Real Physical Address?
#1
Ok I found the address 0090F1B8 pcsx2_rev4282.exe+50F1B8 within cheat engine using pcsx2 rev 4282 how I convert this into a real address?
All other codes i've found come up as 2??????? addresses be it 8-bit, 16-bit or 32-bit search, that's the EE correct? so what is my above address 0090F1B8 from? Wacko
Address controls the found disc type, but i'm not sure it's overwriting what the emulated console memory sees or if it's overwriting what pcsx2 seeks before passing it on the emulated memory.
PC Specs
OS: Windows XP Professional SP2 32bit
CPU: Intel Pentium 4 2.00GHz
Memory: 768MB DDR2
GPU: SiS 650
SPU: Philips PSC605
Reply

Sponsored links

#2
1: what game?
2: what is the code supposed to do?

I'm sure you mean 2-byte/4-byte I doubt you're pairing 2+ addresses and values
Reply
#3
Since you are using newer version than r4029,all the codes you find are the same in Cheat Engine and those you put into .pnach
The only difference is the 2 at the beginning of the address

This 2 you must change depending on what type the code is or what will you use for type(byte,short,word or extended).
When you use for type extended you must replace it with for 0-255(0-FF) to 0,for 0-65535(0-FFFF) to 1 and for 0-4294967295(0-FFFFFFFF) to 2
When you use for type byte,short or word,you have to change it to 0
Reply
#4
The address you found might be a pointer to EE data or maybe an instruction pointer to recompiled ELF code (if the Cheat Engine's debugger was involved).
But it is definitely not an EE address, and you can't rely on it because it will be different in different versions of PCSX2.
Reply
#5
(03-28-2011, 12:21 AM)_DTG_ Wrote: The address you found might be a pointer to EE data or maybe an instruction pointer to recompiled ELF code (if the Cheat Engine's debugger was involved).
But it is definitely not an EE address, and you can't rely on it because it will be different in different versions of PCSX2.

Which raises a question for me. Do we know what causes re-compiler resets or a way to deal with them?

When I was making http://www.youtube.com/watch?v=DiZOviKR1jg I had to keep starting over because the code for calculating dark matter would get recompiled and moved.

I ask because I notice some of the generated code is, odd. I might be able to contribute to the pcsx2 project and improve it, but I can't keep any of the generated code nailed down to analyze any of it Tongue
Reply
#6
Well. It looks like PCSX2 recompiles a PS2 (ELF) code on-the-fly. So the only proper way to deal with it is to find the offset of the original ELF code before it gets recompiled. Then you can try to patch it, if you are familiar with MIPS instructions set and have the necessary tools to reverse engineer it.

I have heard that IDA Pro can disassemble PS2 or PS1 executables, but I'm not quite sure. Smile
Also, there was a program called "PS2 Dis".
Don't know how much they can be useful. Smile
Reply
#7
I've got a feeling it's a kernal address.
0x00100000-0x01FFFFFF EE shows as 2??????? in cheat engine.
Using 2090F1B8 in cheat engine has no effect but 0090F1B8 works.

Code:
Logical Address Range    Physical Address Range    Description            Size
---------------------    ----------------------    -----------            -----
0x80000000-0x800FFFFF    0x00000000-0x000FFFFF    EE Kernel              1 MB
0x00100000-0x01FFFFFF    0x00100000-0x01FFFFFF    EE RAM (Cached)             31 MB
0x20100000-0x21FFFFFF    0x00100000-0x01FFFFFF    EE RAM (Uncached)         31 MB
0x30100000-0x31FFFFFF    0x00100000-0x01FFFFFF    EE RAM (Uncached&accelerated)     31 MB
0x10000000-0x11FFFFFF    0x10000000-0x11FFFFFF    EE Registers (uncached)         32 MB
0x12000000-0x13FFFFFF    0x12000000-0x13FFFFFF    GS Registers (uncached)         32 MB
0x1FC00000-0x1FFFFFFF    0x1FC00000-0x1FFFFFFF?    Boot ROM0 (uncached)          4 MB
0x9FC00000-0x9FFFFFFF    0x1FC00000-0x1FFFFFFF?    Boot ROM09 (cached)          4 MB
0xBFC00000-0xBFFFFFFF    0x1FC00000-0x1FFFFFFF?    Boot ROM0b (uncached)          4 MB
0xBE000000-0xBE040000    0x1E000000-0x1E03FFFF?    Boot ROM1            256 KB
0xBE400000-0xBE440000    0x1E400000-0x1E43FFFF?    Boot ROM2            256 KB
0xBC000000-0xBC1FFFFF    0x1C000000-0x1C1FFFFF?    IOP RAM                  2 MB
0x70000000-0x70003FFF    ----------------------    Scratch Pad             16 KB

Kernel empty and unused areas (NB: On non-modded consoles)
----------------------------------------------------------
Area            Logical Address Range    Physical Address Range    Size
----            ---------------------    ----------------------    ----
#1            0x80030000-0x80074FFF    0x00030000-0x00074FFF    282624 Bytes
#2            0x80078250-0x8007FFFF    0x00078250-0x0007FFFF    32176 Bytes

RAM Mirror Modes    Logical Address Range    Physical Address Range    Size
----------------    ---------------------    ----------------------    ----
Cached            0x00100000-0x01FFFFFF    0x00100000-0x01FFFFFF    31 MB
Uncached        0x20100000-0x21FFFFFF    0x00100000-0x01FFFFFF    31 MB
Uncached&accelerated    0x30100000-0x31FFFFFF    0x00100000-0x01FFFFFF    31 MB

Operating Modes        Logical Address Range    Physical Address Range    Size
---------------        ---------------------    ----------------------    ----
USEG            0x00000000-0x01FFFFFF    0x00000000-0x01FFFFFF    32 MB
KSEG0            0x80000000-0x81FFFFFF    0x00000000-0x01FFFFFF    32 MB
KSEG1            0xA0000000-0xA1FFFFFF    0x00000000-0x01FFFFFF    32 MB

Scratch Pad RAM Address Range
-----------------------------
0x70000000-0x70003FFF

ROM BIOS Mirror Address Range    Logical Address Range    Physical Address Range
-----------------------------    ---------------------    ----------------------
Uncached            0x1FC00000-0x1FFFFFFF    0x1FC00000-0x1FFFFFFF
Cached                0x9FC00000-0x9FFFFFFF    0x1FC00000-0x1FFFFFFF
Uncached            0xBFC00000-0xBFFFFFFF    0x1FC00000-0x1FFFFFFF
PC Specs
OS: Windows XP Professional SP2 32bit
CPU: Intel Pentium 4 2.00GHz
Memory: 768MB DDR2
GPU: SiS 650
SPU: Philips PSC605
Reply
#8
(03-28-2011, 02:08 AM)_DTG_ Wrote: Well. It looks like PCSX2 recompiles a PS2 (ELF) code on-the-fly. So the only proper way to deal with it is to find the offset of the original ELF code before it gets recompiled. Then you can try to patch it, if you are familiar with MIPS instructions set and have the necessary tools to reverse engineer it.

I have heard that IDA Pro can disassemble PS2 or PS1 executables, but I'm not quite sure. Smile
Also, there was a program called "PS2 Dis".
Don't know how much they can be useful. Smile

Doesn't solve the problem of me being able to analyze what the output of the recompiler is without it moving around on me.. but that doesn't matter cause...

Sure enough... I just drag and dropped the file into IDA and it disassembled it perfectly. At first I thought it was wrong and messed up, but I learned.. no it isn't messed up. MIPS doesn't even have a stack, I don't even...

It does explains why the code I was looking at running seemed odd.. I think getting into this right now is above my head and I'll save it for when I have more time Tongue
Reply




Users browsing this thread: 1 Guest(s)