Skip to content

Instantly share code, notes, and snippets.

@L4ys

L4ys/trace.asm

Created March 14, 2016 20:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save L4ys/97163a2624d4c2dfd762 to your computer and use it in GitHub Desktop.
Save L4ys/97163a2624d4c2dfd762 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
trace.asm
# strlen(char* str) {
0x400770: addiu r29, r29, 0xffffffe8 # sp -= 0x18
0x400774: sw r30, [r29+0x14]
0x400778: move r30, r29
0x40077c: sw r4, [r30+0x18] # arg1
0x400780: sw r0, [r30+0x8] # i = 0
0x400784: lw r2, [r30+0x8] # r2 = i
0x400788: lw r3, [r30+0x18] # r3 = arg1
0x40078c: addu r2, r3, r2 # r2 += r3
0x400790: lb r2, [r2+0x0] # r2 = [r2]
0x400794: bnez r2, 0x4007a8 # if r2 == 0
0x400798: move r1, r1 # {
0x40079c: lw r2, [r30+0x8] # r2 = i
0x4007a0: j 0x4007bc # jmp ret
0x4007a4: move r1, r1 # }
0x4007a8: lw r2, [r30+0x8] # r2 = i
0x4007ac: addiu r2, r2, 0x1 # r2 ++
0x4007b0: sw r2, [r30+0x8] # i = r2
0x4007b4: j 0x400784
0x4007b8: move r1, r1
ret:
0x4007bc: move r29, r30
0x4007c0: lw r30, [r29+0x14]
0x4007c4: addiu r29, r29, 0x18
0x4007c8: jr r31
0x4007cc: move r1, r1
}
# strcpy(char* arg1, char* arg2) {
0x4007d0: addiu r29, r29, 0xffffffe8 # sp -= 24
0x4007d4: sw r30, [r29+0x14]
0x4007d8: move r30, r29
0x4007dc: sw r4, [r30+0x18] # arg1
0x4007e0: sw r5, [r30+0x1c] # arg2
0x4007e4: sw r0, [r30+0x8] # i = 0
0x4007e8: j 0x40081c
0x4007ec: move r1, r1
0x4007f0: lw r2, [r30+0x8] # r2 = i
0x4007f4: lw r3, [r30+0x18] # r3 = arg1
0x4007f8: addu r2, r3, r2 # r2 += r3 // arg1+i
0x4007fc: lw r3, [r30+0x8] # r3 = i
0x400800: lw r4, [r30+0x1c] # r4 = arg2
0x400804: addu r3, r4, r3 # r3 += r4 // arg2+i
0x400808: lb r3, [r3+0x0] # r3 = [r3]
0x40080c: sb r3, [r2+0x0] # [r2] = r3 // arg1[i] = arg2[i]
0x400810: lw r2, [r30+0x8] # r2 = i
0x400814: addiu r2, r2, 0x1 # r2 ++
0x400818: sw r2, [r30+0x8] # i = r2
0x40081c: lw r2, [r30+0x8] # r2 = i
0x400820: lw r3, [r30+0x1c] # r3 = arg2
0x400824: addu r2, r3, r2 # r2 += r3
0x400828: lb r2, [r2+0x0] # r2 = [r2]
0x40082c: bnez r2, 0x4007f0 # if r2 != 0 // while ( arg2[i] )
0x400830: move r1, r1 # jmp 0x4007f0
0x400834: lw r2, [r30+0x8] # r2 = i
0x400838: lw r3, [r30+0x18] # r3 = arg1
0x40083c: addu r2, r3, r2 # r2 += r3
0x400840: sb r0, [r2+0x0] # [r2] = 0
ret:
0x400844: move r29, r30
0x400848: lw r30, [r29+0x14]
0x40084c: addiu r29, r29, 0x18
0x400850: jr r31
0x400854: move r1, r1
# }
# qsort(arg1, len) {
0x400858: addiu r29, r29, 0xffffffd0 # sp -= 0x30
0x40085c: sw r31, [r29+0x2c]
0x400860: sw r30, [r29+0x28]
0x400864: move r30, r29
0x400868: sw r4, [r30+0x30] # arg1
0x40086c: sw r5, [r30+0x34] # len
0x400870: lw r2, [r30+0x34] # r2 = len
0x400874: slti r2, r2, 0x2 # r2 = r2 < 2?
0x400878: beqz r2, 0x400888 # if ( r2 )
0x40087c: move r1, r1 # {
0x400880: j 0x4009bc # jmp ret
0x400884: move r1, r1 # }
0x400888: lw r2, [r30+0x30] # r2 = arg1
0x40088c: lbu r2, [r2+0x0] # r2 = [r2]
0x400890: sb r2, [r30+0x20] # pivot = r2
0x400894: addiu r2, r0, 0x1 # r2 = 0 + 1
0x400898: sw r2, [r30+0x18] # j = r2
0x40089c: addiu r2, r0, 0x1 # r2 = 0 + 1
0x4008a0: sw r2, [r30+0x1c] # i = r2
0x4008a4: j 0x40092c # jmp 0x40092c
0x4008a8: move r1, r1 #
0x4008ac: lw r2, [r30+0x1c] # r2 = i
0x4008b0: lw r3, [r30+0x30] # r3 = arg1
0x4008b4: addu r2, r3, r2 # r2 += r3
0x4008b8: lb r2, [r2+0x0] # r2 = [r2] // arg1[i]
0x4008bc: lb r3, [r30+0x20] # r3 = pivot
0x4008c0: slt r2, r2, r3 # r2 = r2 < r3? // arg1[i] < arg1[0]
0x4008c4: beqz r2, 0x400920 # if ( r2 )
0x4008c8: move r1, r1 # {
0x4008cc: lw r2, [r30+0x18] # r2 = j
0x4008d0: lw r3, [r30+0x30] # r3 = arg1
0x4008d4: addu r2, r3, r2 # r2 += r3
0x4008d8: lbu r2, [r2+0x0] # r2 = [r2] // arg1[j]
0x4008dc: sb r2, [r30+0x21] # t = r2 // t = arg1[j]
0x4008e0: lw r2, [r30+0x18] # r2 = j
0x4008e4: lw r3, [r30+0x30] # r3 = arg1
0x4008e8: addu r2, r3, r2 # r2 += r3 // arg1+j
0x4008ec: lw r3, [r30+0x1c] # r3 = i
0x4008f0: lw r4, [r30+0x30] # r4 = arg1
0x4008f4: addu r3, r4, r3 # r3 += r4 // arg1+i
0x4008f8: lb r3, [r3+0x0] # r3 = [r3]
0x4008fc: sb r3, [r2+0x0] # [r2] = r3 // arg1[j] = arg[i]
0x400900: lw r2, [r30+0x1c] # r2 = i
0x400904: lw r3, [r30+0x30] # r3 = arg1
0x400908: addu r2, r3, r2 # r2 += r3
0x40090c: lbu r3, [r30+0x21] # r3 = t
0x400910: sb r3, [r2+0x0] # [r2] = r3 // arg1[i] = t
0x400914: lw r2, [r30+0x18] # r2 = j
0x400918: addiu r2, r2, 0x1 # r2 ++
0x40091c: sw r2, [r30+0x18] # j = r2
# }
0x400920: lw r2, [r30+0x1c] # r2 = i
0x400924: addiu r2, r2, 0x1 # r2 ++
0x400928: sw r2, [r30+0x1c] # i = r2
0x40092c: lw r3, [r30+0x1c] # r3 = i
0x400930: lw r2, [r30+0x34] # r2 = len
0x400934: slt r2, r3, r2 # r2 = r3 < r2
0x400938: bnez r2, 0x4008ac # if r2
0x40093c: move r1, r1 # jmp 0x4008ac // while ( i < len )
0x400940: lw r2, [r30+0x18] # r2 = j
0x400944: addiu r2, r2, 0xffffffff # r2 --
0x400948: lw r3, [r30+0x30] # r3 = arg1
0x40094c: addu r2, r3, r2 # r2 += r3
0x400950: lbu r2, [r2+0x0] # r2 = [r2] // arg1[j]
0x400954: sb r2, [r30+0x21] # t = r2 // t = arg1[j-1]
0x400958: lw r2, [r30+0x18] # r2 = j
0x40095c: addiu r2, r2, 0xffffffff # r2 --
0x400960: lw r3, [r30+0x30] # r3 = arg1
0x400964: addu r2, r3, r2 # r2 += r3
0x400968: lw r3, [r30+0x30] # r3 = arg1
0x40096c: lb r3, [r3+0x0] # r3 = [r3] // r3 = arg1[0]
0x400970: sb r3, [r2+0x0] # [r2] = r3 // arg1[j-1] = arg1[0]
0x400974: lw r2, [r30+0x30] # r3 = arg1
0x400978: lbu r3, [r30+0x21] # r3 = t
0x40097c: sb r3, [r2+0x0] # [r2] = r3 // = arg1[j]
0x400980: lw r2, [r30+0x18] # r2 = j
0x400984: addiu r2, r2, 0xffffffff # r2--
0x400988: lw r4, [r30+0x30] # r4 = arg1
0x40098c: move r5, r2 # r5 = r2
0x400990: jal 0x400858 # qsort(r4, r5)
0x400994: move r1, r1
0x400998: lw r2, [r30+0x18] # r2 = j
0x40099c: lw r3, [r30+0x30] # r3 = arg1
0x4009a0: addu r4, r3, r2 # r4 = r3 + r2
0x4009a4: lw r3, [r30+0x34] # r3 = len
0x4009a8: lw r2, [r30+0x18] # r2 = j
0x4009ac: subu r2, r3, r2 # r2 = r3 - r2
0x4009b0: move r5, r2 # r5 = r2
0x4009b4: jal 0x400858 # qsort(r4, r5)
0x4009b8: move r1, r1
#ret:
0x4009bc: move r29, r30
0x4009c0: lw r31, [r29+0x2c]
0x4009c4: lw r30, [r29+0x28]
0x4009c8: addiu r29, r29, 0x30
0x4009cc: jr r31
0x4009d0: move r1, r1
# }
# main() {
0x4009d4: addiu r29, r29, 0xfffffec8 # sp -= 0x138
0x4009d8: sw r31, [r29+0x134]
0x4009dc: sw r30, [r29+0x130]
0x4009e0: move r30, r29
0x4009e4: lui r28, 0x42
0x4009e8: addiu r28, r28, 0xffff8eb0 # gp -= 0x7150
0x4009ec: sw r28, [r29+0x10]
0x4009f0: lui r2, 0x41 # r2 = 0x410000
0x4009f4: lw r2, [r2+0xea0] # r2 = [0x410EA0]
0x4009f8: move r4, r2 # r4 = r2 // 0x400D80
0x4009fc: jal 0x400770 # strlen(r4) // flag length, 26?
0x400a00: move r1, r1
0x400a04: lw r28, [r30+0x10] # gp = ??
0x400a08: sw r2, [r30+0x2c] # len = r2
0x400a0c: sw r0, [r30+0x18] # i = 0
0x400a10: j 0x400a4c
0x400a14: move r1, r1
0x400a18: lw r2, [r30+0x18] # r2 = i
0x400a1c: andi r2, r2, 0xff # r2 &= 0xff
0x400a20: addiu r2, r2, 0x61 # r2 += 0x61 // 'a' + i
0x400a24: andi r2, r2, 0xff # r2 &= 0xff
0x400a28: sll r3, r2, 0x18 # r3 = r2 << 0x18
0x400a2c: sra r3, r3, 0x18 # r3 = r3 >> 0x18
0x400a30: addiu r4, r30, 0x30 # r4 = r30+0x30
0x400a34: lw r2, [r30+0x18] # r2 = i
0x400a38: addu r2, r4, r2 # r2 += r4
0x400a3c: sb r3, [r2+0x0] # [r2] = r3 // [r30+0x30+i] = r3
0x400a40: lw r2, [r30+0x18] # r2 = i
0x400a44: addiu r2, r2, 0x1 # r2 ++
0x400a48: sw r2, [r30+0x18] # i = r2
0x400a4c: lw r2, [r30+0x18] # r2 = i
0x400a50: slti r2, r2, 0x1a # r2 = r2 < 0x1a // 26
0x400a54: bnez r2, 0x400a18 # if r2
0x400a58: move r1, r1 # jmp 0x400a18 // while ( i < 26 )
0x400a5c: sw r0, [r30+0x1c] # = 0
0x400a60: j 0x400aa0
0x400a64: move r1, r1
0x400a68: lw r2, [r30+0x1c] # r2 = j
0x400a6c: addiu r2, r2, 0x1a # r2 += 0x1a // 26
0x400a70: lw r3, [r30+0x1c] # r3 = j
0x400a74: andi r3, r3, 0xff # r3 &= 0xff
0x400a78: addiu r3, r3, 0x41 # r3 += 0x41 // 'A' + j
0x400a7c: andi r3, r3, 0xff # r3 &= 0xff
0x400a80: sll r3, r3, 0x18 # r3 <<= 0x18
0x400a84: sra r3, r3, 0x18 # r3 >>= 0x18
0x400a88: addiu r4, r30, 0x30 # r4 = r30 + 0x30
0x400a8c: addu r2, r4, r2 # r2 += r4 // [r30+0x30+26+j]
0x400a90: sb r3, [r2+0x0] # [r2] = r3
0x400a94: lw r2, [r30+0x1c] # r2 = j
0x400a98: addiu r2, r2, 0x1 # r2 ++
0x400a9c: sw r2, [r30+0x1c] # j = r2
0x400aa0: lw r2, [r30+0x1c] # r2 = j
0x400aa4: slti r2, r2, 0x1a # r2 = r2 < 0x1a // 26
0x400aa8: bnez r2, 0x400a68 # if r2
0x400aac: move r1, r1 # jmp 0x400a68
0x400ab0: sw r0, [r30+0x20] # k = 0
0x400ab4: j 0x400af4
0x400ab8: move r1, r1
0x400abc: lw r2, [r30+0x20] # r2 = k
0x400ac0: addiu r2, r2, 0x34 # r2 += 0x34 // 52
0x400ac4: lw r3, [r30+0x20] # r3 = k
0x400ac8: andi r3, r3, 0xff # r3 &= 0xff
0x400acc: addiu r3, r3, 0x30 # r3 += 0x30 // '0' + k
0x400ad0: andi r3, r3, 0xff # r3 &= 0xff
0x400ad4: sll r3, r3, 0x18 # r3 <<= 0x18
0x400ad8: sra r3, r3, 0x18 # r3 >>= 0x18
0x400adc: addiu r4, r30, 0x30 # r4 = r30 + 0x30
0x400ae0: addu r2, r4, r2 # r2 += r4 // [r30+0x30+52+k]
0x400ae4: sb r3, [r2+0x0] # [r2] = r3
0x400ae8: lw r2, [r30+0x20] # r2 = k
0x400aec: addiu r2, r2, 0x1 # r2 ++
0x400af0: sw r2, [r30+0x20] # k = r2
0x400af4: lw r2, [r30+0x20] # r2 = k
0x400af8: slti r2, r2, 0xa # r2 = r2 < 10
0x400afc: bnez r2, 0x400abc # if r2
0x400b00: move r1, r1 # jmp 0x400abc // while ( k < 10 )
0x400b04: addiu r2, r0, 0x7b # r2 = 0x7b // {
0x400b08: sb r2, [r30+0x6e] # [r30+0x30+62] = r2
0x400b0c: addiu r2, r0, 0x7d # r2 = 0x7d // }
0x400b10: sb r2, [r30+0x6f] # [r30+0x30+63] = r2
0x400b14: lui r2, 0x41 # r2 = 0x410000
0x400b18: lw r3, [r2+0xea0] # r3 = flag
0x400b1c: addiu r2, r30, 0x30 # r2 = re30 + 0x30
0x400b20: addiu r2, r2, 0x40 # r2 += 0x40
0x400b24: move r4, r2 # r4 = r2
0x400b28: move r5, r3 # r5 = r3
0x400b2c: jal 0x4007d0 # strcpy(r4, r5) // data + 64, flag
0x400b30: move r1, r1
# current memory layout of r30+0x30:
# a-zA-Z0-9{}FLAG
0x400b34: lw r28, [r30+0x10]
0x400b38: addiu r2, r30, 0x30 # r2 = r30+0x30 // data
0x400b3c: move r4, r2 # r4 = r2
0x400b40: jal 0x400770 # strlen(r4) // 90
0x400b44: move r1, r1
0x400b48: lw r28, [r30+0x10]
0x400b4c: move r3, r2 # r3 = r2 // 90
0x400b50: addiu r2, r30, 0x30 # r2 = r30+0x30
0x400b54: move r4, r2 # r4 = r2
0x400b58: move r5, r3 # r5 = r3
0x400b5c: jal 0x400858 # qsort(r4, r5) // qsort(data, 90)
0x400b60: move r1, r1
0x400b64: lw r28, [r30+0x10]
0x400b68: addiu r2, r30, 0x30 # r2 = r30+0x30 // data
0x400b6c: move r4, r2 # r4 = r2
0x400b70: jal 0x400770 # strlen(r4) // 90
0x400b74: move r1, r1
0x400b78: lw r28, [r30+0x10]
0x400b7c: sw r2, [r30+0x2c] # len = r2
0x400b80: sw r0, [r30+0x24] # m = 0
0x400b84: sw r0, [r30+0x28] # n = 0
0x400b88: j 0x400bd4
0x400b8c: move r1, r1
0x400b90: addiu r3, r30, 0x30 # r3 = r30 + 0x30
0x400b94: lw r2, [r30+0x28] # r2 = n
0x400b98: addu r2, r3, r2 # r2 += r3
0x400b9c: lb r3, [r2+0x0] # r3 = [r2] // r3 = data[n]
0x400ba0: lw r2, [r30+0x28] # r2 = n
0x400ba4: addiu r2, r2, 0x1 # r2 ++
0x400ba8: addiu r4, r30, 0x30 # r4 = r30 + 0x30
0x400bac: addu r2, r4, r2 # r2 += r4
0x400bb0: lb r2, [r2+0x0] # r2 = [r2] // r2 = data[n+1]
0x400bb4: beq r3, r2, 0x400bc8 # if r3 != r2
0x400bb8: move r1, r1 # {
0x400bbc: lw r2, [r30+0x24] # r2 = m
0x400bc0: addiu r2, r2, 0x1 # r2 ++
0x400bc4: sw r2, [r30+0x24] # m = r2
# }
0x400bc8: lw r2, [r30+0x28] # r2 = n
0x400bcc: addiu r2, r2, 0x1 # r2 ++
0x400bd0: sw r2, [r30+0x28] # n = r2
0x400bd4: lw r2, [r30+0x2c] # r2 = len
0x400bd8: addiu r3, r2, 0xffffffff # r3 = r2 - 1
0x400bdc: lw r2, [r30+0x28] # r2 = n
0x400be0: slt r2, r2, r3 # r2 = r2 < r3 // n < len - 1
0x400be4: bnez r2, 0x400b90 # if r2
0x400be8: move r1, r1 # jmp 0x400b90
0x400bec: lw r3, [r30+0x24] # r3 = m
0x400bf0: addiu r2, r0, 0x3f # r2 = 0x3f // 63
0x400bf4: beq r3, r2, 0x400c10 # if r3 == r2
0x400bf8: move r1, r1 # jmp 0x400c10
# ...
0x400c10: addiu r2, r30, 0x30 # r2 = r30 + 30
0x400c14: move r4, r2 # r4 = r2
0x400c18: lw r2, [r28+0xffff8034]
0x400c1c: move r25, r2
0x400c20: jalr r25
0x400c24: move r1, r1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment