PS3 - PSP Debug - pspdbg.sprx lib: A new project by mysis

Here is some interesting research and news from PS3 developer Mysis, As many know playing PSP games on the PS3 is fairly hit and miss with around 40% (roughly) of the PSP library playable (see comparability list) on a CFW enabled Console. Many of the game will just black screen with only speculation to why this is happening. So the developer is working (not yet released) on a plugin for developer's that will "log access of the HLE functions" to hopefully find resolution around [break]ss[/break]some of the restrictions the emulator currently presents itself. While the developer is not ready to release this plugin he has provided some details and information in this recent announcement:

Mysis said:

I created a small prx that injected into the psp_emulator.self process of the playstation 3 is able to log access of the HLE functions.
By this we can explore why some games black screen or have problems, even could improve the emu by adding unsupported features.

Some games like sweet fuse are even possible to fix, when one presses the screenshot option ingame (circle) which happened to freeze the game completely because sony did not add that it is supposed to return an error on screenshot utility init.

Here are some logs and pics, i am currently developing it on 4.46.

Code:

Shining Blade
Game: game exec processID = [0x01030200]
Game: game exec processID = [0x01030200]
prx.c:sys_prx_load_module:Error: res(id)=0x80010003
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/NPJH50530/USRDIR/MINIS2.EDAT
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/NPJH50530/USRDIR/ISO.BIN.EDAT
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/NPJH50530/USRDIR/MINIS.EDAT
Finding Process Object
-------Processes------
PiD | Path
1030200|/dev_flash/pspemu/psp_emulator.self
-> Process found, returning obj.
Process Object: 0x800000005fb000
Load file:/dev_hdd0/game/PRXLOADER/USRDIR/pspdbg.sprx
---Hello from pspdbg----
[x] found PEmuCoreLib
[.] path: /dev_hdd0/game/NPJH50530/
[.] psp path: /dev_flash/pspemu/psp/
[.] flash0 path: /dev_flash/pspemu/flash0/
[.] ms path: /dev_flash/pspemu/ms/
[.] EXDATA path: /dev_hdd0/game/NPJH50530/USRDIR/EXDATA/
[x] Injecting Hooks
[x] Hooks set.
load_prx_module result: 0
Load executed.
sceDisplaySetMode(mode:0, width:480, height:272) = 0
sceDisplaySetMode(mode:0, width:480, height:272) = 0


Kurofune Graphics library version 3.30.04mv
sceIoDevctl(dev:fatms0:, cmd:2415821, indata:a7de870, inlen:4, outdata:0, outlen:0) = 0
sceIoDevctl(dev:fatms0:, cmd:2415821, indata:a7ff110, inlen:4, outdata:0, outlen:0) = 0
sceIoOpen(disc0:/PSP_GAME/INSDIR/DATA.BIN, flags:40004001, mode:21a4)- PGD detected! - = 0
sceIoIoctl(fd:6, cmd:4100001, indata:8c88e73, inlen:10, outdata:0, outlen:0) - PGD detected! - = 80010086
sceIoOpen(disc0:/PSP_GAME/USRDIR/STREAM/OD_STREAM.AFS, flags:4001, mode:21a4) = 0
sceIoOpen(disc0:/PSP_GAME/USRDIR/STREAM/OD_VOICE.AFS, flags:4001, mode:21a4) = 0
sceDisplaySetMode(mode:0, width:480, height:272) = 0
sceIoOpen(flash0:/font/jpn0.pgf, flags:1, mode:0) = 7
sceIoDevctl(dev:fatms0:, cmd:2425823, indata:0, inlen:0, outdata:a7ff0c0, outlen:4) = 0
Game ScreenShots: ON
Game ScreenShots unlocked.
sceUtilitySavedataInitStart(8efa3a0) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(2) = 0
sceUtilitySavedataGetStatus() = 2

Code:

Kingdom Hearts Birth By Sleep
Game: game exec processID = [0x01060200]
Game: game exec processID = [0x01060200]
prx.c:sys_prx_load_module:Error: res(id)=0x80010003
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/ULES01441/USRDIR/MINIS2.EDAT
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/ULES01441/USRDIR/ISO.BIN.EDAT
klicensee: DB85732366CD734FC879E743343BB4F
File: /dev_hdd0/game/ULES01441/USRDIR/MINIS.EDAT
Finding Process Object
-------Processes------
PiD | Path
1060200|/dev_flash/pspemu/psp_emulator.self
-> Process found, returning obj.
Process Object: 0x800000005e2800
Load file:/dev_hdd0/game/PRXLOADER/USRDIR/pspdbg.sprx
---Hello from pspdbg----
[x] found PEmuCoreLib
[.] path: /dev_hdd0/game/ULES01441/
[.] psp path: /dev_flash/pspemu/psp/
[.] flash0 path: /dev_flash/pspemu/flash0/
[.] ms path: /dev_flash/pspemu/ms/
[.] EXDATA path: /dev_hdd0/game/ULES01441/USRDIR/EXDATA/
[x] Injecting Hooks
[x] Hooks set.
load_prx_module result: 0
Load executed.
sceKernelAllocPartitionMemory(partition:2, name:UserSbrk, type(cat), size:1000, *addr:1000) = 3ef01
sceIoGetstat(disc0:/PSP_GAME/USRDIR/BBS0.DAT, stat:a7c8980) = 0
sceIoOpen(umd1:, flags:1, mode:0) = 0
sceIoGetstat(disc0:/PSP_GAME/USRDIR/BBS1.DAT, stat:a7c8180) = 0
sceIoOpen(disc0:/PSP_GAME/USRDIR/BBS1.DAT, flags:40000001, mode:0)- PGD detected! - = 0
sceIoIoctl(fd:7, cmd:4100001, indata:8b31418, inlen:10, outdata:0, outlen:0) - PGD detected! - = 80010086
sceIoGetstat(disc0:/PSP_GAME/USRDIR/BBS2.DAT, stat:a7c8180) = 0
sceIoOpen(disc0:/PSP_GAME/USRDIR/BBS2.DAT, flags:40000001, mode:0)- PGD detected! - = 0
sceIoIoctl(fd:8, cmd:4100001, indata:8b31428, inlen:10, outdata:0, outlen:0) - PGD detected! - = 80010086
sceIoGetstat(disc0:/PSP_GAME/USRDIR/BBS3.DAT, stat:a7c8180) = 0
sceIoOpen(disc0:/PSP_GAME/USRDIR/BBS3.DAT, flags:40000001, mode:0)- PGD detected! - = 0
sceIoIoctl(fd:9, cmd:4100001, indata:8b31438, inlen:10, outdata:0, outlen:0) - PGD detected! - = 80010086
sceIoGetstat(disc0:/PSP_GAME/USRDIR/BBS4.DAT, stat:a7c8180) = 0
sceIoDevctl(dev:fatms0:, cmd:2415821, indata:a7ff640, inlen:4, outdata:0, outlen:0) = 0
sceDisplaySetMode(mode:0, width:480, height:272) = 0
sceUtilitySavedataInitStart(9948030) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 3
sceUtilitySavedataShutdownStart() = 0
sceUtilitySavedataGetStatus() = 0
sceUtilitySavedataInitStart(9948030) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 2
sceUtilitySavedataUpdate(1) = 0
sceUtilitySavedataGetStatus() = 3
sceUtilitySavedataShutdownStart() = 0
sceUtilitySavedataGetStatus() = 0
sceIoGetstat(ms0:PSP/SAVEDATA/ULES01441/SYSTEM.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410000/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410001/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410002/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410003/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410004/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410005/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410006/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410007/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410008/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410009/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410010/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410011/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410012/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410013/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410014/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410015/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410016/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0:PSP/SAVEDATA/ULES014410017/SAVEDATA.DAT, stat:a7ff3f0) = 80020321
sceIoGetstat(ms0..


sceIoOpen title.elf
setdisplaymode
setdisplaymode
(black screen)

Code:

Final Fantasy IV Collection
Game: game exec processID = [0x01060200]
Game: game exec processID = [0x01060200]
prx.c:sys_prx_load_module:Error: res(id)=0x80010003
klicensee: 2A6AFBCF43D1579F7D738741A13BD42E
File: /dev_hdd0/game/ULES01521/USRDIR/MINIS2.EDAT
klicensee: 2A6AFBCF43D1579F7D738741A13BD42E
File: /dev_hdd0/game/ULES01521/USRDIR/ISO.BIN.EDAT
klicensee: 2A6AFBCF43D1579F7D738741A13BD42E
File: /dev_hdd0/game/ULES01521/USRDIR/MINIS.EDAT
Finding Process Object
-------Processes------
PiD | Path
1060200|/dev_flash/pspemu/psp_emulator.self
-> Process found, returning obj.
Process Object: 0x8000000057dc00
Load file:/dev_hdd0/game/PRXLOADER/USRDIR/pspdbg.sprx
---Hello from pspdbg----
[x] found PEmuCoreLib
[.] path: /dev_hdd0/game/ULES01521/
[.] psp path: /dev_flash/pspemu/psp/
[.] flash0 path: /dev_flash/pspemu/flash0/
[.] ms path: /dev_flash/pspemu/ms/
[.] EXDATA path: /dev_hdd0/game/ULES01521/USRDIR/EXDATA/
[x] Injecting Hooks
[x] Hooks set.
load_prx_module result: 0
Load executed.
main( disc0:/PSP_GAME/SYSDIR/EBOOT.BIN,)
sceIoDevctl(dev:fatms0:, cmd:2415821, indata:9fff5a0, inlen:4, outdata:0, outlen:0) = 0
sceIoDevctl(dev:ms0:, cmd:2425818, indata:8b0a36c, inlen:4, outdata:0, outlen:0) = 0
sceIoGetstat(ms0:/PSP/SAVEDATA/ULES01521Install/PARAM.SFO, stat:9fff4e8) = 80010002
sceIoGetstat(ms0:/PSP/SAVEDATA/ULES01521Install/PAC1.BIN, stat:9fff4e8) = 80010002
sceIoDevctl(dev:ms0:, cmd:2425824, indata:0, inlen:0, outdata:9fff5b0, outlen:4) = 0
sceCtrlReadBufferPositive(SceCtrlData *0x9fcb9b0, count: 8) -&gt; 0
sceDisplaySetMode(mode:0, width:480, height:272) = 0
sceDisplaySetMode(mode:0, width:480, height:272) = 0
sceIoOpenAsync(disc0:/PSP_GAME/USRDIR/PAC0.BIN, flags:1, mode:0) = 6
sceIoIoctl(fd:6, cmd:1020007, indata:0, inlen:0, outdata:9feb270, outlen:8) = 0
B9FEB270 08 DB 01 00 00 00 00 00?
sceIoOpenAsync(disc0:/PSP_GAME/USRDIR/PAC1.BIN, flags:1, mode:0) = 6
sceIoIoctl(fd:6, cmd:1020006, indata:0, inlen:0, outdata:9feb280, outlen:4) = 0
B9FEB280 B0 D7 00 00 ??
sceIoIoctl(fd:6, cmd:1020007, indata:0, inlen:0, outdata:9feb270, outlen:8) = 0
B9FEB270 00 38 72 13 00 00 00 00 8r
sceIoOpenAsync(disc0:/sce_lbn0x2069e_size0x7bd66, flags:1, mode:0) = 6

And here are some pictures:

- Album on Imgur

- Album on Imgur

As you may see the emulator does not support accessing sectors mapped as file (sce_lbn). If anyone around knows or got an idea of how i would be able to implement it by using HLE functions themselves (i can also use IoCtl etc.) i would really appreciate it

Release: (no eta yet)

Update: Developer Hykem provide some help mysis was seeking

Hykem said:
Mysis said:

As you may see the emulator does not support accessing sectors mapped as file (sce_lbn). If anyone around knows or got an idea of how i would be able to implement it by using HLE functions themselves (i can also use IoCtl etc.) i would really appreciate it

Click to expand...

We had to implement this by hand in JPCSP:
https://github.com/g...dIsoReader.java
https://github.com/g...MgrForUser.java

PPSSPP has an identical implementation as well:
https://github.com/h...OFileSystem.cpp
https://github.com/h...ISOFileSystem.h
https://github.com/h...cFileSystem.cpp

For example, we found this for "Monster Hunter Freedom Unite"

Code:

// For example: // MONSTER HUNTER FREEDOM UNITE ULES01213 // hleKernelLoadModule(path='disc0:/sce_lbn0x11981_size0x59c0') // and the sector 0x11981 is found inside a huge "DATA.BIN" file (a CD image): // PSP_GAME/USRDIR/DATA.BIN: Starting at sector 0xD960, with size 737 MB

// For example:
// MONSTER HUNTER FREEDOM UNITE ULES01213
// hleKernelLoadModule(path='disc0:/sce_lbn0x11981_size0x59c0')
// and the sector 0x11981 is found inside a huge "DATA.BIN" file (a CD image):
// PSP_GAME/USRDIR/DATA.BIN: Starting at sector 0xD960, with size 737 MB

Source: PlayStationHaX.it

Related Links: Mysis Game Recording Plugin / PSPonPS3 Compatability List

Click to expand...

#2

I think this is a great project, While many tend to believe the PSP emulator is just crap. I honestly think it's need more figuring out.

Nice project by mysis here !!!

#3

STLcardsWS said:
I think this is a great project, While many tend to believe the PSP emulator is just crap. I honestly think it's need more figuring out.

Nice project by mysis here !!!

Indeed it will help alot to get more details about the PSP Emu, i debugged the PSP Emu a few weeks ago too and found a minor issue with the Ad Hoc but mysis works is pretty great and will help me in near future

#4

Sorry for the necro bump but I just recalled this and wondered if anything ever came of this @mysis as debugging the PSP or PS2 emu's has intrigued me and feel there is a lot of room for advancement. And since mysis is the reigning king of reverse engineering parts of the PS3.

You must log in or register to reply here.

Similar threads

PS3 Evilnat 4.89.3 CFW (Official Release - Coming Soon) PEX / OverClocking / Cobra v8.4 / xai_plugin /.
- Started by STLcardsWS
- Jan 25, 2023
- Replies: 22
PS3 News
PS3 CFW 4.89.3 Evilnat Cobra (8.4) (CEX/DEX/PEX)
- Started by Evilnat
- May 17, 2022
- Replies: 1K
PS3 CFW (Custom Firmware)
PS3 4.88.2 Evilnat CFW with Cobra 8.3
- Started by jolek
- Apr 24, 2022
- Replies: 2
PS3 Jailbreak CFW and PS3HEN
PS3 4.93 Evilnat w/ Cobra v8.5 - (CEX/PEX/D-PEX)
- Started by Evilnat
- Mar 5, 2023
- Replies: 3K
PS3 CFW (Custom Firmware)

PS3 PSP Debug - pspdbg.sprx lib: A new project by mysis

STLcardsWS

KanadeEngel

atreyu187

Similar threads

Featured content

Trending content

Latest posts