From c118c71eace1aef76687beb2e1fa6517498d84ed Mon Sep 17 00:00:00 2001 From: Matthew Parlane Date: Thu, 25 Apr 2013 01:11:10 +1200 Subject: [PATCH] ES needs to handle it's own reply. pDevice was being used after free otherwise. --- .../Core/Src/IPC_HLE/WII_IPC_HLE_Device_es.cpp | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_es.cpp b/Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_es.cpp index 7241155cca..3514f45ebd 100644 --- a/Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_es.cpp +++ b/Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_es.cpp @@ -782,6 +782,7 @@ bool CWII_IPC_HLE_Device_es::IOCtlV(u32 _CommandAddress) wiiMoteConnected[i] = s_Usb->m_WiiMotes[i].IsConnected(); std::string tContentFile(m_ContentFile.c_str()); + WII_IPC_HLE_Interface::Reset(true); WII_IPC_HLE_Interface::Init(); s_Usb = GetUsbPointer(); @@ -816,7 +817,19 @@ bool CWII_IPC_HLE_Device_es::IOCtlV(u32 _CommandAddress) ERROR_LOG(WII_IPC_ES, "IOCTL_ES_LAUNCH %016llx %08x %016llx %08x %016llx %04x", TitleID,view,ticketid,devicetype,titleid,access); // IOCTL_ES_LAUNCH 0001000248414341 00000001 0001c0fef3df2cfa 00000000 0001000248414341 ffff - return true; + //We have to handle the reply ourselves as this handle is not valid anymore + + + // It seems that the original hardware overwrites the command after it has been + // executed. We write 8 which is not any valid command, and what IOS does + Memory::Write_U32(8, _CommandAddress); + // IOS seems to write back the command that was responded to + Memory::Write_U32(6, _CommandAddress + 8); + + // Generate a reply to the IPC command + WII_IPC_HLE_Interface::EnqReply(_CommandAddress, 0); + + return false; } break;