This has the decompressed part of boot as the StartAddr and is a bit crude. I've been playing with mips code for another type of box and have some other routines to find unicode strings, to find data refs in the data section that point to the code section but did not use them for the 702 code. The jump table routine is not used either--that is a hold over from a previous mips disassembly.
#include "IDC.IDC"
static main(void)
{
auto StartAddr, EndAddr;
StartAddr=0x80400000;
EndAddr = 0x8049b530;
if(!(EndAddr==BADADDR))
{
//MakeRptCmt(EndAddr,"EndAddr string");
find_addiu(StartAddr,EndAddr);
//find_jtable(StartAddr,EndAddr);
MakeStrings(StartAddr,EndAddr);
}
}
static find_addiu(StartAddr,EndAddr)
{
auto temp1, t0,t1;
temp1=StartAddr;
while(temp1<EndAddr-3)
{
t0 = Dword(temp1);
t0 = t0 & 0xFFFFFC00;
if((temp1>StartAddr)&&(temp1<EndAddr)&&(t0==0x27BDFC00))
{
MakeCode(temp1);
Wait();
}
temp1=temp1+4;
}
}
static find_jtable(StartAddr,EndAddr)
{
auto temp1, t0,t1,t,t2;
temp1=StartAddr+4;
t=0;
while(temp1<EndAddr-3)
{
t0=Dword(temp1-4);
t1=Dword(temp1);
t2=Dword(temp1+4);
if ((temp1>StartAddr)&&(temp1<EndAddr)&&(t1==0x00200008)&&(t0==0)&&(t2==0)&&(Byte(temp1+8)==0x80))
{
if(t==0){temp1=temp1+8;}
t=1;
while(Byte(temp1)==0x80)
{
t1=Dword(temp1);
MakeCode(t1);
Wait();
temp1=temp1+4;
}
}
if (t==1){MakeCode(temp1);}
t=0;
temp1=temp1+4;
}
}
static isPrint(c)
{
return ((c >= ' ' && c < 0x7F) || c == 0x0a || c == 0x09);
}
static MakeStrings(StartAddr,EndAddr)
{
auto ea, endea, startea;
Message("Searching for strings...\n");
SetLongPrm(INF_STRTYPE, ASCSTR_TERMCHR);
ea = EndAddr; //MinEA();;
endea = MaxEA();;
while (ea < endea && ea != BADADDR) {
ea = FindUnexplored(ea, SEARCH_DOWN);
// data aligned on 32bit boundary
if ((ea & 3) == 0) {
if (isPrint(Byte(ea))) {
startea = ea;
while (ea != BADADDR && isPrint(Byte(ea)))
ea++;
if (Byte(ea) == 0x0 && ea - startea > 3)
MakeStr(startea, ea + 1);
}
}
}
Message("Finished searching for strings.\n");
}