Difference between revisions of "C51 Malloc"

From Final Fantasy Hacktics Wiki
Jump to navigation Jump to search
m (Talcall moved page Calculate Available RAM Address to C51 Malloc: libc)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
<font face='Courier New'>
 
<font face='Courier New'>
 
   
 
   
  Judges the size of something? loops in a really odd fashion until 0x8004e9d4 + r4 != 0
+
  uses r4 input to determine the size of the requested file in bytes; finds and returns the address of the first unused sect of data after 0x801df000 in blocks of 0x800.
  grabs something from very close to the beginning of scus, which seems to point to the stack?
+
  r4 values between 0x1 and 0x7ff all dedicate 1 block of space, but a block size request of 0x800 for example would require 2 blocks. this is accounted for.
 
   
 
   
 
  00044414: 27bdfff8 addiu r29,r29,0xfff8
 
  00044414: 27bdfff8 addiu r29,r29,0xfff8
Line 17: Line 17:
 
  00044440: 00000000 nop
 
  00044440: 00000000 nop
 
  00044444: 1460000a bne r3,r0,0x00044470 #branch if not 0
 
  00044444: 1460000a bne r3,r0,0x00044470 #branch if not 0
  00044448: 0067102b sltu r2,r3,r7 #true if r3 > 1
+
  00044448: 0067102b sltu r2,r3,r7 #true if r3 < r7
 
  0004444c: 14a00002 bne r5,r0,0x00044458
 
  0004444c: 14a00002 bne r5,r0,0x00044458
 
  00044450: 00000000 nop
 
  00044450: 00000000 nop
  00044454: 00804021 addu r8,r4,r0 #r8 = r4
+
  00044454: 00804021 addu r8,r4,r0 #r8 = r4 (largest address non-zero value in loop space?)
 
  00044458: 24a50001 addiu r5,r5,0x0001 #r5 + 1
 
  00044458: 24a50001 addiu r5,r5,0x0001 #r5 + 1
 
  0004445c: 00a6102b sltu r2,r5,r6 #set true if r5 < Ceil(input>>0xb)
 
  0004445c: 00a6102b sltu r2,r5,r6 #set true if r5 < Ceil(input>>0xb)
  00044460: 1040000c beq r2,r0,0x00044494 #branch until true
+
  00044460: 1040000c beq r2,r0,0x00044494 #branch when looped Ceil(input>>0xb) times
  00044464: 00000000 nop
+
  00044464: 00000000 nop #remembers number of times looped (r5)
 
  00044468: 08011120 j 0x00044480
 
  00044468: 08011120 j 0x00044480
 
  0004446c: 24840001 addiu r4,r4,0x0001 #r4 + 1
 
  0004446c: 24840001 addiu r4,r4,0x0001 #r4 + 1
  00044470: 14400002 bne r2,r0,0x0004447c #branch if r2 != 0
+
  00044470: 14400002 bne r2,r0,0x0004447c #branch if r3 < r7
 
  00044474: 00002821 addu r5,r0,r0 #r5 = 0
 
  00044474: 00002821 addu r5,r0,r0 #r5 = 0
 
  00044478: 24670001 addiu r7,r3,0x0001 #r7 = byte + 1
 
  00044478: 24670001 addiu r7,r3,0x0001 #r7 = byte + 1
 
  0004447c: 24840001 addiu r4,r4,0x0001 #r4 + 1
 
  0004447c: 24840001 addiu r4,r4,0x0001 #r4 + 1
  00044480: 2c820040 sltiu r2,r4,0x0040 #set true if r4 < 0x40
+
  00044480: 2c820040 sltiu r2,r4,0x0040 #set true if r4 < 0x40 (hardcoded safeguard?)
  00044484: 1440ffeb bne r2,r0,0x00044434 #loop if untrue
+
  00044484: 1440ffeb bne r2,r0,0x00044434 #loop if still yet to loop 0x40 times
 
  00044488: 00a6102b sltu r2,r5,r6 #set true if r5 < Ceil(input>>0xb)
 
  00044488: 00a6102b sltu r2,r5,r6 #set true if r5 < Ceil(input>>0xb)
 
  0004448c: 14400010 bne r2,r0,0x000444d0 #branch if so
 
  0004448c: 14400010 bne r2,r0,0x000444d0 #branch if so
 
  00044490: 00001021 addu r2,r0,r0 #r2 = 0
 
  00044490: 00001021 addu r2,r0,r0 #r2 = 0
  00044494: 10a0000a beq r5,r0,0x000444c0 #branch if r5 = 0
+
  00044494: 10a0000a beq r5,r0,0x000444c0 #branch if looped 0 times
 
  00044498: 00002021 addu r4,r0,r0 #r4 = 0
 
  00044498: 00002021 addu r4,r0,r0 #r4 = 0
 
  0004449c: 3c038005 lui r3,0x8005
 
  0004449c: 3c038005 lui r3,0x8005
Line 42: Line 42:
 
  000444a4: 01041021 addu r2,r8,r4 #r2 = r8 + r4
 
  000444a4: 01041021 addu r2,r8,r4 #r2 = r8 + r4
 
  000444a8: 00431021 addu r2,r2,r3 #r2 = 0x8004e9d4 + r8 + r4  
 
  000444a8: 00431021 addu r2,r2,r3 #r2 = 0x8004e9d4 + r8 + r4  
  000444ac: a0470000 sb r7,0x0000(r2) #save r7
+
  000444ac: a0470000 sb r7,0x0000(r2) #store largest value + 1 to all bytes equal to and larger than the encountered number's address, ignores ones before
  000444b0: 24840001 addiu r4,r4,0x0001 #r4 + 1
+
  000444b0: 24840001 addiu r4,r4,0x0001 #loop count
  000444b4: 0085102b sltu r2,r4,r5 #set true if r5 counter < r4 counter
+
  000444b4: 0085102b sltu r2,r4,r5 #set true if not looped r5 times
  000444b8: 1440fffa bne r2,r0,0x000444a4 #loop above until r4 => r5 (?)
+
  000444b8: 1440fffa bne r2,r0,0x000444a4 #loop above until all data spaces are filled with 1
 
  000444bc: 00000000 nop
 
  000444bc: 00000000 nop
 
  000444c0: 3c038001 lui r3,0x8001
 
  000444c0: 3c038001 lui r3,0x8001
  000444c4: 8c630010 lw r3,0x0010(r3) #loads either a very large number, or a stack pointer. (0x801df000?)
+
  000444c4: 8c630010 lw r3,0x0010(r3) #loads LBA pointer
 
  000444c8: 000812c0 sll r2,r8,0x0b #r2 = r8 << 0xb
 
  000444c8: 000812c0 sll r2,r8,0x0b #r2 = r8 << 0xb
  000444cc: 00431021 addu r2,r2,r3 #r2 + 801df000?
+
  000444cc: 00431021 addu r2,r2,r3 #r2 + 801df000 + 0x800 * (largest encountered number + 1)
 
  000444d0: 27bd0008 addiu r29,r29,0x0008
 
  000444d0: 27bd0008 addiu r29,r29,0x0008
 
  000444d4: 03e00008 jr r31
 
  000444d4: 03e00008 jr r31
 
  000444d8: 00000000 nop
 
  000444d8: 00000000 nop
 
</font>
 
</font>

Latest revision as of 07:50, 6 July 2023

uses r4 input to determine the size of the requested file in bytes; finds and returns the address of the first unused sect of data after 0x801df000 in blocks of 0x800.
r4 values between 0x1 and 0x7ff all dedicate 1 block of space, but a block size request of 0x800 for example would require 2 blocks. this is accounted for.

00044414: 27bdfff8 addiu r29,r29,0xfff8
00044418: 00002821 addu r5,r0,r0			#r5 = 0
0004441c: 000432c2 srl r6,r4,0x0b			#r6 = input >> 0xb (0x800 to 0x1)
00044420: 308407ff andi r4,r4,0x07ff			#
00044424: 10800002 beq r4,r0,0x00044430		#branch if input && 0x07ff is 0
00044428: 34070001 ori r7,r0,0x0001			#r7 = 1
0004442c: 24c60001 addiu r6,r6,0x0001			#r6 = Ceil(input>>0xb)
00044430: 00002021 addu r4,r0,r0			#r4 = 0
00044434: 3c018005 lui r1,0x8005
00044438: 00240821 addu r1,r1,r4
0004443c: 9023e9d4 lbu r3,-0x162c(r1)			#loads byte from 0x8004e9d4 + r4
00044440: 00000000 nop
00044444: 1460000a bne r3,r0,0x00044470		#branch if not 0
00044448: 0067102b sltu r2,r3,r7			#true if r3 < r7
0004444c: 14a00002 bne r5,r0,0x00044458
00044450: 00000000 nop
00044454: 00804021 addu r8,r4,r0			#r8 = r4 (largest address non-zero value in loop space?)
00044458: 24a50001 addiu r5,r5,0x0001			#r5 + 1
0004445c: 00a6102b sltu r2,r5,r6			#set true if r5 < Ceil(input>>0xb)
00044460: 1040000c beq r2,r0,0x00044494		#branch when looped Ceil(input>>0xb) times
00044464: 00000000 nop					#remembers number of times looped (r5)
00044468: 08011120 j 0x00044480
0004446c: 24840001 addiu r4,r4,0x0001			#r4 + 1
00044470: 14400002 bne r2,r0,0x0004447c		#branch if r3 < r7
00044474: 00002821 addu r5,r0,r0			#r5 = 0
00044478: 24670001 addiu r7,r3,0x0001			#r7 = byte + 1
0004447c: 24840001 addiu r4,r4,0x0001			#r4 + 1
00044480: 2c820040 sltiu r2,r4,0x0040			#set true if r4 < 0x40 (hardcoded safeguard?)
00044484: 1440ffeb bne r2,r0,0x00044434		#loop if still yet to loop 0x40 times
00044488: 00a6102b sltu r2,r5,r6			#set true if r5 < Ceil(input>>0xb)
0004448c: 14400010 bne r2,r0,0x000444d0		#branch if so
00044490: 00001021 addu r2,r0,r0			#r2 = 0
00044494: 10a0000a beq r5,r0,0x000444c0		#branch if looped 0 times
00044498: 00002021 addu r4,r0,r0			#r4 = 0
0004449c: 3c038005 lui r3,0x8005
000444a0: 2463e9d4 addiu r3,r3,-0x162c			#r3 = 0x8004e9d4
000444a4: 01041021 addu r2,r8,r4			#r2 = r8 + r4
000444a8: 00431021 addu r2,r2,r3			#r2 = 0x8004e9d4 + r8 + r4 
000444ac: a0470000 sb r7,0x0000(r2)			#store largest value + 1 to all bytes equal to and larger than the encountered number's address, ignores ones before
000444b0: 24840001 addiu r4,r4,0x0001			#loop count
000444b4: 0085102b sltu r2,r4,r5			#set true if not looped r5 times
000444b8: 1440fffa bne r2,r0,0x000444a4		#loop above until all data spaces are filled with 1
000444bc: 00000000 nop
000444c0: 3c038001 lui r3,0x8001
000444c4: 8c630010 lw r3,0x0010(r3)			#loads LBA pointer
000444c8: 000812c0 sll r2,r8,0x0b			#r2 = r8 << 0xb
000444cc: 00431021 addu r2,r2,r3			#r2 + 801df000 + 0x800 * (largest encountered number + 1)
000444d0: 27bd0008 addiu r29,r29,0x0008
000444d4: 03e00008 jr r31
000444d8: 00000000 nop