Skip to content

Instantly share code, notes, and snippets.

@dweinstein

dweinstein/-

Created July 21, 2015 18:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dweinstein/b42e2f59a47c61cb3240 to your computer and use it in GitHub Desktop.
Save dweinstein/b42e2f59a47c61cb3240 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
-
/ (fcn) sym.subsystem_control_shutdown 576
| ;-- sym.subsystem_control_shutdown:
| 0x000008d4 2de9f043 push.w {r4, r5, r6, r7, r8, sb, lr}
| 0x000008d8 0446 mov r4, r0
| 0x000008da 904f ldr r7, [pc, 0x240] ; [0xb1c:4]=0x333 "lize"
| 0x000008dc 91b0 sub sp, 0x44
| 0x000008de 904a ldr r2, [pc, 0x240] ; [0xb20:4]=0x371 "i_unwind_cpp_pr0"
| 0x000008e0 0420 movs r0, 4
| 0x000008e2 7f44 add r7, pc
| 0x000008e4 8f4e ldr r6, [pc, 0x23c] ; [0xb24:4]=0x16ca
| 0x000008e6 7a44 add r2, pc
| 0x000008e8 3946 mov r1, r7
| ; DATA XREF from 0x000008e2 (sym.subsystem_control_shutdown)
| 0x000008ea 7e44 add r6, pc
| 0x000008ec fff75aef blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ,=< 0x000008f0 3cb1 cbz r4, 0x902
| | ; DATA XREF from 0x000008ea (sym.subsystem_control_shutdown)
| | 0x000008f2 8d4a ldr r2, [pc, 0x234] ; [0xb28:4]=0x378 "d_cpp_pr0"
| | 0x000008f4 0620 movs r0, 6
| | 0x000008f6 3946 mov r1, r7
| | 0x000008f8 2346 mov r3, r4
| | 0x000008fa 7a44 add r2, pc
| | 0x000008fc fff752ef blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ,==< 0x00000900 15e0 b 0x92e
| || ; JMP XREF from 0x000008f0 (sym.subsystem_control_shutdown)
| || ; DATA XREF from 0x000008fa (sym.subsystem_control_shutdown)
| |`-> 0x00000902 8a4b ldr r3, [pc, 0x228] ; [0xb2c:4]=0x173a ; ":." @ 0xb2c
| | 0x00000904 0120 movs r0, 1
| | 0x00000906 bff35f8f dmb sy
| | 0x0000090a 7b44 add r3, pc
| ; JMP XREF from 0x0000091a (sym.subsystem_control_shutdown)
| .----> 0x0000090c 53e8002f ldrex r2, [r3]
| | | 0x00000910 002a cmp r2, 0
| |, ; DATA XREF from 0x0000090a (sym.subsystem_control_shutdown)
| |,===< 0x00000912 03d1 bne 0x91c
| ||| 0x00000914 43e80001 strex r1, r0, [r3]
| ||| 0x00000918 0029 cmp r1, 0
| `====< 0x0000091a f7d1 bne 0x90c
| | ; JMP XREF from 0x00000912 (sym.subsystem_control_shutdown)
| `---> 0x0000091c bff35f8f dmb sy
| ,=====< 0x00000920 08d0 beq 0x934
| | | 0x00000922 834a ldr r2, [pc, 0x20c] ; [0xb30:4]=0x362 "rnal_v01" ; "b." @ 0xb30
| | | 0x00000924 0420 movs r0, 4
| | | 0x00000926 3946 mov r1, r7
| | | 0x00000928 7a44 add r2, pc
| | | 0x0000092a fff73cef blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| | | ; JMP XREF from 0x00000900 (sym.subsystem_control_shutdown)
| | `--> 0x0000092e 6ff01504 mvn r4, 0x15
| ,======< 0x00000932 ebe0 b 0xb0c
| || ; JMP XREF from 0x00000920 (sym.subsystem_control_shutdown)
| |`-----> 0x00000934 2146 mov r1, r4
| | 0x00000936 0622 movs r2, 6
| | 0x00000938 fff7aaff bl sym.ssctl_get_service_object_internal_v01 ;sym.ssctl_get_service_object_internal_v01()
| | 0x0000093c 7d4d ldr r5, [pc, 0x1f4] ; [0xb34:4]=0xfffffff4
| | 0x0000093e dff8f8c1 ldr.w ip, [pc, 0x1f8] ; [0xb38:4]=0xfffffff8 LEA fcn.00000b38 ; fcn.00000b38
| | 0x00000942 07ac add r4, sp, 0x1c
| | 0x00000944 56f80590 ldr.w sb, [r6, r5]
| | 0x00000948 2146 mov r1, r4
| | 0x0000094a c9f80000 str.w r0, [sb]
| | 0x0000094e 56f80c50 ldr.w r5, [r6, ip]
| | 0x00000952 2a46 mov r2, r5
| | 0x00000954 fff72cef blx sym.imp.qmi_client_notifier_init ;sym.imp.qmi_client_notifier_init()
| | 0x00000958 0146 mov r1, r0
| ,=======< 0x0000095a 30b1 cbz r0, 0x96a
| || 0x0000095c 774a ldr r2, [pc, 0x1dc] ; [0xb3c:4]=0x34d "t_service_object_internal_v01" LEA fcn.00000b3c ; "M." @ 0xb3c
| || 0x0000095e 0620 movs r0, 6
| || 0x00000960 3946 mov r1, r7
| || 0x00000962 7a44 add r2, pc
| || ; JMP XREF from 0x00000842 (fcn.00000838)
| || 0x00000964 fff71eef blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ========< 0x00000968 7ce0 b 0xa64
| | ; JMP XREF from 0x0000095a (sym.subsystem_control_shutdown)
| | ; DATA XREF from 0x00000962 (sym.subsystem_control_shutdown)
| `-------> 0x0000096a 0890 str r0, [sp, 0x20]
| | 0x0000096c 05a8 add r0, sp, 0x14
| | 0x0000096e fff726ef blx sym.imp.gettimeofday ;sym.imp.gettimeofday()
| | 0x00000972 059f ldr r7, [sp, 0x14]
| | 0x00000974 674a ldr r2, [pc, 0x19c] ; [0xb14:4]=0x3b9ac9ff LEA fcn.00000b14 ; fcn.00000b14
| | 0x00000976 f81c adds r0, r7, 3
| | 0x00000978 069b ldr r3, [sp, 0x18]
| | 0x0000097a 0b90 str r0, [sp, 0x2c]
| | 0x0000097c 4ff47a70 mov.w r0, 0x3e8
| | 0x00000980 5843 muls r0, r3, r0
| | 0x00000982 9042 cmp r0, r2
| | 0x00000984 0c90 str r0, [sp, 0x30]
| ========< 0x00000986 05dd ble 0x994
| | 0x00000988 391d adds r1, r7, 4
| | 0x0000098a 0b91 str r1, [sp, 0x2c]
| | 0x0000098c 6249 ldr r1, [pc, 0x188] ; [0xb18:4]=0x3b9aca00
| | 0x0000098e fff71cef blx sym.imp.__aeabi_idivmod ;sym.imp.__aeabi_idivmod()
| | 0x00000992 0c91 str r1, [sp, 0x30]
| ; JMP XREF from 0x00000986 (sym.subsystem_control_shutdown)
| --------> 0x00000994 04f10c07 add.w r7, r4, 0xc
| | 0x00000998 04f10808 add.w r8, r4, 8
| | 0x0000099c 3846 mov r0, r7
| | 0x0000099e fff71aef blx sym.imp.pthread_mutex_lock ; fcn.000007be+0x16 ;fcn.000007be() ; sym.imp.pthread_mutex_lock
| ========< 0x000009a2 09e0 b 0x9b8
| ; JMP XREF from 0x000009bc (sym.subsystem_control_shutdown)
| --------> 0x000009a4 4046 mov r0, r8
| | 0x000009a6 3946 mov r1, r7
| | 0x000009a8 0baa add r2, sp, 0x2c
| | 0x000009aa fff71aef blx sym.imp.pthread_cond_timedwait ;sym.imp.pthread_cond_timedwait()
| | 0x000009ae 6e28 cmp r0, 0x6e
| ========< 0x000009b0 02d1 bne 0x9b8
| | 0x000009b2 0123 movs r3, 1
| | 0x000009b4 0893 str r3, [sp, 0x20]
| ========< 0x000009b6 02e0 b 0x9be
| ; JMP XREF from 0x000009a2 (sym.subsystem_control_shutdown)
| ; JMP XREF from 0x000009b0 (sym.subsystem_control_shutdown)
| --------> 0x000009b8 0798 ldr r0, [sp, 0x1c]
| | 0x000009ba 0028 cmp r0, 0
| ========< 0x000009bc f2d0 beq 0x9a4
| ; JMP XREF from 0x000009b6 (sym.subsystem_control_shutdown)
| --------> 0x000009be 04f10c00 add.w r0, r4, 0xc
| | 0x000009c2 fff7eaee blx sym.imp.pthread_mutex_unlock ;sym.imp.pthread_mutex_unlock()
| | 0x000009c6 089a ldr r2, [sp, 0x20]
| ========< 0x000009c8 2ab1 cbz r2, 0x9d6
| | 0x000009ca 5d49 ldr r1, [pc, 0x174] ; [0xb40:4]=0x245 ; "E." @ 0xb40
| | 0x000009cc 0620 movs r0, 6
| | 0x000009ce 5d4a ldr r2, [pc, 0x174] ; [0xb44:4]=0x2fc "@ "
| | 0x000009d0 7944 add r1, pc
| | 0x000009d2 7a44 add r2, pc
| ========< 0x000009d4 10e0 b 0x9f8
| ; JMP XREF from 0x000009c8 (sym.subsystem_control_shutdown)
| --------> 0x000009d6 5c49 ldr r1, [pc, 0x170] ; [0xb48:4]=0x1660 ; "`." @ 0xb48
| | ; DATA XREF from 0x000009d0 (sym.subsystem_control_shutdown)
| | 0x000009d8 0baf add r7, sp, 0x2c
| | ; DATA XREF from 0x000009d2 (sym.subsystem_control_shutdown)
| | 0x000009da 0792 str r2, [sp, 0x1c]
| | 0x000009dc 7944 add r1, pc
| | 0x000009de d9f80000 ldr.w r0, [sb]
| | 0x000009e2 3a46 mov r2, r7
| | ; DATA XREF from 0x000009dc (sym.subsystem_control_shutdown)
| | 0x000009e4 0968 ldr r1, [r1]
| | 0x000009e6 fff702ef blx sym.imp.qmi_client_get_service_instance ;sym.imp.qmi_client_get_service_instance()
| | 0x000009ea 0346 mov r3, r0
| ========< 0x000009ec 50b1 cbz r0, 0xa04
| | 0x000009ee 5749 ldr r1, [pc, 0x15c] ; [0xb4c:4]=0x221 ; "!." @ 0xb4c
| | 0x000009f0 0620 movs r0, 6
| | 0x000009f2 574a ldr r2, [pc, 0x15c] ; [0xb50:4]=0x2f5
| | 0x000009f4 7944 add r1, pc
| | 0x000009f6 7a44 add r2, pc
| ; JMP XREF from 0x00000a2a (sym.subsystem_control_shutdown)
| ; JMP XREF from 0x000009d4 (sym.subsystem_control_shutdown)
| --------> 0x000009f8 fff7d4ee blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| | ; DATA XREF from 0x000009f4 (sym.subsystem_control_shutdown)
| | 0x000009fc 2868 ldr r0, [r5]
| | ; DATA XREF from 0x000009f6 (sym.subsystem_control_shutdown)
| | 0x000009fe fff7fcee blx sym.imp.qmi_client_release ;sym.imp.qmi_client_release()
| ========< 0x00000a02 2fe0 b 0xa64
| ; JMP XREF from 0x000009ec (sym.subsystem_control_shutdown)
| --------> 0x00000a04 5348 ldr r0, [pc, 0x14c] ; [0xb54:4]=0xfffffffc
| | 0x00000a06 0094 str r4, [sp]
| | 0x00000a08 534a ldr r2, [pc, 0x14c] ; [0xb58:4]=0xfffffe9b LEA fcn.00000b58 ; fcn.00000b58
| | 0x00000a0a 3458 ldr r4, [r6, r0]
| | 0x00000a0c 3846 mov r0, r7
| | 0x00000a0e 7a44 add r2, pc
| | 0x00000a10 0194 str r4, [sp, 4]
| | 0x00000a12 a046 mov r8, r4
| | 0x00000a14 d9f80010 ldr.w r1, [sb]
| | 0x00000a18 fff7f4ee blx sym.imp.qmi_client_init ;sym.imp.qmi_client_init()
| | 0x00000a1c 0646 mov r6, r0
| ========< 0x00000a1e 28b1 cbz r0, 0xa2c
| | 0x00000a20 4e49 ldr r1, [pc, 0x138] ; [0xb5c:4]=495
| | 0x00000a22 0620 movs r0, 6
| | 0x00000a24 4e4a ldr r2, [pc, 0x138] ; [0xb60:4]=0x2db
| | 0x00000a26 7944 add r1, pc
| | 0x00000a28 7a44 add r2, pc
| ========< 0x00000a2a e5e7 b 0x9f8
| ; JMP XREF from 0x00000a1e (sym.subsystem_control_shutdown)
| --------> 0x00000a2c 4d49 ldr r1, [pc, section..interp] ; [0xb64:4]=0x1604
| | ; DATA XREF from 0x00000a26 (sym.subsystem_control_shutdown)
| | 0x00000a2e 0122 movs r2, 1
| | ; DATA XREF from 0x00000a28 (sym.subsystem_control_shutdown)
| | 0x00000a30 dff83491 ldr.w sb, [pc, section..interp] ; [0xb68:4]=0x1610
| | 0x00000a34 7944 add r1, pc
| | 0x00000a36 4d4b ldr r3, [pc, section..interp] ; [0xb6c:4]=0x1606
| | 0x00000a38 f944 add sb, pc
| | 0x00000a3a 7b44 add r3, pc
| | ; DATA XREF from 0x00000a34 (sym.subsystem_control_shutdown)
| | 0x00000a3c 0c68 ldr r4, [r1]
| | 0x00000a3e 4846 mov r0, sb
| | ; DATA XREF from 0x00000a38 (sym.subsystem_control_shutdown)
| | 0x00000a40 1a60 str r2, [r3]
| | ; DATA XREF from 0x00000a3a (sym.subsystem_control_shutdown)
| | 0x00000a42 fff7c8ee blx sym.imp.pthread_mutex_lock ; fcn.000007be+0x16 ;fcn.000007be() ; sym.imp.pthread_mutex_lock
| | 0x00000a46 0097 str r7, [sp]
| | 0x00000a48 0827 movs r7, 8
| | 0x00000a4a 07f53b60 add.w r0, r7, 0xbb0
| | 0x00000a4e 0197 str r7, [sp, 4]
| | 0x00000a50 0290 str r0, [sp, 8]
| | 0x00000a52 2146 mov r1, r4
| | 0x00000a54 d8f80000 ldr.w r0, [r8]
| | 0x00000a58 3246 mov r2, r6
| | 0x00000a5a 3346 mov r3, r6
| | 0x00000a5c fff7d8ee blx sym.imp.qmi_client_send_msg_sync ;sym.imp.qmi_client_send_msg_sync()
| ========< 0x00000a60 40bb cbnz r0, 0xab4
| ========< 0x00000a62 0be0 b 0xa7c
| ; JMP XREF from 0x00000a02 (sym.subsystem_control_shutdown)
| ; JMP XREF from 0x00000968 (sym.subsystem_control_shutdown)
| --------> 0x00000a64 4249 ldr r1, [pc, 0x108] ; [0xb70:4]=423
| | 0x00000a66 0620 movs r0, 6
| | 0x00000a68 424a ldr r2, [pc, 0x108] ; [0xb74:4]=0x2ac "T "
| | 0x00000a6a 4ff0ff36 mov.w r6, -1
| | 0x00000a6e 7944 add r1, pc
| | 0x00000a70 6ff01504 mvn r4, 0x15
| | 0x00000a74 7a44 add r2, pc
| | ; DATA XREF from 0x00000a6e (sym.subsystem_control_shutdown)
| | 0x00000a76 fff796ee blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ========< 0x00000a7a 2ee0 b 0xada
| ; JMP XREF from 0x00000a62 (sym.subsystem_control_shutdown)
| ; DATA XREF from 0x00000a74 (sym.subsystem_control_shutdown)
| --------> 0x00000a7c 0c9e ldr r6, [sp, 0x30]
| | 0x00000a7e 0446 mov r4, r0
| ; JMP XREF from 0x00000aa4 (sym.subsystem_control_shutdown)
| --------> 0x00000a80 4846 mov r0, sb
| | 0x00000a82 fff7ccee blx sym.imp.pthread_mutex_trylock ;sym.imp.pthread_mutex_trylock()
| ========< 0x00000a86 40b9 cbnz r0, 0xa9a
| | 0x00000a88 3b49 ldr r1, [pc, 0xec] ; [0xb78:4]=389
| | 0x00000a8a 0420 movs r0, 4
| | 0x00000a8c 3b4a ldr r2, [pc, 0xec] ; [0xb7c:4]=0x2a4 "."
| | 0x00000a8e 2346 mov r3, r4
| | 0x00000a90 7944 add r1, pc
| | 0x00000a92 7a44 add r2, pc
| | 0x00000a94 fff786ee blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ; DATA XREF from 0x00000a90 (sym.subsystem_control_shutdown)
| ========< 0x00000a98 0ee0 b 0xab8
| ; JMP XREF from 0x00000a86 (sym.subsystem_control_shutdown)
| ; DATA XREF from 0x00000a92 (sym.subsystem_control_shutdown)
| --------> 0x00000a9a 0120 movs r0, 1
| | 0x00000a9c 0134 adds r4, 1
| | 0x00000a9e fff7c4ee blx sym.imp.sleep ;sym.imp.sleep()
| | 0x00000aa2 0b2c cmp r4, 0xb
| ========< 0x00000aa4 ecd1 bne 0xa80
| | 0x00000aa6 3649 ldr r1, [pc, 0xd8] ; [0xb80:4]=361 ; "i." @ 0xb80
| | 0x00000aa8 0620 movs r0, 6
| | 0x00000aaa 364a ldr r2, [pc, 0xd8] ; [0xb84:4]=0x2bd " "
| | 0x00000aac 7944 add r1, pc ; "O..63O4H.DxD..j.<hD..." @ 0xab4
| | 0x00000aae 7a44 add r2, pc
| | 0x00000ab0 fff778ee blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ; JMP XREF from 0x00000a60 (sym.subsystem_control_shutdown)
| ; DATA XREF from 0x00000aac (sym.subsystem_control_shutdown)
| --------> 0x00000ab4 4ff0ff36 mov.w r6, -1
| ; JMP XREF from 0x00000a98 (sym.subsystem_control_shutdown)
| --------> 0x00000ab8 334f ldr r7, [pc, 0xcc] ; [0xb88:4]=0x1584
| | 0x00000aba 3448 ldr r0, [pc, 0xd0] ; [0xb8c:4]=0x158a
| | 0x00000abc 7f44 add r7, pc ; "<hD..." @ 0xac4
| | 0x00000abe 7844 add r0, pc ; "D..." @ 0xac6
| | 0x00000ac0 fff76aee blx sym.imp.pthread_mutex_unlock ;sym.imp.pthread_mutex_unlock()
| | ; DATA XREF from 0x00000abc (sym.subsystem_control_shutdown)
| | 0x00000ac4 3c68 ldr r4, [r7]
| ; DATA XREF from 0x00000abe (sym.subsystem_control_shutdown)
| ========< 0x00000ac6 44b1 cbz r4, 0xada
| | 0x00000ac8 d8f80000 ldr.w r0, [r8]
| | 0x00000acc 0024 movs r4, 0
| | 0x00000ace fff794ee blx sym.imp.qmi_client_release ;sym.imp.qmi_client_release()
| | 0x00000ad2 2868 ldr r0, [r5]
| | 0x00000ad4 fff790ee blx sym.imp.qmi_client_release ;sym.imp.qmi_client_release()
| | 0x00000ad8 3c60 str r4, [r7]
| ; JMP XREF from 0x00000ac6 (sym.subsystem_control_shutdown)
| ; JMP XREF from 0x00000a7a (sym.subsystem_control_shutdown)
| --------> 0x00000ada 2d4b ldr r3, [pc, 0xb4] ; [0xb90:4]=0x1562 ; "b." @ 0xb90
| | 0x00000adc 0022 movs r2, 0
| | 0x00000ade bff35f8f dmb sy
| | 0x00000ae2 7b44 add r3, pc
| ; JMP XREF from 0x00000af2 (sym.subsystem_control_shutdown)
| --------> 0x00000ae4 53e8001f ldrex r1, [r3]
| | 0x00000ae8 0129 cmp r1, 1
| ; DATA XREF from 0x00000ae2 (sym.subsystem_control_shutdown)
| ========< 0x00000aea 03d1 bne 0xaf4
| | 0x00000aec 43e80020 strex r0, r2, [r3]
| | 0x00000af0 0028 cmp r0, 0
| ========< 0x00000af2 f7d1 bne 0xae4
| ; JMP XREF from 0x00000aea (sym.subsystem_control_shutdown)
| --------> 0x00000af4 bff35f8f dmb sy
| ========< 0x00000af8 3cb1 cbz r4, 0xb0a
| | 0x00000afa 2649 ldr r1, [pc, 0x98] ; [0xb94:4]=277
| | 0x00000afc 0620 movs r0, 6
| | 0x00000afe 264a ldr r2, [pc, 0x98] ; [0xb98:4]=0x2a7
| | 0x00000b00 7944 add r1, pc
| | 0x00000b02 7a44 add r2, pc
| | 0x00000b04 fff74eee blx sym.imp.__android_log_print ;sym.imp.__android_log_print()
| ; DATA XREF from 0x00000b00 (sym.subsystem_control_shutdown)
| ========< 0x00000b08 00e0 b 0xb0c
| ; JMP XREF from 0x00000af8 (sym.subsystem_control_shutdown)
| ; DATA XREF from 0x00000b02 (sym.subsystem_control_shutdown)
| --------> 0x00000b0a 3446 mov r4, r6
| | ; JMP XREF from 0x00000932 (sym.subsystem_control_shutdown)
| | ; JMP XREF from 0x00000b08 (sym.subsystem_control_shutdown)
| -`------> 0x00000b0c 2046 mov r0, r4
| 0x00000b0e 11b0 add sp, 0x44
\ 0x00000b10 bde8f083 pop.w {r4, r5, r6, r7, r8, sb, pc}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment