# HG changeset patch # User Mychaela Falconia # Date 1469575937 0 # Node ID 6b40617d00e600bf1108b385faf12e31af0e87ad # Parent 05d2d34f5015e8c9123819fa5bb39719a7831165 analysis of ultra-malicious new C123 boot code from Ajay Fuloria diff -r 05d2d34f5015 -r 6b40617d00e6 .hgignore --- a/.hgignore Mon Jul 25 19:29:03 2016 +0000 +++ b/.hgignore Tue Jul 26 23:32:17 2016 +0000 @@ -11,6 +11,7 @@ ^compal/c118-newboot\. ^compal/c123-boot\. +^compal/c123-newboot\. ^compal/c139-boot\. ^compal/c139-newboot\. ^compal/c139-tfboot\. diff -r 05d2d34f5015 -r 6b40617d00e6 compal/Makefile --- a/compal/Makefile Mon Jul 25 19:29:03 2016 +0000 +++ b/compal/Makefile Tue Jul 26 23:32:17 2016 +0000 @@ -1,5 +1,6 @@ C118= c118-3.0.81.E-boot.bin C123= c123-boot.bin +C123NEW=c123-newboot.bin C139= c139-boot.90.04.bin C139NEW=c139-boot1004.bin C139TF= c139-tfboot.bin @@ -7,6 +8,7 @@ C156= c156-boot.90.05.bin GEN= c118-newboot.dis16 c118-newboot.dis32 c118-newboot.hex \ c123-boot.dis16 c123-boot.dis32 c123-boot.hex \ + c123-newboot.dis16 c123-newboot.dis32 c123-newboot.hex \ c139-boot.dis16 c139-boot.dis32 c139-boot.hex \ c139-newboot.dis16 c139-newboot.dis32 c139-newboot.hex \ c139-tfboot.dis16 c139-tfboot.dis32 c139-tfboot.hex \ @@ -36,6 +38,15 @@ c123-boot.hex: ${C123} hd ${C123} > $@ +c123-newboot.dis16: ${C123NEW} ${THUMBDIS} + ${THUMBDIS} ${C123NEW} > $@ + +c123-newboot.dis32: ${C123NEW} ${ARMDIS} + ${ARMDIS} ${C123NEW} > $@ + +c123-newboot.hex: ${C123NEW} + hd ${C123NEW} > $@ + c139-boot.dis16: ${C139} ${THUMBDIS} ${THUMBDIS} ${C139} > $@ diff -r 05d2d34f5015 -r 6b40617d00e6 compal/c123-newboot.bin Binary file compal/c123-newboot.bin has changed diff -r 05d2d34f5015 -r 6b40617d00e6 compal/c123-newboot.disasm --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/compal/c123-newboot.disasm Tue Jul 26 23:32:17 2016 +0000 @@ -0,0 +1,2708 @@ +RESET entry and exception vectors: + 0: ea000225 b 0x89c + 4: ea000825 b 0x20a0 + 8: ea000825 b 0x20a4 + c: ea000825 b 0x20a8 + 10: ea000825 b 0x20ac + 14: ea000825 b 0x20b0 + 18: ea000825 b 0x20b4 + 1c: ea000825 b 0x20b8 + +; magic words? + 20: 4491582a + 24: 4491582b + 28: 44915857 + 2c: 44915858 + +<30-7FF: all FFs> + +00000800: 42 4F 4F 54 2E 39 30 2E 30 34 00 00 00 00 00 00 BOOT.90.04...... +00000810: 31 30 30 33 01 04 00 00 FF FF FF FF FF FF FF FF 1003............ +00000820: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................ + +; everything up to 0x958 is the same as in the classic versions + 830: 00000006 + 834: 00000000 + 838: 00000000 + 83c: 00000048 + 840: 00000044 + 844: 00000052 + 848: 0000001b + 84c: 00000005 + 850: 00000000 + 854: 00000000 + 858: 00000000 + 85c: 00000000 + 860: 000000fa + 864: ffff5800 + 868: ffff5000 + 86c: fffffb00 + 870: 02a102a1 + 874: 028302a1 + 878: 00c00281 + 87c: 002a0040 + 880: 00000040 + 884: fffffd00 + 888: ffff9800 + 88c: fffffb10 + 890: ffffff08 + 894: 20061081 + 898: 00000800 + +; RESET entry point + 89c: e51f1020 ldr r1, =0xfffffd00 ; via 0x884 + 8a0: e1d120b2 ldrh r2, [r1, #2] + 8a4: e51f002c ldr r0, =0x40 ; via 0x880 + 8a8: e1800002 orr r0, r0, r2 + 8ac: e1c100b2 strh r0, [r1, #2] + 8b0: e51f1030 ldr r1, =0xffff9800 ; via 0x888 + 8b4: e15f22b6 ldrh r2, =0x2006 ; via 0x896 + 8b8: e1c120b0 strh r2, [r1] + 8bc: e5912000 ldr r2, [r1] + 8c0: e2022001 and r2, r2, #1 + 8c4: e3520001 cmp r2, #1 + 8c8: 0afffffb beq 0x8bc + 8cc: e51f1050 ldr r1, =0xfffffd00 ; via 0x884 + 8d0: e15f24b4 ldrh r2, =0x1081 ; via 0x894 + 8d4: e1c120b0 strh r2, [r1] + 8d8: e51f1054 ldr r1, =0xfffffb10 ; via 0x88c + 8dc: e15f24bc ldrh r2, =0x800 ; via 0x898 + 8e0: e1d100b0 ldrh r0, [r1] + 8e4: e1800002 orr r0, r0, r2 + 8e8: e1c100b0 strh r0, [r1] + 8ec: e51f1064 ldr r1, =0xffffff08 ; via 0x890 + 8f0: e15f25be ldrh r2, =0x0 ; via 0x89a + 8f4: e1c120b0 strh r2, [r1] + 8f8: e51f1094 ldr r1, =0xfffffb00 ; via 0x86c + 8fc: e15f29b4 ldrh r2, =0x2a1 ; via 0x870 + 900: e1c120b0 strh r2, [r1] + 904: e15f29ba ldrh r2, =0x2a1 ; via 0x872 + 908: e1c120b2 strh r2, [r1, #2] + 90c: e15f2ab0 ldrh r2, =0x2a1 ; via 0x874 + 910: e1c120b4 strh r2, [r1, #4] + 914: e15f2ab6 ldrh r2, =0x283 ; via 0x876 + 918: e1c120b6 strh r2, [r1, #6] + 91c: e15f2abc ldrh r2, =0x281 ; via 0x878 + 920: e1c120ba strh r2, [r1, #10] ; 0xa + 924: e15f2bb2 ldrh r2, =0xc0 ; via 0x87a + 928: e1c120bc strh r2, [r1, #12] ; 0xc + 92c: e15f2bb8 ldrh r2, =0x40 ; via 0x87c + 930: e1c120b8 strh r2, [r1, #8] + 934: e15f2bbe ldrh r2, =0x2a ; via 0x87e + 938: e1c120be strh r2, [r1, #14] ; 0xe + 93c: e59f0020 ldr r0, =0x83e730 ; via 0x964 + 940: e3a01b01 mov r1, #1024 ; 0x400 + 944: e2411004 sub r1, r1, #4 + 948: e0802001 add r2, r0, r1 + 94c: e3c22003 bic r2, r2, #3 + 950: e1a0d002 mov sp, r2 +; business logic + 954: e92d100f stmdb sp!, {r0, r1, r2, r3, r12} + 958: eb000544 bl 0x1e70 + 95c: e8bd100f ldmia sp!, {r0, r1, r2, r3, r12} + 960: ea0005e4 b 0x20f8 + +; stack address, varies by version + 964: 0083e730 + + 968: 4961 ldr r1, =0xfffffa08 ; via 0xaf0 + 96a: 4862 ldr r0, =0xffff ; via 0xaf4 + 96c: 8008 strh r0, [r1, #0] + 96e: 4862 ldr r0, =0xfffffa0a ; via 0xaf8 + 970: 211f mov r1, #31 ; 0x1f + 972: 8001 strh r1, [r0, #0] + 974: 4861 ldr r0, =0xfffff804 ; via 0xafc + 976: 21f5 mov r1, #245 ; 0xf5 + 978: 8001 strh r1, [r0, #0] + 97a: 21a0 mov r1, #160 ; 0xa0 + 97c: 8001 strh r1, [r0, #0] + 97e: 4860 ldr r0, =0xffff9800 ; via 0xb00 + 980: 4960 ldr r1, =0x2002 ; via 0xb04 + 982: 8001 strh r1, [r0, #0] + 984: 485e ldr r0, =0xffff9800 ; via 0xb00 + 986: 8800 ldrh r0, [r0, #0] + 988: 0840 lsr r0, r0, #1 + 98a: d2fb bcs 0x984 + 98c: 495e ldr r1, =0xfffffd00 ; via 0xb08 + 98e: 485f ldr r0, =0x1001 ; via 0xb0c + 990: 8008 strh r0, [r1, #0] + 992: 46f7 mov pc, lr + + 994: b500 push {lr} + 996: b0ff sub sp, #508 ; 0x1fc + 998: b0ca sub sp, #296 ; 0x128 + 99a: 2000 mov r0, #0 + 99c: 9001 str r0, [sp, #4] + 99e: 9801 ldr r0, [sp, #4] + 9a0: 2800 cmp r0, #0 + 9a2: d14e bne 0xa42 + 9a4: a846 add r0, sp, #280 ; 0x118 + 9a6: 2100 mov r1, #0 + 9a8: f001 f88e bl 0x1ac8 + 9ac: a9c8 add r1, sp, #800 ; 0x320 + 9ae: 7008 strb r0, [r1, #0] + 9b0: a846 add r0, sp, #280 ; 0x118 + 9b2: a902 add r1, sp, #8 + 9b4: f000 fb4c bl 0x1050 + 9b8: 9000 str r0, [sp, #0] + 9ba: 9800 ldr r0, [sp, #0] + 9bc: 2800 cmp r0, #0 + 9be: d01b beq 0x9f8 + 9c0: a924 add r1, sp, #144 ; 0x90 + 9c2: 4668 mov r0, sp + 9c4: 7a00 ldrb r0, [r0, #8] + 9c6: 7008 strb r0, [r1, #0] + 9c8: 2191 mov r1, #145 ; 0x91 + 9ca: 466a mov r2, sp + 9cc: 4668 mov r0, sp + 9ce: 7800 ldrb r0, [r0, #0] + 9d0: 5488 strb r0, [r1, r2] + 9d2: e01b b 0xa0c + 9d4: a802 add r0, sp, #8 + 9d6: a924 add r1, sp, #144 ; 0x90 + 9d8: f000 fe28 bl 0x162c + 9dc: e016 b 0xa0c + 9de: a802 add r0, sp, #8 + 9e0: a924 add r1, sp, #144 ; 0x90 + 9e2: aac8 add r2, sp, #800 ; 0x320 + 9e4: 7812 ldrb r2, [r2, #0] + 9e6: f000 fe35 bl 0x1654 + 9ea: e00f b 0xa0c + 9ec: a802 add r0, sp, #8 + 9ee: a924 add r1, sp, #144 ; 0x90 + 9f0: f000 fe67 bl 0x16c2 + 9f4: 90c7 str r0, [sp, #796] ; 0x31c + 9f6: e009 b 0xa0c + 9f8: 4668 mov r0, sp + 9fa: 7a00 ldrb r0, [r0, #8] + 9fc: 2800 cmp r0, #0 + 9fe: d0e9 beq 0x9d4 + a00: 3809 sub r0, #9 + a02: 2800 cmp r0, #0 + a04: d0eb beq 0x9de + a06: 3801 sub r0, #1 + a08: 2800 cmp r0, #0 + a0a: d0ef beq 0x9ec + a0c: a824 add r0, sp, #144 ; 0x90 + a0e: a986 add r1, sp, #536 ; 0x218 + a10: f000 fc01 bl 0x1216 + a14: 2800 cmp r0, #0 + a16: d111 bne 0xa3c + a18: a886 add r0, sp, #536 ; 0x218 + a1a: a9c8 add r1, sp, #800 ; 0x320 + a1c: 7809 ldrb r1, [r1, #0] + a1e: f001 f828 bl 0x1a72 + a22: 2800 cmp r0, #0 + a24: d00a beq 0xa3c + a26: 4668 mov r0, sp + a28: 7a00 ldrb r0, [r0, #8] + a2a: 280a cmp r0, #10 ; 0xa + a2c: d106 bne 0xa3c + a2e: a8c8 add r0, sp, #800 ; 0x320 + a30: 7800 ldrb r0, [r0, #0] + a32: f001 f979 bl 0x1d28 + a36: 98c7 ldr r0, [sp, #796] ; 0x31c + a38: f000 fb08 bl 0x104c + a3c: 9801 ldr r0, [sp, #4] + a3e: 2800 cmp r0, #0 + a40: d0b0 beq 0x9a4 + a42: b07f add sp, #508 ; 0x1fc + a44: b04a add sp, #296 ; 0x128 + a46: bd00 pop {pc} + + a48: b500 push {lr} + a4a: b0ff sub sp, #508 ; 0x1fc + a4c: b0c8 sub sp, #288 ; 0x120 + a4e: 2000 mov r0, #0 + a50: 9000 str r0, [sp, #0] + a52: a846 add r0, sp, #280 ; 0x118 + a54: 2101 mov r1, #1 + a56: f001 f837 bl 0x1ac8 + a5a: a9c6 add r1, sp, #792 ; 0x318 + a5c: 7008 strb r0, [r1, #0] + a5e: a8c6 add r0, sp, #792 ; 0x318 + a60: 7800 ldrb r0, [r0, #0] + a62: 28ff cmp r0, #255 ; 0xff + a64: d031 beq 0xaca + a66: a846 add r0, sp, #280 ; 0x118 + a68: a902 add r1, sp, #8 + a6a: f000 faf1 bl 0x1050 + a6e: 9001 str r0, [sp, #4] + a70: 9801 ldr r0, [sp, #4] + a72: 2800 cmp r0, #0 + a74: d014 beq 0xaa0 + a76: a924 add r1, sp, #144 ; 0x90 + a78: 4668 mov r0, sp + a7a: 7a00 ldrb r0, [r0, #8] + a7c: 7008 strb r0, [r1, #0] + a7e: 2291 mov r2, #145 ; 0x91 + a80: 4668 mov r0, sp + a82: 4669 mov r1, sp + a84: 7909 ldrb r1, [r1, #4] + a86: 5411 strb r1, [r2, r0] + a88: a824 add r0, sp, #144 ; 0x90 + a8a: a986 add r1, sp, #536 ; 0x218 + a8c: f000 fbc3 bl 0x1216 + a90: 2800 cmp r0, #0 + a92: d11a bne 0xaca + a94: a886 add r0, sp, #536 ; 0x218 + a96: a9c6 add r1, sp, #792 ; 0x318 + a98: 7809 ldrb r1, [r1, #0] + a9a: f000 ffea bl 0x1a72 + a9e: e014 b 0xaca + aa0: 4668 mov r0, sp + aa2: 7a00 ldrb r0, [r0, #8] + aa4: 2800 cmp r0, #0 + aa6: d110 bne 0xaca + aa8: a802 add r0, sp, #8 + aaa: a924 add r1, sp, #144 ; 0x90 + aac: f000 fdbe bl 0x162c + ab0: a824 add r0, sp, #144 ; 0x90 + ab2: a986 add r1, sp, #536 ; 0x218 + ab4: f000 fbaf bl 0x1216 + ab8: 2800 cmp r0, #0 + aba: d104 bne 0xac6 + abc: a886 add r0, sp, #536 ; 0x218 + abe: a9c6 add r1, sp, #792 ; 0x318 + ac0: 7809 ldrb r1, [r1, #0] + ac2: f000 ffd6 bl 0x1a72 + ac6: 2001 mov r0, #1 + ac8: 9000 str r0, [sp, #0] + aca: 9800 ldr r0, [sp, #0] + acc: b07f add sp, #508 ; 0x1fc + ace: b048 add sp, #288 ; 0x120 + ad0: bd00 pop {pc} + +; main function + ad2: b500 push {lr} + ad4: b082 sub sp, #8 + ad6: f7ff ff47 bl 0x968 + ada: f001 f8cd bl 0x1c78 + ade: f000 fd93 bl 0x1608 + ae2: f000 f81f bl 0xb24 + ae6: f000 f98b bl 0xe00 + aea: b002 add sp, #8 + aec: bd00 pop {pc} + aee: 46c0 nop (mov r8, r8) + + af0: fffffa08 + af4: 0000ffff + af8: fffffa0a + afc: fffff804 + b00: ffff9800 + b04: 00002002 + b08: fffffd00 + b0c: 00001001 + + b10: e3a0d502 mov sp, #8388608 ; 0x800000 + b14: e28dd802 add sp, sp, #131072 ; 0x20000 + b18: e28fe005 add lr, pc, #5 + b1c: e12fff1e bx lr + b20: e1a00000 mov r0, r0 + +; same as in the familiar versions + b24: b500 push {lr} + b26: b082 sub sp, #8 + b28: 49f0 ldr r1, =0x83ff00 ; via 0xeec + b2a: 48f1 ldr r0, =0xffff5800 ; via 0xef0 + b2c: 6008 str r0, [r1, #0] + b2e: 2000 mov r0, #0 + b30: 2102 mov r1, #2 + b32: f000 fa1d bl 0xf70 + b36: 2000 mov r0, #0 + b38: 9000 str r0, [sp, #0] + b3a: 9900 ldr r1, [sp, #0] + b3c: 2005 mov r0, #5 + b3e: 0300 lsl r0, r0, #12 + b40: 4281 cmp r1, r0 + b42: d207 bcs 0xb54 + b44: 9800 ldr r0, [sp, #0] + b46: 3001 add r0, #1 + b48: 9000 str r0, [sp, #0] + b4a: 9900 ldr r1, [sp, #0] + b4c: 2005 mov r0, #5 + b4e: 0300 lsl r0, r0, #12 + b50: 4281 cmp r1, r0 + b52: d3f7 bcc 0xb44 + b54: f000 f82a bl 0xbac + b58: 2000 mov r0, #0 + b5a: 2107 mov r1, #7 + b5c: f000 fa08 bl 0xf70 + b60: 2000 mov r0, #0 + b62: 9000 str r0, [sp, #0] + b64: 9900 ldr r1, [sp, #0] + b66: 2005 mov r0, #5 + b68: 0300 lsl r0, r0, #12 + b6a: 4281 cmp r1, r0 + b6c: d207 bcs 0xb7e + b6e: 9800 ldr r0, [sp, #0] + b70: 3001 add r0, #1 + b72: 9000 str r0, [sp, #0] + b74: 9900 ldr r1, [sp, #0] + b76: 2005 mov r0, #5 + b78: 0300 lsl r0, r0, #12 + b7a: 4281 cmp r1, r0 + b7c: d3f7 bcc 0xb6e + b7e: f000 f815 bl 0xbac + b82: 2000 mov r0, #0 + b84: 9001 str r0, [sp, #4] + b86: 9000 str r0, [sp, #0] + b88: 9900 ldr r1, [sp, #0] + b8a: 2005 mov r0, #5 + b8c: 0400 lsl r0, r0, #16 + b8e: 4281 cmp r1, r0 + b90: d20a bcs 0xba8 + b92: 9801 ldr r0, [sp, #4] + b94: 3001 add r0, #1 + b96: 9001 str r0, [sp, #4] + b98: 9800 ldr r0, [sp, #0] + b9a: 3001 add r0, #1 + b9c: 9000 str r0, [sp, #0] + b9e: 9900 ldr r1, [sp, #0] + ba0: 2005 mov r0, #5 + ba2: 0400 lsl r0, r0, #16 + ba4: 4281 cmp r1, r0 + ba6: d3f4 bcc 0xb92 + ba8: b002 add sp, #8 + baa: bd00 pop {pc} + + bac: b500 push {lr} + bae: b08a sub sp, #40 ; 0x28 + bb0: 2000 mov r0, #0 + bb2: 9002 str r0, [sp, #8] + bb4: 4669 mov r1, sp + bb6: 7708 strb r0, [r1, #28] ; 0x1c + bb8: 7748 strb r0, [r1, #29] ; 0x1d + bba: 4668 mov r0, sp + bbc: 2100 mov r1, #0 + bbe: 7781 strb r1, [r0, #30] ; 0x1e + bc0: 2000 mov r0, #0 + bc2: 9008 str r0, [sp, #32] ; 0x20 + bc4: a809 add r0, sp, #36 ; 0x24 + bc6: 7001 strb r1, [r0, #0] + bc8: 2025 mov r0, #37 ; 0x25 + bca: 4669 mov r1, sp + bcc: 2200 mov r2, #0 + bce: 5442 strb r2, [r0, r1] + bd0: 48e6 ldr r0, =0x800100 ; via 0xf6c + bd2: 9006 str r0, [sp, #24] ; 0x18 + bd4: 201b mov r0, #27 ; 0x1b + bd6: f000 f970 bl 0xeba + bda: 20f6 mov r0, #246 ; 0xf6 + bdc: f000 f96d bl 0xeba + be0: 2002 mov r0, #2 + be2: f000 f96a bl 0xeba + be6: 2000 mov r0, #0 + be8: f000 f967 bl 0xeba + bec: 2041 mov r0, #65 ; 0x41 + bee: f000 f964 bl 0xeba + bf2: 2001 mov r0, #1 + bf4: f000 f961 bl 0xeba + bf8: 2040 mov r0, #64 ; 0x40 + bfa: f000 f95e bl 0xeba + bfe: 2001 mov r0, #1 + c00: 0300 lsl r0, r0, #12 + c02: f000 f977 bl 0xef4 + c06: 281b cmp r0, #27 ; 0x1b + c08: d000 beq 0xc0c + c0a: e0f7 b 0xdfc + c0c: 2001 mov r0, #1 + c0e: 0300 lsl r0, r0, #12 + c10: f000 f970 bl 0xef4 + c14: 28f6 cmp r0, #246 ; 0xf6 + c16: d000 beq 0xc1a + c18: e0f0 b 0xdfc + c1a: 2001 mov r0, #1 + c1c: 0300 lsl r0, r0, #12 + c1e: f000 f969 bl 0xef4 + c22: 2802 cmp r0, #2 + c24: d000 beq 0xc28 + c26: e0e9 b 0xdfc + c28: 2001 mov r0, #1 + c2a: 0300 lsl r0, r0, #12 + c2c: f000 f962 bl 0xef4 + c30: 2800 cmp r0, #0 + c32: d000 beq 0xc36 + c34: e0e2 b 0xdfc + c36: 2001 mov r0, #1 + c38: 0300 lsl r0, r0, #12 + c3a: f000 f95b bl 0xef4 + c3e: 2852 cmp r0, #82 ; 0x52 + c40: d000 beq 0xc44 + c42: e0db b 0xdfc + c44: 2001 mov r0, #1 + c46: 0300 lsl r0, r0, #12 + c48: f000 f954 bl 0xef4 + c4c: 2801 cmp r0, #1 + c4e: d000 beq 0xc52 + c50: e0d4 b 0xdfc + c52: 2001 mov r0, #1 + c54: 0300 lsl r0, r0, #12 + c56: f000 f94d bl 0xef4 + c5a: 2853 cmp r0, #83 ; 0x53 + c5c: d000 beq 0xc60 + c5e: e0cd b 0xdfc + c60: 201b mov r0, #27 ; 0x1b + c62: f000 f92a bl 0xeba + c66: 20f6 mov r0, #246 ; 0xf6 + c68: f000 f927 bl 0xeba + c6c: 2002 mov r0, #2 + c6e: f000 f924 bl 0xeba + c72: 2000 mov r0, #0 + c74: f000 f921 bl 0xeba + c78: 2041 mov r0, #65 ; 0x41 + c7a: f000 f91e bl 0xeba + c7e: 2002 mov r0, #2 + c80: f000 f91b bl 0xeba + c84: 2043 mov r0, #67 ; 0x43 + c86: f000 f918 bl 0xeba + c8a: 2001 mov r0, #1 + c8c: 0300 lsl r0, r0, #12 + c8e: f000 f931 bl 0xef4 + c92: 4669 mov r1, sp + c94: 7308 strb r0, [r1, #12] ; 0xc + c96: 2002 mov r0, #2 + c98: 7548 strb r0, [r1, #21] ; 0x15 + c9a: 2000 mov r0, #0 + c9c: 9000 str r0, [sp, #0] + c9e: 9800 ldr r0, [sp, #0] + ca0: 2802 cmp r0, #2 + ca2: d215 bcs 0xcd0 + ca4: 2001 mov r0, #1 + ca6: 0300 lsl r0, r0, #12 + ca8: f000 f924 bl 0xef4 + cac: 4669 mov r1, sp + cae: 9a00 ldr r2, [sp, #0] + cb0: 1a89 sub r1, r1, r2 + cb2: 7448 strb r0, [r1, #17] ; 0x11 + cb4: 4669 mov r1, sp + cb6: 9800 ldr r0, [sp, #0] + cb8: 1a08 sub r0, r1, r0 + cba: 7c40 ldrb r0, [r0, #17] ; 0x11 + cbc: 7d49 ldrb r1, [r1, #21] ; 0x15 + cbe: 4048 eor r0, r1 + cc0: 4669 mov r1, sp + cc2: 7548 strb r0, [r1, #21] ; 0x15 + cc4: 9800 ldr r0, [sp, #0] + cc6: 3001 add r0, #1 + cc8: 9000 str r0, [sp, #0] + cca: 9800 ldr r0, [sp, #0] + ccc: 2802 cmp r0, #2 + cce: d3e9 bcc 0xca4 + cd0: 4668 mov r0, sp + cd2: 8a00 ldrh r0, [r0, #16] ; 0x10 + cd4: 466a mov r2, sp + cd6: 1e41 sub r1, r0, #1 + cd8: 8211 strh r1, [r2, #16] ; 0x10 + cda: 2800 cmp r0, #0 + cdc: d04f beq 0xd7e + cde: 2001 mov r0, #1 + ce0: 0300 lsl r0, r0, #12 + ce2: f000 f907 bl 0xef4 + ce6: 9906 ldr r1, [sp, #24] ; 0x18 + ce8: 7008 strb r0, [r1, #0] + cea: 9802 ldr r0, [sp, #8] + cec: 217d mov r1, #125 ; 0x7d + cee: 00c9 lsl r1, r1, #3 + cf0: f188 f9a8 bl 0x189044 ; U$MOD in main fw!!! + cf4: 2800 cmp r0, #0 + cf6: d12f bne 0xd58 + cf8: 9802 ldr r0, [sp, #8] + cfa: 2800 cmp r0, #0 + cfc: d02c beq 0xd58 + cfe: 9808 ldr r0, [sp, #32] ; 0x20 + d00: 2805 cmp r0, #5 + d02: d226 bcs 0xd52 + d04: e00d b 0xd22 + d06: a909 add r1, sp, #36 ; 0x24 + d08: 20ee mov r0, #238 ; 0xee + d0a: 7008 strb r0, [r1, #0] + d0c: e018 b 0xd40 + d0e: 21a2 mov r1, #162 ; 0xa2 + d10: a809 add r0, sp, #36 ; 0x24 + d12: 7001 strb r1, [r0, #0] + d14: e014 b 0xd40 + d16: 213d mov r1, #61 ; 0x3d + d18: e7fa b 0xd10 + d1a: 215e mov r1, #94 ; 0x5e + d1c: e7f8 b 0xd10 + d1e: 21d6 mov r1, #214 ; 0xd6 + d20: e7f6 b 0xd10 + d22: 9808 ldr r0, [sp, #32] ; 0x20 + d24: 2800 cmp r0, #0 + d26: d0ee beq 0xd06 + d28: 3801 sub r0, #1 + d2a: 2800 cmp r0, #0 + d2c: d0ef beq 0xd0e + d2e: 3801 sub r0, #1 + d30: 2800 cmp r0, #0 + d32: d0f0 beq 0xd16 + d34: 3801 sub r0, #1 + d36: 2800 cmp r0, #0 + d38: d0ef beq 0xd1a + d3a: 3801 sub r0, #1 + d3c: 2800 cmp r0, #0 + d3e: d0ee beq 0xd1e + d40: 4668 mov r0, sp + d42: 7d40 ldrb r0, [r0, #21] ; 0x15 + d44: a909 add r1, sp, #36 ; 0x24 + d46: 7809 ldrb r1, [r1, #0] + d48: 4288 cmp r0, r1 + d4a: d002 beq 0xd52 + d4c: 4668 mov r0, sp + d4e: 2101 mov r1, #1 + d50: 7781 strb r1, [r0, #30] ; 0x1e + d52: 9808 ldr r0, [sp, #32] ; 0x20 + d54: 3001 add r0, #1 + d56: 9008 str r0, [sp, #32] ; 0x20 + d58: 9802 ldr r0, [sp, #8] + d5a: 3001 add r0, #1 + d5c: 9002 str r0, [sp, #8] + d5e: 9806 ldr r0, [sp, #24] ; 0x18 + d60: 7800 ldrb r0, [r0, #0] + d62: 4669 mov r1, sp + d64: 7d49 ldrb r1, [r1, #21] ; 0x15 + d66: 4048 eor r0, r1 + d68: 4669 mov r1, sp + d6a: 7548 strb r0, [r1, #21] ; 0x15 + d6c: 9806 ldr r0, [sp, #24] ; 0x18 + d6e: 3001 add r0, #1 + d70: 9006 str r0, [sp, #24] ; 0x18 + d72: 4668 mov r0, sp + d74: 8a02 ldrh r2, [r0, #16] ; 0x10 + d76: 1e50 sub r0, r2, #1 + d78: 8208 strh r0, [r1, #16] ; 0x10 + d7a: 2a00 cmp r2, #0 + d7c: d1af bne 0xcde + d7e: 2001 mov r0, #1 + d80: 0300 lsl r0, r0, #12 + d82: f000 f8b7 bl 0xef4 + d86: 4669 mov r1, sp + d88: 7508 strb r0, [r1, #20] ; 0x14 + d8a: 4668 mov r0, sp + d8c: 7d01 ldrb r1, [r0, #20] ; 0x14 + d8e: 7d40 ldrb r0, [r0, #21] ; 0x15 + d90: 4281 cmp r1, r0 + d92: d103 bne 0xd9c + d94: 4668 mov r0, sp + d96: 7f80 ldrb r0, [r0, #30] ; 0x1e + d98: 2801 cmp r0, #1 + d9a: d115 bne 0xdc8 + d9c: 201b mov r0, #27 ; 0x1b + d9e: f000 f88c bl 0xeba + da2: 20f6 mov r0, #246 ; 0xf6 + da4: f000 f889 bl 0xeba + da8: 2002 mov r0, #2 + daa: f000 f886 bl 0xeba + dae: 2000 mov r0, #0 + db0: f000 f883 bl 0xeba + db4: 2045 mov r0, #69 ; 0x45 + db6: f000 f880 bl 0xeba + dba: 2053 mov r0, #83 ; 0x53 + dbc: f000 f87d bl 0xeba + dc0: 2016 mov r0, #22 ; 0x16 + dc2: f000 f87a bl 0xeba + dc6: e019 b 0xdfc + dc8: 201b mov r0, #27 ; 0x1b + dca: f000 f876 bl 0xeba + dce: 20f6 mov r0, #246 ; 0xf6 + dd0: f000 f873 bl 0xeba + dd4: 2002 mov r0, #2 + dd6: f000 f870 bl 0xeba + dda: 2000 mov r0, #0 + ddc: f000 f86d bl 0xeba + de0: 2041 mov r0, #65 ; 0x41 + de2: f000 f86a bl 0xeba + de6: 2003 mov r0, #3 + de8: f000 f867 bl 0xeba + dec: 2042 mov r0, #66 ; 0x42 + dee: f000 f864 bl 0xeba + df2: 483e ldr r0, =0x83ff00 ; via 0xeec + df4: 6800 ldr r0, [r0, #0] + df6: 4990 ldr r1, =0x800100 ; via 0x1038 + df8: f000 f85e bl 0xeb8 + dfc: b00a add sp, #40 ; 0x28 + dfe: bd00 pop {pc} + + e00: b500 push {lr} + e02: b081 sub sp, #4 + e04: 2066 mov r0, #102 ; 0x66 + e06: f000 f858 bl 0xeba + e0a: 2074 mov r0, #116 ; 0x74 + e0c: f000 f855 bl 0xeba + e10: 206d mov r0, #109 ; 0x6d + e12: f000 f852 bl 0xeba + e16: 2074 mov r0, #116 ; 0x74 + e18: f000 f84f bl 0xeba + e1c: 206f mov r0, #111 ; 0x6f + e1e: f000 f84c bl 0xeba + e22: 206f mov r0, #111 ; 0x6f + e24: f000 f849 bl 0xeba + e28: 206c mov r0, #108 ; 0x6c + e2a: f000 f846 bl 0xeba + e2e: 4983 ldr r1, =0x83ff80 ; via 0x103c + e30: 2000 mov r0, #0 + e32: 7008 strb r0, [r1, #0] + e34: 9000 str r0, [sp, #0] + e36: 9800 ldr r0, [sp, #0] + e38: 0c00 lsr r0, r0, #16 + e3a: d105 bne 0xe48 + e3c: 9800 ldr r0, [sp, #0] + e3e: 3001 add r0, #1 + e40: 9000 str r0, [sp, #0] + e42: 9800 ldr r0, [sp, #0] + e44: 0c00 lsr r0, r0, #16 + e46: d0f9 beq 0xe3c + e48: 2007 mov r0, #7 + e4a: 0400 lsl r0, r0, #16 + e4c: f000 f852 bl 0xef4 + e50: 2879 cmp r0, #121 ; 0x79 + e52: d10e bne 0xe72 + e54: 2001 mov r0, #1 + e56: 0300 lsl r0, r0, #12 + e58: f000 f84c bl 0xef4 + e5c: 2865 cmp r0, #101 ; 0x65 + e5e: d108 bne 0xe72 + e60: 2001 mov r0, #1 + e62: 0300 lsl r0, r0, #12 + e64: f000 f846 bl 0xef4 + e68: 2873 cmp r0, #115 ; 0x73 + e6a: d102 bne 0xe72 + e6c: 4873 ldr r0, =0x83ff80 ; via 0x103c + e6e: 2101 mov r1, #1 + e70: 7001 strb r1, [r0, #0] + e72: f000 f8cf bl 0x1014 + e76: 2800 cmp r0, #0 + e78: d00d beq 0xe96 + e7a: 206d mov r0, #109 ; 0x6d + e7c: f000 f81d bl 0xeba + e80: 206f mov r0, #111 ; 0x6f + e82: f000 f81a bl 0xeba + e86: 2064 mov r0, #100 ; 0x64 + e88: f000 f817 bl 0xeba + e8c: 2065 mov r0, #101 ; 0x65 + e8e: f000 f814 bl 0xeba + e92: 206d mov r0, #109 ; 0x6d + e94: e00c b 0xeb0 + e96: 2065 mov r0, #101 ; 0x65 + e98: f000 f80f bl 0xeba + e9c: 2072 mov r0, #114 ; 0x72 + e9e: f000 f80c bl 0xeba + ea2: 2072 mov r0, #114 ; 0x72 + ea4: f000 f809 bl 0xeba + ea8: 206f mov r0, #111 ; 0x6f + eaa: f000 f806 bl 0xeba + eae: 2072 mov r0, #114 ; 0x72 + eb0: f000 f803 bl 0xeba + eb4: b001 add sp, #4 + eb6: bd00 pop {pc} + + eb8: 4708 bx r1 + + eba: b081 sub sp, #4 + ebc: 4669 mov r1, sp + ebe: 7008 strb r0, [r1, #0] + ec0: 480a ldr r0, =0x83ff00 ; via 0xeec + ec2: 6800 ldr r0, [r0, #0] + ec4: 7940 ldrb r0, [r0, #5] + ec6: 0980 lsr r0, r0, #6 + ec8: d3fa bcc 0xec0 + eca: 4808 ldr r0, =0x83ff00 ; via 0xeec + ecc: 6800 ldr r0, [r0, #0] + ece: 4669 mov r1, sp + ed0: 7809 ldrb r1, [r1, #0] + ed2: 7001 strb r1, [r0, #0] + ed4: b001 add sp, #4 + ed6: 46f7 mov pc, lr + ed8: 4859 ldr r0, =0x83ff00 ; via 0x1040 + eda: 6800 ldr r0, [r0, #0] + edc: 7940 ldrb r0, [r0, #5] + ede: 0840 lsr r0, r0, #1 + ee0: d3fa bcc 0xed8 + ee2: 4857 ldr r0, =0x83ff00 ; via 0x1040 + ee4: 6800 ldr r0, [r0, #0] + ee6: 7800 ldrb r0, [r0, #0] + ee8: 4770 bx lr + eea: 46c0 nop (mov r8, r8) + eec: ff00 + eee: 0083 lsl r3, r0, #2 + ef0: 5800 ldr r0, [r0, r0] + ef2: ffff + ef4: b083 sub sp, #12 ; 0xc + ef6: 9000 str r0, [sp, #0] + ef8: 9800 ldr r0, [sp, #0] + efa: 9002 str r0, [sp, #8] + efc: 4850 ldr r0, =0x83ff00 ; via 0x1040 + efe: 6800 ldr r0, [r0, #0] + f00: 7940 ldrb r0, [r0, #5] + f02: 0840 lsr r0, r0, #1 + f04: d20c bcs 0xf20 + f06: 9802 ldr r0, [sp, #8] + f08: 3801 sub r0, #1 + f0a: 9002 str r0, [sp, #8] + f0c: 9802 ldr r0, [sp, #8] + f0e: 2800 cmp r0, #0 + f10: d101 bne 0xf16 + f12: 20ff mov r0, #255 ; 0xff + f14: e007 b 0xf26 + f16: 484a ldr r0, =0x83ff00 ; via 0x1040 + f18: 6800 ldr r0, [r0, #0] + f1a: 7940 ldrb r0, [r0, #5] + f1c: 0840 lsr r0, r0, #1 + f1e: d3f2 bcc 0xf06 + f20: 4847 ldr r0, =0x83ff00 ; via 0x1040 + f22: 6800 ldr r0, [r0, #0] + f24: 7800 ldrb r0, [r0, #0] + f26: b003 add sp, #12 ; 0xc + f28: 4770 bx lr + f2a: b081 sub sp, #4 + f2c: e001 b 0xf32 + f2e: 9800 ldr r0, [sp, #0] + f30: 3801 sub r0, #1 + f32: 9000 str r0, [sp, #0] + f34: 4842 ldr r0, =0x83ff00 ; via 0x1040 + f36: 6800 ldr r0, [r0, #0] + f38: 7940 ldrb r0, [r0, #5] + f3a: 0840 lsr r0, r0, #1 + f3c: d202 bcs 0xf44 + f3e: 9800 ldr r0, [sp, #0] + f40: 2800 cmp r0, #0 + f42: dcf4 bgt 0xf2e + f44: 9800 ldr r0, [sp, #0] + f46: 2800 cmp r0, #0 + f48: dd01 ble 0xf4e + f4a: 2000 mov r0, #0 + f4c: e000 b 0xf50 + f4e: 2001 mov r0, #1 + f50: b001 add sp, #4 + f52: 4770 bx lr + f54: b082 sub sp, #8 + f56: 9000 str r0, [sp, #0] + f58: 4669 mov r1, sp + f5a: 2000 mov r0, #0 + f5c: 7188 strb r0, [r1, #6] + f5e: 9900 ldr r1, [sp, #0] + f60: 4838 ldr r0, =0xfffef000 ; via 0x1044 + f62: 8800 ldrh r0, [r0, #0] + f64: 8008 strh r0, [r1, #0] + f66: b002 add sp, #8 + f68: 4770 bx lr + f6a: 46c0 nop (mov r8, r8) + f6c: 0100 lsl r0, r0, #4 + f6e: 0080 lsl r0, r0, #2 + f70: b081 sub sp, #4 + f72: 466a mov r2, sp + f74: 7051 strb r1, [r2, #1] + f76: 4669 mov r1, sp + f78: 7008 strb r0, [r1, #0] + f7a: 4933 ldr r1, =0xffff6000 ; via 0x1048 + f7c: 2002 mov r0, #2 + f7e: 880a ldrh r2, [r1, #0] + f80: 4310 orr r0, r2 + f82: 8008 strh r0, [r1, #0] + f84: 4830 ldr r0, =0xffff6000 ; via 0x1048 + f86: 8801 ldrh r1, [r0, #0] + f88: 0849 lsr r1, r1, #1 + f8a: 0049 lsl r1, r1, #1 + f8c: 8001 strh r1, [r0, #0] + f8e: 492e ldr r1, =0xffff6000 ; via 0x1048 + f90: 8808 ldrh r0, [r1, #0] + f92: 2202 mov r2, #2 + f94: 4390 bic r0, r2 + f96: 8008 strh r0, [r1, #0] + f98: 4829 ldr r0, =0x83ff00 ; via 0x1040 + f9a: 6801 ldr r1, [r0, #0] + f9c: 2007 mov r0, #7 + f9e: 7208 strb r0, [r1, #8] + fa0: 4827 ldr r0, =0x83ff00 ; via 0x1040 + fa2: 6801 ldr r1, [r0, #0] + fa4: 20bf mov r0, #191 ; 0xbf + fa6: 70c8 strb r0, [r1, #3] + fa8: 4825 ldr r0, =0x83ff00 ; via 0x1040 + faa: 6800 ldr r0, [r0, #0] + fac: 1c80 add r0, r0, #2 + fae: 2110 mov r1, #16 ; 0x10 + fb0: 8802 ldrh r2, [r0, #0] + fb2: 4311 orr r1, r2 + fb4: 8001 strh r1, [r0, #0] + fb6: 4822 ldr r0, =0x83ff00 ; via 0x1040 + fb8: 6801 ldr r1, [r0, #0] + fba: 2080 mov r0, #128 ; 0x80 + fbc: 70c8 strb r0, [r1, #3] + fbe: 4820 ldr r0, =0x83ff00 ; via 0x1040 + fc0: 6800 ldr r0, [r0, #0] + fc2: 2107 mov r1, #7 + fc4: 7081 strb r1, [r0, #2] + fc6: 481e ldr r0, =0x83ff00 ; via 0x1040 + fc8: 6800 ldr r0, [r0, #0] + fca: 21bf mov r1, #191 ; 0xbf + fcc: 70c1 strb r1, [r0, #3] + fce: 481c ldr r0, =0x83ff00 ; via 0x1040 + fd0: 6801 ldr r1, [r0, #0] + fd2: 4668 mov r0, sp + fd4: 7840 ldrb r0, [r0, #1] + fd6: 7008 strb r0, [r1, #0] + fd8: 4819 ldr r0, =0x83ff00 ; via 0x1040 + fda: 6801 ldr r1, [r0, #0] + fdc: 4668 mov r0, sp + fde: 7800 ldrb r0, [r0, #0] + fe0: 7048 strb r0, [r1, #1] + fe2: 4817 ldr r0, =0x83ff00 ; via 0x1040 + fe4: 6801 ldr r1, [r0, #0] + fe6: 2003 mov r0, #3 + fe8: 70c8 strb r0, [r1, #3] + fea: 4815 ldr r0, =0x83ff00 ; via 0x1040 + fec: 6800 ldr r0, [r0, #0] + fee: 2100 mov r1, #0 + ff0: 7201 strb r1, [r0, #8] + ff2: 4813 ldr r0, =0x83ff00 ; via 0x1040 + ff4: 6800 ldr r0, [r0, #0] + ff6: 7940 ldrb r0, [r0, #5] + ff8: 0840 lsr r0, r0, #1 + ffa: d309 bcc 0x1010 + ffc: 4669 mov r1, sp + ffe: 4810 ldr r0, =0x83ff00 ; via 0x1040 + 1000: 6800 ldr r0, [r0, #0] + 1002: 7800 ldrb r0, [r0, #0] + 1004: 7088 strb r0, [r1, #2] + 1006: 480e ldr r0, =0x83ff00 ; via 0x1040 + 1008: 6800 ldr r0, [r0, #0] + 100a: 7940 ldrb r0, [r0, #5] + 100c: 0840 lsr r0, r0, #1 + 100e: d2f5 bcs 0xffc + 1010: b001 add sp, #4 + 1012: 4770 bx lr + 1014: 4809 ldr r0, =0x83ff80 ; via 0x103c + 1016: 7800 ldrb r0, [r0, #0] + 1018: 4770 bx lr + 101a: b500 push {lr} + 101c: b081 sub sp, #4 + 101e: 4669 mov r1, sp + 1020: 7008 strb r0, [r1, #0] + 1022: 4668 mov r0, sp + 1024: 7800 ldrb r0, [r0, #0] + 1026: f7ff ff48 bl 0xeba + 102a: b001 add sp, #4 + 102c: bd00 pop {pc} + 102e: b500 push {lr} + 1030: f7ff ff52 bl 0xed8 + 1034: bd00 pop {pc} + 1036: 46c0 nop (mov r8, r8) + 1038: 0100 lsl r0, r0, #4 + 103a: 0080 lsl r0, r0, #2 + 103c: ff80 + 103e: 0083 lsl r3, r0, #2 + 1040: ff00 + 1042: 0083 lsl r3, r0, #2 + 1044: f000 fffe bl 0x2044 + 1048: 6000 str r0, [r0, #0] + 104a: ffff + 104c: 4700 bx r0 + 104e: 0000 lsl r0, r0, #0 + 1050: b08c sub sp, #48 ; 0x30 + 1052: 9101 str r1, [sp, #4] + 1054: 9000 str r0, [sp, #0] + 1056: 2000 mov r0, #0 + 1058: 9003 str r0, [sp, #12] ; 0xc + 105a: 9800 ldr r0, [sp, #0] + 105c: 7801 ldrb r1, [r0, #0] + 105e: 3001 add r0, #1 + 1060: 9000 str r0, [sp, #0] + 1062: 9105 str r1, [sp, #20] ; 0x14 + 1064: 9800 ldr r0, [sp, #0] + 1066: 7801 ldrb r1, [r0, #0] + 1068: 3001 add r0, #1 + 106a: 9000 str r0, [sp, #0] + 106c: 9801 ldr r0, [sp, #4] + 106e: 7001 strb r1, [r0, #0] + 1070: 2001 mov r0, #1 + 1072: 9004 str r0, [sp, #16] ; 0x10 + 1074: e0a8 b 0x11c8 + 1076: 9804 ldr r0, [sp, #16] ; 0x10 + 1078: 3002 add r0, #2 + 107a: 9004 str r0, [sp, #16] ; 0x10 + 107c: 9800 ldr r0, [sp, #0] + 107e: 7801 ldrb r1, [r0, #0] + 1080: 3001 add r0, #1 + 1082: 9000 str r0, [sp, #0] + 1084: 4668 mov r0, sp + 1086: 8441 strh r1, [r0, #34] ; 0x22 + 1088: 9800 ldr r0, [sp, #0] + 108a: 7801 ldrb r1, [r0, #0] + 108c: 3001 add r0, #1 + 108e: 9000 str r0, [sp, #0] + 1090: 4668 mov r0, sp + 1092: 8401 strh r1, [r0, #32] ; 0x20 + 1094: 8c00 ldrh r0, [r0, #32] ; 0x20 + 1096: 4669 mov r1, sp + 1098: 8c49 ldrh r1, [r1, #34] ; 0x22 + 109a: 0209 lsl r1, r1, #8 + 109c: 1840 add r0, r0, r1 + 109e: 9901 ldr r1, [sp, #4] + 10a0: 8088 strh r0, [r1, #4] + 10a2: 9804 ldr r0, [sp, #16] ; 0x10 + 10a4: 3001 add r0, #1 + 10a6: 9004 str r0, [sp, #16] ; 0x10 + 10a8: 9800 ldr r0, [sp, #0] + 10aa: 7801 ldrb r1, [r0, #0] + 10ac: 3001 add r0, #1 + 10ae: 9000 str r0, [sp, #0] + 10b0: 4668 mov r0, sp + 10b2: 7601 strb r1, [r0, #24] ; 0x18 + 10b4: 9901 ldr r1, [sp, #4] + 10b6: 7e00 ldrb r0, [r0, #24] ; 0x18 + 10b8: 7188 strb r0, [r1, #6] + 10ba: 4668 mov r0, sp + 10bc: 7e00 ldrb r0, [r0, #24] ; 0x18 + 10be: 2840 cmp r0, #64 ; 0x40 + 10c0: dc00 bgt 0x10c4 + 10c2: e09f b 0x1204 + 10c4: 2004 mov r0, #4 + 10c6: 9003 str r0, [sp, #12] ; 0xc + 10c8: e09c b 0x1204 + 10ca: 9804 ldr r0, [sp, #16] ; 0x10 + 10cc: 3002 add r0, #2 + 10ce: 9004 str r0, [sp, #16] ; 0x10 + 10d0: 9800 ldr r0, [sp, #0] + 10d2: 7801 ldrb r1, [r0, #0] + 10d4: 3001 add r0, #1 + 10d6: 9000 str r0, [sp, #0] + 10d8: 4668 mov r0, sp + 10da: 8441 strh r1, [r0, #34] ; 0x22 + 10dc: 9800 ldr r0, [sp, #0] + 10de: 7801 ldrb r1, [r0, #0] + 10e0: 3001 add r0, #1 + 10e2: 9000 str r0, [sp, #0] + 10e4: 4668 mov r0, sp + 10e6: 8401 strh r1, [r0, #32] ; 0x20 + 10e8: 8c00 ldrh r0, [r0, #32] ; 0x20 + 10ea: 4669 mov r1, sp + 10ec: 8c49 ldrh r1, [r1, #34] ; 0x22 + 10ee: 0209 lsl r1, r1, #8 + 10f0: 1841 add r1, r0, r1 + 10f2: 9801 ldr r0, [sp, #4] + 10f4: 8081 strh r1, [r0, #4] + 10f6: 9804 ldr r0, [sp, #16] ; 0x10 + 10f8: 3001 add r0, #1 + 10fa: 9004 str r0, [sp, #16] ; 0x10 + 10fc: 9800 ldr r0, [sp, #0] + 10fe: 7801 ldrb r1, [r0, #0] + 1100: 3001 add r0, #1 + 1102: 9000 str r0, [sp, #0] + 1104: 4668 mov r0, sp + 1106: 7601 strb r1, [r0, #24] ; 0x18 + 1108: 9901 ldr r1, [sp, #4] + 110a: 7e00 ldrb r0, [r0, #24] ; 0x18 + 110c: 7188 strb r0, [r1, #6] + 110e: 4668 mov r0, sp + 1110: 7e00 ldrb r0, [r0, #24] ; 0x18 + 1112: 2840 cmp r0, #64 ; 0x40 + 1114: dcd6 bgt 0x10c4 + 1116: 9801 ldr r0, [sp, #4] + 1118: 3008 add r0, #8 + 111a: 9007 str r0, [sp, #28] ; 0x1c + 111c: 2000 mov r0, #0 + 111e: 9002 str r0, [sp, #8] + 1120: 9902 ldr r1, [sp, #8] + 1122: 4668 mov r0, sp + 1124: 7e00 ldrb r0, [r0, #24] ; 0x18 + 1126: 4281 cmp r1, r0 + 1128: da6c bge 0x1204 + 112a: 9800 ldr r0, [sp, #0] + 112c: 7801 ldrb r1, [r0, #0] + 112e: 3001 add r0, #1 + 1130: 9000 str r0, [sp, #0] + 1132: 4668 mov r0, sp + 1134: 84c1 strh r1, [r0, #38] ; 0x26 + 1136: 9800 ldr r0, [sp, #0] + 1138: 7801 ldrb r1, [r0, #0] + 113a: 3001 add r0, #1 + 113c: 9000 str r0, [sp, #0] + 113e: 4668 mov r0, sp + 1140: 8481 strh r1, [r0, #36] ; 0x24 + 1142: 9807 ldr r0, [sp, #28] ; 0x1c + 1144: 1c81 add r1, r0, #2 + 1146: 9107 str r1, [sp, #28] ; 0x1c + 1148: 4669 mov r1, sp + 114a: 8c89 ldrh r1, [r1, #36] ; 0x24 + 114c: 466a mov r2, sp + 114e: 8cd2 ldrh r2, [r2, #38] ; 0x26 + 1150: 0212 lsl r2, r2, #8 + 1152: 1889 add r1, r1, r2 + 1154: 8001 strh r1, [r0, #0] + 1156: 9804 ldr r0, [sp, #16] ; 0x10 + 1158: 3002 add r0, #2 + 115a: 9004 str r0, [sp, #16] ; 0x10 + 115c: 9802 ldr r0, [sp, #8] + 115e: 3001 add r0, #1 + 1160: 9002 str r0, [sp, #8] + 1162: 9902 ldr r1, [sp, #8] + 1164: 4668 mov r0, sp + 1166: 7e00 ldrb r0, [r0, #24] ; 0x18 + 1168: 4281 cmp r1, r0 + 116a: dbde blt 0x112a + 116c: e04a b 0x1204 + 116e: 9804 ldr r0, [sp, #16] ; 0x10 + 1170: 3002 add r0, #2 + 1172: 9004 str r0, [sp, #16] ; 0x10 + 1174: 9800 ldr r0, [sp, #0] + 1176: 7801 ldrb r1, [r0, #0] + 1178: 3001 add r0, #1 + 117a: 9000 str r0, [sp, #0] + 117c: 4668 mov r0, sp + 117e: 8501 strh r1, [r0, #40] ; 0x28 + 1180: 9800 ldr r0, [sp, #0] + 1182: 7801 ldrb r1, [r0, #0] + 1184: 3001 add r0, #1 + 1186: 9000 str r0, [sp, #0] + 1188: 4668 mov r0, sp + 118a: 8541 strh r1, [r0, #42] ; 0x2a + 118c: 8d41 ldrh r1, [r0, #42] ; 0x2a + 118e: 8d00 ldrh r0, [r0, #40] ; 0x28 + 1190: 0200 lsl r0, r0, #8 + 1192: 1809 add r1, r1, r0 + 1194: 9801 ldr r0, [sp, #4] + 1196: 8081 strh r1, [r0, #4] + 1198: 9804 ldr r0, [sp, #16] ; 0x10 + 119a: 3002 add r0, #2 + 119c: 9004 str r0, [sp, #16] ; 0x10 + 119e: 9800 ldr r0, [sp, #0] + 11a0: 7801 ldrb r1, [r0, #0] + 11a2: 3001 add r0, #1 + 11a4: 9000 str r0, [sp, #0] + 11a6: 4668 mov r0, sp + 11a8: 8581 strh r1, [r0, #44] ; 0x2c + 11aa: 9800 ldr r0, [sp, #0] + 11ac: 7801 ldrb r1, [r0, #0] + 11ae: 3001 add r0, #1 + 11b0: 9000 str r0, [sp, #0] + 11b2: 4668 mov r0, sp + 11b4: 85c1 strh r1, [r0, #46] ; 0x2e + 11b6: 8dc1 ldrh r1, [r0, #46] ; 0x2e + 11b8: 8d80 ldrh r0, [r0, #44] ; 0x2c + 11ba: 0200 lsl r0, r0, #8 + 11bc: 1808 add r0, r1, r0 + 11be: 9901 ldr r1, [sp, #4] + 11c0: 80c8 strh r0, [r1, #6] + 11c2: e01f b 0x1204 + 11c4: 2008 mov r0, #8 + 11c6: e77e b 0x10c6 + 11c8: 9801 ldr r0, [sp, #4] + 11ca: 7801 ldrb r1, [r0, #0] + 11cc: 290a cmp r1, #10 ; 0xa + 11ce: d8f9 bhi 0x11c4 + 11d0: a001 add r0, pc, #4 + 11d2: 0089 lsl r1, r1, #2 + 11d4: 5840 ldr r0, [r0, r1] + 11d6: 4687 mov pc, r0 + 11d8: 1204 asr r4, r0, #8 + 11da: 0000 lsl r0, r0, #0 + 11dc: 1204 asr r4, r0, #8 + 11de: 0000 lsl r0, r0, #0 + 11e0: 1204 asr r4, r0, #8 + 11e2: 0000 lsl r0, r0, #0 + 11e4: 1204 asr r4, r0, #8 + 11e6: 0000 lsl r0, r0, #0 + 11e8: 1204 asr r4, r0, #8 + 11ea: 0000 lsl r0, r0, #0 + 11ec: 1204 asr r4, r0, #8 + 11ee: 0000 lsl r0, r0, #0 + 11f0: 1204 asr r4, r0, #8 + 11f2: 0000 lsl r0, r0, #0 + 11f4: 1076 asr r6, r6, #1 + 11f6: 0000 lsl r0, r0, #0 + 11f8: 10ca asr r2, r1, #3 + 11fa: 0000 lsl r0, r0, #0 + 11fc: 1204 asr r4, r0, #8 + 11fe: 0000 lsl r0, r0, #0 + 1200: 116e asr r6, r5, #5 + 1202: 0000 lsl r0, r0, #0 + 1204: 9905 ldr r1, [sp, #20] ; 0x14 + 1206: 9804 ldr r0, [sp, #16] ; 0x10 + 1208: 4281 cmp r1, r0 + 120a: d001 beq 0x1210 + 120c: 2004 mov r0, #4 + 120e: 9003 str r0, [sp, #12] ; 0xc + 1210: 9803 ldr r0, [sp, #12] ; 0xc + 1212: b00c add sp, #48 ; 0x30 + 1214: 4770 bx lr + 1216: b089 sub sp, #36 ; 0x24 + 1218: 9101 str r1, [sp, #4] + 121a: 9000 str r0, [sp, #0] + 121c: 2000 mov r0, #0 + 121e: 9003 str r0, [sp, #12] ; 0xc + 1220: 9801 ldr r0, [sp, #4] + 1222: 1c41 add r1, r0, #1 + 1224: 9101 str r1, [sp, #4] + 1226: 9005 str r0, [sp, #20] ; 0x14 + 1228: 9801 ldr r0, [sp, #4] + 122a: 1c41 add r1, r0, #1 + 122c: 9101 str r1, [sp, #4] + 122e: 9900 ldr r1, [sp, #0] + 1230: 7809 ldrb r1, [r1, #0] + 1232: 7001 strb r1, [r0, #0] + 1234: 4669 mov r1, sp + 1236: 2001 mov r0, #1 + 1238: 7408 strb r0, [r1, #16] ; 0x10 + 123a: 9801 ldr r0, [sp, #4] + 123c: 1c41 add r1, r0, #1 + 123e: 9101 str r1, [sp, #4] + 1240: 9900 ldr r1, [sp, #0] + 1242: 7849 ldrb r1, [r1, #1] + 1244: 7001 strb r1, [r0, #0] + 1246: 4669 mov r1, sp + 1248: 4668 mov r0, sp + 124a: 7c00 ldrb r0, [r0, #16] ; 0x10 + 124c: 3001 add r0, #1 + 124e: 7408 strb r0, [r1, #16] ; 0x10 + 1250: e0e4 b 0x141c + 1252: 9800 ldr r0, [sp, #0] + 1254: 7840 ldrb r0, [r0, #1] + 1256: 2800 cmp r0, #0 + 1258: d000 beq 0x125c + 125a: e0fd b 0x1458 + 125c: 9801 ldr r0, [sp, #4] + 125e: 1c41 add r1, r0, #1 + 1260: 9101 str r1, [sp, #4] + 1262: 9900 ldr r1, [sp, #0] + 1264: 7909 ldrb r1, [r1, #4] + 1266: 7001 strb r1, [r0, #0] + 1268: 9801 ldr r0, [sp, #4] + 126a: 1c41 add r1, r0, #1 + 126c: 9101 str r1, [sp, #4] + 126e: 9900 ldr r1, [sp, #0] + 1270: 7949 ldrb r1, [r1, #5] + 1272: 7001 strb r1, [r0, #0] + 1274: 9801 ldr r0, [sp, #4] + 1276: 1c41 add r1, r0, #1 + 1278: 9101 str r1, [sp, #4] + 127a: 9900 ldr r1, [sp, #0] + 127c: 7989 ldrb r1, [r1, #6] + 127e: 7001 strb r1, [r0, #0] + 1280: 4668 mov r0, sp + 1282: 7c00 ldrb r0, [r0, #16] ; 0x10 + 1284: 3003 add r0, #3 + 1286: 4669 mov r1, sp + 1288: 7408 strb r0, [r1, #16] ; 0x10 + 128a: e0e5 b 0x1458 + 128c: 9800 ldr r0, [sp, #0] + 128e: 7840 ldrb r0, [r0, #1] + 1290: 2800 cmp r0, #0 + 1292: d000 beq 0x1296 + 1294: e0e0 b 0x1458 + 1296: 9801 ldr r0, [sp, #4] + 1298: 1c41 add r1, r0, #1 + 129a: 9101 str r1, [sp, #4] + 129c: 9900 ldr r1, [sp, #0] + 129e: 7909 ldrb r1, [r1, #4] + 12a0: 7001 strb r1, [r0, #0] + 12a2: 4668 mov r0, sp + 12a4: 7c00 ldrb r0, [r0, #16] ; 0x10 + 12a6: 3001 add r0, #1 + 12a8: e7ed b 0x1286 + 12aa: 9800 ldr r0, [sp, #0] + 12ac: 7840 ldrb r0, [r0, #1] + 12ae: 2800 cmp r0, #0 + 12b0: d000 beq 0x12b4 + 12b2: e0d1 b 0x1458 + 12b4: e7ef b 0x1296 + 12b6: 9800 ldr r0, [sp, #0] + 12b8: 7840 ldrb r0, [r0, #1] + 12ba: 2800 cmp r0, #0 + 12bc: d000 beq 0x12c0 + 12be: e0cb b 0x1458 + 12c0: e7e9 b 0x1296 + 12c2: 9800 ldr r0, [sp, #0] + 12c4: 7840 ldrb r0, [r0, #1] + 12c6: 2800 cmp r0, #0 + 12c8: d000 beq 0x12cc + 12ca: e0c5 b 0x1458 + 12cc: 4669 mov r1, sp + 12ce: 9800 ldr r0, [sp, #0] + 12d0: 8880 ldrh r0, [r0, #4] + 12d2: 8408 strh r0, [r1, #32] ; 0x20 + 12d4: 9801 ldr r0, [sp, #4] + 12d6: 1c41 add r1, r0, #1 + 12d8: 9101 str r1, [sp, #4] + 12da: 4669 mov r1, sp + 12dc: 8c09 ldrh r1, [r1, #32] ; 0x20 + 12de: 0409 lsl r1, r1, #16 + 12e0: 0e09 lsr r1, r1, #24 + 12e2: 0209 lsl r1, r1, #8 + 12e4: 1209 asr r1, r1, #8 + 12e6: 7001 strb r1, [r0, #0] + 12e8: 9801 ldr r0, [sp, #4] + 12ea: 1c41 add r1, r0, #1 + 12ec: 9101 str r1, [sp, #4] + 12ee: 4669 mov r1, sp + 12f0: 8c09 ldrh r1, [r1, #32] ; 0x20 + 12f2: 0609 lsl r1, r1, #24 + 12f4: 0e09 lsr r1, r1, #24 + 12f6: 7001 strb r1, [r0, #0] + 12f8: 4669 mov r1, sp + 12fa: 9800 ldr r0, [sp, #0] + 12fc: 88c0 ldrh r0, [r0, #6] + 12fe: 8408 strh r0, [r1, #32] ; 0x20 + 1300: 9801 ldr r0, [sp, #4] + 1302: 1c41 add r1, r0, #1 + 1304: 9101 str r1, [sp, #4] + 1306: 4669 mov r1, sp + 1308: 8c09 ldrh r1, [r1, #32] ; 0x20 + 130a: 0409 lsl r1, r1, #16 + 130c: 0e09 lsr r1, r1, #24 + 130e: 0209 lsl r1, r1, #8 + 1310: 1209 asr r1, r1, #8 + 1312: 7001 strb r1, [r0, #0] + 1314: 9801 ldr r0, [sp, #4] + 1316: 1c41 add r1, r0, #1 + 1318: 9101 str r1, [sp, #4] + 131a: 4669 mov r1, sp + 131c: 8c09 ldrh r1, [r1, #32] ; 0x20 + 131e: 0609 lsl r1, r1, #24 + 1320: 0e09 lsr r1, r1, #24 + 1322: 7001 strb r1, [r0, #0] + 1324: 4668 mov r0, sp + 1326: 7c00 ldrb r0, [r0, #16] ; 0x10 + 1328: 3004 add r0, #4 + 132a: e7ac b 0x1286 + 132c: 9800 ldr r0, [sp, #0] + 132e: 7840 ldrb r0, [r0, #1] + 1330: 2800 cmp r0, #0 + 1332: d000 beq 0x1336 + 1334: e090 b 0x1458 + 1336: e7ae b 0x1296 + 1338: 9800 ldr r0, [sp, #0] + 133a: 7840 ldrb r0, [r0, #1] + 133c: 2800 cmp r0, #0 + 133e: d000 beq 0x1342 + 1340: e08a b 0x1458 + 1342: 4669 mov r1, sp + 1344: 4668 mov r0, sp + 1346: 7c00 ldrb r0, [r0, #16] ; 0x10 + 1348: 3001 add r0, #1 + 134a: 7408 strb r0, [r1, #16] ; 0x10 + 134c: 4668 mov r0, sp + 134e: 9900 ldr r1, [sp, #0] + 1350: 7909 ldrb r1, [r1, #4] + 1352: 7601 strb r1, [r0, #24] ; 0x18 + 1354: 9801 ldr r0, [sp, #4] + 1356: 1c41 add r1, r0, #1 + 1358: 9101 str r1, [sp, #4] + 135a: 4669 mov r1, sp + 135c: 7e09 ldrb r1, [r1, #24] ; 0x18 + 135e: 7001 strb r1, [r0, #0] + 1360: 4668 mov r0, sp + 1362: 7e00 ldrb r0, [r0, #24] ; 0x18 + 1364: 2840 cmp r0, #64 ; 0x40 + 1366: dd01 ble 0x136c + 1368: 2004 mov r0, #4 + 136a: e055 b 0x1418 + 136c: 9800 ldr r0, [sp, #0] + 136e: 3006 add r0, #6 + 1370: 9007 str r0, [sp, #28] ; 0x1c + 1372: 2000 mov r0, #0 + 1374: 9002 str r0, [sp, #8] + 1376: 9902 ldr r1, [sp, #8] + 1378: 4668 mov r0, sp + 137a: 7e00 ldrb r0, [r0, #24] ; 0x18 + 137c: 4281 cmp r1, r0 + 137e: da6b bge 0x1458 + 1380: 9801 ldr r0, [sp, #4] + 1382: 1c41 add r1, r0, #1 + 1384: 9101 str r1, [sp, #4] + 1386: 9907 ldr r1, [sp, #28] ; 0x1c + 1388: 8809 ldrh r1, [r1, #0] + 138a: 0409 lsl r1, r1, #16 + 138c: 0e09 lsr r1, r1, #24 + 138e: 0209 lsl r1, r1, #8 + 1390: 1209 asr r1, r1, #8 + 1392: 7001 strb r1, [r0, #0] + 1394: 9807 ldr r0, [sp, #28] ; 0x1c + 1396: 8801 ldrh r1, [r0, #0] + 1398: 3002 add r0, #2 + 139a: 9007 str r0, [sp, #28] ; 0x1c + 139c: 0608 lsl r0, r1, #24 + 139e: 0e01 lsr r1, r0, #24 + 13a0: 9801 ldr r0, [sp, #4] + 13a2: 1c42 add r2, r0, #1 + 13a4: 9201 str r2, [sp, #4] + 13a6: 7001 strb r1, [r0, #0] + 13a8: 4669 mov r1, sp + 13aa: 4668 mov r0, sp + 13ac: 7c00 ldrb r0, [r0, #16] ; 0x10 + 13ae: 3002 add r0, #2 + 13b0: 7408 strb r0, [r1, #16] ; 0x10 + 13b2: 9802 ldr r0, [sp, #8] + 13b4: 3001 add r0, #1 + 13b6: 9002 str r0, [sp, #8] + 13b8: 9902 ldr r1, [sp, #8] + 13ba: 4668 mov r0, sp + 13bc: 7e00 ldrb r0, [r0, #24] ; 0x18 + 13be: 4281 cmp r1, r0 + 13c0: dbde blt 0x1380 + 13c2: e049 b 0x1458 + 13c4: 9800 ldr r0, [sp, #0] + 13c6: 7840 ldrb r0, [r0, #1] + 13c8: 2800 cmp r0, #0 + 13ca: d145 bne 0x1458 + 13cc: 4669 mov r1, sp + 13ce: 9800 ldr r0, [sp, #0] + 13d0: 8880 ldrh r0, [r0, #4] + 13d2: 8408 strh r0, [r1, #32] ; 0x20 + 13d4: 9801 ldr r0, [sp, #4] + 13d6: 1c41 add r1, r0, #1 + 13d8: 9101 str r1, [sp, #4] + 13da: 4669 mov r1, sp + 13dc: 8c09 ldrh r1, [r1, #32] ; 0x20 + 13de: 0409 lsl r1, r1, #16 + 13e0: 0e09 lsr r1, r1, #24 + 13e2: 0209 lsl r1, r1, #8 + 13e4: 1209 asr r1, r1, #8 + 13e6: 7001 strb r1, [r0, #0] + 13e8: 9801 ldr r0, [sp, #4] + 13ea: 1c41 add r1, r0, #1 + 13ec: 9101 str r1, [sp, #4] + 13ee: 4669 mov r1, sp + 13f0: 8c09 ldrh r1, [r1, #32] ; 0x20 + 13f2: 0609 lsl r1, r1, #24 + 13f4: 0e09 lsr r1, r1, #24 + 13f6: 7001 strb r1, [r0, #0] + 13f8: 4668 mov r0, sp + 13fa: 9900 ldr r1, [sp, #0] + 13fc: 88c9 ldrh r1, [r1, #6] + 13fe: 8401 strh r1, [r0, #32] ; 0x20 + 1400: 9901 ldr r1, [sp, #4] + 1402: 1c48 add r0, r1, #1 + 1404: 9001 str r0, [sp, #4] + 1406: 4668 mov r0, sp + 1408: 8c00 ldrh r0, [r0, #32] ; 0x20 + 140a: 0400 lsl r0, r0, #16 + 140c: 0e00 lsr r0, r0, #24 + 140e: 0200 lsl r0, r0, #8 + 1410: 1200 asr r0, r0, #8 + 1412: 7008 strb r0, [r1, #0] + 1414: e77e b 0x1314 + 1416: 2008 mov r0, #8 + 1418: 9003 str r0, [sp, #12] ; 0xc + 141a: e01d b 0x1458 + 141c: 9800 ldr r0, [sp, #0] + 141e: 7800 ldrb r0, [r0, #0] + 1420: 280a cmp r0, #10 ; 0xa + 1422: d8f8 bhi 0x1416 + 1424: a101 add r1, pc, #4 + 1426: 0080 lsl r0, r0, #2 + 1428: 5808 ldr r0, [r1, r0] + 142a: 4687 mov pc, r0 + 142c: 1252 asr r2, r2, #9 + 142e: 0000 lsl r0, r0, #0 + 1430: 128c asr r4, r1, #10 + 1432: 0000 lsl r0, r0, #0 + 1434: 12aa asr r2, r5, #10 + 1436: 0000 lsl r0, r0, #0 + 1438: 12b6 asr r6, r6, #10 + 143a: 0000 lsl r0, r0, #0 + 143c: 1458 asr r0, r3, #17 + 143e: 0000 lsl r0, r0, #0 + 1440: 12c2 asr r2, r0, #11 + 1442: 0000 lsl r0, r0, #0 + 1444: 132c asr r4, r5, #12 + 1446: 0000 lsl r0, r0, #0 + 1448: 1338 asr r0, r7, #12 + 144a: 0000 lsl r0, r0, #0 + 144c: 1458 asr r0, r3, #17 + 144e: 0000 lsl r0, r0, #0 + 1450: 13c4 asr r4, r0, #15 + 1452: 0000 lsl r0, r0, #0 + 1454: 1458 asr r0, r3, #17 + 1456: 0000 lsl r0, r0, #0 + 1458: 9805 ldr r0, [sp, #20] ; 0x14 + 145a: 4669 mov r1, sp + 145c: 7c09 ldrb r1, [r1, #16] ; 0x10 + 145e: 7001 strb r1, [r0, #0] + 1460: 9803 ldr r0, [sp, #12] ; 0xc + 1462: b009 add sp, #36 ; 0x24 + 1464: 4770 bx lr + 1466: 0000 lsl r0, r0, #0 + 1468: b500 push {lr} + 146a: b083 sub sp, #12 ; 0xc + 146c: 9101 str r1, [sp, #4] + 146e: 4669 mov r1, sp + 1470: 7008 strb r0, [r1, #0] + 1472: 2000 mov r0, #0 + 1474: 9002 str r0, [sp, #8] + 1476: e073 b 0x1560 + 1478: 4668 mov r0, sp + 147a: 7800 ldrb r0, [r0, #0] + 147c: 28aa cmp r0, #170 ; 0xaa + 147e: d106 bne 0x148e + 1480: 4965 ldr r1, =0x83ff10 ; via 0x1618 + 1482: 4865 ldr r0, =0x83ff10 ; via 0x1618 + 1484: 6800 ldr r0, [r0, #0] + 1486: 3001 add r0, #1 + 1488: 07c0 lsl r0, r0, #31 + 148a: 0fc0 lsr r0, r0, #31 + 148c: e013 b 0x14b6 + 148e: 4862 ldr r0, =0x83ff10 ; via 0x1618 + 1490: 6800 ldr r0, [r0, #0] + 1492: 2800 cmp r0, #0 + 1494: d06b beq 0x156e + 1496: 4961 ldr r1, =0x83ff04 ; via 0x161c + 1498: 9801 ldr r0, [sp, #4] + 149a: 3001 add r0, #1 + 149c: 6008 str r0, [r1, #0] + 149e: 4960 ldr r1, =0x83ff0e ; via 0x1620 + 14a0: 2000 mov r0, #0 + 14a2: 7008 strb r0, [r1, #0] + 14a4: 495f ldr r1, =0x83ff0c ; via 0x1624 + 14a6: 4668 mov r0, sp + 14a8: 7800 ldrb r0, [r0, #0] + 14aa: 8008 strh r0, [r1, #0] + 14ac: 495a ldr r1, =0x83ff10 ; via 0x1618 + 14ae: 2000 mov r0, #0 + 14b0: 6008 str r0, [r1, #0] + 14b2: 495d ldr r1, =0x83ff08 ; via 0x1628 + 14b4: 2001 mov r0, #1 + 14b6: 6008 str r0, [r1, #0] + 14b8: e059 b 0x156e + 14ba: 4668 mov r0, sp + 14bc: 7800 ldrb r0, [r0, #0] + 14be: 28aa cmp r0, #170 ; 0xaa + 14c0: d113 bne 0x14ea + 14c2: 4855 ldr r0, =0x83ff10 ; via 0x1618 + 14c4: 6800 ldr r0, [r0, #0] + 14c6: 2800 cmp r0, #0 + 14c8: d00b beq 0x14e2 + 14ca: 4954 ldr r1, =0x83ff04 ; via 0x161c + 14cc: 6808 ldr r0, [r1, #0] + 14ce: 1c42 add r2, r0, #1 + 14d0: 600a str r2, [r1, #0] + 14d2: 4669 mov r1, sp + 14d4: 7809 ldrb r1, [r1, #0] + 14d6: 7001 strb r1, [r0, #0] + 14d8: 4951 ldr r1, =0x83ff0e ; via 0x1620 + 14da: 7808 ldrb r0, [r1, #0] + 14dc: 3001 add r0, #1 + 14de: 7008 strb r0, [r1, #0] + 14e0: e013 b 0x150a + 14e2: 2101 mov r1, #1 + 14e4: 484c ldr r0, =0x83ff10 ; via 0x1618 + 14e6: 6001 str r1, [r0, #0] + 14e8: e01c b 0x1524 + 14ea: 484b ldr r0, =0x83ff10 ; via 0x1618 + 14ec: 6800 ldr r0, [r0, #0] + 14ee: 2800 cmp r0, #0 + 14f0: d00d beq 0x150e + 14f2: 494a ldr r1, =0x83ff04 ; via 0x161c + 14f4: 9801 ldr r0, [sp, #4] + 14f6: 3001 add r0, #1 + 14f8: 6008 str r0, [r1, #0] + 14fa: 4849 ldr r0, =0x83ff0e ; via 0x1620 + 14fc: 2100 mov r1, #0 + 14fe: 7001 strb r1, [r0, #0] + 1500: 4948 ldr r1, =0x83ff0c ; via 0x1624 + 1502: 4668 mov r0, sp + 1504: 7800 ldrb r0, [r0, #0] + 1506: 3001 add r0, #1 + 1508: 8008 strh r0, [r1, #0] + 150a: 2100 mov r1, #0 + 150c: e7ea b 0x14e4 + 150e: 4843 ldr r0, =0x83ff04 ; via 0x161c + 1510: 6801 ldr r1, [r0, #0] + 1512: 1c4a add r2, r1, #1 + 1514: 6002 str r2, [r0, #0] + 1516: 4668 mov r0, sp + 1518: 7800 ldrb r0, [r0, #0] + 151a: 7008 strb r0, [r1, #0] + 151c: 4940 ldr r1, =0x83ff0e ; via 0x1620 + 151e: 7808 ldrb r0, [r1, #0] + 1520: 3001 add r0, #1 + 1522: 7008 strb r0, [r1, #0] + 1524: 483f ldr r0, =0x83ff0c ; via 0x1624 + 1526: 8801 ldrh r1, [r0, #0] + 1528: 3901 sub r1, #1 + 152a: 8001 strh r1, [r0, #0] + 152c: 483d ldr r0, =0x83ff0c ; via 0x1624 + 152e: 8800 ldrh r0, [r0, #0] + 1530: 2800 cmp r0, #0 + 1532: d11c bne 0x156e + 1534: 9901 ldr r1, [sp, #4] + 1536: 483a ldr r0, =0x83ff0e ; via 0x1620 + 1538: 7800 ldrb r0, [r0, #0] + 153a: 7008 strb r0, [r1, #0] + 153c: 2001 mov r0, #1 + 153e: 9002 str r0, [sp, #8] + 1540: 4839 ldr r0, =0x83ff08 ; via 0x1628 + 1542: 2100 mov r1, #0 + 1544: 6001 str r1, [r0, #0] + 1546: 4834 ldr r0, =0x83ff10 ; via 0x1618 + 1548: 6001 str r1, [r0, #0] + 154a: 9801 ldr r0, [sp, #4] + 154c: 7800 ldrb r0, [r0, #0] + 154e: 2801 cmp r0, #1 + 1550: d10d bne 0x156e + 1552: 9801 ldr r0, [sp, #4] + 1554: 7840 ldrb r0, [r0, #1] + 1556: 28dd cmp r0, #221 ; 0xdd + 1558: d109 bne 0x156e + 155a: f7ff fae3 bl 0xb24 + 155e: e006 b 0x156e + 1560: 4831 ldr r0, =0x83ff08 ; via 0x1628 + 1562: 6800 ldr r0, [r0, #0] + 1564: 2800 cmp r0, #0 + 1566: d087 beq 0x1478 + 1568: 3801 sub r0, #1 + 156a: 2800 cmp r0, #0 + 156c: d0a5 beq 0x14ba + 156e: 9802 ldr r0, [sp, #8] + 1570: b003 add sp, #12 ; 0xc + 1572: bd00 pop {pc} + 1574: b086 sub sp, #24 ; 0x18 + 1576: 9202 str r2, [sp, #8] + 1578: 9101 str r1, [sp, #4] + 157a: 9000 str r0, [sp, #0] + 157c: 9801 ldr r0, [sp, #4] + 157e: 3001 add r0, #1 + 1580: 9004 str r0, [sp, #16] ; 0x10 + 1582: 9800 ldr r0, [sp, #0] + 1584: 1c41 add r1, r0, #1 + 1586: 9100 str r1, [sp, #0] + 1588: 9005 str r0, [sp, #20] ; 0x14 + 158a: 9901 ldr r1, [sp, #4] + 158c: 20aa mov r0, #170 ; 0xaa + 158e: 7008 strb r0, [r1, #0] + 1590: 9801 ldr r0, [sp, #4] + 1592: 3002 add r0, #2 + 1594: 9001 str r0, [sp, #4] + 1596: 9902 ldr r1, [sp, #8] + 1598: 2000 mov r0, #0 + 159a: 8008 strh r0, [r1, #0] + 159c: 4669 mov r1, sp + 159e: 8188 strh r0, [r1, #12] ; 0xc + 15a0: 4668 mov r0, sp + 15a2: 8981 ldrh r1, [r0, #12] ; 0xc + 15a4: 9805 ldr r0, [sp, #20] ; 0x14 + 15a6: 7800 ldrb r0, [r0, #0] + 15a8: 4281 cmp r1, r0 + 15aa: da23 bge 0x15f4 + 15ac: 9800 ldr r0, [sp, #0] + 15ae: 7800 ldrb r0, [r0, #0] + 15b0: 28aa cmp r0, #170 ; 0xaa + 15b2: d108 bne 0x15c6 + 15b4: 9801 ldr r0, [sp, #4] + 15b6: 1c41 add r1, r0, #1 + 15b8: 9101 str r1, [sp, #4] + 15ba: 21aa mov r1, #170 ; 0xaa + 15bc: 7001 strb r1, [r0, #0] + 15be: 9902 ldr r1, [sp, #8] + 15c0: 8808 ldrh r0, [r1, #0] + 15c2: 3001 add r0, #1 + 15c4: 8008 strh r0, [r1, #0] + 15c6: 9800 ldr r0, [sp, #0] + 15c8: 7801 ldrb r1, [r0, #0] + 15ca: 3001 add r0, #1 + 15cc: 9000 str r0, [sp, #0] + 15ce: 9801 ldr r0, [sp, #4] + 15d0: 1c42 add r2, r0, #1 + 15d2: 9201 str r2, [sp, #4] + 15d4: 7001 strb r1, [r0, #0] + 15d6: 9902 ldr r1, [sp, #8] + 15d8: 8808 ldrh r0, [r1, #0] + 15da: 3001 add r0, #1 + 15dc: 8008 strh r0, [r1, #0] + 15de: 4669 mov r1, sp + 15e0: 4668 mov r0, sp + 15e2: 8980 ldrh r0, [r0, #12] ; 0xc + 15e4: 3001 add r0, #1 + 15e6: 8188 strh r0, [r1, #12] ; 0xc + 15e8: 4668 mov r0, sp + 15ea: 8980 ldrh r0, [r0, #12] ; 0xc + 15ec: 9905 ldr r1, [sp, #20] ; 0x14 + 15ee: 7809 ldrb r1, [r1, #0] + 15f0: 4288 cmp r0, r1 + 15f2: dbdb blt 0x15ac + 15f4: 9904 ldr r1, [sp, #16] ; 0x10 + 15f6: 9802 ldr r0, [sp, #8] + 15f8: 7800 ldrb r0, [r0, #0] + 15fa: 7008 strb r0, [r1, #0] + 15fc: 9902 ldr r1, [sp, #8] + 15fe: 8808 ldrh r0, [r1, #0] + 1600: 3002 add r0, #2 + 1602: 8008 strh r0, [r1, #0] + 1604: b006 add sp, #24 ; 0x18 + 1606: 4770 bx lr + 1608: 4907 ldr r1, =0x83ff08 ; via 0x1628 + 160a: 2000 mov r0, #0 + 160c: 6008 str r0, [r1, #0] + 160e: 4802 ldr r0, =0x83ff10 ; via 0x1618 + 1610: 2100 mov r1, #0 + 1612: 6001 str r1, [r0, #0] + 1614: 4770 bx lr + 1616: 46c0 nop (mov r8, r8) + 1618: ff10 + 161a: 0083 lsl r3, r0, #2 + 161c: ff04 + 161e: 0083 lsl r3, r0, #2 + 1620: ff0e + 1622: 0083 lsl r3, r0, #2 + 1624: ff0c + 1626: 0083 lsl r3, r0, #2 + 1628: ff08 + 162a: 0083 lsl r3, r0, #2 + 162c: b082 sub sp, #8 + 162e: 9101 str r1, [sp, #4] + 1630: 9000 str r0, [sp, #0] + 1632: 9901 ldr r1, [sp, #4] + 1634: 2000 mov r0, #0 + 1636: 7008 strb r0, [r1, #0] + 1638: 9801 ldr r0, [sp, #4] + 163a: 2100 mov r1, #0 + 163c: 7041 strb r1, [r0, #1] + 163e: 9801 ldr r0, [sp, #4] + 1640: 2102 mov r1, #2 + 1642: 7101 strb r1, [r0, #4] + 1644: 9801 ldr r0, [sp, #4] + 1646: 2106 mov r1, #6 + 1648: 7141 strb r1, [r0, #5] + 164a: 9801 ldr r0, [sp, #4] + 164c: 2102 mov r1, #2 + 164e: 7181 strb r1, [r0, #6] + 1650: b002 add sp, #8 + 1652: 4770 bx lr + 1654: b500 push {lr} + 1656: b084 sub sp, #16 ; 0x10 + 1658: 466b mov r3, sp + 165a: 721a strb r2, [r3, #8] + 165c: 9101 str r1, [sp, #4] + 165e: 9000 str r0, [sp, #0] + 1660: 9901 ldr r1, [sp, #4] + 1662: 2009 mov r0, #9 + 1664: 7008 strb r0, [r1, #0] + 1666: e015 b 0x1694 + 1668: 9801 ldr r0, [sp, #4] + 166a: 2100 mov r1, #0 + 166c: 7041 strb r1, [r0, #1] + 166e: 9901 ldr r1, [sp, #4] + 1670: 4668 mov r0, sp + 1672: 8940 ldrh r0, [r0, #10] ; 0xa + 1674: 8088 strh r0, [r1, #4] + 1676: 9901 ldr r1, [sp, #4] + 1678: 4668 mov r0, sp + 167a: 8980 ldrh r0, [r0, #12] ; 0xc + 167c: 80c8 strh r0, [r1, #6] + 167e: e01e b 0x16be + 1680: 2101 mov r1, #1 + 1682: e004 b 0x168e + 1684: 2103 mov r1, #3 + 1686: e002 b 0x168e + 1688: 2105 mov r1, #5 + 168a: e000 b 0x168e + 168c: 2106 mov r1, #6 + 168e: 9801 ldr r0, [sp, #4] + 1690: 7041 strb r1, [r0, #1] + 1692: e014 b 0x16be + 1694: 200a mov r0, #10 ; 0xa + 1696: 4468 add r0, sp + 1698: a903 add r1, sp, #12 ; 0xc + 169a: 466a mov r2, sp + 169c: 7a12 ldrb r2, [r2, #8] + 169e: f000 fb71 bl 0x1d84 + 16a2: 2800 cmp r0, #0 + 16a4: d0e0 beq 0x1668 + 16a6: 3801 sub r0, #1 + 16a8: 2800 cmp r0, #0 + 16aa: d0e9 beq 0x1680 + 16ac: 3801 sub r0, #1 + 16ae: 2800 cmp r0, #0 + 16b0: d0e8 beq 0x1684 + 16b2: 3801 sub r0, #1 + 16b4: 2800 cmp r0, #0 + 16b6: d0e7 beq 0x1688 + 16b8: 3801 sub r0, #1 + 16ba: 2800 cmp r0, #0 + 16bc: d0e6 beq 0x168c + 16be: b004 add sp, #16 ; 0x10 + 16c0: bd00 pop {pc} + 16c2: b084 sub sp, #16 ; 0x10 + 16c4: 9101 str r1, [sp, #4] + 16c6: 9000 str r0, [sp, #0] + 16c8: 9901 ldr r1, [sp, #4] + 16ca: 200a mov r0, #10 ; 0xa + 16cc: 7008 strb r0, [r1, #0] + 16ce: 9801 ldr r0, [sp, #4] + 16d0: 2100 mov r1, #0 + 16d2: 7041 strb r1, [r0, #1] + 16d4: 4669 mov r1, sp + 16d6: 9800 ldr r0, [sp, #0] + 16d8: 8880 ldrh r0, [r0, #4] + 16da: 8108 strh r0, [r1, #8] + 16dc: 9800 ldr r0, [sp, #0] + 16de: 88c0 ldrh r0, [r0, #6] + 16e0: 8148 strh r0, [r1, #10] ; 0xa + 16e2: 4668 mov r0, sp + 16e4: 8941 ldrh r1, [r0, #10] ; 0xa + 16e6: 8900 ldrh r0, [r0, #8] + 16e8: 0400 lsl r0, r0, #16 + 16ea: 1808 add r0, r1, r0 + 16ec: 9003 str r0, [sp, #12] ; 0xc + 16ee: 9803 ldr r0, [sp, #12] ; 0xc + 16f0: b004 add sp, #16 ; 0x10 + 16f2: 4770 bx lr + 16f4: b085 sub sp, #20 ; 0x14 + 16f6: 9303 str r3, [sp, #12] ; 0xc + 16f8: 9202 str r2, [sp, #8] + 16fa: 9101 str r1, [sp, #4] + 16fc: 4669 mov r1, sp + 16fe: 7008 strb r0, [r1, #0] + 1700: 48ea ldr r0, =0x83ff19 ; via 0x1aac + 1702: 7809 ldrb r1, [r1, #0] + 1704: 7802 ldrb r2, [r0, #0] + 1706: 1889 add r1, r1, r2 + 1708: 7001 strb r1, [r0, #0] + 170a: 48e9 ldr r0, =0x83ff1a ; via 0x1ab0 + 170c: 7800 ldrb r0, [r0, #0] + 170e: 2800 cmp r0, #0 + 1710: d00e beq 0x1730 + 1712: 48e8 ldr r0, =0x83ff26 ; via 0x1ab4 + 1714: 4669 mov r1, sp + 1716: 780a ldrb r2, [r1, #0] + 1718: 8801 ldrh r1, [r0, #0] + 171a: 1851 add r1, r2, r1 + 171c: 8001 strh r1, [r0, #0] + 171e: 9903 ldr r1, [sp, #12] ; 0xc + 1720: 48e4 ldr r0, =0x83ff26 ; via 0x1ab4 + 1722: 8800 ldrh r0, [r0, #0] + 1724: 8008 strh r0, [r1, #0] + 1726: 9801 ldr r0, [sp, #4] + 1728: 2100 mov r1, #0 + 172a: 6001 str r1, [r0, #0] + 172c: 2000 mov r0, #0 + 172e: e009 b 0x1744 + 1730: 9902 ldr r1, [sp, #8] + 1732: 6808 ldr r0, [r1, #0] + 1734: 3002 add r0, #2 + 1736: 6008 str r0, [r1, #0] + 1738: 49de ldr r1, =0x83ff26 ; via 0x1ab4 + 173a: 4668 mov r0, sp + 173c: 7800 ldrb r0, [r0, #0] + 173e: 0200 lsl r0, r0, #8 + 1740: 8008 strh r0, [r1, #0] + 1742: 2001 mov r0, #1 + 1744: 9004 str r0, [sp, #16] ; 0x10 + 1746: 2001 mov r0, #1 + 1748: 49d9 ldr r1, =0x83ff1a ; via 0x1ab0 + 174a: 7809 ldrb r1, [r1, #0] + 174c: 4388 bic r0, r1 + 174e: 49d8 ldr r1, =0x83ff1a ; via 0x1ab0 + 1750: 7008 strb r0, [r1, #0] + 1752: 48d9 ldr r0, =0x83ff24 ; via 0x1ab8 + 1754: 7801 ldrb r1, [r0, #0] + 1756: 3901 sub r1, #1 + 1758: 7001 strb r1, [r0, #0] + 175a: 48d7 ldr r0, =0x83ff24 ; via 0x1ab8 + 175c: 7800 ldrb r0, [r0, #0] + 175e: 2800 cmp r0, #0 + 1760: d102 bne 0x1768 + 1762: 48d6 ldr r0, =0x83ff20 ; via 0x1abc + 1764: 2106 mov r1, #6 + 1766: 6001 str r1, [r0, #0] + 1768: 9804 ldr r0, [sp, #16] ; 0x10 + 176a: b005 add sp, #20 ; 0x14 + 176c: 46f7 mov pc, lr + 176e: b083 sub sp, #12 ; 0xc + 1770: 9101 str r1, [sp, #4] + 1772: 4669 mov r1, sp + 1774: 7008 strb r0, [r1, #0] + 1776: 2001 mov r0, #1 + 1778: 9002 str r0, [sp, #8] + 177a: 48d1 ldr r0, =0x83ff1b ; via 0x1ac0 + 177c: 7800 ldrb r0, [r0, #0] + 177e: 2800 cmp r0, #0 + 1780: d10a bne 0x1798 + 1782: 4668 mov r0, sp + 1784: 7800 ldrb r0, [r0, #0] + 1786: 2853 cmp r0, #83 ; 0x53 + 1788: d102 bne 0x1790 + 178a: 48cd ldr r0, =0x83ff1b ; via 0x1ac0 + 178c: 2101 mov r1, #1 + 178e: e01a b 0x17c6 + 1790: 2101 mov r1, #1 + 1792: 9801 ldr r0, [sp, #4] + 1794: 6001 str r1, [r0, #0] + 1796: e03b b 0x1810 + 1798: 49c9 ldr r1, =0x83ff1b ; via 0x1ac0 + 179a: 2000 mov r0, #0 + 179c: 7008 strb r0, [r1, #0] + 179e: 4668 mov r0, sp + 17a0: 7800 ldrb r0, [r0, #0] + 17a2: 2830 cmp r0, #48 ; 0x30 + 17a4: d111 bne 0x17ca + 17a6: 48c7 ldr r0, =0x83ff18 ; via 0x1ac4 + 17a8: 7800 ldrb r0, [r0, #0] + 17aa: 2800 cmp r0, #0 + 17ac: d006 beq 0x17bc + 17ae: 9901 ldr r1, [sp, #4] + 17b0: 2001 mov r0, #1 + 17b2: 6008 str r0, [r1, #0] + 17b4: 49c3 ldr r1, =0x83ff18 ; via 0x1ac4 + 17b6: 2000 mov r0, #0 + 17b8: 7008 strb r0, [r1, #0] + 17ba: e02a b 0x1812 + 17bc: 48bf ldr r0, =0x83ff20 ; via 0x1abc + 17be: 2102 mov r1, #2 + 17c0: 6001 str r1, [r0, #0] + 17c2: 48ef ldr r0, =0x83ff1c ; via 0x1b80 + 17c4: 2100 mov r1, #0 + 17c6: 7001 strb r1, [r0, #0] + 17c8: e024 b 0x1814 + 17ca: 4668 mov r0, sp + 17cc: 7800 ldrb r0, [r0, #0] + 17ce: 2833 cmp r0, #51 ; 0x33 + 17d0: d105 bne 0x17de + 17d2: 48bc ldr r0, =0x83ff18 ; via 0x1ac4 + 17d4: 7800 ldrb r0, [r0, #0] + 17d6: 2800 cmp r0, #0 + 17d8: d0da beq 0x1790 + 17da: 2004 mov r0, #4 + 17dc: e00c b 0x17f8 + 17de: 4668 mov r0, sp + 17e0: 7800 ldrb r0, [r0, #0] + 17e2: 2837 cmp r0, #55 ; 0x37 + 17e4: d10e bne 0x1804 + 17e6: 48b7 ldr r0, =0x83ff18 ; via 0x1ac4 + 17e8: 7800 ldrb r0, [r0, #0] + 17ea: 2800 cmp r0, #0 + 17ec: d103 bne 0x17f6 + 17ee: 9901 ldr r1, [sp, #4] + 17f0: 2001 mov r0, #1 + 17f2: 6008 str r0, [r1, #0] + 17f4: e00c b 0x1810 + 17f6: 2003 mov r0, #3 + 17f8: 49b0 ldr r1, =0x83ff20 ; via 0x1abc + 17fa: 6008 str r0, [r1, #0] + 17fc: 2000 mov r0, #0 + 17fe: 49e0 ldr r1, =0x83ff1c ; via 0x1b80 + 1800: 7008 strb r0, [r1, #0] + 1802: e007 b 0x1814 + 1804: 9901 ldr r1, [sp, #4] + 1806: 2001 mov r0, #1 + 1808: 6008 str r0, [r1, #0] + 180a: 48ae ldr r0, =0x83ff18 ; via 0x1ac4 + 180c: 2100 mov r1, #0 + 180e: 7001 strb r1, [r0, #0] + 1810: 2000 mov r0, #0 + 1812: 9002 str r0, [sp, #8] + 1814: 9802 ldr r0, [sp, #8] + 1816: b003 add sp, #12 ; 0xc + 1818: 46f7 mov pc, lr + 181a: b083 sub sp, #12 ; 0xc + 181c: 9101 str r1, [sp, #4] + 181e: 4669 mov r1, sp + 1820: 7008 strb r0, [r1, #0] + 1822: 2001 mov r0, #1 + 1824: 9002 str r0, [sp, #8] + 1826: 49d7 ldr r1, =0x830 ; via 0x1b84 + 1828: 48d5 ldr r0, =0x83ff1c ; via 0x1b80 + 182a: 7800 ldrb r0, [r0, #0] + 182c: 0080 lsl r0, r0, #2 + 182e: 5808 ldr r0, [r1, r0] + 1830: 4669 mov r1, sp + 1832: 7809 ldrb r1, [r1, #0] + 1834: 4281 cmp r1, r0 + 1836: d10d bne 0x1854 + 1838: 49d1 ldr r1, =0x83ff1c ; via 0x1b80 + 183a: 7808 ldrb r0, [r1, #0] + 183c: 3001 add r0, #1 + 183e: 7008 strb r0, [r1, #0] + 1840: 48cf ldr r0, =0x83ff1c ; via 0x1b80 + 1842: 7800 ldrb r0, [r0, #0] + 1844: 2807 cmp r0, #7 + 1846: d10d bne 0x1864 + 1848: 489c ldr r0, =0x83ff20 ; via 0x1abc + 184a: 2101 mov r1, #1 + 184c: 6001 str r1, [r0, #0] + 184e: 489d ldr r0, =0x83ff18 ; via 0x1ac4 + 1850: 7001 strb r1, [r0, #0] + 1852: e007 b 0x1864 + 1854: 9801 ldr r0, [sp, #4] + 1856: 2101 mov r1, #1 + 1858: 6001 str r1, [r0, #0] + 185a: 4998 ldr r1, =0x83ff20 ; via 0x1abc + 185c: 2001 mov r0, #1 + 185e: 6008 str r0, [r1, #0] + 1860: 2000 mov r0, #0 + 1862: 9002 str r0, [sp, #8] + 1864: 9802 ldr r0, [sp, #8] + 1866: b003 add sp, #12 ; 0xc + 1868: 46f7 mov pc, lr + 186a: b083 sub sp, #12 ; 0xc + 186c: 9101 str r1, [sp, #4] + 186e: 4669 mov r1, sp + 1870: 7008 strb r0, [r1, #0] + 1872: 2001 mov r0, #1 + 1874: 9002 str r0, [sp, #8] + 1876: 49c4 ldr r1, =0x84c ; via 0x1b88 + 1878: 48c1 ldr r0, =0x83ff1c ; via 0x1b80 + 187a: 7800 ldrb r0, [r0, #0] + 187c: 0080 lsl r0, r0, #2 + 187e: 5808 ldr r0, [r1, r0] + 1880: 4669 mov r1, sp + 1882: 7809 ldrb r1, [r1, #0] + 1884: 4281 cmp r1, r0 + 1886: d112 bne 0x18ae + 1888: 49bd ldr r1, =0x83ff1c ; via 0x1b80 + 188a: 7808 ldrb r0, [r1, #0] + 188c: 3001 add r0, #1 + 188e: 7008 strb r0, [r1, #0] + 1890: 48bb ldr r0, =0x83ff1c ; via 0x1b80 + 1892: 7800 ldrb r0, [r0, #0] + 1894: 2806 cmp r0, #6 + 1896: d114 bne 0x18c2 + 1898: 9801 ldr r0, [sp, #4] + 189a: 2102 mov r1, #2 + 189c: 6001 str r1, [r0, #0] + 189e: 4887 ldr r0, =0x83ff20 ; via 0x1abc + 18a0: 2101 mov r1, #1 + 18a2: 6001 str r1, [r0, #0] + 18a4: 4887 ldr r0, =0x83ff18 ; via 0x1ac4 + 18a6: 2100 mov r1, #0 + 18a8: 7001 strb r1, [r0, #0] + 18aa: 2000 mov r0, #0 + 18ac: e008 b 0x18c0 + 18ae: 9801 ldr r0, [sp, #4] + 18b0: 2101 mov r1, #1 + 18b2: 6001 str r1, [r0, #0] + 18b4: 4981 ldr r1, =0x83ff20 ; via 0x1abc + 18b6: 2001 mov r0, #1 + 18b8: 6008 str r0, [r1, #0] + 18ba: 4982 ldr r1, =0x83ff18 ; via 0x1ac4 + 18bc: 2000 mov r0, #0 + 18be: 7008 strb r0, [r1, #0] + 18c0: 9002 str r0, [sp, #8] + 18c2: 9802 ldr r0, [sp, #8] + 18c4: b003 add sp, #12 ; 0xc + 18c6: 46f7 mov pc, lr + 18c8: b081 sub sp, #4 + 18ca: 4669 mov r1, sp + 18cc: 7008 strb r0, [r1, #0] + 18ce: 497a ldr r1, =0x83ff24 ; via 0x1ab8 + 18d0: 4668 mov r0, sp + 18d2: 7800 ldrb r0, [r0, #0] + 18d4: 3801 sub r0, #1 + 18d6: 7008 strb r0, [r1, #0] + 18d8: 4874 ldr r0, =0x83ff19 ; via 0x1aac + 18da: 4669 mov r1, sp + 18dc: 7809 ldrb r1, [r1, #0] + 18de: 7001 strb r1, [r0, #0] + 18e0: 48a7 ldr r0, =0x83ff1c ; via 0x1b80 + 18e2: 2100 mov r1, #0 + 18e4: 7001 strb r1, [r0, #0] + 18e6: 48e3 ldr r0, =0x83ff14 ; via 0x1c74 + 18e8: 6001 str r1, [r0, #0] + 18ea: 4874 ldr r0, =0x83ff20 ; via 0x1abc + 18ec: 2105 mov r1, #5 + 18ee: 6001 str r1, [r0, #0] + 18f0: b001 add sp, #4 + 18f2: 46f7 mov pc, lr + 18f4: b084 sub sp, #16 ; 0x10 + 18f6: 9202 str r2, [sp, #8] + 18f8: 9101 str r1, [sp, #4] + 18fa: 4669 mov r1, sp + 18fc: 7008 strb r0, [r1, #0] + 18fe: 2001 mov r0, #1 + 1900: 9003 str r0, [sp, #12] ; 0xc + 1902: 496d ldr r1, =0x83ff24 ; via 0x1ab8 + 1904: 7808 ldrb r0, [r1, #0] + 1906: 3801 sub r0, #1 + 1908: 7008 strb r0, [r1, #0] + 190a: 486b ldr r0, =0x83ff24 ; via 0x1ab8 + 190c: 7800 ldrb r0, [r0, #0] + 190e: 2800 cmp r0, #0 + 1910: d026 beq 0x1960 + 1912: 4866 ldr r0, =0x83ff19 ; via 0x1aac + 1914: 4669 mov r1, sp + 1916: 780a ldrb r2, [r1, #0] + 1918: 7801 ldrb r1, [r0, #0] + 191a: 1851 add r1, r2, r1 + 191c: 7001 strb r1, [r0, #0] + 191e: 4998 ldr r1, =0x83ff1c ; via 0x1b80 + 1920: 7808 ldrb r0, [r1, #0] + 1922: 3001 add r0, #1 + 1924: 7008 strb r0, [r1, #0] + 1926: 49d3 ldr r1, =0x83ff14 ; via 0x1c74 + 1928: 2204 mov r2, #4 + 192a: 4895 ldr r0, =0x83ff1c ; via 0x1b80 + 192c: 7800 ldrb r0, [r0, #0] + 192e: 1a10 sub r0, r2, r0 + 1930: 00c2 lsl r2, r0, #3 + 1932: 4668 mov r0, sp + 1934: 7800 ldrb r0, [r0, #0] + 1936: 4090 lsl r0, r2 + 1938: 680a ldr r2, [r1, #0] + 193a: 1880 add r0, r0, r2 + 193c: 6008 str r0, [r1, #0] + 193e: 4890 ldr r0, =0x83ff1c ; via 0x1b80 + 1940: 7800 ldrb r0, [r0, #0] + 1942: 2804 cmp r0, #4 + 1944: d117 bne 0x1976 + 1946: 9902 ldr r1, [sp, #8] + 1948: 48ca ldr r0, =0x83ff14 ; via 0x1c74 + 194a: 6800 ldr r0, [r0, #0] + 194c: 3802 sub r0, #2 + 194e: 6008 str r0, [r1, #0] + 1950: 485a ldr r0, =0x83ff20 ; via 0x1abc + 1952: 2100 mov r1, #0 + 1954: 6001 str r1, [r0, #0] + 1956: 4856 ldr r0, =0x83ff1a ; via 0x1ab0 + 1958: 7001 strb r1, [r0, #0] + 195a: 4889 ldr r0, =0x83ff1c ; via 0x1b80 + 195c: 7001 strb r1, [r0, #0] + 195e: e00a b 0x1976 + 1960: 9801 ldr r0, [sp, #4] + 1962: 2101 mov r1, #1 + 1964: 6001 str r1, [r0, #0] + 1966: 4955 ldr r1, =0x83ff20 ; via 0x1abc + 1968: 2001 mov r0, #1 + 196a: 6008 str r0, [r1, #0] + 196c: 4855 ldr r0, =0x83ff18 ; via 0x1ac4 + 196e: 2100 mov r1, #0 + 1970: 7001 strb r1, [r0, #0] + 1972: 2000 mov r0, #0 + 1974: 9003 str r0, [sp, #12] ; 0xc + 1976: 9803 ldr r0, [sp, #12] ; 0xc + 1978: b004 add sp, #16 ; 0x10 + 197a: 46f7 mov pc, lr + 197c: b083 sub sp, #12 ; 0xc + 197e: 9101 str r1, [sp, #4] + 1980: 4669 mov r1, sp + 1982: 7008 strb r0, [r1, #0] + 1984: 2001 mov r0, #1 + 1986: 9002 str r0, [sp, #8] + 1988: 494c ldr r1, =0x83ff20 ; via 0x1abc + 198a: 6008 str r0, [r1, #0] + 198c: 20ff mov r0, #255 ; 0xff + 198e: 4669 mov r1, sp + 1990: 7809 ldrb r1, [r1, #0] + 1992: 4388 bic r0, r1 + 1994: 4945 ldr r1, =0x83ff19 ; via 0x1aac + 1996: 7809 ldrb r1, [r1, #0] + 1998: 4281 cmp r1, r0 + 199a: d007 beq 0x19ac + 199c: 9801 ldr r0, [sp, #4] + 199e: 2101 mov r1, #1 + 19a0: 6001 str r1, [r0, #0] + 19a2: 4848 ldr r0, =0x83ff18 ; via 0x1ac4 + 19a4: 2100 mov r1, #0 + 19a6: 7001 strb r1, [r0, #0] + 19a8: 2000 mov r0, #0 + 19aa: 9002 str r0, [sp, #8] + 19ac: 9802 ldr r0, [sp, #8] + 19ae: b003 add sp, #12 ; 0xc + 19b0: 46f7 mov pc, lr + 19b2: b085 sub sp, #20 ; 0x14 + 19b4: 466b mov r3, sp + 19b6: 719a strb r2, [r3, #6] + 19b8: 466a mov r2, sp + 19ba: 8091 strh r1, [r2, #4] + 19bc: 9000 str r0, [sp, #0] + 19be: 9800 ldr r0, [sp, #0] + 19c0: 9002 str r0, [sp, #8] + 19c2: 4669 mov r1, sp + 19c4: 4668 mov r0, sp + 19c6: 8880 ldrh r0, [r0, #4] + 19c8: 8208 strh r0, [r1, #16] ; 0x10 + 19ca: 4668 mov r0, sp + 19cc: 8a00 ldrh r0, [r0, #16] ; 0x10 + 19ce: 2800 cmp r0, #0 + 19d0: d01e beq 0x1a10 + 19d2: 49e3 ldr r1, =0x864 ; via 0x1d60 + 19d4: 4668 mov r0, sp + 19d6: 7980 ldrb r0, [r0, #6] + 19d8: 0080 lsl r0, r0, #2 + 19da: 5808 ldr r0, [r1, r0] + 19dc: 7941 ldrb r1, [r0, #5] + 19de: 4668 mov r0, sp + 19e0: 7301 strb r1, [r0, #12] ; 0xc + 19e2: 7b00 ldrb r0, [r0, #12] ; 0xc + 19e4: 0980 lsr r0, r0, #6 + 19e6: d3f4 bcc 0x19d2 + 19e8: 49dd ldr r1, =0x864 ; via 0x1d60 + 19ea: 4668 mov r0, sp + 19ec: 7980 ldrb r0, [r0, #6] + 19ee: 0080 lsl r0, r0, #2 + 19f0: 5809 ldr r1, [r1, r0] + 19f2: 9802 ldr r0, [sp, #8] + 19f4: 7800 ldrb r0, [r0, #0] + 19f6: 7008 strb r0, [r1, #0] + 19f8: 9802 ldr r0, [sp, #8] + 19fa: 3001 add r0, #1 + 19fc: 9002 str r0, [sp, #8] + 19fe: 4669 mov r1, sp + 1a00: 4668 mov r0, sp + 1a02: 8a00 ldrh r0, [r0, #16] ; 0x10 + 1a04: 3801 sub r0, #1 + 1a06: 8208 strh r0, [r1, #16] ; 0x10 + 1a08: 4668 mov r0, sp + 1a0a: 8a00 ldrh r0, [r0, #16] ; 0x10 + 1a0c: 2800 cmp r0, #0 + 1a0e: d1e0 bne 0x19d2 + 1a10: b005 add sp, #20 ; 0x14 + 1a12: 46f7 mov pc, lr + 1a14: b082 sub sp, #8 + 1a16: 4669 mov r1, sp + 1a18: 7008 strb r0, [r1, #0] + 1a1a: 2000 mov r0, #0 + 1a1c: 8088 strh r0, [r1, #4] + 1a1e: 4668 mov r0, sp + 1a20: 8881 ldrh r1, [r0, #4] + 1a22: 20ff mov r0, #255 ; 0xff + 1a24: 30f5 add r0, #245 ; 0xf5 + 1a26: 4281 cmp r1, r0 + 1a28: da21 bge 0x1a6e + 1a2a: 4669 mov r1, sp + 1a2c: 4668 mov r0, sp + 1a2e: 8880 ldrh r0, [r0, #4] + 1a30: 3001 add r0, #1 + 1a32: 8088 strh r0, [r1, #4] + 1a34: 48ca ldr r0, =0x864 ; via 0x1d60 + 1a36: 7809 ldrb r1, [r1, #0] + 1a38: 0089 lsl r1, r1, #2 + 1a3a: 5840 ldr r0, [r0, r1] + 1a3c: 7940 ldrb r0, [r0, #5] + 1a3e: 4669 mov r1, sp + 1a40: 7048 strb r0, [r1, #1] + 1a42: 4668 mov r0, sp + 1a44: 7840 ldrb r0, [r0, #1] + 1a46: 0840 lsr r0, r0, #1 + 1a48: d30b bcc 0x1a62 + 1a4a: 49c5 ldr r1, =0x864 ; via 0x1d60 + 1a4c: 4668 mov r0, sp + 1a4e: 7800 ldrb r0, [r0, #0] + 1a50: 0080 lsl r0, r0, #2 + 1a52: 5808 ldr r0, [r1, r0] + 1a54: 7800 ldrb r0, [r0, #0] + 1a56: 0600 lsl r0, r0, #24 + 1a58: 0e00 lsr r0, r0, #24 + 1a5a: 4669 mov r1, sp + 1a5c: 7088 strb r0, [r1, #2] + 1a5e: 2000 mov r0, #0 + 1a60: 8088 strh r0, [r1, #4] + 1a62: 4668 mov r0, sp + 1a64: 8881 ldrh r1, [r0, #4] + 1a66: 20ff mov r0, #255 ; 0xff + 1a68: 30f5 add r0, #245 ; 0xf5 + 1a6a: 4281 cmp r1, r0 + 1a6c: dbdd blt 0x1a2a + 1a6e: b002 add sp, #8 + 1a70: 4770 bx lr + 1a72: b500 push {lr} + 1a74: b08c sub sp, #48 ; 0x30 + 1a76: 466a mov r2, sp + 1a78: 7111 strb r1, [r2, #4] + 1a7a: 9000 str r0, [sp, #0] + 1a7c: 2001 mov r0, #1 + 1a7e: 9002 str r0, [sp, #8] + 1a80: 9800 ldr r0, [sp, #0] + 1a82: a904 add r1, sp, #16 ; 0x10 + 1a84: aa03 add r2, sp, #12 ; 0xc + 1a86: f7ff fd75 bl 0x1574 + 1a8a: 4668 mov r0, sp + 1a8c: 8980 ldrh r0, [r0, #12] ; 0xc + 1a8e: 2820 cmp r0, #32 ; 0x20 + 1a90: dd02 ble 0x1a98 + 1a92: 2000 mov r0, #0 + 1a94: 9002 str r0, [sp, #8] + 1a96: e006 b 0x1aa6 + 1a98: a804 add r0, sp, #16 ; 0x10 + 1a9a: 4669 mov r1, sp + 1a9c: 8989 ldrh r1, [r1, #12] ; 0xc + 1a9e: 466a mov r2, sp + 1aa0: 7912 ldrb r2, [r2, #4] + 1aa2: f7ff ff86 bl 0x19b2 + 1aa6: 9802 ldr r0, [sp, #8] + 1aa8: b00c add sp, #48 ; 0x30 + 1aaa: bd00 pop {pc} + 1aac: ff19 + 1aae: 0083 lsl r3, r0, #2 + 1ab0: ff1a + 1ab2: 0083 lsl r3, r0, #2 + 1ab4: ff26 + 1ab6: 0083 lsl r3, r0, #2 + 1ab8: ff24 + 1aba: 0083 lsl r3, r0, #2 + 1abc: ff20 + 1abe: 0083 lsl r3, r0, #2 + 1ac0: ff1b + 1ac2: 0083 lsl r3, r0, #2 + 1ac4: ff18 + 1ac6: 0083 lsl r3, r0, #2 + 1ac8: b500 push {lr} + 1aca: b084 sub sp, #16 ; 0x10 + 1acc: 9101 str r1, [sp, #4] + 1ace: 9000 str r0, [sp, #0] + 1ad0: 4669 mov r1, sp + 1ad2: 20ff mov r0, #255 ; 0xff + 1ad4: 7308 strb r0, [r1, #12] ; 0xc + 1ad6: 2000 mov r0, #0 + 1ad8: 9002 str r0, [sp, #8] + 1ada: 4669 mov r1, sp + 1adc: 48a1 ldr r0, =0xffff5805 ; via 0x1d64 + 1ade: 7800 ldrb r0, [r0, #0] + 1ae0: 7348 strb r0, [r1, #13] ; 0xd + 1ae2: 48a1 ldr r0, =0xffff5005 ; via 0x1d68 + 1ae4: 7800 ldrb r0, [r0, #0] + 1ae6: 7388 strb r0, [r1, #14] ; 0xe + 1ae8: 4668 mov r0, sp + 1aea: 7b40 ldrb r0, [r0, #13] ; 0xd + 1aec: 0840 lsr r0, r0, #1 + 1aee: d206 bcs 0x1afe + 1af0: 4668 mov r0, sp + 1af2: 7b80 ldrb r0, [r0, #14] ; 0xe + 1af4: 0840 lsr r0, r0, #1 + 1af6: d202 bcs 0x1afe + 1af8: 9801 ldr r0, [sp, #4] + 1afa: 2800 cmp r0, #0 + 1afc: d0ed beq 0x1ada + 1afe: 4668 mov r0, sp + 1b00: 7b40 ldrb r0, [r0, #13] ; 0xd + 1b02: 0840 lsr r0, r0, #1 + 1b04: d316 bcc 0x1b34 + 1b06: 4669 mov r1, sp + 1b08: 2000 mov r0, #0 + 1b0a: 7308 strb r0, [r1, #12] ; 0xc + 1b0c: 4994 ldr r1, =0x864 ; via 0x1d60 + 1b0e: 4668 mov r0, sp + 1b10: 7b00 ldrb r0, [r0, #12] ; 0xc + 1b12: 0080 lsl r0, r0, #2 + 1b14: 5808 ldr r0, [r1, r0] + 1b16: 7800 ldrb r0, [r0, #0] + 1b18: 0600 lsl r0, r0, #24 + 1b1a: 0e00 lsr r0, r0, #24 + 1b1c: 4669 mov r1, sp + 1b1e: 73c8 strb r0, [r1, #15] ; 0xf + 1b20: 4668 mov r0, sp + 1b22: 7bc0 ldrb r0, [r0, #15] ; 0xf + 1b24: 9900 ldr r1, [sp, #0] + 1b26: f7ff fc9f bl 0x1468 + 1b2a: 9002 str r0, [sp, #8] + 1b2c: 9802 ldr r0, [sp, #8] + 1b2e: 2800 cmp r0, #0 + 1b30: d11c bne 0x1b6c + 1b32: e018 b 0x1b66 + 1b34: 4668 mov r0, sp + 1b36: 7b80 ldrb r0, [r0, #14] ; 0xe + 1b38: 0840 lsr r0, r0, #1 + 1b3a: d317 bcc 0x1b6c + 1b3c: 4669 mov r1, sp + 1b3e: 2001 mov r0, #1 + 1b40: 7308 strb r0, [r1, #12] ; 0xc + 1b42: 4987 ldr r1, =0x864 ; via 0x1d60 + 1b44: 4668 mov r0, sp + 1b46: 7b00 ldrb r0, [r0, #12] ; 0xc + 1b48: 0080 lsl r0, r0, #2 + 1b4a: 5808 ldr r0, [r1, r0] + 1b4c: 7800 ldrb r0, [r0, #0] + 1b4e: 0600 lsl r0, r0, #24 + 1b50: 0e01 lsr r1, r0, #24 + 1b52: 4668 mov r0, sp + 1b54: 73c1 strb r1, [r0, #15] ; 0xf + 1b56: 7bc0 ldrb r0, [r0, #15] ; 0xf + 1b58: 9900 ldr r1, [sp, #0] + 1b5a: f7ff fc85 bl 0x1468 + 1b5e: 9002 str r0, [sp, #8] + 1b60: 9802 ldr r0, [sp, #8] + 1b62: 2800 cmp r0, #0 + 1b64: d102 bne 0x1b6c + 1b66: 20ff mov r0, #255 ; 0xff + 1b68: 4669 mov r1, sp + 1b6a: 7308 strb r0, [r1, #12] ; 0xc + 1b6c: 9802 ldr r0, [sp, #8] + 1b6e: 2800 cmp r0, #0 + 1b70: d102 bne 0x1b78 + 1b72: 9801 ldr r0, [sp, #4] + 1b74: 2800 cmp r0, #0 + 1b76: d0b0 beq 0x1ada + 1b78: 4668 mov r0, sp + 1b7a: 7b00 ldrb r0, [r0, #12] ; 0xc + 1b7c: b004 add sp, #16 ; 0x10 + 1b7e: bd00 pop {pc} + 1b80: ff1c + 1b82: 0083 lsl r3, r0, #2 + 1b84: 0830 lsr r0, r6, #32 + 1b86: 0000 lsl r0, r0, #0 + 1b88: 084c lsr r4, r1, #1 + 1b8a: 0000 lsl r0, r0, #0 + 1b8c: b500 push {lr} + 1b8e: b086 sub sp, #24 ; 0x18 + 1b90: 466b mov r3, sp + 1b92: 721a strb r2, [r3, #8] + 1b94: 9101 str r1, [sp, #4] + 1b96: 9000 str r0, [sp, #0] + 1b98: 2001 mov r0, #1 + 1b9a: 9004 str r0, [sp, #16] ; 0x10 + 1b9c: 9804 ldr r0, [sp, #16] ; 0x10 + 1b9e: 2800 cmp r0, #0 + 1ba0: d05b beq 0x1c5a + 1ba2: 496f ldr r1, =0x864 ; via 0x1d60 + 1ba4: 4668 mov r0, sp + 1ba6: 7a00 ldrb r0, [r0, #8] + 1ba8: 0080 lsl r0, r0, #2 + 1baa: 5808 ldr r0, [r1, r0] + 1bac: 7941 ldrb r1, [r0, #5] + 1bae: 4668 mov r0, sp + 1bb0: 7301 strb r1, [r0, #12] ; 0xc + 1bb2: 7b00 ldrb r0, [r0, #12] ; 0xc + 1bb4: 0840 lsr r0, r0, #1 + 1bb6: d3f4 bcc 0x1ba2 + 1bb8: 4969 ldr r1, =0x864 ; via 0x1d60 + 1bba: 4668 mov r0, sp + 1bbc: 7a00 ldrb r0, [r0, #8] + 1bbe: 0080 lsl r0, r0, #2 + 1bc0: 5808 ldr r0, [r1, r0] + 1bc2: 7800 ldrb r0, [r0, #0] + 1bc4: 0600 lsl r0, r0, #24 + 1bc6: 0e01 lsr r1, r0, #24 + 1bc8: 4668 mov r0, sp + 1bca: 7341 strb r1, [r0, #13] ; 0xd + 1bcc: e02c b 0x1c28 + 1bce: 4668 mov r0, sp + 1bd0: 7b40 ldrb r0, [r0, #13] ; 0xd + 1bd2: a905 add r1, sp, #20 ; 0x14 + 1bd4: 9a00 ldr r2, [sp, #0] + 1bd6: 9b01 ldr r3, [sp, #4] + 1bd8: f7ff fd8c bl 0x16f4 + 1bdc: 9004 str r0, [sp, #16] ; 0x10 + 1bde: e039 b 0x1c54 + 1be0: 4668 mov r0, sp + 1be2: 7b40 ldrb r0, [r0, #13] ; 0xd + 1be4: a905 add r1, sp, #20 ; 0x14 + 1be6: f7ff fdc2 bl 0x176e + 1bea: e7f7 b 0x1bdc + 1bec: 4668 mov r0, sp + 1bee: 7b40 ldrb r0, [r0, #13] ; 0xd + 1bf0: a905 add r1, sp, #20 ; 0x14 + 1bf2: f7ff fe12 bl 0x181a + 1bf6: e7f1 b 0x1bdc + 1bf8: 4668 mov r0, sp + 1bfa: 7b40 ldrb r0, [r0, #13] ; 0xd + 1bfc: a905 add r1, sp, #20 ; 0x14 + 1bfe: f7ff fe34 bl 0x186a + 1c02: e7eb b 0x1bdc + 1c04: 4668 mov r0, sp + 1c06: 7b40 ldrb r0, [r0, #13] ; 0xd + 1c08: f7ff fe5e bl 0x18c8 + 1c0c: e022 b 0x1c54 + 1c0e: 4668 mov r0, sp + 1c10: 7b40 ldrb r0, [r0, #13] ; 0xd + 1c12: a905 add r1, sp, #20 ; 0x14 + 1c14: 9a00 ldr r2, [sp, #0] + 1c16: f7ff fe6d bl 0x18f4 + 1c1a: e7df b 0x1bdc + 1c1c: 4668 mov r0, sp + 1c1e: 7b40 ldrb r0, [r0, #13] ; 0xd + 1c20: a905 add r1, sp, #20 ; 0x14 + 1c22: f7ff feab bl 0x197c + 1c26: e7d9 b 0x1bdc + 1c28: 4850 ldr r0, =0x83ff20 ; via 0x1d6c + 1c2a: 6800 ldr r0, [r0, #0] + 1c2c: 2800 cmp r0, #0 + 1c2e: d0ce beq 0x1bce + 1c30: 3801 sub r0, #1 + 1c32: 2800 cmp r0, #0 + 1c34: d0d4 beq 0x1be0 + 1c36: 3801 sub r0, #1 + 1c38: 2800 cmp r0, #0 + 1c3a: d0d7 beq 0x1bec + 1c3c: 3801 sub r0, #1 + 1c3e: 2800 cmp r0, #0 + 1c40: d0da beq 0x1bf8 + 1c42: 3801 sub r0, #1 + 1c44: 2800 cmp r0, #0 + 1c46: d0dd beq 0x1c04 + 1c48: 3801 sub r0, #1 + 1c4a: 2800 cmp r0, #0 + 1c4c: d0df beq 0x1c0e + 1c4e: 3801 sub r0, #1 + 1c50: 2800 cmp r0, #0 + 1c52: d0e3 beq 0x1c1c + 1c54: 9804 ldr r0, [sp, #16] ; 0x10 + 1c56: 2800 cmp r0, #0 + 1c58: d1a3 bne 0x1ba2 + 1c5a: 9805 ldr r0, [sp, #20] ; 0x14 + 1c5c: b006 add sp, #24 ; 0x18 + 1c5e: bd00 pop {pc} + 1c60: 4942 ldr r1, =0x83ff20 ; via 0x1d6c + 1c62: 2001 mov r0, #1 + 1c64: 6008 str r0, [r1, #0] + 1c66: 4842 ldr r0, =0x83ff1b ; via 0x1d70 + 1c68: 2100 mov r1, #0 + 1c6a: 7001 strb r1, [r0, #0] + 1c6c: 4841 ldr r0, =0x83ff18 ; via 0x1d74 + 1c6e: 7001 strb r1, [r0, #0] + 1c70: 4770 bx lr + 1c72: 46c0 nop (mov r8, r8) + 1c74: ff14 + 1c76: 0083 lsl r3, r0, #2 + 1c78: b081 sub sp, #4 + 1c7a: 483f ldr r0, =0xffff5800 ; via 0x1d78 + 1c7c: 9000 str r0, [sp, #0] + 1c7e: 493f ldr r1, =0xffff6000 ; via 0x1d7c + 1c80: 2002 mov r0, #2 + 1c82: 880a ldrh r2, [r1, #0] + 1c84: 4310 orr r0, r2 + 1c86: 8008 strh r0, [r1, #0] + 1c88: 483c ldr r0, =0xffff6000 ; via 0x1d7c + 1c8a: 8801 ldrh r1, [r0, #0] + 1c8c: 0849 lsr r1, r1, #1 + 1c8e: 0049 lsl r1, r1, #1 + 1c90: 8001 strh r1, [r0, #0] + 1c92: 493a ldr r1, =0xffff6000 ; via 0x1d7c + 1c94: 8808 ldrh r0, [r1, #0] + 1c96: 2202 mov r2, #2 + 1c98: 4390 bic r0, r2 + 1c9a: 8008 strh r0, [r1, #0] + 1c9c: 9900 ldr r1, [sp, #0] + 1c9e: 2007 mov r0, #7 + 1ca0: 7208 strb r0, [r1, #8] + 1ca2: 9900 ldr r1, [sp, #0] + 1ca4: 20bf mov r0, #191 ; 0xbf + 1ca6: 70c8 strb r0, [r1, #3] + 1ca8: 9800 ldr r0, [sp, #0] + 1caa: 1c81 add r1, r0, #2 + 1cac: 2010 mov r0, #16 ; 0x10 + 1cae: 880a ldrh r2, [r1, #0] + 1cb0: 4310 orr r0, r2 + 1cb2: 8008 strh r0, [r1, #0] + 1cb4: 9800 ldr r0, [sp, #0] + 1cb6: 2180 mov r1, #128 ; 0x80 + 1cb8: 70c1 strb r1, [r0, #3] + 1cba: 9800 ldr r0, [sp, #0] + 1cbc: 2107 mov r1, #7 + 1cbe: 7081 strb r1, [r0, #2] + 1cc0: 9800 ldr r0, [sp, #0] + 1cc2: 21bf mov r1, #191 ; 0xbf + 1cc4: 70c1 strb r1, [r0, #3] + 1cc6: 9800 ldr r0, [sp, #0] + 1cc8: 2107 mov r1, #7 + 1cca: 7001 strb r1, [r0, #0] + 1ccc: 9800 ldr r0, [sp, #0] + 1cce: 2100 mov r1, #0 + 1cd0: 7041 strb r1, [r0, #1] + 1cd2: 9800 ldr r0, [sp, #0] + 1cd4: 2103 mov r1, #3 + 1cd6: 70c1 strb r1, [r0, #3] + 1cd8: 9800 ldr r0, [sp, #0] + 1cda: 2100 mov r1, #0 + 1cdc: 7201 strb r1, [r0, #8] + 1cde: 4828 ldr r0, =0xffff5000 ; via 0x1d80 + 1ce0: 9000 str r0, [sp, #0] + 1ce2: 9800 ldr r0, [sp, #0] + 1ce4: 2107 mov r1, #7 + 1ce6: 7201 strb r1, [r0, #8] + 1ce8: 9900 ldr r1, [sp, #0] + 1cea: 20bf mov r0, #191 ; 0xbf + 1cec: 70c8 strb r0, [r1, #3] + 1cee: 9800 ldr r0, [sp, #0] + 1cf0: 1c80 add r0, r0, #2 + 1cf2: 2110 mov r1, #16 ; 0x10 + 1cf4: 8802 ldrh r2, [r0, #0] + 1cf6: 4311 orr r1, r2 + 1cf8: 8001 strh r1, [r0, #0] + 1cfa: 9800 ldr r0, [sp, #0] + 1cfc: 2180 mov r1, #128 ; 0x80 + 1cfe: 70c1 strb r1, [r0, #3] + 1d00: 9800 ldr r0, [sp, #0] + 1d02: 2107 mov r1, #7 + 1d04: 7081 strb r1, [r0, #2] + 1d06: 9800 ldr r0, [sp, #0] + 1d08: 21bf mov r1, #191 ; 0xbf + 1d0a: 70c1 strb r1, [r0, #3] + 1d0c: 9800 ldr r0, [sp, #0] + 1d0e: 2107 mov r1, #7 + 1d10: 7001 strb r1, [r0, #0] + 1d12: 9800 ldr r0, [sp, #0] + 1d14: 2100 mov r1, #0 + 1d16: 7041 strb r1, [r0, #1] + 1d18: 9900 ldr r1, [sp, #0] + 1d1a: 2003 mov r0, #3 + 1d1c: 70c8 strb r0, [r1, #3] + 1d1e: 9800 ldr r0, [sp, #0] + 1d20: 2100 mov r1, #0 + 1d22: 7201 strb r1, [r0, #8] + 1d24: b001 add sp, #4 + 1d26: 4770 bx lr + 1d28: b081 sub sp, #4 + 1d2a: 4669 mov r1, sp + 1d2c: 7008 strb r0, [r1, #0] + 1d2e: 490c ldr r1, =0x864 ; via 0x1d60 + 1d30: 4668 mov r0, sp + 1d32: 7800 ldrb r0, [r0, #0] + 1d34: 0080 lsl r0, r0, #2 + 1d36: 5808 ldr r0, [r1, r0] + 1d38: 7941 ldrb r1, [r0, #5] + 1d3a: 4668 mov r0, sp + 1d3c: 7041 strb r1, [r0, #1] + 1d3e: 7840 ldrb r0, [r0, #1] + 1d40: 09c0 lsr r0, r0, #7 + 1d42: d20b bcs 0x1d5c + 1d44: 4806 ldr r0, =0x864 ; via 0x1d60 + 1d46: 4669 mov r1, sp + 1d48: 7809 ldrb r1, [r1, #0] + 1d4a: 0089 lsl r1, r1, #2 + 1d4c: 5840 ldr r0, [r0, r1] + 1d4e: 7940 ldrb r0, [r0, #5] + 1d50: 4669 mov r1, sp + 1d52: 7048 strb r0, [r1, #1] + 1d54: 4668 mov r0, sp + 1d56: 7840 ldrb r0, [r0, #1] + 1d58: 09c0 lsr r0, r0, #7 + 1d5a: d3f3 bcc 0x1d44 + 1d5c: b001 add sp, #4 + 1d5e: 4770 bx lr + 1d60: 0864 lsr r4, r4, #1 + 1d62: 0000 lsl r0, r0, #0 + 1d64: 5805 ldr r5, [r0, r0] + 1d66: ffff + 1d68: 5005 str r5, [r0, r0] + 1d6a: ffff + 1d6c: ff20 + 1d6e: 0083 lsl r3, r0, #2 + 1d70: ff1b + 1d72: 0083 lsl r3, r0, #2 + 1d74: ff18 + 1d76: 0083 lsl r3, r0, #2 + 1d78: 5800 ldr r0, [r0, r0] + 1d7a: ffff + 1d7c: 6000 str r0, [r0, #0] + 1d7e: ffff + 1d80: 5000 str r0, [r0, r0] + 1d82: ffff + 1d84: b500 push {lr} + 1d86: b087 sub sp, #28 ; 0x1c + 1d88: 466b mov r3, sp + 1d8a: 721a strb r2, [r3, #8] + 1d8c: 9101 str r1, [sp, #4] + 1d8e: 9000 str r0, [sp, #0] + 1d90: 9900 ldr r1, [sp, #0] + 1d92: 2000 mov r0, #0 + 1d94: 8008 strh r0, [r1, #0] + 1d96: 9801 ldr r0, [sp, #4] + 1d98: 2100 mov r1, #0 + 1d9a: 8001 strh r1, [r0, #0] + 1d9c: 2000 mov r0, #0 + 1d9e: 9003 str r0, [sp, #12] ; 0xc + 1da0: f7ff ff5e bl 0x1c60 + 1da4: a805 add r0, sp, #20 ; 0x14 + 1da6: a906 add r1, sp, #24 ; 0x18 + 1da8: 466a mov r2, sp + 1daa: 7a12 ldrb r2, [r2, #8] + 1dac: f7ff feee bl 0x1b8c + 1db0: 9004 str r0, [sp, #16] ; 0x10 + 1db2: 9804 ldr r0, [sp, #16] ; 0x10 + 1db4: 2800 cmp r0, #0 + 1db6: d11f bne 0x1df8 + 1db8: 9803 ldr r0, [sp, #12] ; 0xc + 1dba: 2800 cmp r0, #0 + 1dbc: d11c bne 0x1df8 + 1dbe: 9800 ldr r0, [sp, #0] + 1dc0: 4669 mov r1, sp + 1dc2: 8b0a ldrh r2, [r1, #24] ; 0x18 + 1dc4: 8801 ldrh r1, [r0, #0] + 1dc6: 1851 add r1, r2, r1 + 1dc8: 8001 strh r1, [r0, #0] + 1dca: 9905 ldr r1, [sp, #20] ; 0x14 + 1dcc: 4668 mov r0, sp + 1dce: 8b00 ldrh r0, [r0, #24] ; 0x18 + 1dd0: 8008 strh r0, [r1, #0] + 1dd2: 9801 ldr r0, [sp, #4] + 1dd4: 9905 ldr r1, [sp, #20] ; 0x14 + 1dd6: 8809 ldrh r1, [r1, #0] + 1dd8: 8802 ldrh r2, [r0, #0] + 1dda: 1889 add r1, r1, r2 + 1ddc: 8001 strh r1, [r0, #0] + 1dde: a805 add r0, sp, #20 ; 0x14 + 1de0: a906 add r1, sp, #24 ; 0x18 + 1de2: 466a mov r2, sp + 1de4: 7a12 ldrb r2, [r2, #8] + 1de6: f7ff fed1 bl 0x1b8c + 1dea: 9004 str r0, [sp, #16] ; 0x10 + 1dec: 9804 ldr r0, [sp, #16] ; 0x10 + 1dee: 2800 cmp r0, #0 + 1df0: d102 bne 0x1df8 + 1df2: 9803 ldr r0, [sp, #12] ; 0xc + 1df4: 2800 cmp r0, #0 + 1df6: d0e2 beq 0x1dbe + 1df8: 9804 ldr r0, [sp, #16] ; 0x10 + 1dfa: 2801 cmp r0, #1 + 1dfc: d101 bne 0x1e02 + 1dfe: 2004 mov r0, #4 + 1e00: 9003 str r0, [sp, #12] ; 0xc + 1e02: 9803 ldr r0, [sp, #12] ; 0xc + 1e04: b007 add sp, #28 ; 0x1c + 1e06: bd00 pop {pc} + 1e08: b089 sub sp, #36 ; 0x24 + 1e0a: 201a mov r0, #26 ; 0x1a + 1e0c: 9005 str r0, [sp, #20] ; 0x14 + 1e0e: 2018 mov r0, #24 ; 0x18 + 1e10: 9006 str r0, [sp, #24] ; 0x18 + 1e12: 2000 mov r0, #0 + 1e14: 9008 str r0, [sp, #32] ; 0x20 + 1e16: 4669 mov r1, sp + 1e18: 9805 ldr r0, [sp, #20] ; 0x14 + 1e1a: 8800 ldrh r0, [r0, #0] + 1e1c: 8008 strh r0, [r1, #0] + 1e1e: 9806 ldr r0, [sp, #24] ; 0x18 + 1e20: 8800 ldrh r0, [r0, #0] + 1e22: 8048 strh r0, [r1, #2] + 1e24: 4668 mov r0, sp + 1e26: 8841 ldrh r1, [r0, #2] + 1e28: 8800 ldrh r0, [r0, #0] + 1e2a: 0400 lsl r0, r0, #16 + 1e2c: 1808 add r0, r1, r0 + 1e2e: 9001 str r0, [sp, #4] + 1e30: 9801 ldr r0, [sp, #4] + 1e32: 0200 lsl r0, r0, #8 + 1e34: 0a00 lsr r0, r0, #8 + 1e36: 0080 lsl r0, r0, #2 + 1e38: 3008 add r0, #8 + 1e3a: 9007 str r0, [sp, #28] ; 0x1c + 1e3c: 9807 ldr r0, [sp, #28] ; 0x1c + 1e3e: 3018 add r0, #24 ; 0x18 + 1e40: 9002 str r0, [sp, #8] + 1e42: 9802 ldr r0, [sp, #8] + 1e44: 9004 str r0, [sp, #16] ; 0x10 + 1e46: 9802 ldr r0, [sp, #8] + 1e48: 3002 add r0, #2 + 1e4a: 9003 str r0, [sp, #12] ; 0xc + 1e4c: 9803 ldr r0, [sp, #12] ; 0xc + 1e4e: 8801 ldrh r1, [r0, #0] + 1e50: 4806 ldr r0, =0xffff ; via 0x1e6c + 1e52: 4281 cmp r1, r0 + 1e54: d104 bne 0x1e60 + 1e56: 9804 ldr r0, [sp, #16] ; 0x10 + 1e58: 8800 ldrh r0, [r0, #0] + 1e5a: 4904 ldr r1, =0xffff ; via 0x1e6c + 1e5c: 4288 cmp r0, r1 + 1e5e: d001 beq 0x1e64 + 1e60: 2001 mov r0, #1 + 1e62: 9008 str r0, [sp, #32] ; 0x20 + 1e64: 9808 ldr r0, [sp, #32] ; 0x20 + 1e66: b009 add sp, #36 ; 0x24 + 1e68: 4770 bx lr + 1e6a: 46c0 nop (mov r8, r8) + + 1e6c: 0000ffff + +; ARM->Thumb call veneer around 0xad2 routine + 1e70: e92d4000 stmdb sp!, {lr} + 1e74: e28fe001 add lr, pc, #1 + 1e78: e12fff1e bx lr + 1e7c: f7fe fe29 bl 0xad2 + 1e80: 4778 bx pc + 1e82: 46c0 nop (mov r8, r8) + 1e84: e8bd8000 ldmia sp!, {pc} + +<1E88-1EFF: all FFs> + + 1f00: 00000001 + +<1F04-end: all FFs>