Talk:Hypervisor Reverse Engineering

From PS3 Developer wiki
Revision as of 16:52, 22 September 2011 by Euss (talk | contribs)
Jump to navigation Jump to search

emer init.self

Program 1

0x40000                          # bind object to subchannel 0
0x31337000

0x3C0180
0x66604200
0xFEED0000
0xFEED0001
0xFEED0000
0x0
0xFEED0000
0xFEED0000
0xFEED0000
0xFEED0001
0x66606660
0x66626660
0x0
0x0
0xFEED0000
0xFEED0000

0x40060
0x66616661

0x340200
0x0
0x0
0x121
0x40
0x0
0x0
0x0
0x40
0x1
0x80
0x100
0x40
0x0

0x100280
0x40
0x40
0x0
0x0

0x41D80
0x3

0x4802B8
0x0
0x0
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000
0xFFF0000

0x81D98
0xFFF0000
0xFFF0000

0x41DA4
0x0

0x403B0
0x10

0x41454
0x0

0x41FF4
0x3FFFFF

0x181FC0
0x0
0x6144321
0xEDCBA987
0x6F
0x171615
0x1B1A19

0x280B40
0x0
0x0
0x0
0x0
0x0
0x0
0x0
0x0
0x0
0x0

0x40A0C
0x0

0xC0A60
0x0
0x0
0x0

0x80A78
0x0
0x0

0x41428
0x1

0x41D88
0x1000

0x41E94
0x11

0x41450
0x80003

0x41FE0
0x2000000

0x400B00
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8
0x2DC8

0x1008CC
0x800
0x0
0x0
0x0

0x100240
0xFFFF
0x0
0x0
0x0
0x0

0xC003C0
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x10101
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x7421
0x9AABAA98
0x66666789
0x98766666
0x89AABAA9
0x99999999
0x88888889
0x98888888
0x99999999
0x56676654
0x33333345
0x54333333
0x45667665
0xAABBBA99
0x66667899
0x99876666
0x99ABBBAA

0x81738
0x0
0x0

0x4E000                          # bind object to subchannel 7
0xCAFEBABE

Program 2

0x80308
0x207
0x0

Program 3

0x42000                       # bind object to subchannel 1
0x31337303

0xC2180                       # method of subchannel 1
0x66604200
0xFEED0001
0xFEED0000

0x46000                       # bind object to subchannel 3
0x313371C3

0xC6180                       # method of subchannel 3
0x66604200
0xFEED0000
0xFEED0000

0x4A000                       # bind object to subchannel 5
0x31337808

0x20A180                      # method of subchannel 5
0x66604200
0x0
0x0
0x0
0x0
0x0
0x0
0x313371C3

0x8A2FC                       # method of subchannel 5
0x3
0x4

0x48000                       # bind object to subchannel 4
0x31337A73

0x88180                       # method of subchannel 4
0x66604200
0xFEED0000

0x4C000                       # bind object to subchannel 6
0x3137AF00

0x4C180                       # method of subchannel 6
0x66604200


RSXFIFOCommands

Commands

NOP (0x00000100)

  • Nop
0x00000100

CALL (0x00000002)

  • Calls a function at the specified offset.
  • Command size is 0.
  • The parameter is offset in FIFO buffer.
<offset> | 0x00000002

RET (0x00020000)

  • Returns from a function.
  • Command size is 0.
0x00020000

JMP (0x20000000)

  • Jumps to the specified offset.
  • Command size is 0.
  • The parameter is offset in FIFO buffer.
0x20000000 | <offset>

COLOR MASK (0x00040324)

  • Sets color mask.
  • Command size is 1.
  • The parameter is color mask.
0x00040324
<color mask>

FRONT POLYGON MODE (0x00041828)

  • Sets front polygon mode.
  • Command size is 1.
  • The parameter is front polygon mode.
0x00041828
<front polygon mode>
Retrieved from "http://www.psdevwiki.com/ps3/index.php?title=Talk:Hypervisor_Reverse_Engineering&oldid=5108"