[CDG5] MPW code mysteries

Max Poliakovski maximumspatium at googlemail.com
Fri Dec 28 12:48:57 AWST 2018 

I finally figured out how to do that without defining TVector:

gCIPtr = ciPtr;
((unsigned long *)&gCIPtr)[1] = 0xdeadbeefUL;

Daniel & Elliot, thank you for your suggestions!


Am Fr., 28. Dez. 2018 um 05:45 Uhr schrieb Elliot Nunn <
elliotnunn at fastmail.com>:

> Yes, my mistake. You want to change the TOC ptr, not the code ptr.
>
> > On 28 Dec 2018, at 12:07 pm, Max Poliakovski <
> maximumspatium at googlemail.com> wrote:
> >
> > Interesting suggestion. Many thanks!
> >
> > Do you surely mean
> >
> > (*(unsigned long **)funcPtr)[1] = 0xdeadbeefUL;
> >
> > ?
> >
> > Am Fr., 28. Dez. 2018 um 05:03 Uhr schrieb Elliot Nunn <
> elliotnunn at fastmail.com>:
> > I have to re-learn the AIX-style ABI every time I touch it, so bear with
> > me.
> >
> > Apple's docs reveal the implementation detail that every C function
> > pointer is actually a pointer to a TVector.
> >
> > (For those following along, a Transition Vector is an 8-byte structure
> > consisting of a true code pointer and a pointer to the "Table of
> > Contents" for that code. The TOC is analogous to an old-style 68k A5
> > world, except that a called function can assume that r2 already points
> > to the TOC on entry. Therefore functions that call outside their own
> > code fragment must do so through glue code that sets r2 to the callee's
> > TOC, and each such bl instruction must be followed by an instruction to
> > restore r2 to sanity.)
> >
> > So I'd just cast the function ptr to a TVector pointer and modify it
> > that way:
> >
> > (*(unsigned long **)funcPtr)[0] = 0xdeadbeefUL;
> >
> > > On 28 Dec 2018, at 11:15 am, Max Poliakovski <
> maximumspatium at googlemail.com> wrote:
> > >
> > > Fellow hackers,
> > >
> > > I'm currently trying to get MPW 3.5 (from EMPW) to generate code
> closely resembling the original Trampoline.
> > >
> > > While doing so, I immediately stumbled across two issues I cannot
> resolve. I must admit that my MPW skills are limited. I therefore hope to
> get some help from you.
> > >
> > > 1) Trampoline's startup code initializes the RTOC as follows:
> > >
> > >     mflr r11
> > >     bl setup_rtoc
> > >     DC.L 0x1001E8
> > > setup_rtoc:
> > >     mflr RTOC
> > >     lwz RTOC, 0(RTOC)
> > >
> > > The word in the 3rd line contains the base address of TOC. The value
> shown above is from Apple's binary. I replaced it with DC.L TOC[TC0] to
> make PPCAsm/PPCLink to stuff the correct value there. That unfortunately
> doesn't work. PPCAsm says:
> > >
> > > ### Warning 3171 ### Treating 'TOC[TC0]' as a csect relative offset.
> Make sure to add it to its csect's TOC entry.
> > >
> > > I don't understand this message. What do I need to put there in order
> to get the base address of TOC placed there?
> > >
> > > 2) Trampoline's main() initializes the pointer to OF client interface
> right at the beginning. The code of interest looks like that:
> > >
> > > lwz r9, CIPtr_TC(RTOC)
> > > lisori r3, 0xdeadbeef
> > > stw r5, 0(r9)
> > > stw r3, 4(r9)
> > >
> > > The pointer to the OF client dispatcher is in R5 (3rd argument of
> main). The TOC pointer is initialized to 0xDEADBEEF. That's exactly what I
> cannot reproduce. I defined a correct function pointer like that:
> > >
> > > typedef long (*OfCiPtr)(CIArgs *args);
> > > static OfCIPtr gCIPtr;
> > >
> > > void main(int argc, int arg[], OfCiPtr ciPtr)
> > > {
> > >     gCIPtr = ciPtr;
> > > }
> > >
> > > When I initialize that global pointer gCIPtr with value from ciPtr
> (3rd argument), only the function address is written while the TOC value
> remains untouched. The compiled code looks like that:
> > >
> > > lwz r9, CIPtr_TC(RTOC)
> > > stw r5, 0(r9)
> > >
> > > I wonder how Apple guys managed to put 0xDEADBEEF into TVector's TOC?
> Do you have any clue?
> > > _______________________________________________
> > > cdg5 mailing list
> > > cdg5 at ucc.asn.au
> > > https://lists.ucc.gu.uwa.edu.au/mailman/listinfo/cdg5
> >
> > _______________________________________________
> > cdg5 mailing list
> > cdg5 at ucc.asn.au
> > https://lists.ucc.gu.uwa.edu.au/mailman/listinfo/cdg5
> > _______________________________________________
> > cdg5 mailing list
> > cdg5 at ucc.asn.au
> > https://lists.ucc.gu.uwa.edu.au/mailman/listinfo/cdg5
>
> _______________________________________________
> cdg5 mailing list
> cdg5 at ucc.asn.au
> https://lists.ucc.gu.uwa.edu.au/mailman/listinfo/cdg5
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ucc.gu.uwa.edu.au/pipermail/cdg5/attachments/20181228/f131a3c5/attachment.htm

More information about the cdg5 mailing list