Deci3dbg - IDA Pro Debugger Module for PlayStation 3

Anyone who has debugged on a PlayStation 3 knows that there is only one debugger available - SN Systems ProDG. It has some nice features (that I even miss in others debuggers) but overall… its not that good. There was also a GDB client, but it was removed somewhere around 1.xx SDK (specification changed, the step command was removed, etc). So after spending some time with ProDG I realized it wasn’t working for me and decided to get the host debugger to communicate with IDA Pro. This would allow me to use all those nice features like scripts, plugins, tracing, leaving comments in place, interface and hotkeys that I’ve gotten used to over the years.

Okay, I hear some of you asking why I made an IDA Pro module and not some kind of GDB proxy, and the reasons are simple:

  • I already had some experience creating GDB proxies and hosts, but no experience creating IDA Pro debugger modules (in fact, few people did that)
  • GDB client of IDA Pro is not open source
  • PowerPC GDB stub is buggy in IDA Pro 6.1. I own the latest build of IDA Pro, but let’s be honest, most people don’t, so I wrote this code for IDA Pro 6.1. Needless to say, IDA Pro 6.5 is backwards compatible with 6.1, and even the debugger module compiled with idasdk61 will work just fine (or much better) with 6.5.

deci3dbg screenshot

That’s what I did and it works great! I tested it for several months, catching bugs. Last time I fixed some bugs about half a year ago (in 2013), but haven’t used it much since then.

Features

  • PPU debugging
  • General and float registers
  • Exceptions, Breakpoints, Step thru code
  • Hardware breakpoints (DABR)
  • Threads and modules
  • Read/write memory
  • Works with official Sony’s Reference Tools and Debug Stations (DECR/DECH)
  • Also works with custom firmwares

Notes

Plugin uses ProDG’s TMAPI library for communication over deci3 protocol with PS3. The deci3 protocol specification was leaked online, but using a ready-made library saved a lot of time. The downside is that it only supports Windows platform.

Compilation

Copy the contents of “C:\Program Files (x86)\SN Systems\PS3\sdk” of your ProDG installation to the project folder.

Installation

Copy deci3dbg.plw and deci3dbg.p64 to the plugins folder inside your IDA Pro installation.

How to use

  1. Load PowerPC binary file into IDA Pro
  2. Debugger -> Select debugger… -> DECI3 debugger plugin
  3. Debugger -> Attach to process…
  4. Select target and press OK (target may be showed as ‘disconnected’, bug of TMAPI)
  5. Select process

Source / Build

If you liked this post, you can share it with your followers or follow me on Twitter !