Talk:LV2 Functions and Syscalls

From PS3 Developer wiki
Revision as of 18:08, 17 September 2011 by Euss (talk | contribs)
Jump to navigation Jump to search

temp fix workarea



Function Notes Offset in 3.55 Offset in 3.41 Offset in 3.15 Offset in 3.10 Offset in 3.01 Offset in 2.76
char *strcpy(char *dest, const char *src) 0x4E684 0x4D2F0 0x4CDAC 0X4CDA8 0x4AAC4 0x469B8
int strlen(char *str) 0x4E6AC 0x4D318 0X4CDD4 0X4CDD0 0x4AAEC 0x469E0
char *strcat(char *destination, const char *source) 0x4E5B4 0x4D220 0x4CCDC
char *strchr(const char* str, char chr) 0x4E5EC 0x4D258 0x4CD14
char *strrchr(const char* str, char chr) 0x4CEE4
int strcmp(const char *s1, const char *s2) 0x4E630 0x4D29C 0x4CD58
int strncmp(const char *s1, const char *s2, size_t n) 0x4E6D8 0x4D344 0X4CE00 0X4CDFC 0x4AB18 0x46A0C
char *strncpy(char *destination, const char *source, size_t num) 0x4E74C 0x4D3B8 0x4CE74
int memcmp(void *v1, void *v2, size_t n) 0x4D7E8 0x4C454 0x4BF10
void *memchr(void *s, int c, size_t n) 0x4BEC0
void *memcpy(void *dest, const void *src, size_t n) 0x7C3A4 0x7C01C 0X7BE9C 0X7BE98 0x77E84 0x7395C
void *memset(void *s, int c, size_t n) 0x4E4D8 0x4D144 0X4CC00 0X4CBFC 0x4A95C 0x46850


Function Notes Offset in 3.55 Offset in 3.41 Offset in 3.15
int snprintf(char *str, size_t size, char *format, ...) 0x4F86C 0x4E4D8 0x4DF94
int sprintf(char *str, char *format, ...) 0x4F900 0x4E56C 0x4E028
int printf(char *format, ...) This prints to the serial debug console. 0x29285C 0x28A654 0x28A11C


Function Notes Offset in 3.41 Offset in 3.15 Offset in 3.10 Offset in 3.01 Offset in 2.76
void* alloc(size_t size, int unk) unk is possibly pool? PSGroove uses 0x27. 0x62088 0x61CF0 0x61CEC 0x5DF4C 0x59D54
void dealloc(void* ptr, int unk) unk is possibly pool? Should be the same value of unk given to alloc. 0x624C8 0x62138 0x62134 0x5E38C 0x5A194
void process_utils::create_initial_system_process(). Called to start the first userspace process, which is normally "sys_init_osd.self" but it can also launch recovery mode or update mode. 0x287D50 0x287858
void Panic(int unk) This function does not return.

(It seems that the offset point to a location that will cause panic after, not the real panic function, use with caution)

USBGetDeviceDescriptor USB function 0xd2998 0xd3474 0xCCD2C
USBOpenEndpoint 0xd29c4 0xd34ac 0xCCD58
USBControlTransfer 0xd292c 0xd3408 0xCCCC0
USBRegisterDriver 0xd22d8 0xd2978 0xCC6A0

Lv2 System Table Offset

FW version Offset
3.55 0x346570
3.55 dex 0x361578
3.41 0x2EB128
3.40 0x2EB128
3.30 0x2EA728
3.21 0x2EA8A0
3.15 0x2EA820
3.10 0x2EA820
3.01 0x2CFB40
2.76 0x2C4318


LV2 Syscalls

Number Name Notes
#sys_process Syscalls (1-31)
1 sys_process_getpid
2 sys_process_wait_for_child
4 sys_process_get_status
5 sys_process_detach_child
12 sys_process_get_number_of_object
13 sys_process_get_id
14 sys_process_is_spu_lock_line_reservation_address
18 sys_process_getppid
19 sys_process_kill
22 sys_process_exit
23 sys_process_wait_for_child2
25 sys_process_get_sdk_version
30 sys_process_get_paramsfo Buffer Size 40h, returns infos from sfo, not sfo itself! sample: 00000000 01 42 4C 45 53 38 30 36 30 38 00 00 00 00 00 00 �BLES80608......
31 sys_process_get_ppu_guid
#sys_ppu_thread Syscalls (43-58)
43 sys_ppu_thread_yield
44 sys_ppu_thread_join
45 sys_ppu_thread_detach
46 sys_ppu_thread_get_join_state
47 sys_ppu_thread_set_priority
48 sys_ppu_thread_get_priority
49 sys_ppu_thread_get_stack_information
56 sys_ppu_thread_rename
57 sys_ppu_thread_recover_page_fault
58 sys_ppu_thread_get_page_fault_context
#sys_trace Syscalls (67-69+77)
67 sys_trace_allocate_buffer
68 sys_trace_free_buffer
69 sys_trace_create2
#sys_timer Syscalls (70-76+141+142)
70 sys_timer_create
71 sys_timer_destroy
72 sys_timer_get_information
73 sys_timer_start
74 sys_timer_stop
75 sys_timer_connect_event_queue
76 sys_timer_disconnect_event_queue
#sys_trace Syscalls (67-69+77)
77 sys_trace_create2_in_cbepm
#sys_interrupt Syscalls (80+81+84+88+89)
80 sys_interrupt_tag_create
81 sys_interrupt_tag_destroy
#sys_event Syscalls (82+83+85-87+118+128-140)
82 sys_event_flag_create
83 sys_event_flag_destroy
#sys_interrupt Syscalls (80+81+84+88+89)
84 sys_interrupt_thread_establish
#sys_event Syscalls (82+83+85-87+118+128-140)
85 sys_event_flag_wait
86 sys_event_flag_trywait
87 sys_event_flag_set
#sys_interrupt Syscalls (80+81+84+88+89)
88 sys_interrupt_thread_eoi
89 sys_interrupt_thread_disestablish
#sys_semaphore Syscalls (90-94+114)
90 sys_semaphore_create
91 sys_semaphore_destroy
92 sys_semaphore_wait
93 sys_semaphore_trywait
94 sys_semaphore_post
#sys_lwmutex Syscalls (95-99)
95 sys_lwmutex_create
96 sys_lwmutex_destroy
97 sys_lwmutex_lock
98 sys_lwmutex_trylock
99 sys_lwmutex_unlock
#sys_mutex Syscalls (100-104)
100 sys_mutex_create
101 sys_mutex_destroy
102 sys_mutex_lock
103 sys_mutex_trylock
104 sys_mutex_unlock
#sys_cond Syscalls (105-110)
105 sys_cond_create
106 sys_cond_destroy
107 sys_cond_wait
108 sys_cond_signal
109 sys_cond_signal_all
110 sys_cond_signal_to
#sys_lwcond Syscalls (111+112)
111 sys_lwcond_create
112 sys_lwcond_destroy
#sys_semaphore Syscalls (90-94+114)
114 sys_semaphore_get_value
#sys_event Syscalls (82+83+85-87+118+128-140)
118 sys_event_flag_clear
#sys_rwlock Syscalls (120-127+148)
120 sys_rwlock_create
121 sys_rwlock_destroy
122 sys_rwlock_rlock
123 sys_rwlock_tryrlock
124 sys_rwlock_runlock
125 sys_rwlock_wlock
126 sys_rwlock_trywlock
127 sys_rwlock_wunlock
#sys_event Syscalls (82+83+85-87+118+128-140)
128 sys_event_queue_create
129 sys_event_queue_destroy
130 sys_event_queue_receive
131 sys_event_queue_tryreceive
132 sys_event_flag_cancel
133 sys_event_queue_drain
134 sys_event_port_create
135 sys_event_port_destroy
136 sys_event_port_connect_local
137 sys_event_port_disconnect
138 sys_event_port_send
139 sys_event_flag_get
140 sys_event_port_connect_ipc
#sys_timer Syscalls (70-76+141+142)
141 sys_timer_usleep
142 sys_timer_sleep
#sys_time Syscalls (145-147)
145 sys_time_get_current_time
146 sys_time_get_system_time
147 sys_time_get_timebase_frequency
#sys_rwlock Syscalls (120-127+148)
148 sys_rwlock_trywlock
#sys_spu/sys_raw_spu Syscalls (150-260)
150 sys_raw_spu_create_interrupt_tag
151 sys_raw_spu_set_int_mask
152 sys_raw_spu_get_int_mask
153 sys_raw_spu_set_int_stat
154 sys_raw_spu_get_int_stat
156 sys_spu_image_open
157 sys_spu_image_import
160 sys_raw_spu_create
161 sys_raw_spu_destroy
163 sys_raw_spu_read_puint_mb
165 sys_spu_thread_get_exit_status
166 sys_spu_thread_set_argument
167 sys_spu_thread_group_start_on_exit
169 sys_spu_initialize
170 sys_spu_thread_group_create
171 sys_spu_thread_group_destroy
172 sys_spu_thread_initialize
173 sys_spu_thread_group_start
174 sys_spu_thread_group_suspend
175 sys_spu_thread_group_resume
176 sys_spu_thread_group_yield
177 sys_spu_thread_group_terminate
178 sys_spu_thread_group_join
179 sys_spu_thread_group_set_priority
180 sys_spu_thread_group_get_priority
181 sys_spu_thread_write_ls
182 sys_spu_thread_read_ls
184 sys_spu_thread_write_snr
185 sys_spu_thread_group_connect_event
186 sys_spu_thread_group_disconnect_event
187 sys_spu_thread_set_spu_cfg
188 sys_spu_thread_get_spu_cfg
190 sys_spu_thread_write_spu_mb
191 sys_spu_thread_connect_event
192 sys_spu_thread_disconnect_event
193 sys_spu_thread_bind_queue
194 sys_spu_thread_unbind_queue
196 sys_raw_spu_set_spu_cfg
197 sys_raw_spu_get_spu_cfg
198 sys_spu_thread_recover_page_fault
199 sys_raw_spu_recover_page_fault
244 sys_spu_thread_group_system_set_next_group
245 sys_spu_thread_group_system_unset_next_group
246 sys_spu_thread_group_system_set_switch_group
247 sys_spu_thread_group_system_unset_switch_group
250 sys_spu_thread_group_set_cooperative_victims
251 sys_spu_thread_group_connect_event_all_threads
252 sys_spu_thread_group_disconnect_event_all_threads
254 sys_spu_thread_group_log
260 sys_spu_image_open_by_fd
#sys_vm/sys_memory/sys_mmapper Syscalls (300-352)
300 sys_vm_memory_map
301 sys_vm_unmap
302 sys_vm_append_memory
303 sys_vm_return_memory
304 sys_vm_lock
305 sys_vm_unlock
306 sys_vm_touch
307 sys_vm_flush
308 sys_vm_invalidate
309 sys_vm_store
310 sys_vm_sync
311 sys_vm_test
312 sys_vm_get_statistics
324 sys_memory_container_create
325 sys_memory_container_destroy
326 sys_mmapper_allocate_fixed_address
327 sys_mmapper_enable_page_fault_notification
329 sys_mmapper_free_shared_memory
330 sys_mmapper_allocate_address
331 sys_mmapper_free_address
332 sys_mmapper_allocate_shared_memory
333 sys_mmapper_set_shared_memory_flag
334 sys_mmapper_map_shared_memory
335 sys_mmapper_unmap_shared_memory
336 sys_mmapper_change_address_access_right
337 sys_mmapper_search_and_map
338 sys_mmapper_get_shared_memory_attribute
341 sys_memory_container_create
342 sys_memory_container_destroy
343 sys_memory_container_get_size
348 sys_memory_allocate
349 sys_memory_free
350 sys_memory_allocate_from_container
351 sys_memory_get_page_attribute
352 sys_memory_get_user_memory_size
#sys_game Syscalls (372-376+410-412)
372 sys_game_watchdog_start
373 sys_game_watchdog_stop
374 sys_game_watchdog_clear
376 sys_game_get_system_sw_version
#sys_sm/sys_ctrl Syscalls (378-396)
378 sys_sm_get_ext_event2
379 sys_sm_shutdown (?) system_call_4(379,0x200,0,0,0); // 0x1100/0x100 = turn off,0x1200/0x200=reboot
380 sys_sm_get_params
383 used by sys_game_get_temperature
384 sys_sm_get_tzpb used by sys_game_get_temperature
386 sys_ctrl_led(?) Controls Power LED - Parameters: value1,value2
396 sys_sm_set_rtc_alarm
#sys_tty Syscalls (402-403)
402 sys_tty_read
403 sys_tty_write
#sys_game Syscalls (372-376+410-412)
410 sys_game_board_storage_read
411 sys_game_board_storage_write
412 sys_game_get_rtc_status
#sys_overlay Syscalls (450-457)
450 sys_overlay_load_module
451 sys_overlay_unload_module
452 sys_overlay_get_module_list
453 sys_overlay_get_module_info
454 sys_overlay_load_module_by_fd
455 sys_overlay_get_module_info2
456 sys_overlay_get_sdk_version
457 sys_overlay_get_module_dbg_info
#sys_prx Syscalls (461-499)
461 sys_prx_get_module_id_by_address
463 sys_prx_load_module_by_fd
464 sys_prx_load_module_on_memcontainer_by_fd
465 sys_prx_load_module_list
466 sys_prx_load_module_list_on_memcontainer
467 sys_prx_get_ppu_guid
480 sys_prx_load_module
481 sys_prx_start_module
482 sys_prx_stop_module
483 sys_prx_unload_module
484 sys_prx_register_module
485 sys_prx_query_module
486 sys_prx_register_library
487 sys_prx_unregister_library
488 sys_prx_link_library
489 sys_prx_unlink_library
490 sys_prx_query_library
493 sys_prx_dbg_get_module_info
494 sys_prx_get_module_list
495 sys_prx_get_module_info
496 sys_prx_get_module_id_by_name
497 sys_prx_load_module_on_memcontainer
498 sys_prx_start
499 sys_prx_stop
#sys_config Syscalls (518)
518 sys_config_get_service_event
#sys_storage Syscalls (600-623+837+838)
600 sys_storage_open int sys_storage_open(uint64_t id, int *fd)
601 sys_storage_close int sys_storage_close(int fd)
602 sys_storage_read int sys_storage_read(int fd, uint32_t start_sector, uint32_t sectors, uint8_t *bounce_buf, uint8_t *sectors_read)
603 sys_storage_write
604 sys_storage_send_device_command
605 sys_storage_async_configure
606 sys_storage_async_read
607 sys_storage_async_write
608 sys_storage_async_cancel
609 sys_storage_get_device_info int sys_storage_get_device_info(uint64_t device, uint8_t *buffer), buffer[40]=total sectors,buffer[48]=sector size
610 sys_storage_get_device_config
611 sys_storage_report_devices
612 sys_storage_configure_medium_event
613 sys_storage_set_medium_polling_interval
614 sys_storage_create_region
615 sys_storage_delete_region
616 sys_storage_execute_device_command
617 sys_storage_get_region_acl
618 sys_storage_set_region_acl
619 sys_storage_async_send_device_command
622 sys_storage_get_region_offset
623 sys_storage_set_emulated_speed
#sys_io Syscalls (624-627)
624 sys_io_buffer_create
625 sys_io_buffer_destroy
626 sys_io_buffer_allocate
627 sys_io_buffer_free
#sys_gpio Syscalls (630-631)
630 sys_gpio_set
631 sys_gpio_get
#sys_fsw Syscalls (633-634)
633 sys_fsw_connect_event
634 sys_fsw_disconnect_event
#sys_rsx Syscalls (666-667)
666 sys_rsx_device_open
667 sys_rsx_device_close
668 sys_rsx_memory_allocate
669 sys_rsx_memory_free
670 sys_rsx_context_allocate
671 sys_rsx_context_free
672 sys_rsx_context_iomap
673 sys_rsx_context_iounmap
674 sys_rsx_context_attribute
675 sys_rsx_device_map
676 sys_rsx_device_unmap
677 sys_rsx_attribute
#sys_bdemu Syscalls (699)
699 sys_bdemu_send_command
#sys_net Syscalls (700-726)
700 sys_net_bnet_accept
701 sys_net_bnet_bind
702 sys_net_bnet_connect
703 sys_net_bnet_getpeername
704 sys_net_bnet_getsockname
705 sys_net_bnet_getsockopt
706 sys_net_bnet_listen
707 sys_net_bnet_recvfrom
708 sys_net_bnet_recvmsg
709 sys_net_bnet_sendmsg
710 sys_net_bnet_sendto
711 sys_net_bnet_setsockop
712 sys_net_bnet_shutdown
713 sys_net_bnet_socket
714 sys_net_bnet_close
715 sys_net_bnet_poll
716 sys_net_bnet_select
724 sys_net_bnet_ioctl
725 sys_net_bnet_sysctl
#lv2Fs Syscalls (801-834)
801 lv2FsOpen char* path = r3, s32 oflags = r4, u64* file_id = r5, s32 mode = r6 (???), void* arg = r7 (???), u32 argcount = r8
802 lv2FsRead u32 file_id = r3, void* buf = r4, u64 size = r5, u64* readed_count = r6
803 lv2FsWrite u32 file_id = r3, const void* buf = r4, u64 size = r5, u64* written_count = r6
804 lv2FsClose u32 file_id = r3
805 lv2FsOpenDir char* path = r3, s32 file_id = r4
806 lv2FsReadDir u32 file_id = r3, Lv2FsDirent* fs_dirent = r4, u64* readed_count = r5
807 lv2FsCloseDir u32 file_id = r3
808 lv2FsStat
809 lv2FsFstat
810 lv2FsLink
811 lv2FsMkdir char* path = r3, u32 mode = r4
812 lv2FsRename
813 lv2FsRmdir
814 lv2FsUnlink
815 lv2FsUtime
818 lv2FsLSeek
820 lv2FsFSync
831 lv2FsTruncate
832 lv2FsFTruncate
834 lv2FsChmod
#sys_storage Syscalls (600-623+837+838)
837 sys_storage_util_mount(?) Parameters: Device Name (e.g CELL_FS_IOS:BUILTIN_FLSH1), Device File System (e.g CELL_FS_FAT), Device Path (e.g. /dev_flash), 0, Write Protection (0 or 1), 0, 0, 0
838 sys_storage_util_unmount(?) Parameters: Device Path (e.g. /dev_flash)
#process socket service syscalls (862-864)
862 [trm_manager_if (Interface)]
863 [update_manager_if (Interface)]
864 [storage_manager_if (Interface)]
#sys_ss/sys_get Syscalls (865-879)
865 sys_ss_random_number_generator
867 sys_get_system_parameter
868 [indi_info_manager_if (Interface)]
870 sys_ss_get_console_id int sys_ss_get_console_id(uint8_t *buf) //returns idps in buf
871 sys_ss_access_control_engine
872 sys_ss_get_open_psid
873 sys_ss_get_cache_of_product_mode
874 sys_ss_get_cache_of_flash_ext_flag
875 sys_ss_get_boot_device
876 sys_ss_disc_access_control
878 sys_ss_ad_sign
879 sys_ss_media_id
#sys_deci3 Syscalls (880-884)
880 sys_deci3_open
881 sys_deci3_create_event_path
882 sys_deci3_close
883 sys_deci3_send
884 sys_deci3_receive
#sys_dbg Syscalls (900-970)
900 sys_dbg_stop_processes
909 sys_dbg_get_thread_list
914 sys_dbg_get_process_info
921 sys_dbg_set_process_event_cntl_flag
923 sys_dbg_set_spu_thread_group_event_cntl_flag
925 sys_dbg_get_raw_spu_list
932 sys_dbg_get_mutex_list
934 sys_dbg_get_cond_list
936 sys_dbg_get_rwlock_list
938 sys_dbg_get_lwmutex_list
942 sys_dbg_get_event_queue_list
946 sys_dbg_get_semaphore_list
948 sys_dbg_get_kernel_thread_list
949 sys_dbg_get_kernel_thread_info
950 sys_dbg_get_lwcond_list
952 sys_dbg_create_scratch_data_area_ext
970 sys_dbg_get_event_flag_list
986 seems to return Game Application Title ID

Network Syscalls

Networking uses syscalls 700-726

File Syscalls


Name Value
LV2_O_RDONLY 0x000000
LV2_O_WRONLY 0x000001
LV2_O_RDWR 0x000002
LV2_O_ACCMODE 0x000003
LV2_O_CREAT 0x000100
LV2_O_EXCL 0x000200
LV2_O_TRUNC 0x001000
LV2_O_APPEND 0x002000
LV2_O_MSELF 0x010000


Name Structure Packed
Lv2FsStat s32 st_mode; s32 st_uid; s32 st_gid; u64 st_access_time; u64 st_modify_time; u64 st_create_time; u64 st_size; u64 st_blksize; yes
Lv2FsUtimbuf u64 access_time; u64 modify_time; no
Lv2FsDirent u8 d_type; u8 d_namlen; char d_name[256]; no

Filesystem Syscalls

Filesystem uses syscalls 700-726

Unofficial Syscalls added

Number Function - Added by Notes
6 Peek - PSGroove v1.1 r3 is a 64 bit address to read. A 64 bit value will be returned in r3
7 Poke - PSGroove v1.1 r4 is a 64 bit value. r3 is the address to write that value to.
8 Peek - graf_chokolo r3 is a 64 bit address to read. A 64 bit value will be returned in r3
8 Peek - ps3cobra r3 is a 64 bit address to read. A 64 bit value will be returned in r3
9 Poke - graf_chokolo r4 is a 64 bit value. r3 is the address to write that value to.

See also: psl1ght::Syscalls