Editing Talk:PS2 Emulation
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
== | ==Regs== | ||
**1040000000 VU1 regs, mapping like on VU0. | **1040000000 VU1 regs, mapping like on VU0. | ||
**1050000000 VU1 micro data memory (1100C000 on real | **1050000000 VU1 micro data memory (1100C000 on real ps2 and pcsx2 debugger) size 0x4000. | ||
**1050004000 VU1 micro data memory mirror (1100C000 on real | **1050004000 VU1 micro data memory mirror (1100C000 on real ps2 and pcsx2 debugger) size 0x4000. Likely mirrored 2 more times on 8000 and c000 | ||
**104000C000 emulator place here VU1 constants used in popular operations. Eatan/eexp constants, masks for clamping, etc. Similar array can be found in | **104000C000 emulator place here VU1 constants used in popular operations. Eatan/eexp constants, masks for clamping, etc. Similar array can be found in Pcsx2 (mVU_Globals), Dobiestation (atan_const, etc), Play! (GenerateEATAN, etc.) | ||
**1030004000 emulator place here VU0 constants used in popular operations. Like above (vu0 don't have efu so placing there efu constants for eatan/eexp is pointless, but there they are). | **1030004000 emulator place here VU0 constants used in popular operations. Like above (vu0 don't have efu so placing there efu constants for eatan/eexp is pointless, but there they are). | ||
--[[User:Kozarovv|Kozarovv]] ([[User talk:Kozarovv|talk]]) 09:37, 5 January 2023 (UTC) | --[[User:Kozarovv|Kozarovv]] ([[User talk:Kozarovv|talk]]) 09:37, 5 January 2023 (UTC) | ||
== | =Misc info= | ||
Some data that eventually need to be posted on main emulation page. All data posted here is obtained from jak tpl (so called v1) emulator. All data is confirmed in code itself, no guessing (unless said otherwise). Time to start releasing that old work to public. | Some data that eventually need to be posted on main emulation page. All data posted here is obtained from jak tpl (so called v1) emulator. All data is confirmed in code itself, no guessing (unless said otherwise). Time to start releasing that old work to public. | ||
Line 24: | Line 23: | ||
*Default misc settings used by Jak TPL emu: https://pastebin.com/79JCRXkq (ps2_lang is changed later if host system match possible ps2 languages) | *Default misc settings used by Jak TPL emu: https://pastebin.com/79JCRXkq (ps2_lang is changed later if host system match possible ps2 languages) | ||
== | ==Misc misc info== | ||
*Both settings do the same thing: | *Both settings do the same thing: | ||
--external-hdd-fix | --external-hdd-fix | ||
Line 37: | Line 35: | ||
No matter which value is used, 1 is set. | No matter which value is used, 1 is set. | ||
== | ==Few popular misunderstandings== | ||
*vu-xgkick-delay take integer between 0-31 (confirmed on both emu and compiler side), and not float (0.5 is invalid, will be truncated to 0 probably) | |||
*Cop2 rounding in pcsx2 is governed by "EE/FPU" rounding setting, not by VU or VU0. | |||
*Cop2 clamping is hardcodded in pcsx2 as far as i know, if no then is likely also governed by EE/FPU setting not VU/VU0 | |||
*xx-no-clamping setting is not really no clamping known from pcsx2. This is special mode which can be used regardless of other clamp commands. To compare pcsx2 have similar mode only for FPU (Full), to fully mimic that mode we still need fpu-to-double enabled. | |||
==ee-native-function== | |||
Emulator have set of predefined functions used in popular PS2 SDK libraries. Those function are highly optimized to run natively on x64. <br> | Emulator have set of predefined functions used in popular PS2 SDK libraries. Those function are highly optimized to run natively on x64. <br> | ||
'''--ee-native-function=name,address''' under the hood this is hooking selected address, and replace it with jump to predefined function. Functions available in JAK TPL emu: | '''--ee-native-function=name,address''' under the hood this is hooking selected address, and replace it with jump to predefined function. Functions available in JAK TPL emu: | ||
Line 96: | Line 99: | ||
jr $ra | jr $ra | ||
addiu $sp, 0x30 | addiu $sp, 0x30 | ||
This is corner case example as floatdidf convert a 64bit signed integer to IEEE double, and PS2 developers generally had no reason to use doubles (fpu/vu are operating on 32 bit floats). But you can see that whole conversion is practically done in 1 opcode, while ps2 take massive function to do this. Other functions are usually less optimized, but still really worth it. | This is corner case example as floatdidf convert a 64bit signed integer to IEEE double, and PS2 developers generally had no reason to use doubles (fpu/vu are operating on 32 bit floats). But you can see that whole conversion is practically done in 1 opcode, while ps2 take massive function to do this. Other functions are usually less optimized, but still really worth it. | ||
== EE/VU injection == | ==EE/VU injection== | ||
"Injections" are special sets of precompiled functions, idea is known better as HLE emulation. Available injections can vary depend on ps2-compiler.self, because that's where lookup for available functions is done. This literally replace code that normally is recompiler, with optimized version when address and hash match. Probably not many games can use this. Good candidates are games that use the same engine as currently released ps2 classics. Many times VU1 programs are reused by the same developer. | |||
"Injections" are special sets of precompiled functions | <br>'''VU1''' | ||
<br | |||
'''VU1''' | |||
*Name + offset in JAK TPL compiler | *Name + offset in JAK TPL compiler | ||
*unk1 | *unk1 | ||
Line 245: | Line 245: | ||
Same goes for "kernel" injections, they are also based on ID + Hash + address. Generally all "injections" should be safe to be enabled by configs. There is really small chance for hash/address(and id) collision. Not to be confused with "native" / "native-patch" ! | Same goes for "kernel" injections, they are also based on ID + Hash + address. Generally all "injections" should be safe to be enabled by configs. There is really small chance for hash/address(and id) collision. Not to be confused with "native" / "native-patch" ! | ||
= | ==Fast Accurate MUL Implementation== | ||
While Accurate MUL is implemented as very resource heavy fully fledged soft float operation, there is theoretically less accurate but very fast "accurate MUL" available. Surprisingly this is not copy pasted PS3 implementation (no need to reach Olympus from Lop Nor this time). While this implementation is assumed to be less accurate (than soft floats), result should be the same as with soft floats. r14 and esi are source floats for operation. So, here it comes: | |||
<pre> | |||
mov edx, r14d | |||
mov eax, esi | |||
xor eax, r14d | |||
shr edx, 23 | |||
and eax, 80000000h | |||
and edx, 0FFh | |||
jz mul_end ; mul by denormal | |||
mov ecx, 817h | |||
bextr ecx, esi, ecx ; esi >> 23 & 0xFF | |||
jz mul_end ; mul by denormal | |||
and r14d, 7FFFFFh | |||
and esi, 7FFFFFh | |||
add edx, ecx | |||
or r14d, 800000h | |||
or esi, 800000h | |||
imul rsi, r14 | |||
shr rsi, 23 | |||
vcvtsi2ss xmm0, xmm0, rsi | |||
vaddss xmm0, xmm0, cs:(float)0.5 | |||
vmovd ecx, xmm0 | |||
shr ecx, 23 | |||
lea edx, [rcx+rdx-115h] | |||
cmp edx, 0FFh | |||
jle case1 | |||
mov ecx, 7F800000h | |||
mov esi, 7FFFFFh | |||
jmp case2 | |||
case1: | |||
add ecx, -150 | |||
xor ebx, ebx | |||
shr esi, cl | |||
mov ecx, edx | |||
and esi, 0FF7FFFFFh | |||
shl ecx, 23 | |||
test edx, edx | |||
cmovle esi, ebx | |||
cmovle ecx, ebx | |||
case2: | |||
or esi, eax | |||
or esi, ecx | |||
mov eax, esi | |||
mul_end: | |||
ret | |||
</pre> | |||
=RESEARCH TO DO= | |||
{| cellspacing="0" cellpadding="2" border="1" class="wikitable" style="text-align: center;" | {| cellspacing="0" cellpadding="2" border="1" class="wikitable" style="text-align: center;" | ||
! Name !! Notes | ! Name !! Notes | ||
Line 252: | Line 301: | ||
| Locating the gs registers || Abysmal. | | Locating the gs registers || Abysmal. | ||
|- | |- | ||
| Trying to reverse-engineer any emulator's executable by using assembly and hxd to improve compatibility || Tedious. | | Trying to reverse-engineer any emulator's executable by using assembly and hxd to improve compatibility || Tedious. / TPC register's instruction 8998B0030000 | ||
|- | |- | ||
| Locating the proper CDVD read speed (God of war and Ratchet size matters [Both have affected music]) || IOP and CDVD commands help | | Locating the proper CDVD read speed (God of war and Ratchet size matters [Both have affected music]) || IOP and CDVD commands help | ||
|- | |||
| Fully understand what the vif chunk command thingy does || Too low and your game will freeze at the intro | |||
|- | |- | ||
| Find out what some of the gs commands do and edit their description || Infelicitous! | | Find out what some of the gs commands do and edit their description || Infelicitous! | ||
|- | |- | ||
| Understand the gs lua functions || | | Understand the gs lua functions || | ||
|- | |||
| Implement a EE memory patch for ratchet up your arsenal || Not trivial obviously | |||
|- | |- | ||
|} | |} | ||
* GS registers aren't mapped in easy way comparing to other ones. Offsets will vary per emulator, and that's for sure. This is what you get in read mode on JAK emu (not sure if i have v1 or v2 to be honest, is known as ps2emu16): | |||
* GS registers | |||
gs_reg_SCISSOR_1 0000000001B11800 | gs_reg_SCISSOR_1 0000000001B11800 | ||
gs_reg_FBA_1 0000000001B11808 | gs_reg_FBA_1 0000000001B11808 | ||
Line 324: | Line 376: | ||
hwreg_GS_EXTWRITE 0000000007D89FB8 | hwreg_GS_EXTWRITE 0000000007D89FB8 | ||
hwreg_GS_BGCOLOR 0000000007D89FC0 | hwreg_GS_BGCOLOR 0000000007D89FC0 | ||
But keep in mind that GS regs can be "duplicated" for different emulation stages. GS is jited too, so it should have kind of pipeline too. | But keep in mind that GS regs can be "duplicated" for different emulation stages. GS is jited too, so it should have kind of pipeline too. | ||
"Implement a EE memory patch for ratchet up your arsenal" Game write data using qmtc2/ctc2 and expect VU0 to still run at this point, which is not always true. Mega high vu0 mpg cycles could potentially push it little further. Patching that will be pain just because Ratchet use code overlays. This mean you need to patch game image with the same patch in more than 20 places. Because what you see in | "Implement a EE memory patch for ratchet up your arsenal" Game write data using qmtc2/ctc2 and expect VU0 to still run at this point, which is not always true. Mega high vu0 mpg cycles could potentially push it little further. Patching that will be pain just because Ratchet use code overlays. This mean you need to patch game image with the same patch in more than 20 places. Because what you see in pcsx2 debugger / ps2dis will change depend on stage you play now. That's why PS3, and PCSX2 use dynamic jit patches (pcsx2 use it for different issue tho). --[[User:Kozarovv|Kozarovv]] ([[User talk:Kozarovv|talk]]) 14:20, 27 February 2023 (CET) | ||
== no-clamping == | == no-clamping == | ||
Sup. Can i know how no-clamping behavior was tested to confirm that "The default emulator's behavior cannot be set by CLI commands."? Because that doesn't sound right, and emulator explicitly set 0 or 1 on init, which is confirmed in emu code. What can happen, is that other clamping settings were changed during test, and that affected result. But looking at code i don't think there is any possibility that something "in between" exist. --[[User:Kozarovv|Kozarovv]] ([[User talk:Kozarovv|talk]]) 09:33, 21 June 2023 (CEST) | Sup. Can i know how no-clamping behavior was tested to confirm that "The default emulator's behavior cannot be set by CLI commands."? Because that doesn't sound right, and emulator explicitly set 0 or 1 on init, which is confirmed in emu code. What can happen, is that other clamping settings were changed during test, and that affected result. But looking at code i don't think there is any possibility that something "in between" exist. --[[User:Kozarovv|Kozarovv]] ([[User talk:Kozarovv|talk]]) 09:33, 21 June 2023 (CEST) | ||
<br>It is based on a test I did on Sly Cooper 2. If VU1 Clamping was set to 1 or 0, the game crashes. If left empty, game works fine. --[[User:Scalerize|Scalerize]] ([[User talk:Scalerize|talk]]) 14:58, 21 June 2023 (CEST) | <br>It is based on a test I did on Sly Cooper 2. If VU1 Clamping was set to 1 or 0, the game crashes. If left empty, game works fine. --[[User:Scalerize|Scalerize]] ([[User talk:Scalerize|talk]]) 14:58, 21 June 2023 (CEST) | ||
Line 340: | Line 393: | ||
So, after taking some time to think about it, I had remembered that the game would crash right after the first pyramid fmv at the press start screen. But yeah, leave as it is. You have the upper hand in removing/adding anything you like --[[User:Scalerize|Scalerize]] ([[User talk:Scalerize|talk]]) 17:19, 21 June 2023 (CEST) | So, after taking some time to think about it, I had remembered that the game would crash right after the first pyramid fmv at the press start screen. But yeah, leave as it is. You have the upper hand in removing/adding anything you like --[[User:Scalerize|Scalerize]] ([[User talk:Scalerize|talk]]) 17:19, 21 June 2023 (CEST) | ||
== | == Config table with IDs from Jak emu == | ||
Table from Jak emulator, this is how emulator config parser see data from cli. Please don't edit typos, etc. This is how it is in emulator. I'm leaving it here, so main page can be slowly updated with data from table if needed. Emulator translate commands to ID, then use ID in jump table in parser to apply cfg. ID is not guaranteed to be the same between emulators, but i didn't tested that. Comments match id too. Script for ida to dump this info will be posted soon. UNK value is not critical for anything, but it is used for something, and it is part of original table. This table is missing few commands which are parsed outside of main cfg routine. | |||
|============================================================================================================| | |============================================================================================================| | ||
Line 721: | Line 774: | ||
| 362 | 0x1 | --pmc-measure-frames | frames(int) | | | 362 | 0x1 | --pmc-measure-frames | frames(int) | | ||
|============================================================================================================| | |============================================================================================================| | ||
Note: Few commands is accidentally read with = , for example --elf-symbols=. Commands like this possibly expect == to be used. Anyway, good for us all of those cmds are meaningless. | Note: Few commands is accidentally read with = , for example --elf-symbols=. Commands like this possibly expect == to be used. Anyway, good for us all of those cmds are meaningless. | ||
=== | ===Script=== | ||
IDA Script to dump this info, should find all by itself. Should... Tested on jak emu, and rogue emu. Keep in mind that it will dump only to ida output window, to dump it to file you need to modify it by yourself. Script will separate fields by comma. Output will be ID, UNK, COMMMAND, COMMENT. Next commas are eventually from config comment itself. | |||
IDA Script to dump this | |||
import idc | import idc | ||
import idaapi | import idaapi | ||
Line 760: | Line 809: | ||
addr += 0x18 | addr += 0x18 | ||
dump() | dump() | ||
==Fatal Fury Modding== | |||
'''It seems modifying the eboot.bin of any emulator using HXD allows using commands without adding them to the CLI. Potentially, we could locate VU0's jit-sync and modify it to fix many issues, while changing the values of other commands to suit our needs. This is a to-do in the future. Considering it needs a lot of researching, I'm not sure when and if to work on it. --[[User:Scalerize|Scalerize]] ([[User talk:Scalerize|talk]]) 19:10, 29 June 2024 (CEST)''' | |||
== Fatal Fury | |||
'''It seems | |||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
! Fatal Fury | ! Fatal Fury Eboot !! !! !! !! !! | ||
|- | |- | ||
| || '''Offset (Eboot)''' || '''Value type''' || '''Normal value''' || '''Modified value''' || '''Notes''' | | || '''Offset (Eboot)''' || '''Value type''' || '''Normal value''' || '''Modified value''' || '''Notes''' | ||
|- | |- | ||
| '''EE Something (Delta counter?)''' || 50FE1 || 4 Bytes || 294912000 || Can be modified as needed for as long as the value fits 4 bytes. || | |||
| '''EE | |||
|- | |- | ||
| ''' | | '''EE Clock (Cycle scalar)''' || 50FE5 || 4 Bytes || 256 || Can be modified as needed for as long as the value fits 4 bytes. || | ||
|- | |- | ||
| | | '''Context switch cycles''' (?) || 5105B || 4 Bytes || 10000 || || | ||
|-style="background-color:#7698FF" | |-style="background-color:#7698FF" | ||
| Binary or 1 byte??? || || || || || | | Binary or 1 byte??? || || || || || | ||
Line 789: | Line 827: | ||
| '''VU1 Jit-sync''' || 510DE || Binary || 1000001<span style="color:red">0</span> || 1000001<span style="color:red">1</span> || Adding jit-sync changes the value at the end to 1 | | '''VU1 Jit-sync''' || 510DE || Binary || 1000001<span style="color:red">0</span> || 1000001<span style="color:red">1</span> || Adding jit-sync changes the value at the end to 1 | ||
|- | |- | ||
| '''Vif1-instant-xfer''' || Still unknown, but it sits to the left of VU1 Jit-sync when found using ps4 cheater. || Binary || 000<span style="color:red">1</span>1111 || | | '''Vif1-instant-xfer''' || Still unknown, but it sits to the left of VU1 Jit-sync when found using ps4 cheater. || Binary || 000<span style="color:red">1</span>1111 || 001<span style="color:red">0</span>1111 || Adding vif1-instant-xfer=0, changes 1F to 0F | ||
|- | |- | ||
| '''VU0 vf00''' || 51109 and 5110A || 1 Byte each?|| 0xCB and 0x26 || 0x4B and 0x27|| Modified value is when the command is set to 2 | | '''VU0 vf00''' || 51109 and 5110A || 1 Byte each?|| 0xCB and 0x26 || 0x4B and 0x27|| Modified value is when the command is set to 2 | ||
|- | |- | ||
| '''VU0-di-bits''' || 5110A || 1 Byte || 0x26 || 0x06 || | | '''VU0-di-bits''' || 5110A || 1 Byte || 0x26 || 0x06 || | ||
|- | |- | ||
|} | |} |