Playstation Emulation Guide - Svkt

2y ago
20 Views
3 Downloads
1.01 MB
172 Pages
Last View : 1m ago
Last Download : 2m ago
Upload by : Laura Ramon
Transcription

Playstation Emulation GuideLionel FlandrinOctober 20, 20161

Contents1 Introduction1.1 Isn’t emulation complicated? . . . . . . . . . . . . . . . . . . . .1.2 Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 272.282.292.302.312.322.332.342.352.362.37CPU: Instructions and the memoryWhat is a CPU, anyway? . . . . . . . . . .Architecture . . . . . . . . . . . . . . . . . .The code . . . . . . . . . . . . . . . . . . .The Program Counter register . . . . . . . .2.4.1 Reset value of the PC . . . . . . . .The Playstation memory map . . . . . . . .2.5.1 Implementing the memory map . . .The BIOS . . . . . . . . . . . . . . . . . . .Loading the BIOS . . . . . . . . . . . . . .The interconnect . . . . . . . . . . . . . . .Gluing the interconnect to the CPU . . . .Instruction decoding . . . . . . . . . . . . .General purpose registers . . . . . . . . . .2.11.1 The zero register . . . . . . . . . .2.11.2 The ra register . . . . . . . . . . .Special purpose registers . . . . . . . . . . .Implementing the general purpose registersLUI instruction . . . . . . . . . . . . . . . .ORI instruction . . . . . . . . . . . . . . . .Writing to memory . . . . . . . . . . . . . .2.16.1 Unaligned memory access . . . . . .2.16.2 Expansion mapping . . . . . . . . .Sign extension . . . . . . . . . . . . . . . .SW instruction . . . . . . . . . . . . . . . .SLL instruction . . . . . . . . . . . . . . . .ADDIU instruction . . . . . . . . . . . . . .RAM configuration register . . . . . . . . .J instruction . . . . . . . . . . . . . . . . .Branch delay slots . . . . . . . . . . . . . .OR instruction . . . . . . . . . . . . . . . .Type safety in the register interface . . . . .CACHE CONTROL register . . . . . . . .The coprocessors . . . . . . . . . . . . . . .MTC0 instruction . . . . . . . . . . . . . .BNE instruction . . . . . . . . . . . . . . .ADDI instruction . . . . . . . . . . . . . . .Memory loads . . . . . . . . . . . . . . . . .Load delay slots . . . . . . . . . . . . . . . .LW instruction . . . . . . . . . . . . . . . .The RAM . . . . . . . . . . . . . . . . . . .The coprocessor 0 registers . . . . . . . . .SLTU instruction . . . . . . . . . . . . . . .ADDU instruction . . . . . . . . . . . . . 5272828293031323233343536373940414242

Regions . . . . . . . . . . . . . . . . .SH instruction . . . . . . . . . . . . .SPU registers . . . . . . . . . . . . . .JAL instruction . . . . . . . . . . . . .ANDI instruction . . . . . . . . . . . .SB instruction . . . . . . . . . . . . .Expansion 2 . . . . . . . . . . . . . . .JR instruction . . . . . . . . . . . . .LB instruction . . . . . . . . . . . . .BEQ instruction . . . . . . . . . . . .Expansion 1 . . . . . . . . . . . . . . .RAM byte access . . . . . . . . . . . .MFC0 instruction . . . . . . . . . . . .AND instruction . . . . . . . . . . . .ADD instruction . . . . . . . . . . . .Interrupt Control registers . . . . . . .BGTZ instruction . . . . . . . . . . .BLEZ instruction . . . . . . . . . . . .LBU instruction . . . . . . . . . . . .JALR instruction . . . . . . . . . . . .BLTZ, BLTZAL, BGEZ and BGEZALSLTI instruction . . . . . . . . . . . .SUBU instruction . . . . . . . . . . . .SRA instruction . . . . . . . . . . . .DIV instruction . . . . . . . . . . . . .MFLO instruction . . . . . . . . . . .SRL instruction . . . . . . . . . . . . .SLTIU instruction . . . . . . . . . . .DIVU instruction . . . . . . . . . . . .MFHI instruction . . . . . . . . . . . .SLT instruction . . . . . . . . . . . . .Interrupt Control read . . . . . . . . .Timer registers . . . . . . . . . . . . .Exceptions . . . . . . . . . . . . . . .SYSCALL instruction . . . . . . . . .MTLO instruction . . . . . . . . . . .MTHI instruction . . . . . . . . . . . .RFE intsruction . . . . . . . . . . . .Exceptions and branch delay slots . .ADD and ADDI overflows . . . . . . .Store and load alignment exceptions .PC alignment exception . . . . . . . .RAM 16bit store . . . . . . . . . . . .DMA registers . . . . . . . . . . . . .LHU instruction . . . . . . . . . . . .SLLV instruction . . . . . . . . . . . .LH instruction . . . . . . . . . . . . .NOR instruction . . . . . . . . . . . .SRAV instruction . . . . . . . . . . . .SRLV instruction . . . . . . . . . . . .3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .instructions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

2.88 MULTU instruction . . . . . . . . . . . . .2.89 GPU registers . . . . . . . . . . . . . . . . .2.89.1 GP0: Draw Mode Setting command2.90 Interrupt Control 16bit access . . . . . . . .2.91 Timer registers 32bit access . . . . . . . . .2.92 GPUSTAT “DMA ready” field . . . . . . .2.93 XOR instruction . . . . . . . . . . . . . . .2.94 BREAK instructions . . . . . . . . . . . . .2.95 MULT instruction . . . . . . . . . . . . . .2.96 SUB instruction . . . . . . . . . . . . . . . .2.97 XORI instruction . . . . . . . . . . . . . . .2.98 Cop1, cop2 and cop3 opcodes . . . . . . . .2.99 Non-aligned reads . . . . . . . . . . . . . .2.99.1 LWL instruction . . . . . . . . . . .2.99.2 LWR instruction . . . . . . . . . . .2.100Non-aligned writes . . . . . . . . . . . . . .2.100.1 SWL instruction . . . . . . . . . . .2.100.2 SWR instruction . . . . . . . . . . .2.101Coprocessor loads and stores . . . . . . . .2.101.1 LWCn instructions . . . . . . . . . .2.101.2 SWCn instructions . . . . . . . . . .2.102Illegal instructions . . . . . . . . . . . . . .79798081818283838484858586878889898990909191.3 The3.13.23.33.43.53.63.73.83.93.10DMA: Ordering tables and the GPUDMA Control register . . . . . . . . . . .DMA Interrupt register . . . . . . . . . .DMA Channel Control register . . . . . .DMA Base Address register . . . . . . . .DMA Block Control register . . . . . . . .Depth Ordering Tables . . . . . . . . . . .DMA Clear Ordering Table channel . . .DMA Block copy . . . . . . . . . . . . . .DMA Linked Lists . . . . . . . . . . . . .RAM to device GPU block copy . . . . .939496971021031041051071101114 GPU: Internal state and first commandsGPUSTAT register . . . . . . . . . . . . . . . .GP0 Dram Mode Setting command . . . . . . .GP0 NOP command . . . . . . . . . . . . . . .GP1 Soft Reset command . . . . . . . . . . . .The GPU renderer and the video output . . . .GPUREAD register placeholder . . . . . . . . .GP1 Display Mode command . . . . . . . . . .GP1 DMA direction command . . . . . . . . .DMA GP0 commands . . . . . . . . . . . . . .GP0 Set Drawing Area commands . . . . . . .GP0 Set Drawing Offset command . . . . . . .GP0 Texture Window command . . . . . . . .GP0 Mask Bit Setting command . . . . . . . .GP1 Display VRAM Start command . . . . . .1121131171181191211221221231231231241251251254.

27GP1 Display Range commands . . . . . . . . . . . . . . . . .GP0 Monochrome Quadrilateral command . . . . . . . . . . .Interleaved video deadlock workaround . . . . . . . . . . . . .GP0 Clear Cache command . . . . . . . . . . . . . . . . . . .GP0 Load Image command . . . . . . . . . . . . . . . . . . .DMA image transfer . . . . . . . . . . . . . . . . . . . . . . .GP1 Display Enable command . . . . . . . . . . . . . . . . .GP0 Image Store command . . . . . . . . . . . . . . . . . . .GP0 Shaded Quadrilateral command . . . . . . . . . . . . . .GP0 Shaded Triangle command . . . . . . . . . . . . . . . . .GP0 Textured Quadrilateral With Color Blending command .GP1 Acknowledge Interrupt command . . . . . . . . . . . . .GP1 Reset Command Buffer command . . . . . . . . . . . . .1261261291291301321331331331341351351365 The5.15.25.35.45.55.65.75.85.95.105.11GPU: Basic OpenGL renderer for the bootWindow and OpenGL context creation . . . . . .Drawing the primitives . . . . . . . . . . . . . . .The vertex shader . . . . . . . . . . . . . . . . .The fragment shader . . . . . . . . . . . . . . . .Compiling and linking the shaders . . . . . . . .Vertex array objects . . . . . . . . . . . . . . . .OpenGL rendering and synchronization . . . . .OpenGL debugging . . . . . . . . . . . . . . . . .Drawing quadrilaterals . . . . . . . . . . . . . . .Draw Offset emulation . . . . . . . . . . . . . . .Handling SDL2 events and exiting cleanly . . . .logo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1361361391421431441471481501521551576 The6.16.26.36.46.5Interconnect: Generic loads andPorting the CPU code . . . . . . . .Porting the interconnect code . . . .Porting the RAM and BIOS . . . . .Porting the GPU code . . . . . . . .Porting the DMA code . . . . . . . .7 The7.17.27.37.4Debugger: Breakpoints andDebugger memory access . . . .Breakpoints . . . . . . . . . . .Watchpoints . . . . . . . . . . .Code disassembly and beyond .stores. . . . . . . . . . . . . . . . . . . . .158159160162163164Watchpoints. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1641651651671708 The CPU: Instruction cache1708.1 Instruction cache lookup behavior . . . . . . . . . . . . . . . . . 1708.2 Instruction cache fetch behavior . . . . . . . . . . . . . . . . . . . 1715

1IntroductionThis is my attempt at documenting my implementation of a PlayStation emulatorfrom scratch. I’ll write the document as I go and I’ll try to explain as much aspossible along the way. You can find the complete source of the emulator itselfin my GitHub repository.Since my favourite passtime is to reinvent the wheel and recode things thatalready exist I decided that this time I might as well document it. This waymaybe this time something useful will come out of it and it’ll give me a motivationto finish it.I will be using the Rust programming language but this is not meant as aRust tutorial and knowledge of the language shouldn’t be necessary to followthis guide, although it won’t hurt.1.1Isn’t emulation complicated?Emulation requires some low-level knowledge about how computers work andsome basics in electronics might help for certain things. Since this doc is meant asan introduction to emulation I’ll assume that the reader doesn’t bring anythingwith them beyond some decent programming skills. So don’t worry if you’re notfamiliar with registers, cache, memory mapped IO, virtual memory, interruptsand other low level fun: I’ll try to explain everything when needed. Emulatorsare a good introduction to low level programming without having to bother withthat pesky hardware in person!Since this is supposed to be a general guide about writing PlayStationemulators I won’t put the entire source code of the emulator here, only snippetsrelevant to the matter beind discussed.Finally, keep in mind that getting a PlayStation emulator even capable torun some games decently will require quite a lot of work. Don’t expect to playFinal Fantasy VII on your brand new emulator in two days. If you want to startwith something simpler to see if you have a taste for it you can search for Chip-8,Game Boy or NES emulation tutorials (by increasing complexity).1.2FeedbackIf some part of this document is unclear, poorly written or incomplete pleasesubmit an issue so that I can fix or complete it. Corrections for grammar, syntaxand typos are very welcome. Thank you!Ready? Let’s begin!22.1The CPU: Instructions and the memoryWhat is a CPU, anyway?That might seem like a silly question to some but I’m sure there are plentyof competent programmers out there who are used to program in high levelmanaged environements haven’t seen a register in their entire life. Let me makethe introductions.For our first version of the PlayStation CPU I’m going to make some simplifying assumptions. I’m going to ignore the caches for instance and assume that6

it directly accesses the system bus. Basically we’re going to implement a VonNeumann architecture.As we make progress we’ll have to revisit this design toadd the missing bits when they are needed.The objective of this section is to implement all the instructions and try toreach the part of the BIOS where it starts to draw on the screen. As we’ll seethere’s a bunch of boring initialization code to run before we get there.There are 67 opcodes in the Playstation MIPS CPU. Some take one line toimplement, others will give us more trouble. In order to make the process moreinteractive and less tedious we’ll implement them as they’re encountered whilewe’re running the original BIOS code. This way we’ll immediately be able to seeour emulator in action.But first things first, before we start implementing instructions we need toexplain how a CPU works.2.2ArchitectureA simple Von Neumann architecture looks like this: the CPU only sees a flataddress space: an array of bytes. The PlayStation uses 32bit addresses so theCPU sees 1 32 addresses. In other words it can address 4GB of memory.That’s why the PlayStation is said to be a 32bit console (that and the fact thatit uses 32bit registers in the CPU as we’ll see in a minute).This address space contains all the external ressources the CPU can access:the RAM of course but also the various peripherals (GPU, controllers, CD drive,BIOS.). That’s called memory mapped IO. Note that in this context ”memory”doesn’t mean RAM. Rather it means that you access peripherals as if they werememory (instead of using dedicated instructions for instance). From the pointof view of the CPU, everything is just a big array of bytes and it doesn’t reallyknow what’s out there.Of course we’ll have to figure out how the devices and RAM are mapped inthis address space to make sure the transactions end up at the right locationwhen the CPU starts reading and writing to the bus. But first we need tounderstand how the code is executed.2.3The codeIn this architecture the instructions live in the global address space along witheverything else. Typically in RAM but again, the CPU doesn’t care. If youwant to run code from the controller input port I’m sure the console will let you.Probably not very useful but it’s all the same as far as the CPU is concerned.So somewhere in this 4GB address space there’s the next instruction for theCPU to run. How does it know the address of this instruction? By using aregister of course!2.4The Program Counter registerRegisters are very small and very fast special purpose memories built insidethe CPU. Most CPU instructions manipulate those registers by adding them,multiplying them, masking them, storing their content to memory or fetching itback. . .7

The Program Counter (henceforth refered to as PC) is one of the mostelementary registers, it exists in one form or an other on basically all computerarchitectures (although it goes by various names, on x86 for instance it’s calledthe Instruction Pointer, IP). Its job is simply to hold the address of the nextinstruction to be run.As we’ve seen, the PlayStation uses 32bit addresses, so the PC register is32bit wide (as are all other CPU registers for that matter).A typical CPU execution cycle goes roughly like this:1. Fetch the instruction located at address PC,2. Increment the PC to point to the next instruction,3. Execute the instruction,4. RepeatWe need to know how big an instruction is in order to know how manybytes to fetch and how much we need to increment the PC to point at thenext instruction. Some architectures have variable length instructions (x86and derivatives are a common example) which means we’d have to decode theinstruction to know how many bytes it takes. Fortunately for us, the PlayStationuses a fixed length instruction set (The MIPS instruction set) and all instructionsare 32bit long.With all that in mind we can finally start writing some code!Here’s what the CPU state looks like at that point:// / CPU s t a t epub s t r u c t Cpu {// / The program c o u n t e r r e g i s t e rpc : u32 ,}And here’s the implementation of our CPU cycle described above:impl Cpu {pub f n r u n n e x t i n s t r u c t i o n (&mut s e l f ) {l e t pc s e l f . pc ;// Fetch i n s t r u c t i o n a t PCl e t i n s t r u c t i o n s e l f . l o a d 3 2 ( pc ) ;// I n c r e m e n t PC t o p o i n t t o t h e n e x t i n s t r u c t i o n .s e l f . pc pc . wrapping add ( 4 ) ;s e l f . decode and execute ( i n s tr u ct i o n ) ;}}In Rust wrapping add means that we want the PC to wrap back to 0 in caseof an overflow (i.e. 0xfffffffc 4 0x00000000). We’ll see that most CPUoperations wrap on overflow (although some instructions catch those overflowsand generate an exception, we’ll see that later).If you’re coding in C you don’t need to worry about that if you use uint32 tsince the C standard mandates that unsigned overflow wraps around in thisfashion. Rust however says that overflows are undefined and will generate an8

error in debug builds if an unchecked overflow is detected, that’s why I need towrite pc.wrapping add(4) instead of pc 4.We now finally have some code but it doesn’t build yet.We’re still missing 3 pieces of the puzzle before we can run this piece of code: What’s the initial value of PC when starting up? How do we implement the fetch32 function? How do we implement the decode and execute function?2.4.1Reset value of the PCIn integrated circuits reset is a state where the chip generally does nothing andits internal state is set to some known default “factory” value. What exactlythe reset does varies from chip to chip (it’s just a convention) but it’s assumedthat a chip will restart in a clean and deterministic s

Since this is supposed to be a general guide about writing PlayStation emulators I won’t put the entire source code of the emulator here, only snippets relevant to the matter beind discussed. Finally, keep in mind that getting a PlayStation emulator even capable to run some games decently will require quite a lot of work. Don’t expect to play

Related Documents:

PCL 6 (XL3.0) emulation, PCL 5c emulation, Epson FX Emulation, PostScript 3 emulation, PDF 2.0 emulation, IBM Tray 1: 250 sheets of 80gsm,MP tray: 100 sheets of 80gsm Hi Speed USB 2.0, 10/100/1000Base-Tx Standard 19,900 OKI C834NW (OKI-OKI-47074215) 36 ppm Color, 20 ppm Mono 1200

3.1. 続の場合 3.1.1. 接続 � 図 2 接続例(全体) シミュレーター ACSIM制御用PC ルーター等 PlayStation モニター PS対応ハンコン HDMIなど LAN USB 専用線

conforms to PlayStation 3 specifications for the PAL market only. It cannot be used on other specification versions of PlayStation 3. Read the PlayStation 3 system Instruction Manual carefully to ensure correct usage. When inserting this disc in the PlayStation 3 system always place it with the required playback side facing down.

This disc conforms to PlayStation 3 specifications for the PAL market only. It cannot be used on other specification versions of PlayStation 3. Read the PlayStation 3 system Instruction Manual carefully to ensure correct usage. When inserting this disc in the PlayStation 3 s

This disc conforms to PlayStation 3 specifications for the PAL market only. It cannot be used on other specification versions of PlayStation 3. Read the PlayStation 3 system Instruction Manual carefully to ensure correct usage. When inserting this disc in the PlayStation 3 s

14 Enter the IP address of the PlayStation that you wish to port forward to in the Server IP Address field. In this example, the IP address of the PlayStation is 192.168.20.100 15 portEnter the number or port range into the External Port Start and External Port End fields.

schematics from Mod and Maker communities to guide us through the process, and obtain values for the circuit components comprising the system. Overview of the PlayStation 3 Controller The DualShock 3 is the main human input device (HID) for the PlayStation 3. Sony originallyFile Size: 2MBPage Count: 16

In astrophysics, we use ideas from the various parts of physics - electromagnetism, gravitation, theory of matter, mechanics, quantum theory - to explain what we can see. It’s like being a detective. There is what we observe (the evidence) and there is piecing it together (the thinking). The first year, and a major part of the second year, cover skills and the fundamental principles. The .