diff --git a/ps2emuBULLY2/PS20220WD20050620.crack b/ps2emuBULLY2/PS20220WD20050620.crack new file mode 100644 index 0000000..668ff93 Binary files /dev/null and b/ps2emuBULLY2/PS20220WD20050620.crack differ diff --git a/ps2emuBULLY2/config-emu-ps4.txt b/ps2emuBULLY2/config-emu-ps4.txt new file mode 100644 index 0000000..92b4bdb --- /dev/null +++ b/ps2emuBULLY2/config-emu-ps4.txt @@ -0,0 +1,13 @@ +--path-vmc="/tmp/vmc" +--path-emulog="/tmp/recordings" +--path-patches="/app0/patches" +--path-trophydata="/app0/trophy_data" +--path-featuredata="/app0/feature_data" +--host-osd=0 +--host-audio=1 +--host-display-mode=full +--ps2-title-id=SLES-00000 +--ps2-lang=system +--gs-uprender=2x2 +--gs-upscale=EdgeSmooth +--rom="PS20220WD20050620.crack" \ No newline at end of file diff --git a/ps2emuBULLY2/docs/revision.h b/ps2emuBULLY2/docs/revision.h new file mode 100644 index 0000000..c402259 --- /dev/null +++ b/ps2emuBULLY2/docs/revision.h @@ -0,0 +1,12 @@ +/* This file is autogenerated. DO NOT EDIT. */ +#define PACKAGE_NAME "Packaging/PackageBuild-BuildBinary-866" +#define PACKAGE_BUILT_BY "" +#define PACKAGE_BUILT_ON "20160218" +#define PACKAGE_DATE_STRING "08 Mar 16" +#define JENKINS_JOB_NAME "Packaging/PackageBuild-BuildBinary" +#define JENKINS_JOB_NUMBER "866" +#define REV_BINARY_SHA "8816ce8eca9810aba82949804b6e52a8bca8239cc35c15d0bee83b1eee491679" +#define GIT_BRANCH "titles/Bully" +#define GIT_REV_DATE "20160218-2" +#define GIT_HASH_BINARY "68cc2486fdd789319d7ae349bf4f1736c83ab1a6" + diff --git a/ps2emuBULLY2/eboot.bin b/ps2emuBULLY2/eboot.bin new file mode 100644 index 0000000..b433d34 Binary files /dev/null and b/ps2emuBULLY2/eboot.bin differ diff --git a/ps2emuBULLY2/formatted.card b/ps2emuBULLY2/formatted.card new file mode 100644 index 0000000..1ecafd6 Binary files /dev/null and b/ps2emuBULLY2/formatted.card differ diff --git a/ps2emuBULLY2/lua_include/ee-cpr0-alias.lua b/ps2emuBULLY2/lua_include/ee-cpr0-alias.lua new file mode 100644 index 0000000..42af8b6 --- /dev/null +++ b/ps2emuBULLY2/lua_include/ee-cpr0-alias.lua @@ -0,0 +1,26 @@ +cpr = {} + +cpr.index = 0 +cpr.random = 1 +cpr.entrylo0 = 2 +cpr.entrylo1 = 3 +cpr.context = 4 +cpr.pagemask = 5 +cpr.wired = 6 +cpr.badvaddr = 8 +cpr.count = 9 +cpr.entryhi = 10 +cpr.compare = 11 +cpr.status = 12 +cpr.cause = 13 +cpr.epc = 14 +cpr.prid = 15 +cpr.config = 16 +cpr.badpaddr = 23 +cpr.hwbk = 24 +cpr.pccr = 25 +cpr.taglo = 28 +cpr.taghi = 29 +cpr.errorepc = 30 + +return cpr \ No newline at end of file diff --git a/ps2emuBULLY2/lua_include/ee-gpr-alias.lua b/ps2emuBULLY2/lua_include/ee-gpr-alias.lua new file mode 100644 index 0000000..e491810 --- /dev/null +++ b/ps2emuBULLY2/lua_include/ee-gpr-alias.lua @@ -0,0 +1,43 @@ + +-- Recommended method to import this module: +-- local gpr = require("ee-gpr-alias") +-- +-- Using the global 'lang' variable is depreciated. This will change to a local-scope variable after +-- the depreciation period has expired in April 2016. + +gpr = {} + +gpr.zero = 0 +gpr.at = 1 +gpr.v0 = 2 +gpr.v1 = 3 +gpr.a0 = 4 +gpr.a1 = 5 +gpr.a2 = 6 +gpr.a3 = 7 +gpr.t0 = 8 +gpr.t1 = 9 +gpr.t2 = 10 +gpr.t3 = 11 +gpr.t4 = 12 +gpr.t5 = 13 +gpr.t6 = 14 +gpr.t7 = 15 +gpr.s0 = 16 +gpr.s1 = 17 +gpr.s2 = 18 +gpr.s3 = 19 +gpr.s4 = 20 +gpr.s5 = 21 +gpr.s6 = 22 +gpr.s7 = 23 +gpr.t8 = 24 +gpr.t9 = 25 +gpr.k0 = 26 +gpr.k1 = 27 +gpr.gp = 28 +gpr.sp = 29 +gpr.fp = 30 +gpr.ra = 31 + +return gpr diff --git a/ps2emuBULLY2/lua_include/ee-hwaddr.lua b/ps2emuBULLY2/lua_include/ee-hwaddr.lua new file mode 100644 index 0000000..6197c6e --- /dev/null +++ b/ps2emuBULLY2/lua_include/ee-hwaddr.lua @@ -0,0 +1,29 @@ +gif_hw = {} +vif0_hw = {} +vif1_hw = {} + +gif_hw.CHCR = 0x1000A000 +gif_hw.MADR = 0x1000A010 +gif_hw.QWC = 0x1000A020 +gif_hw.TADR = 0x1000A030 +gif_hw.ASR0 = 0x1000A040 +gif_hw.ASR1 = 0x1000A050 +gif_hw.SADR = 0x1000A080 + +vif0_hw.CHCR = 0x10008000 +vif0_hw.MADR = 0x10008010 +vif0_hw.QWC = 0x10008020 +vif0_hw.TADR = 0x10008030 +vif0_hw.ASR0 = 0x10008040 +vif0_hw.ASR1 = 0x10008050 +vif0_hw.SADR = 0x10008080 + +vif1_hw.CHCR = 0x10009000 +vif1_hw.MADR = 0x10009010 +vif1_hw.QWC = 0x10009020 +vif1_hw.TADR = 0x10009030 +vif1_hw.ASR0 = 0x10009040 +vif1_hw.ASR1 = 0x10009050 +vif1_hw.SADR = 0x10009080 + +return gif_hw, vif0_hw, vif1_hw, nil \ No newline at end of file diff --git a/ps2emuBULLY2/lua_include/language.lua b/ps2emuBULLY2/lua_include/language.lua new file mode 100644 index 0000000..5365327 --- /dev/null +++ b/ps2emuBULLY2/lua_include/language.lua @@ -0,0 +1,34 @@ + +-- Recommended method to import this module: +-- local lang = require("language") +-- +-- Using the global 'lang' variable is depreciated. This will change to a local-scope variable after +-- the depreciation period has expired in April 2016. + +lang = {} + +lang.japanese = 0 +lang.english = 1 +lang.french = 2 +lang.spanish = 3 +lang.german = 4 +lang.italian = 5 +lang.dutch = 6 +lang.portuguese = 7 +lang.russian = 8 +lang.korean = 9 +lang.chinese_traditional = 10 +lang.chinese_simplified = 11 +lang.finnish = 12 +lang.swedish = 13 +lang.danish = 14 +lang.norwegian = 15 +lang.polish = 16 +lang.portuguese_brazil = 17 +lang.english_gb = 18 +lang.turkish = 19 +lang.spanish_la = 20 +lang.arabic = 21 +lang.french_canada = 22 + +return lang \ No newline at end of file diff --git a/ps2emuBULLY2/lua_include/pad-and-key.lua b/ps2emuBULLY2/lua_include/pad-and-key.lua new file mode 100644 index 0000000..eb1c91b --- /dev/null +++ b/ps2emuBULLY2/lua_include/pad-and-key.lua @@ -0,0 +1,57 @@ + +pad = {} + +-- Left Side +pad.LU = 0x0010 -- Up +pad.LD = 0x0040 -- Down +pad.LL = 0x0080 -- Left +pad.LR = 0x0020 -- Right + +-- Right Side +pad.RU = 0x1000 -- Up (Triangle) +pad.RD = 0x4000 -- Down (Cross) +pad.RL = 0x8000 -- Left (Square) +pad.RR = 0x2000 -- Right (Circle) + +-- aliases +pad.UP = 0x0010 -- LU +pad.DOWN = 0x0040 -- LD +pad.LEFT = 0x0080 -- LL +pad.RIGHT = 0x0020 -- LR +pad.TRIANGLE= 0x1000 +pad.CROSS = 0x4000 +pad.SQUARE = 0x8000 +pad.CIRCLE = 0x2000 + +pad.L1 = 0x0400 +pad.L2 = 0x0100 +pad.L3 = 0x0002 + +pad.R1 = 0x0800 +pad.R2 = 0x0200 +pad.R3 = 0x0004 + +pad.SELECT = 0x0001 +pad.START = 0x0008 + +keyboard = {} + +keyboard.ESCAPE = 0x1000 +keyboard.SLASH = 0x1001 +keyboard.SEPARATOR = 0x1002 -- backslash or pipe (\|) +keyboard.BACKQUOTE = 0x1003 +keyboard.PAGEDOWN = 0x1004 +keyboard.PAGEUP = 0x1005 +keyboard.F1 = 0x1006 +keyboard.F2 = 0x1007 +keyboard.F3 = 0x1008 +keyboard.F4 = 0x1009 +keyboard.F5 = 0x100a +keyboard.F6 = 0x100b +keyboard.F7 = 0x100c +keyboard.F8 = 0x100d +keyboard.F9 = 0x100e +keyboard.F10 = 0x100f +keyboard.F11 = 0x1010 +keyboard.F12 = 0x1011 + diff --git a/ps2emuBULLY2/lua_include/ps2.lua b/ps2emuBULLY2/lua_include/ps2.lua new file mode 100644 index 0000000..32686e7 --- /dev/null +++ b/ps2emuBULLY2/lua_include/ps2.lua @@ -0,0 +1,202 @@ + +require("ee-gpr-alias") +require("utils") + +MipsInsn = {} +MipsInsn.IsAddi = function(insn) return (insn & 0xfc000000) == 0x20000000 end -- addi rt,rs,simm +MipsInsn.IsAddiu = function(insn) return (insn & 0xfc000000) == 0x24000000 end -- addiu rt,rs,simm +MipsInsn.IsBeq = function(insn) return (insn & 0xfc000000) == 0x10000000 end -- beq rs,rt,off +MipsInsn.IsJ = function(insn) return (insn & 0xfc000000) == 0x08000000 end -- j target +MipsInsn.IsJal = function(insn) return (insn & 0xfc000000) == 0x0c000000 end -- jal target +MipsInsn.IsJr = function(insn) return (insn & 0xfc1fffff) == 0x00000008 end -- jr rs +MipsInsn.IsLq = function(insn) return (insn & 0xfc000000) == 0x78000000 end -- lq rt,simm(rs) +MipsInsn.IsLd = function(insn) return (insn & 0xfc000000) == 0xdc000000 end -- ld rt,simm(rs) +MipsInsn.IsLw = function(insn) return (insn & 0xfc000000) == 0x8c000000 end -- lw rt,simm(rs) +MipsInsn.IsSq = function(insn) return (insn & 0xfc000000) == 0x7c000000 end -- sq rt,simm(rs) +MipsInsn.IsSd = function(insn) return (insn & 0xfc000000) == 0xfc000000 end -- sd rt,simm(rs) +MipsInsn.IsSw = function(insn) return (insn & 0xfc000000) == 0xac000000 end -- sw rt,simm(rs) +MipsInsn.IsEnd = function(insn) return (insn & 0xfc00003f) == 0x0000000d end + +MipsInsn.GetRt = function(insn) return (insn >> 16) & 0x1f end +MipsInsn.GetRs = function(insn) return (insn >> 21) & 0x1f end +MipsInsn.GetSimm = function(insn) return ((insn << 48) >> 48) end +MipsInsn.GetOff = function(insn) return MipsInsn.GetSimm(insn) end +MipsInsn.GetTarget = function(insn) return insn & 0x3ffffff end + +-- return FIFO queue of stack trace +-- the queue item is { caller-addr, return-from } +-- +-- example: +-- print("=== stack trace ===") +-- local stack_trace = MipsStackTrace(eeObj, eeObj.GetPc()+4, eeObj.GetGpr(gpr.ra), eeObj.GetGpr(gpr.sp)) +-- while not stack_trace:isEmpty() do +-- local caller = stack_trace:dequeue() +-- print( string.format(" 0x%08x [will return from : %x]", caller[1], caller[2]) ) +-- end +-- +-- NOTE: you must +4 against GetPc() if you in a EE/IOP hook. +-- Because EE/IOP jit executed the instruction at the address already and it might affect $sp or $ra. +-- +-- obj : eeObj or iopObj +-- pc : current pc (from GetPC or readout from thread context) +-- ra : current ra (from GetGpr or readout from thread context) +-- sp : current sp (from GetGpr or readout from thread context) +MipsStackTrace = function (obj, pc, ra, sp, depth) + local max_depth = depth or 10 -- max trace depth + local n_j = 1 + local jmax = {} + local depth = 0 + local bdl_count = 0 + local new_pc = 0 + local icount = 0 + + local result = Queue.new() + local pushed_ra = Queue.new() + while depth < max_depth and icount < 2048 do + -- TODO: error checks + if (pc & 3) ~= 0 then + return result + end + pc = pc & 0x01ffffff + sp = sp & 0x01ffffff + local insn = obj.ReadMem32(pc) + -- print(string.format("trace .. pc=%x insn=%x", pc, insn)) + -- result:enqueue( { pc, insn } ) + + if MipsInsn.IsJr(insn) and MipsInsn.GetRs(insn) == gpr.ra then + bdl_count = 1 + depth = depth + 1 + new_pc = ra + -- print(string.format("jr ra : ra=%x", ra)) + icount = 0 + -- print(string.format("enqueue caller pc=%x ret addr=%x", new_pc-8, pc)) + result:enqueue( {new_pc-8, pc} ) -- {return-addr, where-from} + elseif MipsInsn.IsAddiu(insn) and MipsInsn.GetRt(insn) == gpr.sp and MipsInsn.GetRs(insn) == gpr.sp then + sp = sp + MipsInsn.GetSimm(insn) -- ((insn<<48) >>48) + -- print(string.format("addiu sp,sp,** : new sp = %x", sp)) + elseif MipsInsn.IsLq(insn) or MipsInsn.IsLd(insn) or MipsInsn.IsLw(insn) then + if MipsInsn.GetRt(insn) == gpr.ra and MipsInsn.GetRs(insn) == gpr.sp then + -- the code might push $ra on the stack after start pc. + -- in such case, we must not retrieve $ra value from the memory. + if pushed_ra:isEmpty() then + local imm = MipsInsn.GetSimm(insn) -- ((insn<<48) >>48) + -- print(string.format("retrieve ra from stack(%x) : sp=%x imm=%x", sp+imm, sp, imm)) + ra = obj.ReadMem32(sp + imm) + -- print(string.format("load ra,%x(sp) : sp = %x+%x, ra = %x", imm, sp, imm, ra)) + else + -- print(string.format("retrieve ra from pushed one")) + pushed_ra:dequeue() + end + end + elseif MipsInsn.IsSq(insn) or MipsInsn.IsSd(insn) or MipsInsn.IsSw(insn) then + if MipsInsn.GetRt(insn) == gpr.ra and MipsInsn.GetRs(insn) == gpr.sp then + pushed_ra:enqueue(pc); + end + elseif MipsInsn.IsJ(insn) then -- j ** + local imm = MipsInsn.GetTarget(insn) + imm = imm << 2 + if pc == imm then + -- jump to self? maybe we can ignore it. + else + new_pc = imm + -- print(string.format("j ** : new_pc = %x", new_pc)) + bdl_count = 1 + for t=1, n_j do + if jmax[t] == new_pc then + return result -- closed loop + end + end + if n_j > 1024 then + return result -- jump buffer overflow + end + jmax[n_j] = new_pc + n_j = n_j + 1 + end + elseif MipsInsn.IsBeq(insn) and MipsInsn.GetRs(insn) == gpr.zero then -- beq zero,** + local offset = MipsInsn.GetOff(insn) -- ((insn<<48) >> 48) + offset = offset << 2 + new_pc = pc + 4 + offset + + if pc == new_pc then + -- jump to self? maybe we can ignore it + else + -- print(string.format("beq zero,** : new_pc=%x", new_pc)) + bdl_count = 1 + for t = 1, n_j do + if jmax[t] == new_pc then + return result + end + end + if n_j > 1024 then + return result + end + jmax[n_j] = new_pc + n_j = n_j + 1 + end + elseif MipsInsn.IsEnd(insn) then -- end + -- print(string.format("end")) + return result + elseif MipsInsn.IsJal(insn) then -- jal ** + local imm = insn & 0x03ffffff + imm = imm << 2 + -- print(string.format("jal ** : addr = %x", imm)) + -- call + end + + icount = icount + 1 + pc = pc + 4 + + -- -- print(string.format("bdl_count=%d", bdl_count)) + if bdl_count > 0 then + if bdl_count == 2 then + pc = new_pc + bdl_count = 0 + else + bdl_count = bdl_count + 1 + end + end + end + return result +end + +PS2 = {} +PS2.GetCurrentThread = function(eeObj) return eeObj.ReadMem32(0x12fac) end +PS2.GetThreads = function(eeObj) + local EE_THREAD_BASE = 0x18000 + local EE_NUM_THREADS = 0x100 + local th = EE_THREAD_BASE + local result = Queue.new() + for t = 0, EE_NUM_THREADS-1 do + -- 0 : node_prev + -- 4 : node_next + -- 8 : status + -- 12: pc + -- 16: sp + -- 20: gp + -- 24: init_pri + -- 26: curr_pri + -- 28: wstat + -- 32: waitId + -- 36: wakeupCount + -- 40: attr + -- 44: option + -- 48: func + -- 52: argc + -- 56: args + -- 60: stack + -- 64: size + -- 68: root + -- 72: endOfHeap + local status = eeObj.ReadMem32(th + 8) + if status ~= 0 then + local id = t + local pri = eeObj.ReadMem16(th + 26) + local gp = eeObj.ReadMem32(th + 20) + local pc = eeObj.ReadMem32(th + 12) + local sp = eeObj.ReadMem32(th + 16) + result:enqueue( {id=id, status=status, pri=pri, gp=gp, pc=pc, sp=sp} ) + end + th = th + 76 + end + return result +end diff --git a/ps2emuBULLY2/lua_include/utils.lua b/ps2emuBULLY2/lua_include/utils.lua new file mode 100644 index 0000000..3849bd8 --- /dev/null +++ b/ps2emuBULLY2/lua_include/utils.lua @@ -0,0 +1,60 @@ +-- utility classes/functions + +-- Stack +-- ex: +-- my_stack = Stack.new() +-- my_stack:push( val ) +-- print( my_stack:pop( val ) ) +Stack = {} + +function Stack.new() + local obj = { buff = {} } + return setmetatable(obj, {__index = Stack}) +end + +function Stack:push(x) + table.insert(self.buff, x) +end + +function Stack:pop() + return table.remove(self.buff) +end + +function Stack:top() + return self.buff[#self.buff] +end + +function Stack:isEmpty() + return #self.buff == 0 +end + + +-- Queue +-- ex: +-- my_queue = Queue.new() +-- my_queue:enqueue( val ) +-- print( my_queue:dequeue(val) ) +Queue = {} + +function Queue.new() + local obj = { buff = {} } + return setmetatable(obj, {__index = Queue}) +end + +function Queue:enqueue(x) + table.insert(self.buff, x) +end + +function Queue:dequeue() + return table.remove(self.buff, 1) +end + +function Queue:top() + if #self.buff > 0 then + return self.buff[1] + end +end + +function Queue:isEmpty() + return #self.buff == 0 +end diff --git a/ps2emuBULLY2/ps2-emu-compiler.self b/ps2emuBULLY2/ps2-emu-compiler.self new file mode 100644 index 0000000..5c69e66 Binary files /dev/null and b/ps2emuBULLY2/ps2-emu-compiler.self differ diff --git a/ps2emuBULLY2/sce_discmap.plt b/ps2emuBULLY2/sce_discmap.plt new file mode 100644 index 0000000..ecaa82f Binary files /dev/null and b/ps2emuBULLY2/sce_discmap.plt differ diff --git a/ps2emuBULLY2/sce_module/libSceFios2.prx b/ps2emuBULLY2/sce_module/libSceFios2.prx new file mode 100644 index 0000000..238191c Binary files /dev/null and b/ps2emuBULLY2/sce_module/libSceFios2.prx differ diff --git a/ps2emuBULLY2/sce_module/libc.prx b/ps2emuBULLY2/sce_module/libc.prx new file mode 100644 index 0000000..dc8776d Binary files /dev/null and b/ps2emuBULLY2/sce_module/libc.prx differ diff --git a/ps2emuBULLY2/sce_sys/param.sfo b/ps2emuBULLY2/sce_sys/param.sfo new file mode 100644 index 0000000..d31774c Binary files /dev/null and b/ps2emuBULLY2/sce_sys/param.sfo differ diff --git a/ps2emuBULLY2/sce_sys/shareparam.json b/ps2emuBULLY2/sce_sys/shareparam.json new file mode 100644 index 0000000..8f4038b --- /dev/null +++ b/ps2emuBULLY2/sce_sys/shareparam.json @@ -0,0 +1 @@ +{"ps4_share_param_version":"01.10","game_version":"01.00","client_id":"460621181150-9g1m23knq95uld74tnjap752q87pug9v.apps.googleusercontent.com","overlay_position":{"x":0,"y":0}} \ No newline at end of file