forums.ps2dev.org

Homebrew PS2, PSP & PS3 Development Discussions
https://forums.ps2dev.org/

IOP Reset

https://forums.ps2dev.org/viewtopic.php?f=11&t=10618

Page 1 of 1

IOP Reset

Posted: Tue Jul 08, 2008 11:21 pm
by superfrog12
hello,

I am trying to understand IOP hardware reset. so i take a look at rom0:RESET and it is all ok but at the end there is a jal instruction to 0x0fc02600. please tell me what is going on here. what is 0x0fc02600, it should be invalid, no?

good day,
superfrog12

Posted: Wed Jul 09, 2008 3:06 am
by Lukasz
When you are reversing code for which there is no documentation, you are pretty much on your own. Unless you get help from someone who has already reversed it, which I think is unlikely, as most people I've come across keep their reversed code for themselves. In short, I think its unlikely you will get much help here :-)

However, this is not a dead end. What you should do is write a small IOP module which dumps like 1 KB of memory at 0x0fc02600 and see whats there. You could then compare the 1 KB chunk to your dumped BIOS and I'm pretty confident you will find a match somewhere :-)

Posted: Wed Jul 09, 2008 10:40 pm
by superfrog12
Hello Lukasz,

thank you for reply, yes that is what I tried of course too, but it will just stall if I try to read from that memory address. I think I must be overseeing something obvious...oh well if I figure it out eventually I will let you know. I agree with you, it is very unfortunate most people do not share their discoveries, i ask why?

Posted: Thu Jul 10, 2008 12:32 am
by EEUG
...actually RESET module contains initialization sequence for both EE and IOP. It is executed during reset/bootstrap and excecution starts at 0xBFC00000. If you use 'ps2dis' disassembler then you can try to put this value in "Address from" field and everything will become more clear (your 0x0fc02600 will probably turn into 0xbfc02600)...

Posted: Thu Jul 10, 2008 2:52 am
by Lukasz
I had a quick look at RESET and EEUG is right, the function call (jal) you are refering to calls a function within RESET. The parameters for the function are

Code: Select all

func_bfc02600(0xbfc00000, 0xbfc80000, "IOPBOOT")
Based on these parameters and the fact that the code jumps to the return value of this function, I'd say this function looks for IOPBOOT in the BIOS and then jumps to the entrypoint of IOPBOOT (mine is located at 0xbfc4a000).

I'm surprised you even got this far without having set the correct base address for RESET, as it jumps to the static address 0xbfc02000 at the very beginning of the module, when loaded on the IOP :-)

Posted: Thu Jul 10, 2008 3:03 am
by superfrog12
hello,

i did not know about "address from" field in ps2dis. now it is all very clear. thank you both :)
All times are UTC+10:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited