I am tired of blind coding...

[sascoo]

I have been working on porting some c++ code over to the xbox.  Is there any way to get any sort of crash information or debugging on a retail box?  I am working with XeDebug so that I can launch new builds a bit faster but when I get a hard crash there is nothing I can do besides attempting to find where the crash occurred by putting print statements in my code...  Logging my program was working fairly well to a point but now I am in the part of my program which is multithreaded and I believe I am getting a deadlock.  I don't really feel like making log calls throughout the entirety of the program.

If anyone has any form of a solution bar acquiring an actual development kit, please enlighten me.

Thanks

[le_uberfry]

I suppose "hard" crashes occur when machine check happens? (panic mode)
Make a patch for 0x200 (HV) to branch to a routine that'll dump the srr0 (address that caused it), srr1 (MSR value) and finally restart the console...
I think it's a trivial solution but I'm sure others can come up with a more decent idea, maybe crash dump and so on?

(in that case, have a look at 0x300 and 0x400 related code in HV, it will lead you to unencrypted sections that you can use for crash dumps)

OH OH OH wait! another idea (inb4 ideaman)! you say your app's multithreaded, but it'll be a bit hard to acquire infos about which thread did it, right? you might enum your spinlock value, print that out aswell (don't use encrypted memory) - cause you can't really be sure which cpu runs the thread, right? $#!t'll be SO cash.

[sascoo]

I am pretty new to hacking the xbox and low level stuff in general.  Are you talking about patching the nand?  If so, what tools do I need to start tweaking/reading the assembly?  Also, is there a site which gives detail to the various offsets of the nand and what each part does?

P.S.  You smart hardware/software RE people should just hurry up and get the syscalls from the devkit working on retail -- using the debug calls from the sdk would be so much easier.


Thanks

Edit:  I am looking into IDA

[slasherking823]

I suppose "hard" crashes occur when machine check happens? (panic mode)
Make a patch for 0x200 (HV) to branch to a routine that'll dump the srr0 (address that caused it), srr1 (MSR value) and finally restart the console...
I think it's a trivial solution but I'm sure others can come up with a more decent idea, maybe crash dump and so on?

(in that case, have a look at 0x300 and 0x400 related code in HV, it will lead you to unencrypted sections that you can use for crash dumps)

OH OH OH wait! another idea (inb4 ideaman)! you say your app's multithreaded, but it'll be a bit hard to acquire infos about which thread did it, right? you might enum your spinlock value, print that out aswell (don't use encrypted memory) - cause you can't really be sure which cpu runs the thread, right? $#!t'll be SO cash.

not many actually have the capabilities to do what you are suggesting

[sascoo]

...

not many actually have the capabilities to do what you are suggesting

Indeed.  It is going to take me a while to get up to speed.  Anyway, is the hv stored in the nand or do I need to look elsewhere?
Thanks

[le_uberfry]

not many actually have the capabilities to do what you are suggesting

Now that's just foolish - nobody's born with these skills, that's why you learn them.
Or shall I go get a spoon? Might be a bit easier

sascoo: patches.bin

example:

.long address
.long (9f-8f)/4
8:
  li %r3, 0x40
  b putc
9:

compile with gcc, done (or alternatively: pick them out one by one using a disassembler)

[sascoo]

We can either try osmosis or you can give me that spoon so i can eat your brains and steal your knowledge.

[slasherking823]

not many actually have the capabilities to do what you are suggesting

Now that's just foolish - nobody's born with these skills, that's why you learn them.

Some can learn, others cant
I try, but assembly always seems to blow my mind, it probably has to do with the fact that I cant do math in my head

[Xumpy]

Hold on, hold on... There is one thing I don't understand (Ok, for the moment one thing )

I'm not new to assembly. I have some experience but probably in the eyes of experience hackers I'm a complete newbie.

If you want to disassemble something, I have always used gdb. I suppose this only works for the x86 architecture so I can not use this.
I'm new to power pc. But I really want to learn how to disassemble these bin files so it would be more clear of what they are doing.

What tools you guys use for this, is this also possible with gdb, the same way as there is a cross compiler for gcc?

[dstruktiv]

IDA with Xorlosers 360 PPC plugins.

[Xumpy]

Looks a very cool program, but a little to pricey for me... Will check the demo although I believe it won't do me any good. Maybe in the near future I'll consider buying this

Thanks for the repley

Greetz

Xump

edit: I found there is a freeware, suppose this is the one you where referring to me... Going to test it now
edit2: So the plugin needs version 5.6 to bad its not compatible with the freeware

thnx

[le_uberfry]

http://www.xboxhacker.org/index.php?topic=14348.msg103010#msg103010
thank cory1492, he was the one to supply the spoon