Difference between revisions of "User:JayFoxRox"

From xboxdevwiki
Jump to: navigation, search
m (Unfinished information)
m (THPS2X Syslink crash)
Line 17: Line 17:
 
(gdb) print $eip
 
(gdb) print $eip
 
$1 = (void (*)()) 0x215adf
 
$1 = (void (*)()) 0x215adf
 +
</pre>
 +
 +
And this seems to copy server to database (this in particular copied string?):
 +
 +
<pre>
 +
Hardware watchpoint 1: *(int*)0xf47944
 +
 +
Old value = 926102321
 +
New value = 858992984
 +
0x00156cc3 in ?? ()
 +
(gdb) print $eip
 +
$2 = (void (*)()) 0x156cc3
 +
(gdb) info reg
 +
eax            0xd0043260          -805031328
 +
ecx            0x1d                29
 +
edx            0x0                0
 +
ebx            0xf20ce0            15863008
 +
esp            0xd004324c          0xd004324c
 +
ebp            0xf20ce0            0xf20ce0
 +
esi            0xd00432a0          -805031264
 +
edi            0xf47948            16021832
 +
eip            0x156cc3            0x156cc3
 +
eflags        0x246              [ PF ZF IF ]
 +
cs            0x8                8
 +
ss            0x10                16
 +
ds            0x10                16
 +
es            0x10                16
 +
fs            0x20                32
 +
gs            0x0                0
 +
(gdb) x/10i $eip
 +
=> 0x156cc3: rep movsl %ds:(%esi),%es:(%edi)
 +
  0x156cc5: call  0x1b9db6
 +
  0x156cca: mov    0x29b44(%ebx),%ecx
 +
  0x156cd0: mov    0x10(%esp),%edx
 +
  0x156cd4: imul  $0x78,%ecx,%ecx
 +
  0x156cd7: mov    %edx,0x26ca8(%ecx,%ebx,1)
 +
  0x156cde: mov    0x14(%esp),%eax
 +
  0x156ce2: mov    %eax,0x26cac(%ecx,%ebx,1)
 +
  0x156ce9: mov    0x29b44(%ebx),%eax
 +
  0x156cef: mov    (%ebx),%edx
 
</pre>
 
</pre>
  

Revision as of 23:27, 21 October 2018

For contact details, see http://jannikvogel.de/

Unfinished information

THPS2X Syslink crash

Happens if too many servers are present (this is where data is written to driver?): 

Hardware watchpoint 1: *(int*)0xD004D048

Old value = 1065353216
New value = 1500647462
0x00215adf in ?? ()
(gdb) pint $eip
Undefined command: "pint".  Try "help".
(gdb) print $eip
$1 = (void (*)()) 0x215adf

And this seems to copy server to database (this in particular copied string?): 

Hardware watchpoint 1: *(int*)0xf47944

Old value = 926102321
New value = 858992984
0x00156cc3 in ?? ()
(gdb) print $eip
$2 = (void (*)()) 0x156cc3
(gdb) info reg
eax            0xd0043260          -805031328
ecx            0x1d                29
edx            0x0                 0
ebx            0xf20ce0            15863008
esp            0xd004324c          0xd004324c
ebp            0xf20ce0            0xf20ce0
esi            0xd00432a0          -805031264
edi            0xf47948            16021832
eip            0x156cc3            0x156cc3
eflags         0x246               [ PF ZF IF ]
cs             0x8                 8
ss             0x10                16
ds             0x10                16
es             0x10                16
fs             0x20                32
gs             0x0                 0
(gdb) x/10i $eip
=> 0x156cc3:	rep movsl %ds:(%esi),%es:(%edi)
   0x156cc5:	call   0x1b9db6
   0x156cca:	mov    0x29b44(%ebx),%ecx
   0x156cd0:	mov    0x10(%esp),%edx
   0x156cd4:	imul   $0x78,%ecx,%ecx
   0x156cd7:	mov    %edx,0x26ca8(%ecx,%ebx,1)
   0x156cde:	mov    0x14(%esp),%eax
   0x156ce2:	mov    %eax,0x26cac(%ecx,%ebx,1)
   0x156ce9:	mov    0x29b44(%ebx),%eax
   0x156cef:	mov    (%ebx),%edx

Reset

There are various methods to reset an Xbox or major parts of it (successfully or not).

SMC Cold Reboot

  • CPU cycles: X > 0

SMC Warm Reboot

  • CPU cycles: X > 0

PM26

  • CPU cycles: X > 0

RST_CNT (RST_CPU)

equivalent docs?

RST_CNT (RST_CPU + SYS_RST)

RST_CNT (RST_CPU + FULL_RST)

RST_CNT (RST_CPU + SYS_RST + FULL_RST)

  • CPU cycles: 0

Triple fault

  • CPU cycles: 0[FIXME]

PCI-to-PCI bridge secondary bus reset

  • CPU cycles: X > 0
Retrieved from "https://xboxdevwiki.net/index.php?title=User:JayFoxRox&oldid=6598"