Load ELF files with sceKernelLoadExec

[steddy]

Error code posts taken from official SDK removed.

steddy, brad_irc, you two are on my watch list. If you give me ANY further reason I will not hesitate to ban either/both of you.

After what I have contributed here I resent this statement.

This error information was NOT taken from the SDK. It was taken from the Puzzle Bobble debug information which I was the one to find. It contains pretty much all error numbers and text the PSP is aware of.

Please do not accuse without evidence.
Steddy

[ooPo]

Well, to be be fair it was asked first. People responded that they were from the official SDK. Taking over a week to respond meant that action had to be taken before you could say what you just did.

In fact, its been long enough since it happened that other people have also discovered these error messages in Puzzle Bobble. I hope this truly is how you originally discovered this information and didn't just post from the SDK - only to come back when a new excuse was created for you. :)

Regardless, next time please be more timely with your response. Or better yet, explain WHERE and HOW you obtained the information as you post it.

[subbie]

Hey anybody try looking into seeing if maybe the reason it's not booting elfs from memstick is because we are trying to make it launch a pbp and not directly the elf it self.

--edit--
I just tested. If loading a direct .elf (ie prog before converting to a pbp), it resets then wait a bit to return back to the main menu. I tested tring to boot up a version of the ngp emu I am working on.

[steddy]

Well, to be be fair it was asked first. People responded that they were from the official SDK. Taking over a week to respond meant that action had to be taken before you could say what you just did.

In fact, its been long enough since it happened that other people have also discovered these error messages in Puzzle Bobble. I hope this truly is how you originally discovered this information and didn't just post from the SDK - only to come back when a new excuse was created for you. :)

Regardless, next time please be more timely with your response. Or better yet, explain WHERE and HOW you obtained the information as you post it.

You will see that I haven't made any posts for a week. Thats because I have been quite ill and laid up in bed for most of the time.

If you check out my Puzzle Bobble debug posts which uncovered the info that predate this one I clearly state that it contains a complete error list.

If you talk to djheveo he will confirm I have posted information to him over a week ago with this error information from the Puzzle Bobble debug info.

Steddy

[Vampire]

Does it fully work with letting you execute the boot bin on the umd? Like have you tested it and it work? I am currious if this could be used as a method to make a 1.51 game boot around. So people with a 1.0 can still play UMD games that require the 1.51 or 1.52 firmware (unless there ends up being too much modified via firmware for the 1.0 firmware to be able to handle it, as well if it really will alow it to bypass the 1.51 check the bios does when the game is inserted).

it normally works...
but not if the game requires a higher system version then the psp has
(pikoro has tested this with space invaders pocket on a 1.00 psp)

[ooPo]

Steddy:

Next time state your sources and we can avoid this sort of treatment in the future. Also understand that we had nothing but silence to go on (why didn't djhuevo speak up for you then?) and had to act just in case.

I do believe you were too ill to post, and understand now you gained the information legally. I was just trying to explain why we acted as we did at the time.

[mrbrown]

One thing to note is that Puzzle Bobble does not contain full debug symbols. It only contains symbols for crt0.o (which ships with the official SDK), one file from Puzzle Bobble (which was probably autogenerated), and newlib. The entire source of Puzzle Bobble is missing, presumably because they stripped all of their objects before doing the final link, and they just forgot to strip the final executable.

So people still need to watch what they post here, because we'll know if it's not from Puzzle Bobble, and you will get banned for posting it.

[skippy911]

Vampire: What offsets are required to get it to work on a v1.0??

[djhuevo]

Next time state your sources and we can avoid this sort of treatment in the future. Also understand that we had nothing but silence to go on (why didn't djhuevo speak up for you then?) and had to act just in case.

coz this is not a court, steddy is not a defendant, and Im not a lawyer.

There are many legal/moral ways to figure out error codes. And ppl are not in obligation to told you how do that.
Reverse Engineering itself is not legaly clear around the world, and as we are no lawyers, can't talk so much about legality... but can talk to much about MORALITY...

sorry my english

[hermes]

Next time state your sources and we can avoid this sort of treatment in the future. Also understand that we had nothing but silence to go on (why didn't djhuevo speak up for you then?) and had to act just in case.

coz this is not a court, steddy is not a defendant, and Im not a lawyer.

There are many legal/moral ways to figure out error codes. And ppl are not in obligation to told you how do that.
Reverse Engineering itself is not legaly clear around the world, and as we are no lawyers, can't talk so much about legality... but can talk to much about MORALITY...

sorry my english

djhuevo,

Yo no sé para que pierdes el tiempo con ésta gente. Ellos no tienen remedio: lo que tú hagas, es ilegal, inmoral, etc, lo que ellos hacen es por el bien común y deberían darles el premio Nobel.

Lo mejor sería dejarles sus foros para ellos solos y que colaboraras con gente dispuesta a trabajar y respetar tú trabajo. Aquí sólo tienen afán de protagonismo.

edit: translation by babelfish

I do not know so that you waste the time with this one people. They do not have remedy: what you do, is illegal, immoral, etc, which they do is by the communal property and would have to give them to the Nobel prize. The best thing would be to leave its forums them for single them and who you collaborated with ready people to work and to respect work. Here only they have protagonism eagerness.

Sorry by the topic in Spanish.

[ooPo]

coz this is not a court, steddy is not a defendant, and Im not a lawyer.

I only mentioned you by name because steddy had volunteered you as someone who could vouch for him. We didn't ask for witnesses, by the way. He was the one who brought it up.

There are many legal/moral ways to figure out error codes. And ppl are not in obligation to told you how do that.
Reverse Engineering itself is not legaly clear around the world, and as we are no lawyers, can't talk so much about legality... but can talk to much about MORALITY...

In the context of these forums we have rules against using the official SDK as a potential source of technical information. Whenever someone shows up with a pile of new information with absolutely no mention of where it came from then it isn't far fetched to ask where it was found. If the question goes unanswered then we have no choice but to take that information down until its origins are explained.

A simple 'hey guys, these were in Puzzle Bobble' would have been sufficient. We're not asking for signed documentation and 3rd party verification. Just a little blurb.

As a side note, some people here are very new to the reversing process and very interested in learning how all this information is discovered. Mentioning where you found it may inspire someone to buy their own copy of Puzzle Bobble and try their hand at reversing it, using you as an inspiration.

[PspPet]

Commentary: Extracting debug information accidentally left in an executable can be very useful.
However these are relatively rare, especially for closed-systems like game consoles.
It is debatable whether it is "reverse engineering". For example if they accidentally left a copy of a system header on the UMD I wouldn't call that reverse engineering either ;->

A viable technique, but relies on the laziness or errors of a game developer [granted a similar laziness made it possible to find the first CSS crack]. Not something you should rely on.

For the real challenge of reverse engineering, start with nothing more than the CPU uses (instruction opcodes) !

[SeaSpearo]

Hi:
I tried what you suggested, but I still got the same 80020146 error. Did you actually got it worked?

I just used the SDKTEST sample.


PSP_MODULE_INFO("SDKTEST", 0, 1, 1);
PSP_MAIN_THREAD_ATTR( THREAD_ATTR_VFPU);

in main function:
I just call
sceKernelLoadExec("ms0:/PSP/GAME/test.prx", NULL);



Thanks!

seaspearo

[Warren]

You need to use sceKernelLoadModule* for PRXs, sceKernelLoadExec is for ELFs

[SeaSpearo]

Tried using the test.elf for sceKernelLoadExec , still got same error.


>You need to use sceKernelLoadModule* for PRXs, sceKernelLoadExec is for >ELFs

[TyRaNiD]

You also need to be kernel mode i.e.

Code: Select all

PSP_MODULE_INFO("SDKTEST", 0x1000, 1, 1);
PSP_MAIN_THREAD_ATTR(0); 

[SeaSpearo]

Thanks! It works now, kind of. It works with the elf created using home brew toolchain (PSPDev). When I tried using elf or prx generated by the SN systems PSP compiler, it is not working :(
Anyone suggestions?

Thanks!

[reigel]

... does this work?

Code: Select all

int sceKernelLoadExec(const char *file, int zero);

		int xmain(void)
{
	unsigned long fc;
	unsigned long r,g,b,rgb;
	pgInit();
	pgScreenFrame(2,0);
	pgFillvram(0);		
        long scePowerSetClockFrequency(long, long, long);
	scePowerSetClockFrequency(333,333,166); 
	sceKernelLoadExec("disc0:/PSP_GAME/SYSDIR/BOOT.BIN",0);
}

[Cpasjuste]

no.

[reigel]

What i have to do that this work?

[Shazz]

sceKernelLoadExec reboots the kernel.. so all settings like the CPU speed should be re-init'd

[reigel]

but there is a loader which allwos this ... no one a idea?

[pspkrazy]

You need to use sceLoadModule to load your elf.
This one will not reboot the psp.

It is some kind of misuse of the function but it works

Don't forget to StartModule then

[reigel]

thx,
like this?

Code: Select all

int module = 0;
module = sceKernelLoadModule("disc0:/PSP_GAME/SYSDIR/BOOT.BIN", 0, 0);
sceKernelStartModule(module, 0, 0, 0, 0);

[pspkrazy]

yes.

[reigel]

... what I have too ride in the startup.s ???

[pspkrazy]

startup.s ?
There are no reasons to use startup.s anymore whith pspsdk.

launch your program in kernel mode so device checks are not done in LoadModule.

search the forums if you don't know how.

[reigel]

... I have some probs with the sdk, so I have to use the normal toolchain, can you say me what to write in it?

[pspkrazy]

search the forums for the wifi sample 001 from psppet.
his thread is launched in kernel mode.

That's all i can do for you.

[Shazz]

It seems sceKernelLoadModule()/sceKernelStartModule() have a different behavior when the target in a true module (PRX), like BOOT.BIN for UMD games) and when it is a true ELF (in this case the behavior is the same as calling sceKernelLoadExec()

i.e. rebooting the kernel...

So take care of what you want to load and run...
I only see two ways to avoid this :
- writing our own ELF loader (as Marcus did for the Media Engine)
- everybody to generate PRXes instead of ELFes which is not known today... tomorrow ? :D)