Talk:PSP Emulation
Jump to navigation
Jump to search
Playstation Portable memory regions ?
PPSSPP 00010000 Scratchpad 04000000 VRAM 08800000 User memory 08804000 Default load address 88000000 Kernel memory
psp_emulator.self B0000000 Default load address
Cryptobrainstorming
Supported Kirk Crypto ? (1,4,7,11,12,13,14,16,17,18,19)
emulator_api errors
Google translations from japanese error messages:
0002 This world did not have a room that are playing the same game 1005 Upon your use of this application, you'll need to agree to the Terms of Use 2001 Network connection it has expired. It will return to the title screen 2002 Network connection it has expired. It will return to the title screen 2007 You can not connect to ad hoc. Please check the information page 3001 You can not connect to the network. Please check the information page 3003 There is no possible connection server 4001 You can not connect to the network. Please check information page 4001 You can not connect to the network. Please check information page 4004 We will not exceed the number that can be created room 4005 We have exceeded the maximum number of bookmarks. Please register again by removing unnecessary bookmark 4006 The lobby is a registered 4007 It will return to the title for a certain period of time operation is not performed 5002 This room is taking entry limit 5005 Because the connection type of network is different, you can not play in this room. Please check the manual 5006 It is during the transmission of comments 6001 You can not change the wallpaper for the free capacity of the HDD is insufficient. To make the change of wallpaper you need free space of more than 17MB. 6002 The size of the image can not be specified in the wallpaper. Please check the information page 6003 It does not support the file format of the image. Please check the information page 10001 Not available, because 20GB model (CECHB00) is not equipped with wireless LAN feature. 10002 PlayStation®3, please use it to connect to the broadband network in a wired. 10003 A system error has occurred. 10004 It is connected. Please be patient. Channel 1 10005 It is connected. Please be patient. Channel 6 10006 It is connected. Please be patient. Channel 11 10007 It is connected. Please be patient. Channel automatic 10008 Not available in the sub-account that is limiting the use of chat. administrator of n master account (such as parents) Please use after receiving the permission of chat use to. 10009 Upon your use of ad-hoc party, you should be asked to agree to the Terms of Service. 10010 You need to sign up to PlayStation®Network. 10011 I signed out from PlayStation®Network. You exit. / Please use it to enable the Internet connection. 10012 It is in a location other than the lobby. 30002 In order to start the ad-hoc party, System software update is required. 30003 Ad-hoc party is not installed. Please download the ad-hoc party (free of charge) from PlayStation®Store. 30004 Ad-hoc party has been updated. If you play the PSP® (PlayStation®Portable) Remaster is. Restart from the PSP® (PlayStation®Portable) Remaster icon. 30005 You can not connect to PlayStation®Network. Please check the configuration of the body. 30006 Are you sure that you want to move to the ad-hoc party? Please check the save data. 30007 We were leaving from the room. 30008 We left the room 30009 You can not connect to the network. Please confirm information page. 30010 Room of the password is incorrect. 30011 This room is taking entry limit. 30012 This room can not enter because of the packed. 30013 We were leaving from the room. 30014 Are you sure that you want to leave the room? Data when you leave the room not been saved will be lost. 30015 Are you sure that you want to leave the room? 30016 Are you sure that you want to move to end the game to the ad-hoc party? What you do not save will be lost. 30017 We did not put in a room. 30018 This PSP®Remaster title in eight room is not supported. 30019 You can not connect to PlayStation®Network. Please check the information page. 30020 We were leaving from the room. Are you sure that you want to move to the ad-hoc party without saving the game? 30021 The selected lobby is packed. H8001 I could not connect. H8002 I could not connect. H8003 I could not connect. H8004 I could not connect. H8005 I could not connect. H8006 I could not connect. S7001 I could not connect. S7002 I could not connect. S7003 I could not connect. S7004 We were leaving from the room.
Emulator patches
This patches are intended to be applyed to the PSP emulator
Patch to redirect unsupported commands (experimental)
This ugly and highly experimental poc code simply redirects unsupported cmd's to 0x01010005 (Seek Begin), prolly breaks other cmd's
Original
00000000000285B0 00000000000285B0 empty_buffer: # CODE XREF: sceIoIoctlAsync+74�j 00000000000285B0 # sceIofileAsync+140�j ... 00000000000285B0 li r31, 0 00000000000285B4 clrldi r27, r3, 32 00000000000285B8 li r29, 0 00000000000285BC cmpwi cr4, r31, 0 00000000000285C0 00000000000285C0 IoFileMgrForUser_822ADD32: # CODE XREF: sceIoIoctlAsync+184�j 00000000000285C0 # sceIofileAsync+2D0�j 00000000000285C0 clrldi r7, r23, 32 # out data ptr 00000000000285C4 extsw r3, r24 # id 00000000000285C8 extsw r4, r28 # cmd 00000000000285CC mr r6, r27 # in size 00000000000285D0 clrldi r8, r25, 32 # out len 00000000000285D4 mr r5, r29 # in data ptr 00000000000285D8 bl _IoFileMgrForUser_822ADD32 # pspFileSystem.... ? 00000000000285DC ld r2, 0xC0+var_98(r1) 00000000000285E0 mr r31, r3 00000000000285E4 beq cr4, loc_285F4 # nop 00000000000285E8 mr r3, r29 00000000000285EC bl _sys_libc_free 00000000000285F0 ld r2, 0xC0+var_98(r1) 00000000000285F4 00000000000285F4 loc_285F4: # CODE XREF: sceIoIoctlAsync+B4�j 00000000000285F4 stw r31, 8(r30) # return value
Patched
00000000000285B0 00000000000285B0 loc_285B0: # CODE XREF: sceIoIoctlAsync+74�j 00000000000285B0 # sceIoIoctlAsync+140�j ... 00000000000285B0 bl _sys_libc_malloc 00000000000285B4 clrldi r26, r3, 32 00000000000285B8 lis r28, 0x101 # 0x1010005 # Seek cmd id 00000000000285BC ori r28, r28, 5 # 0x1010005 00000000000285C0 b loc_28724 00000000000285C4 # --------------------------------------------------------------------------- 00000000000285C4 00000000000285C4 loc_285C4: # CODE XREF: sceIoIoctlAsync+184�j # 00000000000285C4 # sceIoIoctlAsync+2D0�j # Both branches also modified, so we can use 5x4 bytes 00000000000285C4 clrldi r7, r23, 32 00000000000285C8 extsw r3, r24 00000000000285CC extsw r4, r28 00000000000285D0 mr r6, r27 00000000000285D4 clrldi r8, r25, 32 00000000000285D8 mr r5, r29 00000000000285DC bl _IoFileMgrForUser_822ADD32 00000000000285E0 ld r2, 0xC0+var_98(r1) 00000000000285E4 mr r31, r3 00000000000285E8 mr r3, r29 00000000000285EC bl _sys_libc_free 00000000000285F0 ld r2, 0xC0+var_98(r1) 00000000000285F4 stw r31, 8(r30)
Unsupported ID's will be replaced with empty buffers and simply sent through IoIoctl.
PGD = ID 0x04100001
Supported cmd ID's:
0x1010005 (UMD file seek set) 0x1010009 0x101000A (0x1020006) (0x1020007) 0x1030008 (Read UMD file) (0x1D20002) 0x1F100A6 (UMD file seek whence) 0x1F30003 (UMD disc read sectors operation)
- Reference help:
0x01020001 - Get UMD Primary Volume Descriptor 0x01020002 - Get UMD Path Table 0x01020003 - Get UMD sector size 0x01020004 - Get UMD file pointer 0x01010005 - Set UMD file seek 0x01020006 - Get UMD file start sector 0x01020007 - Get UMD file length in bytes 0x01030008 - Read UMD file 0x01D20001 - Get UMD device file current sector seek position 0x01F30003 - Read raw sectors from UMD device file 0x01F100A6 - Set UMD device file seek by sector 0x04100001 - Define decryption key (DRM by amctrl.prx) 0x04100002 - Set PGD offset 0x04100010 - Get PGD data size
TRANSLATOR_PATCH
What does the TRANSLATOR_PATCH is responsible for? Patching the PSP RAM, maybe?
- Yeah, looks like it. Patch is done right before entering recompiler/emitter, right before mips code is read. Worth to add that patch seems to affect only code that gets recompiled, which mean no patches to data, only to code(?). --Kozarovv (talk) 17:45, 4 March 2023 (CET)
- Looking for ways to fix the shitty Patapon 3. Patch (for PAL version) skips the sceIo functions to avoid loading the DATAMS.BND file from ms0:/ during the bootup. Of course it does not work on the PS3, in contrary to the PPSSPP. I do not have a time and wish to play with the EBOOT file encryption/decryption. --Agrippa (talk) 20:58, 10 March 2023 (CET)
TRANSLATOR_PATCH[2] = { 08844B7C 08844B80 10000036 00A08821 }
Looks like the pattern is wrong. I have tried various combinations with no luck for Final Fantasy Tactics. Patch for ULES version is 0x883E050 00001021.--Agrippa (talk) 20:42, 15 March 2023 (CET)
- It seems like emu expect single patch to be 0x14 in size? It's little bit hard to read that code because emu read it first, then translate to config nr, and send pemucorelib, that one interpret it, and send to translator (jit) elf using 0xB3900000 mapped mem. In the end pemucorelib also have built in jit which apparently don't use that patch? No idea really, i did some work on psp emu, but only for simple configs, and recompilers/emitters. --Kozarovv (talk) 11:17, 16 March 2023 (CET)
TRANSLATOR_PATCH[%lld] = {
When string match config decimal value is read. This is only config that read that value as 32 bits (lwz addr + 4, other cfgs do ld addr), which probably doesn't matter for us anyway. That value is used as a multiplier for 0x14 size for calloc. So it dictates how many patches are there (and one "config" is expected to be 0x14 size by calloc). Returned pointer is saved, and pemucorelib gets notified about config (pointer is not send yet, just count as an argument). From that point next chunks are read by sscanf with just %08X as format. So it expect just 8 valid hex characters (4 bytes). What's important i can't find place where it expect spaces. So apparently value should be passed as 128 (160?) bit. Also there seems to be no space after "{" and, before "}" Next thing is that first two values after count are and with 0xFFFFFFFC, so that will be most likely address of some kind (MIPS cpu most likely). And that how it looks in psp emu file. All that is sent to PEmuCoreLib. Which process it, and send by 0xB39000XX to translator (JIT) file. So valid config seems to be for eg:
TRANSLATOR_PATCH[1] = {08844B7C08844B801000003600A08821}
--Kozarovv (talk) 21:19, 19 March 2023 (CET)
- I am testing the Final Fantasy Tactics instead, since the patch is confirmed to fix (I would personally nop instead) the "Memory Stick not found" error. But it does not work at all, unfortunately. I made two different configs and they do nothing:
TRANSLATOR_PATCH[1] = {0883E0500883E0540000102100001021}
TRANSLATOR_PATCH[1] = {0883E04C0883E0542784807C0000102100001021}