1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
.text
.global TextWriterCrap
.extern TextWriterCrapContinue
TextWriterCrap:
lis r6, 0xFFFF
ori r6, r6, 0xFF00
lwz r0, 8(r5)
or r0, r0, r6
stw r0, 0x18(r1)
lwz r0, 0xC(r5)
or r0, r0, r6
stw r0, 0x1C(r1)
lwz r0, 0x10(r5)
or r0, r0, r6
stw r0, 0x20(r1)
lwz r0, 0x14(r5)
or r0, r0, r6
stw r0, 0x24(r1)
b TextWriterCrapContinue
.global HeapChangeAttempt
HeapChangeAttempt:
lis 4, 0x8037
ori 4, 4, 0x7F50
lwz 4, 0(4)
blr
.extern OSReport
.global UniversalFunctionLog
UniversalFunctionLog:
stwu r1, -0x10(r1)
stw r0, 0x14(r1)
stw r31, 0xC(r1)
stw r30, 0x8(r1)
mr r31, r3
mr r30, r4
crclr 4*cr1+eq
mr r4, r31
#Loop through callstack, kind of
lwz r3, 0(r1)
lwz r5, 4(r3)
lwz r3, 0(r3)
lwz r6, 4(r3)
lwz r3, 0(r3)
lwz r7, 4(r3)
lwz r3, 0(r3)
lwz r8, 4(r3)
lwz r3, 0(r3)
lwz r9, 4(r3)
lwz r3, 0(r3)
lwz r10, 4(r3)
#lwz r10, 0x14(r29)
lis r3, UniLogStr@h
ori r3, r3, UniLogStr@l
bl OSReport
mr r3, r31
mr r4, r30
lwz r30, 0x8(r1)
lwz r31, 0xC(r1)
lwz r0, 0x14(r1)
mtlr r0
addi r1, r1, 0x10
blr
.data
UniLogStr: .string "[ULog] returning %8x to: %x > %x > %x > %x > %x > %x\n"
|