void start()
{
/* Set up a different stack */
asm("stwu %r1,-0x2000(%r1)");
/* Remove the OSPanic() callback */
unsigned int *ospanic_cb = (unsigned int*)OSPANIC_CB;
ospanic_cb[0] = ospanic_cb[1] = 0;
/* Copy another version of the ROP buffer over the original */
unsigned int *ropbuf = (unsigned int*)BUFFER_ADDR;
memcpy(ropbuf, (void*)BUFFER_ADDR + 0x1000, 0x5c0);
/* Look for the code buffer (checking the start, middle, and end) */
unsigned int *codebuf = (unsigned int*)BUFFER_ADDR;
while (codebuf < (unsigned int*)0x20000000)
{
if (*codebuf == CODE_START &&
codebuf[0x4000/4] == ropbuf[0x190/4] &&
codebuf[0x7FFC/4] == ropbuf[0x194/4]) break;
codebuf++;
}
if (codebuf == 0x20000000) OSFatal("Code not found");
/* Modify the ROP buffer to copy the code spray into the JIT */
ropbuf[0x318/4] = &ropbuf[0xa0/4];
ropbuf[0xdc/4] = codebuf + 1;
ropbuf[0xe0/4] = 0x8000;
/* Perform ROP again */
rop(BUFFER_ADDR + 0x30c);
}
void start()
{
asm("stwu %r1,-0x2000(%r1)");
unsigned int * start = (unsigned int*)BUFFER_ADDR;
int i;
for (i = 0; i < 150; start += 1) {
if (*start == CODE_START) i++;
}
memcpy((void *)BUFFER_ADDR, (void *)BUFFER_ADDR + 0x800, 0x600);
unsigned int * code_addr = (unsigned int *)(BUFFER_ADDR + 0x2C);
unsigned int * code_addr_2 = (unsigned int *)(BUFFER_ADDR + 0x44);
*code_addr = (int)start;
*code_addr_2 = (int)start;
asm(
"lis %r1, 0x1dd7 ;"
"ori %r1, %r1, 0xb814 ;"
);
rop();
/* Debug printing */
char msg[255];
__os_snprintf(msg, 255, "0x%08x 0x%08x", *code_addr, start);
OSFatal(msg);
}
int rfs_precall_flts(struct rfs_chain *rchain, struct rfs_context *rcont,
struct redirfs_args *rargs)
{
enum redirfs_rv (*rop)(redirfs_context, struct redirfs_args *);
enum redirfs_rv rv;
if (!rchain)
return 0;
rargs->type.call = REDIRFS_PRECALL;
rcont->idx = rcont->idx_start;
for (; rcont->idx < rchain->rflts_nr; rcont->idx++) {
if (!atomic_read(&rchain->rflts[rcont->idx]->active))
continue;
rop = rchain->rflts[rcont->idx]->cbs[rargs->type.id].pre_cb;
if (!rop)
continue;
rv = rop(rcont, rargs);
if (rv == REDIRFS_STOP)
return -1;
}
rcont->idx--;
return 0;
}
Expr boolean() {
if (lookahead == NUM || lookahead == ID) {
Expr temp;
temp.setLeft(operand());
temp.setType(rop());
temp.setRight(operand());
return temp;
} else {
throw ParseError("Syntax error");
}
}
void rfs_postcall_flts(struct rfs_chain *rchain, struct rfs_context *rcont,
struct redirfs_args *rargs)
{
enum redirfs_rv (*rop)(redirfs_context, struct redirfs_args *);
if (!rchain)
return;
rargs->type.call = REDIRFS_POSTCALL;
for (; rcont->idx >= rcont->idx_start; rcont->idx--) {
if (!atomic_read(&rchain->rflts[rcont->idx]->active))
continue;
rop = rchain->rflts[rcont->idx]->cbs[rargs->type.id].post_cb;
if (rop)
rop(rcont, rargs);
}
rcont->idx++;
}
void Parser::_bool() {
operand();
rop();
operand();
}
/*
* Main loop for command mode command decoding.
* A few commands are executed here, but main function
* is to strip command addresses, do a little address oriented
* processing and call command routines to do the real work.
*/
void
commands(bool noprompt, bool exitoneof)
{
register line *addr;
register int c;
register int lchng;
int given;
int seensemi;
int cnt;
bool hadpr;
resetflav();
nochng();
for (;;) {
/*
* If dot at last command
* ended up at zero, advance to one if there is a such.
*/
if (dot <= zero) {
dot = zero;
if (dol > zero)
dot = one;
}
shudclob = 0;
/*
* If autoprint or trailing print flags,
* print the line at the specified offset
* before the next command.
*/
if (pflag ||
(lchng != chng && value(AUTOPRINT) && !inglobal && !inopen && endline)) {
pflag = 0;
nochng();
if (dol != zero) {
addr1 = addr2 = dot + poffset;
if (addr1 < one || addr1 > dol)
error("Offset out-of-bounds|Offset after command too large");
setdot1();
goto print;
}
}
nochng();
/*
* Print prompt if appropriate.
* If not in global flush output first to prevent
* going into pfast mode unreasonably.
*/
if (inglobal == 0) {
flush();
if (!hush && value(PROMPT) && !globp && !noprompt && endline) {
ex_putchar(':');
hadpr = 1;
}
TSYNC();
}
/*
* Gobble up the address.
* Degenerate addresses yield ".".
*/
addr2 = 0;
given = seensemi = 0;
do {
addr1 = addr2;
addr = address(0);
c = getcd();
if (addr == 0) {
if (c == ',')
addr = dot;
else if (addr1 != 0) {
addr2 = dot;
break;
} else
break;
}
addr2 = addr;
given++;
if (c == ';') {
c = ',';
dot = addr;
seensemi = 1;
}
} while (c == ',');
if (c == '%') {
/* %: same as 1,$ */
addr1 = one;
addr2 = dol;
given = 2;
c = ex_getchar();
}
if (addr1 == 0)
addr1 = addr2;
if (c == ':')
c = ex_getchar();
/*
* Set command name for special character commands.
*/
tailspec(c);
/*
* If called via : escape from open or visual, limit
* the set of available commands here to save work below.
*/
if (inopen) {
if (c=='\n' || c=='\r' || c==CTRL('d') || c==EOF) {
if (addr2)
dot = addr2;
if (c == EOF)
return;
continue;
}
if (any(c, "o"))
notinvis:
tailprim(Command, 1, 1);
}
switch (c) {
case 'a':
switch(peekchar()) {
case 'b':
/* abbreviate */
tail("abbreviate");
setnoaddr();
mapcmd(0, 1);
anyabbrs = 1;
continue;
case 'r':
/* args */
tail("args");
setnoaddr();
eol();
pargs();
continue;
}
/* append */
if (inopen)
goto notinvis;
tail("append");
setdot();
aiflag = exclam();
ex_newline();
vmacchng(0);
deletenone();
setin(addr2);
inappend = 1;
ignore(append(gettty, addr2));
inappend = 0;
nochng();
continue;
case 'c':
switch (peekchar()) {
/* copy */
case 'o':
tail("copy");
vmacchng(0);
move();
continue;
#ifdef CHDIR
/* cd */
case 'd':
tail("cd");
goto changdir;
/* chdir */
case 'h':
ignchar();
if (peekchar() == 'd') {
register char *p;
tail2of("chdir");
changdir:
if (savedfile[0] == '/' || !value(WARN))
ignore(exclam());
else
ignore(quickly());
if (skipend()) {
p = getenv("HOME");
if (p == NULL)
error("Home directory unknown");
} else
getone(), p = file;
eol();
if (chdir(p) < 0)
filioerr(p);
if (savedfile[0] != '/')
edited = 0;
continue;
}
if (inopen)
tailprim("change", 2, 1);
tail2of("change");
break;
#endif
default:
if (inopen)
goto notinvis;
tail("change");
break;
}
/* change */
aiflag = exclam();
setCNL();
vmacchng(0);
setin(addr1);
delete(0);
inappend = 1;
ignore(append(gettty, addr1 - 1));
inappend = 0;
nochng();
continue;
/* delete */
case 'd':
/*
* Caution: dp and dl have special meaning already.
*/
tail("delete");
c = cmdreg();
setCNL();
vmacchng(0);
if (c)
YANKreg(c);
delete(0);
appendnone();
continue;
/* edit */
/* ex */
case 'e':
tail(peekchar() == 'x' ? "ex" : "edit");
editcmd:
if (!exclam() && chng)
c = 'E';
filename(c);
if (c == 'E') {
ungetchar(lastchar());
ignore(quickly());
}
setnoaddr();
doecmd:
init();
addr2 = zero;
laste++;
ex_sync();
rop(c);
nochng();
continue;
/* file */
case 'f':
tail("file");
setnoaddr();
filename(c);
noonl();
/*
synctmp();
*/
continue;
/* global */
case 'g':
tail("global");
global(!exclam());
nochng();
continue;
/* insert */
case 'i':
if (inopen)
goto notinvis;
tail("insert");
setdot();
nonzero();
aiflag = exclam();
ex_newline();
vmacchng(0);
deletenone();
setin(addr2);
inappend = 1;
ignore(append(gettty, addr2 - 1));
inappend = 0;
if (dot == zero && dol > zero)
dot = one;
nochng();
continue;
/* join */
case 'j':
tail("join");
c = exclam();
setcount();
nonzero();
ex_newline();
vmacchng(0);
if (given < 2 && addr2 != dol)
addr2++;
join(c);
continue;
/* k */
case 'k':
casek:
pastwh();
c = ex_getchar();
if (endcmd(c))
serror("Mark what?|%s requires following letter", Command);
ex_newline();
if (!islower(c))
error("Bad mark|Mark must specify a letter");
setdot();
nonzero();
names[c - 'a'] = *addr2 &~ 01;
anymarks = 1;
continue;
/* list */
case 'l':
tail("list");
setCNL();
ignorf(setlist(1));
pflag = 0;
goto print;
case 'm':
if (peekchar() == 'a') {
ignchar();
if (peekchar() == 'p') {
/* map */
tail2of("map");
setnoaddr();
mapcmd(0, 0);
continue;
}
/* mark */
tail2of("mark");
goto casek;
}
/* move */
tail("move");
vmacchng(0);
move();
continue;
case 'n':
if (peekchar() == 'u') {
tail("number");
goto numberit;
}
/* next */
tail("next");
setnoaddr();
ckaw();
ignore(quickly());
if (getargs())
makargs();
next();
c = 'e';
filename(c);
goto doecmd;
/* open */
case 'o':
tail("open");
oop();
pflag = 0;
nochng();
continue;
case 'p':
case 'P':
switch (peekchar()) {
/* put */
case 'u':
tail("put");
setdot();
c = cmdreg();
eol();
vmacchng(0);
if (c)
putreg(c);
else
put();
continue;
case 'r':
ignchar();
if (peekchar() == 'e') {
/* preserve */
tail2of("preserve");
eol();
if (preserve() == 0)
error("Preserve failed!");
else
error("File preserved.");
}
tail2of("print");
break;
default:
tail("print");
break;
}
/* print */
setCNL();
pflag = 0;
print:
nonzero();
if (CL && span() > EX_LINES) {
flush1();
vclear();
}
plines(addr1, addr2, 1);
continue;
/* quit */
case 'q':
tail("quit");
setnoaddr();
c = quickly();
eol();
if (!c)
quit:
nomore();
if (inopen) {
vgoto(WECHO, 0);
if (!ateopr())
vnfl();
else {
tostop();
}
flush();
setty(normf);
}
cleanup(1);
ex_exit(0);
case 'r':
if (peekchar() == 'e') {
ignchar();
switch (peekchar()) {
/* rewind */
case 'w':
tail2of("rewind");
setnoaddr();
if (!exclam()) {
ckaw();
if (chng && dol > zero)
error("No write@since last chage (:rewind! overrides)");
}
eol();
erewind();
next();
c = 'e';
ungetchar(lastchar());
filename(c);
goto doecmd;
/* recover */
case 'c':
tail2of("recover");
setnoaddr();
c = 'e';
if (!exclam() && chng)
c = 'E';
filename(c);
if (c == 'E') {
ungetchar(lastchar());
ignore(quickly());
}
init();
addr2 = zero;
laste++;
ex_sync();
recover();
rop2();
revocer();
if (status == 0)
rop3(c);
if (dol != zero)
change();
nochng();
continue;
}
tail2of("read");
} else
tail("read");
/* read */
if (savedfile[0] == 0 && dol == zero)
c = 'e';
pastwh();
vmacchng(0);
if (peekchar() == '!') {
setdot();
ignchar();
unix0(0);
filter(0);
continue;
}
filename(c);
rop(c);
nochng();
if (inopen && endline && addr1 > zero && addr1 < dol)
dot = addr1 + 1;
continue;
case 's':
switch (peekchar()) {
/*
* Caution: 2nd char cannot be c, g, or r
* because these have meaning to substitute.
*/
/* set */
case 'e':
tail("set");
setnoaddr();
set();
continue;
/* shell */
case 'h':
tail("shell");
setNAEOL();
vnfl();
putpad(TE);
flush();
unixwt(1, unixex("-i", (char *) 0, 0, 0));
vcontin(0);
continue;
/* source */
case 'o':
#ifdef notdef
if (inopen)
goto notinvis;
#endif
tail("source");
setnoaddr();
getone();
eol();
source(file, 0);
continue;
#ifdef SIGTSTP
/* stop, suspend */
case 't':
tail("stop");
goto suspend;
case 'u':
tail("suspend");
suspend:
if (!dosusp)
error("Old tty driver|Not using new tty driver/shell");
c = exclam();
eol();
if (!c)
ckaw();
onsusp(0);
continue;
#endif
}
/* fall into ... */
/* & */
/* ~ */
/* substitute */
case '&':
case '~':
Command = "substitute";
if (c == 's')
tail(Command);
vmacchng(0);
if (!substitute(c))
pflag = 0;
continue;
/* t */
case 't':
if (peekchar() == 'a') {
tail("tag");
tagfind(exclam());
if (!inopen)
lchng = chng - 1;
else
nochng();
continue;
}
tail("t");
vmacchng(0);
move();
continue;
case 'u':
if (peekchar() == 'n') {
ignchar();
switch(peekchar()) {
/* unmap */
case 'm':
tail2of("unmap");
setnoaddr();
mapcmd(1, 0);
continue;
/* unabbreviate */
case 'a':
tail2of("unabbreviate");
setnoaddr();
mapcmd(1, 1);
anyabbrs = 1;
continue;
}
/* undo */
tail2of("undo");
} else
tail("undo");
setnoaddr();
markDOT();
c = exclam();
ex_newline();
undo(c);
continue;
case 'v':
switch (peekchar()) {
case 'e':
/* version */
tail("version");
setNAEOL();
ex_printf("@(#) Version 3.6, 11/3/80"
" (4.0BSD). git "
"160803 14:24"
+5);
noonl();
continue;
/* visual */
case 'i':
tail("visual");
if (inopen) {
c = 'e';
goto editcmd;
}
vop();
pflag = 0;
nochng();
continue;
}
/* v */
tail("v");
global(0);
nochng();
continue;
/* write */
case 'w':
c = peekchar();
tail(c == 'q' ? "wq" : "write");
wq:
if (skipwh() && peekchar() == '!') {
pofix();
ignchar();
setall();
unix0(0);
filter(1);
} else {
setall();
wop(1);
nochng();
}
if (c == 'q')
goto quit;
continue;
/* xit */
case 'x':
tail("xit");
if (!chng)
goto quit;
c = 'q';
goto wq;
/* yank */
case 'y':
tail("yank");
c = cmdreg();
setcount();
eol();
vmacchng(0);
if (c)
YANKreg(c);
else
yank();
continue;
/* z */
case 'z':
zop(0);
pflag = 0;
continue;
/* * */
/* @ */
case '*':
case '@':
c = ex_getchar();
if (c=='\n' || c=='\r')
ungetchar(c);
if (any(c, "@*\n\r"))
c = lastmac;
if (isupper(c))
c = tolower(c);
if (!islower(c))
error("Bad register");
ex_newline();
setdot();
cmdmac(c);
continue;
/* | */
case '|':
endline = 0;
goto caseline;
/* \n */
case '\n':
endline = 1;
caseline:
notempty();
if (addr2 == 0) {
if (UP != NOSTR && c == '\n' && !inglobal)
c = CTRL('k');
if (inglobal)
addr1 = addr2 = dot;
else {
if (dot == dol)
error("At EOF|At end-of-file");
addr1 = addr2 = dot + 1;
}
}
setdot();
nonzero();
if (seensemi)
addr1 = addr2;
ex_getline(*addr1);
if (c == CTRL('k')) {
flush1();
destline--;
if (hadpr)
shudclob = 1;
}
plines(addr1, addr2, 1);
continue;
/* " */
case '"':
comment();
continue;
/* # */
case '#':
numberit:
setCNL();
ignorf(setnumb(1));
pflag = 0;
goto print;
/* = */
case '=':
ex_newline();
setall();
if (inglobal == 2)
pofix();
ex_printf("%d", lineno(addr2));
noonl();
continue;
/* ! */
case '!':
if (addr2 != 0) {
vmacchng(0);
unix0(0);
setdot();
filter(2);
} else {
unix0(1);
pofix();
putpad(TE);
flush();
unixwt(1, unixex("-c", uxb, 0, 0));
vclrech(1); /* vcontin(0); */
nochng();
}
continue;
/* < */
/* > */
case '<':
case '>':
for (cnt = 1; peekchar() == c; cnt++)
ignchar();
setCNL();
vmacchng(0);
shift(c, cnt);
continue;
/* ^D */
/* EOF */
case CTRL('d'):
case EOF:
if (exitoneof) {
if (addr2 != 0)
dot = addr2;
return;
}
if (!isatty(0)) {
if (intty)
/*
* Chtty sys call at UCB may cause a
* input which was a tty to suddenly be
* turned into /dev/null.
*/
onhup(0);
return;
}
if (addr2 != 0) {
setlastchar('\n');
putnl();
}
if (dol == zero) {
if (addr2 == 0)
putnl();
notempty();
}
ungetchar(EOF);
zop(hadpr);
continue;
default:
if (!isalpha(c))
break;
ungetchar(c);
tailprim("", 0, 0);
}
ierror("What?|Unknown command character '%c'", c);
}
}
void Assem_x86::assemInst( const string &name,const string &lhs,const string &rhs ) {
//parse operands
Operand lop( lhs ),rop( rhs );
lop.parse();
rop.parse();
//find instruction
int cc=-1;
Inst *inst=0;
//kludge for condition code instructions...
if( name[0]=='j' ) {
if( (cc=findCC(name.substr(1)))>=0 ) {
static Inst jCC= { "jCC",IMM,NONE,RW_RD|PLUSCC,"\x2\x0F\x80" };
inst=&jCC;
}
} else if( name[0]=='s' && name.substr( 0,3 )=="set" ) {
if( (cc=findCC(name.substr(3)))>=0 ) {
static Inst setCC= { "setne",R_M8,NONE,_2|PLUSCC,"\x2\x0F\x90" };
inst=&setCC;
}
}
if( inst ) {
if( !(lop.mode&inst->lmode) || !(rop.mode&inst->rmode) ) throw Ex( "illegal addressing mode" );
} else {
InstIter it=instMap.find( name );
if( it==instMap.end() ) throw Ex( "unrecognized instruction" );
inst=it->second;
for(;;) {
if( (lop.mode&inst->lmode) && (rop.mode&inst->rmode) ) break;
if( (++inst)->name ) throw Ex( "illegal addressing mode" );
}
}
//16/32 bit modifier - NOP for now
if( inst->flags & (O16|O32) ) {}
int k,n=inst->bytes[0];
for( k=1; k<n; ++k ) emit( inst->bytes[k] );
if( inst->flags&PLUSREG ) emit( inst->bytes[k]+lop.reg );
else if( inst->flags&PLUSCC ) emit( inst->bytes[k]+cc );
else emit( inst->bytes[k] );
if( inst->flags&(_0|_1|_2|_3|_4|_5|_6|_7|_R ) ) {
//find the memop;
const Operand &mop=
(inst->rmode&(MEM|MEM8|MEM16|MEM32|R_M|R_M8|R_M16|R_M32))?rop:lop;
//find the spare field value.
int rm=0;
switch( inst->flags&(_0|_1|_2|_3|_4|_5|_6|_7|_R ) ) {
case _0:
rm=0;
break;
case _1:
rm=1;
break;
case _2:
rm=2;
break;
case _3:
rm=3;
break;
case _4:
rm=4;
break;
case _5:
rm=5;
break;
case _6:
rm=6;
break;
case _7:
rm=7;
break;
case _R:
rm=(inst->rmode&(REG8|REG16|REG32))?rop.reg:lop.reg;
break;
}
rm<<=3;
if( mop.mode & REG ) { //reg
emit( 0xc0|rm|mop.reg );
} else if( mop.baseReg>=0 ) { //base, index?
int mod=mop.offset ? 0x40 : 0x00;
if( mop.baseLabel.size() || mop.offset<-128 || mop.offset>127 ) mod=0x80;
if( mop.baseReg==5 && !mod ) mod=0x40;
if( mop.indexReg>=0 ) { //base, index!
emit( mod|rm|4 );
emit( (mop.shift<<6)|(mop.indexReg<<3)|mop.baseReg );
} else { //base, no index!
if( mop.baseReg!=4 ) emit( mod|rm|mop.baseReg);
else {
emit( mod|rm|4 );
emit( (4<<3)|mop.baseReg );
}
}
if( (mod&0xc0)==0x40 ) emit( mop.offset );
else if( (mod&0xc0)==0x80 ) {
//reloc
a_reloc( mop.baseLabel );
emitd( mop.offset );
}
} else if( mop.indexReg>=0 ) { //index, no base!
emit( rm|4 );
emit( (mop.shift<<6)|(mop.indexReg<<3)|5 );
//reloc
a_reloc( mop.baseLabel );
emitd( mop.offset );
} else { //[disp]
emit( rm|5 );
//reloc
a_reloc( mop.baseLabel );
emitd( mop.offset );
}
}
if( inst->flags&RW_RD ) {
r_reloc( lop.immLabel );
emitd( lop.imm-4 );
}
if( inst->flags&IB ) {
if( lop.mode&IMM ) emitImm( lop,1 );
else emitImm( rop,1 );
} else if( inst->flags&IW ) {
if( lop.mode&IMM ) emitImm( lop,2 );
else emitImm( rop,2 );
} else if( inst->flags&ID ) {
if( lop.mode&IMM ) emitImm( lop,4 );
else emitImm( rop,4 );
}
}
void GifPixRect::copyImage(const PixRect *src) {
rop(CRect(0,0,getWidth(),getHeight()), SRCCOPY, src, src->getRect());
}
