what's wrong with r0?

[Stuff]

It's safe at this point, but for some reason, I can't lwz into r0. It seems like any other safe register is fine. I can just let it go and use the original code which uses r12 and r11, but iowanna. >.> There's no reason to use any other register. The original instruction was    lha   r0,880(r3), so you know it's safe.

[spoiler=Suicide (Bully@Wiiplaza)]CR:84200488  XER:00000000  CTR:00000000 DSIS:04000000
DAR:FFFF93DC SRR0:800028CC SRR1:0000B032   LR:80260E04
  r0:80660000   r1:807AD670   r2:8079DAA0   r3:901B1F80
  r4:00000000   r5:00000007   r6:901B20BB   r7:00000000
  r8:00000100   r9:8058B1A8  r10:00000002  r11:807AD6E0
r12:00000000  r13:80798E20  r14:00000000  r15:00000000
r16:00000000  r17:00000000  r18:00000000  r19:00000000
r20:00000000  r21:00000000  r22:00000000  r23:00000000
r24:00000000  r25:00000000  r26:00000000  r27:900E0670
r28:00000018  r29:901B2258  r30:901B1F80  r31:901B1F80

  f0:FFC00000   f1:00000000   f2:00000000   f3:00000000
  f4:00000000   f5:3F800000   f6:3B4CCCCD   f7:3F800000
  f8:00000000   f9:40000000  f10:3F800000  f11:BB088889
f12:3ACCCCCD  f13:00000000  f14:00000000  f15:00000000
f16:00000000  f17:00000000  f18:00000000  f19:00000000
f20:00000000  f21:00000000  f22:00000000  f23:00000000
f24:00000000  f25:00000000  f26:00000000  f27:00000000
f28:00000000  f29:00000000  f30:00000000  f31:00000000

800028C0:  C2331144   lfs   f17,4420(r19)
800028C4:  00000005   .word   0x00000005
800028C8:  3C008066   lis   r0,-32666
800028CC:  A80093DC   lha   r0,-27684(r0) ##break
800028D0:  28003684   cmplwi   r0,13956
800028D4:  40820010   bne-   0x800028e4
800028D8:  38000001   li   r0,1
800028DC:  B0030372   sth   r0,882(r3)
800028E0:  B0030404   sth   r0,1028(r3)
800028E4:  A8030370   lha   r0,880(r3)
800028E8:  60000000   nop  [/spoiler]

[dcx2]

http://pds.twi.tudelft.nl/vakken/in101/labcourse/instruction-set/lwz.html

"EA is the sum (rA|0) + d".  (EDIT: EA stands for Effective Address)  The "rA|0" means "for r1-r31, use the contents of the register.  For r0, use the value 0 instead of the contents of r0"

In light of this information, can you tell me why lha r0,-27684(r0) fails?

[spoiler=hint]Look at the DAR register in your dump[/spoiler]

[Stuff]

:/ I should pay attention to that. I should go review to make sure I didn't miss anything... After that explanation, I could've told you without that hint. FFFF93DC isn't a valid address. But what is DAR? Wild guess says destination address register. I never look at those. I know what some of them are, but not all of them.

I worked around that with a different hook and was ready to ask why the new hook worked. But I don't have a lwa r0 in there anymore.

[dcx2]

There is no lwa, because there's no need to sign extend a word on the Wii's PowerPC processor.

When a data breakpoint occurs, DAR will contain the effective address for the data breakpoint.  For a "good" data breakpoint, you will see the address you broke on.  This was also useful for spotting false positives, but now Gecko.NET will skip unaligned data breakpoints.  For a "bad" data breakpoint (i.e. illegal address), you will see the illegal address which caused the crash.

[Stuff]

Interesting. So I could replace it with a good address at this point? And fix the code before it gets ready to crash again.

I meant lha XD. My work around does lha r0, d(r28) instead. It had a nice number that was near the controllers.

[dcx2]

Well, if it wasn't r0, you could change r0 so that the EA would be legal.  As it stands, though, you can't change r0 to make the address legal.

However, if say r28 had 00000000 in it and caused a crash, then you could modify r28 to have a legit pointer and hit run to recover from the crash.

By the way, the whole r0 illegal address thing isn't 100% true.  When running in Supervisor mode (i.e. you are inside an interrupt), addresses 00000000 - 01800000 are legal and match with 80000000 - 81800000.  You can actually see this is the case in the debugger's breakpoint handler.  It's also what makes relocating the code handler difficult.

[Stuff]

hmm. Well I'm not ready for all that. I'll try to debug my next exception, but if it's too difficult, I'll just reset like always. >.<