Freeze returning to XMB using VshFpsCounter 2.3 + bloated text + wrong info

[aldostools]

Version 2.3 freezes exiting a game to XMB. It freezes the console with a black screen and I have to press power button to shutdown. It didn't happen with version 2.2.

How to reproduce: launch a game (e.g. Apollo Save Tool), wait until it loads, press PS and select exit the game. It exits the game but freezes showing the XMB.

This version also shows too much static text on screen. Please make the clock information optional or rotate the clock info (show each clock speed every few seconds, like you do with temps). I would prefer it to be optional.

Note: It looks like the clock information changes its address in LV1. I got wrong clock speed values once, but I couldn't reproduce the bug on the next 2 reboots.

[PS3-4K-Pro]

The clock speeds does not show when the reboot combo via webman is performanced and the clock speeds sometimes are wrong after a reboot

I also confirm black screen wHen exiting a game

Edit: The wrong clocks are showed when the plugin loads while the coldboot is being loaded instead of when the XMB is fully loaded.

(I could not reproduce this issue by will but i realized it happens when the plugin loads before it should, doesn't seem frequent, but sometimes it happens)

[aldostools]

@LuanTeles webMAN MOD still has version 2.2 due the freeze issue returning to XMB. That is the reason why you don't see the clock speed using the combo L3+R3.

You can update the plugin manually in /dev_hdd0/tmp/wm_res

[TheRouletteBoi]

can you try this version out.

• clock speeds are now in a new line.
• quit game fixed on dex

• https://gofile.io/d/4EXQ63

[aldostools]

Sure, give me a few minutes

[aldostools]

The new version is much better, but there is still a random freeze.

Test 1: Launched the game, returned to XMB without freeze. Launched the game again, had a black screen (freeze). Test 2: Launched the game two times, returned to XMB without freeze, The third time the game had the black screen returning to XMB.

It looks better with the stacked information. The wrong GPU clock information still happens.

[TheRouletteBoi]

maybe we can try a pattern scanner to retives the correct offsets in LV2. I remember seening one in the webman source. can you link to the header that has that code. As for the freeze on XMB I'm unable to reproduce. I've tried to exit game with GTAV and COD BO2 with no issues.

[aldostools]

Try to reproduce the freeze with Apollo... it loads fast. Load/exit multiple times in a row.

The code that you mention probably is this:

#define LV1     1
#define SC_PEEK_LV1 (8)
static u64 peek_lv1(u64 addr)
{
    system_call_1(SC_PEEK_LV1, addr);
    return (u64) p1;
}

static void peek_chunk_lv1(u64 start, u64 size, u64 *buffer) // read from lv1
{
    for(u64 offset = 0; offset < size; offset += 8)
    {
        *(buffer++) = peek_lv1(start + offset);
    }
}

static int ps3mapi_get_memory(u32 pid, u32 address, char *mem, u32 size)
{
    if(pid == LV1)
    {
        peek_chunk_lv1((address | 0x8000000000000000ULL), size, (u64*)mem);
    }
        // other pid values not included in the snippet....
}

static bool bcompare(const char *a, const char *b, u8 len, const char *mask)
{
    while(len && ((*a == *b) || (*mask == '*'))) {a++,b++,mask++,len--;}
    return len;
}

static u32 ps3mapi_find_offset(u32 pid, u32 address, u32 stop, u8 step, const char *sfind, u8 len, const char *mask, u32 fallback)
{
    int retval = NONE;
    found_offset = fallback;

    char mem[0x200], label[20]; int m = sizeof(mem) - len; u8 gap = len + 0x10 - (len % 0x10);
    for(; address < stop; address += sizeof(mem) - gap)
    {
        retval = ps3mapi_get_memory(pid, address, mem, sizeof(mem));
        if(retval < 0) break;

        for(int offset = 0; offset < m; offset += step)
        {
            if( !bcompare(mem + offset, sfind, len, mask) )
            {
                found_offset = (address + offset);
                return found_offset;
            }
        }
    }
    return found_offset;
}

[TheRouletteBoi]

for parameter in ps3mapi_find_offset can I use a const char* in bytes and mask like this? if not can you show how it is used?

sfind "\xFB\xA1\x00\x00\xF8\x01\x00\x00\x7C\x7D\x1B\x78\x38\x01\x00\x00" mask "xx??xx??xxxxxx??"

EDIT: I found a reference but it didn't use the mask parameter as I expected. https://github.com/aldostools/webMAN-MOD/blob/159a3bb9fe8ccb01fc0d8e06dc284e502415b3a1/include/patch_gameboot.h#L55

[aldostools]

For the mask use '*' as placeholder.

mask "xx**xx**xxxxxx**"

Or replace '*' in the function bcompare() with '?', if you prefer to use that character.

static bool bcompare(const char *a, const char *b, u8 len, const char *mask)
{
    while(len && ((*a == *b) || (*mask == '*') || (*mask == '?'))) {a++,b++,mask++,len--;}
    return len;
}

[PS3-4K-Pro]

@LuanTeles webMAN MOD still has version 2.2 due the freeze issue returning to XMB. That is the reason why you don't see the clock speed using the combo L3+R3.

You can update the plugin manually in /dev_hdd0/tmp/wm_res

No, i meant using v2.3 in boot plugins and rebooting the system via reboot combo (L3 + R2 + O) the system reboots normally but the clock speed overlay will not be displayed. i didn't use the webman one.

Test in your end, enable it via boot_plugins.txt, boot the system (the clock speeds overlay will be displayed) then restart the system via L3 + R2 + O combo, now the clock overlays will not be displayed

EDIT:

Seems like LPAR 1 reboot that cause this, soft/hard reboot keeps the clock speeds

[TheRouletteBoi]

Aldo do you happen to know if hooking is possible in the hypervisor (LV1) ?

[aldostools]

Cobra / Mamba allows kernel hooking. I haven't checked if it uses LV1 hooking.

[TheRouletteBoi]

I have yet to see any LV1 hooking that's why I asked.

---

For your offset finder
You use a different type to peek LV2, Is there a reason why? If it is better than why? I'm asking because if I integrate it into fps counter I would need to find LV2_OFFSET_ON_LV1 & SYSCALL_TABLE + detect firmware according to wMM/include/firmware.h

static u64 lv2_peek_cfw(u64 addr) //sc8 + LV2_OFFSET_ON_LV1
{
    system_call_1(SC_PEEK_LV1, addr + LV2_OFFSET_ON_LV1); //old: {system_call_1(SC_PEEK_LV2, addr);}
    return (u64)p1;
}

[aldostools]

The unique advantage of do it that way is that the plugin is able to peek with syscall 6 (LV2 peek) removed.

Syscall 8 (LV1 peek) is required to be enabled all the time. Syscall 6/7 are optional. BTW they are the problematic syscalls that cause bans in CoD BO2, GTAV, etc.

[TheRouletteBoi]

• [x] CPU & GPU Information stacked
• [x] Remove static LV1 offsets to retrieve clock speeds
• [x] Console Crashing when exiting apps (most common in Apollo Save Tool)

[aldostools]

Great news to know that you found the cause of the crash. Thank you.

[TheRouletteBoi]

it was very peculiar find. the crash was due to using the malloc from vsh/allocator.h so I switched to vsh/sys_prx_for_user malloc and that seemed to fixed the issue.

[aldostools]

Nice. If you have built a binary I could test it.

EDIT: I just noticed that you released the build 2.4. I will test it now.

[aldostools]

Confirmed working without freeze. Awesome job!!

Now we only need a configuration file in FPS plugin to decide what information to show on screen.

The screen looks too busy with all that text information.

[aldostools]

It looks the freeze issue is not fully fixed yet.

Yesterday I was testing the plugin and for some reason it didn't show the clock speeds, even after multiple reboots. Almost every time that I returned to XMB, the console hanged.

I was using VshFpsCounter 2.4 (modded). I don't think the issue is related to the mod. The mod basically removes the clock speed labels and the line feed character in Mhz to show all the clock speeds in a single line.

I tested on Evilnat 4.88.2 Cobra 8.3 on a slim 2100

[TheRouletteBoi]

did you by chance unload or reload the plugin at any point in time?

[aldostools]

I tried unloading and reloading the plugin too. It also happened loading the plugin once.

BTW I load the plugin through webMAN MOD. I don't load it using /boot_plugins.txt