Talk:PRX: Difference between revisions

This is all wrong atm. The actual symbol table is later in the second LOAD section.

Just jotting some things down quick before I forget.

Second LOAD section:

• First: Big list of pointers to all functions?
• Second: ????? Possibly something to do with symbol mapping. Seems to mostly always point somewhere in the magical Table 6.
• Third: Here we go. Long pointer to function name, long pointer to pointer to function, and a zero.
• Fourth: Fuck if I know. More mapping stuff? More pointing to Table 6.
• Fifth: Appears to be... data? Some strings, some floats, some other nonsense. Lots of 0x9EC? Or is that just the PRX I'm looking at? This goes on for a good long time, there might actually be two tables here.
• Sixth: Where the magic happens. Starts off with a bunch of pointers into itself (some kind of initialization hint?). Speaking of pointers to pointers, this is where those pointers being pointed to are. Each one is paired with a long next to it, which is almost always the same number across the PRX. Possibly a unique module ID? It shows up in the dep table (what I thought was the symbol table) too.

3 and 6 are the fun ones, and together let you map code blocks to function names. There's still a lot of mysteries to be found though.Roothorick 03:40, 23 June 2013 (MSK)

try the idc scripts from IDA pro disassembler and debugger, they might give you some additional information --Nas plugi 15:20, 23 June 2013 (MSK)