mike-myers-tob

Debug with GDB on macOS 11

The big reason to do this is that LLDB has no ability to "follow-fork-mode child", in other words, a multi-process target that doesn't have a single-process mode (or, a bug that only manifests when in multi-process mode) is going to be difficult or impossible to debug, especially if you have to run the target over and over in order to make the bug manifest. If you have a repeatable bug, no big deal, break on the fork from the parent process and attach to the child in a second lldb instance. Otherwise, read on.

Install GDB

Don't make the mistake of thinking you can just brew install gdb. Currently this is version 10.2 and it's mostly broken, with at least two annoying bugs as of April 29th 2021, but the big one is https://sourceware.org/bugzilla/show_bug.cgi?id=24069

$ xcode-select install  # install the XCode command-line tools

littlelailo

This bug was also called moonshine in the beginning
Basically the following bug is present in all bootroms I have looked at:
1. When usb is started to get an image over dfu, dfu registers an interface to handle all the commands and allocates a buffer for input and output
2. if you send data to dfu the setup packet is handled by the main code which then calls out to the interface code
3. the interface code verifies that wLength is shorter than the input output buffer length and if that's the case it updates a pointer passed as an argument with a pointer to the input output buffer
4. it then returns wLength which is the length it wants to recieve into the buffer
5. the usb main code then updates a global var with the length and gets ready to recieve the data packages
6. if a data package is recieved it gets written to the input output buffer via the pointer which was passed as an argument and another global variable is used to keep track of how many bytes were recieved already
7. if all the data was recieved th

fsphil

ov = $0D ; == $FF, initial value for the overflow counter

* = $0304 - (end - scroll)

scroll: jsr $AAD7 
loop:   lda #$A0
        sta $D3E0 - $80, x
        sta $0400+40*24+39-$80+1, y     ; incrementing rower, y finishes with value $80
        sta $0400+40*24-$7B-1, x        ; decrementing rower, x finishes with value $7b

erincandescent

Foreward

This document was originally written several years ago. At the time I was working as an execution core verification engineer at Arm. The following points are coloured heavily by working in and around the execution cores of various processors. Apply a pinch of salt; points contain varying degrees of opinion.

It is still my opinion that RISC-V could be much better designed; though I will also say that if I was building a 32 or 64-bit CPU today I'd likely implement the architecture to benefit from the existing tooling.

Mostly based upon the RISC-V ISA spec v2.0. Some updates have been made for v2.2

Original Foreword: Some Opinion

The RISC-V ISA has pursued minimalism to a fault. There is a large emphasis on minimizing instruction count, normalizing encoding, etc. This pursuit of minimalism has resulted in false orthogonalities (such as reusing the same instruction for branches, calls and returns) and a requirement for superfluous instructions which impacts code density both in terms of size and

johncantrell97

Hello again.

I was not the first to find the key this time, props to EnigmaZer0 for this one! After seeing that everyone enjoyed understanding how the first clues were solved I thought I'd provide an explanation for The Leporine Key.

The second clue dropped early afternoon EDT on (easter) Sunday April 21 2019. The clue can be viewed on the satoshis treasure website here and looked like this:

 _____       _            _     _ _       _____
/  ___|     | |          | |   (_| )     |_   _|

Chick3nman

Nvidia Driver Version: 419.35

Fans were set to 100% for duration of the benchmark.


hashcat (v5.1.0-749-g5ecbcde9+) starting in benchmark mode...

OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: TITAN RTX, 6144/24576 MB allocatable, 72MCU

0x27

#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector. 
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c

Kalinovcic

//
// Author:   Jonathan Blow
// Version:  1
// Date:     31 August, 2018
//
// This code is released under the MIT license, which you can find at
//
//          https://opensource.org/licenses/MIT
//
//

ISSOtm

This document is now at https://gbdev.io/guides/tools.html, please go there instead. It's kept here to avoid breaking links and to preserve history.

Previous versions can be checked out by selecting the "Revisions" tab, and selecting "View file" in the three-dot drop-down menu.

mbinna

Effective Modern CMake

Getting Started

For a brief user-level introduction to CMake, watch C++ Weekly, Episode 78, Intro to CMake by Jason Turner. LLVM’s CMake Primer provides a good high-level introduction to the CMake syntax. Go read it now.

After that, watch Mathieu Ropert’s CppCon 2017 talk Using Modern CMake Patterns to Enforce a Good Modular Design (slides). It provides a thorough explanation of what modern CMake is and why it is so much better than “old school” CMake. The modular design ideas in this talk are based on the book [Large-Scale C++ Software Design](https://www.amazon.de/Large-Scale-Soft