Created
February 3, 2019 10:49
-
-
Save exjam/4f1db094aabc8ee723353b2e2736ab11 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| int __fastcall sub_5033C50(int a1, int a2, int a3, int a4, char a5) | |
| { | |
| int v5; // lr | |
| int v6; // r11 | |
| int v7; // r3 | |
| int v8; // r2 | |
| int v9; // r3 | |
| int v10; // r2 | |
| signed int v11; // r0 | |
| int v12; // r1 | |
| int v13; // r2 | |
| unsigned int v14; // r3 | |
| int v15; // r3 | |
| int v16; // r0 | |
| unsigned int v17; // r2 | |
| unsigned int v18; // r2 | |
| int *v19; // r4 | |
| signed int v20; // r0 | |
| int *v21; // r2 | |
| unsigned int v22; // r6 | |
| int *v23; // r3 | |
| int v24; // r3 | |
| signed int v25; // r5 | |
| int v26; // r3 | |
| int v27; // r2 | |
| char v28; // ST03_1 | |
| int v29; // r5 | |
| int v30; // r3 | |
| int v31; // r2 | |
| char v32; // ST03_1 | |
| signed int v33; // r6 | |
| signed int v34; // r4 | |
| int v35; // r0 | |
| int v36; // r4 | |
| int v37; // r0 | |
| int v38; // r0 | |
| int v39; // r0 | |
| int v40; // r3 | |
| int v41; // r2 | |
| int v42; // r1 | |
| int v43; // r0 | |
| int v44; // r1 | |
| int v45; // r2 | |
| u32 v46; // r5 | |
| int v47; // r3 | |
| void *v48; // r0 | |
| _DWORD *v49; // r1 | |
| int *v50; // r3 | |
| void *v51; // r0 | |
| _DWORD *v52; // r1 | |
| int v53; // r2 | |
| int v54; // r1 | |
| int v55; // r0 | |
| int v56; // r4 | |
| int v57; // r1 | |
| unsigned int v58; // r2 | |
| int v59; // r2 | |
| int v60; // r3 | |
| _DWORD *v61; // r0 | |
| int v62; // r2 | |
| int v63; // r4 | |
| u32 v64; // r1 | |
| int v65; // r2 | |
| IpcRequest *v66; // r0 | |
| int v67; // r1 | |
| signed int v68; // r0 | |
| int v69; // r4 | |
| int v70; // r3 | |
| int v71; // r2 | |
| signed int v72; // r4 | |
| int v73; // r0 | |
| int v74; // r3 | |
| int v75; // r2 | |
| int v76; // r1 | |
| int v77; // r0 | |
| int v78; // r3 | |
| int v79; // r2 | |
| int v80; // r1 | |
| char v81; // ST03_1 | |
| int v82; // r3 | |
| int v83; // r0 | |
| int v84; // r3 | |
| int v85; // r2 | |
| int v86; // r1 | |
| char v87; // ST03_1 | |
| int v88; // r3 | |
| int v89; // r2 | |
| int v90; // r1 | |
| int v91; // r2 | |
| char v93; // [sp+3h] [bp-5h] | |
| char v94; // [sp+3h] [bp-5h] | |
| char v95; // [sp+3h] [bp-5h] | |
| char v96; // [sp+3h] [bp-5h] | |
| char v97; // [sp+3h] [bp-5h] | |
| char v98; // [sp+3h] [bp-5h] | |
| char v99; // [sp+3h] [bp-5h] | |
| IpcRequest *ipc_handle; // [sp+1Ch] [bp+14h] | |
| int queueid; // [sp+20h] [bp+18h] | |
| int *v102; // [sp+24h] [bp+1Ch] | |
| int *v103; // [sp+28h] [bp+20h] | |
| int *v104; // [sp+2Ch] [bp+24h] | |
| int *i; // [sp+30h] [bp+28h] | |
| int *v106; // [sp+34h] [bp+2Ch] | |
| int v107; // [sp+38h] [bp+30h] | |
| int v108; // [sp+138h] [bp+130h] | |
| unsigned int v109; // [sp+163h] [bp+15Bh] | |
| unsigned int v110; // [sp+167h] [bp+15Fh] | |
| unsigned int v111; // [sp+16Bh] [bp+163h] | |
| unsigned int v112; // [sp+16Fh] [bp+167h] | |
| unsigned int v113; // [sp+173h] [bp+16Bh] | |
| int v114; // [sp+178h] [bp+170h] | |
| int v115; // [sp+180h] [bp+178h] | |
| unsigned __int8 v116; // [sp+188h] [bp+180h] | |
| int v117; // [sp+18Ch] [bp+184h] | |
| IpcRequest *v118; // [sp+190h] [bp+188h] | |
| int v119; // [sp+194h] [bp+18Ch] | |
| char v120; // [sp+19Bh] [bp+193h] | |
| int anonymous9; // [sp+1ACh] [bp+1A4h] | |
| int vars14; // [sp+1B0h] [bp+1A8h] | |
| int *vars18; // [sp+1B4h] [bp+1ACh] | |
| int vars1C; // [sp+1B8h] [bp+1B0h] | |
| int vars20; // [sp+1BCh] [bp+1B4h] | |
| int v126; // [sp+1C0h] [bp+1B8h] | |
| vars18 = &v126; | |
| vars20 = 84098140; | |
| vars14 = v6; | |
| vars1C = v5; | |
| MCP_if_priv_SignalSemaphore(&dword_1FE12B84, a2, a3, (int)&vars20, v93); | |
| queueid = Call_SysCall_0x0C_IOS_MCP((u32 *)&v108, 0xAu); | |
| if ( queueid < 0 ) | |
| ((void (*)(void))loc_50345BC)(); | |
| if ( IOS_MCP_RegisterResourceManager((int)"/dev/ppc_app", queueid, v8, v7, v94) ) | |
| ((void (*)(void))loc_50345BC)(); | |
| v11 = IOS_MCP_RegisterResourceManager((int)"/dev/ppc_kernel", queueid, v10, v9, v95); | |
| if ( !v11 ) | |
| v11 = ((int (*)(void))loc_5034578)(); | |
| ((void (__fastcall *)(signed int))loc_50345BC)(v11); | |
| ipc_handle = v118; | |
| v13 = (BYTE2(v118->command) << 8) | (BYTE1(v118->command) << 16) | (HIBYTE(v118->command) << 24); | |
| v14 = _byteswap_ulong(v118->command) - 1; | |
| while ( 2 ) | |
| { | |
| switch ( v14 ) | |
| { | |
| case 0u: | |
| v15 = (BYTE2(ipc_handle->args[0]) << 8) | (BYTE1(ipc_handle->args[0]) << 16) | (HIBYTE(ipc_handle->args[0]) << 24); | |
| v16 = memcmp_2(_byteswap_ulong(ipc_handle->args[0]), (int)"/dev/ppc_kernel", 16); | |
| if ( !v16 ) | |
| v16 = ((int (*)(void))loc_50345AE)(); | |
| ((void (__fastcall *)(int))loc_5034570)(v16); | |
| goto LABEL_13; | |
| case 1u: | |
| goto LABEL_59; | |
| case 2u: | |
| case 3u: | |
| case 4u: | |
| case 6u: | |
| case 7u: | |
| case 8u: | |
| case 9u: | |
| case 0xAu: | |
| goto LABEL_97; | |
| case 5u: | |
| v54 = HIBYTE(ipc_handle->processId); | |
| v55 = BYTE1(ipc_handle->processId); | |
| v56 = BYTE2(ipc_handle->processId); | |
| if ( _byteswap_ulong(ipc_handle->handle) == 0x6E726B )// PpcKernelHandle | |
| { | |
| if ( ((v56 << 8) | (v55 << 16) | (v54 << 24) | LOBYTE(ipc_handle->processId)) == 14 ) | |
| { | |
| LABEL_105: | |
| v72 = 29; | |
| goto LABEL_106; | |
| } | |
| goto LABEL_104; | |
| } | |
| if ( ((v56 << 8) | (v55 << 16) | (v54 << 24) | LOBYTE(ipc_handle->processId)) != 14 )// COSKERNEL | |
| { | |
| LABEL_104: | |
| v72 = 1; | |
| goto LABEL_106; | |
| } | |
| v57 = HIBYTE(ipc_handle->args[0]) << 24; | |
| v58 = _byteswap_ulong(ipc_handle->args[0]);// .ioctl.request | |
| if ( v58 != 0xB1 ) | |
| { | |
| if ( v58 <= 0xB1 ) | |
| { | |
| if ( v58 == 0xB0 ) // StartupEvent | |
| { | |
| if ( dword_50A2754 ) | |
| { | |
| v36 = dword_50A2754; | |
| goto LABEL_98; | |
| } | |
| dword_50A2758 = (int)ipc_handle; | |
| goto LABEL_101; | |
| } | |
| LABEL_97: | |
| v36 = -29; | |
| goto LABEL_98; | |
| } | |
| if ( v58 == 0xB2 ) // PowerOff | |
| { | |
| v116 = 2; | |
| sub_50202B8(v55, v57, 0xB2, 2, v96); | |
| v68 = IOS_MCP_Perform_Ioctl("PPC", 0, "Exe", 1u, (char *)&v116); | |
| v69 = v68; | |
| if ( v68 ) | |
| { | |
| mcp::syslog("FAIL: failed to turn off ppc power, err 0x%x\n", v68); | |
| sub_5059278(); | |
| Call_IOS_MCP_Issue_Panic("failed to turn off ppc power, err 0x%x\n", v69, v71, v70); | |
| v72 = 21; | |
| LABEL_106: | |
| v36 = -v72; | |
| LABEL_99: | |
| v66 = ipc_handle; | |
| v64 = v36; | |
| LABEL_100: | |
| mcp::sc0x49_IOS_ResourceReply(v66, v64); | |
| goto LABEL_101; | |
| } | |
| if ( dword_50A2760 ) | |
| { | |
| mcp::sc0x49_IOS_ResourceReply((void *)dword_50A2760, 0); | |
| dword_50A2760 = v69; | |
| } | |
| } | |
| else | |
| { | |
| if ( v58 != 0xB3 ) // UnrecoverableError | |
| goto LABEL_97; | |
| v120 = 2; | |
| v73 = mcp::syslog("COS encountered unrecoverable error...\n"); | |
| Process_IOSU_Command(v73, v76, v75, v74, v96); | |
| v77 = sub_5059278(); | |
| sub_50202B8(v77, v80, v79, v78, v81); | |
| IOS_MCP_Perform_Ioctl("PPC", 0, "Exe", 1u, &v120); | |
| if ( dword_50A2760 ) | |
| { | |
| mcp::sc0x49_IOS_ResourceReply((void *)dword_50A2760, 0); | |
| dword_50A2760 = 0; | |
| } | |
| dword_50A275C = 1; | |
| sub_5059300(); | |
| v83 = mpc_store_logs(0, 0, 0, v82, v99); | |
| sub_5009C04(v83, v86, v85, v84, v87); | |
| if ( Call_SysCall_0x7A_IOS_MCP() == 30 ) | |
| Call_IOS_MCP_Issue_Panic("COS encountered unrecoverable error...\n", v90, v89, v88); | |
| else | |
| dword_50B8184[2] = 0; | |
| } | |
| LABEL_59: | |
| v36 = 0; | |
| goto LABEL_99; | |
| } | |
| v59 = (BYTE2(ipc_handle->args[3]) << 8) | (BYTE1(ipc_handle->args[3]) << 16) | (HIBYTE(ipc_handle->args[3]) << 24); | |
| v60 = LOBYTE(ipc_handle->args[3]); | |
| v61 = (_DWORD *)_byteswap_ulong(ipc_handle->args[3]); | |
| if ( !v61 ) | |
| goto LABEL_105; | |
| v62 = (BYTE2(ipc_handle->args[4]) << 8) | (BYTE1(ipc_handle->args[4]) << 16) | (HIBYTE(ipc_handle->args[4]) << 24); | |
| if ( _byteswap_ulong(ipc_handle->args[4]) <= 7 ) | |
| goto LABEL_105; | |
| v63 = dword_50A2760; | |
| if ( dword_50A2760 ) | |
| { | |
| v64 = 0; | |
| *v61 = _byteswap_ulong(*(_DWORD *)(dword_50A2760 + 36)); | |
| v65 = (*(unsigned __int8 *)(v63 + 42) << 8) | (*(unsigned __int8 *)(v63 + 41) << 16) | (*(unsigned __int8 *)(v63 + 40) << 24); | |
| v61[1] = _byteswap_ulong(*(_DWORD *)(v63 + 40)); | |
| v66 = ipc_handle; | |
| goto LABEL_100; | |
| } | |
| v67 = dword_50A2750; | |
| if ( dword_50A2750 ) | |
| { | |
| *v61 = _byteswap_ulong(*(_DWORD *)(dword_50A2750 + 36)); | |
| v61[1] = _byteswap_ulong(*(_DWORD *)(v67 + 40)); | |
| mcp::sc0x49_IOS_ResourceReply(ipc_handle, 0); | |
| mcp::sc0x49_IOS_ResourceReply((void *)dword_50A2750, 0); | |
| dword_50A2750 = v63; | |
| } | |
| else | |
| { | |
| dword_50A274C = (int)ipc_handle; | |
| } | |
| LABEL_101: | |
| if ( !Call_SysCall_0x10_IOS_MCP(queueid, (u32 *)&v118, 0) ) | |
| ((void (*)(void))loc_5033CAC)(); | |
| return anonymous9; | |
| case 0xBu: | |
| if ( _byteswap_ulong(ipc_handle->handle) == 7238251 ) | |
| { | |
| sub_50288A0((int)ipc_handle, v12, 7238251, 7238251, v96); | |
| goto LABEL_59; | |
| } | |
| if ( Call_SysCall_0x7A_IOS_MCP() != 30 && dword_50A275C ) | |
| goto LABEL_59; | |
| v51 = (void *)dword_50A274C; | |
| dword_50A2760 = (int)ipc_handle; | |
| if ( dword_50A274C ) | |
| { | |
| v52 = (_DWORD *)_byteswap_ulong(*(_DWORD *)(dword_50A274C + 48)); | |
| *v52 = _byteswap_ulong(ipc_handle->args[0]); | |
| v53 = (BYTE2(ipc_handle->args[1]) << 8) | (BYTE1(ipc_handle->args[1]) << 16) | (HIBYTE(ipc_handle->args[1]) << 24); | |
| v52[1] = _byteswap_ulong(ipc_handle->args[1]); | |
| mcp::sc0x49_IOS_ResourceReply(v51, 0); | |
| dword_50A274C = 0; | |
| } | |
| goto LABEL_101; | |
| case 0xCu: | |
| LABEL_13: | |
| if ( _byteswap_ulong(ipc_handle->handle) != 0x6E726B ) | |
| { | |
| v44 = HIBYTE(ipc_handle->args[0]) << 24; | |
| v45 = LOBYTE(ipc_handle->args[0]); | |
| v46 = _byteswap_ulong(ipc_handle->args[0]); | |
| if ( v46 != 0x100000 | |
| || (v47 = BYTE2(ipc_handle->args[1]), v45 = (int)&ipc_handle->args[1], v44 = v47 << 27, !(v47 & 0x10)) ) | |
| { | |
| v50 = &dword_50A2754; | |
| dword_50A2754 = v46; | |
| if ( dword_50A2758 ) | |
| { | |
| mcp::sc0x49_IOS_ResourceReply((void *)dword_50A2758, v46); | |
| v50 = 0; | |
| dword_50A2758 = 0; | |
| } | |
| sub_50288F4(3, v44, v45, (int)v50, v96); | |
| goto LABEL_59; | |
| } | |
| v48 = (void *)dword_50A274C; | |
| if ( dword_50A274C ) | |
| { | |
| v49 = (_DWORD *)_byteswap_ulong(*(_DWORD *)(dword_50A274C + 48)); | |
| *v49 = 0x100000; | |
| v49[1] = _byteswap_ulong(ipc_handle->args[1]); | |
| mcp::sc0x49_IOS_ResourceReply(v48, 0); | |
| dword_50A274C = 0; | |
| goto LABEL_59; | |
| } | |
| dword_50A2750 = (int)ipc_handle; | |
| goto LABEL_101; | |
| } | |
| dword_50A2890[145] = dword_50B7F04; | |
| dword_50A2770 = 0x3000050; | |
| dword_50A2764 = 22310; | |
| dword_50A2768 = (int)&unk_0000040C; | |
| dword_50A288C = 0; | |
| dword_50A2774 = 0; | |
| dword_50A2824 = 0; | |
| dword_50A2778 = 0; | |
| if ( !Call_Unknown_IOCTL_0x03(&v119) ) | |
| dword_50A2770 = v119; | |
| dword_50B816C[1] &= 0xF7FFFFFF; | |
| if ( Call_SysCall_0x7A_IOS_MCP() != 30 ) | |
| dword_50B816C[1] |= 0x8000000u; | |
| v17 = dword_50B816C[1] & 0xEFFFFFFF; | |
| dword_50B816C[1] &= 0xEFFFFFFF; | |
| if ( dword_50B81B4[6] ) | |
| dword_50B816C[1] = (unsigned int)dword_10000000 | v17; | |
| v18 = dword_50B816C[1] & 0xDFFFFFFF; | |
| dword_50B816C[1] &= 0xDFFFFFFF; | |
| if ( kernel::gBootFlags & 0x10000 ) | |
| dword_50B816C[1] = (unsigned int)&dword_20000000 | v18; | |
| if ( kernel::gBootFlags & 0x10 ) | |
| dword_50B816C[1] |= (unsigned int)IOS_Crypto_AES_TE3; | |
| if ( (unsigned int)(unsigned __int16)dword_50B7F04 - 32 <= 1 | |
| && kernel::gSystemFileSys == 1 | |
| && !(dword_50B816C[1] & 0xE00) ) | |
| { | |
| dword_50B816C[1] |= 0x200u; | |
| } | |
| dword_50A276C = dword_50B816C[1]; | |
| dword_50A2890[182] = kernel::gSystemMode; | |
| dword_50A2890[183] = kernel::gBootFlags; | |
| v19 = &dword_50A2828; | |
| do | |
| { | |
| *v19 = 8; | |
| *(_DWORD *)((char *)&unk_00000004 + (_DWORD)v19) = -1; | |
| *(_DWORD *)((char *)&unk_00000008 + (_DWORD)v19) = 0; | |
| v19 += 3; | |
| } | |
| while ( v19 != &dword_50A2834[21] ); | |
| v20 = IOS_MCP_keyring_deallocate_entry_0("PPC", 0, "Summary", 0x10u, &v114); | |
| v21 = v19 - 26; | |
| if ( v20 ) | |
| { | |
| *v21 = 0; | |
| v91 = 0; | |
| } | |
| else | |
| { | |
| *v21 = v114; | |
| v91 = v115; | |
| } | |
| v22 = 0; | |
| dword_50A277C = v91; | |
| v23 = &dword_50A2780[4]; | |
| v102 = dword_50A2780; | |
| v103 = &dword_50A2780[1]; | |
| v104 = &dword_50A2780[2]; | |
| for ( i = &dword_50A2780[3]; ; i += 5 ) | |
| { | |
| v106 = v23; | |
| if ( v22 >= dword_50A2820 ) | |
| break; | |
| if ( IOS_MCP_keyring_deallocate_entry_0("PPC", v22, "CoreProperties", 0x15u, &v109) ) | |
| { | |
| *v102 = 0; | |
| *v103 = 0; | |
| *v104 = 0; | |
| *i = 0; | |
| *v106 = 0; | |
| } | |
| else | |
| { | |
| *v102 = _byteswap_ulong(v109); | |
| *v103 = _byteswap_ulong(v110); | |
| *v104 = _byteswap_ulong(v111); | |
| *i = _byteswap_ulong(v112); | |
| *v106 = _byteswap_ulong(v113); | |
| dword_50A2824 |= 1 << v22; | |
| } | |
| ++v22; | |
| v23 = v106 + 5; | |
| v102 += 5; | |
| v103 += 5; | |
| v104 += 5; | |
| } | |
| if ( !sub_5059568("Sys", 0, "iop2x", 1u, &v116) ) | |
| { | |
| v24 = v116; | |
| if ( v116 == 2 ) | |
| { | |
| v24 = dword_50A2774 | 1; | |
| dword_50A2774 |= 1u; | |
| } | |
| } | |
| v25 = sub_5033AEC(0, (int)&dword_50A2764, (int)&dword_50A2764, v24, v97); | |
| v29 = v25 | sub_5033AEC(1, (int)&dword_50A2764, v27, v26, v28); | |
| v33 = sub_5033AEC(2, (int)&dword_50A2764, v31, v30, v32); | |
| v34 = sub_50417BC(&dword_50A2890[181]); | |
| memcpy_1(0x1FFF000, (char *)&dword_50A2764, (signed int)&unk_0000040C); | |
| Call_SysCall_0x52_IOS_MCP(); | |
| Call_SysCall_0x6D_IOS_MCP(); | |
| v36 = v34 | v33 | v29 | v35; | |
| if ( !v36 ) | |
| { | |
| Call_SysCall_0x77_IOS_MCP(); | |
| v36 = v37; | |
| if ( !v37 ) | |
| { | |
| snprintf_0((char *)&v107, 256, "%s/%s", (int)dword_50B7FD0, "kernel.img"); | |
| v36 = sub_50170FC((int)&v107, 0, 0x8000000u, 0x120000u, &v119, 1); | |
| Call_SysCall_0x52_IOS_MCP(); | |
| if ( !v36 ) | |
| { | |
| Call_SysCall_0x77_IOS_MCP(); | |
| v36 = v38; | |
| if ( !v38 ) | |
| { | |
| MEMORY[0x16FFFFC] = 0; | |
| Call_SysCall_0x52_IOS_MCP(); | |
| v120 = 2; | |
| IOS_MCP_Perform_Ioctl("PPC", 0, "Exe", 1u, &v120); | |
| Call_SysCall_0x5F_IOS_MCP(); | |
| *(_DWORD *)&v116 = 0; | |
| v117 = 0; | |
| Call_SysCall_0x1A_IOS_MCP(); | |
| if ( v39 < 0 ) | |
| { | |
| *(_DWORD *)&v116 = 0; | |
| v117 = 0; | |
| } | |
| dword_50A2778 = v117; | |
| memcpy_1(0x1FFF000, (char *)&dword_50A2764, (signed int)&unk_0000040C); | |
| Call_SysCall_0x52_IOS_MCP(); | |
| v120 = 1; | |
| v36 = IOS_MCP_Perform_Ioctl("PPC", 0, "Exe", 1u, &v120); | |
| if ( v36 ) | |
| { | |
| Call_SysCall_0x51_IOS_MCP(); | |
| mcp::syslog("MCP: PPC Boot FAIL.\n"); | |
| mcp::syslog("PPC boot error %d, rom trace code %x\n", v36, MEMORY[0x16FFFFC]); | |
| sub_5059278(); | |
| } | |
| else | |
| { | |
| Call_SysCall_0x5B_IOS_MCP(); | |
| sub_5028700(v43, v42, v41, v40, v98); | |
| } | |
| } | |
| } | |
| } | |
| } | |
| LABEL_98: | |
| if ( v36 == -262207 ) | |
| goto LABEL_101; | |
| goto LABEL_99; | |
| default: | |
| ((void (*)(void))loc_5034566)(); | |
| continue; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment