[*] Binary protection state of mtd_debug
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of mtd_debug
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/mtd_debug @ 0x1070c */
| #include <stdint.h>
|
; (fcn) main () | int32_t main (uint32_t argc, char ** argv) {
| int32_t var_0h;
| int32_t var_0h_2;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_14h;
| int32_t var_1ch;
| int32_t var_20h;
| int32_t var_24h;
| int32_t var_28h;
| int32_t var_2ch;
| int32_t var_30h;
| int32_t var_34h;
| int32_t var_44h;
| r0 = argc;
| r1 = argv;
| /* [10] -r-x section size 2560 named .text */
0x0001070c cmp r0, 3 |
0x00010710 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00010714 mov r4, r1 | r4 = r1;
0x00010718 sub sp, sp, 0x44 |
| if (r0 != 3) {
0x0001071c bne 0x10750 | goto label_21;
| }
0x00010720 ldr r1, [pc, 0x75c] | r1 = *(0x10e80);
0x00010724 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00010728 bl 0x106b8 | r0 = strcmp (r0, r1);
0x0001072c cmp r0, 0 |
| if (r0 == 0) {
0x00010730 beq 0x107b4 | goto label_22;
| }
| do {
| label_0:
0x00010734 ldr r3, [pc, 0x74c] | r3 = "info";
0x00010738 ldr r2, [pc, 0x74c] | r2 = stderr;
0x0001073c ldr r1, [pc, 0x74c] | r1 = "mtd_debug";
0x00010740 ldr r0, [r3] | r0 = "info";
0x00010744 bl 0x10658 | fprintf ("info", "mtd_debug", r2, "info")
0x00010748 mov r0, 1 | r0 = 1;
| label_1:
0x0001074c bl 0x106c4 | r0 = exit (r0);
| label_21:
0x00010750 cmp r0, 6 |
| if (r0 != 6) {
0x00010754 bne 0x1078c | goto label_23;
| }
0x00010758 ldr r5, [r1, 4] | r5 = *((r1 + 4));
0x0001075c ldr r1, [pc, 0x730] | r1 = "usage:__1_s_info__device_________1_s_read__device___offset___len___dest_filename_________1_s_write__device___offset___len___source_filename_________1_s_erase__device___offset___len_";
0x00010760 mov r0, r5 | r0 = r5;
0x00010764 bl 0x106b8 | r0 = strcmp (r0, "usage:__1_s_info__device_________1_s_read__device___offset___len___dest_filename_________1_s_write__device___offset___len___source_filename_________1_s_erase__device___offset___len_");
0x00010768 cmp r0, 0 |
| if (r0 == 0) {
0x0001076c beq 0x107e8 | goto label_24;
| }
0x00010770 ldr r1, [pc, 0x720] | r1 = "read";
0x00010774 mov r0, r5 | r0 = r5;
0x00010778 bl 0x106b8 | r0 = strcmp (r0, "read");
0x0001077c cmp r0, 0 |
0x00010780 bne 0x10734 |
| } while (r0 != 0);
0x00010784 mov r5, 2 | r5 = 2;
0x00010788 b 0x107ac | goto label_25;
| label_23:
0x0001078c cmp r0, 5 |
| if (r0 != 5) {
0x00010790 bne 0x10734 | goto label_0;
| }
0x00010794 ldr r1, [pc, 0x700] | r1 = "write";
0x00010798 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x0001079c bl 0x106b8 | r0 = strcmp (r0, "write");
0x000107a0 cmp r0, 0 |
| if (r0 == 0) {
0x000107a4 moveq r5, 3 | r5 = 3;
| goto label_26;
| }
| if (r0 != 0) {
| label_26:
0x000107a8 bne 0x10734 | goto label_0;
| }
| label_25:
0x000107ac mov r0, 2 | r0 = 2;
0x000107b0 b 0x107b8 | goto label_27;
| label_22:
0x000107b4 mov r5, r0 | r5 = r0;
| do {
| label_27:
0x000107b8 orr r1, r0, 0x1000 | r1 = r0 | 0x1000;
0x000107bc ldr r0, [r4, 8] | r0 = *((r4 + 8));
0x000107c0 bl 0x106ac | r0 = open64 ();
0x000107c4 subs sb, r0, 0 | sb = r0 - 0;
| if (sb >= r0) {
0x000107c8 bge 0x107f0 | goto label_28;
| }
0x000107cc ldr r2, [pc, 0x6b8] | r2 = stderr;
0x000107d0 ldr r1, [pc, 0x6c8] | r1 = "erase";
| label_8:
0x000107d4 ldr r3, [pc, 0x6ac] | r3 = "info";
0x000107d8 ldr r0, [r3] | r0 = "info";
0x000107dc bl 0x10658 | fprintf ("info", "erase", r2, "info")
0x000107e0 mvn r0, 0 | r0 = ~0;
0x000107e4 b 0x1074c | goto label_1;
| label_24:
0x000107e8 mov r5, 1 | r5 = 1;
0x000107ec b 0x107b8 |
| } while (1);
| label_28:
0x000107f0 cmp r5, 2 |
| if (r5 == 2) {
0x000107f4 beq 0x10c5c | goto label_29;
| }
0x000107f8 cmp r5, 3 |
| if (r5 == 3) {
0x000107fc beq 0x10e10 | goto label_30;
| }
0x00010800 cmp r5, 1 |
| if (r5 == 1) {
0x00010804 beq 0x10a54 | goto label_31;
| }
0x00010808 add r2, sp, 0x20 | r2 += var_20h;
0x0001080c ldr r1, [pc, 0x690] | r1 = "_s:_error_:_open__";
0x00010810 bl 0x105ec | r0 = ioctl (r0, "_s:_error_:_open__");
0x00010814 cmp r0, 0 |
| if (r0 >= 0) {
0x00010818 ldrlt r0, [pc, 0x688] | r0 = "MEMGETINFO";
| }
| if (r0 < 0) {
0x0001081c blt 0x108bc | goto label_32;
| }
0x00010820 add r2, sp, 0x1c | r2 += var_1ch;
0x00010824 ldr r1, [pc, 0x680] | r1 = "MEMGETINFO";
0x00010828 mov r0, sb | r0 = sb;
0x0001082c bl 0x105ec | r0 = ioctl (r0, "MEMGETINFO");
0x00010830 cmp r0, 0 |
| if (r0 != 0) {
0x00010834 bne 0x108b0 | goto label_33;
| }
0x00010838 ldr r5, [pc, 0x670] | r5 = *(0x10eac);
0x0001083c ldr r6, [pc, 0x670] | r6 = *(0x10eb0);
0x00010840 mov r4, r0 | r4 = r0;
| do {
0x00010844 ldr r3, [sp, 0x1c] | r3 = var_1ch;
0x00010848 cmp r4, r3 |
| if (r4 >= r3) {
0x0001084c blt 0x1088c |
| label_2:
0x00010850 ldr r0, [pc, 0x660] | r0 = *(0x10eb4);
0x00010854 bl 0x105f8 | printf (r0);
0x00010858 ldrb r3, [sp, 0x20] | r3 = var_20h;
0x0001085c cmp r3, 8 |
| if (r3 > 8) {
| /* switch table (9 cases) at 0x10868 */
0x00010860 ldrls pc, [pc, r3, lsl 2] | offset_0 = r3 << 2;
| pc = *((pc + offset_0));
| }
0x00010864 b 0x109dc | goto label_34;
| }
0x0001088c str r4, [r5, 0xc] | *((r5 + 0xc)) = r4;
0x00010890 mov r2, r5 | r2 = r5;
0x00010894 mov r1, r6 | r1 = r6;
0x00010898 mov r0, sb | r0 = sb;
0x0001089c bl 0x105ec | ioctl (r0, r1);
0x000108a0 add r5, r5, 0x10 | r5 += 0x10;
0x000108a4 cmp r0, 0 |
| if (r0 != 0) {
0x000108a8 addeq r4, r4, 1 | r4++;
| }
0x000108ac beq 0x10844 |
| } while (r0 == 0);
| label_33:
0x000108b0 cmp r0, 0 |
| if (r0 >= 0) {
0x000108b4 bge 0x10850 | goto label_2;
| }
0x000108b8 ldr r0, [pc, 0x5fc] | r0 = "mtd.type = ";
| label_32:
0x000108bc bl 0x10604 | perror ("mtd.type = ");
| do {
| label_14:
0x000108c0 mov fp, 0 |
0x000108c4 b 0x10b40 | goto label_20;
0x000108c8 ldr r0, [pc, 0x5f0] | r0 = "MEMGETREGIONCOUNT";
| label_4:
0x000108cc bl 0x105f8 | printf ("MEMGETREGIONCOUNT");
0x000108d0 ldr r0, [pc, 0x5ec] | r0 = "MTD_ABSENT";
0x000108d4 bl 0x105f8 | printf ("MTD_ABSENT");
0x000108d8 ldr r3, [sp, 0x24] | r3 = var_24h;
0x000108dc cmp r3, 0 |
| if (r3 != 0) {
0x000108e0 ldreq r0, [pc, 0x5e0] | r0 = "MTD_CAP_ROM";
| }
| if (r3 != 0) {
0x000108e4 beq 0x108f4 |
0x000108e8 cmp r3, 0x1c00 |
| if (r3 != 0x1c00) {
0x000108ec bne 0x109e4 | goto label_35;
| }
0x000108f0 ldr r0, [pc, 0x5d4] | r0 = "MTD_CAP_ROM";
| }
| label_5:
0x000108f4 bl 0x105f8 | printf ("MTD_CAP_ROM");
| label_6:
0x000108f8 ldr r0, [pc, 0x5d0] | r0 = "MTD_CAP_RAM";
0x000108fc bl 0x105f8 | printf ("MTD_CAP_RAM");
0x00010900 ldr r0, [sp, 0x28] | r0 = var_28h;
0x00010904 bl 0x1109c | fcn_0001109c (r0);
0x00010908 ldr r0, [pc, 0x5c4] | r0 = "\nmtd.size = ";
0x0001090c bl 0x105f8 | printf ("\nmtd.size = ");
0x00010910 ldr r0, [sp, 0x2c] | r0 = var_2ch;
0x00010914 bl 0x1109c | fcn_0001109c (r0);
0x00010918 ldr r0, [pc, 0x5b8] | r0 = "mtd.erasesize__";
0x0001091c bl 0x105f8 | printf ("mtd.erasesize__");
0x00010920 ldr r0, [sp, 0x30] | r0 = var_30h;
0x00010924 bl 0x1109c | fcn_0001109c (r0);
0x00010928 ldr r0, [pc, 0x5ac] | r0 = "mtd.writesize__";
0x0001092c bl 0x105f8 | printf ("mtd.writesize__");
0x00010930 ldr r0, [sp, 0x34] | r0 = var_34h;
0x00010934 bl 0x1109c | fcn_0001109c (r0);
0x00010938 ldr r1, [sp, 0x1c] | r1 = var_1ch;
0x0001093c ldr r0, [pc, 0x59c] | r0 = "mtd.oobsize__";
0x00010940 bl 0x105f8 | printf ("mtd.oobsize__", r1);
0x00010944 ldr r5, [pc, 0x564] | r5 = *(0x10eac);
0x00010948 ldr r6, [pc, 0x594] | r6 = "regions___d";
0x0001094c ldr r7, [pc, 0x594] | r7 = "region__d_.offset__0x_.8xregion__d_.erasesize__";
0x00010950 mov r4, 0 | r4 = 0;
| label_3:
0x00010954 ldr r3, [sp, 0x1c] | r3 = var_1ch;
0x00010958 add r5, r5, 0x10 | r5 += 0x10;
0x0001095c cmp r4, r3 |
0x00010960 bge 0x108c0 |
| } while (r4 >= r3);
0x00010964 mov r3, r4 | r3 = r4;
0x00010968 mov r1, r4 | r1 = r4;
0x0001096c ldr r2, [r5, -0x10] | r2 = *((r5 - 0x10));
0x00010970 mov r0, r6 | r0 = r6;
0x00010974 bl 0x105f8 | printf (r0, r1, r2, r3);
0x00010978 ldr r0, [r5, -0xc] | r0 = *((r5 - 0xc));
0x0001097c bl 0x1109c | fcn_0001109c (r0);
0x00010980 ldr r3, [r5, -4] | r3 = *((r5 - 4));
0x00010984 mov r1, r4 | r1 = r4;
0x00010988 str r3, [sp] | *(sp) = r3;
0x0001098c mov r0, r7 | r0 = r7;
0x00010990 mov r3, r4 | r3 = r4;
0x00010994 ldr r2, [r5, -8] | r2 = *((r5 - 8));
0x00010998 bl 0x105f8 | printf (r0, r1, r2, r3);
0x0001099c add r4, r4, 1 | r4++;
0x000109a0 b 0x10954 | goto label_3;
0x000109a4 ldr r0, [pc, 0x540] | r0 = "\nregion[%d].numblocks = %d\nregion[%d].regionindex = %d\n";
0x000109a8 b 0x108cc | goto label_4;
0x000109ac ldr r0, [pc, 0x53c] | r0 = "MTD_RAM";
0x000109b0 b 0x108cc | goto label_4;
0x000109b4 ldr r0, [pc, 0x538] | r0 = "MTD_ROM";
0x000109b8 b 0x108cc | goto label_4;
0x000109bc ldr r0, [pc, 0x534] | r0 = "MTD_NORFLASH";
0x000109c0 b 0x108cc | goto label_4;
0x000109c4 ldr r0, [pc, 0x530] | r0 = "MTD_NANDFLASH";
0x000109c8 b 0x108cc | goto label_4;
0x000109cc ldr r0, [pc, 0x52c] | r0 = "MTD_MLCNANDFLASH";
0x000109d0 b 0x108cc | goto label_4;
0x000109d4 ldr r0, [pc, 0x528] | r0 = "MTD_DATAFLASH";
0x000109d8 b 0x108cc | goto label_4;
| label_34:
0x000109dc ldr r0, [pc, 0x524] | r0 = "MTD_UBIVOLUME";
0x000109e0 b 0x108cc | goto label_4;
| label_35:
0x000109e4 cmp r3, 0xc00 |
| if (r3 == 0xc00) {
0x000109e8 ldreq r0, [pc, 0x51c] | r0 = "MTD_CAP_NORFLASH";
| goto label_36;
| }
| if (r3 == 0xc00) {
| label_36:
0x000109ec beq 0x108f4 | goto label_5;
| }
0x000109f0 cmp r3, 0x400 |
| if (r3 == 0x400) {
0x000109f4 beq 0x10a40 | goto label_37;
| }
0x000109f8 ldr r4, [pc, 0x510] | r4 = "MTD_CAP_NORFLASH";
0x000109fc ldr r6, [pc, 0x510] | r6 = *(0x10f10);
0x00010a00 ldr r7, [pc, 0x510] | r7 = " | %s";
0x00010a04 mov r5, 1 | r5 = 1;
| label_7:
0x00010a08 ldr r1, [r4, -4] | r1 = *((r4 - 4));
0x00010a0c cmp r1, 0 |
| if (r1 == 0) {
0x00010a10 beq 0x108f8 | goto label_6;
| }
0x00010a14 ldr r3, [r4] | r3 = *(r4);
0x00010a18 ldr r2, [sp, 0x24] | r2 = var_24h;
0x00010a1c tst r2, r3 |
| if ((r2 & r3) == 0) {
0x00010a20 beq 0x10a38 | goto label_38;
| }
0x00010a24 cmp r5, 0 |
| if (r5 == 0) {
0x00010a28 beq 0x10a48 | goto label_39;
| }
0x00010a2c mov r0, r7 | r0 = r7;
0x00010a30 bl 0x105f8 | printf (r0);
0x00010a34 mov r5, 0 | r5 = 0;
| do {
| label_38:
0x00010a38 add r4, r4, 8 | r4 += 8;
0x00010a3c b 0x10a08 | goto label_7;
| label_37:
0x00010a40 ldr r0, [pc, 0x4d4] | r0 = "_s";
0x00010a44 b 0x108f4 | goto label_5;
| label_39:
0x00010a48 mov r0, r6 | r0 = r6;
0x00010a4c bl 0x105f8 | printf (r0);
0x00010a50 b 0x10a38 |
| } while (1);
| label_31:
0x00010a54 mov r2, 0 | r2 = 0;
0x00010a58 mov r1, r2 | r1 = r2;
0x00010a5c ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00010a60 bl 0x1061c | strtoll (r0, r1, r2);
0x00010a64 mov r2, 0 | r2 = 0;
0x00010a68 strd r0, r1, [sp, 8] | __asm ("strd r0, r1, [var_8h]");
0x00010a6c ldr r0, [r4, 0x10] | r0 = *((r4 + 0x10));
0x00010a70 mov r1, r2 | r1 = r2;
0x00010a74 bl 0x10628 | strtoul (r0, r1, r2);
0x00010a78 mov r3, 0 | r3 = 0;
0x00010a7c ldr fp, [r4, 0x14] | fp = *((r4 + 0x14));
0x00010a80 str r3, [sp] | *(sp) = r3;
0x00010a84 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010a88 str r0, [sp, 0x14] | var_14h = r0;
0x00010a8c mov r0, sb | r0 = sb;
0x00010a90 bl 0x106d0 | lseek64 ();
0x00010a94 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010a98 cmp r3, r1 |
0x00010a9c cmpeq r2, r0 | __asm ("cmpeq r2, r0");
| if (r3 == r1) {
0x00010aa0 beq 0x10ab0 | goto label_40;
| }
| label_15:
0x00010aa4 ldr r0, [pc, 0x474] | r0 = "MTD_CAP_NANDFLASH";
| do {
| label_10:
0x00010aa8 bl 0x10604 | perror ("MTD_CAP_NANDFLASH");
0x00010aac b 0x10b3c | goto label_16;
| label_40:
0x00010ab0 ldr r1, [pc, 0x46c] | r1 = "lseek()";
0x00010ab4 mov r0, fp | r0 = fp;
0x00010ab8 bl 0x10634 | r0 = creat64 ();
0x00010abc subs r7, r0, 0 | r7 = r0 - 0;
| if (r7 >= r0) {
0x00010ac0 blt 0x10b5c |
0x00010ac4 ldr r5, [sp, 0x14] | r5 = var_14h;
0x00010ac8 ldr r8, [pc, 0x3b8] | r8 = "info";
0x00010acc ldr sl, [pc, 0x454] | sl = "flash_to_file";
0x00010ad0 mov r4, r5 | r4 = r5;
| label_9:
0x00010ad4 mov r0, r4 | r0 = r4;
0x00010ad8 bl 0x10610 | r0 = malloc (r0);
0x00010adc subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 == r0) {
0x00010ae0 beq 0x10b64 | goto label_41;
| }
0x00010ae4 ldr sl, [pc, 0x43c] | sl = "flash_to_file";
| label_13:
0x00010ae8 cmp r4, r5 |
| if (r4 < r5) {
0x00010aec movge r4, r5 | r4 = r5;
| }
0x00010af0 mov r2, r4 | r2 = r4;
0x00010af4 mov r1, r6 | r1 = r6;
0x00010af8 mov r0, sb | r0 = sb;
0x00010afc bl 0x1067c | r0 = read (r0, r1, r2);
0x00010b00 subs r8, r0, 0 | r8 = r0 - 0;
| if (r8 >= r0) {
0x00010b04 bge 0x10ba4 | goto label_42;
| }
0x00010b08 ldr r0, [pc, 0x378] |
0x00010b0c str r5, [sp] | *(sp) = r5;
0x00010b10 mov r3, r4 | r3 = r4;
0x00010b14 ldr r2, [pc, 0x40c] | r2 = *(0x10f24);
0x00010b18 ldr r1, [pc, 0x40c] | r1 = "flash_to_file";
0x00010b1c ldr r0, [r0] | r0 = "info";
0x00010b20 bl 0x10658 | fprintf ("info", "flash_to_file", r2, r3, r4, r5)
0x00010b24 ldr r0, [pc, 0x404] | r0 = "%s: read, size %#x, n %#x\n";
| label_11:
0x00010b28 bl 0x10604 | perror ("%s: read, size %#x, n %#x\n");
| label_12:
0x00010b2c mov r0, r7 | r0 = r7;
0x00010b30 bl 0x106e8 | close (r0);
0x00010b34 mov r0, r6 | r0 = r6;
0x00010b38 bl 0x106f4 | free (r0);
| label_16:
0x00010b3c mov fp, 1 |
| label_20:
0x00010b40 mov r0, sb | r0 = sb;
0x00010b44 bl 0x106e8 | r0 = close (r0);
0x00010b48 cmp r0, 0 |
| if (r0 >= 0) {
0x00010b4c bge 0x10e78 | goto label_43;
| }
0x00010b50 ldr r2, [pc, 0x334] | r2 = stderr;
0x00010b54 ldr r1, [pc, 0x3d8] | r1 = "read__";
0x00010b58 b 0x107d4 | goto label_8;
| }
0x00010b5c ldr r0, [pc, 0x3d4] | r0 = "_s:_error_:_close__";
0x00010b60 b 0x10aa8 |
| } while (1);
| label_41:
0x00010b64 mov r3, r4 | r3 = r4;
0x00010b68 mov r2, sl | r2 = sl;
0x00010b6c ldr r1, [pc, 0x3c8] | r1 = "creat()";
0x00010b70 ldr r0, [r8] | r0 = *(r8);
0x00010b74 bl 0x10658 | fprintf (r0, "creat()", r2, r3)
0x00010b78 cmp r4, 0x10000 |
| if (r4 != 0x10000) {
0x00010b7c beq 0x10b9c |
0x00010b80 mov r3, 0x10000 | r3 = 0x10000;
0x00010b84 mov r2, sl | r2 = sl;
0x00010b88 ldr r1, [pc, 0x3b0] | r1 = "%s: malloc(%#x)\n";
0x00010b8c ldr r0, [r8] | r0 = *(r8);
0x00010b90 bl 0x10658 | fprintf (r0, "%s: malloc(%#x)\n", r2, r3)
0x00010b94 mov r4, 0x10000 | r4 = 0x10000;
0x00010b98 b 0x10ad4 | goto label_9;
| }
0x00010b9c ldr r0, [pc, 0x3a0] | r0 = "_s:_trying_buffer_size__x";
0x00010ba0 b 0x10aa8 | goto label_10;
| label_42:
0x00010ba4 cmp r8, r4 |
| if (r8 < r4) {
0x00010ba8 bge 0x10bc8 |
0x00010bac ldr r0, [pc, 0x2d4] |
0x00010bb0 str r8, [sp] | *(sp) = r8;
0x00010bb4 mov r3, r4 | r3 = r4;
0x00010bb8 mov r2, sl | r2 = sl;
0x00010bbc ldr r1, [pc, 0x384] | r1 = "malloc__";
0x00010bc0 ldr r0, [r0] | r0 = "info";
0x00010bc4 bl 0x10658 | fprintf ("info", "malloc__", r2, r3)
| }
0x00010bc8 mov r2, r8 | r2 = r8;
0x00010bcc mov r1, r6 | r1 = r6;
0x00010bd0 mov r0, r7 | r0 = r7;
0x00010bd4 bl 0x1064c | r0 = write (r0, r1, r2);
0x00010bd8 subs r3, r0, 0 | r3 = r0 - 0;
| if (r3 < r0) {
0x00010bdc bge 0x10c04 |
0x00010be0 ldr r0, [pc, 0x2a0] |
0x00010be4 str r5, [sp] | *(sp) = r5;
0x00010be8 mov r3, r4 | r3 = r4;
0x00010bec ldr r2, [pc, 0x334] | r2 = *(0x10f24);
0x00010bf0 ldr r1, [pc, 0x354] | r1 = "_s:_short_read__requested__x__read__x";
0x00010bf4 ldr r0, [r0] | r0 = "info";
0x00010bf8 bl 0x10658 | fprintf ("info", "_s:_short_read__requested__x__read__x", r2, r3, r4, r5)
0x00010bfc ldr r0, [pc, 0x34c] | r0 = "%s: write, size %#x, n %#x\n";
0x00010c00 b 0x10b28 | goto label_11;
| }
0x00010c04 cmp r3, r4 |
| if (r3 != r4) {
0x00010c08 beq 0x10c28 |
0x00010c0c ldr r0, [pc, 0x274] |
0x00010c10 str r4, [sp] | *(sp) = r4;
0x00010c14 mov r2, fp | r2 = fp;
0x00010c18 ldr r1, [pc, 0x334] | r1 = "write()";
0x00010c1c ldr r0, [r0] | r0 = "info";
0x00010c20 bl 0x10658 | fprintf ("info", "write()", r2, r3, r4)
0x00010c24 b 0x10b2c | goto label_12;
| }
0x00010c28 sub r5, r5, r4 | r5 -= r4;
0x00010c2c cmp r5, 0 |
| if (r5 > 0) {
0x00010c30 bgt 0x10ae8 | goto label_13;
| }
0x00010c34 mov r0, r6 | r0 = r6;
0x00010c38 bl 0x106f4 | free (r0);
0x00010c3c mov r0, r7 | r0 = r7;
0x00010c40 bl 0x106e8 | close (r0);
0x00010c44 str fp, [sp] | *(sp) = fp;
0x00010c48 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010c4c ldr r1, [sp, 0x14] | r1 = var_14h;
0x00010c50 ldr r0, [pc, 0x300] | r0 = "Couldn't copy entire buffer to %s. (%d/%d bytes copied)\n";
0x00010c54 bl 0x105f8 | printf ("Couldn't copy entire buffer to %s. (%d/%d bytes copied)\n", r1, r2);
0x00010c58 b 0x108c0 | goto label_14;
| label_29:
0x00010c5c mov r2, 0 | r2 = 0;
0x00010c60 mov r1, r2 | r1 = r2;
0x00010c64 ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00010c68 bl 0x1061c | strtoll (r0, r1, r2);
0x00010c6c mov r2, 0 | r2 = 0;
0x00010c70 strd r0, r1, [sp, 8] | __asm ("strd r0, r1, [var_8h]");
0x00010c74 ldr r0, [r4, 0x10] | r0 = *((r4 + 0x10));
0x00010c78 mov r1, r2 | r1 = r2;
0x00010c7c bl 0x10628 | strtoul (r0, r1, r2);
0x00010c80 ldr r3, [r4, 0x14] | r3 = *((r4 + 0x14));
0x00010c84 str r3, [sp, 0x14] | var_14h = r3;
0x00010c88 mov r3, 0 | r3 = 0;
0x00010c8c str r3, [sp] | *(sp) = r3;
0x00010c90 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010c94 mov r8, r0 | r8 = r0;
0x00010c98 mov r0, sb | r0 = sb;
0x00010c9c bl 0x106d0 | lseek64 ();
0x00010ca0 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010ca4 cmp r3, r1 |
0x00010ca8 cmpeq r2, r0 | __asm ("cmpeq r2, r0");
| if (r3 != r1) {
0x00010cac bne 0x10aa4 | goto label_15;
| }
0x00010cb0 ldr r1, [pc, 0x2a4] | r1 = "Copied__zu_bytes_from_address_0x_.8llx_in_flash_to__s";
0x00010cb4 ldr r0, [sp, 0x14] | r0 = var_14h;
0x00010cb8 bl 0x10700 | r0 = fopen64 ();
0x00010cbc subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 == r0) {
0x00010cc0 beq 0x10d1c | goto label_44;
| }
0x00010cc4 ldr sl, [pc, 0x1bc] | sl = obj.stderr;
0x00010cc8 ldr fp, [pc, 0x290] | fp = "file_to_flash";
0x00010ccc mov r5, r8 | r5 = r8;
0x00010cd0 mov r4, r8 | r4 = r8;
| do {
0x00010cd4 mov r0, r4 | r0 = r4;
0x00010cd8 bl 0x10610 | r0 = malloc (r0);
0x00010cdc subs r7, r0, 0 | r7 = r0 - 0;
| if (r7 != r0) {
0x00010ce0 bne 0x10d38 | goto label_19;
| }
0x00010ce4 mov r3, r4 | r3 = r4;
0x00010ce8 mov r2, fp | r2 = fp;
0x00010cec ldr r1, [pc, 0x270] | r1 = "file_to_flash";
0x00010cf0 ldr r0, [sl] | r0 = *(sl);
0x00010cf4 bl 0x10658 | fprintf (r0, "file_to_flash", r2, r3)
0x00010cf8 cmp r4, 0x10000 |
| if (r4 == 0x10000) {
0x00010cfc beq 0x10d24 | goto label_45;
| }
0x00010d00 mov r3, 0x10000 | r3 = 0x10000;
0x00010d04 mov r2, fp | r2 = fp;
0x00010d08 ldr r1, [pc, 0x230] | r1 = "%s: malloc(%#x)\n";
0x00010d0c ldr r0, [sl] | r0 = *(sl);
0x00010d10 bl 0x10658 | fprintf (r0, "%s: malloc(%#x)\n", r2, r3)
0x00010d14 mov r4, 0x10000 | r4 = 0x10000;
0x00010d18 b 0x10cd4 |
| } while (1);
| label_44:
0x00010d1c ldr r0, [pc, 0x244] | r0 = "%s: malloc(%#x) failed\n";
0x00010d20 b 0x10aa8 | goto label_10;
| label_45:
0x00010d24 ldr r0, [pc, 0x218] | r0 = "_s:_trying_buffer_size__x";
0x00010d28 bl 0x10604 | perror ("_s:_trying_buffer_size__x");
| do {
0x00010d2c mov r0, r6 | r0 = r6;
0x00010d30 bl 0x106a0 | fclose (r0);
0x00010d34 b 0x10b3c | goto label_16;
| label_19:
0x00010d38 cmp r4, r5 |
| if (r4 < r5) {
0x00010d3c movge r4, r5 | r4 = r5;
| }
0x00010d40 mov r3, r6 | r3 = r6;
0x00010d44 mov r2, 1 | r2 = 1;
0x00010d48 mov r1, r4 | r1 = r4;
0x00010d4c mov r0, r7 | r0 = r7;
0x00010d50 bl 0x10688 | r0 = fread (r0, r1, r2, r3);
0x00010d54 cmp r0, 1 |
| if (r0 == 1) {
0x00010d58 beq 0x10d8c | goto label_46;
| }
| label_17:
0x00010d5c ldr r0, [pc, 0x124] |
0x00010d60 str r5, [sp] | *(sp) = r5;
0x00010d64 mov r3, r4 | r3 = r4;
0x00010d68 ldr r2, [pc, 0x1f0] | r2 = *(0x10f5c);
0x00010d6c ldr r1, [pc, 0x1f8] | r1 = "fopen()";
0x00010d70 ldr r0, [r0] | r0 = "info";
0x00010d74 bl 0x10658 | fprintf ("info", "fopen()", r2, r3, r4, r5)
0x00010d78 ldr r0, [pc, 0x1f0] | r0 = "%s: fread, size %#x, n %#x\n";
| label_18:
0x00010d7c bl 0x10604 | perror ("%s: fread, size %#x, n %#x\n");
0x00010d80 mov r0, r7 | r0 = r7;
0x00010d84 bl 0x106f4 | free (r0);
0x00010d88 b 0x10d2c |
| } while (1);
| label_46:
0x00010d8c mov r0, r6 | r0 = r6;
0x00010d90 bl 0x10670 | r0 = ferror (r0);
0x00010d94 subs fp, r0, 0 |
| if (fp != r0) {
0x00010d98 bne 0x10d5c | goto label_17;
| }
0x00010d9c mov r2, r4 | r2 = r4;
0x00010da0 mov r1, r7 | r1 = r7;
0x00010da4 mov r0, sb | r0 = sb;
0x00010da8 bl 0x1064c | r0 = write (r0, r1, r2);
0x00010dac cmp r0, 0 |
| if (r0 < 0) {
0x00010db0 bge 0x10dd8 |
0x00010db4 ldr r0, [pc, 0xcc] |
0x00010db8 str r5, [sp] | *(sp) = r5;
0x00010dbc mov r3, r4 | r3 = r4;
0x00010dc0 ldr r2, [pc, 0x198] | r2 = *(0x10f5c);
0x00010dc4 ldr r1, [pc, 0x180] | r1 = "_s:_short_read__requested__x__read__x";
0x00010dc8 ldr r0, [r0] | r0 = "info";
0x00010dcc bl 0x10658 | fprintf ("info", "_s:_short_read__requested__x__read__x", r2, r3, r4, r5)
0x00010dd0 ldr r0, [pc, 0x178] | r0 = "%s: write, size %#x, n %#x\n";
0x00010dd4 b 0x10d7c | goto label_18;
| }
0x00010dd8 sub r5, r5, r4 | r5 -= r4;
0x00010ddc cmp r5, 0 |
| if (r5 > 0) {
0x00010de0 bgt 0x10d38 | goto label_19;
| }
0x00010de4 mov r0, r7 | r0 = r7;
0x00010de8 bl 0x106f4 | free (r0);
0x00010dec mov r0, r6 | r0 = r6;
0x00010df0 bl 0x106a0 | fclose (r0);
0x00010df4 ldrd r2, r3, [sp, 8] | __asm ("ldrd r2, r3, [var_8h]");
0x00010df8 ldr r0, [pc, 0x174] | r0 = "fread()";
0x00010dfc strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x00010e00 ldr r2, [sp, 0x14] | r2 = var_14h;
0x00010e04 mov r1, r8 | r1 = r8;
0x00010e08 bl 0x105f8 | printf ("fread()", r1, r2);
0x00010e0c b 0x10b40 | goto label_20;
| label_30:
0x00010e10 mov r2, 0 | r2 = 0;
0x00010e14 mov r1, r2 | r1 = r2;
0x00010e18 ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00010e1c bl 0x10628 | strtoul (r0, r1, r2);
0x00010e20 mov r2, 0 | r2 = 0;
0x00010e24 mov r1, r2 | r1 = r2;
0x00010e28 mov r5, r0 | r5 = r0;
0x00010e2c ldr r0, [r4, 0x10] | r0 = *((r4 + 0x10));
0x00010e30 bl 0x10628 | strtoul (r0, r1, r2);
0x00010e34 add r2, sp, 0x20 | r2 += var_20h;
0x00010e38 ldr r1, [pc, 0x138] | r1 = "Copied %d bytes from %s to address 0x%.8llx in flash\n";
0x00010e3c str r5, [sp, 0x20] | var_20h = r5;
0x00010e40 str r0, [sp, 0x24] | var_24h = r0;
0x00010e44 mov r4, r0 | r4 = r0;
0x00010e48 mov r0, sb | r0 = sb;
0x00010e4c bl 0x105ec | r0 = ioctl (r0, r1);
0x00010e50 cmp r0, 0 |
| if (r0 < 0) {
0x00010e54 ldrlt r0, [pc, 0x120] | r0 = "MEMERASE";
| goto label_47;
| }
| if (r0 < 0) {
| label_47:
0x00010e58 blt 0x10aa8 | goto label_10;
| }
0x00010e5c ldr r0, [pc, 0x24] |
0x00010e60 mov r3, r5 | r3 = r5;
0x00010e64 mov r2, r4 | r2 = r4;
0x00010e68 ldr r1, [pc, 0x110] | r1 = "MEMERASE";
0x00010e6c ldr r0, [r0] | r0 = "info";
0x00010e70 bl 0x10658 | fprintf ("info", "MEMERASE", r2, r3)
0x00010e74 b 0x108c0 | goto label_14;
| label_43:
0x00010e78 mov r0, fp | r0 = fp;
0x00010e7c add sp, sp, 0x44 |
0x00010e80 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| }
[*] Function fprintf used 14 times mtd_debug
