|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Go (iBoot command)
iPhone 3GS 8920x from iBoot-636.66
Disassembly
N88AP_iBoot:4FF0103C ; =============== S U B R O U T I N E =======================================
N88AP_iBoot:4FF0103C
N88AP_iBoot:4FF0103C ; Attributes: bp-based frame
N88AP_iBoot:4FF0103C
N88AP_iBoot:4FF0103C n88ap__iBoot__go_command ; DATA XREF: N88AP_iBoot:n88ap__iBoot__go�o
N88AP_iBoot:4FF0103C
N88AP_iBoot:4FF0103C var_18 = -0x18
N88AP_iBoot:4FF0103C MemoryPoint = -0x14
N88AP_iBoot:4FF0103C
N88AP_iBoot:4FF0103C 000 PUSH {R4,R5,R7,LR} ; Push registers
N88AP_iBoot:4FF0103E 010 ADD R7, SP, #8 ; Rd = Op1 + Op2
N88AP_iBoot:4FF01040 010 SUB SP, SP, #8 ; Rd = Op1 - Op2
N88AP_iBoot:4FF01042 018 CMP R0, #1 ; Set cond. codes on Op1 - Op2
N88AP_iBoot:4FF01044 018 MOV R4, R1 ; Rd = Op2
N88AP_iBoot:4FF01046 018 BLE loc_4FF01062 ; Branch
N88AP_iBoot:4FF01048 018 ADD.W R5, R1, #0x14 ; Rd = Op1 + Op2
N88AP_iBoot:4FF0104C 018 LDR R0, =aHelp ; "help"
N88AP_iBoot:4FF0104E 018 LDR R1, [R1,#0x24] ; Load from Memory
N88AP_iBoot:4FF01050 018 BL sub_4FF1ECA0 ; Branch with Link
N88AP_iBoot:4FF01054 018 CMP R0, #0 ; Set cond. codes on Op1 - Op2
N88AP_iBoot:4FF01056 018 BNE loc_4FF010C4 ; Branch
N88AP_iBoot:4FF01058 018 LDR R1, [R4,#0x10] ; param_R1
N88AP_iBoot:4FF0105A 018 LDR R0, =aSAddress ; "%s [<address>]\n"
N88AP_iBoot:4FF0105C 018 BL N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF01060 018 B loc_4FF010D4 ; Branch
N88AP_iBoot:4FF01062 ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF01062
N88AP_iBoot:4FF01062 loc_4FF01062 ; CODE XREF: n88ap__iBoot__go_command+A�j
N88AP_iBoot:4FF01062 018 LDR R0, =aLoadaddr ; "loadaddr"
N88AP_iBoot:4FF01064 018 MOV.W R1, #0x41000000 ; Rd = Op2
N88AP_iBoot:4FF01068 018 BL sub_4FF1CD88 ; Branch with Link
N88AP_iBoot:4FF0106C 018 STR R0, [SP,#0x18+MemoryPoint] ; Store to Memory
N88AP_iBoot:4FF0106E
N88AP_iBoot:4FF0106E loc_4FF0106E ; CODE XREF: n88ap__iBoot__go_command+96�j
N88AP_iBoot:4FF0106E 018 LDR R0, [SP,#0x18+MemoryPoint] ; Load from Memory
N88AP_iBoot:4FF01070 018 MOV.W R1, #0xF00000 ; Rd = Op2
N88AP_iBoot:4FF01074 018 BL sub_4FF1A038 ; Branch with Link
N88AP_iBoot:4FF01078 018 CBNZ R0, loc_4FF0107E ; Compare and Branch on Non-Zero
N88AP_iBoot:4FF0107A 018 LDR R0, =aPermissionDenied ; "Permission Denied\n"
N88AP_iBoot:4FF0107C 018 B loc_4FF010AC ; Branch
N88AP_iBoot:4FF0107E ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF0107E
N88AP_iBoot:4FF0107E loc_4FF0107E ; CODE XREF: n88ap__iBoot__go_command+3C�j
N88AP_iBoot:4FF0107E 018 LDR R0, [SP,#0x18+MemoryPoint] ; StartAddress
N88AP_iBoot:4FF01080 018 MOV.W R1, #0xF00000 ; dataSize
N88AP_iBoot:4FF01084 018 MOVS R2, #1 ; Type
N88AP_iBoot:4FF01086 018 BL n88ap__iBoot__MEMZ_STRUCT_INIT ; Branch with Link
N88AP_iBoot:4FF0108A 018 CBNZ R0, loc_4FF01090 ; Compare and Branch on Non-Zero
N88AP_iBoot:4FF0108C 018 LDR R0, =aMemoryImageCorrupt ; "Memory image corrupt\n"
N88AP_iBoot:4FF0108E 018 B loc_4FF010AC ; Branch
N88AP_iBoot:4FF01090 ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF01090
N88AP_iBoot:4FF01090 loc_4FF01090 ; CODE XREF: n88ap__iBoot__go_command+4E�j
N88AP_iBoot:4FF01090 018 MOV.W R3, #0x43000000 ; Rd = Op2
N88AP_iBoot:4FF01094 018 LDR R1, ='ibec' ; TAG_TYPE
N88AP_iBoot:4FF01096 018 STR R3, [SP,#0x18+MemoryPoint] ; Store to Memory
N88AP_iBoot:4FF01098 018 ADD R2, SP, #0x18+MemoryPoint ; unknown1
N88AP_iBoot:4FF0109A 018 MOV.W R3, #0xF00000 ; Rd = Op2
N88AP_iBoot:4FF0109E 018 STR R3, [SP,#0x18+var_18] ; Store to Memory
N88AP_iBoot:4FF010A0 018 MOV R3, SP ; unknown2
N88AP_iBoot:4FF010A2 018 BL n88ap__iBoot__image_load ; Branch with Link
N88AP_iBoot:4FF010A6 018 CMP R0, #0 ; Set cond. codes on Op1 - Op2
N88AP_iBoot:4FF010A8 018 BGE loc_4FF010B2 ; Branch
N88AP_iBoot:4FF010AA 018 LDR R0, =aMemoryImageNotValid ; "Memory image not valid\n"
N88AP_iBoot:4FF010AC
N88AP_iBoot:4FF010AC loc_4FF010AC ; CODE XREF: n88ap__iBoot__go_command+40�j
N88AP_iBoot:4FF010AC ; n88ap__iBoot__go_command+52�j
N88AP_iBoot:4FF010AC 018 BL N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF010B0 018 B loc_4FF010D4 ; Branch
N88AP_iBoot:4FF010B2 ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF010B2
N88AP_iBoot:4FF010B2 loc_4FF010B2 ; CODE XREF: n88ap__iBoot__go_command+6C�j
N88AP_iBoot:4FF010B2 018 LDR R1, [SP,#0x18+MemoryPoint] ; param_R1
N88AP_iBoot:4FF010B4 018 LDR R0, =aJumpingIntoImageAt0x08x ; "jumping into image at 0x%08x\n"
N88AP_iBoot:4FF010B6 018 BL N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF010BA 018 MOVS R0, #0 ; Rd = Op2
N88AP_iBoot:4FF010BC 018 LDR R1, [SP,#0x18+MemoryPoint] ; Load from Memory
N88AP_iBoot:4FF010BE 018 MOV R2, R0 ; Rd = Op2
N88AP_iBoot:4FF010C0 018 BL sub_4FF19264 ; Branch with Link
N88AP_iBoot:4FF010C4
N88AP_iBoot:4FF010C4 loc_4FF010C4 ; CODE XREF: n88ap__iBoot__go_command+1A�j
N88AP_iBoot:4FF010C4 018 LDR R0, =aLoadaddr ; "loadaddr"
N88AP_iBoot:4FF010C6 018 MOV.W R1, #0x41000000 ; Rd = Op2
N88AP_iBoot:4FF010CA 018 BL sub_4FF1CD88 ; Branch with Link
N88AP_iBoot:4FF010CE 018 LDR R3, [R5,#4] ; Load from Memory
N88AP_iBoot:4FF010D0 018 STR R3, [SP,#0x18+MemoryPoint] ; Store to Memory
N88AP_iBoot:4FF010D2 018 B loc_4FF0106E ; Branch
N88AP_iBoot:4FF010D4 ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF010D4
N88AP_iBoot:4FF010D4 loc_4FF010D4 ; CODE XREF: n88ap__iBoot__go_command+24�j
N88AP_iBoot:4FF010D4 ; n88ap__iBoot__go_command+74�j
N88AP_iBoot:4FF010D4 018 MOV.W R0, #0xFFFFFFFF ; Rd = Op2
N88AP_iBoot:4FF010D8 018 SUB.W SP, R7, #8 ; Rd = Op1 - Op2
N88AP_iBoot:4FF010DC 018 POP {R4,R5,R7,PC} ; Pop registers
N88AP_iBoot:4FF010DC ; End of function n88ap__iBoot__go_command
N88AP_iBoot:4FF010DC
N88AP_iBoot:4FF010DE ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF010DE NOP ; No Operation
N88AP_iBoot:4FF010DE ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF010E0 off_4FF010E0 DCD aHelp ; DATA XREF: n88ap__iBoot__go_command+10�r
N88AP_iBoot:4FF010E0 ; "help"
N88AP_iBoot:4FF010E4 ; int off_4FF010E4
N88AP_iBoot:4FF010E4 off_4FF010E4 DCD aSAddress ; DATA XREF: n88ap__iBoot__go_command+1E�r
N88AP_iBoot:4FF010E4 ; "%s [<address>]\n"
N88AP_iBoot:4FF010E8 off_4FF010E8 DCD aLoadaddr ; DATA XREF: n88ap__iBoot__go_command:loc_4FF01062�r
N88AP_iBoot:4FF010E8 ; n88ap__iBoot__go_command:loc_4FF010C4�r
N88AP_iBoot:4FF010E8 ; "loadaddr"
N88AP_iBoot:4FF010EC off_4FF010EC DCD aPermissionDenied ; DATA XREF: n88ap__iBoot__go_command+3E�r
N88AP_iBoot:4FF010EC ; "Permission Denied\n"
N88AP_iBoot:4FF010F0 ; struct MEMZ_STRUCT *off_4FF010F0
N88AP_iBoot:4FF010F0 off_4FF010F0 DCD aMemoryImageCorrupt ; DATA XREF: n88ap__iBoot__go_command+50�r
N88AP_iBoot:4FF010F0 ; "Memory image corrupt\n"
N88AP_iBoot:4FF010F4 ; char *dword_4FF010F4
N88AP_iBoot:4FF010F4 dword_4FF010F4 DCD 'ibec' ; DATA XREF: n88ap__iBoot__go_command+58�r
N88AP_iBoot:4FF010F8 ; int off_4FF010F8
N88AP_iBoot:4FF010F8 off_4FF010F8 DCD aMemoryImageNotValid
N88AP_iBoot:4FF010F8 ; DATA XREF: n88ap__iBoot__go_command+6E�r
N88AP_iBoot:4FF010F8 ; "Memory image not valid\n"
N88AP_iBoot:4FF010FC ; int off_4FF010FC
N88AP_iBoot:4FF010FC off_4FF010FC DCD aJumpingIntoImageAt0x08x
N88AP_iBoot:4FF010FC ; DATA XREF: n88ap__iBoot__go_command+78�r
N88AP_iBoot:4FF010FC ; "jumping into image at 0x%08x\n"
N88AP_iBoot:4FF01100
