1. #1
    Join Date
    Jan 2010
    Posts
    29

    PS3 Memory Dump Hypervisor Call Table Finder Tool is Available

    I have just finished another (first is HERE) little 010 Editor script to search the Hypervisor Call Table on any PS3 Memory Dump.

    Requirements: 010 Editor, script PS3MemDump_hv_call_table.bt and PS3_Memory_Dump.bin.

    See also the source of the script in attachment.

    Little how to for 010 Editor:

    1. If you do not already have 010 Editor -> Download and install a free 30-day trial for Windows 7/Vista/XP/2000 of 010 Editor.
    2. Unzip the archive (PS3MemDump_hv_call_table.zip) in attachement in your documents path for example C:/MyDocuments/SweetScape/010 Templates/
    3. Start 010 Editor.
    4. Click on shortcut Ctrl+O (menu File -> Open File...) and choose the file PS3_Memory_Dump.bin.
    5. Click on shortcut Ctrl+F5 (menu Templates -> Open Templates...) and choose the file PS3MemDump_hv_call_table.bt.
    6. Click on shortcut F5 (menu Templates -> Run Template on File).

    Well done now the hv call table appear like on attached picture...

    Best Regards

    TitanMKD


    More PlayStation 3 News...

  2. #2
    Join Date
    Feb 2010
    Posts
    11

    PS3 Memory Dump Hypervisor Call Table Finder Tool is Available

    Cool.

    How do you identify what is a call in a dump? Assembly?

  3. #3
    Join Date
    Jan 2010
    Posts
    29
    Quote Originally Posted by arghzzz View Post
    Cool.

    How do you identify what is a call in a dump? Assembly?
    By "hand", a call table contain just lot of 64bits pointers and on 64bits the first 32 bits part (called the MSB or Most Significant Bit) are often set to 0 (example @ 0x00000000002BF030 -> 32bits MSB 0x00000000 and 32bits LSB 0x002BF030) and you can identify that, compared to code which never contains 32bits set 0 and each assembly opcode/instruction on PPC is 32bits even on 64bits system.

    I hope that help to understand.

    Best Regards

  4. #4
    Join Date
    Feb 2010
    Posts
    38
    Quote Originally Posted by titanmkd View Post
    By "hand", a call table contain just lot of 64bits pointers and on 64bits the first 32 bits part (called the MSB or Most Significant Bit) are often set to 0 (example @ 0x00000000002BF030 -> 32bits MSB 0x00000000 and 32bits LSB 0x002BF030) and you can identify that, compared to code which never contains 32bits set 0 and each assembly opcode/instruction on PPC is 32bits even on 64bits system.

    I hope that help to understand.
    You're a genius!!! Thx for the script!! Hope, that's the next step to unlock the horse-power of the PS3!

    The tutorial has been added to the Wiki: http://ps3hvdoc.wikispaces.com/lv1+calls+offsets

  5. #5
    Join Date
    Feb 2010
    Posts
    11
    Quote Originally Posted by titanmkd View Post
    By "hand", a call table contain just lot of 64bits pointers and on 64bits the first 32 bits part (called the MSB or Most Significant Bit) are often set to 0 (example @ 0x00000000002BF030 -> 32bits MSB 0x00000000 and 32bits LSB 0x002BF030) and you can identify that, compared to code which never contains 32bits set 0 and each assembly opcode/instruction on PPC is 32bits even on 64bits system.

    I hope that help to understand.

    Best Regards
    Very clarifying Thanks.

    And the opcodes is found in the "cell programming handbook?"

  6. #6
    Join Date
    Jan 2010
    Posts
    29
    Quote Originally Posted by arghzzz View Post
    Very clarifying Thanks.

    And the opcodes is found in the "cell programming handbook?"
    I will advise you this book for general PPC opcode (the best i have found)

    http://www.xilinx.com/support/docume...ides/ug011.pdf

    and for other opcode/instruction specific to CBEA: http://cell.scei.co.jp/e_download.html

  7. #7
    Join Date
    Apr 2005
    Posts
    24,485

    Arrow

    Moved this one to the Site News also now, and +Rep titanmkd!

  8. #8
    Join Date
    Oct 2009
    Posts
    4
    Quote Originally Posted by titanmkd View Post
    I will advise you this book for general PPC opcode (the best i have found)

    http://www.xilinx.com/support/docume...ides/ug011.pdf
    Thanks so much for this. I hate PPC opcodes and anything that can make them easier to work with is a blessing

  9. #9
    Join Date
    Jan 2009
    Posts
    72

    Thumbs Up

    Great! this should make investigation by devs and non devs alike easier!

  10. #10
    Join Date
    Feb 2010
    Posts
    1

    Cool

    Quote Originally Posted by titanmkd View Post
    Little how to for 010 Editor...
    Thanks for the instructions!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in