Skip to content

Commit

Permalink
Hitting a write to NULL+0x4
Browse files Browse the repository at this point in the history
  • Loading branch information
@google0101-ryan
google0101-ryan committed Jan 11, 2024
1 parent 502501b commit 1e28726
Show file tree
Hide file tree
Showing 12 changed files with 1,376 additions and 34 deletions.
3 changes: 2 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
build
.vscode
.vscode
test
184 changes: 180 additions & 4 deletions src/cpu/CPU.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,16 @@ CPUThread::CPUThread(uint32_t entryPoint, uint32_t stackSize, XexLoader& ref)

uint32_t pcrAddress = Memory::VirtAllocMemoryRange(0xE0000000, 0xFFD00000, 0x2D8);
Memory::AllocMemory(pcrAddress, 0x2D8);
state.pcr_address = pcrAddress;

uint32_t tlsAddr = Memory::VirtAllocMemoryRange(0xE0000000, 0xFFD00000, 4096);
Memory::AllocMemory(tlsAddr, 4096);
state.tls_addr = Memory::VirtAllocMemoryRange(0xE0000000, 0xFFD00000, 4096);
Memory::AllocMemory(state.tls_addr, 4096);
state.tls_lowest_alloced = 0x80;

uint32_t xthreadAddr = Memory::VirtAllocMemoryRange(0xE0000000, 0xFFD00000, 4096);
Memory::AllocMemory(xthreadAddr, 4096);

Memory::Write32(pcrAddress+0x00, tlsAddr);
Memory::Write32(pcrAddress+0x00, state.tls_addr);
Memory::Write32(pcrAddress+0x100, xthreadAddr);

printf("Stack base is 0x%08x\n", stackBase);
Expand All @@ -51,6 +53,38 @@ void CPUThread::Run()
{
twi(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && ((instr >> 4) & 0x7F) == 12 && (instr & 3) == 3)
{
lvx128(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && ((instr >> 4) & 0x7F) == 28 && (instr & 3) == 3)
{
stvx128(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && (instr & 0x7FF) == 260)
{
vslb(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && (instr & 0x7FF) == 524)
{
vspltb(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && (instr & 0x7FF) == 780)
{
vspltisb(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && (instr & 0x7FF) == 844)
{
vspltish(instr);
}
else if (((instr >> 26) & 0x3F) == 4 && (instr & 0x7FF) == 1156)
{
vor(instr);
}
else if (((instr >> 26) & 0x3F) == 6 && ((instr >> 4) & 0x7F) == 119)
{
vspltisw128(instr);
}
else if (((instr >> 26) & 0x3F) == 7)
{
mulli(instr);
Expand All @@ -71,6 +105,10 @@ void CPUThread::Run()
{
addic(instr);
}
else if (((instr >> 26) & 0x3F) == 13)
{
addicx(instr);
}
else if (((instr >> 26) & 0x3F) == 14)
{
addi(instr);
Expand All @@ -95,6 +133,10 @@ void CPUThread::Run()
{
bclr(instr);
}
else if (((instr >> 26) & 0x3F) == 19 && ((instr >> 1) & 0x3FF) == 528)
{
bctr(instr);
}
else if (((instr >> 26) & 0x3F) == 20)
{
rlwimi(instr);
Expand All @@ -115,10 +157,26 @@ void CPUThread::Run()
{
andi(instr);
}
else if (((instr >> 26) & 0x3F) == 29)
{
andis(instr);
}
else if (((instr >> 26) & 0x3F) == 30 && ((instr >> 2) & 0x7) == 0)
{
rldicl(instr);
}
else if (((instr >> 26) & 0x3F) == 30 && ((instr >> 2) & 0x7) == 1)
{
rldicr(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 0)
{
cmp(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 6)
{
lvsl(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 8)
{
subfc(instr);
Expand All @@ -131,6 +189,18 @@ void CPUThread::Run()
{
lwzx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 24)
{
slw(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 26)
{
cntlzw(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 27)
{
sld(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 28)
{
and_(instr);
Expand All @@ -151,10 +221,26 @@ void CPUThread::Run()
{
mfmsr(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 87)
{
lbzx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 104)
{
neg(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 124)
{
nor(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 136)
{
subfe(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 149)
{
stdx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 150)
{
stwcx(instr);
Expand Down Expand Up @@ -191,6 +277,10 @@ void CPUThread::Run()
{
dcbt(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 316)
{
xor_(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 339)
{
mfspr(instr);
Expand All @@ -199,6 +289,10 @@ void CPUThread::Run()
{
mftb(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 407)
{
sthx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 444)
{
or_(instr);
Expand All @@ -211,18 +305,50 @@ void CPUThread::Run()
{
mtspr(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 489)
{
divd(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 598)
{
printf("sync 1\n");
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 647)
{
stvlx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 662)
{
stwbrx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 679)
{
stvrx(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 824)
{
srawi(instr);
}
else if (((instr >> 26) & 0x3F) == 31 && ((instr >> 1) & 0x3FF) == 1014)
{
dcbz(instr);
}
else if (((instr >> 26) & 0x3F) == 32)
{
lwz(instr);
}
else if (((instr >> 26) & 0x3F) == 33)
{
lwzu(instr);
}
else if (((instr >> 26) & 0x3F) == 34)
{
lbz(instr);
}
else if (((instr >> 26) & 0x3F) == 35)
{
lbzu(instr);
}
else if (((instr >> 26) & 0x3F) == 36)
{
stw(instr);
Expand All @@ -235,6 +361,10 @@ void CPUThread::Run()
{
stb(instr);
}
else if (((instr >> 26) & 0x3F) == 39)
{
stbu(instr);
}
else if (((instr >> 26) & 0x3F) == 40)
{
lhz(instr);
Expand All @@ -247,18 +377,62 @@ void CPUThread::Run()
{
lfs(instr);
}
else if (((instr >> 26) & 0x3F) == 50)
{
lfd(instr);
}
else if (((instr >> 26) & 0x3F) == 52)
{
stfs(instr);
}
else if (((instr >> 26) & 0x3F) == 54)
{
stfd(instr);
}
else if (((instr >> 26) & 0x3F) == 58)
{
ld(instr);
}
else if (((instr >> 26) & 0x3F) == 59 && ((instr >> 1) & 0x1F) == 22)
{
fsqrt(instr);
}
else if (((instr >> 26) & 0x3F) == 59 && ((instr >> 1) & 0x1F) == 25)
{
fmuls(instr);
}
else if (((instr >> 26) & 0x3F) == 62)
{
std(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 0)
{
fcmpu(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 12)
{
frsp(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 18)
{
fdiv(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 22)
{
fsqrt(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 25)
{
fmul(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 814)
{
fctid(instr);
}
else if (((instr >> 26) & 0x3F) == 63 && ((instr >> 1) & 0x3FF) == 846)
{
fcfid(instr);
}
else
{
printf("Failed to execute instruction: 0x%08x\n", instr);
Expand All @@ -271,7 +445,9 @@ void CPUThread::Dump()
for (int i = 0; i < 32; i++)
printf("r%d\t->\t0x%08lx\n", i, state.regs[i]);
for (int i = 0; i < 32; i++)
printf("fr%d\t->\t%0.2f\n", i, state.fr[i].f);
printf("fr%d\t->\t%f\n", i, state.fr[i].d);
for (int i = 0; i < 128; i++)
printf("v%d\t->\t0x%016lx%016lx\n", i, state.vfr[i].u64[1], state.vfr[i].u64[0]);
for (int i = 0; i < 7; i++)
printf("cr%d\t->\t%d\n", i, state.GetCR(i));
printf("[%s]\n", state.xer.ca ? "c" : ".");
Expand Down
Loading

0 comments on commit 1e28726

Please sign in to comment.