto label_6;
| }
0x00013604 ldr r3, [r6] | r3 = *(r6);
0x00013608 cmp r3, 2 |
| if (r3 != 2) {
0x0001360c bne 0x13618 | goto label_7;
| }
| label_1:
0x00013610 add r4, r4, 1 | r4++;
0x00013614 b 0x135dc |
| } while (1);
| label_7:
0x00013618 cmp r3, 0 |
| if (r3 != 0) {
0x0001361c bne 0x13554 | goto label_0;
| }
| label_5:
0x00013620 mov r3, 0x13 | r3 = 0x13;
0x00013624 str r3, [r6] | *(r6) = r3;
0x00013628 b 0x13554 | goto label_0;
| label_6:
0x0001362c ldr r3, [sp, 8] | r3 = var_8h;
0x00013630 cmp sl, r3 |
| if (sl != r3) {
0x00013634 bne 0x13610 | goto label_1;
| }
0x00013638 ldr r3, [sp, 0xc] | r3 = var_ch;
0x0001363c cmp r8, r3 |
| if (r8 != r3) {
0x00013640 bne 0x13610 | goto label_1;
| }
0x00013644 str r0, [r6] | *(r6) = r0;
0x00013648 mov r2, r7 | r2 = r7;
0x0001364c mov r1, r4 | r1 = r4;
0x00013650 mov r0, r5 | r0 = r5;
0x00013654 bl 0x12f30 | fcn_00012f30 (r0, r1);
0x00013658 b 0x134ec | goto label_2;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x136bc */
| #include <stdint.h>
|
; (fcn) fcn.000136bc () | void fcn_000136bc (int32_t arg_40h, int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| int32_t var_10h_2;
| int32_t var_1ch;
| r0 = arg1;
| r1 = arg2;
0x000136bc push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000136c0 mov r4, r1 | r4 = r1;
0x000136c4 sub sp, sp, 0x1c |
0x000136c8 mov r6, r0 | r6 = r0;
0x000136cc mov r1, r3 | r1 = r3;
0x000136d0 mov r0, r4 | r0 = r4;
0x000136d4 mov fp, r2 |
0x000136d8 mov sl, r3 | sl = r3;
0x000136dc ldr r7, [sp, 0x40] | r7 = *(arg_40h);
0x000136e0 bl 0x126ec | r0 = fcn_000126ec (r0, r1);
0x000136e4 subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 != r0) {
0x000136e8 bne 0x137d4 | goto label_1;
| }
0x000136ec add r1, sl, r7 | r1 = sl + r7;
0x000136f0 sub r1, r1, 1 | r1--;
0x000136f4 mov r0, r4 | r0 = r4;
0x000136f8 bl 0x126ec | r0 = fcn_000126ec (r0, r1);
0x000136fc subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 != r0) {
0x00013700 bne 0x137d4 | goto label_1;
| }
0x00013704 ldr r3, [r4, 0xe4] | r3 = *((r4 + 0xe4));
0x00013708 smull r0, r1, sl, r3 | r0:r1 = sl * r3;
0x0001370c strd r0, r1, [sp, 8] | __asm ("strd r0, r1, [var_8h]");
0x00013710 smull r0, r1, r3, r7 | r0:r1 = r3 * r7;
0x00013714 ldrb r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x00013718 strd r0, r1, [sp, 0x10] | __asm ("strd r0, r1, [var_10h]");
0x0001371c tst r3, 2 |
| if ((r3 & 2) == 0) {
0x00013720 bne 0x1377c |
0x00013724 add r2, sp, 8 | r2 += var_8h;
0x00013728 ldr r1, [pc, 0xd4] | r1 = *(0x13800);
0x0001372c mov r0, fp | r0 = fp;
0x00013730 bl 0x10a00 | r0 = ioctl (r0, r1);
0x00013734 cmp r0, 0 |
| if (r0 == 0) {
0x00013738 beq 0x137d4 | goto label_1;
| }
0x0001373c bl 0x10b5c | r0 = errno_location ();
0x00013740 ldr r3, [r0] | r3 = *(r0);
0x00013744 cmp r3, 0x19 |
| if (r3 == 0x19) {
0x00013748 bne 0x13764 |
0x0001374c ldrb r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x00013750 tst r3, 6 |
0x00013754 biceq r3, r3, 4 | __asm ("biceq r3, r3, 4");
| if ((r3 & 6) != 0) {
0x00013758 orreq r3, r3, 2 | r3 |= 2;
| }
| if ((r3 & 6) != 0) {
0x0001375c strbeq r3, [r6, 0x34] | *((r6 + 0x34)) = r3;
| }
| if ((r3 & 6) == 0) {
0x00013760 beq 0x1377c | goto label_2;
| }
| }
0x00013764 ldr r2, [pc, 0x9c] | r2 = *(0x13804);
| label_0:
0x00013768 mov r1, sl | r1 = sl;
0x0001376c ldr r0, [r4] | r0 = *(r4);
0x00013770 bl 0x1274c | r0 = fcn_0001274c (r0, r1);
0x00013774 mov r5, r0 | r5 = r0;
0x00013778 b 0x137d4 |
| } else {
| label_2:
0x0001377c ldrd r0, r1, [sp, 8] | __asm ("ldrd r0, r1, [var_8h]");
0x00013780 ldrd r2, r3, [sp, 0x10] | __asm ("ldrd r2, r3, [var_10h]");
0x00013784 mov r7, 0 | r7 = 0;
0x00013788 adds r8, r0, r2 | r8 = r0 + r2;
0x0001378c adc sb, r1, r3 | __asm ("adc sb, r1, r3");
0x00013790 mvn r6, 0 | r6 = ~0;
0x00013794 cmp sb, r7 |
0x00013798 cmpeq r8, r6 | __asm ("cmpeq r8, r6");
| if (sb < r7) {
0x0001379c bls 0x137e0 | goto label_3;
| }
0x000137a0 ldr r1, [r4, 0xe4] | r1 = *((r4 + 0xe4));
0x000137a4 mvn r0, 0 | r0 = ~0;
0x000137a8 bl 0x14eec | fcn_00014eec (r0, r1);
0x000137ac ldr r2, [pc, 0x58] | r2 = "MEMERASE64";
0x000137b0 ldr r1, [pc, 0x58] | r1 = "libmtd";
0x000137b4 mvn r5, 0 | r5 = ~0;
0x000137b8 mov r3, r0 | r3 = r0;
0x000137bc ldr r0, [pc, 0x50] |
0x000137c0 ldr r0, [r0] | r0 = "%s: error!: this system can address only %u eraseblocks\n";
0x000137c4 bl 0x10ab4 | r0 = fprintf ("%s: error!: this system can address only %u eraseblocks\n", "libmtd", "MEMERASE64", r3, r4, r5)
0x000137c8 bl 0x10b5c | errno_location ();
0x000137cc mov r3, 0x16 | r3 = 0x16;
0x000137d0 str r3, [r0] | *(r0) = r3;
| }
| do {
| label_1:
0x000137d4 mov r0, r5 | r0 = r5;
0x000137d8 add sp, sp, 0x1c |
0x000137dc pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_3:
0x000137e0 stm sp, {r0, r2} | *(sp) = r0;
| *((sp + 4)) = r2;
0x000137e4 ldr r1, [pc, 0x2c] | r1 = stderr;
0x000137e8 mov r2, sp | r2 = sp;
0x000137ec mov r0, fp | r0 = fp;
0x000137f0 bl 0x10a00 | r0 = ioctl (r0, r1);
0x000137f4 cmp r0, 0 |
0x000137f8 bge 0x137d4 |
| } while (r0 >= 0);
0x000137fc ldr r2, [pc, 0x18] | r2 = *(0x13818);
0x00013800 b 0x13768 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x13a50 */
| #include <stdint.h>
|
; (fcn) fcn.00013a50 () | void fcn_00013a50 (int32_t arg_38h, int32_t arg_3ch, int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_14h;
| r0 = arg1;
| r1 = arg2;
0x00013a50 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00013a54 mov fp, r1 |
0x00013a58 sub sp, sp, 0x14 |
0x00013a5c mov r1, r2 | r1 = r2;
0x00013a60 mov sb, r0 | sb = r0;
0x00013a64 mov sl, r2 | sl = r2;
0x00013a68 mov r5, r3 | r5 = r3;
0x00013a6c ldr r8, [sp, 0x3c] | r8 = *(arg_3ch);
0x00013a70 bl 0x126ec | r0 = fcn_000126ec (r0, r1);
0x00013a74 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x00013a78 bne 0x13acc | goto label_0;
| }
0x00013a7c cmp r5, 0 |
0x00013a80 ldr r3, [sb, 0xe4] | r3 = *((sb + 0xe4));
| if (r5 >= 0) {
0x00013a84 blt 0x13a94 |
0x00013a88 add r2, r5, r8 | r2 = r5 + r8;
0x00013a8c cmp r2, r3 |
| if (r2 <= r3) {
0x00013a90 ble 0x13ad8 | goto label_3;
| }
| }
0x00013a94 str r3, [sp, 8] | var_8h = r3;
0x00013a98 ldr r0, [pc, 0x128] |
0x00013a9c ldr r3, [sb] | r3 = *(sb);
0x00013aa0 str r8, [sp] | *(sp) = r8;
0x00013aa4 str r3, [sp, 4] | var_4h = r3;
0x00013aa8 ldr r2, [pc, 0x11c] | r2 = stderr;
0x00013aac mov r3, r5 | r3 = r5;
0x00013ab0 ldr r1, [pc, 0x118] | r1 = "libmtd";
0x00013ab4 ldr r0, [r0] | r0 = *(0x13bc4);
0x00013ab8 bl 0x10ab4 | r0 = fprintf (r0, "libmtd", r2, r3)
0x00013abc bl 0x10b5c | errno_location ();
0x00013ac0 mov r3, 0x16 | r3 = 0x16;
0x00013ac4 str r3, [r0] | *(r0) = r3;
| do {
0x00013ac8 mvn r4, 0 | r4 = ~0;
| label_0:
0x00013acc mov r0, r4 | r0 = r4;
0x00013ad0 add sp, sp, 0x14 |
0x00013ad4 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_3:
0x00013ad8 mov r6, r5 | r6 = r5;
0x00013adc asr r7, r5, 0x1f | r7 = r5 >> 0x1f;
0x00013ae0 smlal r6, r7, r3, sl | __asm ("smlal r6, r7, r3, sl");
0x00013ae4 str r4, [sp] | *(sp) = r4;
0x00013ae8 mov r3, r7 | r3 = r7;
0x00013aec mov r2, r6 | r2 = r6;
0x00013af0 mov r0, fp | r0 = fp;
0x00013af4 bl 0x10b8c | lseek64 ();
0x00013af8 cmp r7, r1 |
0x00013afc cmpeq r6, r0 | __asm ("cmpeq r6, r0");
| if (r7 != r1) {
0x00013b00 moveq r7, r4 | r7 = r4;
| }
| if (r7 == r1) {
0x00013b04 beq 0x13b64 | goto label_4;
| }
0x00013b08 bl 0x10b5c | errno_location ();
0x00013b0c ldr r5, [pc, 0xb4] |
0x00013b10 mov r2, r6 | r2 = r6;
0x00013b14 mov r3, r7 | r3 = r7;
0x00013b18 ldr r1, [pc, 0xb4] | r1 = "%s: error!: bad offset %d or length %d, mtd%d eraseblock size is %d\n";
0x00013b1c ldr r4, [r0] | r4 = *(r0);
0x00013b20 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00013b24 ldr r3, [sb] | r3 = *(sb);
0x00013b28 ldr r0, [r5] | r0 = *(0x13bc4);
0x00013b2c ldr r2, [pc, 0x98] | r2 = stderr;
0x00013b30 bl 0x10ab4 | fprintf (r0, "%s: error!: bad offset %d or length %d, mtd%d eraseblock size is %d\n", r2, r3, r4, r5)
0x00013b34 ldr r5, [r5] | r5 = *(0x13bc4);
| label_2:
0x00013b38 mov r0, r4 | r0 = r4;
0x00013b3c bl 0x10a18 | strerror (r0);
0x00013b40 str r4, [sp] | *(sp) = r4;
0x00013b44 ldr r3, [pc, 0x8c] | r3 = "_s:_error_:_cannot_seek_mtd_d_to_offset__lld";
0x00013b48 mov r2, 8 | r2 = 8;
0x00013b4c ldr r1, [pc, 0x88] | r1 = *(0x13bd8);
0x00013b50 str r0, [sp, 4] | var_4h = r0;
0x00013b54 mov r0, r5 | r0 = r5;
0x00013b58 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_seek_mtd_d_to_offset__lld", r4)
0x00013b5c b 0x13ac8 |
| } while (1);
| label_1:
0x00013b60 add r7, r7, r0 | r7 += r0;
| label_4:
0x00013b64 cmp r8, r7 |
| if (r8 <= r7) {
0x00013b68 ble 0x13acc | goto label_0;
| }
0x00013b6c ldr r3, [sp, 0x38] | r3 = *(arg_38h);
0x00013b70 sub r6, r8, r7 | r6 = r8 - r7;
0x00013b74 mov r2, r6 | r2 = r6;
0x00013b78 add r1, r3, r7 | r1 = r3 + r7;
0x00013b7c mov r0, fp | r0 = fp;
0x00013b80 bl 0x10ad8 | r0 = read (r0, r1, r2);
0x00013b84 cmp r0, 0 |
| if (r0 >= 0) {
0x00013b88 bge 0x13b60 | goto label_1;
| }
0x00013b8c bl 0x10b5c | errno_location ();
0x00013b90 ldr r8, [pc, 0x30] | r8 = *(0x13bc4);
0x00013b94 ldr r3, [sb] | r3 = *(sb);
0x00013b98 add r5, r5, r7 | r5 += r7;
0x00013b9c ldr r2, [pc, 0x28] | r2 = stderr;
0x00013ba0 ldr r1, [pc, 0x38] | r1 = "_serror__d___s_";
0x00013ba4 ldr r4, [r0] | r4 = *(r0);
0x00013ba8 str r5, [sp, 8] | var_8h = r5;
0x00013bac str r3, [sp] | *(sp) = r3;
0x00013bb0 str sl, [sp, 4] | var_4h = sl;
0x00013bb4 mov r3, r6 | r3 = r6;
0x00013bb8 ldr r0, [r8] | r0 = *(0x13bc4);
0x00013bbc bl 0x10ab4 | fprintf (r0, "_serror__d___s_", r2, r3, r4, r5)
0x00013bc0 ldr r5, [r8] | r5 = *(0x13bc4);
0x00013bc4 b 0x13b38 | goto label_2;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x13c6c */
| #include <stdint.h>
|
; (fcn) fcn.00013c6c () | void fcn_00013c6c (int32_t arg_158h, char * ptr, int32_t arg_160h, void * s2, int32_t arg_168h, int32_t arg_16ch, int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| int32_t var_18h;
| int32_t var_18h_2;
| int32_t var_24h;
| int32_t var_28h;
| int32_t var_28h_2;
| int32_t var_30h;
| int32_t var_34h;
| void * s;
| int32_t var_38h_2;
| int32_t var_40h;
| int32_t var_40h_2;
| int32_t var_48h;
| int32_t var_48h_2;
| int32_t var_50h;
| int32_t var_54h;
| int32_t var_58h;
| int32_t var_5ch;
| int32_t var_60h;
| int32_t var_68h;
| void * s1;
| int32_t var_70h;
| int32_t var_134h;
| r0 = arg1;
| r1 = arg2;
0x00013c6c push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00013c70 sub sp, sp, 0x134 |
0x00013c74 str r0, [sp, 0x34] | var_34h = r0;
0x00013c78 mov r5, r1 | r5 = r1;
0x00013c7c mov r7, r2 | r7 = r2;
0x00013c80 mov r1, 0 | r1 = 0;
0x00013c84 mov r2, 0x30 | r2 = 0x30;
0x00013c88 add r0, sp, 0x38 | r0 += s;
0x00013c8c str r3, [sp, 0x24] | var_24h = r3;
0x00013c90 ldr r6, [sp, 0x160] | r6 = *(arg_160h);
0x00013c94 ldr sl, [sp, 0x168] | sl = *(arg_168h);
0x00013c98 ldrb r8, [sp, 0x16c] | r8 = *(arg_16ch);
0x00013c9c bl 0x10b14 | memset (r0, r1, r2);
0x00013ca0 ldr r1, [sp, 0x24] | r1 = var_24h;
0x00013ca4 mov r0, r5 | r0 = r5;
0x00013ca8 bl 0x126ec | r0 = fcn_000126ec (r0, r1);
0x00013cac subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x00013cb0 bne 0x13e20 | goto label_3;
| }
0x00013cb4 ldr r3, [sp, 0x158] | r3 = *(arg_158h);
0x00013cb8 ldr fp, [r5, 0xe4] | fp = *((r5 + 0xe4));
0x00013cbc cmp r3, 0 |
| if (r3 >= 0) {
0x00013cc0 blt 0x13cd0 |
0x00013cc4 add r3, r3, r6 | r3 += r6;
0x00013cc8 cmp r3, fp |
| if (r3 <= fp) {
0x00013ccc ble 0x13d0c | goto label_5;
| }
| }
0x00013cd0 str fp, [sp, 8] | var_8h = fp;
0x00013cd4 ldr r0, [pc, 0x328] |
0x00013cd8 ldr r3, [r5] | r3 = *(r5);
0x00013cdc ldr r2, [pc, 0x324] | r2 = stderr;
0x00013ce0 str r3, [sp, 4] | var_4h = r3;
0x00013ce4 str r6, [sp] | *(sp) = r6;
0x00013ce8 ldr r3, [sp, 0x158] | r3 = *(arg_158h);
0x00013cec ldr r1, [pc, 0x318] | r1 = "libmtd";
0x00013cf0 ldr r0, [r0] | r0 = *(0x14000);
0x00013cf4 bl 0x10ab4 | r0 = fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
| do {
0x00013cf8 bl 0x10b5c | errno_location ();
0x00013cfc mov r3, 0x16 | r3 = 0x16;
0x00013d00 str r3, [r0] | *(r0) = r3;
| label_1:
0x00013d04 mvn r4, 0 | r4 = ~0;
0x00013d08 b 0x13e20 | goto label_3;
| label_5:
0x00013d0c ldr sb, [r5, 0xec] | sb = *((r5 + 0xec));
0x00013d10 ldr r0, [sp, 0x158] | r0 = *(arg_158h);
0x00013d14 mov r1, sb | r1 = sb;
0x00013d18 bl 0x15090 | fcn_00015090 (r0, r1);
0x00013d1c cmp r1, 0 |
| if (r1 == 0) {
0x00013d20 beq 0x13d4c | goto label_6;
| }
0x00013d24 str sb, [sp, 4] | var_4h = sb;
0x00013d28 ldr r3, [r5] | r3 = *(r5);
0x00013d2c ldr r2, [pc, 0x2d4] | r2 = stderr;
0x00013d30 str r3, [sp] | *(sp) = r3;
0x00013d34 ldr r1, [pc, 0x2d4] | r1 = "%s: error!: bad offset %d or length %d, mtd%d eraseblock size is %d\n";
0x00013d38 ldr r3, [sp, 0x158] | r3 = *(arg_158h);
| label_0:
0x00013d3c ldr r0, [pc, 0x2c0] |
0x00013d40 ldr r0, [r0] | r0 = *(0x14000);
0x00013d44 bl 0x10ab4 | fprintf (r0, "%s: error!: bad offset %d or length %d, mtd%d eraseblock size is %d\n", r2, r3)
0x00013d48 b 0x13cf8 |
| } while (1);
| label_6:
0x00013d4c mov r1, sb | r1 = sb;
0x00013d50 mov r0, r6 | r0 = r6;
0x00013d54 bl 0x15090 | fcn_00015090 (r0, r1);
0x00013d58 subs r4, r1, 0 | r4 = r1 - 0;
| if (r4 != r1) {
0x00013d5c beq 0x13d7c |
0x00013d60 str sb, [sp, 4] | var_4h = sb;
0x00013d64 ldr r3, [r5] | r3 = *(r5);
0x00013d68 ldr r2, [pc, 0x298] | r2 = stderr;
0x00013d6c str r3, [sp] | *(sp) = r3;
0x00013d70 ldr r1, [pc, 0x29c] | r1 = "_s:_error_:_write_offset__d_is_not_aligned_to_mtd_d_min._I_O_size__d";
0x00013d74 mov r3, r6 | r3 = r6;
0x00013d78 b 0x13d3c | goto label_0;
| }
0x00013d7c ldr r2, [sp, 0x158] | r2 = *(arg_158h);
0x00013d80 ldr r1, [sp, 0x24] | r1 = var_24h;
0x00013d84 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00013d88 smlal r2, r3, fp, r1 | __asm ("smlal r2, r3, fp, r1");
0x00013d8c strd r2, r3, [sp, 0x18] | __asm ("strd r2, r3, [var_18h]");
0x00013d90 ldr r3, [sp, 0x164] | r3 = *(s2);
0x00013d94 cmp r3, 0 |
| if (r3 == 0) {
0x00013d98 beq 0x13f4c | goto label_7;
| }
0x00013d9c ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00013da0 ldr r1, [pc, 0x270] | r1 = "_s:_error_:_write_length__d_is_not_aligned_to_mtd_d_min._I_O_size__d";
0x00013da4 strd r2, r3, [sp, 0x38] | __asm ("strd r2, r3, [s]");
0x00013da8 mov r2, r6 | r2 = r6;
0x00013dac asr r3, r6, 0x1f | r3 = r6 >> 0x1f;
0x00013db0 strd r2, r3, [sp, 0x40] | __asm ("strd r2, r3, [var_40h]");
0x00013db4 mov r2, sl | r2 = sl;
0x00013db8 asr r3, sl, 0x1f | r3 = sl >> 0x1f;
0x00013dbc strd r2, r3, [sp, 0x28] | __asm ("strd r2, r3, [var_28h]");
0x00013dc0 strd r2, r3, [sp, 0x48] | __asm ("strd r2, r3, [var_48h]");
0x00013dc4 ldr r3, [sp, 0x15c] | r3 = *(ptr);
0x00013dc8 add r2, sp, 0x38 | r2 += s;
0x00013dcc str r3, [sp, 0x50] | var_50h = r3;
0x00013dd0 ldr r3, [sp, 0x164] | r3 = *(s2);
0x00013dd4 mov r0, r7 | r0 = r7;
0x00013dd8 str r4, [sp, 0x54] | var_54h = r4;
0x00013ddc str r3, [sp, 0x58] | var_58h = r3;
0x00013de0 str r4, [sp, 0x5c] | var_5ch = r4;
0x00013de4 strb r8, [sp, 0x60] | var_60h = r8;
0x00013de8 bl 0x10a00 | r0 = ioctl (r0, r1);
0x00013dec cmp r0, 0 |
| if (r0 != 0) {
0x00013df0 beq 0x13e20 |
0x00013df4 bl 0x10b5c | r0 = errno_location ();
0x00013df8 ldr r3, [r0] | r3 = *(r0);
0x00013dfc mov sb, r0 | sb = r0;
0x00013e00 cmp r3, 0x19 |
0x00013e04 cmpne r3, 0x5f | __asm ("cmpne r3, 0x5f");
| if (r3 == 0x19) {
0x00013e08 beq 0x13e2c | goto label_8;
| }
0x00013e0c ldr r2, [pc, 0x208] | r2 = *(0x14018);
0x00013e10 ldr r1, [sp, 0x24] | r1 = var_24h;
0x00013e14 ldr r0, [r5] | r0 = *(r5);
0x00013e18 bl 0x1274c | r0 = fcn_0001274c (r0, r1);
0x00013e1c mov r4, r0 | r4 = r0;
| }
| label_3:
0x00013e20 mov r0, r4 | r0 = r4;
0x00013e24 add sp, sp, 0x134 |
0x00013e28 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_8:
0x00013e2c cmp r8, 1 |
| if (r8 != 1) {
0x00013e30 bne 0x13f0c | goto label_9;
| }
0x00013e34 add r2, sp, 0x68 | r2 += var_68h;
0x00013e38 ldr r1, [pc, 0x1e0] | r1 = "MEMWRITE";
0x00013e3c mov r0, r7 | r0 = r7;
0x00013e40 bl 0x10a00 | r0 = ioctl (r0, "MEMWRITE");
0x00013e44 subs fp, r0, 0 |
| if (fp != r0) {
0x00013e48 beq 0x13e90 |
0x00013e4c ldr r4, [sb] | r4 = *(sb);
0x00013e50 ldr r5, [pc, 0x1ac] | r5 = *(0x14000);
0x00013e54 ldr r2, [pc, 0x1ac] | r2 = stderr;
0x00013e58 ldr r1, [pc, 0x1c4] | r1 = *(0x14020);
| label_2:
0x00013e5c ldr r0, [r5] | r0 = *(r5);
0x00013e60 bl 0x10ab4 | fprintf (r0, r1, r2, r3, r4, r5)
0x00013e64 ldr r5, [r5] | r5 = *(r5);
| label_4:
0x00013e68 mov r0, r4 | r0 = r4;
0x00013e6c bl 0x10a18 | strerror (r0);
0x00013e70 str r4, [sp] | *(sp) = r4;
0x00013e74 ldr r3, [pc, 0x1ac] | r3 = "%s: error!: MEMGETOOBSEL failed\n";
0x00013e78 mov r2, 8 | r2 = 8;
0x00013e7c ldr r1, [pc, 0x1a8] | r1 = *(0x14028);
0x00013e80 str r0, [sp, 4] | var_4h = r0;
0x00013e84 mov r0, r5 | r0 = r5;
0x00013e88 bl 0x10ab4 | fprintf (r0, r1, r2, "%s: error!: MEMGETOOBSEL failed\n", r4)
0x00013e8c b 0x13d04 | goto label_1;
| }
0x00013e90 mov r0, sl | r0 = sl;
0x00013e94 bl 0x10a60 | malloc (r0);
0x00013e98 mov r2, sl | r2 = sl;
0x00013e9c ldr r1, [sp, 0x164] | r1 = *(s2);
0x00013ea0 str r0, [sp, 0x30] | var_30h = r0;
0x00013ea4 bl 0x10a48 | memcpy (r0, r1, r2);
0x00013ea8 ldr r2, [sp, 0x68] | r2 = var_68h;
0x00013eac cmp r2, 2 |
| if (r2 != 2) {
0x00013eb0 addeq r8, sp, 0x70 | r8 += var_70h;
| }
| if (r2 == 2) {
0x00013eb4 beq 0x13efc | goto label_10;
| }
0x00013eb8 ldr r0, [sp, 0x6c] | r0 = s1;
0x00013ebc ldr r3, [sp, 0x30] | r3 = var_30h;
0x00013ec0 ldr r2, [r5, 0xf0] | r2 = *((r5 + 0xf0));
0x00013ec4 add r1, r3, r0 | r1 = r3 + r0;
0x00013ec8 ldr r3, [sp, 0x164] | r3 = *(s2);
0x00013ecc sub r2, r2, r0 | r2 -= r0;
0x00013ed0 add r0, r3, r0 | r0 = r3 + r0;
0x00013ed4 bl 0x10a48 | memcpy (r0, r1, r2);
0x00013ed8 b 0x13f0c | goto label_9;
| do {
0x00013edc ldr r3, [sp, 0x30] | r3 = var_30h;
0x00013ee0 ldr r0, [r8, -8] | r0 = *((r8 - 8));
0x00013ee4 add r1, r3, fp | r1 = r3 + fp;
0x00013ee8 ldr r3, [sp, 0x164] | r3 = *(s2);
0x00013eec mov r2, sl | r2 = sl;
0x00013ef0 add r0, r3, r0 | r0 = r3 + r0;
0x00013ef4 bl 0x10a48 | memcpy (r0, r1, r2);
0x00013ef8 add fp, fp, sl |
| label_10:
0x00013efc add r8, r8, 8 | r8 += 8;
0x00013f00 ldr sl, [r8, -4] | sl = *((r8 - 4));
0x00013f04 cmp sl, 0 |
0x00013f08 bne 0x13edc |
| } while (sl != 0);
| label_9:
0x00013f0c ldr r3, [sp, 0x164] | r3 = *(s2);
0x00013f10 mov r1, r5 | r1 = r5;
0x00013f14 str r3, [sp, 0x10] | var_10h = r3;
0x00013f18 ldrd r2, r3, [sp, 0x28] | __asm ("ldrd r2, r3, [var_28h]");
0x00013f1c ldr r0, [sp, 0x34] | r0 = var_34h;
0x00013f20 strd r2, r3, [sp, 8] | __asm ("strd r2, r3, [var_8h]");
0x00013f24 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00013f28 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00013f2c mov r2, r7 | r2 = r7;
0x00013f30 bl 0x13c28 | r0 = fcn_00013c28 (r0, r1, r2, r3, r4);
0x00013f34 cmp r0, 0 |
| if (r0 >= 0) {
0x00013f38 ldrlt r4, [sb] | r4 = *(sb);
| }
| if (r0 >= 0) {
0x00013f3c ldrlt r5, [pc, 0xc0] | r5 = obj.stderr;
| }
| if (r0 >= 0) {
0x00013f40 ldrlt r2, [pc, 0xc0] | r2 = "libmtd";
| }
| if (r0 < 0) {
0x00013f44 ldrlt r1, [pc, 0xe4] | r1 = "%s: error!: cannot write to OOB\n";
| goto label_11;
| }
| if (r0 < 0) {
| label_11:
0x00013f48 blt 0x13e5c | goto label_2;
| }
| label_7:
0x00013f4c ldr r3, [sp, 0x15c] | r3 = *(ptr);
0x00013f50 cmp r3, 0 |
| if (r3 == 0) {
0x00013f54 beq 0x13e20 | goto label_3;
| }
0x00013f58 mov r3, 0 | r3 = 0;
0x00013f5c str r3, [sp] | *(sp) = r3;
0x00013f60 mov r0, r7 | r0 = r7;
0x00013f64 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00013f68 bl 0x10b8c | lseek64 ();
0x00013f6c ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00013f70 cmp r1, r3 |
0x00013f74 cmpeq r0, r2 | __asm ("cmpeq r0, r2");
| if (r1 != r3) {
0x00013f78 beq 0x13fac |
0x00013f7c bl 0x10b5c | errno_location ();
0x00013f80 ldr r6, [pc, 0x7c] | r6 = *(0x14000);
0x00013f84 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00013f88 ldr r1, [pc, 0xa4] | r1 = "%s: error!: cannot write to OOB\n";
0x00013f8c ldr r4, [r0] | r4 = *(r0);
0x00013f90 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00013f94 ldr r2, [pc, 0x6c] | r2 = stderr;
0x00013f98 ldr r3, [r5] | r3 = *(r5);
0x00013f9c ldr r0, [r6] | r0 = *(0x14000);
0x00013fa0 bl 0x10ab4 | fprintf (r0, "%s: error!: cannot write to OOB\n", r2, r3, r4, r5, r6)
0x00013fa4 ldr r5, [r6] | r5 = *(0x14000);
0x00013fa8 b 0x13e68 | goto label_4;
| }
0x00013fac mov r2, r6 | r2 = r6;
0x00013fb0 ldr r1, [sp, 0x15c] | r1 = *(ptr);
0x00013fb4 mov r0, r7 | r0 = r7;
0x00013fb8 bl 0x10aa8 | r0 = write (r0, r1, r2);
0x00013fbc cmp r6, r0 |
| if (r6 == r0) {
0x00013fc0 beq 0x13e20 | goto label_3;
| }
0x00013fc4 bl 0x10b5c | errno_location ();
0x00013fc8 ldr r3, [sp, 0x158] | r3 = *(arg_158h);
0x00013fcc ldr r7, [pc, 0x30] | r7 = *(0x14000);
0x00013fd0 ldr r2, [pc, 0x30] | r2 = stderr;
0x00013fd4 ldr r1, [pc, 0x5c] | r1 = "_s:_error_:_cannot_seek_mtd_d_to_offset__lld";
0x00013fd8 ldr r4, [r0] | r4 = *(r0);
0x00013fdc str r3, [sp, 8] | var_8h = r3;
0x00013fe0 ldr r3, [sp, 0x24] | r3 = var_24h;
0x00013fe4 str r3, [sp, 4] | var_4h = r3;
0x00013fe8 ldr r3, [r5] | r3 = *(r5);
0x00013fec str r3, [sp] | *(sp) = r3;
0x00013ff0 mov r3, r6 | r3 = r6;
0x00013ff4 ldr r0, [r7] | r0 = *(0x14000);
0x00013ff8 bl 0x10ab4 | fprintf (r0, "_s:_error_:_cannot_seek_mtd_d_to_offset__lld", r2, r3, r4)
0x00013ffc ldr r5, [r7] | r5 = *(0x14000);
0x00014000 b 0x13e68 | goto label_4;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x143c0 */
| #include <stdint.h>
|
; (fcn) fcn.000143c0 () | void fcn_000143c0 (int32_t arg1) {
| int32_t var_0h;
| int32_t var_8h;
| r0 = arg1;
0x000143c0 push {r0, r1, r4, r5, r6, r7, r8, lr} |
0x000143c4 mov r4, r0 | r4 = r0;
0x000143c8 ldr r3, [r4, 0x94] | r3 = *((r4 + 0x94));
0x000143cc ldr r0, [r0, 0x9c] | r0 = *((r0 + 0x9c));
0x000143d0 ldr r2, [r4, 0x98] | r2 = *((r4 + 0x98));
0x000143d4 sub r5, r0, r3 | r5 = r0 - r3;
0x000143d8 cmp r2, r5 |
| if (r2 > r5) {
0x000143dc bgt 0x143f4 | goto label_4;
| }
0x000143e0 mov r0, r3 | r0 = r3;
0x000143e4 bl 0x10bd4 | free (r0);
0x000143e8 mov r0, 0 | r0 = 0;
| do {
| label_3:
0x000143ec add sp, sp, 8 |
0x000143f0 pop {r4, r5, r6, r7, r8, pc} |
| label_4:
0x000143f4 add r3, r4, 0x90 | r3 = r4 + 0x90;
0x000143f8 str r3, [sp] | *(sp) = r3;
0x000143fc mov r2, r4 | r2 = r4;
0x00014400 add r3, r4, 8 | r3 = r4 + 8;
0x00014404 ldr r1, [pc, 0xf8] | r1 = *(0x14500);
0x00014408 bl 0x10afc | r0 = sscanf (r0, r1, r2);
0x0001440c cmp r0, 3 |
| if (r0 == 3) {
0x00014410 beq 0x14434 | goto label_5;
| }
0x00014414 ldr r3, [pc, 0xe8] | r3 = *(0x14500);
0x00014418 ldr r2, [pc, 0xe8] | r2 = "mtd_d:__llx__x";
0x0001441c ldr r1, [pc, 0xe8] | r1 = "libmtd";
| label_2:
0x00014420 ldr r0, [pc, 0xe8] |
0x00014424 ldr r0, [r0] | r0 = "%s: error!: \"%s\" pattern not found\n";
0x00014428 bl 0x10ab4 | fprintf ("%s: error!: \"%s\" pattern not found\n", "libmtd", "mtd_d:__llx__x", r3)
| label_0:
0x0001442c mvn r0, 0 | r0 = ~0;
0x00014430 b 0x143ec |
| } while (1);
| label_5:
0x00014434 ldr r8, [r4, 0x98] | r8 = *((r4 + 0x98));
0x00014438 mov r1, 0x22 | r1 = 0x22;
0x0001443c sub r2, r8, r5 | r2 = r8 - r5;
0x00014440 ldr r0, [r4, 0x9c] | r0 = *((r4 + 0x9c));
0x00014444 bl 0x10acc | r0 = memchr (r0, r1, r2);
0x00014448 cmp r0, 0 |
0x0001444c bne 0x14468 |
| while (r8 <= r2) {
0x00014450 ldr r2, [pc, 0xb0] | r2 = "mtd_d:__llx__x";
0x00014454 ldr r1, [pc, 0xb8] | r1 = stderr;
| label_1:
0x00014458 ldr r3, [pc, 0xb0] | r3 = "%s: error!: \"%s\" pattern not found\n";
0x0001445c ldr r0, [r3] | r0 = "%s: error!: \"%s\" pattern not found\n";
0x00014460 bl 0x10ab4 | fprintf ("%s: error!: \"%s\" pattern not found\n", r1, "mtd_d:__llx__x", "%s: error!: \"%s\" pattern not found\n")
0x00014464 b 0x1442c | goto label_0;
0x00014468 ldr r7, [r4, 0x94] | r7 = *((r4 + 0x94));
0x0001446c add r6, r0, 1 | r6 = r0 + 1;
0x00014470 sub r2, r6, r7 | r2 = r6 - r7;
0x00014474 cmp r8, r2 |
0x00014478 ble 0x14450 |
| }
0x0001447c sub r2, r8, r2 | r2 = r8 - r2;
0x00014480 mov r1, 0x22 | r1 = 0x22;
0x00014484 mov r0, r6 | r0 = r6;
0x00014488 bl 0x10acc | r0 = memchr (r0, r1, r2);
0x0001448c subs r5, r0, 0 | r5 = r0 - 0;
0x00014490 bne 0x144a0 |
| while (r8 <= r7) {
0x00014494 ldr r2, [pc, 0x6c] | r2 = "mtd_d:__llx__x";
0x00014498 ldr r1, [pc, 0x78] | r1 = "%s: error!: opening \" not found\n";
0x0001449c b 0x14458 | goto label_1;
0x000144a0 sub r7, r5, r7 | r7 = r5 - r7;
0x000144a4 cmp r8, r7 |
0x000144a8 ble 0x14494 |
| }
0x000144ac sub r7, r5, r6 | r7 = r5 - r6;
0x000144b0 cmp r7, 0x7f |
| if (r7 <= 0x7f) {
0x000144b4 ldrgt r3, [r4] | r3 = *(r4);
| }
| if (r7 <= 0x7f) {
0x000144b8 ldrgt r2, [pc, 0x48] | r2 = "libmtd";
| }
| if (r7 > 0x7f) {
0x000144bc ldrgt r1, [pc, 0x58] | r1 = "%s: error!: too long mtd%d device name\n";
| goto label_6;
| }
| if (r7 > 0x7f) {
| label_6:
0x000144c0 bgt 0x14420 | goto label_2;
| }
0x000144c4 mov r2, r7 | r2 = r7;
0x000144c8 mov r1, r6 | r1 = r6;
0x000144cc add r0, r4, 0x10 | r0 = r4 + 0x10;
0x000144d0 bl 0x10a48 | memcpy (r0, r1, r2);
0x000144d4 add r7, r4, r7 | r7 = r4 + r7;
0x000144d8 mov r3, 0 | r3 = 0;
0x000144dc strb r3, [r7, 0x10] | *((r7 + 0x10)) = r3;
0x000144e0 ldrb r3, [r5, 1] | r3 = *((r5 + 1));
0x000144e4 cmp r3, 0xa |
| if (r3 != 0xa) {
0x000144e8 addeq r5, r5, 2 | r5 += 2;
| }
| if (r3 != 0xa) {
0x000144ec streq r5, [r4, 0x9c] | *((r4 + 0x9c)) = r5;
| }
| if (r3 == 0xa) {
0x000144f0 moveq r0, 1 | r0 = 1;
| goto label_7;
| }
| if (r3 == 0xa) {
| label_7:
0x000144f4 beq 0x143ec | goto label_3;
| }
0x000144f8 ldr r2, [pc, 8] | r2 = "libmtd";
0x000144fc ldr r1, [pc, 0x1c] | r1 = "%s: error!: too long mtd%d device name\n";
0x00014500 b 0x14458 | goto label_1;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x14524 */
| #include <stdint.h>
|
; (fcn) fcn.00014524 () | void fcn_00014524 (int32_t arg1) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| r0 = arg1;
0x00014524 push {r0, r1, r4, r5, r6, r7, r8, lr} |
0x00014528 mov r5, r0 | r5 = r0;
0x0001452c mov r1, 0 | r1 = 0;
0x00014530 ldr r0, [pc, 0x150] | r0 = *(0x14684);
0x00014534 bl 0x10b20 | r0 = open64 ();
0x00014538 cmn r0, 1 |
0x0001453c mov r4, r0 | r4 = r0;
| if (r0 == 1) {
0x00014540 beq 0x1467c | goto label_0;
| }
0x00014544 mov r0, 0x1000 | r0 = 0x1000;
0x00014548 bl 0x10a60 | r0 = malloc (r0);
0x0001454c subs r1, r0, 0 | r1 = r0 - 0;
| if (r1 == r0) {
0x00014550 bne 0x145a0 |
0x00014554 bl 0x10b5c | errno_location ();
0x00014558 ldr r5, [pc, 0x12c] |
0x0001455c ldr r2, [pc, 0x12c] | r2 = stderr;
0x00014560 ldr r1, [pc, 0x12c] | r1 = "libmtd";
0x00014564 ldr r4, [r0] | r4 = *(r0);
0x00014568 ldr r0, [r5] | r0 = "_proc_mtd";
0x0001456c bl 0x10ab4 | fprintf ("_proc_mtd", "libmtd", r2, r3, r4, "_proc_mtd")
0x00014570 mov r0, r4 | r0 = r4;
0x00014574 ldr r5, [r5] | r5 = "_proc_mtd";
0x00014578 bl 0x10a18 | strerror (r0);
0x0001457c str r4, [sp] | *(sp) = r4;
0x00014580 ldr r3, [pc, 0x110] | r3 = "_s:_error_:_out_of_memory";
0x00014584 mov r2, 8 | r2 = 8;
0x00014588 ldr r1, [pc, 0x10c] | r1 = *(0x14698);
0x0001458c str r0, [sp, 4] | var_4h = r0;
0x00014590 mov r0, r5 | r0 = r5;
0x00014594 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_out_of_memory", r4)
0x00014598 mvn r0, 0 | r0 = ~0;
0x0001459c bl 0x10b68 | exit (r0);
| }
0x000145a0 str r1, [r5, 0x94] | *((r5 + 0x94)) = r1;
0x000145a4 mov r2, 0x1000 | r2 = 0x1000;
0x000145a8 mov r0, r4 | r0 = r4;
0x000145ac bl 0x10ad8 | r0 = read (r0, r1, r2);
0x000145b0 cmn r0, 1 |
0x000145b4 mov r7, r0 | r7 = r0;
| if (r0 != 1) {
0x000145b8 bne 0x1461c | goto label_1;
| }
0x000145bc bl 0x10b5c | errno_location ();
0x000145c0 ldr r7, [pc, 0xc4] |
0x000145c4 ldr r3, [pc, 0xbc] | r3 = *(0x14684);
0x000145c8 ldr r2, [pc, 0xc0] | r2 = stderr;
0x000145cc ldr r1, [pc, 0xcc] | r1 = "_serror__d___s_";
0x000145d0 ldr r6, [r0] | r6 = *(r0);
0x000145d4 ldr r0, [r7] | r0 = "_proc_mtd";
0x000145d8 bl 0x10ab4 | fprintf ("_proc_mtd", "_serror__d___s_", r2, r3, r4, r5, r6)
0x000145dc mov r0, r6 | r0 = r6;
0x000145e0 ldr r7, [r7] | r7 = "_proc_mtd";
0x000145e4 bl 0x10a18 | strerror (r0);
0x000145e8 str r6, [sp] | *(sp) = r6;
0x000145ec ldr r3, [pc, 0xa4] | r3 = "_s:_error_:_out_of_memory";
0x000145f0 mov r2, 8 | r2 = 8;
0x000145f4 ldr r1, [pc, 0xa0] | r1 = *(0x14698);
0x000145f8 str r0, [sp, 4] | var_4h = r0;
0x000145fc mov r0, r7 | r0 = r7;
0x00014600 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_out_of_memory", r4, r5, r6)
| do {
0x00014604 ldr r0, [r5, 0x94] | r0 = *((r5 + 0x94));
0x00014608 bl 0x10bd4 | free (r0);
0x0001460c mov r0, r4 | r0 = r4;
0x00014610 bl 0x10bbc | close (r0);
0x00014614 mvn r4, 0 | r4 = ~0;
0x00014618 b 0x1467c | goto label_0;
| label_1:
0x0001461c cmp r0, 0x1e |
| if (r0 >= 0x1e) {
0x00014620 bls 0x14640 |
0x00014624 ldr r6, [r5, 0x94] | r6 = *((r5 + 0x94));
0x00014628 mov r2, 0x1f | r2 = 0x1f;
0x0001462c ldr r1, [pc, 0x70] | r1 = "_s:_error_:_cannot_read___s_";
0x00014630 mov r0, r6 | r0 = r6;
0x00014634 bl 0x10af0 | r0 = memcmp (r0, "_s:_error_:_cannot_read___s_", r2);
0x00014638 subs r8, r0, 0 | r8 = r0 - 0;
| if (r8 == r0) {
0x0001463c beq 0x14664 | goto label_2;
| }
| }
0x00014640 ldr r3, [pc, 0x5c] | r3 = "_s:_error_:_cannot_read___s_";
0x00014644 ldr r0, [pc, 0x40] |
0x00014648 str r3, [sp] | *(sp) = r3;
0x0001464c ldr r2, [pc, 0x3c] | r2 = stderr;
0x00014650 ldr r3, [pc, 0x30] | r3 = *(0x14684);
0x00014654 ldr r1, [pc, 0x4c] | r1 = "dev:____size___erasesize__name";
0x00014658 ldr r0, [r0] | r0 = "_proc_mtd";
0x0001465c bl 0x10ab4 | fprintf ("_proc_mtd", "dev:____size___erasesize__name", r2, "_s:_error_:_cannot_read___s_")
0x00014660 b 0x14604 |
| } while (1);
| label_2:
0x00014664 add r6, r6, 0x1f | r6 += 0x1f;
0x00014668 mov r0, r4 | r0 = r4;
0x0001466c str r7, [r5, 0x98] | *((r5 + 0x98)) = r7;
0x00014670 str r6, [r5, 0x9c] | *((r5 + 0x9c)) = r6;
0x00014674 bl 0x10bbc | close (r0);
0x00014678 mov r4, r8 | r4 = r8;
| label_0:
0x0001467c mov r0, r4 | r0 = r4;
0x00014680 add sp, sp, 8 |
0x00014684 pop {r4, r5, r6, r7, r8, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x146ac */
| #include <stdint.h>
|
; (fcn) fcn.000146ac () | void fcn_000146ac () {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
0x000146ac push {r0, r1, r2, r4, r5, lr} |
0x000146b0 ldr r0, [pc, 0x74] | r0 = *(0x14728);
0x000146b4 mov r1, 4 | r1 = 4;
0x000146b8 bl 0x10b50 | r0 = access (r0, r1);
0x000146bc cmp r0, 0 |
| if (r0 != 0) {
0x000146c0 moveq r0, 1 | r0 = 1;
| }
| if (r0 != 0) {
0x000146c4 beq 0x14724 |
0x000146c8 bl 0x10b5c | r0 = errno_location ();
0x000146cc ldr r4, [r0] | r4 = *(r0);
0x000146d0 cmp r4, 2 |
| if (r4 != 2) {
0x000146d4 moveq r3, 0 | r3 = 0;
| }
| if (r4 != 2) {
0x000146d8 streq r3, [r0] | *(r0) = r3;
| }
| if (r4 != 2) {
0x000146dc beq 0x14720 |
0x000146e0 ldr r5, [pc, 0x48] |
0x000146e4 ldr r3, [pc, 0x40] | r3 = *(0x14728);
0x000146e8 ldr r2, [pc, 0x44] | r2 = stderr;
0x000146ec ldr r1, [pc, 0x44] | r1 = "libmtd";
0x000146f0 ldr r0, [r5] | r0 = "_proc_mtd";
0x000146f4 bl 0x10ab4 | fprintf ("_proc_mtd", "libmtd", r2, r3, r4, "_proc_mtd")
0x000146f8 mov r0, r4 | r0 = r4;
0x000146fc ldr r5, [r5] | r5 = "_proc_mtd";
0x00014700 bl 0x10a18 | strerror (r0);
0x00014704 str r4, [sp] | *(sp) = r4;
0x00014708 ldr r3, [pc, 0x2c] | r3 = "_s:_error_:_cannot_read___s_";
0x0001470c mov r2, 8 | r2 = 8;
0x00014710 ldr r1, [pc, 0x28] | r1 = *(0x1473c);
0x00014714 str r0, [sp, 4] | var_4h = r0;
0x00014718 mov r0, r5 | r0 = r5;
0x0001471c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_read___s_", r4)
| }
0x00014720 mov r0, 0 | r0 = 0;
| }
0x00014724 add sp, sp, 0xc |
0x00014728 pop {r4, r5, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x14800 */
| #include <stdint.h>
|
; (fcn) fcn.00014800 () | void fcn_00014800 (int32_t arg1) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_18h;
| int32_t var_70h;
| int32_t var_174h;
| int32_t var_1bch;
| r0 = arg1;
0x00014800 push {r4, r5, r6, r7, lr} |
0x00014804 sub sp, sp, 0x1bc |
0x00014808 add r1, sp, 8 | r1 += var_8h;
0x0001480c mov r5, r0 | r5 = r0;
0x00014810 bl 0x10a24 | r0 = stat64 ();
0x00014814 subs r1, r0, 0 | r1 = r0 - 0;
| if (r1 == r0) {
0x00014818 beq 0x14874 | goto label_1;
| }
0x0001481c bl 0x10b5c | errno_location ();
0x00014820 ldr r6, [pc, 0x158] | r6 = *(0x1497c);
0x00014824 mov r3, r5 | r3 = r5;
0x00014828 ldr r2, [pc, 0x154] | r2 = stderr;
0x0001482c ldr r1, [pc, 0x154] | r1 = "libmtd";
0x00014830 ldr r4, [r0] | r4 = *(r0);
0x00014834 ldr r0, [r6] | r0 = *(0x1497c);
0x00014838 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x0001483c mov r0, r4 | r0 = r4;
0x00014840 ldr r5, [r6] | r5 = *(0x1497c);
0x00014844 bl 0x10a18 | strerror (r0);
0x00014848 str r4, [sp] | *(sp) = r4;
0x0001484c ldr r3, [pc, 0x138] | r3 = "_s:_error_:_cannot_open___s_";
0x00014850 mov r2, 8 | r2 = 8;
0x00014854 ldr r1, [pc, 0x134] | r1 = *(0x1498c);
0x00014858 str r0, [sp, 4] | var_4h = r0;
0x0001485c mov r0, r5 | r0 = r5;
0x00014860 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4)
| do {
0x00014864 mvn r4, 0 | r4 = ~0;
| label_0:
0x00014868 mov r0, r4 | r0 = r4;
0x0001486c add sp, sp, 0x1bc |
0x00014870 pop {r4, r5, r6, r7, pc} |
| label_1:
0x00014874 ldr r3, [sp, 0x18] | r3 = var_18h;
0x00014878 and r3, r3, 0xf000 | r3 &= 0xf000;
0x0001487c cmp r3, 0x2000 |
| if (r3 == 0x2000) {
0x00014880 beq 0x148ac | goto label_2;
| }
0x00014884 bl 0x10b5c | errno_location ();
0x00014888 mov r3, 0x16 | r3 = 0x16;
0x0001488c ldr r2, [pc, 0xf0] | r2 = stderr;
0x00014890 ldr r1, [pc, 0xfc] | r1 = "_serror__d___s_";
0x00014894 str r3, [r0] | *(r0) = r3;
0x00014898 ldr r0, [pc, 0xe0] |
0x0001489c mov r3, r5 | r3 = r5;
0x000148a0 ldr r0, [r0] | r0 = *(0x1497c);
0x000148a4 bl 0x10ab4 | fprintf (r0, "_serror__d___s_", r2, r3)
0x000148a8 b 0x14864 |
| } while (1);
| label_2:
0x000148ac mov r0, r5 | r0 = r5;
0x000148b0 bl 0x10b20 | r0 = open64 ();
0x000148b4 cmn r0, 1 |
0x000148b8 mov r4, r0 | r4 = r0;
| if (r0 == 1) {
0x000148bc bne 0x1490c |
0x000148c0 bl 0x10b5c | errno_location ();
0x000148c4 ldr r7, [pc, 0xb4] | r7 = *(0x1497c);
0x000148c8 mov r3, r5 | r3 = r5;
0x000148cc ldr r2, [pc, 0xb0] | r2 = stderr;
0x000148d0 ldr r1, [pc, 0xb0] | r1 = "libmtd";
0x000148d4 ldr r6, [r0] | r6 = *(r0);
0x000148d8 ldr r0, [r7] | r0 = *(0x1497c);
0x000148dc bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5, r6)
0x000148e0 mov r0, r6 | r0 = r6;
0x000148e4 ldr r5, [r7] | r5 = *(0x1497c);
0x000148e8 bl 0x10a18 | strerror (r0);
0x000148ec str r6, [sp] | *(sp) = r6;
0x000148f0 ldr r3, [pc, 0x94] | r3 = "_s:_error_:_cannot_open___s_";
0x000148f4 mov r2, 8 | r2 = 8;
0x000148f8 ldr r1, [pc, 0x90] | r1 = *(0x1498c);
0x000148fc str r0, [sp, 4] | var_4h = r0;
0x00014900 mov r0, r5 | r0 = r5;
0x00014904 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4, r5, r6)
0x00014908 b 0x14868 | goto label_0;
| }
0x0001490c add r2, sp, 0x70 | r2 += var_70h;
0x00014910 ldr r1, [pc, 0x80] | r1 = "_s:_error_:___s__is_not_a_character_device";
0x00014914 bl 0x10a00 | r0 = ioctl (r0, "_s:_error_:___s__is_not_a_character_device");
0x00014918 subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 < r0) {
0x0001491c ldrge r6, [sp, 0x174] | r6 = var_174h;
| }
| if (r6 < r0) {
0x00014920 bge 0x14970 |
0x00014924 bl 0x10b5c | r0 = errno_location ();
0x00014928 ldr r5, [r0] | r5 = *(r0);
0x0001492c cmp r5, 0x5f |
| if (r5 == 0x5f) {
0x00014930 beq 0x14970 | goto label_3;
| }
0x00014934 ldr r7, [pc, 0x44] |
0x00014938 ldr r2, [pc, 0x44] | r2 = stderr;
0x0001493c ldr r1, [pc, 0x58] | r1 = *(0x14998);
0x00014940 ldr r0, [r7] | r0 = *(0x1497c);
0x00014944 bl 0x10ab4 | fprintf (r0, r1, r2)
0x00014948 mov r0, r5 | r0 = r5;
0x0001494c ldr r7, [r7] | r7 = *(0x1497c);
0x00014950 bl 0x10a18 | strerror (r0);
0x00014954 str r5, [sp] | *(sp) = r5;
0x00014958 ldr r3, [pc, 0x2c] | r3 = "_s:_error_:_cannot_open___s_";
0x0001495c mov r2, 8 | r2 = 8;
0x00014960 ldr r1, [pc, 0x28] | r1 = *(0x1498c);
0x00014964 str r0, [sp, 4] | var_4h = r0;
0x00014968 mov r0, r7 | r0 = r7;
0x0001496c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4, r5)
| }
| label_3:
0x00014970 mov r0, r4 | r0 = r4;
0x00014974 bl 0x10bbc | close (r0);
0x00014978 mov r4, r6 | r4 = r6;
0x0001497c b 0x14868 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x149cc */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.000149cc () | void fcn_000149cc (char * arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| int32_t var_10h_2;
| int32_t var_18h;
| int32_t var_1ch;
| int32_t var_20h;
| int32_t var_24h;
| int32_t var_28h;
| int32_t var_2ch;
| int32_t var_38h;
| int32_t var_48h;
| int32_t var_58h;
| int32_t var_58h_2;
| int32_t var_a0h;
| char * src;
| int32_t var_144h;
| r0 = arg1;
| r1 = arg2;
0x000149cc push {r4, r5, r6, r7, r8, sb, lr} |
0x000149d0 sub sp, sp, 0x144 |
0x000149d4 mov r2, 0 | r2 = 0;
0x000149d8 mov r3, 0 | r3 = 0;
0x000149dc mov r4, r1 | r4 = r1;
0x000149e0 add r1, sp, 0x38 | r1 += var_38h;
0x000149e4 mov r6, r0 | r6 = r0;
0x000149e8 strd r2, r3, [sp, 0x10] | __asm ("strd r2, r3, [var_10h]");
0x000149ec bl 0x10a24 | r0 = stat64 ();
0x000149f0 cmp r0, 0 |
| if (r0 != 0) {
0x000149f4 beq 0x14a5c |
0x000149f8 bl 0x10b5c | errno_location ();
0x000149fc ldr r8, [pc, 0x450] |
0x00014a00 mov r3, r6 | r3 = r6;
0x00014a04 ldr r2, [pc, 0x44c] | r2 = stderr;
0x00014a08 ldr r1, [pc, 0x44c] | r1 = "libmtd";
0x00014a0c ldr r7, [r0] | r7 = *(r0);
0x00014a10 mov r5, r0 | r5 = r0;
0x00014a14 ldr r0, [r8] | r0 = *(0x14e50);
0x00014a18 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4, r5)
0x00014a1c mov r0, r7 | r0 = r7;
0x00014a20 ldr r8, [r8] | r8 = *(0x14e50);
0x00014a24 bl 0x10a18 | strerror (r0);
0x00014a28 ldr r3, [pc, 0x430] | r3 = "_s:_error_:_cannot_open___s_";
0x00014a2c str r7, [sp] | *(sp) = r7;
0x00014a30 mov r2, 8 | r2 = 8;
0x00014a34 ldr r1, [pc, 0x428] | r1 = *(0x14e60);
0x00014a38 str r0, [sp, 4] | var_4h = r0;
0x00014a3c mov r0, r8 | r0 = r8;
0x00014a40 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_")
0x00014a44 ldr r3, [r5] | r3 = *(r5);
0x00014a48 cmp r3, 2 |
| if (r3 != 2) {
0x00014a4c bne 0x14a5c | goto label_5;
| }
0x00014a50 ldr r1, [pc, 0x400] | r1 = stderr;
0x00014a54 ldr r0, [pc, 0x40c] | r0 = "_serror__d___s_";
0x00014a58 bl 0x10a0c | printf ("_serror__d___s_", r1);
| }
| label_5:
0x00014a5c ldr r3, [sp, 0x48] | r3 = var_48h;
0x00014a60 and r3, r3, 0xf000 | r3 &= 0xf000;
0x00014a64 cmp r3, 0x2000 |
| if (r3 == 0x2000) {
0x00014a68 beq 0x14a98 | goto label_6;
| }
0x00014a6c bl 0x10b5c | errno_location ();
0x00014a70 mov r3, 0x16 | r3 = 0x16;
0x00014a74 ldr r2, [pc, 0x3dc] | r2 = stderr;
0x00014a78 ldr r1, [pc, 0x3ec] | r1 = "%s: MTD subsystem is old and does not support sysfs, so MTD character device nodes have to exist\n";
0x00014a7c str r3, [r0] | *(r0) = r3;
0x00014a80 ldr r0, [pc, 0x3cc] |
0x00014a84 mov r3, r6 | r3 = r6;
0x00014a88 ldr r0, [r0] | r0 = *(0x14e50);
0x00014a8c bl 0x10ab4 | fprintf (r0, "%s: MTD subsystem is old and does not support sysfs, so MTD character device nodes have to exist\n", r2, r3)
| do {
| label_0:
0x00014a90 mvn r5, 0 | r5 = ~0;
0x00014a94 b 0x14b7c | goto label_4;
| label_6:
0x00014a98 mov r2, 0x100 | r2 = 0x100;
0x00014a9c mov r1, 0 | r1 = 0;
0x00014aa0 mov r0, r4 | r0 = r4;
0x00014aa4 bl 0x10b14 | memset (r0, r1, r2);
0x00014aa8 ldrd r8, sb, [sp, 0x58] | __asm ("ldrd r8, sb, [var_58h]");
0x00014aac mov r1, sb | r1 = sb;
0x00014ab0 mov r0, r8 | r0 = r8;
0x00014ab4 bl 0x10a3c | gnu_dev_major ();
0x00014ab8 mov r1, sb | r1 = sb;
0x00014abc mov r5, r0 | r5 = r0;
0x00014ac0 str r0, [r4, 4] | *((r4 + 4)) = r0;
0x00014ac4 mov r0, r8 | r0 = r8;
0x00014ac8 bl 0x10a78 | gnu_dev_minor ();
0x00014acc cmp r5, 0x5a |
0x00014ad0 str r0, [r4, 8] | *((r4 + 8)) = r0;
| if (r5 == 0x5a) {
0x00014ad4 beq 0x14b10 | goto label_7;
| }
0x00014ad8 bl 0x10b5c | errno_location ();
0x00014adc mov r3, 0x16 | r3 = 0x16;
0x00014ae0 ldr r2, [pc, 0x370] | r2 = stderr;
0x00014ae4 ldr r1, [pc, 0x384] | r1 = "_s:_error_:___s__is_not_a_character_device";
0x00014ae8 str r3, [r0] | *(r0) = r3;
0x00014aec mov r3, 0x5a | r3 = 0x5a;
0x00014af0 str r3, [sp, 4] | var_4h = r3;
0x00014af4 ldr r0, [pc, 0x358] |
0x00014af8 ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x00014afc str r3, [sp] | *(sp) = r3;
0x00014b00 mov r3, r6 | r3 = r6;
0x00014b04 ldr r0, [r0] | r0 = *(0x14e50);
0x00014b08 bl 0x10ab4 | fprintf (r0, "_s:_error_:___s__is_not_a_character_device", r2, r3)
0x00014b0c b 0x14a90 |
| } while (1);
| label_7:
0x00014b10 add r0, r0, r0, lsr 31 | r0 += (r0 >> 31);
0x00014b14 asr r0, r0, 1 | r0 >>= 1;
0x00014b18 str r0, [r4] | *(r4) = r0;
0x00014b1c mov r1, 0 | r1 = 0;
0x00014b20 mov r0, r6 | r0 = r6;
0x00014b24 bl 0x10b20 | r0 = open64 ();
0x00014b28 cmn r0, 1 |
0x00014b2c mov r5, r0 | r5 = r0;
| if (r0 == 1) {
0x00014b30 bne 0x14b88 |
0x00014b34 bl 0x10b5c | errno_location ();
0x00014b38 ldr r7, [pc, 0x314] | r7 = *(0x14e50);
0x00014b3c mov r3, r6 | r3 = r6;
0x00014b40 ldr r2, [pc, 0x310] | r2 = stderr;
0x00014b44 ldr r1, [pc, 0x310] | r1 = "libmtd";
0x00014b48 ldr r4, [r0] | r4 = *(r0);
0x00014b4c ldr r0, [r7] | r0 = *(0x14e50);
0x00014b50 bl 0x10ab4 | fprintf (r0, "libmtd", r2, r3, r4)
0x00014b54 mov r0, r4 | r0 = r4;
0x00014b58 ldr r6, [r7] | r6 = *(0x14e50);
0x00014b5c bl 0x10a18 | strerror (r0);
0x00014b60 str r4, [sp] | *(sp) = r4;
0x00014b64 ldr r3, [pc, 0x2f4] | r3 = "_s:_error_:_cannot_open___s_";
0x00014b68 mov r2, 8 | r2 = 8;
0x00014b6c ldr r1, [pc, 0x2f0] | r1 = *(0x14e60);
0x00014b70 str r0, [sp, 4] | var_4h = r0;
0x00014b74 mov r0, r6 | r0 = r6;
0x00014b78 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4)
| label_4:
0x00014b7c mov r0, r5 | r0 = r5;
0x00014b80 add sp, sp, 0x144 |
0x00014b84 pop {r4, r5, r6, r7, r8, sb, pc} |
| }
0x00014b88 add r2, sp, 0x18 | r2 += var_18h;
0x00014b8c ldr r1, [pc, 0x2e0] | r1 = "%s: error!: \"%s\" has major number %d, MTD devices have major %d\n";
0x00014b90 bl 0x10a00 | r0 = ioctl (r0, "%s: error!: \"%s\" has major number %d, MTD devices have major %d\n");
0x00014b94 subs r8, r0, 0 | r8 = r0 - 0;
| if (r8 == r0) {
0x00014b98 beq 0x14bec | goto label_8;
| }
0x00014b9c bl 0x10b5c | errno_location ();
0x00014ba0 ldr r6, [pc, 0x2ac] |
0x00014ba4 ldr r2, [pc, 0x2ac] | r2 = stderr;
0x00014ba8 ldr r1, [pc, 0x2c8] | r1 = *(0x14e74);
0x00014bac ldr r4, [r0] | r4 = *(r0);
0x00014bb0 ldr r0, [r6] | r0 = *(0x14e50);
0x00014bb4 bl 0x10ab4 | fprintf (r0, r1, r2, r3, r4, r5, r6)
0x00014bb8 mov r0, r4 | r0 = r4;
0x00014bbc ldr r6, [r6] | r6 = *(0x14e50);
0x00014bc0 bl 0x10a18 | strerror (r0);
0x00014bc4 ldr r3, [pc, 0x294] | r3 = "_s:_error_:_cannot_open___s_";
0x00014bc8 ldr r1, [pc, 0x294] | r1 = *(0x14e60);
0x00014bcc mov r2, 8 | r2 = 8;
0x00014bd0 str r4, [sp] | *(sp) = r4;
0x00014bd4 str r0, [sp, 4] | var_4h = r0;
0x00014bd8 mov r0, r6 | r0 = r6;
| do {
| label_1:
0x00014bdc bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:_cannot_open___s_", r4)
| label_2:
0x00014be0 mov r0, r5 | r0 = r5;
0x00014be4 bl 0x10bbc | close (r0);
0x00014be8 b 0x14a90 | goto label_0;
| label_8:
0x00014bec add r2, sp, 0x10 | r2 += var_10h;
0x00014bf0 ldr r1, [pc, 0x284] | r1 = "_s:_error_:_MEMGETINFO_ioctl_request_failed";
0x00014bf4 mov r0, r5 | r0 = r5;
0x00014bf8 bl 0x10a00 | r0 = ioctl (r0, "_s:_error_:_MEMGETINFO_ioctl_request_failed");
0x00014bfc cmn r0, 1 |
| if (r0 == 1) {
0x00014c00 ldrbne r3, [r4, 0xfc] | r3 = *((r4 + 0xfc));
| }
| if (r0 == 1) {
0x00014c04 orrne r3, r3, 2 | r3 |= 2;
| }
| if (r0 != 1) {
0x00014c08 bne 0x14c64 | goto label_9;
| }
0x00014c0c bl 0x10b5c | r0 = errno_location ();
0x00014c10 ldr r7, [r0] | r7 = *(r0);
0x00014c14 cmp r7, 0x5f |
| if (r7 != 0x5f) {
0x00014c18 streq r8, [r0] | *(r0) = r8;
| }
| if (r7 != 0x5f) {
0x00014c1c ldrbeq r3, [r4, 0xfc] | r3 = *((r4 + 0xfc));
| }
0x00014c20 biceq r3, r3, 2 | __asm ("biceq r3, r3, 2");
| if (r7 == 0x5f) {
0x00014c24 beq 0x14c64 | goto label_9;
| }
0x00014c28 ldr r4, [pc, 0x224] |
0x00014c2c ldr r2, [pc, 0x224] | r2 = stderr;
0x00014c30 ldr r1, [pc, 0x248] | r1 = *(0x14e7c);
0x00014c34 ldr r0, [r4] | r0 = *(0x14e50);
0x00014c38 bl 0x10ab4 | fprintf (r0, r1, r2, r3, r4)
0x00014c3c mov r0, r7 | r0 = r7;
0x00014c40 ldr r4, [r4] | r4 = *(0x14e50);
0x00014c44 bl 0x10a18 | strerror (r0);
0x00014c48 str r7, [sp] | *(sp) = r7;
0x00014c4c ldr r3, [pc, 0x20c] | r3 = "_s:_error_:_cannot_open___s_";
0x00014c50 mov r2, 8 | r2 = 8;
0x00014c54 ldr r1, [pc, 0x208] | r1 = *(0x14e60);
0x00014c58 str r0, [sp, 4] | var_4h = r0;
0x00014c5c mov r0, r4 | r0 = r4;
0x00014c60 b 0x14bdc |
| } while (1);
| label_9:
0x00014c64 strb r3, [r4, 0xfc] | *((r4 + 0xfc)) = r3;
0x00014c68 ldr r3, [sp, 0x28] | r3 = var_28h;
0x00014c6c ldrb r7, [sp, 0x18] | r7 = var_18h;
0x00014c70 ldr r0, [sp, 0x20] | r0 = var_20h;
0x00014c74 ldr r2, [sp, 0x24] | r2 = var_24h;
0x00014c78 ldr ip, [sp, 0x2c] | ip = var_2ch;
0x00014c7c mov r1, 0 | r1 = 0;
0x00014c80 cmp r3, 0 |
0x00014c84 str r7, [r4, 0xc] | *((r4 + 0xc)) = r7;
0x00014c88 strd r0, r1, [r4, 0xd8] | __asm ("strd r0, r1, [r4, 0xd8]");
0x00014c8c str r2, [r4, 0xe4] | *((r4 + 0xe4)) = r2;
0x00014c90 str r3, [r4, 0xe8] | *((r4 + 0xe8)) = r3;
0x00014c94 str ip, [r4, 0xf0] | *((r4 + 0xf0)) = ip;
| if (r3 > 0) {
0x00014c98 bgt 0x14cbc | goto label_10;
| }
0x00014c9c str r3, [sp, 4] | var_4h = r3;
0x00014ca0 str r6, [sp] | *(sp) = r6;
0x00014ca4 ldr r2, [pc, 0x1ac] | r2 = stderr;
0x00014ca8 ldr r3, [r4] | r3 = *(r4);
0x00014cac ldr r1, [pc, 0x1d0] | r1 = "%s: error!: MEMGETBADBLOCK ioctl failed\n";
| do {
0x00014cb0 ldr r0, [pc, 0x19c] |
0x00014cb4 ldr r0, [r0] | r0 = *(0x14e50);
0x00014cb8 b 0x14bdc | goto label_1;
| label_10:
0x00014cbc cmp r2, r3 |
0x00014cc0 cmpge r2, 0 | __asm ("cmpge r2, 0");
| if (r2 > r3) {
0x00014cc4 bgt 0x14ce0 | goto label_11;
| }
0x00014cc8 str r2, [sp, 4] | var_4h = r2;
0x00014ccc str r6, [sp] | *(sp) = r6;
0x00014cd0 ldr r2, [pc, 0x180] | r2 = stderr;
0x00014cd4 ldr r3, [r4] | r3 = *(r4);
0x00014cd8 ldr r1, [pc, 0x1a8] | r1 = "_s:_error_:_mtd_d___s__has_insane_min._I_O_unit_size__d";
0x00014cdc b 0x14cb0 |
| } while (1);
| label_11:
0x00014ce0 orrs r3, r0, r1 | r3 = r0 | r1;
| if (r3 != r0) {
0x00014ce4 beq 0x14cf8 |
0x00014ce8 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00014cec cmp r0, r2 |
0x00014cf0 sbcs ip, r1, r3 | __asm ("sbcs ip, r1, r3");
| if (r0 >= r2) {
0x00014cf4 bge 0x14d1c | goto label_12;
| }
| }
0x00014cf8 strd r0, r1, [sp, 8] | __asm ("strd r0, r1, [var_8h]");
0x00014cfc ldr r0, [pc, 0x150] |
0x00014d00 str r6, [sp] | *(sp) = r6;
0x00014d04 ldr r2, [pc, 0x14c] | r2 = stderr;
0x00014d08 ldr r3, [r4] | r3 = *(r4);
0x00014d0c ldr r1, [pc, 0x178] | r1 = "%s: error!: mtd%d (%s) has insane eraseblock size %d\n";
0x00014d10 ldr r0, [r0] | r0 = *(0x14e50);
0x00014d14 bl 0x10ab4 | fprintf (r0, "%s: error!: mtd%d (%s) has insane eraseblock size %d\n", r2, r3, r4, r5, r6)
0x00014d18 b 0x14be0 | goto label_2;
| label_12:
0x00014d1c bl 0x150b0 | fcn_000150b0 (r0);
0x00014d20 str r0, [r4, 0xe0] | *((r4 + 0xe0)) = r0;
0x00014d24 cmp r7, 8 |
| if (r7 > 8) {
| /* switch table (9 cases) at 0x14d30 */
0x00014d28 ldrls pc, [pc, r7, lsl 2] | offset_0 = r7 << 2;
| pc = *((pc + offset_0));
| }
0x00014d2c b 0x14be0 | goto label_2;
0x00014d54 ldr r0, [pc, 0xf8] |
0x00014d58 str r6, [sp] | *(sp) = r6;
0x00014d5c ldr r2, [pc, 0xf4] | r2 = stderr;
0x00014d60 ldr r3, [r4] | r3 = *(r4);
0x00014d64 ldr r1, [pc, 0x124] | r1 = "%s: error!: mtd%d (%s) has insane size %lld\n";
0x00014d68 ldr r0, [r0] | r0 = *(0x14e50);
0x00014d6c bl 0x10ab4 | fprintf (r0, "%s: error!: mtd%d (%s) has insane size %lld\n", r2, r3, r4, r5, r6)
0x00014d70 b 0x14be0 | goto label_2;
0x00014d74 ldr r1, [pc, 0x118] | r1 = "_s:_error_:_mtd_d___s__is_removable_and_is_not_present";
| label_3:
0x00014d78 add r0, r4, 0x10 | r0 = r4 + 0x10;
0x00014d7c bl 0x109f4 | strcpy (r0, "_s:_error_:_mtd_d___s__is_removable_and_is_not_present");
0x00014d80 ldr r3, [sp, 0x1c] | r3 = var_1ch;
0x00014d84 mov r0, r5 | r0 = r5;
0x00014d88 tst r3, 0x400 |
| if ((r3 & 0x400) == 0) {
0x00014d8c ldrbne r3, [r4, 0xfc] | r3 = *((r4 + 0xfc));
| }
| if ((r3 & 0x400) == 0) {
0x00014d90 orrne r3, r3, 1 | r3 |= 1;
| }
| if ((r3 & 0x400) == 0) {
0x00014d94 strbne r3, [r4, 0xfc] | *((r4 + 0xfc)) = r3;
| }
0x00014d98 ldr r3, [r4, 0xe8] | r3 = *((r4 + 0xe8));
0x00014d9c str r3, [r4, 0xec] | *((r4 + 0xec)) = r3;
0x00014da0 bl 0x10bbc | close (r0);
0x00014da4 mov r0, r6 | r0 = r6;
0x00014da8 bl 0x14800 | r0 = fcn_00014800 (r0);
0x00014dac bic r0, r0, r0, asr 31 | r0 = BIT_MASK (r0, r0);
0x00014db0 str r0, [r4, 0xf4] | *((r4 + 0xf4)) = r0;
0x00014db4 add r0, sp, 0xa0 | r0 += var_a0h;
0x00014db8 bl 0x14524 | fcn_00014524 (r0);
0x00014dbc subs r5, r0, 0 | r5 -= var_a0h;
| if (r5 != var_a0h) {
0x00014dc0 bne 0x14a90 | goto label_0;
| }
| do {
0x00014dc4 add r0, sp, 0xa0 | r0 += var_a0h;
0x00014dc8 bl 0x143c0 | r0 = fcn_000143c0 (r0);
0x00014dcc cmp r0, 0 |
| if (r0 == 0) {
0x00014dd0 bne 0x14e34 |
0x00014dd4 ldr r3, [pc, 0xbc] | r3 = *(0x14e94);
0x00014dd8 ldr r0, [pc, 0x74] |
0x00014ddc str r3, [sp] | *(sp) = r3;
0x00014de0 ldr r2, [pc, 0x70] | r2 = stderr;
0x00014de4 ldr r3, [r4] | r3 = *(r4);
0x00014de8 ldr r1, [pc, 0xac] | r1 = "_proc_mtd";
0x00014dec ldr r0, [r0] | r0 = *(0x14e50);
0x00014df0 bl 0x10ab4 | r0 = fprintf (r0, "_proc_mtd", r2, r3)
0x00014df4 bl 0x10b5c | errno_location ();
0x00014df8 mov r3, 2 | r3 = 2;
0x00014dfc str r3, [r0] | *(r0) = r3;
0x00014e00 b 0x14a90 | goto label_0;
0x00014e04 ldr r1, [pc, 0x94] | r1 = "_s:_error_:_mtd_d_not_found_in___s_";
0x00014e08 b 0x14d78 | goto label_3;
0x00014e0c ldr r1, [pc, 0x90] | r1 = "rom";
0x00014e10 b 0x14d78 | goto label_3;
0x00014e14 ldr r1, [pc, 0x8c] | r1 = "nor";
0x00014e18 b 0x14d78 | goto label_3;
0x00014e1c ldr r1, [pc, 0x88] | r1 = *(0x14ea8);
0x00014e20 b 0x14d78 | goto label_3;
0x00014e24 ldr r1, [pc, 0x84] | r1 = "mlc-nand";
0x00014e28 b 0x14d78 | goto label_3;
0x00014e2c ldr r1, [pc, 0x80] | r1 = "dataflash";
0x00014e30 b 0x14d78 | goto label_3;
| }
0x00014e34 ldr r3, [r4] | r3 = *(r4);
0x00014e38 ldr r2, [sp, 0xa0] | r2 = var_a0h;
0x00014e3c cmp r2, r3 |
0x00014e40 bne 0x14dc4 |
| } while (r2 != r3);
0x00014e44 add r1, sp, 0xb0 | r1 += src;
0x00014e48 add r0, r4, 0x51 | r0 = r4 + 0x51;
0x00014e4c bl 0x109f4 | strcpy (r0, r1);
0x00014e50 b 0x14b7c | goto label_4;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/nandwrite @ 0x10c44 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main (char ** envp, int32_t argc, char ** argv) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_14h;
| int32_t var_18h;
| int32_t var_18h_2;
| int32_t var_20h;
| int32_t var_20h_2;
| int32_t fildes;
| int32_t fd;
| char * format;
| size_t size;
| int32_t var_38h;
| int32_t var_38h_2;
| int32_t var_40h;
| int32_t var_44h;
| int32_t var_48h;
| int32_t var_4ch;
| int32_t var_50h;
| int32_t var_80h;
| int32_t var_80h_2;
| int32_t var_b8h;
| int32_t var_190h;
| int32_t var_0h_2;
| char * var_19ch;
| int32_t var_1a0h;
| int32_t var_1a8h;
| int32_t var_1b8h;
| int32_t var_1bch;
| r0 = argc;
| r1 = argv;
0x00010c44 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00010c48 ldr sl, [pc, 0xe64] | sl = "version";
0x00010c4c ldr r5, [pc, 0xe64] | r5 = "version";
0x00010c50 ldr r7, [pc, 0xe64] | r7 = *(0x11ab8);
0x00010c54 sub sp, sp, 0x1bc |
0x00010c58 mov r3, 0 | r3 = 0;
0x00010c5c mov r6, r0 | r6 = r0;
0x00010c60 mov sb, r1 | sb = r1;
0x00010c64 str r3, [sp, 0x50] | var_50h = r3;
| do {
| label_0:
0x00010c68 add r8, sp, 0x1b8 | r8 += var_1b8h;
0x00010c6c mov fp, 0 |
0x00010c70 str fp, [r8, -0x100]! | *((r8 -= 0x100)) = fp;
0x00010c74 mov r3, sl | r3 = sl;
0x00010c78 str r8, [sp] | *(sp) = r8;
0x00010c7c ldr r2, [pc, 0xe3c] | r2 = optarg;
0x00010c80 mov r1, sb | r1 = sb;
0x00010c84 mov r0, r6 | r0 = r6;
0x00010c88 bl 0x10a30 | r0 = getopt_long ();
0x00010c8c cmn r0, 1 |
| if (r0 == 1) {
0x00010c90 beq 0x10e1c | goto label_26;
| }
0x00010c94 cmp r0, 0x68 |
| if (r0 == 0x68) {
0x00010c98 beq 0x10e08 | goto label_27;
| }
| if (r0 > 0x68) {
0x00010c9c bgt 0x10d4c | goto label_28;
| }
0x00010ca0 cmp r0, 0x4f |
| if (r0 == 0x4f) {
0x00010ca4 beq 0x10dd8 | goto label_29;
| }
| if (r0 > 0x4f) {
0x00010ca8 bgt 0x10d10 | goto label_30;
| }
0x00010cac cmp r0, 0x3f |
| if (r0 != 0x3f) {
0x00010cb0 ldreq r3, [sp, 0x50] | r3 = var_50h;
| }
| if (r0 != 0x3f) {
0x00010cb4 addeq r3, r3, 1 | r3++;
| }
| if (r0 != 0x3f) {
0x00010cb8 streq r3, [sp, 0x50] | var_50h = r3;
| }
0x00010cbc beq 0x10c68 |
| } while (r0 == 0x3f);
0x00010cc0 cmp r0, 0x4e |
| if (r0 != 0x4e) {
0x00010cc4 moveq r3, 1 | r3 = 1;
| }
| if (r0 == 0x4e) {
0x00010cc8 strbeq r3, [r5, 0x13] | *((r5 + 0x13)) = r3;
| goto label_31;
| }
| if (r0 == 0x4e) {
| label_31:
0x00010ccc beq 0x10c68 | goto label_0;
| }
0x00010cd0 cmp r0, fp |
| if (r0 != fp) {
0x00010cd4 bne 0x10c68 | goto label_0;
| }
0x00010cd8 ldr r3, [sp, 0xb8] | r3 = var_b8h;
0x00010cdc cmp r3, 2 |
| if (r3 == 2) {
0x00010ce0 beq 0x10dc4 | goto label_32;
| }
0x00010ce4 cmp r3, 3 |
| if (r3 != 3) {
0x00010ce8 moveq r3, 1 | r3 = 1;
| }
| if (r3 == 3) {
0x00010cec strbeq r3, [r5, 0x10] | *((r5 + 0x10)) = r3;
| goto label_33;
| }
| if (r3 == 3) {
| label_33:
0x00010cf0 beq 0x10c68 | goto label_0;
| }
0x00010cf4 cmp r3, 1 |
| if (r3 != 1) {
0x00010cf8 bne 0x10c68 | goto label_0;
| }
0x00010cfc add r1, sp, 0x50 | r1 += var_50h;
0x00010d00 ldr r0, [r7] | r0 = *(r7);
0x00010d04 bl 0x11d6c | fcn_00011d6c (r0, r1);
0x00010d08 strd r0, r1, [r5] | __asm ("strd r0, r1, [r5]");
0x00010d0c b 0x10c68 | goto label_0;
| label_30:
0x00010d10 cmp r0, 0x61 |
| if (r0 == 0x61) {
0x00010d14 beq 0x10dfc | goto label_34;
| }
0x00010d18 cmp r0, 0x62 |
| if (r0 == 0x62) {
0x00010d1c beq 0x10de8 | goto label_35;
| }
0x00010d20 cmp r0, 0x56 |
| if (r0 != 0x56) {
0x00010d24 bne 0x10c68 | goto label_0;
| }
0x00010d28 ldr r1, [pc, 0xe38] | r1 = "Marking block at %08llx bad\n";
0x00010d2c ldr r2, [pc, 0xd90] | r2 = "hb:mnNoOpqs:akV";
0x00010d30 ldr r0, [pc, 0xd90] | r0 = "2.1.0";
0x00010d34 bl 0x10a0c | printf ("2.1.0", "Marking block at %08llx bad\n", "hb:mnNoOpqs:akV");
0x00010d38 ldr r1, [pc, 0xe28] | r1 = "Marking block at %08llx bad\n";
0x00010d3c ldr r0, [pc, 0xd88] | r0 = "%s (mtd-utils) %s\n";
0x00010d40 bl 0x10a0c | printf ("%s (mtd-utils) %s\n", "Marking block at %08llx bad\n");
| label_1:
0x00010d44 mov r0, fp | r0 = fp;
| label_2:
0x00010d48 bl 0x10b68 | r0 = exit (r0);
| label_28:
0x00010d4c cmp r0, 0x6f |
| if (r0 != 0x6f) {
0x00010d50 moveq r3, 1 | r3 = 1;
| }
| if (r0 == 0x6f) {
0x00010d54 strbeq r3, [r5, 0x15] | *((r5 + 0x15)) = r3;
| goto label_36;
| }
| if (r0 == 0x6f) {
| label_36:
0x00010d58 beq 0x10c68 | goto label_0;
| }
| if (r0 > 0x6f) {
0x00010d5c bgt 0x10d8c | goto label_37;
| }
0x00010d60 cmp r0, 0x6d |
| if (r0 != 0x6d) {
0x00010d64 moveq r3, 1 | r3 = 1;
| }
| if (r0 == 0x6d) {
0x00010d68 strbeq r3, [r5, 0x14] | *((r5 + 0x14)) = r3;
| goto label_38;
| }
| if (r0 == 0x6d) {
| label_38:
0x00010d6c beq 0x10c68 | goto label_0;
| }
| if (r0 <= 0x6d) {
0x00010d70 movgt r3, 1 | r3 = 1;
| }
| if (r0 > 0x6d) {
0x00010d74 strbgt r3, [r5, 0x12] | *((r5 + 0x12)) = r3;
| goto label_39;
| }
| if (r0 > 0x6d) {
| label_39:
0x00010d78 bgt 0x10c68 | goto label_0;
| }
0x00010d7c cmp r0, 0x6b |
| if (r0 != 0x6b) {
0x00010d80 moveq r3, 1 | r3 = 1;
| }
| if (r0 != 0x6b) {
0x00010d84 strbeq r3, [r5, 0x21] | *((r5 + 0x21)) = r3;
| }
0x00010d88 b 0x10c68 | goto label_0;
| label_37:
0x00010d8c cmp r0, 0x71 |
| if (r0 != 0x71) {
0x00010d90 moveq r3, 1 | r3 = 1;
| }
| if (r0 == 0x71) {
0x00010d94 strbeq r3, [r5, 0x11] | *((r5 + 0x11)) = r3;
| goto label_40;
| }
| if (r0 == 0x71) {
| label_40:
0x00010d98 beq 0x10c68 | goto label_0;
| }
| if (r0 >= 0x71) {
0x00010d9c movlt r3, 1 | r3 = 1;
| }
| if (r0 < 0x71) {
0x00010da0 strblt r3, [r5, 0x17] | *((r5 + 0x17)) = r3;
| goto label_41;
| }
| if (r0 < 0x71) {
| label_41:
0x00010da4 blt 0x10c68 | goto label_0;
| }
0x00010da8 cmp r0, 0x73 |
| if (r0 != 0x73) {
0x00010dac bne 0x10c68 | goto label_0;
| }
0x00010db0 add r1, sp, 0x50 | r1 += var_50h;
0x00010db4 ldr r0, [r7] | r0 = *(r7);
0x00010db8 bl 0x11d6c | fcn_00011d6c (r0, r1);
0x00010dbc strd r0, r1, [r5, 0x18] | __asm ("strd r0, r1, [r5, 0x18]");
0x00010dc0 b 0x10c68 | goto label_0;
| label_32:
0x00010dc4 add r1, sp, 0x50 | r1 += var_50h;
0x00010dc8 ldr r0, [r7] | r0 = *(r7);
0x00010dcc bl 0x11d6c | fcn_00011d6c (r0, r1);
0x00010dd0 strd r0, r1, [r5, 8] | __asm ("strd r0, r1, [r5, 8]");
0x00010dd4 b 0x10c68 | goto label_0;
| label_29:
0x00010dd8 mov r3, 1 | r3 = 1;
0x00010ddc strb r3, [r5, 0x15] | *((r5 + 0x15)) = r3;
0x00010de0 strb r3, [r5, 0x16] | *((r5 + 0x16)) = r3;
0x00010de4 b 0x10c68 | goto label_0;
| label_35:
0x00010de8 ldr r0, [r7] | r0 = *(r7);
0x00010dec bl 0x10b74 | atoi (r0);
0x00010df0 ldr r3, [pc, 0xcd8] | r3 = "Copyright__C__2003_Thomas_Gleixner__1_s_comes_with_NO_WARRANTYto_the_extent_permitted_by_law.You_may_redistribute_copies_of__1_sunder_the_terms_of_the_GNU_General_Public_Licence.See_the_file__COPYING_for_more_information.";
0x00010df4 str r0, [r3] | *(r3) = r0;
0x00010df8 b 0x10c68 | goto label_0;
| label_34:
0x00010dfc mov r3, 1 | r3 = 1;
0x00010e00 strb r3, [r5, 0x20] | *((r5 + 0x20)) = r3;
0x00010e04 b 0x10c68 | goto label_0;
| label_27:
0x00010e08 ldr r3, [pc, 0xcc4] | r3 = *(0x11ad0);
0x00010e0c ldr r0, [pc, 0xcc4] | r0 = stdout;
0x00010e10 ldr r1, [r3] | r1 = *(0x11ad0);
0x00010e14 bl 0x10b98 | fputs (r0, r1);
0x00010e18 b 0x10d44 | goto label_1;
| label_26:
0x00010e1c ldr ip, [pc, 0xc94] | ip = *(0x00011ab8);
0x00010e20 ldrd r2, r3, [ip, 0x18] | __asm ("ldrd r2, r3, [ip, 0x18]");
0x00010e24 mov r7, ip | r7 = ip;
0x00010e28 cmp r2, 0 |
0x00010e2c sbcs r1, r3, 0 | __asm ("sbcs r1, r3, 0");
| if (r2 >= 0) {
0x00010e30 bge 0x10e54 | goto label_42;
| }
0x00010e34 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00010e38 ldr r3, [pc, 0xd20] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010e3c ldr r2, [pc, 0xd24] | r2 = "Marking block at %08llx bad\n";
0x00010e40 ldr r1, [pc, 0xc94] | r1 = "Usage: nandwrite [OPTION] MTD_DEVICE [INPUTFILE|-]\nWrites to the specified MTD device.\n\n -a, --autoplace Use auto OOB layout\n -k, --skip-all-ffs Skip pages that contain only 0xff bytes\n -m, --markbad Mark blocks bad if write fails\n -n, --noecc Write without ecc\n -N, --noskipbad Write without bad block skipping\n -o, --oob Input contains oob data\n -O, --onlyoob Input contains oob data and only write the oob part\n -s addr, --start=addr Set output start address (default is 0)\n --skip-bad-blocks-to-start Skip bad blocks when seeking to the start address\n -p, --pad Pad writes to page size\n -b, --blockalign=1|2|4 Set multiple of eraseblocks to align to\n --input-skip=length Skip |length| bytes of the input file\n --input-size=length Only read |length| bytes of the input file\n -q, --quiet Don't display progress messages\n -h, --help Display this help and exit\n -V, --version Output version information and exit\n";
0x00010e44 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010e48 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "Usage: nandwrite [OPTION] MTD_DEVICE [INPUTFILE|-]\nWrites to the specified MTD device.\n\n -a, --autoplace Use auto OOB layout\n -k, --skip-all-ffs Skip pages that contain only 0xff bytes\n -m, --markbad Mark blocks bad if write fails\n -n, --noecc Write without ecc\n -N, --noskipbad Write without bad block skipping\n -o, --oob Input contains oob data\n -O, --onlyoob Input contains oob data and only write the oob part\n -s addr, --start=addr Set output start address (default is 0)\n --skip-bad-blocks-to-start Skip bad blocks when seeking to the start address\n -p, --pad Pad writes to page size\n -b, --blockalign=1|2|4 Set multiple of eraseblocks to align to\n --input-skip=length Skip |length| bytes of the input file\n --input-size=length Only read |length| bytes of the input file\n -q, --quiet Don't display progress messages\n -h, --help Display this help and exit\n -V, --version Output version information and exit\n", r2, "_s:_error_:__s:_MTD_Erase_failure")
| do {
| label_4:
0x00010e4c mvn r0, 0 | r0 = ~0;
0x00010e50 b 0x10d48 | goto label_2;
| label_42:
0x00010e54 ldr r5, [pc, 0xc74] | r5 = "Copyright__C__2003_Thomas_Gleixner__1_s_comes_with_NO_WARRANTYto_the_extent_permitted_by_law.You_may_redistribute_copies_of__1_sunder_the_terms_of_the_GNU_General_Public_Licence.See_the_file__COPYING_for_more_information.";
0x00010e58 ldr lr, [r5] | lr = "Copyright__C__2003_Thomas_Gleixner__1_s_comes_with_NO_WARRANTYto_the_extent_permitted_by_law.You_may_redistribute_copies_of__1_sunder_the_terms_of_the_GNU_General_Public_Licence.See_the_file__COPYING_for_more_information.";
0x00010e5c cmp lr, 0 |
| if (lr > 0) {
0x00010e60 bgt 0x10e80 | goto label_43;
| }
0x00010e64 ldr r2, [pc, 0xcfc] | r2 = "Marking block at %08llx bad\n";
0x00010e68 ldr r1, [pc, 0xc70] | r1 = "_s:_error_:_Cant_specify_negative_device_offset_with_option__s:__lld";
0x00010e6c mov r3, lr | r3 = lr;
| label_3:
0x00010e70 ldr r0, [pc, 0xce8] |
0x00010e74 ldr r0, [r0] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010e78 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "_s:_error_:_Cant_specify_negative_device_offset_with_option__s:__lld", "Marking block at %08llx bad\n", r3)
0x00010e7c b 0x10e4c |
| } while (1);
| label_43:
0x00010e80 subs r0, lr, 1 | r0 = lr - 1;
0x00010e84 asr fp, lr, 0x1f |
0x00010e88 sbc r1, fp, 0 | __asm ("sbc r1, envp");
0x00010e8c and r2, lr, r0 | r2 = lr & r0;
0x00010e90 and r3, fp, r1 | r3 = fp & r1;
0x00010e94 orrs r3, r2, r3 | r3 = r2 | r3;
| if (r3 != r2) {
0x00010e98 bne 0x10ed8 | goto label_44;
| }
0x00010e9c ldrb r3, [ip, 0x20] | r3 = *((ip + 0x20));
0x00010ea0 cmp r3, 0 |
0x00010ea4 bne 0x10ee8 |
| while (r3 == 0) {
0x00010ea8 ldrb r3, [r7, 0x16] | r3 = *((r7 + 0x16));
0x00010eac cmp r3, 0 |
| if (r3 != 0) {
0x00010eb0 bne 0x10f0c | goto label_45;
| }
0x00010eb4 ldrb r3, [r7, 0x17] | r3 = *((r7 + 0x17));
0x00010eb8 cmp r3, 0 |
| if (r3 == 0) {
0x00010ebc beq 0x10f0c | goto label_45;
| }
0x00010ec0 ldrb r3, [r7, 0x15] | r3 = *((r7 + 0x15));
0x00010ec4 cmp r3, 0 |
| if (r3 == 0) {
0x00010ec8 beq 0x10f0c | goto label_45;
| }
0x00010ecc ldr r2, [pc, 0xc94] | r2 = "Marking block at %08llx bad\n";
0x00010ed0 ldr r1, [pc, 0xc0c] | r1 = "%s: error!: Can't specify negative or zero blockalign with option -b: %d\n";
0x00010ed4 b 0x10efc | goto label_5;
| label_44:
0x00010ed8 mov r3, lr | r3 = lr;
0x00010edc ldr r2, [pc, 0xc84] | r2 = "Marking block at %08llx bad\n";
0x00010ee0 ldr r1, [pc, 0xc00] | r1 = "_s:_error_:_Cant_pad_when_oob_data_is_present";
0x00010ee4 b 0x10e70 | goto label_3;
0x00010ee8 ldrb r3, [ip, 0x12] | r3 = *((ip + 0x12));
0x00010eec cmp r3, 0 |
0x00010ef0 beq 0x10ea8 |
| }
0x00010ef4 ldr r2, [pc, 0xc6c] | r2 = "Marking block at %08llx bad\n";
0x00010ef8 ldr r1, [pc, 0xbec] | r1 = "%s: error!: Can't specify a non-power-of-two blockalign with option -b: %d\n";
| do {
| label_5:
0x00010efc ldr r3, [pc, 0xc5c] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010f00 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
| label_6:
0x00010f04 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: Can't specify a non-power-of-two blockalign with option -b: %d\n", "Marking block at %08llx bad\n", "_s:_error_:__s:_MTD_Erase_failure")
0x00010f08 b 0x10e4c | goto label_4;
| label_45:
0x00010f0c ldr r3, [pc, 0xbdc] |
0x00010f10 ldr r3, [r3] | r3 = "%s: error!: Autoplacement and no-ECC are mutually exclusive\n";
0x00010f14 sub r6, r6, r3 | r6 -= r3;
0x00010f18 sub r1, r6, 1 | r1 = r6 - 1;
0x00010f1c cmp r1, 1 |
0x00010f20 add r2, sb, r3, lsl 2 | r2 = sb + (r3 << 2);
| if (r1 <= 1) {
0x00010f24 bhi 0x10f34 |
0x00010f28 ldr r1, [sp, 0x50] | r1 = var_50h;
0x00010f2c cmp r1, 0 |
| if (r1 == 0) {
0x00010f30 beq 0x10f4c | goto label_46;
| }
| }
0x00010f34 ldr r3, [pc, 0xc24] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010f38 ldr r0, [pc, 0xb98] | r0 = stdout;
0x00010f3c ldr r1, [r3] | r1 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010f40 bl 0x10b98 | fputs (r0, "_s:_error_:__s:_MTD_Erase_failure");
0x00010f44 mov r0, 1 | r0 = 1;
0x00010f48 b 0x10d48 | goto label_2;
| label_46:
0x00010f4c cmp r6, 2 |
0x00010f50 ldr r0, [sb, r3, lsl 2] | offset_0 = r3 << 2;
| r0 = *((sb + offset_0));
| if (r6 != 2) {
0x00010f54 ldreq r3, [r2, 4] | r3 = *((r2 + 4));
| }
| if (r6 == 2) {
0x00010f58 ldrne r3, [pc, 0xb94] | r3 = *((pc + 0xb94));
| }
0x00010f5c mov r1, 2 | r1 = 2;
0x00010f60 str r0, [r7, 0x24] | *((r7 + 0x24)) = r0;
0x00010f64 str r3, [r7, 0x28] | *((r7 + 0x28)) = r3;
0x00010f68 bl 0x10b20 | r0 = open64 ();
0x00010f6c cmn r0, 1 |
0x00010f70 str r0, [sp, 0x2c] | fd = r0;
| if (r0 == 1) {
0x00010f74 bne 0x10fc4 |
0x00010f78 bl 0x10b5c | errno_location ();
0x00010f7c ldr r5, [pc, 0xbdc] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010f80 ldr r3, [r7, 0x24] | r3 = *((r7 + 0x24));
0x00010f84 ldr r2, [pc, 0xbdc] | r2 = "Marking block at %08llx bad\n";
0x00010f88 ldr r1, [pc, 0xb68] | r1 = *(0x11af4);
0x00010f8c ldr r4, [r0] | r4 = *(r0);
0x00010f90 ldr r0, [r5] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00010f94 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", r1, "Marking block at %08llx bad\n", r3, r4, "_s:_error_:__s:_MTD_Erase_failure")
| label_7:
0x00010f98 mov r0, r4 | r0 = r4;
0x00010f9c ldr r5, [r5] | r5 = *(r5);
0x00010fa0 bl 0x10a18 | strerror (r0);
0x00010fa4 str r4, [sp] | *(sp) = r4;
0x00010fa8 ldr r3, [pc, 0xbc0] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x00010fac mov r2, 0xb | r2 = 0xb;
0x00010fb0 ldr r1, [pc, 0xbbc] | r1 = *(0x11b70);
0x00010fb4 str r0, [sp, 4] | var_4h = r0;
0x00010fb8 mov r0, r5 | r0 = r5;
0x00010fbc bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure", r4)
0x00010fc0 b 0x10e4c | goto label_4;
| }
0x00010fc4 bl 0x12c14 | r0 = fcn_00012c14 ();
0x00010fc8 subs r3, r0, 0 | r3 = r0 - 0;
0x00010fcc str r3, [sp, 0x44] | var_44h = r3;
| if (r3 != r0) {
0x00010fd0 ldreq r2, [pc, 0xb90] | r2 = "nandwrite";
| }
| if (r3 != r0) {
0x00010fd4 ldreq r1, [pc, 0xb20] | r1 = "%s: error!: can't initialize libmtd\n";
| }
0x00010fd8 beq 0x10efc |
| } while (r3 == r0);
0x00010fdc mov r2, r8 | r2 = r8;
0x00010fe0 ldr r1, [r7, 0x24] | r1 = *((r7 + 0x24));
0x00010fe4 bl 0x134c4 | r0 = fcn_000134c4 (r0, r1);
0x00010fe8 cmp r0, 0 |
| if (r0 >= 0) {
0x00010fec ldrlt r2, [pc, 0xb74] | r2 = "nandwrite";
| }
| if (r0 < 0) {
0x00010ff0 ldrlt r1, [pc, 0xb08] | r1 = "%s: error!: mtd_get_dev_info failed\n";
| goto label_47;
| }
| if (r0 < 0) {
| label_47:
0x00010ff4 blt 0x10efc | goto label_5;
| }
0x00010ff8 ldr r1, [sp, 0x1a0] | r1 = var_1a0h;
0x00010ffc ldrd r2, r3, [r7, 0x18] | __asm ("ldrd r2, r3, [r7, 0x18]");
0x00011000 ldr sb, [r5] | sb = *(r5);
0x00011004 sub r0, r1, 1 | r0 = r1 - 1;
0x00011008 and r4, r2, r0 | r4 = r2 & r0;
0x0001100c and r5, r3, r0, asr 31 | r5 = r3 & (r0 >> 31);
0x00011010 orrs r3, r4, r5 | r3 = r4 | r5;
0x00011014 ldr r8, [sp, 0x19c] | r8 = var_19ch;
| if (r3 == r4) {
0x00011018 movne r3, r1 | r3 = r1;
| }
| if (r3 == r4) {
0x0001101c ldrne r2, [pc, 0xb44] | r2 = "nandwrite";
| }
| if (r3 != r4) {
0x00011020 ldrne r1, [pc, 0xadc] | r1 = "%s: error!: The start address is not page-aligned !\nThe pagesize of this NAND Flash is 0x%x.\n\n";
| goto label_48;
| }
| if (r3 != r4) {
| label_48:
0x00011024 bne 0x10e70 | goto label_3;
| }
0x00011028 ldrb r3, [r7, 0x12] | r3 = *((r7 + 0x12));
0x0001102c cmp r3, 0 |
| if (r3 != 0) {
0x00011030 ldrbeq r3, [r7, 0x20] | r3 = *((r7 + 0x20));
| }
| if (r3 != 0) {
0x00011034 beq 0x11054 |
0x00011038 mov r2, 3 | r2 = 3;
0x0001103c ldr r1, [pc, 0xac4] | r1 = "%s: error!: The start address is not page-aligned !\nThe pagesize of this NAND Flash is 0x%x.\n\n";
0x00011040 ldr r0, [sp, 0x2c] | r0 = fd;
0x00011044 bl 0x10a00 | r0 = ioctl (r0, "%s: error!: The start address is not page-aligned !\nThe pagesize of this NAND Flash is 0x%x.\n\n");
0x00011048 cmp r0, 0 |
| if (r0 != 0) {
0x0001104c bne 0x110b4 | goto label_49;
| }
0x00011050 mov r3, 2 | r3 = 2;
| }
0x00011054 ldr r4, [r7, 0x28] | r4 = *((r7 + 0x28));
0x00011058 ldr r1, [pc, 0xa94] | r1 = optind;
0x0001105c mov r0, r4 | r0 = r4;
0x00011060 str r3, [sp, 0x48] | var_48h = r3;
0x00011064 bl 0x10b38 | r0 = strcmp (r0, r1);
0x00011068 subs r3, r0, 0 | r3 = r0 - 0;
0x0001106c str r3, [sp, 0x28] | fildes = r3;
| if (r3 == r0) {
0x00011070 beq 0x110e0 | goto label_50;
| }
0x00011074 mov r1, 0 | r1 = 0;
0x00011078 mov r0, r4 | r0 = r4;
0x0001107c bl 0x10b20 | r0 = open64 ();
0x00011080 cmn r0, 1 |
0x00011084 str r0, [sp, 0x28] | fildes = r0;
| if (r0 != 1) {
0x00011088 bne 0x110e0 | goto label_50;
| }
0x0001108c ldr r0, [r7, 0x28] | r0 = *((r7 + 0x28));
0x00011090 bl 0x10a54 | perror (r0);
0x00011094 mov r2, 0 | r2 = 0;
0x00011098 mov r3, 0 | r3 = 0;
0x0001109c strd r2, r3, [sp, 0x18] | __asm ("strd r2, r3, [var_18h]");
| label_8:
0x000110a0 mov r4, 0 | r4 = 0;
| label_9:
0x000110a4 mov fp, r4 |
0x000110a8 mov r7, r4 | r7 = r4;
| label_16:
0x000110ac mov r5, 1 | r5 = 1;
0x000110b0 b 0x113d8 | goto label_15;
| label_49:
0x000110b4 bl 0x10b5c | errno_location ();
0x000110b8 ldr r5, [pc, 0xaa0] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x000110bc ldr r2, [pc, 0xaa4] | r2 = "Marking block at %08llx bad\n";
0x000110c0 ldr r4, [r0] | r4 = *(r0);
0x000110c4 ldr r0, [r5] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000110c8 cmp r4, 0x19 |
| if (r4 == 0x19) {
0x000110cc ldreq r1, [pc, 0xa38] | r1 = "%s: error!: ioctl MTDFILEMODE is missing\n";
| goto label_51;
| }
| if (r4 == 0x19) {
| label_51:
0x000110d0 beq 0x10f04 | goto label_6;
| }
0x000110d4 ldr r1, [pc, 0xa34] | r1 = "%s: error!: ioctl MTDFILEMODE is missing\n";
| label_14:
0x000110d8 bl 0x10ab4 | fprintf (r0, "%s: error!: ioctl MTDFILEMODE is missing\n")
0x000110dc b 0x10f98 | goto label_7;
| label_50:
0x000110e0 ldrb r3, [r7, 0x15] | r3 = *((r7 + 0x15));
0x000110e4 ldr r2, [sp, 0x1a0] | r2 = var_1a0h;
0x000110e8 cmp r3, 0 |
| if (r3 == 0) {
0x000110ec ldrne r3, [sp, 0x1a8] | r3 = var_1a8h;
| }
0x000110f0 add r3, r2, r3 | r3 = r2 + r3;
0x000110f4 str r3, [sp, 0x34] | size = r3;
0x000110f8 ldrd r2, r3, [r7, 8] | __asm ("ldrd r2, r3, [r7, 8]");
0x000110fc strd r2, r3, [sp, 0x18] | __asm ("strd r2, r3, [var_18h]");
0x00011100 ldr r3, [sp, 0x28] | r3 = fildes;
0x00011104 cmp r3, 0 |
0x00011108 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
| if (r3 == 0) {
0x0001110c bne 0x11144 |
0x00011110 orrs r3, r2, r3 | r3 = r2 | r3;
| if (r3 != r2) {
0x00011114 ldreq r2, [sp, 0x34] | r2 = size;
| }
0x00011118 asreq r3, r2, 0x1f | __asm ("asreq r3, r2, 0x1f");
0x0001111c strdeq r2, r3, [sp, 0x18] | __asm ("strdeq r2, r3, [var_18h]");
0x00011120 ldrd r2, r3, [r7] | __asm ("ldrd r2, r3, [r7]");
0x00011124 orrs r3, r2, r3 | r3 = r2 | r3;
| if (r3 == r2) {
0x00011128 beq 0x1123c | goto label_52;
| }
0x0001112c ldr r3, [pc, 0xa2c] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011130 ldr r2, [pc, 0xa30] | r2 = "Marking block at %08llx bad\n";
0x00011134 ldr r1, [pc, 0x9d8] | r1 = "%s: error!: MTDFILEMODE\n";
0x00011138 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001113c bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: MTDFILEMODE\n", "Marking block at %08llx bad\n", "_s:_error_:__s:_MTD_Erase_failure")
0x00011140 b 0x110a0 | goto label_8;
| }
0x00011144 orrs r3, r2, r3 | r3 = r2 | r3;
| if (r3 != r2) {
0x00011148 bne 0x111b8 | goto label_53;
| }
0x0001114c add r1, sp, 0x50 | r1 += var_50h;
0x00011150 ldr r0, [sp, 0x28] | r0 = fildes;
0x00011154 bl 0x10a90 | r0 = fstat64 ();
0x00011158 cmp r0, 0 |
| if (r0 == 0) {
0x0001115c beq 0x111a4 | goto label_54;
| }
0x00011160 bl 0x10b5c | errno_location ();
0x00011164 ldr r5, [pc, 0x9f4] |
0x00011168 ldr r2, [pc, 0x9f8] | r2 = "Marking block at %08llx bad\n";
0x0001116c ldr r1, [pc, 0x9a4] | r1 = "_s:_error_:_seeking_stdin_not_supported";
0x00011170 ldr r4, [r0] | r4 = *(r0);
0x00011174 ldr r0, [r5] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011178 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "_s:_error_:_seeking_stdin_not_supported", "Marking block at %08llx bad\n", r3, r4, "_s:_error_:__s:_MTD_Erase_failure")
0x0001117c ldr r5, [r5] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
| do {
0x00011180 mov r0, r4 | r0 = r4;
0x00011184 bl 0x10a18 | strerror (r0);
0x00011188 str r4, [sp] | *(sp) = r4;
0x0001118c ldr r3, [pc, 0x9dc] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x00011190 mov r2, 0xb | r2 = 0xb;
0x00011194 ldr r1, [pc, 0x9d8] | r1 = *(0x11b70);
0x00011198 str r0, [sp, 4] | var_4h = r0;
0x0001119c mov r0, r5 | r0 = r5;
0x000111a0 b 0x11234 | goto label_55;
| label_54:
0x000111a4 ldrd r0, r1, [sp, 0x80] | __asm ("ldrd r0, r1, [var_80h]");
0x000111a8 ldrd r2, r3, [r7] | __asm ("ldrd r2, r3, [r7]");
0x000111ac subs r0, r0, r2 | r0 -= r2;
0x000111b0 sbc r1, r1, r3 | __asm ("sbc r1, r1, r3");
0x000111b4 strd r0, r1, [sp, 0x18] | __asm ("strd r0, r1, [var_18h]");
| label_53:
0x000111b8 ldrd r4, r5, [r7] | __asm ("ldrd r4, r5, [r7]");
0x000111bc orrs r3, r4, r5 | r3 = r4 | r5;
| if (r3 != r4) {
0x000111c0 beq 0x1123c |
0x000111c4 mov r6, 1 | r6 = 1;
0x000111c8 mov r2, r4 | r2 = r4;
0x000111cc mov r3, r5 | r3 = r5;
0x000111d0 str r6, [sp] | *(sp) = r6;
0x000111d4 ldr r0, [sp, 0x28] | r0 = fildes;
0x000111d8 bl 0x10b8c | lseek64 ();
0x000111dc mvn r3, 0 | r3 = ~0;
0x000111e0 mvn r2, 0 | r2 = ~0;
0x000111e4 cmp r1, r3 |
0x000111e8 cmpeq r0, r2 | __asm ("cmpeq r0, r2");
| if (r1 != r3) {
0x000111ec bne 0x1123c | goto label_52;
| }
0x000111f0 bl 0x10b5c | errno_location ();
0x000111f4 ldr r8, [pc, 0x964] | r8 = "_s:_error_:__s:_MTD_Erase_failure";
0x000111f8 ldr r2, [pc, 0x968] | r2 = "Marking block at %08llx bad\n";
0x000111fc ldr r1, [pc, 0x918] | r1 = "%s: error!: unable to stat input image\n";
0x00011200 ldr r7, [r0] | r7 = *(r0);
0x00011204 strd r4, r5, [sp] | __asm ("strd r4, r5, [sp]");
0x00011208 ldr r0, [r8] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001120c bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: unable to stat input image\n", "Marking block at %08llx bad\n", r3, r4)
0x00011210 mov r0, r7 | r0 = r7;
0x00011214 ldr r4, [r8] | r4 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011218 bl 0x10a18 | strerror (r0);
0x0001121c ldr r3, [pc, 0x94c] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x00011220 ldr r1, [pc, 0x94c] | r1 = *(0x11b70);
0x00011224 mov r2, 0xb | r2 = 0xb;
0x00011228 str r7, [sp] | *(sp) = r7;
0x0001122c str r0, [sp, 4] | var_4h = r0;
0x00011230 mov r0, r4 | r0 = r4;
| label_55:
0x00011234 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure")
0x00011238 b 0x110a0 | goto label_8;
| }
| label_52:
0x0001123c ldrb r4, [r7, 0x17] | r4 = *((r7 + 0x17));
0x00011240 cmp r4, 0 |
| if (r4 == 0) {
0x00011244 bne 0x11274 |
0x00011248 ldr r2, [sp, 0x34] | r2 = size;
0x0001124c ldrd r0, r1, [sp, 0x18] | __asm ("ldrd r0, r1, [var_18h]");
0x00011250 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00011254 bl 0x150b0 | fcn_000150b0 (r0);
0x00011258 orrs r3, r2, r3 | r3 = r2 | r3;
| if (r3 == r2) {
0x0001125c beq 0x11274 | goto label_56;
| }
0x00011260 ldr r3, [pc, 0x8f8] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011264 ldr r0, [pc, 0x8b4] | r0 = "%s: error!: lseek input by %lld failed\n";
0x00011268 ldr r1, [r3] | r1 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001126c bl 0x10b98 | fputs ("%s: error!: lseek input by %lld failed\n", "_s:_error_:__s:_MTD_Erase_failure");
0x00011270 b 0x110a4 | goto label_9;
| }
| label_56:
0x00011274 ldrb r5, [r7, 0x10] | r5 = *((r7 + 0x10));
0x00011278 mul r3, sb, r8 | r3 = sb * r8;
0x0001127c cmp r5, 0 |
0x00011280 str r3, [sp, 0x30] | format = r3;
| if (r5 != 0) {
0x00011284 bne 0x114a4 | goto label_57;
| }
| label_10:
0x00011288 ldr r2, [sp, 0x34] | r2 = size;
0x0001128c add r3, sp, 0x190 | r3 += var_190h;
0x00011290 ldrd r4, r5, [r3] | __asm ("ldrd r4, r5, [r3]");
0x00011294 ldr r7, [sp, 0x1a0] | r7 = var_1a0h;
0x00011298 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x0001129c ldrd r0, r1, [sp, 0x18] | __asm ("ldrd r0, r1, [var_18h]");
0x000112a0 bl 0x150b0 | fcn_000150b0 (r0);
0x000112a4 asr sb, r7, 0x1f | sb = r7 >> 0x1f;
0x000112a8 ldr r6, [pc, 0x808] | r6 = "version";
0x000112ac mul r3, r0, sb | r3 = r0 * sb;
0x000112b0 umull r8, sb, r0, r7 | r8:sb = r0 * r7;
0x000112b4 mla r2, r7, r1, r3 | __asm ("mla r2, r7, r1, r3");
0x000112b8 add sb, r2, sb | sb = r2 + sb;
0x000112bc ldrd r2, r3, [r6, 0x18] | __asm ("ldrd r2, r3, [r6, 0x18]");
0x000112c0 subs r0, r4, r2 | r0 = r4 - r2;
0x000112c4 sbc r1, r5, r3 | __asm ("sbc r1, r5, r3");
0x000112c8 cmp r0, r8 |
0x000112cc sbcs r3, r1, sb | __asm ("sbcs r3, r1, sb");
| if (r0 >= r8) {
0x000112d0 bge 0x114b8 | goto label_58;
| }
0x000112d4 ldr r3, [sp, 0x1a8] | r3 = var_1a8h;
0x000112d8 ldr r6, [pc, 0x880] | r6 = "_s:_error_:__s:_MTD_Erase_failure";
0x000112dc str r3, [sp, 4] | var_4h = r3;
0x000112e0 ldr r3, [sp, 0x34] | r3 = size;
0x000112e4 strd r4, r5, [sp, 8] | __asm ("strd r4, r5, [var_ch]");
0x000112e8 ldr r1, [pc, 0x834] | r1 = "Input file is not page-aligned. Use the padding option.\n";
0x000112ec str r3, [sp] | *(sp) = r3;
0x000112f0 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x000112f4 ldr r0, [r6] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000112f8 bl 0x10ab4 | r0 = fprintf ("_s:_error_:__s:_MTD_Erase_failure", "Input file is not page-aligned. Use the padding option.\n", r2, r3, r4, r5, "_s:_error_:__s:_MTD_Erase_failure")
0x000112fc bl 0x10b5c | errno_location ();
0x00011300 ldr r2, [pc, 0x860] | r2 = "Marking block at %08llx bad\n";
0x00011304 ldr r1, [pc, 0x81c] | r1 = "Image__lld_bytes__NAND_page__d_bytes__OOB_area__d_bytes__device_size__lld_bytes";
0x00011308 ldr r4, [r0] | r4 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001130c ldr r0, [r6] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011310 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "Image__lld_bytes__NAND_page__d_bytes__OOB_area__d_bytes__device_size__lld_bytes", "Marking block at %08llx bad\n", r3, "_s:_error_:__s:_MTD_Erase_failure")
0x00011314 ldr r5, [r6] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011318 b 0x11180 |
| } while (1);
| do {
0x0001131c ldr r2, [sp, 0x19c] | r2 = var_19ch;
0x00011320 mov r0, r6 | r0 = r6;
0x00011324 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00011328 mov r1, r7 | r1 = r7;
0x0001132c bl 0x150b0 | fcn_000150b0 (r0);
0x00011330 ldr r1, [sp, 0x2c] | r1 = fd;
0x00011334 add r2, r8, r0 | r2 = r8 + r0;
0x00011338 add r0, sp, 0xb8 | r0 += var_b8h;
0x0001133c bl 0x13954 | r0 = fcn_00013954 (r0, r1);
0x00011340 cmp r0, 0 |
| if (r0 != 0) {
0x00011344 bne 0x1137c | goto label_59;
| }
0x00011348 add r8, r8, 1 | r8++;
| label_11:
0x0001134c ldr r3, [sb] | r3 = *(sb);
0x00011350 cmp r8, r3 |
0x00011354 blt 0x1131c |
| } while (r8 < r3);
| label_12:
0x00011358 ldr r3, [sp, 0x30] | r3 = format;
0x0001135c adds r6, r6, r3 | r6 += r3;
0x00011360 adc r7, r7, r3, asr 31 | __asm ("adc r7, r7, r3, asr 31");
| label_13:
0x00011364 ldrd r2, r3, [r4, 0x18] | __asm ("ldrd r2, r3, [r4, 0x18]");
0x00011368 cmp r6, r2 |
0x0001136c sbcs r3, r7, r3 | __asm ("sbcs r3, r7, r3");
| if (r6 >= r2) {
0x00011370 bge 0x11288 | goto label_10;
| }
0x00011374 mov r8, 0 | r8 = 0;
0x00011378 b 0x1134c | goto label_11;
| if (r6 < r2) {
| label_59:
0x0001137c bge 0x1144c |
0x00011380 bl 0x10b5c | errno_location ();
0x00011384 ldr r6, [pc, 0x7d4] |
0x00011388 ldr r3, [pc, 0x728] |
0x0001138c ldr r2, [pc, 0x7d4] | r2 = "Marking block at %08llx bad\n";
0x00011390 ldr r3, [r3, 0x24] | r3 = "Usage: nandwrite [OPTION] MTD_DEVICE [INPUTFILE|-]\nWrites to the specified MTD device.\n\n -a, --autoplace Use auto OOB layout\n -k, --skip-all-ffs Skip pages that contain only 0xff bytes\n -m, --markbad Mark blocks bad if write fails\n -n, --noecc Write without ecc\n -N, --noskipbad Write without bad block skipping\n -o, --oob Input contains oob data\n -O, --onlyoob Input contains oob data and only write the oob part\n -s addr, --start=addr Set output start address (default is 0)\n --skip-bad-blocks-to-start Skip bad blocks when seeking to the start address\n -p, --pad Pad writes to page size\n -b, --blockalign=1|2|4 Set multiple of eraseblocks to align to\n --input-skip=length Skip |length| bytes of the input file\n --input-size=length Only read |length| bytes of the input file\n -q, --quiet Don't display progress messages\n -h, --help Display this help and exit\n -V, --version Output version information and exit\n";
0x00011394 ldr r1, [pc, 0x790] | r1 = "%s: error!: Input file does not fit into device\n";
0x00011398 ldr r4, [r0] | r4 = *(r0);
0x0001139c ldr r0, [r6] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000113a0 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: Input file does not fit into device\n", "Marking block at %08llx bad\n", "version", r4, r5, "_s:_error_:__s:_MTD_Erase_failure")
0x000113a4 mov r0, r4 | r0 = r4;
0x000113a8 ldr r6, [r6] | r6 = "_s:_error_:__s:_MTD_Erase_failure";
0x000113ac bl 0x10a18 | strerror (r0);
0x000113b0 str r4, [sp] | *(sp) = r4;
0x000113b4 ldr r3, [pc, 0x7b4] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x000113b8 mov r2, 0xb | r2 = 0xb;
0x000113bc ldr r1, [pc, 0x7b0] | r1 = *(0x11b70);
0x000113c0 mov r4, 0 | r4 = 0;
0x000113c4 mov fp, r4 |
0x000113c8 mov r7, r4 | r7 = r4;
0x000113cc str r0, [sp, 4] | var_4h = r0;
0x000113d0 mov r0, r6 | r0 = r6;
0x000113d4 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure", r4)
| label_15:
0x000113d8 ldr r0, [sp, 0x28] | r0 = fildes;
0x000113dc bl 0x10bbc | close (r0);
0x000113e0 ldr r0, [sp, 0x44] | r0 = var_44h;
0x000113e4 bl 0x12b98 | fcn_00012b98 (r0);
0x000113e8 mov r0, r7 | r0 = r7;
0x000113ec bl 0x10bd4 | free (r0);
0x000113f0 ldr r0, [sp, 0x2c] | r0 = fd;
0x000113f4 bl 0x10bbc | close (r0);
0x000113f8 cmp r5, 0 |
| if (r5 == 0) {
0x000113fc bne 0x11434 |
0x00011400 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00011404 cmp r2, 1 |
0x00011408 ldr r2, [sp, 0x28] | r2 = fildes;
0x0001140c sbcs r3, r3, 0 | __asm ("sbcs r3, r3, 0");
| if (r2 < 1) {
0x00011410 movge r3, 1 | r3 = 1;
| }
| if (r2 >= 1) {
0x00011414 movlt r3, 0 | r3 = 0;
| }
0x00011418 cmp r2, 0 |
| if (r2 != 0) {
0x0001141c moveq r3, 0 | r3 = 0;
| }
0x00011420 cmp r3, 0 |
| if (r3 != 0) {
0x00011424 bne 0x11434 | goto label_60;
| }
0x00011428 add r7, r7, fp | r7 += fp;
0x0001142c cmp r4, r7 |
| if (r4 >= r7) {
0x00011430 bhs 0x11c30 | goto label_61;
| }
| }
| label_60:
0x00011434 bl 0x10b5c | errno_location ();
0x00011438 ldr r5, [pc, 0x720] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001143c ldr r2, [pc, 0x724] | r2 = "Marking block at %08llx bad\n";
0x00011440 ldr r1, [pc, 0x6e8] | r1 = "_s:_error_:__s:_MTD_get_bad_block_failed";
0x00011444 ldr r4, [r0] | r4 = *(r0);
0x00011448 b 0x11504 | goto label_62;
| }
0x0001144c cmp r0, 1 |
| if (r0 != 1) {
0x00011450 bne 0x11358 | goto label_12;
| }
0x00011454 ldrb r3, [r4, 0x11] | r3 = *((r4 + 0x11));
0x00011458 cmp r3, 0 |
| if (r3 == 0) {
0x0001145c bne 0x11484 |
0x00011460 strd r6, r7, [sp, 8] | __asm ("strd r6, r7, [var_ch]");
0x00011464 ldr r0, [pc, 0x6f4] |
0x00011468 ldr r3, [sb] | r3 = *(sb);
0x0001146c mov r2, r6 | r2 = r6;
0x00011470 str r3, [sp] | *(sp) = r3;
0x00011474 ldr r1, [pc, 0x6b8] | r1 = "_s:_error_:_Data_was_only_partially_written_due_to_error";
0x00011478 mov r3, r7 | r3 = r7;
0x0001147c ldr r0, [r0] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011480 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "_s:_error_:_Data_was_only_partially_written_due_to_error", r2, r3, r4, r5, r6)
| }
0x00011484 ldrd r2, r3, [r4, 0x18] | __asm ("ldrd r2, r3, [r4, 0x18]");
0x00011488 ldr r1, [sp, 0x30] | r1 = format;
0x0001148c adds sl, r2, r1 | sl = r2 + r1;
0x00011490 adc fp, r3, r1, asr 31 | __asm ("adc fp, r3, r1, asr 31");
0x00011494 mov r2, sl | r2 = sl;
0x00011498 mov r3, fp | r3 = fp;
0x0001149c strd r2, r3, [r4, 0x18] | __asm ("strd r2, r3, [r4, 0x18]");
0x000114a0 b 0x11358 | goto label_12;
| label_57:
0x000114a4 mov r6, 0 | r6 = 0;
0x000114a8 mov r7, 0 | r7 = 0;
0x000114ac ldr r4, [pc, 0x604] | r4 = "version";
0x000114b0 ldr sb, [pc, 0x618] | sb = *(0x00011ad0);
0x000114b4 b 0x11364 | goto label_13;
| label_58:
0x000114b8 mov r1, r7 | r1 = r7;
0x000114bc ldr r0, [sp, 0x30] | r0 = format;
0x000114c0 bl 0x14fb4 | fcn_00014fb4 (r0, r1);
0x000114c4 ldr r4, [sp, 0x34] | r4 = size;
0x000114c8 mul r4, r0, r4 | r4 = r0 * r4;
0x000114cc mov r0, r4 | r0 = r4;
0x000114d0 bl 0x10a60 | malloc (r0);
0x000114d4 adds r5, r4, 0 | r5 = r4 + 0;
| if (r5 == r4) {
0x000114d8 movne r5, 1 | r5 = 1;
| }
0x000114dc cmp r0, 0 |
| if (r0 == 0) {
0x000114e0 movne r5, 0 | r5 = 0;
| }
0x000114e4 cmp r5, 0 |
0x000114e8 mov r7, r0 | r7 = r0;
| if (r5 != 0) {
0x000114ec beq 0x1150c |
0x000114f0 bl 0x10b5c | errno_location ();
0x000114f4 ldr r5, [pc, 0x664] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x000114f8 ldr r2, [pc, 0x668] | r2 = "Marking block at %08llx bad\n";
0x000114fc ldr r1, [pc, 0x634] | r1 = "Bad_block_at__llx___u_block_s__from__llx_will_be_skipped";
0x00011500 ldr r4, [r0] | r4 = *(r0);
| label_62:
0x00011504 ldr r0, [r5] | r0 = *(r5);
0x00011508 b 0x110d8 | goto label_14;
| }
0x0001150c mov r1, r4 | r1 = r4;
0x00011510 mov fp, r5 |
0x00011514 mov r4, r5 | r4 = r5;
0x00011518 mvn r8, 0 | r8 = ~0;
0x0001151c mvn sb, 0 | sb = ~0;
0x00011520 bl 0x11d54 | fcn_00011d54 (r0, r1);
0x00011524 str r5, [sp, 0x40] | var_40h = r5;
| label_23:
0x00011528 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x0001152c cmp r2, 1 |
0x00011530 sbcs r3, r3, 0 | __asm ("sbcs r3, r3, 0");
| if (r2 >= 1) {
0x00011534 bge 0x11544 | goto label_63;
| }
0x00011538 add r3, r7, fp | r3 = r7 + fp;
0x0001153c cmp r4, r3 |
| if (r4 >= r3) {
0x00011540 bhs 0x113d8 | goto label_15;
| }
| label_63:
0x00011544 add r3, sp, 0x190 | r3 += var_190h;
0x00011548 ldrd r0, r1, [r6, 0x18] | __asm ("ldrd r0, r1, [r6, 0x18]");
0x0001154c ldrd r2, r3, [r3] | __asm ("ldrd r2, r3, [r3]");
0x00011550 cmp r0, r2 |
0x00011554 sbcs r3, r1, r3 | __asm ("sbcs r3, r1, r3");
| if (r0 >= r2) {
0x00011558 bge 0x113d8 | goto label_15;
| }
0x0001155c ldr r3, [sp, 0x30] | r3 = format;
0x00011560 rsb sl, r3, 0 | sl = r3 - ;
0x00011564 mov r2, sl | r2 = sl;
0x00011568 asr r3, sl, 0x1f | r3 = sl >> 0x1f;
0x0001156c strd r2, r3, [sp, 0x38] | __asm ("strd r2, r3, [var_38h]");
0x00011570 b 0x115e0 |
| while (r1 != sb) {
0x00011574 cmp r4, r7 |
| if (r4 != r7) {
0x00011578 beq 0x1158c |
0x0001157c mov r1, fp | r1 = fp;
0x00011580 mov r0, r7 | r0 = r7;
0x00011584 bl 0x11d54 | fcn_00011d54 (r0, r1);
0x00011588 mov fp, 0 |
| }
0x0001158c ldrb r3, [r6, 0x11] | r3 = *((r6 + 0x11));
0x00011590 cmp r3, 0 |
| if (r3 == 0) {
0x00011594 bne 0x115c8 |
0x00011598 ldr r2, [sp, 0x30] | r2 = format;
0x0001159c ldrd r0, r1, [sp, 0x20] | __asm ("ldrd r0, r1, [var_20h]");
0x000115a0 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x000115a4 bl 0x150b0 | fcn_000150b0 (r0);
0x000115a8 ldrd r2, r3, [sp, 0x20] | __asm ("ldrd r2, r3, [var_20h]");
0x000115ac strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x000115b0 mov r2, r0 | r2 = r0;
0x000115b4 ldr r0, [pc, 0x518] |
0x000115b8 mov r3, r1 | r3 = r1;
0x000115bc ldr r0, [r0] | r0 = *(0x11ad0);
0x000115c0 ldr r1, [pc, 0x574] | r1 = "_s:_error_:_out_of_memory";
0x000115c4 bl 0x10ab4 | fprintf (r0, "_s:_error_:_out_of_memory", r2, r3)
| }
0x000115c8 ldrb r4, [r6, 0x13] | r4 = *((r6 + 0x13));
0x000115cc cmp r4, 0 |
| if (r4 != 0) {
0x000115d0 ldreq r8, [pc, 0x4f8] | r8 = *(0x00011ad0);
| }
| if (r4 == 0) {
0x000115d4 beq 0x117a0 | goto label_64;
| }
| label_17:
0x000115d8 ldrd r8, sb, [sp, 0x20] | __asm ("ldrd r8, sb, [var_20h]");
0x000115dc mov r4, r7 | r4 = r7;
0x000115e0 ldrd r2, r3, [r6, 0x18] | __asm ("ldrd r2, r3, [r6, 0x18]");
0x000115e4 ldrd r0, r1, [sp, 0x38] | __asm ("ldrd r0, r1, [var_38h]");
0x000115e8 and r1, r1, r3 | r1 &= r3;
0x000115ec and r0, r0, r2 | r0 &= r2;
0x000115f0 cmp r1, sb |
0x000115f4 cmpeq r0, r8 | __asm ("cmpeq r0, r8");
0x000115f8 strd r0, r1, [sp, 0x20] | __asm ("strd r0, r1, [var_20h]");
0x000115fc mov r2, r0 | r2 = r0;
0x00011600 bne 0x11574 |
| }
0x00011604 ldr sb, [sp, 0x1a0] | sb = var_1a0h;
0x00011608 add sl, r7, fp | sl = r7 + fp;
0x0001160c add r3, r4, sb | r3 = r4 + sb;
0x00011610 cmp sl, r3 |
| if (sl >= r3) {
0x00011614 sublo sl, sl, r4 | sl -= r4;
| }
| if (sl >= r3) {
0x00011618 movlo r2, 0 | r2 = 0;
| }
| if (sl >= r3) {
0x0001161c movlo r8, sl | r8 = sl;
| }
| if (sl <= r3) {
0x00011620 blo 0x118ac | goto label_65;
| }
| label_19:
0x00011624 ldrb r3, [r6, 0x15] | r3 = *((r6 + 0x15));
0x00011628 cmp r3, 0 |
0x0001162c str r3, [sp, 0x38] | var_38h = r3;
| if (r3 != 0) {
0x00011630 beq 0x11660 |
0x00011634 ldr r3, [sp, 0x1a0] | r3 = var_1a0h;
0x00011638 ldr sb, [sp, 0x1a8] | sb = var_1a8h;
0x0001163c add r3, r4, r3 | r3 = r4 + r3;
0x00011640 add sl, r7, fp | sl = r7 + fp;
0x00011644 str r3, [sp, 0x40] | var_40h = r3;
0x00011648 add r3, r3, sb | r3 += sb;
0x0001164c cmp sl, r3 |
| if (sl >= r3) {
0x00011650 ldrlo r3, [sp, 0x40] | r3 = var_40h;
| }
| if (sl >= r3) {
0x00011654 sublo sl, sl, r3 | sl -= r3;
| }
| if (sl >= r3) {
0x00011658 movlo r8, sl | r8 = sl;
| }
| if (sl <= r3) {
0x0001165c blo 0x11998 | goto label_66;
| }
| }
| label_21:
0x00011660 ldrb r3, [r6, 0x21] | r3 = *((r6 + 0x21));
0x00011664 cmp r3, 0 |
| if (r3 != 0) {
0x00011668 beq 0x116a8 |
0x0001166c ldr r2, [sp, 0x1a0] | r2 = var_1a0h;
0x00011670 cmp r2, 0 |
0x00011674 cmpne r4, 0 | __asm ("cmpne r4, 0");
| if (r2 == 0) {
0x00011678 beq 0x116a8 | goto label_67;
| }
0x0001167c ldrb r3, [r4] | r3 = *(r4);
0x00011680 cmp r3, 0xff |
| if (r3 != 0xff) {
0x00011684 bne 0x116a8 | goto label_67;
| }
0x00011688 cmp r2, 1 |
| if (r2 == 1) {
0x0001168c beq 0x11c10 | goto label_68;
| }
0x00011690 sub r2, r2, 1 | r2--;
0x00011694 add r1, r4, 1 | r1 = r4 + 1;
0x00011698 mov r0, r4 | r0 = r4;
0x0001169c bl 0x10af0 | r0 = memcmp (r0, r1, r2);
0x000116a0 cmp r0, 0 |
| if (r0 == 0) {
0x000116a4 beq 0x11c10 | goto label_68;
| }
| }
| label_67:
0x000116a8 ldr r2, [sp, 0x19c] | r2 = var_19ch;
0x000116ac ldrd r0, r1, [r6, 0x18] | __asm ("ldrd r0, r1, [r6, 0x18]");
0x000116b0 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x000116b4 bl 0x150b0 | fcn_000150b0 (r0);
0x000116b8 ldrb r1, [r6, 0x16] | r1 = *((r6 + 0x16));
0x000116bc ldr r8, [sp, 0x48] | r8 = var_48h;
0x000116c0 cmp r1, 0 |
0x000116c4 ldrb r1, [r6, 0x15] | r1 = *((r6 + 0x15));
| if (r1 == 0) {
0x000116c8 movne ip, 0 |
| }
| if (r1 != 0) {
0x000116cc ldreq ip, [sp, 0x1a0] | ip = var_1a0h;
| }
| if (r1 != 0) {
0x000116d0 moveq lr, r4 | lr = r4;
| }
0x000116d4 str r8, [sp, 0x14] | var_14h = r8;
| if (r1 == 0) {
0x000116d8 movne lr, ip | lr = ip;
| }
0x000116dc cmp r1, 0 |
0x000116e0 mov r3, r0 | r3 = r0;
| if (r1 == 0) {
0x000116e4 ldrne r1, [sp, 0x1a8] | r1 = var_1a8h;
| }
| if (r1 == 0) {
0x000116e8 ldrne r0, [sp, 0x40] | r0 = var_40h;
| }
| if (r1 != 0) {
0x000116ec moveq r0, r1 | r0 = r1;
| }
0x000116f0 str r1, [sp, 0x10] | var_10h = r1;
0x000116f4 str r0, [sp, 0xc] | var_ch = r0;
0x000116f8 stm sp, {r2, lr} | *(sp) = r2;
| *((sp + 4)) = lr;
0x000116fc ldr r0, [sp, 0x44] | r0 = var_44h;
0x00011700 str ip, [sp, 8] | var_8h = ip;
0x00011704 ldr r2, [sp, 0x2c] | r2 = fd;
0x00011708 add r1, sp, 0xb8 | r1 += var_b8h;
0x0001170c bl 0x13c6c | r0 = fcn_00013c6c (r0, r1, r2, r3, r4, r5, r6);
0x00011710 cmp r0, 0 |
| if (r0 == 0) {
0x00011714 beq 0x11c10 | goto label_68;
| }
0x00011718 bl 0x10b5c | errno_location ();
0x0001171c ldr r8, [pc, 0x43c] | r8 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011720 ldr sl, [r0] | sl = *(r0);
0x00011724 mov sb, r0 | sb = r0;
0x00011728 cmp sl, 5 |
0x0001172c ldr r0, [r8] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
| if (sl == 5) {
0x00011730 beq 0x119e4 | goto label_69;
| }
0x00011734 ldr r3, [pc, 0x37c] |
0x00011738 ldr r2, [pc, 0x428] | r2 = "Marking block at %08llx bad\n";
0x0001173c ldr r3, [r3, 0x24] | r3 = "Usage: nandwrite [OPTION] MTD_DEVICE [INPUTFILE|-]\nWrites to the specified MTD device.\n\n -a, --autoplace Use auto OOB layout\n -k, --skip-all-ffs Skip pages that contain only 0xff bytes\n -m, --markbad Mark blocks bad if write fails\n -n, --noecc Write without ecc\n -N, --noskipbad Write without bad block skipping\n -o, --oob Input contains oob data\n -O, --onlyoob Input contains oob data and only write the oob part\n -s addr, --start=addr Set output start address (default is 0)\n --skip-bad-blocks-to-start Skip bad blocks when seeking to the start address\n -p, --pad Pad writes to page size\n -b, --blockalign=1|2|4 Set multiple of eraseblocks to align to\n --input-skip=length Skip |length| bytes of the input file\n --input-size=length Only read |length| bytes of the input file\n -q, --quiet Don't display progress messages\n -h, --help Display this help and exit\n -V, --version Output version information and exit\n";
0x00011740 ldr r1, [pc, 0x3f8] | r1 = "Writing data to block %lld at offset 0x%llx\n";
0x00011744 bl 0x10ab4 | fprintf (r0, "Writing data to block %lld at offset 0x%llx\n", "Marking block at %08llx bad\n", "version")
0x00011748 mov r0, sl | r0 = sl;
0x0001174c ldr r5, [r8] | r5 = *(r8);
0x00011750 bl 0x10a18 | strerror (r0);
0x00011754 str sl, [sp] | *(sp) = sl;
0x00011758 ldr r3, [pc, 0x410] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x0001175c mov r2, 0xb | r2 = 0xb;
0x00011760 ldr r1, [pc, 0x40c] | r1 = *(0x11b70);
0x00011764 str r0, [sp, 4] | var_4h = r0;
0x00011768 mov r0, r5 | r0 = r5;
0x0001176c bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure")
0x00011770 b 0x110ac | goto label_16;
| do {
0x00011774 ldr r2, [sp, 0x19c] | r2 = var_19ch;
0x00011778 ldrd r0, r1, [sp, 0x20] | __asm ("ldrd r0, r1, [var_20h]");
0x0001177c asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00011780 bl 0x150b0 | fcn_000150b0 (r0);
0x00011784 ldr r1, [sp, 0x2c] | r1 = fd;
0x00011788 add r2, r4, r0 | r2 = r4 + r0;
0x0001178c add r0, sp, 0xb8 | r0 += var_b8h;
0x00011790 bl 0x13954 | r0 = fcn_00013954 (r0, r1);
0x00011794 cmp r0, 0 |
| if (r0 != 0) {
0x00011798 bne 0x117b0 | goto label_70;
| }
0x0001179c add r4, r4, 1 | r4++;
| label_64:
0x000117a0 ldr r3, [r8] | r3 = *(r8);
0x000117a4 cmp r4, r3 |
0x000117a8 blt 0x11774 |
| } while (r4 < r3);
0x000117ac b 0x115d8 | goto label_17;
| if (r4 < r3) {
| label_70:
0x000117b0 bge 0x11804 |
0x000117b4 bl 0x10b5c | errno_location ();
0x000117b8 ldr r5, [pc, 0x3a0] |
0x000117bc ldr r3, [r6, 0x24] | r3 = *((r6 + 0x24));
0x000117c0 ldr r2, [pc, 0x3a0] | r2 = "Marking block at %08llx bad\n";
0x000117c4 ldr r1, [pc, 0x360] | r1 = "%s: error!: Input file does not fit into device\n";
0x000117c8 ldr r4, [r0] | r4 = *(r0);
0x000117cc ldr r0, [r5] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000117d0 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: Input file does not fit into device\n", "Marking block at %08llx bad\n", r3, r4, "_s:_error_:__s:_MTD_Erase_failure")
0x000117d4 mov r0, r4 | r0 = r4;
0x000117d8 ldr r5, [r5] | r5 = "_s:_error_:__s:_MTD_Erase_failure";
0x000117dc bl 0x10a18 | strerror (r0);
0x000117e0 str r4, [sp] | *(sp) = r4;
0x000117e4 ldr r3, [pc, 0x384] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x000117e8 mov r2, 0xb | r2 = 0xb;
0x000117ec ldr r1, [pc, 0x380] | r1 = *(0x11b70);
0x000117f0 str r0, [sp, 4] | var_4h = r0;
0x000117f4 mov r0, r5 | r0 = r5;
0x000117f8 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure", r4)
| label_18:
0x000117fc mov r4, r7 | r4 = r7;
0x00011800 b 0x110ac | goto label_16;
| }
0x00011804 cmp r0, 1 |
| if (r0 != 1) {
0x00011808 bne 0x115d8 | goto label_17;
| }
0x0001180c ldrb r3, [r6, 0x11] | r3 = *((r6 + 0x11));
0x00011810 cmp r3, 0 |
| if (r3 == 0) {
0x00011814 bne 0x11834 |
0x00011818 ldr r3, [r8] | r3 = *(r8);
0x0001181c ldr r0, [pc, 0x33c] |
0x00011820 str r3, [sp] | *(sp) = r3;
0x00011824 ldr r1, [pc, 0x318] | r1 = "%s: error!: %s: MTD write failure\n";
0x00011828 ldrd r2, r3, [sp, 0x20] | __asm ("ldrd r2, r3, [var_20h]");
0x0001182c ldr r0, [r0] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011830 bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "%s: error!: %s: MTD write failure\n", r2, r3)
| }
0x00011834 ldr r3, [sp, 0x30] | r3 = format;
0x00011838 ldrd r0, r1, [sp, 0x20] | __asm ("ldrd r0, r1, [var_20h]");
0x0001183c adds r0, r0, r3 | r0 += r3;
0x00011840 adc r1, r1, r3, asr 31 | __asm ("adc r1, r1, r3, asr 31");
0x00011844 add r3, sp, 0x190 | r3 += var_190h;
0x00011848 ldrd r2, r3, [r3] | __asm ("ldrd r2, r3, [r3]");
0x0001184c strd r0, r1, [r6, 0x18] | __asm ("strd r0, r1, [r6, 0x18]");
0x00011850 cmp r2, r0 |
0x00011854 sbcs r3, r3, r1 | __asm ("sbcs r3, r3, r1");
| if (r2 >= r0) {
0x00011858 bge 0x115d8 | goto label_17;
| }
0x0001185c ldr r3, [pc, 0x2fc] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x00011860 ldr r2, [pc, 0x300] | r2 = "Marking block at %08llx bad\n";
0x00011864 ldr r1, [pc, 0x2dc] | r1 = "Bad_block_at__llx___u_block_s__will_be_skipped";
0x00011868 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x0001186c bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "Bad_block_at__llx___u_block_s__will_be_skipped", "Marking block at %08llx bad\n", "_s:_error_:__s:_MTD_Erase_failure")
0x00011870 b 0x117fc | goto label_18;
| do {
0x00011874 sub r3, sb, r8 | r3 = sb - r8;
0x00011878 mov r2, r3 | r2 = r3;
0x0001187c add r1, r4, r8 | r1 = r4 + r8;
0x00011880 ldr r0, [sp, 0x28] | r0 = fildes;
0x00011884 str r3, [sp, 0x38] | var_38h = r3;
0x00011888 bl 0x10ad8 | read (r0, r1, r2);
0x0001188c ldr r3, [sp, 0x38] | r3 = var_38h;
0x00011890 subs r2, r0, 0 | r2 = r0 - 0;
| if (r2 == r0) {
0x00011894 beq 0x118c0 | goto label_71;
| }
| if (r2 < r0) {
0x00011898 bge 0x118a8 |
0x0001189c ldr r0, [pc, 0x2a8] | r0 = "_s:_error_:_too_many_bad_blocks__cannot_complete_request";
0x000118a0 bl 0x10a54 | perror ("_s:_error_:_too_many_bad_blocks__cannot_complete_request");
0x000118a4 b 0x110ac | goto label_16;
| }
0x000118a8 add r8, r8, r2 | r8 += r2;
| label_65:
0x000118ac cmp sb, r8 |
0x000118b0 bhi 0x11874 |
| } while (sb > r8);
0x000118b4 cmp r8, 0 |
| if (r8 == 0) {
0x000118b8 bne 0x11918 |
0x000118bc b 0x118c8 | goto label_72;
| label_71:
0x000118c0 cmp r8, 0 |
| if (r8 == 0) {
0x000118c4 bne 0x118e0 |
| label_72:
0x000118c8 ldr r3, [sp, 0x28] | r3 = fildes;
0x000118cc cmp r3, 0 |
| if (r3 != 0) {
0x000118d0 moveq r2, 0 | r2 = 0;
| }
| if (r3 != 0) {
0x000118d4 moveq r3, 0 | r3 = 0;
| }
0x000118d8 strdeq r2, r3, [sp, 0x18] | __asm ("strdeq r2, r3, [var_18h]");
0x000118dc b 0x113d8 | goto label_15;
| }
0x000118e0 ldrb r1, [r6, 0x17] | r1 = *((r6 + 0x17));
0x000118e4 cmp r1, 0 |
| if (r1 == 0) {
0x000118e8 bne 0x11904 |
0x000118ec mov r2, r3 | r2 = r3;
0x000118f0 ldr r3, [pc, 0x268] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x000118f4 ldr r1, [pc, 0x254] | r1 = "File_I_O_error_on_input";
0x000118f8 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000118fc bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "File_I_O_error_on_input", r2, "_s:_error_:__s:_MTD_Erase_failure")
0x00011900 b 0x110ac | goto label_16;
| }
0x00011904 mov r1, r3 | r1 = r3;
0x00011908 add r0, r4, r8 | r0 = r4 + r8;
0x0001190c str r2, [sp, 0x38] | var_38h = r2;
0x00011910 bl 0x11d54 | fcn_00011d54 (r0, r1);
0x00011914 ldr r2, [sp, 0x38] | r2 = var_38h;
| }
0x00011918 ldr r3, [sp, 0x28] | r3 = fildes;
0x0001191c add sb, sb, fp | sb += fp;
0x00011920 cmp r3, 0 |
0x00011924 sub fp, sb, sl |
| if (r3 != 0) {
0x00011928 beq 0x11944 |
0x0001192c ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x00011930 sub r8, r8, sl | r8 -= sl;
0x00011934 subs r2, r2, r8 | r2 -= r8;
0x00011938 sbc r3, r3, 0 | __asm ("sbc r3, r3, 0");
| label_20:
0x0001193c strd r2, r3, [sp, 0x18] | __asm ("strd r2, r3, [var_18h]");
0x00011940 b 0x11624 | goto label_19;
| }
0x00011944 cmp r2, 0 |
| if (r2 != 0) {
0x00011948 bne 0x11624 | goto label_19;
| }
0x0001194c mov r2, 0 | r2 = 0;
0x00011950 mov r3, 0 | r3 = 0;
0x00011954 b 0x1193c | goto label_20;
| do {
0x00011958 sub r3, sb, r8 | r3 = sb - r8;
0x0001195c mov r2, r3 | r2 = r3;
0x00011960 str r3, [sp, 0x4c] | var_4ch = r3;
0x00011964 ldr r3, [sp, 0x40] | r3 = var_40h;
0x00011968 ldr r0, [sp, 0x28] | r0 = fildes;
0x0001196c add r1, r3, r8 | r1 = r3 + r8;
0x00011970 bl 0x10ad8 | read (r0, r1, r2);
0x00011974 ldr r3, [sp, 0x4c] | r3 = var_4ch;
0x00011978 cmp r0, 0 |
| if (r0 == 0) {
0x0001197c beq 0x119cc | goto label_73;
| }
| if (r0 < 0) {
0x00011980 bge 0x11994 |
0x00011984 ldr r0, [pc, 0x1c0] | r0 = "_s:_error_:_too_many_bad_blocks__cannot_complete_request";
0x00011988 bl 0x10a54 | perror ("_s:_error_:_too_many_bad_blocks__cannot_complete_request");
| label_22:
0x0001198c ldr r5, [sp, 0x38] | r5 = var_38h;
0x00011990 b 0x113d8 | goto label_15;
| }
0x00011994 add r8, r8, r0 | r8 += r0;
| label_66:
0x00011998 cmp sb, r8 |
0x0001199c bhi 0x11958 |
| } while (sb > r8);
0x000119a0 ldr r3, [sp, 0x28] | r3 = fildes;
0x000119a4 add sb, sb, fp | sb += fp;
0x000119a8 cmp r3, 0 |
0x000119ac sub fp, sb, sl |
| if (r3 == 0) {
0x000119b0 beq 0x11660 | goto label_21;
| }
0x000119b4 ldrd r2, r3, [sp, 0x18] | __asm ("ldrd r2, r3, [var_18h]");
0x000119b8 sub r8, r8, sl | r8 -= sl;
0x000119bc subs r2, r2, r8 | r2 -= r8;
0x000119c0 sbc r3, r3, 0 | __asm ("sbc r3, r3, 0");
0x000119c4 strd r2, r3, [sp, 0x18] | __asm ("strd r2, r3, [var_18h]");
0x000119c8 b 0x11660 | goto label_21;
| label_73:
0x000119cc mov r2, r3 | r2 = r3;
0x000119d0 ldr r3, [pc, 0x188] | r3 = "_s:_error_:__s:_MTD_Erase_failure";
0x000119d4 ldr r1, [pc, 0x178] | r1 = "Unexpected_EOF._Expecting_at_least__zu_more_bytes._Use_the_padding_option.";
0x000119d8 ldr r0, [r3] | r0 = "_s:_error_:__s:_MTD_Erase_failure";
0x000119dc bl 0x10ab4 | fprintf ("_s:_error_:__s:_MTD_Erase_failure", "Unexpected_EOF._Expecting_at_least__zu_more_bytes._Use_the_padding_option.", r2, "_s:_error_:__s:_MTD_Erase_failure")
0x000119e0 b 0x1198c | goto label_22;
| label_69:
0x000119e4 ldr r1, [sp, 0x30] | r1 = format;
0x000119e8 ldrd r2, r3, [sp, 0x20] | __asm ("ldrd r2, r3, [var_20h]");
0x000119ec adds r2, r2, r1 | r2 += r1;
0x000119f0 adc r3, r3, r1, asr 31 | __asm ("adc r3, r3, r1, asr 31");
0x000119f4 strd r2, r3, [sp, 0x38] | __asm ("strd r2, r3, [var_38h]");
0x000119f8 ldr r1, [pc, 0x158] | r1 = "Unexpected_EOF._Expecting_at_least__zu_more_bytes_for_OOB";
0x000119fc subs r2, r2, 1 | r2--;
0x00011a00 sbc r3, r3, 0 | __asm ("sbc r3, r3, 0");
0x00011a04 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00011a08 ldrd r2, r3, [sp, 0x20] | __asm ("ldrd r2, r3, [var_20h]");
0x00011a0c bl 0x10ab4 | fprintf (r0, r1, r2, r3)
0x00011a10 ldr r2, [sp, 0x19c] | r2 = var_19ch;
0x00011a14 ldrd r0, r1, [sp, 0x20] | __asm ("ldrd r0, r1, [var_20h]");
0x00011a18 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00011a1c bl 0x150b0 | fcn_000150b0 (r0);
0x00011a20 ldr r3, [pc, 0xa8] |
0x00011a24 ldr r2, [sp, 0x2c] | r2 = fd;
0x00011a28 ldr r3, [r3] | r3 = "Copyright__C__2003_Thomas_Gleixner__1_s_comes_with_NO_WARRANTYto_the_extent_permitted_by_law.You_may_redistribute_copies_of__1_sunder_the_terms_of_the_GNU_General_Public_Licence.See_the_file__COPYING_for_more_information.";
0x00011a2c add r1, sp, 0xb8 | r1 += var_b8h;
0x00011a30 str r3, [sp] | *(sp) = r3;
0x00011a34 mov r3, r0 | r3 = r0;
0x00011a38 ldr r0, [sp, 0x44] | r0 = var_44h;
0x00011a3c bl 0x136bc | r0 = fcn_000136bc (r0, r1, r2);
0x00011a40 cmp r0, 0 |
0x00011a44 bne 0x11a68 |
| while (r4 == 5) {
0x00011a48 ldrb r8, [r6, 0x14] | r8 = *((r6 + 0x14));
0x00011a4c cmp r8, 0 |
| if (r8 != 0) {
0x00011a50 bne 0x11b78 | goto label_74;
| }
| label_24:
0x00011a54 ldrd r2, r3, [sp, 0x38] | __asm ("ldrd r2, r3, [var_38h]");
0x00011a58 mov r4, r7 | r4 = r7;
0x00011a5c strd r2, r3, [r6, 0x18] | __asm ("strd r2, r3, [r6, 0x18]");
| label_25:
0x00011a60 ldrd r8, sb, [sp, 0x20] | __asm ("ldrd r8, sb, [var_20h]");
0x00011a64 b 0x11528 | goto label_23;
0x00011a68 ldr r4, [sb] | r4 = *(sb);
0x00011a6c ldr r3, [r6, 0x24] | r3 = *((r6 + 0x24));
0x00011a70 ldr r2, [pc, 0xf0] | r2 = "Marking block at %08llx bad\n";
0x00011a74 ldr r1, [pc, 0xe0] | r1 = "Erasing_failed_write_from__08llx_to__08llx";
0x00011a78 ldr r0, [r8] | r0 = *(r8);
0x00011a7c bl 0x10ab4 | fprintf (r0, "Erasing_failed_write_from__08llx_to__08llx", "Marking block at %08llx bad\n", r3, r4)
0x00011a80 mov r0, r4 | r0 = r4;
0x00011a84 ldr r8, [r8] | r8 = *(r8);
0x00011a88 bl 0x10a18 | strerror (r0);
0x00011a8c str r4, [sp] | *(sp) = r4;
0x00011a90 ldr r3, [pc, 0xd8] | r3 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x00011a94 mov r2, 0xb | r2 = 0xb;
0x00011a98 ldr r1, [pc, 0xd4] | r1 = *(0x11b70);
0x00011a9c str r0, [sp, 4] | var_4h = r0;
0x00011aa0 mov r0, r8 | r0 = r8;
0x00011aa4 bl 0x10ab4 | fprintf (r0, r1, r2, "_s:_error_:__s:_MTD_Mark_bad_block_failure", r4)
0x00011aa8 cmp r4, 5 |
0x00011aac beq 0x11a48 |
| }
0x00011ab0 b 0x117fc | goto label_18;
| label_74:
0x00011b78 ldr r1, [sp, 0x19c] | r1 = var_19ch;
0x00011b7c ldrd r2, r3, [r6, 0x18] | __asm ("ldrd r2, r3, [r6, 0x18]");
0x00011b80 ldr r4, [pc, -0x28] | r4 = obj.stderr;
0x00011b84 rsb r1, r1, 0 | r1 -= ;
0x00011b88 and r2, r2, r1 | r2 &= r1;
0x00011b8c and r3, r3, r1, asr 31 | r3 &= (r1 >> 31);
0x00011b90 ldr r0, [r4] | r0 = *(r4);
0x00011b94 ldr r1, [pc, -0x38] | r1 = "Marking block at %08llx bad\n";
0x00011b98 bl 0x10ab4 | fprintf (r0, r1, r2, r3, r4)
0x00011b9c ldr r2, [sp, 0x19c] | r2 = var_19ch;
0x00011ba0 ldrd r0, r1, [r6, 0x18] | __asm ("ldrd r0, r1, [r6, 0x18]");
0x00011ba4 asr r3, r2, 0x1f | r3 = r2 >> 0x1f;
0x00011ba8 bl 0x150b0 | fcn_000150b0 (r0);
0x00011bac ldr r1, [sp, 0x2c] | r1 = fd;
0x00011bb0 mov r2, r0 | r2 = r0;
0x00011bb4 add r0, sp, 0xb8 | r0 += var_b8h;
0x00011bb8 bl 0x139c4 | r0 = fcn_000139c4 (r0, r1);
0x00011bbc cmp r0, 0 |
| if (r0 == 0) {
0x00011bc0 beq 0x11a54 | goto label_24;
| }
0x00011bc4 ldr r5, [sb] | r5 = *(sb);
0x00011bc8 ldr r3, [r6, 0x24] | r3 = *((r6 + 0x24));
0x00011bcc ldr r2, [pc, -0x6c] | r2 = "nandwrite";
0x00011bd0 ldr r1, [pc, -0x6c] | r1 = "_s:_error_:__s:_MTD_Mark_bad_block_failure";
0x00011bd4 ldr r0, [r4] | r0 = *(r4);
0x00011bd8 bl 0x10ab4 | fprintf (r0, "_s:_error_:__s:_MTD_Mark_bad_block_failure", "nandwrite", r3, r4, r5)
0x00011bdc mov r0, r5 | r0 = r5;
0x00011be0 ldr r4, [r4] | r4 = *(r4);
0x00011be4 bl 0x10a18 | strerror (r0);
0x00011be8 str r5, [sp] | *(sp) = r5;
0x00011bec ldr r3, [pc, -0x84] | r3 = *(0x00011b70);
0x00011bf0 mov r2, 0xb | r2 = 0xb;
0x00011bf4 ldr r1, [pc, -0x88] | r1 = "_serror__d___s_";
0x00011bf8 mov r5, r8 | r5 = r8;
0x00011bfc str r0, [sp, 4] | var_4h = r0;
0x00011c00 mov r0, r4 | r0 = r4;
0x00011c04 bl 0x10ab4 | fprintf (r0, "_serror__d___s_", r2, r3, r4, r5)
0x00011c08 mov r4, r7 | r4 = r7;
0x00011c0c b 0x113d8 | goto label_15;
| label_68:
0x00011c10 ldrd r2, r3, [r6, 0x18] | __asm ("ldrd r2, r3, [r6, 0x18]");
0x00011c14 ldr r1, [sp, 0x1a0] | r1 = var_1a0h;
0x00011c18 adds r8, r2, r1 | r8 = r2 + r1;
0x00011c1c adc sb, r3, r1, asr 31 | __asm ("adc sb, r3, r1, asr 31");
0x00011c20 ldr r3, [sp, 0x34] | r3 = size;
0x00011c24 strd r8, sb, [r6, 0x18] | __asm ("strd r8, sb, [r6, 0x18]");
0x00011c28 add r4, r4, r3 | r4 += r3;
0x00011c2c b 0x11a60 | goto label_25;
| label_61:
0x00011c30 mov r0, r5 | r0 = r5;
0x00011c34 add sp, sp, 0x1bc |
0x00011c38 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| }
[*] Function fprintf used 120 times nandwrite
