Decided to try and reproduce the bugs from this talk[0] to try and figure out some spooky undocumented QDSP6 instructions my decompiler was running into. Now either I've got a fundamental misunderstanding, or their PoC as given doesn't work the way they claim it should. 😕

Anyone know of any public Qualcomm PoCs that /do/ work?

[0] https://youtu.be/KxdfX9NxfA4