| Contents |
| Memory Map |
KUSEG KSEG0 KSEG1
00000000h 80000000h A0000000h 2048K Main RAM (first 64K reserved for BIOS)
1F000000h 9F000000h BF000000h 8192K Expansion Region 1 (ROM/RAM)
1F800000h 9F800000h -- 1K Scratchpad (D-Cache used as Fast RAM)
1F801000h 9F801000h BF801000h 8K I/O Ports
1F802000h 9F802000h BF802000h 8K Expansion Region 2 (I/O Ports)
1FA00000h 9FA00000h BFA00000h 2048K Expansion Region 3 (whatever purpose)
1FC00000h 9FC00000h BFC00000h 512K BIOS ROM (Kernel) (4096K max)
FFFE0000h (KSEG2) 0.5K I/O Ports (Cache Control)
|
1024K VRAM (Framebuffers, Textures, Palettes) (with 2KB Texture Cache) 512K Sound RAM (Capture Buffers, ADPCM Data, Reverb Workspace) 0.5K CDROM controller RAM (see CDROM Test commands) 16.5K CDROM controller ROM (Firmware and Bootstrap for MC68HC05 cpu) 32K CDROM Buffer (IC303) (32Kx8) (BUG: only two sectors accessible?) 128K External Memory Card(s) (EEPROMs) |
Address Name Size Privilege Code-Cache Data-Cache 00000000h KUSEG 2048M Kernel/User Yes (Scratchpad) 80000000h KSEG0 512M Kernel Yes (Scratchpad) A0000000h KSEG1 512M Kernel No No C0000000h KSEG2 1024M Kernel (No code) No |
2MB RAM can be mirrored to the first 8MB (strangely, enabled by default) 512K BIOS ROM can be mirrored to the last 4MB (disabled by default) Expansion hardware (if any) may be mirrored within expansion region The seven DMA Control Registers at 1F8010x8h are mirrored to 1F8010xCh |
Memory Error ------> Misalignments
(and probably also KSEG access in User mode)
Bus Error ------> Unused Memory Regions (including Gaps in I/O Region)
(unless RAM/BIOS/Expansion mirrors are mapped to "unused" area)
|
| I/O Map |
1F000000h 80000h Expansion Region (default 512 Kbytes, max 8 MBytes) 1F000000h 100h Expansion ROM Header (IDs and Entrypoints) |
1F800000h 400h Scratchpad (1K Fast RAM) (Data Cache mapped to fixed address) |
1F801000h 4 Expansion 1 Base Address (usually 1F000000h) 1F801004h 4 Expansion 2 Base Address (usually 1F802000h) 1F801008h 4 Expansion 1 Delay/Size (usually 0013243Fh; 512Kbytes 8bit-bus) 1F80100Ch 4 Expansion 3 Delay/Size (usually 00003022h; 1 byte) 1F801010h 4 BIOS ROM Delay/Size (usually 0013243Fh; 512Kbytes 8bit-bus) 1F801014h 4 SPU_DELAY Delay/Size (usually 200931E1h) 1F801018h 4 CDROM_DELAY Delay/Size (usually 00020843h or 00020943h) 1F80101Ch 4 Expansion 2 Delay/Size (usually 00070777h; 128-bytes 8bit-bus) 1F801020h 4 COM_DELAY / COMMON_DELAY (00031125h or 0000132Ch or 00001325h) |
1F801040h 1/4 JOY_DATA Joypad/Memory Card Data (R/W) 1F801044h 4 JOY_STAT Joypad/Memory Card Status (R) 1F801048h 2 JOY_MODE Joypad/Memory Card Mode (R/W) 1F80104Ah 2 JOY_CTRL Joypad/Memory Card Control (R/W) 1F80104Eh 2 JOY_BAUD Joypad/Memory Card Baudrate (R/W) 1F801050h 1/4 SIO_DATA Serial Port Data (R/W) 1F801054h 4 SIO_STAT Serial Port Status (R) 1F801058h 2 SIO_MODE Serial Port Mode (R/W) 1F80105Ah 2 SIO_CTRL Serial Port Control (R/W) 1F80105Ch 2 SIO_MISC Serial Port Internal Register (R/W) 1F80105Eh 2 SIO_BAUD Serial Port Baudrate (R/W) |
1F801060h 4/2 RAM_SIZE (usually 00000B88h; 2MB RAM mirrored in first 8MB) |
1F801070h 2 I_STAT - Interrupt status register 1F801074h 2 I_MASK - Interrupt mask register |
1F80108xh DMA0 channel 0 - MDECin 1F80109xh DMA1 channel 1 - MDECout 1F8010Axh DMA2 channel 2 - GPU (lists + image data) 1F8010Bxh DMA3 channel 3 - CDROM 1F8010Cxh DMA4 channel 4 - SPU 1F8010Dxh DMA5 channel 5 - PIO (Expansion Port) 1F8010Exh DMA6 channel 6 - OTC (reverse clear OT) (GPU related) 1F8010F0h DPCR - DMA Control register 1F8010F4h DICR - DMA Interrupt register 1F8010F8h unknown 1F8010FCh unknown |
1F80110xh Timer 0 Dotclock 1F80111xh Timer 1 Horizontal Retrace 1F80112xh Timer 2 1/8 system clock |
1F801800h.x.x 1 CD Index/Status Register (Bit0-1 R/W, Bit2-7 Read Only) 1F801801h.R.x 1 CD Response Fifo (R) (usually with Index1) 1F801802h.R.x 1/2 CD Data Fifo - 8bit/16bit (R) (usually with Index0..1) 1F801803h.R.0 1 CD Interrupt Enable Register (R) 1F801803h.R.1 1 CD Interrupt Flag Register (R/W) 1F801803h.R.2 1 CD Interrupt Enable Register (R) (Mirror) 1F801803h.R.3 1 CD Interrupt Flag Register (R/W) (Mirror) 1F801801h.W.0 1 CD Command Register (W) 1F801802h.W.0 1 CD Parameter Fifo (W) 1F801803h.W.0 1 CD Request Register (W) 1F801801h.W.1 1 Unknown/unused 1F801802h.W.1 1 CD Interrupt Enable Register (W) 1F801803h.W.1 1 CD Interrupt Flag Register (R/W) 1F801801h.W.2 1 Unknown/unused 1F801802h.W.2 1 CD Audio Volume for Left-CD-Out to Left-SPU-Input (W) 1F801803h.W.2 1 CD Audio Volume for Left-CD-Out to Right-SPU-Input (W) 1F801801h.W.3 1 CD Audio Volume for Right-CD-Out to Right-SPU-Input (W) 1F801802h.W.3 1 CD Audio Volume for Right-CD-Out to Left-SPU-Input (W) 1F801803h.W.3 1 CD Audio Volume Apply Changes (by writing bit5=1) |
1F801810h.Write 4 GP0 Send GP0 Commands/Packets (Rendering and VRAM Access) 1F801814h.Write 4 GP1 Send GP1 Commands (Display Control) 1F801810h.Read 4 GPUREAD Read responses to GP0(C0h) and GP1(10h) commands 1F801814h.Read 4 GPUSTAT Read GPU Status Register |
1F801820h.Write 4 MDEC Command/Parameter Register (W) 1F801820h.Read 4 MDEC Data/Response Register (R) 1F801824h.Write 4 MDEC Control/Reset Register (W) 1F801824h.Read 4 MDEC Status Register (R) |
1F801C00h+N*10h 4 Voice 0..23 Volume Left/Right 1F801C04h+N*10h 2 Voice 0..23 ADPCM Sample Rate 1F801C06h+N*10h 2 Voice 0..23 ADPCM Start Address 1F801C08h+N*10h 4 Voice 0..23 ADSR Attack/Decay/Sustain/Release 1F801C0Ch+N*10h 2 Voice 0..23 ADSR Current Volume 1F801C0Eh+N*10h 2 Voice 0..23 ADPCM Repeat Address |
1F801D80h 4 Main Volume Left/Right 1F801D84h 4 Reverb Output Volume Left/Right 1F801D88h 4 Voice 0..23 Key ON (Start Attack/Decay/Sustain) (W) 1F801D8Ch 4 Voice 0..23 Key OFF (Start Release) (W) 1F801D90h 4 Voice 0..23 Channel FM (pitch lfo) mode (R/W) 1F801D94h 4 Voice 0..23 Channel Noise mode (R/W) 1F801D98h 4 Voice 0..23 Channel Reverb mode (R/W) 1F801D9Ch 4 Voice 0..23 Channel ON/OFF (status) (R) 1F801DA0h 2 Unknown? (R) or (W) 1F801DA2h 2 Sound RAM Reverb Work Area Start Address 1F801DA4h 2 Sound RAM IRQ Address 1F801DA6h 2 Sound RAM Data Transfer Address 1F801DA8h 2 Sound RAM Data Transfer Fifo 1F801DAAh 2 SPU Control Register (SPUCNT) 1F801DACh 2 Sound RAM Data Transfer Control 1F801DAEh 2 SPU Status Register (SPUSTAT) (R) 1F801DB0h 4 CD Volume Left/Right 1F801DB4h 4 Extern Volume Left/Right 1F801DB8h 4 Current Main Volume Left/Right 1F801DBCh 4 Unknown? (R/W) |
1F801DC0h 2 dAPF1 Reverb APF Offset 1 1F801DC2h 2 dAPF2 Reverb APF Offset 2 1F801DC4h 2 vIIR Reverb Reflection Volume 1 1F801DC6h 2 vCOMB1 Reverb Comb Volume 1 1F801DC8h 2 vCOMB2 Reverb Comb Volume 2 1F801DCAh 2 vCOMB3 Reverb Comb Volume 3 1F801DCCh 2 vCOMB4 Reverb Comb Volume 4 1F801DCEh 2 vWALL Reverb Reflection Volume 2 1F801DD0h 2 vAPF1 Reverb APF Volume 1 1F801DD2h 2 vAPF2 Reverb APF Volume 2 1F801DD4h 4 mSAME Reverb Same Side Reflection Address 1 Left/Right 1F801DD8h 4 mCOMB1 Reverb Comb Address 1 Left/Right 1F801DDCh 4 mCOMB2 Reverb Comb Address 2 Left/Right 1F801DE0h 4 dSAME Reverb Same Side Reflection Address 2 Left/Right 1F801DE4h 4 mDIFF Reverb Different Side Reflection Address 1 Left/Right 1F801DE8h 4 mCOMB3 Reverb Comb Address 3 Left/Right 1F801DECh 4 mCOMB4 Reverb Comb Address 4 Left/Right 1F801DF0h 4 dDIFF Reverb Different Side Reflection Address 2 Left/Right 1F801DF4h 4 mAPF1 Reverb APF Address 1 Left/Right 1F801DF8h 4 mAPF2 Reverb APF Address 2 Left/Right 1F801DFCh 4 vIN Reverb Input Volume Left/Right |
1F801E00h+N*04h 4 Voice 0..23 Current Volume Left/Right 1F801E60h 20h Unknown? (R/W) 1F801E80h 180h Unknown? (Read: FFh-filled) (Unused or Write only?) |
1F802000h 80h Expansion Region (8bit data bus, crashes on 16bit access?) |
1F802020h/1st DUART Mode Register 1.A (R/W) 1F802020h/2nd DUART Mode Register 2.A (R/W) 1F802021h/Read DUART Status Register A (R) 1F802021h/Write DUART Clock Select Register A (W) 1F802022h/Read DUART Toggle Baud Rate Generator Test Mode (Read=Strobe) 1F802022h/Write DUART Command Register A (W) 1F802023h/Read DUART Rx Holding Register A (FIFO) (R) 1F802023h/Write DUART Tx Holding Register A (W) 1F802024h/Read DUART Input Port Change Register (R) 1F802024h/Write DUART Aux. Control Register (W) 1F802025h/Read DUART Interrupt Status Register (R) 1F802025h/Write DUART Interrupt Mask Register (W) 1F802026h/Read DUART Counter/Timer Current Value, Upper/Bit15-8 (R) 1F802026h/Write DUART Counter/Timer Reload Value, Upper/Bit15-8 (W) 1F802027h/Read DUART Counter/Timer Current Value, Lower/Bit7-0 (R) 1F802027h/Write DUART Counter/Timer Reload Value, Lower/Bit7-0 (W) 1F802028h/1st DUART Mode Register 1.B (R/W) 1F802028h/2nd DUART Mode Register 2.B (R/W) 1F802029h/Read DUART Status Register B (R) 1F802029h/Write DUART Clock Select Register B (W) 1F80202Ah/Read DUART Toggle 1X/16X Test Mode (Read=Strobe) 1F80202Ah/Write DUART Command Register B (W) 1F80202Bh/Read DUART Rx Holding Register B (FIFO) (R) 1F80202Bh/Write DUART Tx Holding Register B (W) 1F80202Ch/None DUART Reserved Register (neither R nor W) 1F80202Dh/Read DUART Input Port (R) 1F80202Dh/Write DUART Output Port Configuration Register (W) 1F80202Eh/Read DUART Start Counter Command (Read=Strobe) 1F80202Eh/Write DUART Set Output Port Bits Command (Set means Out=LOW) 1F80202Fh/Read DUART Stop Counter Command (Read=Strobe) 1F80202Fh/Write DUART Reset Output Port Bits Command (Reset means Out=HIGH) |
1F802000h 1 DTL-H2000: ATCONS STAT (R) 1F802002h 1 DTL-H2000: ATCONS DATA (R and W) 1F802004h 2 DTL-H2000: Whatever 16bit data ? 1F802030h 1/4 DTL-H2000: Secondary IRQ10 Flags 1F802032h 1 DTL-H2000: Whatever IRQ Control ? 1F802040h 1 DTL-H2000: Bootmode "Dip switches" (R) 1F802041h 1 PSX: POST (external 7 segment display, indicate BIOS boot status) 1F802042h 1 DTL-H2000: POST/LED (similar to POST) (other addr, 2-digit wide) 1F802070h 1 PS2: POST2 (similar to POST, but PS2 BIOS uses this address) |
1F802060h Emu-Expansion ID1 "E" (R) 1F802061h Emu-Expansion ID2 "X" (R) 1F802062h Emu-Expansion ID3 "P" (R) 1F802063h Emu-Expansion Version (01h) (R) 1F802064h Emu-Expansion Enable1 "O" (R/W) 1F802065h Emu-Expansion Enable2 "N" (R/W) 1F802066h Emu-Expansion Halt (R) 1F802067h Emu-Expansion Turbo Mode Flags (R/W) |
1FA00000h - Not used by BIOS or any PSX games 1FA00000h - POST3 (similar to POST, but PS2 BIOS uses this address) |
1FC00000h 80000h BIOS ROM (512Kbytes) (Reset Entrypoint at BFC00000h) |
FFFE0130h 4 Cache Control |
COP0 System Control Coprocessor - 32 registers (not all used) COP1 N/A COP2 Geometry Transformation Engine (GTE) - 64 registers (most are used) COP3 N/A |
| Graphics Processing Unit (GPU) |
| GPU I/O Ports, DMA Channels, Commands, VRAM |
Port Name Expl. 1F801810h-Write GP0 Send GP0 Commands/Packets (Rendering and VRAM Access) 1F801814h-Write GP1 Send GP1 Commands (Display Control) (and DMA Control) 1F801810h-Read GPUREAD Receive responses to GP0(C0h) and GP1(10h) commands 1F801814h-Read GPUSTAT Receive GPU Status Register |
Channel Recommended for DMA2 in Linked Mode - Sending rendering commands ;GP0(20h..7Fh,E1h..E6h) DMA2 in Continous Mode - VRAM transfers to/from GPU ;GP0(A0h,C0h) DMA6 - Initializing the Link List ;Main RAM |
GP0(00h) - Nop? GP0(01h,02h,80h,A0h,C0h) - Direct VRAM Access GP0(03h) - Unknown (does take up FIFO space!!!) GP0(1Fh) - Interrupt Request (IRQ1) GP0(20h..3Fh) - Render Polygons GP0(40h..5Fh) - Render Lines GP0(60h..7Fh) - Render Rectangles GP0(E1h..E6h) - Rendering Attributes GP1(00h..09h,10h,20h) - Display Control (these via GP1 register) |
Framebuffer(s) ;Usually 2 buffers (Drawing Area, and Display Area) Texture Page(s) ;Required when using Textures Texture Palette(s) ;Required when using 4bit/8bit Textures |
Unit = 4bit 8bit 16bit 24bit Halfwords | Unit = Lines Width = 4096 2048 1024 682.66 1024 | Height = 512 |
| GPU Render Polygon Commands |
1st Color+Command (CcBbGgRrh) 2nd Vertex1 (YyyyXxxxh) 3rd Vertex2 (YyyyXxxxh) 4th Vertex3 (YyyyXxxxh) (5th) Vertex4 (YyyyXxxxh) (if any) |
1st Color+Command (CcBbGgRrh) (color is ignored for raw-textures) 2nd Vertex1 (YyyyXxxxh) 3rd Texcoord1+Palette (ClutYyXxh) 4th Vertex2 (YyyyXxxxh) 5th Texcoord2+Texpage (PageYyXxh) 6th Vertex3 (YyyyXxxxh) 7th Texcoord3 (0000YyXxh) (8th) Vertex4 (YyyyXxxxh) (if any) (9th) Texcoord4 (0000YyXxh) (if any) |
1st Color1+Command (CcBbGgRrh) 2nd Vertex1 (YyyyXxxxh) 3rd Color2 (00BbGgRrh) 4th Vertex2 (YyyyXxxxh) 5th Color3 (00BbGgRrh) 6th Vertex3 (YyyyXxxxh) (7th) Color4 (00BbGgRrh) (if any) (8th) Vertex4 (YyyyXxxxh) (if any) |
1st Color1+Command (CcBbGgRrh) 2nd Vertex1 (YyyyXxxxh) 3rd Texcoord1+Palette (ClutYyXxh) 4th Color2 (00BbGgRrh) 5th Vertex2 (YyyyXxxxh) 6th Texcoord2+Texpage (PageYyXxh) 7th Color3 (00BbGgRrh) 8th Vertex3 (YyyyXxxxh) 9th Texcoord3 (0000YyXxh) (10th) Color4 (00BbGgRrh) (if any) (11th) Vertex4 (YyyyXxxxh) (if any) (12th) Texcoord4 (0000YyXxh) (if any) |
| GPU Render Line Commands |
1st Color+Command (CcBbGgRrh) 2nd Vertex1 (YyyyXxxxh) 3rd Vertex2 (YyyyXxxxh) (...) VertexN (YyyyXxxxh) (poly-line only) (Last) Termination Code (55555555h) (poly-line only) |
1st Color1+Command (CcBbGgRrh) 2nd Vertex1 (YyyyXxxxh) 3rd Color2 (00BbGgRrh) 4th Vertex2 (YyyyXxxxh) (...) ColorN (00BbGgRrh) (poly-line only) (...) VertexN (YyyyXxxxh) (poly-line only) (Last) Termination Code (55555555h) (poly-line only) |
| GPU Render Rectangle Commands |
1st Color+Command (CcBbGgRrh) 2nd Vertex (YyyyXxxxh) (3rd) Width+Height (YsizXsizh) (variable size only) (max 1023x511) |
1st Color+Command (CcBbGgRrh) (color is ignored for raw-textures) 2nd Vertex (YyyyXxxxh) (upper-left edge of the rectangle) 3rd Texcoord+Palette (ClutYyXxh) (for 4bpp Textures Xxh must be even!) (4th) Width+Height (YsizXsizh) (variable size only) (max 1023x511) |
| GPU Rendering Attributes |
0-10 X-coordinate (signed, -1024..+1023) 11-15 Not used (usually sign-extension, but ignored by hardware) 16-26 Y-coordinate (signed, -1024..+1023) 26-31 Not used (usually sign-extension, but ignored by hardware) |
0-7 Red (0..FFh) 8-15 Green (0..FFh) 16-23 Blue (0..FFh) 24-31 Command (in first paramter) (don't care in further parameters) |
0-8 Same as GP0(E1h).Bit0-8 (see there) 9-10 Unused (does NOT change GP0(E1h).Bit9-10) 11 Same as GP0(E1h).Bit11 (see there) 12-13 Unused (does NOT change GP0(E1h).Bit12-13) 14-15 Unused (should be 0) |
0-5 X coordinate X/16 (ie. in 16-halfword steps) 6-14 Y coordinate 0-511 (ie. in 1-line steps) 15 Unknown/unused (should be 0) |
0-3 Texture page X Base (N*64) (ie. in 64-halfword steps) ;GPUSTAT.0-3
4 Texture page Y Base (N*256) (ie. 0 or 256) ;GPUSTAT.4
5-6 Semi Transparency (0=B/2+F/2, 1=B+F, 2=B-F, 3=B+F/4) ;GPUSTAT.5-6
7-8 Texture page colors (0=4bit, 1=8bit, 2=15bit, 3=Reserved);GPUSTAT.7-8
9 Dither 24bit to 15bit (0=Off/strip LSBs, 1=Dither Enabled) ;GPUSTAT.9
10 Drawing to display area (0=Prohibited, 1=Allowed) ;GPUSTAT.10
11 Texture Disable (0=Normal, 1=Disable if GP1(09h).Bit0=1) ;GPUSTAT.15
(Above might be chipselect for (absent) second VRAM chip?)
12 Textured Rectangle X-Flip (BIOS does set this bit on power-up...?)
13 Textured Rectangle Y-Flip (BIOS does set it equal to GPUSTAT.13...?)
14-23 Not used (should be 0)
24-31 Command (E1h)
|
0-4 Texture window Mask X (in 8 pixel steps) 5-9 Texture window Mask Y (in 8 pixel steps) 10-14 Texture window Offset X (in 8 pixel steps) 15-19 Texture window Offset Y (in 8 pixel steps) 20-23 Not used (zero) 24-31 Command (E2h) |
Texcoord = (Texcoord AND (NOT (Mask*8))) OR ((Offset AND Mask)*8) |
0-9 X-coordinate (0..1023) 10-18 Y-coordinate (0..511) ;\on Old 160pin GPU (max 1MB VRAM) 19-23 Not used (zero) ;/ 10-19 Y-coordinate (0..1023) ;\on New 208pin GPU (max 2MB VRAM) 20-23 Not used (zero) ;/(retail consoles have only 1MB though) 24-31 Command (Exh) |
0-10 X-offset (-1024..+1023) (usually within X1,X2 of Drawing Area) 11-21 Y-offset (-1024..+1023) (usually within Y1,Y2 of Drawing Area) 22-23 Not used (zero) 24-31 Command (E5h) |
0 Set mask while drawing (0=TextureBit15, 1=ForceBit15=1) ;GPUSTAT.11 1 Check mask before draw (0=Draw Always, 1=Draw if Bit15=0) ;GPUSTAT.12 2-23 Not used (zero) 24-31 Command (E6h) |
| GPU Memory Transfer Commands |
1st Command (Cc000000h) |
1st Color+Command (CcBbGgRrh) ;24bit RGB value (see note) 2nd Top Left Corner (YyyyXxxxh) ;Xpos counted in halfwords, steps of 10h 3rd Width+Height (YsizXsizh) ;Xsiz counted in halfwords, steps of 10h |
1st Command (Cc000000h) 2nd Source Coord (YyyyXxxxh) ;Xpos counted in halfwords 3rd Destination Coord (YyyyXxxxh) ;Xpos counted in halfwords 4th Width+Height (YsizXsizh) ;Xsiz counted in halfwords |
1st Command (Cc000000h) 2nd Destination Coord (YyyyXxxxh) ;Xpos counted in halfwords 3rd Width+Height (YsizXsizh) ;Xsiz counted in halfwords ... Data (...) <--- usually transferred via DMA |
1st Command (Cc000000h) ;\ 2nd Source Coord (YyyyXxxxh) ; write to GP0 port (as usually) 3rd Width+Height (YsizXsizh) ;/ ... Data (...) ;<--- read from GPUREAD port (or via DMA) |
Xpos=(Xpos AND 3F0h) ;range 0..3F0h, in steps of 10h Ypos=(Ypos AND 1FFh) ;range 0..1FFh Xsiz=((Xsiz AND 3FFh)+0Fh) AND (NOT 0Fh) ;range 0..400h, in steps of 10h Ysiz=((Ysiz AND 1FFh)) ;range 0..1FFh |
Xpos=(Xpos AND 3FFh) ;range 0..3FFh Ypos=(Ypos AND 1FFh) ;range 0..1FFh Xsiz=((Xsiz-1) AND 3FFh)+1 ;range 1..400h Ysiz=((Ysiz-1) AND 1FFh)+1 ;range 1..200h |
| GPU Other Commands |
1st Command (Cc000000h) ;GPUSTAT.24 |
| GPU Display Control Commands (GP1) |
0-23 Not used (zero) |
GP1(01h) ;clear fifo GP1(02h) ;ack irq (0) GP1(03h) ;display off (1) GP1(04h) ;dma off (0) GP1(05h) ;display address (0) GP1(06h) ;display x1,x2 (x1=200h, x2=200h+256*10) GP1(07h) ;display y1,y2 (y1=010h, y2=010h+240) GP1(08h) ;display mode 320x200 NTSC (0) GP0(E1h..E6h) ;rendering attributes (0) |
0-23 Not used (zero) |
0-23 Not used (zero) ;GPUSTAT.24 |
0 Display On/Off (0=On, 1=Off) ;GPUSTAT.23 1-23 Not used (zero) |
0-1 DMA Direction (0=Off, 1=FIFO, 2=CPUtoGP0, 3=GPUREADtoCPU) ;GPUSTAT.29-30 2-23 Not used (zero) |
0-9 X (0-1023) (halfword address in VRAM) (relative to begin of VRAM) 10-18 Y (0-511) (scanline number in VRAM) (relative to begin of VRAM) 19-23 Not used (zero) |
0-11 X1 (260h+0) ;12bit ;\counted in 53.222400MHz units, 12-23 X2 (260h+320*8) ;12bit ;/relative to HSYNC |
0-9 Y1 (NTSC=88h-(224/2), (PAL=A3h-(264/2)) ;\scanline numbers on screen, 10-19 Y2 (NTSC=88h+(224/2), (PAL=A3h+(264/2)) ;/relative to VSYNC 20-23 Not used (zero) |
0-1 Horizontal Resolution 1 (0=256, 1=320, 2=512, 3=640) ;GPUSTAT.17-18 2 Vertical Resolution (0=240, 1=480, when Bit5=1) ;GPUSTAT.19 3 Video Mode (0=NTSC/60Hz, 1=PAL/50Hz) ;GPUSTAT.20 4 Display Area Color Depth (0=15bit, 1=24bit) ;GPUSTAT.21 5 Vertical Interlace (0=Off, 1=On) ;GPUSTAT.22 6 Horizontal Resolution 2 (0=256/320/512/640, 1=368) ;GPUSTAT.16 7 "Reverseflag" (0=Normal, 1=Distorted) ;GPUSTAT.14 8-23 Not used (zero) |
0-23 Select Information which is to be retrieved (via following GPUREAD) |
00h-01h = Returns Nothing (old value in GPUREAD remains unchanged) 02h = Read Texture Window setting ;GP0(E2h) ;20bit/MSBs=Nothing 03h = Read Draw area top left ;GP0(E3h) ;19bit/MSBs=Nothing 04h = Read Draw area bottom right ;GP0(E4h) ;19bit/MSBs=Nothing 05h = Read Draw offset ;GP0(E5h) ;22bit 06h-07h = Returns Nothing (old value in GPUREAD remains unchanged) 08h-FFFFFFh = Mirrors of 00h..07h |
00h-01h = Returns Nothing (old value in GPUREAD remains unchanged) 02h = Read Texture Window setting ;GP0(E2h) ;20bit/MSBs=Nothing 03h = Read Draw area top left ;GP0(E3h) ;20bit/MSBs=Nothing 04h = Read Draw area bottom right ;GP0(E4h) ;20bit/MSBs=Nothing 05h = Read Draw offset ;GP0(E5h) ;22bit 06h = Returns Nothing (old value in GPUREAD remains unchanged) 07h = Read GPU Type (usually 2) ;see "GPU Versions" chapter 08h = Unknown (Returns 00000000h) (lightgun on some GPUs?) 09h-0Fh = Returns Nothing (old value in GPUREAD remains unchanged) 10h-FFFFFFh = Mirrors of 00h..0Fh |
0 Texture Disable (0=Normal, 1=Allow Disable via GP0(E1h).11) ;GPUSTAT.15 1-23 Unknown (seems to have no effect) |
0-23 Unknown (501h=Texture Enable, 504h=Texture Disable, or so?) |
0-10 Unknown (GPU crashes after a while when set to 274h..7FFh) 11-23 Unknown (seems to have no effect) |
| GPU Status Register |
0-3 Texture page X Base (N*64) ;GP0(E1h).0-3
4 Texture page Y Base (N*256) (ie. 0 or 256) ;GP0(E1h).4
5-6 Semi Transparency (0=B/2+F/2, 1=B+F, 2=B-F, 3=B+F/4) ;GP0(E1h).5-6
7-8 Texture page colors (0=4bit, 1=8bit, 2=15bit, 3=Reserved)GP0(E1h).7-8
9 Dither 24bit to 15bit (0=Off/strip LSBs, 1=Dither Enabled);GP0(E1h).9
10 Drawing to display area (0=Prohibited, 1=Allowed) ;GP0(E1h).10
11 Set Mask-bit when drawing pixels (0=No, 1=Yes/Mask) ;GP0(E6h).0
12 Draw Pixels (0=Always, 1=Not to Masked areas) ;GP0(E6h).1
13 Interlace Field (or, always 1 when GP1(08h).5=0)
14 "Reverseflag" (0=Normal, 1=Distorted) ;GP1(08h).7
15 Texture Disable (0=Normal, 1=Disable Textures) ;GP0(E1h).11
16 Horizontal Resolution 2 (0=256/320/512/640, 1=368) ;GP1(08h).6
17-18 Horizontal Resolution 1 (0=256, 1=320, 2=512, 3=640) ;GP1(08h).0-1
19 Vertical Resolution (0=240, 1=480, when Bit22=1) ;GP1(08h).2
20 Video Mode (0=NTSC/60Hz, 1=PAL/50Hz) ;GP1(08h).3
21 Display Area Color Depth (0=15bit, 1=24bit) ;GP1(08h).4
22 Vertical Interlace (0=Off, 1=On) ;GP1(08h).5
23 Display Enable (0=Enabled, 1=Disabled) ;GP1(03h).0
24 Interrupt Request (IRQ1) (0=Off, 1=IRQ) ;GP0(1Fh)/GP1(02h)
25 DMA / Data Request, meaning depends on GP1(04h) DMA Direction:
When GP1(04h)=0 ---> Always zero (0)
When GP1(04h)=1 ---> FIFO State (0=Full, 1=Not Full)
When GP1(04h)=2 ---> Same as GPUSTAT.28
When GP1(04h)=3 ---> Same as GPUSTAT.27
26 Ready to receive Cmd Word (0=No, 1=Ready) ;GP0(...) ;via GP0
27 Ready to send VRAM to CPU (0=No, 1=Ready) ;GP0(C0h) ;via GPUREAD
28 Ready to receive DMA Block (0=No, 1=Ready) ;GP0(...) ;via GP0
29-30 DMA Direction (0=Off, 1=?, 2=CPUtoGP0, 3=GPUREADtoCPU) ;GP1(04h).0-1
31 Drawing even/odd lines in interlace mode (0=Even or Vblank, 1=Odd)
|
| GPU Versions |
Differences... Old 160pin GPU New 208pin GPU GPU Chip CXD8514Q CXD8561Q/BQ/CQ/CXD9500Q Mainboard EARLY-PU-8 and below LATE-PU-8 and up Memory Type Dual-ported VRAM Normal DRAM GPUSTAT.13 when interlace=off always 0 always 1 GPUSTAT.14 always 0 reverseflag GPUSTAT.15 always 0 texture_disable GP1(10h:index3..4) 19bit (1MB VRAM) 20bit (2MB VRAM) GP1(10h:index7) N/A 00000002h version GP1(10h:index8) mirror of index0 00000000h zero GP1(10h:index9..F) mirror of index1..7 N/A GP1(20h) whatever? used for detecting old gpu GP0(E1h).bit12/13 without x/y-flip with x/y-flip GP0(03h) N/A (no stored in fifo) unknown/unused command Shaded Textures ((color/8)*texel)/2 (color*texel)/16 GP0(02h) FillVram xpos.bit0-3=0Fh=bugged xpos.bit0-3=ignored dma-to-vram: doesn't work with blksiz>10h (new gpu works with blksiz=8C0h!) dma-to-vram: MAYBE also needs extra software-handshake to confirm DMA done? 320*224 pix = 11800h pix = 8C00h words GP0(80h) VramToVram works Freeze on large moves? |
[1F801814h]=10000004h ;GP1(10h).index4 (latch draw area bottom right) [1F801814h]=10000007h ;GP1(10h).index7 (latch GPU version, if any) if ([1F801810h] AND 00FFFFFFh)=00000002h then goto @@gpu_v2 [1F801810h]=([1F801814h] AND 3FFFh) OR E1001000h ;change GPUSTAT via GP0(E1h) dummy=[1F801810h] ;dummy read (unknown purpose) if ([1F801814h] AND 00001000h) then goto @@gpu_v1 else goto @@gpu_v0 ;--- @@gpu_v0: ;Old 160pin GPU (EARLY-PU-8) return 0 ;--- @@gpu_v1: ;unknown GPU type, maybe some custom arcade/prototype version ? if want_tex_dis then [1F801814h]=20000504h ;GP1(20h) return 1 ;--- @@gpu_v2: ;New 208pin GPU (LATE-PU-8 and up) if want_tex_dis then [1F801814h]=09000001h ;GP1(09h) return 2 |
0h 10h 20h 30h 40h
| | | | |
################################ ;\x=00h..0Eh
################################ ; and, x=0Fh
################################ ; on NEW GPU
################################ ;/
# # # # # # # ################## # # # # # # # ;\
# # # # # # # ################## # # # # # # # ; x=0Fh
# # # # # # # ################## # # # # # # # ; on OLD GPU
# # # # # # # ################## # # # # # # # ;/
################################ ;\x=10h..1Eh
################################ ; and, x=1Fh
################################ ; on NEW GPU
################################ ;/
# # # # # # # ################## # # # # # # # ;\
# # # # # # # ################## # # # # # # # ; x=1Fh
# # # # # # # ################## # # # # # # # ; on OLD GPU
# # # # # # # ################## # # # # # # # ;/
|
IC21 - 208pin - "SONY CXD8538Q" ;seen on GP-11 (namco System 11) boards IC103 - 208pin - "SONY CXD8654Q" ;seen on GP-15 (namco System 12) boards |
| GPU Depth Ordering |
DPCR - enable bits ;Example=x8xxxxxxh D6_MADR - pointer to the LAST table entry ;Example=8012300Ch D6_BCR - number of list entries ;Example=00000004h D6_CHCR - control bits (should be 11000002h) ;Example=11000002h |
[80123000h]=00FFFFFFh ;1st entry, points to end code (xxFFFFFFh) [80123004h]=00123000h ;2nd entry, points to 1st entry [80123008h]=00123004h ;3rd entry, points to 2nd entry [8012300Ch]=00123008h ;last entry, points to 3rd entry (table entrypoint) |
[PacketAddr+0] = [80123000h+OTZ*4] + (N SHL 24) <--internal link chain [PacketAddr+4..N*4] = GP0 Command(s) and Parameters <--data (send to GP0) [80123000h+OTZ*4] = PacketAddr AND FFFFFFh <--internal link chain |
1 - Wait until GPU is ready to receive commands ;GPUSTAT.28 2 - Enable DMA channel 2 ;DPCR 3 - Set GPU to DMA cpu->gpu mode ;[GP1]=04000002h aka GP1(04h) 3 - Set D2_MADR to the start of the list ;(LAST Entry) ;Example=80123010h 4 - Set D2_BCR to zero ;(length unused, end at END-CODE) 5 - Set D2_CHCR to link mode, mem->GPU and dma enable ;=01000401h |
| GPU Video Memory (VRAM) |
Resolution 16bit 24bit | Resolution 16bit 24bit 256x240 120Kbytes 180Kbytes | 256x480 240Kbytes 360Kbytes 320x240 150Kbytes 225Kbytes | 320x480 300Kbytes 450Kbytes 368x240 xx0Kbytes xx0Kbytes | 368x480 xx0Kbytes xx0Kbytes 512x240 240Kbytes 360Kbytes | 512x480 480Kbytes 720Kbytes 640x240 300Kbytes 450Kbytes | 640x480 600Kbytes 900Kbytes |
15bit Direct Display (default) (works with polygons, lines, rectangles) 0-4 Red (0..31) 5-9 Green (0..31) 10-14 Blue (0..31) 15 Mask flag (0=Normal, 1=Do not allow to overwrite this pixel) 24bit Direct Display (works ONLY with direct vram transfers) 0-7 Red (0..255) 8-15 Green (0..255) 16-23 Blue (0..255) |
16bit Texture (Direct Color) ;(One 256x256 page = 128Kbytes) 0-4 Red (0..31) ;\Color 0000h = Fully-Transparent 5-9 Green (0..31) ; Color 0001h..7FFFh = Non-Transparent 10-14 Blue (0..31) ; Color 8000h..FFFFh = Semi-Transparent (*) 15 Semi Transparency Flag ;/(*) or Non-Transparent for opaque commands 8bit Texture (256 Color Palette) ;(One 256x256 page = 64Kbytes) 0-7 Palette index for 1st pixel (left) 8-15 Palette index for 2nd pixel (right) 4bit Texture (16 Color Palette) ;(One 256x256 page = 32Kbytes) 0-3 Palette index for 1st pixel (left) 4-7 Palette index for 2nd pixel (middle/left) 8-11 Palette index for 3rd pixel (middle/right) 12-15 Palette index for 4th pixel (right) |
0-4 Red (0..31) ;\Color 0000h = Fully-Transparent 5-9 Green (0..31) ; Color 0001h..7FFFh = Non-Transparent 10-14 Blue (0..31) ; Color 8000h..FFFFh = Semi-Transparent (*) 15 Semi Transparency Flag ;/(*) or Non-Transparent for opaque commands |
opaque command, eg. GP0(24h) --> 8000h = Non-Transparent Black semi-transp command, eg. GP0(26h) --> 8000h = Semi-Transparent Black |
Intensity PC PSX Minimum 0 0 Medium (circa) 16 8 Maximum 31 31 |
| GPU Texture Caching |
+-----+-----+-----+-- |cache| | | |block| | | 0| 1 | 2 .. +-----+-----+-- |.. | | |
4bit and 8bit clut: 15bitdirect: +----+----+----+----+ +----+----+----+----+----+----+----+----+ | 0| 1| 2| 3| | 0| 1| 2| 3| 4| 5| 6| 7| +----+----+----+----+ +----+----+----+----+----+----+----+----+ | 4| 5| 6| 7| | 8| 9| a| b| c| d| e| f| +----+----+----+----+ +----+----+----+----+----+----+----+----+ | 8| 9| .. | 10| 11| .. +----+----+-- +----+----+-- | c| ..| | 18| ..| +----+-- +----+-- | .. | .. |
| GPU Timings |
CPU Clock = 33.868800MHz (44100Hz*300h) Video Clock = 53.222400MHz (44100Hz*300h*11/7) |
PAL: 314 scanlines per frame (13Ah) NTSC: 263 scanlines per frame (107h) |
PAL: 3406 video cycles per scanline (or 3406.1 or so?) NTSC: 3413 video cycles per scanline (or 3413.6 or so?) |
PSX.256-pix Dotclock = 5.322240MHz (44100Hz*300h*11/7/10) PSX.320-pix Dotclock = 6.652800MHz (44100Hz*300h*11/7/8) PSX.368-pix Dotclock = 7.603200MHz (44100Hz*300h*11/7/7) PSX.512-pix Dotclock = 10.644480MHz (44100Hz*300h*11/7/5) PSX.640-pix Dotclock = 13.305600MHz (44100Hz*300h*11/7/4) Namco GunCon 385-pix = 8.000000MHz (from 8.00MHz on lightgun PCB) |
320pix/PAL: 3406/8 = 425.75 dots 320pix/NTSC: 3413/8 = 426.625 dots 640pix/PAL: 3406/4 = 851.5 dots 640pix/NTSC: 3413/4 = 853.25 dots 256pix/PAL: 3406/10 = 340.6 dots 256pix/NTSC: 3413/10 = 341.3 dots 512pix/PAL: 3406/5 = 681.2 dots 512pix/NTSC: 3413/5 = 682.6 dots 368pix/PAL: 3406/7 = 486.5714 dots 368pix/NTSC: 3413/7 = 487.5714 dots |
PAL: 53.222400MHz/314/3406 = ca. 49.76 Hz (ie. almost 50Hz) NTSC: 53.222400MHz/263/3413 = ca. 59.29 Hz (ie. almost 60Hz) |
| GPU (MISC) |
0-23 Color for (first) Vertex (Not for Raw-Texture) 24 Texture Mode (0=Blended, 1=Raw) (Textured-Polygon/Rect only) 25 Semi Transparency (0=Off, 1=On) (All Render Types) 26 Texture Mapping (0=Off, 1=On) (Polygon/Rectangle only) 27-28 Rect Size (0=Var, 1=1x1, 2=8x8, 3=16x16) (Rectangle only) 27 Num Vertices (0=Triple, 1=Quad) (Polygon only) 27 Num Lines (0=Single, 1=Poly) (Line only) 28 Shading (0=Flat, 1=Gouroud) (Polygon/Line only) 29-31 Primitive Type (1=Polygon, 2=Line, 3=Rectangle) |
-4 +0 -3 +1 ;\dither offsets for first two scanlines +2 -2 +3 -1 ;/ -3 +1 -4 +0 ;\dither offsets for next two scanlines +3 -1 +2 -2 ;/(same as above, but shifted two pixels horizontally) |
B=Back (the old pixel read from the image in the frame buffer) F=Front (the new halftransparent pixel) * 0.5 x B + 0.5 x F ;aka B/2+F/2 * 1.0 x B + 1.0 x F ;aka B+F * 1.0 x B - 1.0 x F ;aka B-F * 1.0 x B +0.25 x F ;aka B+F/4 |
| Geometry Transformation Engine (GTE) |
| GTE Overview |
mov cop0r12,rt ;-enable/disable COP2 (GTE) via COP0 status register mov cop2r0-63,rt ;\write parameters to GTE registers mov cop2r0-31,[rs+imm] ;/ mov cop2cmd,imm25 ;-issue GTE command mov rt,cop2r0-63 ;\read results from GTE registers mov [rs+imm],cop2r0-31 ;/ jt cop2flg,dest ;-jump never ;\implemented (no exception), but, jf cop2flg,dest ;-jump always ;/flag seems to be always "false" |
- Delay slots of jumps and branches - Event handlers or interrupts (sounds like nonsense?) (need push/pop though) |
31-25 Must be 0100101b for "COP2 imm25" instructions 20-24 Fake GTE Command Number (00h..1Fh) (ignored by hardware) 19 sf - Shift Fraction in IR registers (0=No fraction, 1=12bit fraction) 17-18 MVMVA Multiply Matrix (0=Rotation. 1=Light, 2=Color, 3=Reserved) 15-16 MVMVA Multiply Vector (0=V0, 1=V1, 2=V2, 3=IR/long) 13-14 MVMVA Translation Vector (0=TR, 1=BK, 2=FC/Bugged, 3=None) 11-12 Always zero (ignored by hardware) 10 lm - Saturate IR1,IR2,IR3 result (0=To -8000h..+7FFFh, 1=To 0..+7FFFh) 6-9 Always zero (ignored by hardware) 0-5 Real GTE Command Number (00h..3Fh) (used by hardware) |
cop2r0-1 3xS16 VXY0,VZ0 Vector 0 (X,Y,Z) cop2r2-3 3xS16 VXY1,VZ1 Vector 1 (X,Y,Z) cop2r4-5 3xS16 VXY2,VZ2 Vector 2 (X,Y,Z) cop2r6 4xU8 RGBC Color/code value cop2r7 1xU16 OTZ Average Z value (for Ordering Table) cop2r8 1xS16 IR0 16bit Accumulator (Interpolate) cop2r9-11 3xS16 IR1,IR2,IR3 16bit Accumulator (Vector) cop2r12-15 6xS16 SXY0,SXY1,SXY2,SXYP Screen XY-coordinate FIFO (3 stages) cop2r16-19 4xU16 SZ0,SZ1,SZ2,SZ3 Screen Z-coordinate FIFO (4 stages) cop2r20-22 12xU8 RGB0,RGB1,RGB2 Color CRGB-code/color FIFO (3 stages) cop2r23 4xU8 (RES1) Prohibited cop2r24 1xS32 MAC0 32bit Maths Accumulators (Value) cop2r25-27 3xS32 MAC1,MAC2,MAC3 32bit Maths Accumulators (Vector) cop2r28-29 1xU15 IRGB,ORGB Convert RGB Color (48bit vs 15bit) cop2r30-31 2xS32 LZCS,LZCR Count Leading-Zeroes/Ones (sign bits) |
cop2r32-36 9xS16 RT11RT12,..,RT33 Rotation matrix (3x3) ;cnt0-4 cop2r37-39 3x 32 TRX,TRY,TRZ Translation vector (X,Y,Z) ;cnt5-7 cop2r40-44 9xS16 L11L12,..,L33 Light source matrix (3x3) ;cnt8-12 cop2r45-47 3x 32 RBK,GBK,BBK Background color (R,G,B) ;cnt13-15 cop2r48-52 9xS16 LR1LR2,..,LB3 Light color matrix source (3x3) ;cnt16-20 cop2r53-55 3x 32 RFC,GFC,BFC Far color (R,G,B) ;cnt21-23 cop2r56-57 2x 32 OFX,OFY Screen offset (X,Y) ;cnt24-25 cop2r58 BuggyU16 H Projection plane distance. ;cnt26 cop2r59 S16 DQA Depth queing parameter A (coeff) ;cnt27 cop2r60 32 DQB Depth queing parameter B (offset);cnt28 cop2r61-62 2xS16 ZSF3,ZSF4 Average Z scale factors ;cnt29-30 cop2r63 U20 FLAG Returns any calculation errors ;cnt31 |
| GTE Registers |
Rotation matrix (RT) Light matrix (LLM) Light Color matrix (LCM) cop2r32.lsbs=RT11 cop2r40.lsbs=L11 cop2r48.lsbs=LR1 cop2r32.msbs=RT12 cop2r40.msbs=L12 cop2r48.msbs=LR2 cop2r33.lsbs=RT13 cop2r41.lsbs=L13 cop2r49.lsbs=LR3 cop2r33.msbs=RT21 cop2r41.msbs=L21 cop2r49.msbs=LG1 cop2r34.lsbs=RT22 cop2r42.lsbs=L22 cop2r50.lsbs=LG2 cop2r34.msbs=RT23 cop2r42.msbs=L23 cop2r50.msbs=LG3 cop2r35.lsbs=RT31 cop2r43.lsbs=L31 cop2r51.lsbs=LB1 cop2r35.msbs=RT32 cop2r43.msbs=L32 cop2r51.msbs=LB2 cop2r36 =RT33 cop2r44 =L33 cop2r52 =LB3 |
cop2r37 (cnt5) - TRX - Translation vector X (R/W?) cop2r38 (cnt6) - TRY - Translation vector Y (R/W?) cop2r39 (cnt7) - TRZ - Translation vector Z (R/W?) |
cop2r45 (cnt13) - RBK - Background color red component cop2r46 (cnt14) - GBK - Background color green component cop2r47 (cnt15) - BBK - Background color blue component |
cop2r53 (cnt21) - RFC - Far color red component cop2r54 (cnt22) - GFC - Far color green component cop2r55 (cnt23) - BFC - Far color blue component |
cop2r56 (cnt24) - OFX - Screen offset X cop2r57 (cnt25) - OFY - Screen offset Y cop2r58 (cnt26) - H - Projection plane distance cop2r59 (cnt27) - DQA - Depth queing parameter A.(coeff.) cop2r60 (cnt28) - DQB - Depth queing parameter B.(offset.) |
cop2r61 (cnt29) ZSF3 | 0|ZSF3 1,3,12| Z3 average scale factor (normally 1/3) cop2r62 (cnt30) ZSF4 | 0|ZSF4 1,3,12| Z4 average scale factor (normally 1/4) cop2r7 OTZ (R) | |OTZ 0,15, 0| Average Z value (for Ordering Table) |
cop2r12 - SXY0 rw|SY0 1,15, 0|SX0 1,15, 0| Screen XY fifo (older) cop2r13 - SXY1 rw|SY1 1,15, 0|SX1 1,15, 0| Screen XY fifo (old) cop2r14 - SXY2 rw|SY2 1,15, 0|SX2 1,15, 0| Screen XY fifo (new) cop2r15 - SXYP rw|SYP 1,15, 0|SXP 1,15, 0| SXY2-mirror with move-on-write cop2r16 - SZ0 rw| 0|SZ0 0,16, 0| Screen Z fifo (oldest) cop2r17 - SZ1 rw| 0|SZ1 0,16, 0| Screen Z fifo (older) cop2r18 - SZ2 rw| 0|SZ2 0,16, 0| Screen Z fifo (old) cop2r19 - SZ3 rw| 0|SZ3 0,16, 0| Screen Z fifo (new) |
Vector 0 (V0) Vector 1 (V1) Vector 2 (V2) Vector 3 (IR) cop2r0.lsbs - VX0 cop2r2.lsbs - VX1 cop2r4.lsbs - VX2 cop2r9 - IR1 cop2r0.msbs - VY0 cop2r2.msbs - VY1 cop2r4.msbs - VY2 cop2r10 - IR2 cop2r1 - VZ0 cop2r3 - VZ1 cop2r5 - VZ2 cop2r11 - IR3 |
cop2r6 - RGBC rw|CODE |B |G |R | Color/code cop2r20 - RGB0 rw|CD0 |B0 |G0 |R0 | Characteristic color fifo. cop2r21 - RGB1 rw|CD1 |B1 |G1 |R1 | cop2r22 - RGB2 rw|CD2 |B2 |G2 |R2 | cop2r23 - (RES1) | | Prohibited |
cop2r8 IR0 rw|Sign |IR0 1, 3,12| Intermediate value 0. |
cop2r24 MAC0 rw|MAC0 1,31,0 | Sum of products value 0 |
cop2r25 MAC1 rw|MAC1 1,31,0 | Sum of products value 1 cop2r26 MAC2 rw|MAC2 1,31,0 | Sum of products value 2 cop2r27 MAC3 rw|MAC3 1,31,0 | Sum of products value 3 |
0-4 Red (0..1Fh) (R/W) ;multiplied by 80h, and written to IR1 5-9 Green (0..1Fh) (R/W) ;multiplied by 80h, and written to IR2 10-14 Blue (0..1Fh) (R/W) ;multiplied by 80h, and written to IR3 15-31 Not used (always zero) (Read only) |
0-4 Red (0..1Fh) (R) ;IR1 divided by 80h, saturated to +00h..+1Fh 5-9 Green (0..1Fh) (R) ;IR2 divided by 80h, saturated to +00h..+1Fh 10-14 Blue (0..1Fh) (R) ;IR3 divided by 80h, saturated to +00h..+1Fh 15-31 Not used (always zero) (Read only) |
| GTE Saturation |
31 Error Flag (Bit30..23, and 18..13 ORed together) (Read only) 30 MAC1 Result larger than 43 bits and positive 29 MAC2 Result larger than 43 bits and positive 28 MAC3 Result larger than 43 bits and positive 27 MAC1 Result larger than 43 bits and negative 26 MAC2 Result larger than 43 bits and negative 25 MAC3 Result larger than 43 bits and negative 24 IR1 saturated to +0000h..+7FFFh (lm=1) or to -8000h..+7FFFh (lm=0) 23 IR2 saturated to +0000h..+7FFFh (lm=1) or to -8000h..+7FFFh (lm=0) 22 IR3 saturated to +0000h..+7FFFh (lm=1) or to -8000h..+7FFFh (lm=0) 21 Color-FIFO-R saturated to +00h..+FFh 20 Color-FIFO-G saturated to +00h..+FFh 19 Color-FIFO-B saturated to +00h..+FFh 18 SZ3 or OTZ saturated to +0000h..+FFFFh 17 Divide overflow. RTPS/RTPT division result saturated to max=1FFFFh 16 MAC0 Result larger than 31 bits and positive 15 MAC0 Result larger than 31 bits and negative 14 SX2 saturated to -0400h..+03FFh 13 SY2 saturated to -0400h..+03FFh 12 IR0 saturated to +0000h..+1000h 0-11 Not used (always zero) (Read only) |
| GTE Opcode Summary |
Opc Name Clk Expl. 00h - N/A (modifies similar registers than RTPS...) 01h RTPS 15 Perspective Transformation single 0xh - N/A 06h NCLIP 8 Normal clipping 0xh - N/A 0Ch OP(sf) 6 Outer product of 2 vectors 0xh - N/A 10h DPCS 8 Depth Cueing single 11h INTPL 8 Interpolation of a vector and far color vector 12h MVMVA 8 Multiply vector by matrix and add vector (see below) 13h NCDS 19 Normal color depth cue single vector 14h CDP 13 Color Depth Que 15h - N/A 16h NCDT 44 Normal color depth cue triple vectors 1xh - N/A 1Bh NCCS 17 Normal Color Color single vector 1Ch CC 11 Color Color 1Dh - N/A 1Eh NCS 14 Normal color single 1Fh - N/A 20h NCT 30 Normal color triple 2xh - N/A 28h SQR(sf)5 Square of vector IR 29h DCPL 8 Depth Cue Color light 2Ah DPCT 17 Depth Cueing triple (should be fake=08h, but isn't) 2xh - N/A 2Dh AVSZ3 5 Average of three Z values 2Eh AVSZ4 6 Average of four Z values 2Fh - N/A 30h RTPT 23 Perspective Transformation triple 3xh - N/A 3Dh GPF(sf)5 General purpose interpolation 3Eh GPL(sf)5 General purpose interpolation with base 3Fh NCCT 39 Normal Color Color triple vector |
Fake Name Clk Expl. 00h - N/A 01h RTPS 15 Perspective Transformation single 02h RTPT 23 Perspective Transformation triple 03h - N/A 04h MVMVA 8 Multiply vector by matrix and add vector (see below) 05h - N/A 06h DCPL 8 Depth Cue Color light 07h DPCS 8 Depth Cueing single 08h DPCT 17 Depth Cueing triple (should be fake=08h, but isn't) 09h INTPL 8 Interpolation of a vector and far color vector 0Ah SQR(sf)5 Square of vector IR 0Bh - N/A 0Ch NCS 14 Normal color single 0Dh NCT 30 Normal color triple 0Eh NCDS 19 Normal color depth cue single vector 0Fh NCDT 44 Normal color depth cue triple vectors 10h NCCS 17 Normal Color Color single vector 11h NCCT 39 Normal Color Color triple vector 12h CDP 13 Color Depth Que 13h CC 11 Color Color 14h NCLIP 8 Normal clipping 15h AVSZ3 5 Average of three Z values 16h AVSZ4 6 Average of four Z values 17h OP(sf) 6 Outer product of 2 vectors 18h - N/A 19h GPF(sf)5 General purpose interpolation 1Ah GPL(sf)5 General purpose interpolation with base 1Bh - N/A 1Ch - N/A 1Dh - N/A 1Eh - N/A 1Fh - N/A |
| GTE Coordinate Calculation Commands |
IR1 = MAC1 = (TRX*1000h + RT11*VX0 + RT12*VY0 + RT13*VZ0) SAR (sf*12) IR2 = MAC2 = (TRY*1000h + RT21*VX0 + RT22*VY0 + RT23*VZ0) SAR (sf*12) IR3 = MAC3 = (TRZ*1000h + RT31*VX0 + RT32*VY0 + RT33*VZ0) SAR (sf*12) SZ3 = MAC3 SAR ((1-sf)*12) ;ScreenZ FIFO 0..+FFFFh MAC0=(((H*20000h/SZ3)+1)/2)*IR1+OFX, SX2=MAC0/10000h ;ScrX FIFO -400h..+3FFh MAC0=(((H*20000h/SZ3)+1)/2)*IR2+OFY, SY2=MAC0/10000h ;ScrY FIFO -400h..+3FFh MAC0=(((H*20000h/SZ3)+1)/2)*DQA+DQB, IR0=MAC0/1000h ;Depth cueing 0..+1000h |
MAC0 = SX0*SY1 + SX1*SY2 + SX2*SY0 - SX0*SY2 - SX1*SY0 - SX2*SY1 |
MAC0 = ZSF3*(SZ1+SZ2+SZ3) ;for AVSZ3 MAC0 = ZSF4*(SZ0+SZ1+SZ2+SZ3) ;for AVSZ4 OTZ = MAC0/1000h ;for both (saturated to 0..FFFFh) |
| GTE General Purpose Calculation Commands |
Mx = matrix specified by mx ;RT/LLM/LCM - Rotation, light or color matrix Vx = vector specified by v ;V0, V1, V2, or [IR1,IR2,IR3] Tx = translation vector specified by cv ;TR or BK or Bugged/FC, or None |
MAC1 = (Tx1*1000h + Mx11*Vx1 + Mx12*Vx2 + Mx13*Vx3) SAR (sf*12) MAC2 = (Tx2*1000h + Mx21*Vx1 + Mx22*Vx2 + Mx23*Vx3) SAR (sf*12) MAC3 = (Tx3*1000h + Mx31*Vx1 + Mx32*Vx2 + Mx33*Vx3) SAR (sf*12) [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] |
[MAC1,MAC2,MAC3] = [IR1*IR1,IR2*IR2,IR3*IR3] SHR (sf*12) [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] ;IR1,IR2,IR3 saturated to max 7FFFh |
[MAC1,MAC2,MAC3] = [IR3*D2-IR2*D3, IR1*D3-IR3*D1, IR2*D1-IR1*D2] SAR (sf*12) [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] ;copy result |
| GTE Color Calculation Commands |
[IR1,IR2,IR3] = [MAC1,MAC2,MAC3] = (LLM*V0) SAR (sf*12) [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] = (BK*1000h + LCM*IR) SAR (sf*12) [MAC1,MAC2,MAC3] = [R*IR1,G*IR2,B*IR3] SHL 4 ;<--- for NCDx/NCCx [MAC1,MAC2,MAC3] = MAC+(FC-MAC)*IR0 ;<--- for NCDx only [MAC1,MAC2,MAC3] = [MAC1,MAC2,MAC3] SAR (sf*12) ;<--- for NCDx/NCCx Color FIFO = [MAC1/16,MAC2/16,MAC3/16,CODE], [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] |
[IR1,IR2,IR3] = [MAC1,MAC2,MAC3] = (BK*1000h + LCM*IR) SAR (sf*12) [MAC1,MAC2,MAC3] = [R*IR1,G*IR2,B*IR3] SHL 4 [MAC1,MAC2,MAC3] = MAC+(FC-MAC)*IR0 ;<--- for CDP only [MAC1,MAC2,MAC3] = [MAC1,MAC2,MAC3] SAR (sf*12) Color FIFO = [MAC1/16,MAC2/16,MAC3/16,CODE], [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] |
[MAC1,MAC2,MAC3] = [R*IR1,G*IR2,B*IR3] SHL 4 ;<--- for DCPL only [MAC1,MAC2,MAC3] = [IR1,IR2,IR3] SHL 12 ;<--- for INTPL only [MAC1,MAC2,MAC3] = [R,G,B] SHL 16 ;<--- for DPCS/DPCT [MAC1,MAC2,MAC3] = MAC+(FC-MAC)*IR0 [MAC1,MAC2,MAC3] = [MAC1,MAC2,MAC3] SAR (sf*12) Color FIFO = [MAC1/16,MAC2/16,MAC3/16,CODE], [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] |
[MAC1,MAC2,MAC3] = [0,0,0] ;<--- for GPF only [MAC1,MAC2,MAC3] = [MAC1,MAC2,MAC3] SHL (sf*12) ;<--- for GPL only [MAC1,MAC2,MAC3] = (([IR1,IR2,IR3] * IR0) + [MAC1,MAC2,MAC3]) SAR (sf*12) Color FIFO = [MAC1/16,MAC2/16,MAC3/16,CODE], [IR1,IR2,IR3] = [MAC1,MAC2,MAC3] |
[IR1,IR2,IR3] = (([RFC,GFC,BFC] SHL 12) - [MAC1,MAC2,MAC3]) SAR (sf*12) [MAC1,MAC2,MAC3] = (([IR1,IR2,IR3] * IR0) + [MAC1,MAC2,MAC3]) |
| GTE Division Inaccuracy |
n = (((H*20000h/SZ3)+1)/2) |
n = ((H*10000h+SZ3/2)/SZ3) |
if n>1FFFFh or division_by_zero then n=1FFFFh, FLAG.Bit17=1, FLAG.Bit31=1 |
if (H < SZ3*2) then ;check if overflow
z = count_leading_zeroes(SZ3) ;z=0..0Fh (for 16bit SZ3)
n = (H SHL z) ;n=0..7FFF8000h
d = (SZ3 SHL z) ;d=8000h..FFFFh
u = unr_table[(d-7FC0h) SHR 7] + 101h ;u=200h..101h
d = ((2000080h - (d * u)) SHR 8) ;d=10000h..0FF01h
d = ((0000080h + (d * u)) SHR 8) ;d=20000h..10000h
n = min(1FFFFh, (((n*d) + 8000h) SHR 16)) ;n=0..1FFFFh
else n = 1FFFFh, FLAG.Bit17=1, FLAG.Bit31=1 ;n=1FFFFh plus overflow flag
|
FFh,FDh,FBh,F9h,F7h,F5h,F3h,F1h,EFh,EEh,ECh,EAh,E8h,E6h,E4h,E3h ;\ E1h,DFh,DDh,DCh,DAh,D8h,D6h,D5h,D3h,D1h,D0h,CEh,CDh,CBh,C9h,C8h ; 00h..3Fh C6h,C5h,C3h,C1h,C0h,BEh,BDh,BBh,BAh,B8h,B7h,B5h,B4h,B2h,B1h,B0h ; AEh,ADh,ABh,AAh,A9h,A7h,A6h,A4h,A3h,A2h,A0h,9Fh,9Eh,9Ch,9Bh,9Ah ;/ 99h,97h,96h,95h,94h,92h,91h,90h,8Fh,8Dh,8Ch,8Bh,8Ah,89h,87h,86h ;\ 85h,84h,83h,82h,81h,7Fh,7Eh,7Dh,7Ch,7Bh,7Ah,79h,78h,77h,75h,74h ; 40h..7Fh 73h,72h,71h,70h,6Fh,6Eh,6Dh,6Ch,6Bh,6Ah,69h,68h,67h,66h,65h,64h ; 63h,62h,61h,60h,5Fh,5Eh,5Dh,5Dh,5Ch,5Bh,5Ah,59h,58h,57h,56h,55h ;/ 54h,53h,53h,52h,51h,50h,4Fh,4Eh,4Dh,4Dh,4Ch,4Bh,4Ah,49h,48h,48h ;\ 47h,46h,45h,44h,43h,43h,42h,41h,40h,3Fh,3Fh,3Eh,3Dh,3Ch,3Ch,3Bh ; 80h..BFh 3Ah,39h,39h,38h,37h,36h,36h,35h,34h,33h,33h,32h,31h,31h,30h,2Fh ; 2Eh,2Eh,2Dh,2Ch,2Ch,2Bh,2Ah,2Ah,29h,28h,28h,27h,26h,26h,25h,24h ;/ 24h,23h,22h,22h,21h,20h,20h,1Fh,1Eh,1Eh,1Dh,1Dh,1Ch,1Bh,1Bh,1Ah ;\ 19h,19h,18h,18h,17h,16h,16h,15h,15h,14h,14h,13h,12h,12h,11h,11h ; C0h..FFh 10h,0Fh,0Fh,0Eh,0Eh,0Dh,0Dh,0Ch,0Ch,0Bh,0Ah,0Ah,09h,09h,08h,08h ; 07h,07h,06h,06h,05h,05h,04h,04h,03h,03h,02h,02h,01h,01h,00h,00h ;/ 00h ;<-- one extra table entry (for "(d-7FC0h)/80h"=100h) ;-100h |
| Macroblock Decoder (MDEC) |
| MDEC I/O Ports |
31-0 Command or Parameters |
31-0 Macroblock Data (or Garbage if there's no data available) |
31 Data-Out Fifo Empty (0=No, 1=Empty) 30 Data-In Fifo Full (0=No, 1=Full, or Last word received) 29 Command Busy (0=Ready, 1=Busy receiving or processing parameters) 28 Data-In Request (set when DMA0 enabled and ready to receive data) 27 Data-Out Request (set when DMA1 enabled and ready to send data) 26-25 Data Output Depth (0=4bit, 1=8bit, 2=24bit, 3=15bit) ;CMD.28-27 24 Data Output Signed (0=Unsigned, 1=Signed) ;CMD.26 23 Data Output Bit15 (0=Clear, 1=Set) (for 15bit depth only) ;CMD.25 22-19 Not used (seems to be always zero) 18-16 Current Block (0..3=Y1..Y4, 4=Cr, 5=Cb) (or for mono: always 4=Y) 15-0 Number of Parameter Words remaining minus 1 (FFFFh=None) ;CMD.Bit0-15 |
31 Reset MDEC (0=No change, 1=Abort any command, and set status=80040000h) 30 Enable Data-In Request (0=Disable, 1=Enable DMA0 and Status.bit28) 29 Enable Data-Out Request (0=Disable, 1=Enable DMA1 and Status.bit27) 28-0 Unknown/Not used - usually zero |
1) DMA3 (CDROM) to send compressed data from CDROM to RAM 2) DMA0 (MDEC.In) to send compressed data from RAM to MDEC 3) DMA1 (MDEC.Out) to send uncompressed macroblocks from MDEC to RAM 4) DMA2 (GPU) to send uncompressed macroblocks from RAM to GPU |
| MDEC Commands |
31-29 Command (1=decode_macroblock) 28-27 Data Output Depth (0=4bit, 1=8bit, 2=24bit, 3=15bit) ;STAT.26-25 26 Data Output Signed (0=Unsigned, 1=Signed) ;STAT.24 25 Data Output Bit15 (0=Clear, 1=Set) (for 15bit depth only) ;STAT.23 24-16 Not used (should be zero) 15-0 Number of Parameter Words (size of compressed data) |
31-29 Command (2=set_iqtab) 28-1 Not used (should be zero) ;Bit25-28 are copied to STAT.23-26 though 0 Color (0=Luminance only, 1=Luminance and Color) |
31-29 Command (3=set_scale) 28-0 Not used (should be zero) ;Bit25-28 are copied to STAT.23-26 though |
| MDEC Decompression |
rl_decode_block(Crblk,src,iq_uv) ;Cr (low resolution) rl_decode_block(Cbblk,src,iq_uv) ;Cb (low resolution) rl_decode_block(Yblk,src,iq_y), yuv_to_rgb(0,0) ;Y1 (and upper-left Cr,Cb) rl_decode_block(Yblk,src,iq_y), yuv_to_rgb(0,8) ;Y2 (and upper-right Cr,Cb) rl_decode_block(Yblk,src,iq_y), yuv_to_rgb(8,0) ;Y3 (and lower-left Cr,Cb) rl_decode_block(Yblk,src,iq_y), yuv_to_rgb(8,8) ;Y4 (and lower-right Cr,Cb) |
rl_decode_block(Yblk,src,iq_y), y_to_mono ;Y |
for i=0 to 63, blk[i]=0, next i ;initially zerofill all entries (for skip) @@skip: n=[src], src=src+2, k=0 ;get first entry, init dest addr k=0 if n=FE00h then @@skip ;ignore padding (FE00h as first halfword) q_scale=(n SHR 10) AND 3Fh ;contains scale value (not "skip" value) val=signed10bit(n AND 3FFh)*qt[k] ;calc first value (without q_scale/8) (?) @@lop: if q_scale=0 then val=signed10bit(n AND 3FFh)*2 ;special mode without qt[k] val=minmax(val,-400h,+3FFh) ;saturate to signed 11bit range val=val*scalezag[i] ;<-- for "fast_idct_core" only if q_scale>0 then blk[zagzig[k]]=val ;store entry (normal case) if q_scale=0 then blk[k]=val ;store entry (special, no zigzag) n=[src], src=src+2 ;get next entry (or FE00h end code) k=k+((n SHR 10) AND 3Fh)+1 ;skip zerofilled entries val=(signed10bit(n AND 3FFh)*qt[k]*q_scale+4)/8 ;calc value for next entry if k<=63 then jump @@lop ;should end with n=FE00h (that sets k>63) idct_core(blk) return (with "src" address advanced) |
src=blk, dst=temp_buffer
for pass=0 to 1
for i=0 to 7
if src[(1..7)*8+i]=0 then ;when src[(1..7)*8+i] are all zero:
dst[i*8+(0..7)]=src[0*8+i] ;quick fill by src[0*8+i]
else
z10=src[0*8+i]+src[4*8+i], z11=src[0*8+i]-src[4*8+i]
z13=src[2*8+i]+src[6*8+i], z12=src[2*8+i]-src[6*8+i]
z12=(1.414213562*z12)-z13 ;=sqrt(2)
tmp0=z10+z13, tmp3=z10-z13, tmp1=z11+z12, tmp2=z11-z12
z13=src[3*8+i]+src[5*8+i], z10=src[3*8+i]-src[5*8+i]
z11=src[1*8+i]+src[7*8+i], z12=src[1*8+i]-src[7*8+i]
z5 =(1.847759065*(z12-z10)) ;=sqrt(2)*scalefactor[2]
tmp7=z11+z13
tmp6=(2.613125930*(z10))+z5-tmp7 ;=scalefactor[2]*2
tmp5=(1.414213562*(z11-z13))-tmp6 ;=sqrt(2)
tmp4=(1.082392200*(z12))-z5+tmp5 ;=sqrt(2)/scalefactor[2]
dst[i*8+0]=tmp0+tmp7, dst[i*8+7]=tmp0-tmp7
dst[i*8+1]=tmp1+tmp6, dst[i*8+6]=tmp1-tmp6
dst[i*8+2]=tmp2+tmp5, dst[i*8+5]=tmp2-tmp5
dst[i*8+4]=tmp3+tmp4, dst[i*8+3]=tmp3-tmp4
endif
next i
swap(src,dst)
next pass
|
src=blk, dst=temp_buffer
for pass=0 to 1
for x=0 to 7
for y=0 to 7
sum=0
for z=0 to 7
sum=sum+src[y+z*8]*(scaletable[x+z*8]/8)
next z
dst[x+y*8]=(sum+0fffh)/2000h ;<-- or so?
next y
next x
swap(src,dst)
next pass
|
for y=0 to 7
for x=0 to 7
R=[Crblk+((x+xx)/2)+((y+yy)/2)*8], B=[Cbblk+((x+xx)/2)+((y+yy)/2)*8]
G=(-0.3437*B)+(-0.7143*R), R=(1.402*R), B=(1.772*B)
Y=[Yblk+(x)+(y)*8]
R=MinMax(-128,127,(Y+R))
G=MinMax(-128,127,(Y+G))
B=MinMax(-128,127,(Y+B))
if unsigned then BGR=BGR xor 808080h ;aka add 128 to the R,G,B values
dst[(x+xx)+(y+yy)*16]=BGR
next x
next y
|
for i=0 to 63
Y=[Yblk+i]
Y=Y AND 1FFh ;clip to signed 9bit range
Y=MinMax(-128,127,Y) ;saturate from 9bit to signed 8bit range
if unsigned then Y=Y xor 80h ;aka add 128 to the Y value
dst[i]=Y
next i
|
iqtab_core(iq_y,src), src=src+64 ;luminance quant table
if command_word.bit0=1
iqtab_core(iq_uv,src), src=src+64 ;color quant table (optional)
endif
|
for i=0 to 63, iq[i]=src[i], next i |
1.000000000, 1.387039845, 1.306562965, 1.175875602, 1.000000000, 0.785694958, 0.541196100, 0.275899379 |
0 ,1 ,5 ,6 ,14,15,27,28, 2 ,4 ,7 ,13,16,26,29,42, 3 ,8 ,12,17,25,30,41,43, 9 ,11,18,24,31,40,44,53, 10,19,23,32,39,45,52,54, 20,22,33,38,46,51,55,60, 21,34,37,47,50,56,59,61, 35,36,48,49,57,58,62,63 |
for y=0 to 7
for x=0 to 7
scalezag[zigzag[x+y*8]] = scalefactor[x] * scalefactor[y] / 8
next x
next y
|
for i=0 to 63, zagzig[zigzag[i]]=i, next i |
5A82 5A82 5A82 5A82 5A82 5A82 5A82 5A82 7D8A 6A6D 471C 18F8 E707 B8E3 9592 8275 7641 30FB CF04 89BE 89BE CF04 30FB 7641 6A6D E707 8275 B8E3 471C 7D8A 18F8 9592 5A82 A57D A57D 5A82 5A82 A57D A57D 5A82 471C 8275 18F8 6A6D 9592 E707 7D8A B8E3 30FB 89BE 7641 CF04 CF04 7641 89BE 30FB 18F8 B8E3 6A6D 8275 7D8A 9592 471C E707 |
+s0 +s0 +s0 +s0 +s0 +s0 +s0 +s0 +s1 +s3 +s5 +s7 -s7 -s5 -s3 -s1 +s2 +s6 -s6 -s2 -s2 -s6 +s6 +s2 +s3 -s7 -s1 -s5 +s5 +s1 +s7 -s3 +s4 -s4 -s4 +s4 +s4 -s4 -s4 +s4 +s5 -s1 +s7 +s3 -s3 -s7 +s1 -s5 +s6 -s2 +s2 -s6 -s6 +s2 -s2 +s6 +s7 -s5 +s3 -s1 +s1 -s3 +s5 -s7 |
| MDEC Data Format |
.-----. .-----. .-----. .-----. | | | | |Y1|Y2| | | | Cr | + | Cb | + |--+--| ----> | RGB | | | | | |Y3|Y4| | | '-----' '-----' '-----' '-----' |
.--. .--. |Y | ----> |Y | '--' '--' |
DCT ;1 halfword RLE,RLE,RLE,etc. ;0..63 halfwords EOB ;1 halfword |
15-10 Q Quantization factor (6 bits, unsigned) 9-0 DC Direct Current reference (10 bits, signed) |
15-10 LEN Number of zero AC values to be inserted (6 bits, unsigned) 9-0 AC Relative AC value (10 bits, signed) |
15-0 End-code (Fixed, FE00h) |
| Sound Processing Unit (SPU) |
| SPU Overview |
1F801C00h..1F801D7Fh - Voice 0..23 Registers (eight 16bit regs per voice) 1F801D80h..1F801D87h - SPU Control (volume) 1F801D88h..1F801D9Fh - Voice 0..23 Flags (six 1bit flags per voice) 1F801DA2h..1F801DBFh - SPU Control (memory, control, etc.) 1F801DC0h..1F801DFFh - Reverb configuration area 1F801E00h..1F801E5Fh - Voice 0..23 Internal Registers 1F801E60h..1F801E7Fh - Unknown? 1F801E80h..1F801FFFh - Unused? |
00000h-003FFh CD Audio left (1Kbyte) ;\CD Audio before Volume processing 00400h-007FFh CD Audio right (1Kbyte) ;/signed 16bit samples at 44.1kHz 00800h-00BFFh Voice 1 mono (1Kbyte) ;\Voice 1 and 3 after ADSR processing 00C00h-00FFFh Voice 3 mono (1Kbyte) ;/signed 16bit samples at 44.1kHz 01000h-xxxxxh ADPCM Samples (first 16bytes usually contain a Sine wave) xxxxxh-7FFFFh Reverb work area |
| SPU ADPCM Samples |
15-0 Startaddress of sound in Sound buffer (in 8-byte units) |
15-0 Address sample loops to at end (in 8-byte units) |
00h Shift/Filter (reportedly same as for CD-XA) (see there) 01h Flag Bits (see below) 02h Compressed Data (LSBs=1st Sample, MSBs=2nd Sample) 03h Compressed Data (LSBs=3rd Sample, MSBs=4th Sample) 04h Compressed Data (LSBs=5th Sample, MSBs=6th Sample) ... ... 0Fh Compressed Data (LSBs=27th Sample, MSBs=28th Sample) |
0 Loop End (0=No change, 1=Set ENDX flag and Jump to [1F801C0Eh+N*10h]) 1 Loop Repeat (0=Force Release and set ADSR Level to Zero; only if Bit0=1) 2 Loop Start (0=No change, 1=Copy current address to [1F801C0Eh+N*10h]) 3-7 Unknown (usually 0) |
Code 0 = Normal (continue at next 16-byte block) Code 1 = End+Mute (jump to Loop-address, set ENDX flag, Release, Env=0000h) Code 2 = Ignored (same as Code 0) Code 3 = End+Repeat (jump to Loop-address, set ENDX flag) |
| SPU ADPCM Pitch |
0-15 Sample rate (0=stop, 4000h=fastest, 4001h..FFFFh=usually same as 4000h) |
0 Unknown... Unused? 1-23 Flags for Voice 1..23 (0=Normal, 1=Modulate by Voice 0..22) 24-31 Not used |
Step = VxPitch ;range +0000h..+FFFFh (0...705.6 kHz)
IF PMON.Bit(x)=1 AND (x>0) ;pitch modulation enable
Factor = VxOUTX(x-1) ;range -8000h..+7FFFh (prev voice amplitude)
Factor = Factor+8000h ;range +0000h..+FFFFh (factor = 0.00 .. 1.99)
Step=SignExpand16to32(Step) ;hardware glitch on VxPitch>7FFFh, make sign
Step = (Step * Factor) SAR 15 ;range 0..1FFFFh (glitchy if VxPitch>7FFFh)
Step=Step AND 0000FFFFh ;hardware glitch on VxPitch>7FFFh, kill sign
IF Step>3FFFh then Step=4000h ;range +0000h..+3FFFh (0.. 176.4kHz)
Counter = Counter + Step
|
out = ((gauss[0FFh-i] * oldest) SAR 15) out = out + ((gauss[1FFh-i] * older) SAR 15) out = out + ((gauss[100h+i] * old) SAR 15) out = out + ((gauss[000h+i] * new) SAR 15) |
-001h,-001h,-001h,-001h,-001h,-001h,-001h,-001h ;\ -001h,-001h,-001h,-001h,-001h,-001h,-001h,-001h ; 0000h,0000h,0000h,0000h,0000h,0000h,0000h,0001h ; 0001h,0001h,0001h,0002h,0002h,0002h,0003h,0003h ; 0003h,0004h,0004h,0005h,0005h,0006h,0007h,0007h ; 0008h,0009h,0009h,000Ah,000Bh,000Ch,000Dh,000Eh ; 000Fh,0010h,0011h,0012h,0013h,0015h,0016h,0018h ; entry 0019h,001Bh,001Ch,001Eh,0020h,0021h,0023h,0025h ; 000h..07Fh 0027h,0029h,002Ch,002Eh,0030h,0033h,0035h,0038h ; 003Ah,003Dh,0040h,0043h,0046h,0049h,004Dh,0050h ; 0054h,0057h,005Bh,005Fh,0063h,0067h,006Bh,006Fh ; 0074h,0078h,007Dh,0082h,0087h,008Ch,0091h,0096h ; 009Ch,00A1h,00A7h,00ADh,00B3h,00BAh,00C0h,00C7h ; 00CDh,00D4h,00DBh,00E3h,00EAh,00F2h,00FAh,0101h ; 010Ah,0112h,011Bh,0123h,012Ch,0135h,013Fh,0148h ; 0152h,015Ch,0166h,0171h,017Bh,0186h,0191h,019Ch ;/ 01A8h,01B4h,01C0h,01CCh,01D9h,01E5h,01F2h,0200h ;\ 020Dh,021Bh,0229h,0237h,0246h,0255h,0264h,0273h ; 0283h,0293h,02A3h,02B4h,02C4h,02D6h,02E7h,02F9h ; 030Bh,031Dh,0330h,0343h,0356h,036Ah,037Eh,0392h ; 03A7h,03BCh,03D1h,03E7h,03FCh,0413h,042Ah,0441h ; 0458h,0470h,0488h,04A0h,04B9h,04D2h,04ECh,0506h ; 0520h,053Bh,0556h,0572h,058Eh,05AAh,05C7h,05E4h ; entry 0601h,061Fh,063Eh,065Ch,067Ch,069Bh,06BBh,06DCh ; 080h..0FFh 06FDh,071Eh,0740h,0762h,0784h,07A7h,07CBh,07EFh ; 0813h,0838h,085Dh,0883h,08A9h,08D0h,08F7h,091Eh ; 0946h,096Fh,0998h,09C1h,09EBh,0A16h,0A40h,0A6Ch ; 0A98h,0AC4h,0AF1h,0B1Eh,0B4Ch,0B7Ah,0BA9h,0BD8h ; 0C07h,0C38h,0C68h,0C99h,0CCBh,0CFDh,0D30h,0D63h ; 0D97h,0DCBh,0E00h,0E35h,0E6Bh,0EA1h,0ED7h,0F0Fh ; 0F46h,0F7Fh,0FB7h,0FF1h,102Ah,1065h,109Fh,10DBh ; 1116h,1153h,118Fh,11CDh,120Bh,1249h,1288h,12C7h ;/ 1307h,1347h,1388h,13C9h,140Bh,144Dh,1490h,14D4h ;\ 1517h,155Ch,15A0h,15E6h,162Ch,1672h,16B9h,1700h ; 1747h,1790h,17D8h,1821h,186Bh,18B5h,1900h,194Bh ; 1996h,19E2h,1A2Eh,1A7Bh,1AC8h,1B16h,1B64h,1BB3h ; 1C02h,1C51h,1CA1h,1CF1h,1D42h,1D93h,1DE5h,1E37h ; 1E89h,1EDCh,1F2Fh,1F82h,1FD6h,202Ah,207Fh,20D4h ; 2129h,217Fh,21D5h,222Ch,2282h,22DAh,2331h,2389h ; entry 23E1h,2439h,2492h,24EBh,2545h,259Eh,25F8h,2653h ; 100h..17Fh 26ADh,2708h,2763h,27BEh,281Ah,2876h,28D2h,292Eh ; 298Bh,29E7h,2A44h,2AA1h,2AFFh,2B5Ch,2BBAh,2C18h ; 2C76h,2CD4h,2D33h,2D91h,2DF0h,2E4Fh,2EAEh,2F0Dh ; 2F6Ch,2FCCh,302Bh,308Bh,30EAh,314Ah,31AAh,3209h ; 3269h,32C9h,3329h,3389h,33E9h,3449h,34A9h,3509h ; 3569h,35C9h,3629h,3689h,36E8h,3748h,37A8h,3807h ; 3867h,38C6h,3926h,3985h,39E4h,3A43h,3AA2h,3B00h ; 3B5Fh,3BBDh,3C1Bh,3C79h,3CD7h,3D35h,3D92h,3DEFh ;/ 3E4Ch,3EA9h,3F05h,3F62h,3FBDh,4019h,4074h,40D0h ;\ 412Ah,4185h,41DFh,4239h,4292h,42EBh,4344h,439Ch ; 43F4h,444Ch,44A3h,44FAh,4550h,45A6h,45FCh,4651h ; 46A6h,46FAh,474Eh,47A1h,47F4h,4846h,4898h,48E9h ; 493Ah,498Ah,49D9h,4A29h,4A77h,4AC5h,4B13h,4B5Fh ; 4BACh,4BF7h,4C42h,4C8Dh,4CD7h,4D20h,4D68h,4DB0h ; 4DF7h,4E3Eh,4E84h,4EC9h,4F0Eh,4F52h,4F95h,4FD7h ; entry 5019h,505Ah,509Ah,50DAh,5118h,5156h,5194h,51D0h ; 180h..1FFh 520Ch,5247h,5281h,52BAh,52F3h,532Ah,5361h,5397h ; 53CCh,5401h,5434h,5467h,5499h,54CAh,54FAh,5529h ; 5558h,5585h,55B2h,55DEh,5609h,5632h,565Bh,5684h ; 56ABh,56D1h,56F6h,571Bh,573Eh,5761h,5782h,57A3h ; 57C3h,57E2h,57FFh,581Ch,5838h,5853h,586Dh,5886h ; 589Eh,58B5h,58CBh,58E0h,58F4h,5907h,5919h,592Ah ; 593Ah,5949h,5958h,5965h,5971h,597Ch,5986h,598Fh ; 5997h,599Eh,59A4h,59A9h,59ADh,59B0h,59B2h,59B3h ;/ |
Incoming ADPCM Data ---> Interpolated Data _ _ _ _ | | | | | | | | . . . . Nibbles=79797979, Filter=0 | | | | | | | | ---> / \ / \ / \ / \ HALF-volume ZIGZAG-wave | |_| |_| |_| |_ ' ' ' ' ___ ___ | | | | .'. .'. Nibbles=77997799, Filter=0 | | | | ---> / \ / \ FULL-volume SINE-wave | |___| |___ ' '.' '. _______ ___ | | .' '. Nibbles=77779999, Filter=0 | | ---> / \ SQUARE wave (with rounded edges) | |_______ ' '.____ _____ _ __ | |_ _| .' ''. .' Nibbles=7777CC44, Filter=0 | |___| ---> / '..' CUSTOM wave-form | ' ___ __ | |___| | _ \ ! / . \ ! / Nibbles=77DE9HZK, Filter=V |_ ____| _| ---> - + - + - + - SOLAR STORM wave-form __| |______|___ / ! \ ' / ! \ |
| SPU Volume and ADSR Generator |
____lower 16bit (at 1F801C08h+N*10h)___________________________________ 15 Attack Mode (0=Linear, 1=Exponential) - Attack Direction (Fixed, always Increase) (until Level 7FFFh) 14-10 Attack Shift (0..1Fh = Fast..Slow) 9-8 Attack Step (0..3 = "+7,+6,+5,+4") - Decay Mode (Fixed, always Exponential) - Decay Direction (Fixed, always Decrease) (until Sustain Level) 7-4 Decay Shift (0..0Fh = Fast..Slow) - Decay Step (Fixed, always "-8") 3-0 Sustain Level (0..0Fh) ;Level=(N+1)*800h ____upper 16bit (at 1F801C0Ah+N*10h)___________________________________ 31 Sustain Mode (0=Linear, 1=Exponential) 30 Sustain Direction (0=Increase, 1=Decrease) (until Key OFF flag) 29 Not used? (should be zero) 28-24 Sustain Shift (0..1Fh = Fast..Slow) 23-22 Sustain Step (0..3 = "+7,+6,+5,+4" or "-8,-7,-6,-5") (inc/dec) 21 Release Mode (0=Linear, 1=Exponential) - Release Direction (Fixed, always Decrease) (until Level 0000h) 20-16 Release Shift (0..1Fh = Fast..Slow) - Release Step (Fixed, always "-8") |
15 Must be zero (0=Volume Mode) 0-14 Voice volume/2 (-4000h..+3FFFh = Volume -8000h..+7FFEh) |
15 Must be set (1=Sweep Mode) 14 Sweep Mode (0=Linear, 1=Exponential) 13 Sweep Direction (0=Increase, 1=Decrease) 12 Sweep Phase (0=Positive, 1=Negative) 7-11 Not used? (should be zero) 6-2 Sweep Shift (0..1Fh = Fast..Slow) 1-0 Sweep Step (0..3 = "+7,+6,+5,+4" or "-8,-7,-6,-5") (inc/dec) |
0-15 Volume Left (-8000h..+7FFFh) 16-31 Volume Right (-8000h..+7FFFh) |
AdsrCycles = 1 SHL Max(0,ShiftValue-11) AdsrStep = StepValue SHL Max(0,11-ShiftValue) IF exponential AND increase AND AdsrLevel>6000h THEN AdsrCycles=AdsrCycles*4 IF exponential AND decrease THEN AdsrStep=AdsrStep*AdsrLevel/8000h Wait(AdsrCycles) ;cycles counted at 44.1kHz clock AdsrLevel=AdsrLevel+AdsrStep ;saturated to 0..+7FFFh |
15-0 Current ADSR Volume (0..+7FFFh) (or -8000h..+7FFFh on manual write) |
0-15 Current Volume Left (-8000h..+7FFFh) 16-31 Current Volume Right (-8000h..+7FFFh) |
| SPU Voice Flags |
0-23 Voice 0..23 On (0=No change, 1=Start Attack/Decay/Sustain) 24-31 Not used |
0-23 Voice 0..23 Off (0=No change, 1=Start Release) 24-31 Not used |
0-23 Voice 0..23 Status (0=Newly Keyed On, 1=Reached LOOP-END) 24-31 Not used |
| SPU Noise Generator |
0-23 Voice 0..23 Noise (0=ADPCM, 1=Noise) 24-31 Not used |
Wait(1 cycle) ;at 44.1kHz clock Timer=Timer-NoiseStep ;subtract Step (4..7) ParityBit = NoiseLevel.Bit15 xor Bit12 xor Bit11 xor Bit10 xor 1 IF Timer<0 then NoiseLevel = NoiseLevel*2 + ParityBit IF Timer<0 then Timer=Timer+(20000h SHR NoiseShift) ;reload timer once IF Timer<0 then Timer=Timer+(20000h SHR NoiseShift) ;reload again if needed |
| SPU Control and Status Register |
15 SPU Enable (0=Off, 1=On) (Don't care for CD Audio) 14 Mute SPU (0=Mute, 1=Unmute) (Don't care for CD Audio) 13-10 Noise Frequency Shift (0..0Fh = Low .. High Frequency) 9-8 Noise Frequency Step (0..03h = Step "4,5,6,7") 7 Reverb Master Enable (0=Disabled, 1=Enabled) 6 IRQ9 Enable (0=Disabled/Acknowledge, 1=Enabled; only when Bit15=1) 5-4 Sound RAM Transfer Mode (0=Stop, 1=ManualWrite, 2=DMAwrite, 3=DMAread) 3 External Audio Reverb (0=Off, 1=On) 2 CD Audio Reverb (0=Off, 1=On) (for CD-DA and XA-ADPCM) 1 External Audio Enable (0=Off, 1=On) 0 CD Audio Enable (0=Off, 1=On) (for CD-DA and XA-ADPCM) |
15-12 Unknown/Unused (seems to be usually zero) 11 Writing to First/Second half of Capture Buffers (0=First, 1=Second) 10 Data Transfer Busy Flag (0=Ready, 1=Busy) 9 Data Transfer DMA Read Request (0=No, 1=Yes) 8 Data Transfer DMA Write Request (0=No, 1=Yes) 7 Data Transfer DMA Read/Write Request ;seems to be same as SPUCNT.Bit5 6 IRQ9 Flag (0=No, 1=Interrupt Request) 5-0 Current SPU Mode (same as SPUCNT.Bit5-0, but, applied a bit delayed) |
| SPU Memory Access |
15-0 Address in sound buffer divided by eight |
15-0 Data (max 32 halfwords) |
15-4 Unknown/no effect? (should be zero) 3-1 Sound RAM Data Transfer Type (see below) (should be 2) 0 Unknown/no effect? (should be zero) |
__Transfer Type___Halfwords in Fifo________Halfwords written to SPU RAM__ 0,1,6,7 Fill A,B,C,D,E,F,G,H,...,X X,X,X,X,X,X,X,X,... 2 Normal A,B,C,D,E,F,G,H,...,X A,B,C,D,E,F,G,H,... 3 Rep2 A,B,C,D,E,F,G,H,...,X A,A,C,C,E,E,G,G,... 4 Rep4 A,B,C,D,E,F,G,H,...,X A,A,A,A,E,E,E,E,... 5 Rep8 A,B,C,D,E,F,G,H,...,X H,H,H,H,H,H,H,H,... |
Below problems (and workarounds) apply ONLY if [1F801014h].bit24-27 = zero. Ie. below info describes what happens when [1F801014h] is mis-initialized. Normally one should set [1F801014h]=220931E1h (and can ignore below info). |
1st block: FFFFh, halfwords[00h..1Eh] 2nd block: FFFFh, halfwords[20h..3Eh] etc. |
1st block: FFFFh, halfwords[00h..1Eh], twice halfword[1Fh] 2nd block: FFFFh, halfwords[20h..3Eh], twice halfword[3Fh] etc. |
1st block: FFFFh, halfwords[00h,00h,..0Eh,0Eh], triple halfword[0Fh] 2nd block: FFFFh, halfwords[10h,10h,..1Eh,1Eh], triple halfword[1Fh] etc. |
| SPU Interrupt |
15-0 Address in sound buffer divided by eight |
| SPU Reverb Registers |
Port Reg Name Type Expl. 1F801D84h spu vLOUT volume Reverb Output Volume Left 1F801D86h spu vROUT volume Reverb Output Volume Right 1F801DA2h spu mBASE base Reverb Work Area Start Address in Sound RAM 1F801DC0h rev00 dAPF1 disp Reverb APF Offset 1 1F801DC2h rev01 dAPF2 disp Reverb APF Offset 2 1F801DC4h rev02 vIIR volume Reverb Reflection Volume 1 1F801DC6h rev03 vCOMB1 volume Reverb Comb Volume 1 1F801DC8h rev04 vCOMB2 volume Reverb Comb Volume 2 1F801DCAh rev05 vCOMB3 volume Reverb Comb Volume 3 1F801DCCh rev06 vCOMB4 volume Reverb Comb Volume 4 1F801DCEh rev07 vWALL volume Reverb Reflection Volume 2 1F801DD0h rev08 vAPF1 volume Reverb APF Volume 1 1F801DD2h rev09 vAPF2 volume Reverb APF Volume 2 1F801DD4h rev0A mLSAME src/dst Reverb Same Side Reflection Address 1 Left 1F801DD6h rev0B mRSAME src/dst Reverb Same Side Reflection Address 1 Right 1F801DD8h rev0C mLCOMB1 src Reverb Comb Address 1 Left 1F801DDAh rev0D mRCOMB1 src Reverb Comb Address 1 Right 1F801DDCh rev0E mLCOMB2 src Reverb Comb Address 2 Left 1F801DDEh rev0F mRCOMB2 src Reverb Comb Address 2 Right 1F801DE0h rev10 dLSAME src Reverb Same Side Reflection Address 2 Left 1F801DE2h rev11 dRSAME src Reverb Same Side Reflection Address 2 Right 1F801DE4h rev12 mLDIFF src/dst Reverb Different Side Reflect Address 1 Left 1F801DE6h rev13 mRDIFF src/dst Reverb Different Side Reflect Address 1 Right 1F801DE8h rev14 mLCOMB3 src Reverb Comb Address 3 Left 1F801DEAh rev15 mRCOMB3 src Reverb Comb Address 3 Right 1F801DECh rev16 mLCOMB4 src Reverb Comb Address 4 Left 1F801DEEh rev17 mRCOMB4 src Reverb Comb Address 4 Right 1F801DF0h rev18 dLDIFF src Reverb Different Side Reflect Address 2 Left 1F801DF2h rev19 dRDIFF src Reverb Different Side Reflect Address 2 Right 1F801DF4h rev1A mLAPF1 src/dst Reverb APF Address 1 Left 1F801DF6h rev1B mRAPF1 src/dst Reverb APF Address 1 Right 1F801DF8h rev1C mLAPF2 src/dst Reverb APF Address 2 Left 1F801DFAh rev1D mRAPF2 src/dst Reverb APF Address 2 Right 1F801DFCh rev1E vLIN volume Reverb Input Volume Left 1F801DFEh rev1F vRIN volume Reverb Input Volume Right |
0-23 Voice 0..23 Destination (0=To Mixer, 1=To Mixer and to Reverb) 24-31 Not used |
| SPU Reverb Formula |
___Input from Mixer (Input volume multiplied with incoming data)_____________ Lin = vLIN * LeftInput ;from any channels that have Reverb enabled Rin = vRIN * RightInput ;from any channels that have Reverb enabled ____Same Side Reflection (left-to-left and right-to-right)___________________ [mLSAME] = (Lin + [dLSAME]*vWALL - [mLSAME-2])*vIIR + [mLSAME-2] ;L-to-L [mRSAME] = (Rin + [dRSAME]*vWALL - [mRSAME-2])*vIIR + [mRSAME-2] ;R-to-R ___Different Side Reflection (left-to-right and right-to-left)_______________ [mLDIFF] = (Lin + [dRDIFF]*vWALL - [mLDIFF-2])*vIIR + [mLDIFF-2] ;R-to-L [mRDIFF] = (Rin + [dLDIFF]*vWALL - [mRDIFF-2])*vIIR + [mRDIFF-2] ;L-to-R ___Early Echo (Comb Filter, with input from buffer)__________________________ Lout=vCOMB1*[mLCOMB1]+vCOMB2*[mLCOMB2]+vCOMB3*[mLCOMB3]+vCOMB4*[mLCOMB4] Rout=vCOMB1*[mRCOMB1]+vCOMB2*[mRCOMB2]+vCOMB3*[mRCOMB3]+vCOMB4*[mRCOMB4] ___Late Reverb APF1 (All Pass Filter 1, with input from COMB)________________ Lout=Lout-vAPF1*[mLAPF1-dAPF1], [mLAPF1]=Lout, Lout=Lout*vAPF1+[mLAPF1-dAPF1] Rout=Rout-vAPF1*[mRAPF1-dAPF1], [mRAPF1]=Rout, Rout=Rout*vAPF1+[mRAPF1-dAPF1] ___Late Reverb APF2 (All Pass Filter 2, with input from APF1)________________ Lout=Lout-vAPF2*[mLAPF2-dAPF2], [mLAPF2]=Lout, Lout=Lout*vAPF2+[mLAPF2-dAPF2] Rout=Rout-vAPF2*[mRAPF2-dAPF2], [mRAPF2]=Rout, Rout=Rout*vAPF2+[mRAPF2-dAPF2] ___Output to Mixer (Output volume multiplied with input from APF2)___________ LeftOutput = Lout*vLOUT RightOutput = Rout*vROUT ___Finally, before repeating the above steps_________________________________ BufferAddress = MAX(mBASE, (BufferAddress+2) AND 7FFFEh) Wait one 22050Hz cycle, then repeat the above stuff |
| SPU Reverb Examples |
dAPF1 dAPF2 vIIR vCOMB1 vCOMB2 vCOMB3 vCOMB4 vWALL ;1F801DC0h..CEh vAPF1 vAPF2 mLSAME mRSAME mLCOMB1 mRCOMB1 mLCOMB2 mRCOMB2 ;1F801DD0h..DEh dLSAME dRSAME mLDIFF mRDIFF mLCOMB3 mRCOMB3 mLCOMB4 mRCOMB4 ;1F801DE0h..EEh dLDIFF dRDIFF mLAPF1 mRAPF1 mLAPF2 mRAPF2 vLIN vRIN ;1F801DF0h..FEh |
007Dh,005Bh,6D80h,54B8h,BED0h,0000h,0000h,BA80h 5800h,5300h,04D6h,0333h,03F0h,0227h,0374h,01EFh 0334h,01B5h,0000h,0000h,0000h,0000h,0000h,0000h 0000h,0000h,01B4h,0136h,00B8h,005Ch,8000h,8000h |
0033h,0025h,70F0h,4FA8h,BCE0h,4410h,C0F0h,9C00h 5280h,4EC0h,03E4h,031Bh,03A4h,02AFh,0372h,0266h 031Ch,025Dh,025Ch,018Eh,022Fh,0135h,01D2h,00B7h 018Fh,00B5h,00B4h,0080h,004Ch,0026h,8000h,8000h |
00B1h,007Fh,70F0h,4FA8h,BCE0h,4510h,BEF0h,B4C0h 5280h,4EC0h,0904h,076Bh,0824h,065Fh,07A2h,0616h 076Ch,05EDh,05ECh,042Eh,050Fh,0305h,0462h,02B7h 042Fh,0265h,0264h,01B2h,0100h,0080h,8000h,8000h |
00E3h,00A9h,6F60h,4FA8h,BCE0h,4510h,BEF0h,A680h 5680h,52C0h,0DFBh,0B58h,0D09h,0A3Ch,0BD9h,0973h 0B59h,08DAh,08D9h,05E9h,07ECh,04B0h,06EFh,03D2h 05EAh,031Dh,031Ch,0238h,0154h,00AAh,8000h,8000h |
01A5h,0139h,6000h,5000h,4C00h,B800h,BC00h,C000h 6000h,5C00h,15BAh,11BBh,14C2h,10BDh,11BCh,0DC1h 11C0h,0DC3h,0DC0h,09C1h,0BC4h,07C1h,0A00h,06CDh 09C2h,05C1h,05C0h,041Ah,0274h,013Ah,8000h,8000h |
0017h,0013h,70F0h,4FA8h,BCE0h,4510h,BEF0h,8500h 5F80h,54C0h,0371h,02AFh,02E5h,01DFh,02B0h,01D7h 0358h,026Ah,01D6h,011Eh,012Dh,00B1h,011Fh,0059h 01A0h,00E3h,0058h,0040h,0028h,0014h,8000h,8000h |
033Dh,0231h,7E00h,5000h,B400h,B000h,4C00h,B000h 6000h,5400h,1ED6h,1A31h,1D14h,183Bh,1BC2h,16B2h 1A32h,15EFh,15EEh,1055h,1334h,0F2Dh,11F6h,0C5Dh 1056h,0AE1h,0AE0h,07A2h,0464h,0232h,8000h,8000h |
0001h,0001h,7FFFh,7FFFh,0000h,0000h,0000h,8100h 0000h,0000h,1FFFh,0FFFh,1005h,0005h,0000h,0000h 1005h,0005h,0000h,0000h,0000h,0000h,0000h,0000h 0000h,0000h,1004h,1002h,0004h,0002h,8000h,8000h |
0001h,0001h,7FFFh,7FFFh,0000h,0000h,0000h,0000h 0000h,0000h,1FFFh,0FFFh,1005h,0005h,0000h,0000h 1005h,0005h,0000h,0000h,0000h,0000h,0000h,0000h 0000h,0000h,1004h,1002h,0004h,0002h,8000h,8000h |
0000h,0000h,0000h,0000h,0000h,0000h,0000h,0000h 0000h,0000h,0001h,0001h,0001h,0001h,0001h,0001h 0000h,0000h,0001h,0001h,0001h,0001h,0001h,0001h 0000h,0000h,0001h,0001h,0001h,0001h,0000h,0000h |
| SPU Unknown Registers |
0-15 Unknown? |
80 21 4B DF |
.. 31 .. .. |
7E 61 A9 96 47 39 F9 1E E1 E1 80 DD E8 17 7F FB FB BF 1D 6C 8F EC F3 04 06 23 89 45 C1 6D 31 82 |
.. .. .. .. .. .. .. .. .. .. .. .. .. .. 7B .. .. .. .. .. .. .. .. .. 04 .. .. .. .. .. .. 86 |
| Interrupts |
0 IRQ0 VBLANK (PAL=50Hz, NTSC=60Hz) 1 IRQ1 GPU Can be requested via GP0(1Fh) command (rarely used) 2 IRQ2 CDROM 3 IRQ3 DMA 4 IRQ4 TMR0 Timer 0 aka Root Counter 0 (Sysclk or Dotclk) 5 IRQ5 TMR1 Timer 1 aka Root Counter 1 (Sysclk or H-blank) 6 IRQ6 TMR2 Timer 2 aka Root Counter 2 (Sysclk or Sysclk/8) 7 IRQ7 Controller and Memory Card - Byte Received Interrupt 8 IRQ8 SIO 9 IRQ9 SPU 10 IRQ10 Controller - Lightpen Interrupt (reportedly also PIO...?) 11-15 Not used (always zero) 16-31 Garbage |
First, acknowledge I_STAT (eg. I_STAT.bit7=0) Then, acknowledge corresponding I/O port (eg. JOY_CTRL.bit4=1) |
| DMA Channels |
1F80108xh DMA0 channel 0 MDECin (RAM to MDEC) 1F80109xh DMA1 channel 1 MDECout (MDEC to RAM) 1F8010Axh DMA2 channel 2 GPU (lists + image data) 1F8010Bxh DMA3 channel 3 CDROM (CDROM to RAM) 1F8010Cxh DMA4 channel 4 SPU 1F8010Dxh DMA5 channel 5 PIO (Expansion Port) 1F8010Exh DMA6 channel 6 OTC (reverse clear OT) (GPU related) 1F8010F0h DPCR - DMA Control register 1F8010F4h DICR - DMA Interrupt register |
0-23 Memory Address where the DMA will start reading from/writing to 24-31 Not used (always zero) |
0-15 BC Number of words (0001h..FFFFh) (or 0=10000h words)
16-31 0 Not used (usually 0 for OTC, or 1 ("one block") for CDROM)
|
0-15 BS Blocksize (words) ;for GPU/SPU max 10h, for MDEC max 20h 16-31 BA Amount of blocks ;ie. total length = BS*BA words |
0-31 0 Not used (should be zero) (transfer ends at END-CODE in list) |
0 Transfer Direction (0=To Main RAM, 1=From Main RAM)
1 Memory Address Step (0=Forward;+4, 1=Backward;-4)
2-7 Not used (always zero)
8 Chopping Enable (0=Normal, 1=Chopping; run CPU during DMA gaps)
9-10 SyncMode, Transfer Synchronisation/Mode (0-3):
0 Start immediately and transfer all at once (used for CDROM, OTC)
1 Sync blocks to DMA requests (used for MDEC, SPU, and GPU-data)
2 Linked-List mode (used for GPU-command-lists)
3 Reserved (not used)
11-15 Not used (always zero)
16-18 Chopping DMA Window Size (1 SHL N words)
19 Not used (always zero)
20-22 Chopping CPU Window Size (1 SHL N clks)
23 Not used (always zero)
24 Start/Busy (0=Stopped/Completed, 1=Start/Enable/Busy)
25-27 Not used (always zero)
28 Start/Trigger (0=Normal, 1=Manual Start; use for SyncMode=0)
29 Unknown (R/W) Pause? (0=No, 1=Pause?) (For SyncMode=0 only?)
30 Unknown (R/W)
31 Not used (always zero)
|
0-2 DMA0, MDECin Priority (0..7; 0=Highest, 7=Lowest) 3 DMA0, MDECin Master Enable (0=Disable, 1=Enable) 4-6 DMA1, MDECout Priority (0..7; 0=Highest, 7=Lowest) 7 DMA1, MDECout Master Enable (0=Disable, 1=Enable) 8-10 DMA2, GPU Priority (0..7; 0=Highest, 7=Lowest) 11 DMA2, GPU Master Enable (0=Disable, 1=Enable) 12-14 DMA3, CDROM Priority (0..7; 0=Highest, 7=Lowest) 15 DMA3, CDROM Master Enable (0=Disable, 1=Enable) 16-18 DMA4, SPU Priority (0..7; 0=Highest, 7=Lowest) 19 DMA4, SPU Master Enable (0=Disable, 1=Enable) 20-22 DMA5, PIO Priority (0..7; 0=Highest, 7=Lowest) 23 DMA5, PIO Master Enable (0=Disable, 1=Enable) 24-26 DMA6, OTC Priority (0..7; 0=Highest, 7=Lowest) 27 DMA6, OTC Master Enable (0=Disable, 1=Enable) 28-30 Unknown, Priority Offset or so? (R/W) 31 Unknown, no effect? (R/W) |
0-5 Unknown (read/write-able) 6-14 Not used (always zero) 15 Force IRQ (sets bit31) (0=None, 1=Force Bit31=1) 16-22 IRQ Enable for DMA0..DMA6 (0=None, 1=Enable) 23 IRQ Master Enable for DMA0..DMA6 (0=None, 1=Enable) 24-30 IRQ Flags for DMA0..DMA6 (0=None, 1=IRQ) (Write 1 to reset) 31 IRQ Master Flag (0=None, 1=IRQ) (Read only) |
IF b15=1 OR (b23=1 AND (b16-22 AND b24-30)>0) THEN b31=1 ELSE b31=0 |
(changes to 7FE358D1h after DMA transfer)
|
(stays so even after DMA transfer)
|
DMA0 MDEC.IN 01000201h (always) DMA1 MDEC.OUT 01000200h (always) DMA2 GPU 01000200h (VramRead), 01000201h (VramWrite), 01000401h (List) DMA3 CDROM 11000000h (normal), 11400100h (chopped, rarely used) DMA4 SPU 01000201h (write), 01000200h (read, rarely used) DMA5 PIO N/A (not used by any known games) DMA6 OTC 11000002h (always) |
DMA0 MDEC.IN 1 clk/word ;0110h clks per 100h words ;\plus whatever DMA1 MDEC.OUT 1 clk/word ;0110h clks per 100h words ;/decompression time DMA2 GPU 1 clk/word ;0110h clks per 100h words ;-plus ... DMA3 CDROM/BIOS 24 clks/word ;1800h clks per 100h words ;\plus single/double DMA3 CDROM/GAMES 40 clks/word ;2800h clks per 100h words ;/speed sector rate DMA4 SPU 4 clks/word ;0420h clks per 100h words ;-plus ... DMA5 PIO 20 clks/word ;1400h clks per 100h words ;-not actually used DMA6 OTC 1 clk/word ;0110h clks per 100h words ;-plus nothing |
| Timers |
0-15 Current Counter value (incrementing) 16-31 Garbage |
0 Synchronization Enable (0=Free Run, 1=Synchronize via Bit1-2)
1-2 Synchronization Mode (0-3, see lists below)
Synchronization Modes for Counter 0:
0 = Pause counter during Hblank(s)
1 = Reset counter to 0000h at Hblank(s)
2 = Reset counter to 0000h at Hblank(s) and pause outside of Hblank
3 = Pause until Hblank occurs once, then switch to Free Run
Synchronization Modes for Counter 1:
Same as above, but using Vblank instead of Hblank
Synchronization Modes for Counter 2:
0 or 3 = Stop counter at current value (forever, no h/v-blank start)
1 or 2 = Free Run (same as when Synchronization Disabled)
3 Reset counter to 0000h (0=After Counter=FFFFh, 1=After Counter=Target)
4 IRQ when Counter=Target (0=Disable, 1=Enable)
5 IRQ when Counter=FFFFh (0=Disable, 1=Enable)
6 IRQ Once/Repeat Mode (0=One-shot, 1=Repeatedly)
7 IRQ Pulse/Toggle Mode (0=Short Bit10=0 Pulse, 1=Toggle Bit10 on/off)
8-9 Clock Source (0-3, see list below)
Counter 0: 0 or 2 = System Clock, 1 or 3 = Dotclock
Counter 1: 0 or 2 = System Clock, 1 or 3 = Hblank
Counter 2: 0 or 1 = System Clock, 2 or 3 = System Clock/8
10 Interrupt Request (0=Yes, 1=No) (Set after Writing) (W=1) (R)
11 Reached Target Value (0=No, 1=Yes) (Reset after Reading) (R)
12 Reached FFFFh Value (0=No, 1=Yes) (Reset after Reading) (R)
13-15 Unknown (seems to be always zero)
16-31 Garbage (next opcode)
|
0-15 Counter Target value 16-31 Garbage |
| CDROM Drive |
| CDROM Controller I/O Ports |
0-1 Index Port 1F801801h-1F801803h index (0..3 = Index0..Index3) (R/W) 2 ADPBUSY XA-ADPCM fifo empty (0=Empty) ;set when playing XA-ADPCM sound 3 PRMEMPT Parameter fifo empty (1=Empty) ;triggered before writing 1st byte 4 PRMWRDY Parameter fifo full (0=Full) ;triggered after writing 16 bytes 5 RSLRRDY Response fifo empty (0=Empty) ;triggered after reading LAST byte 6 DRQSTS Data fifo empty (0=Empty) ;triggered after reading LAST byte 7 BUSYSTS Command/parameter transmission busy (1=Busy) |
0-7 Command Byte |
0-7 Parameter Byte(s) to be used for next Command |
0-4 0 Not used (should be zero) 5 SMEN Want Command Start Interrupt on Next Command (0=No change, 1=Yes) 6 BFWR ... 7 BFRD Want Data (0=No/Reset Data Fifo, 1=Yes/Load Data Fifo) |
0-7 Data 8bit (one byte), or alternately, 0-15 Data 16bit (LSB=First byte, MSB=Second byte) |
0-7 Response Byte(s) received after sending a Command |
0-4 Interrupt Enable Bits (usually all set, ie. 1Fh=Enable All IRQs) 5-7 Unknown/unused (write: should be zero) (read: usually all bits set) |
0-2 Read: Response Received Write: 7=Acknowledge ;INT1..INT7 3 Read: Unknown (usually 0) Write: 1=Acknowledge ;INT8 ;XXX CLRBFEMPT 4 Read: Command Start Write: 1=Acknowledge ;INT10h;XXX CLRBFWRDY 5 Read: Always 1 ;XXX "_" Write: 1=Unknown ;XXX SMADPCLR 6 Read: Always 1 ;XXX "_" Write: 1=Reset Parameter Fifo ;XXX CLRPRM 7 Read: Always 1 ;XXX "_" Write: 1=Unknown ;XXX CHPRST |
INT0 No response received (no interrupt request)
INT1 Received SECOND (or further) response to ReadS/ReadN (and Play+Report)
INT2 Received SECOND response (to various commands)
INT3 Received FIRST response (to any command)
INT4 DataEnd (when Play/Forward reaches end of disk) (maybe also for Read?)
INT5 Received error-code (in FIRST or SECOND response)
INT5 also occurs on SECOND GetID response, on unlicensed disks
INT5 also occurs when opening the drive door (even if no command
was sent, ie. even if no read-command or other command is active)
INT6 N/A
INT7 N/A
|
INT8 Unknown (never seen that bit set yet) INT10h Command Start (when INT10h requested via 1F801803h.Index0.Bit5) |
0-7 Volume Level (00h..FFh) (00h=Off, FFh=Max/Double, 80h=Default/Normal) |
0 ADPMUTE Mute ADPCM (0=Normal, 1=Mute) 1-4 - Unused (should be zero) 5 CHNGATV Apply Audio Volume changes (0=No change, 1=Apply) 6-7 - Unused (should be zero) |
0-7 Data |
0 Mono/Stereo (0=Mono, 1=Stereo) 1 Reserved (0) 2 Sample Rate (0=37800Hz, 1=18900Hz) 3 Reserved (0) 4 Bits per Sample (0=4bit, 1=8bit) 5 Reserved (0) 6 Emphasis (0=Off, 1=Emphasis) 7 Reserved (0) |
============================================================================= |
0=Ready to send a new command 1=Busy sending a command/parameters |
-Flush all IRQs
-1F801803h.Index0=0
-Com_Delay=4901 (=1325h) (Port 1F801020h) (means 16bit or 32bit write?)
(the write seems to be 32bit, clearing the upper16bit of the register)
-Send two Getstat commands
-Send Command 0Ah (Init)
-Demute
|
SPU: Init Master Volume Left/Right (Port 1F801D80h/1F801D82h) SPU: Init CD Audio Volume Left/Right (Port 1F801DB0h/1F801DB2h) SPU: Enable CD Audio (Port 1F801DAAh.Bit0=1) CDROM/CMD: send Stop command (probably better to avoid conflicts) CDROM/CMD: send Demute command (if muted) (but works only if disc inserted) CDROM/HOST: init Codinginfo (Port 1F801801h.Index2) CDROM/HOST: enable ADPCM (Port 1F801803h.Index3.Bit0=0) ;probably needed? ... set dummy addr/len with DISHXFRC=1 ? <-- NOT required ! ... set SMEN ... and dummy BFWR? <-- BOTH bits required ? transfer 900h bytes (same format as ADPCM sectors) (Port 1F801801h.Index1) Note: Before sending a byte, one should wait for DRQs (1F801801h.Bit6=1) Note: ADPCM output doesn't start until the last (900h'th) byte is transferred |
| CDROM Controller Command Summary |
Command Parameters Response(s) 00h - - INT5(11h,40h) ;reportedly "Sync" uh? 01h Getstat - INT3(stat) 02h Setloc E amm,ass,asect INT3(stat) 03h Play E (track) INT3(stat), optional INT1(report bytes) 04h Forward E - INT3(stat), optional INT1(report bytes) 05h Backward E - INT3(stat), optional INT1(report bytes) 06h ReadN E - INT3(stat), INT1(stat), datablock 07h MotorOn E - INT3(stat), INT2(stat) 08h Stop E - INT3(stat), INT2(stat) 09h Pause E - INT3(stat), INT2(stat) 0Ah Init - INT3(late-stat), INT2(stat) 0Bh Mute E - INT3(stat) 0Ch Demute E - INT3(stat) 0Dh Setfilter E file,channel INT3(stat) 0Eh Setmode mode INT3(stat) 0Fh Getparam - INT3(stat,mode,null,file,channel) 10h GetlocL E - INT3(amm,ass,asect,mode,file,channel,sm,ci) 11h GetlocP E - INT3(track,index,mm,ss,sect,amm,ass,asect) 12h SetSession E session INT3(stat), INT2(stat) 13h GetTN E - INT3(stat,first,last) ;BCD 14h GetTD E track (BCD) INT3(stat,mm,ss) ;BCD 15h SeekL E - INT3(stat), INT2(stat) ;\use prior Setloc 16h SeekP E - INT3(stat), INT2(stat) ;/to set target 17h - - INT5(11h,40h) ;reportedly "SetClock" uh? 18h - - INT5(11h,40h) ;reportedly "GetClock" uh? 19h Test sub_function depends on sub_function (see below) 1Ah GetID E - INT3(stat), INT2/5(stat,flg,typ,atip,"SCEx") 1Bh ReadS E?- INT3(stat), INT1(stat), datablock 1Ch Reset - INT3(stat), Delay 1Dh GetQ E adr,point INT3(stat), INT2(10bytesSubQ,peak_lo) ;\not 1Eh ReadTOC - INT3(late-stat), INT2(stat) ;/vC0 1Fh VideoCD sub,a,b,c,d,e INT3(stat,a,b,c,d,e) ;<-- SCPH-5903 only 1Fh..4Fh - - INT5(11h,40h) ;-Unused/invalid 50h Secret 1 - INT5(11h,40h) ;\ 51h Secret 2 "Licensed by" INT5(11h,40h) ; 52h Secret 3 "Sony" INT5(11h,40h) ; Secret Unlock Commands 53h Secret 4 "Computer" INT5(11h,40h) ; (not in version vC0, and, 54h Secret 5 "Entertainment" INT5(11h,40h) ; nonfunctional in japan) 55h Secret 6 "<region>" INT5(11h,40h) ; 56h Secret 7 - INT5(11h,40h) ;/ 57h SecretLock - INT5(11h,40h) ;-Secret Lock Command 58h..5Fh Crash - Crashes the HC05 (jumps into a data area) 6Fh..FFh - - INT5(11h,40h) ;-Unused/invalid |
sub params response ;Effect
00h - INT3(stat) ;Force motor on, clockwise, even if door open
01h - INT3(stat) ;Force motor on, anti-clockwise, super-fast
02h - INT3(stat) ;Force motor on, anti-clockwise, super-fast
03h - INT3(stat) ;Force motor off (ignored during spin-up)
04h - INT3(stat) ;Start SCEx reading and reset counters
05h - INT3(total,success);Stop SCEx reading and get counters
06h * n INT3(old) ;\early ;Adjust balance in RAM, send CX(30+n XOR 7)
07h * n INT3(old) ; PSX ;Adjust gain in RAM, send CX(38+n XOR 7)
08h * n INT3(old) ;/only ;Adjust balance in RAM only
06h..0Fh - INT5(11h,10h) ;N/A (11h,20h when NONZERO number of params)
10h - INT3(stat) ;CX(..) ;Force motor on, anti-clockwise, super-fast
11h - INT3(stat) ;CX(03) ;Move Lens Up (leave parking position)
12h - INT3(stat) ;CX(02) ;Move Lens Down (enter parking position)
13h - INT3(stat) ;CX(28) ;Move Lens Outwards
14h - INT3(stat) ;CX(2C) ;Move Lens Inwards
15h - INT3(stat) ;CX(22) ;If motor on: Move outwards,inwards,motor off
16h - INT3(stat) ;CX(23) ;No effect?
17h - INT3(stat) ;CX(E8) ;Force motor on, clockwise, super-fast
18h - INT3(stat) ;CX(EA) ;Force motor on, anti-clockwise, super-fast
19h - INT3(stat) ;CX(25) ;No effect?
1Ah - INT3(stat) ;CX(21) ;No effect?
1Bh..1Fh - INT5(11h,10h) ;N/A (11h,20h when NONZERO number of params)
20h - INT3(yy,mm,dd,ver) ;Get cdrom BIOS date/version (yy,mm,dd,ver)
21h - INT3(n) ;Get Drive Switches (bit0=POS0, bit1=DOOR)
22h *** - INT3("for ...") ;Get Region ID String
23h *** - INT3("CXD...") ;Get Chip ID String for Servo Amplifier
24h *** - INT3("CXD...") ;Get Chip ID String for Signal Processor
25h *** - INT3("CXD...") ;Get Chip ID String for Decoder/FIFO
26h..2Fh - INT5(11h,10h) ;N/A (11h,20h when NONZERO number of params)
30h * i,x,y INT3(stat) ;Prototype/Debug stuff ;\supported on
31h * x,y INT3(stat) ;Prototype/Debug stuff ; early PSX only
4xh * i INT3(x,y) ;Prototype/Debug stuff ;/
30h..4Fh .. INT5(11h,10h) ;N/A always 11h,10h (no matter of params)
50h a[,b[,c]] INT3(stat) ;Servo/Signal send CX(a:b:c)
51h ** 39h,xx INT3(stat,hi,lo) ;Servo/Signal send CX(39xx) with response
51h..5Fh - INT5(11h,10h) ;N/A
60h lo,hi INT3(databyte) ;HC05 SUB-CPU read RAM and I/O ports
61h..70h - INT5(11h,10h) ;N/A
71h *** adr INT3(databyte) ;Decoder Read one register
72h *** adr,dat INT3(stat) ;Decoder Write one register
73h *** adr,len INT3(databytes..);Decoder Read multiple registers, bugged
74h *** adr,len,..INT3(stat) ;Decoder Write multiple registers, bugged
75h *** - INT3(lo,hi,lo,hi);Decoder Get Host Xfer Info Remain/Addr
76h *** a,b,c,d INT3(stat) ;Decoder Prepare Transfer to/from SRAM
77h..FFh - INT5(11h,10h) ;N/A
|
| CDROM - Control Commands |
7 Speed (0=Normal speed, 1=Double speed) 6 XA-ADPCM (0=Off, 1=Send XA-ADPCM sectors to SPU Audio Input) 5 Sector Size (0=800h=DataOnly, 1=924h=WholeSectorExceptSyncBytes) 4 Ignore Bit (0=Normal, 1=Ignore Sector Size and Setloc position) 3 XA-Filter (0=Off, 1=Process only XA-ADPCM sectors that match Setfilter) 2 Report (0=Off, 1=Enable Report-Interrupts for Audio Play) 1 AutoPause (0=Off, 1=Auto Pause upon End of Track) ;for Audio Play 0 CDDA (0=Off, 1=Allow to Read CD-DA Sectors; ignore missing EDC) |
try_deliver_as_adpcm_sector: reject if CD-DA AUDIO format reject if sector isn't MODE2 format reject if adpcm_disabled(setmode.6) reject if filter_enabled(setmode.3) AND selected file/channel doesn't match reject if submode isn't audio+realtime (bit2 and bit6 must be both set) deliver: send sector to xa-adpcm decoder when passing above cases try_deliver_as_data_sector: reject data-delivery if "try_deliver_as_adpcm_sector" did do adpcm-delivery reject if filter_enabled(setmode.3) AND submode is audio+realtime (bit2+bit6) 1st delivery attempt: send INT1+data, unless there's another INT pending delay, and retry at later time... but this time with file/channel checking! reject if filter_enabled(setmode.3) AND selected file/channel doesn't match 2nd delivery attempt: send INT1+data, unless there's another INT pending |
| CDROM - Seek Commands |
___Errors___ session = 00h causes error code 10h. ;INT5(03h,10h), no 2nd/3rd response ___On a non-multisession-disk___ session = 01h passes okay. ;INT3(stat), and once INT2(stat) session = 02h or higher cause seek error ;INT3(stat), and twice INT5(06h,40h) ___On a multisession-disk with N sessions___ session = 01h..N+1 passes okay ;where N+1 moves to the END of LAST session session = N+2 or higher cause seek error ;2nd response = INT5(06h,20h) |
| CDROM - Read Commands |
;Read occasionally returns 11h,40h ..? when TOC isn't loaded?
|
[1F801800h]=00h 00h=[1F801800h] [1F801803h]=00h 00h=[1F801803h] [1F801800h]=00h [1F801803h]=80h |
[1F801018h]=00020943h ;cdrom_delay [1F801020h]=0000132Ch ;com_delay |
x=[1F8010F4h] AND 00FFFFFFh ;result is 00840000h [1F8010F4h] = x OR 00880000h [1F8010F0h] = [1F8010F0h] OR 00008000h [1F8010B0h] = A0010000h ;addr [1F8010B4h] = 00010200h ;LSBs=num words, MSBs=ignored/bullshit [1F8010B4h] = 11000000h ;DMA control |
[1F801800h]=01h [1F801803h]=40h ;reset parameter fifo [0]=00000000h [0]=00000001h [0]=00000002h [0]=00000003h [1F801800h]=00h [1F801801h]=09h ;command9 (pause) |
Wait for Interrupt Request (INT1) ;indicates that data is available Send Data Request (1F801803h.Index0.Bit7=1);accept data Acknowledge INT1 ; Copy Data to Main RAM (via I/O or DMA) ;read data |
Caution: Supported only in BIOS version vC1 and up. Not supported in vC0. |
Setloc, Read, Pause |
| CDROM - Status Commands |
7 Play Playing CD-DA ;\only ONE of these bits can be set 6 Seek Seeking ; at a time (ie. Read/Play won't get 5 Read Reading data sectors ;/set until after Seek completion) 4 ShellOpen Once shell open (0=Closed, 1=Is/was Open) 3 IdError (0=Okay, 1=GetID denied) (also set when Setmode.Bit4=1) 2 SeekError (0=Okay, 1=Seek error) (followed by Error Byte) 1 Spindle Motor (0=Motor off, or in spin-up phase, 1=Motor on) 0 Error Invalid Command/parameters (followed by Error Byte) |
___These values appear in the FIRST response; with stat.bit0 set___
10h - Invalid Sub_function (for command 19h), or invalid parameter value
20h - Wrong number of parameters
40h - Invalid command
80h - Cannot respond yet (eg. required info was not yet read from disk yet)
(namely, TOC not-yet-read or so)
(also appears if no disk inserted at all)
___These values appear in the SECOND response; with stat.bit2 set___
04h - Seek failed (when trying to use SeekL on Audio CDs)
___These values appear even if no command was sent; with stat.bit2 set___
08h - Drive door became opened
|
track: track number (AAh=Lead-out area) (FFh=unknown, toc, none?) index: index number (Usually 01h) mm: minute number within track (00h and up) ss: second number within track (00h to 59h) sect: sector number within track (00h to 74h) amm: minute number on entire disk (00h and up) ass: second number on entire disk (00h to 59h) asect: sector number on entire disk (00h to 74h) |
Caution: Supported only in BIOS version vC1 and up. Not supported in vC0. Caution: When unsupported, Parameter Fifo isn't cleared after the command. |
Drive Status 1st Response 2nd Response Door Open INT5(11h,80h) N/A Spin-up INT5(01h,80h) N/A Detect busy INT5(03h,80h) N/A No Disk INT3(stat) INT5(08h,40h, 00h,00h, 00h,00h,00h,00h) Audio Disk INT3(stat) INT5(0Ah,90h, 00h,00h, 00h,00h,00h,00h) Unlicensed:Mode1 INT3(stat) INT5(0Ah,80h, 00h,00h, 00h,00h,00h,00h) Unlicensed:Mode2 INT3(stat) INT5(0Ah,80h, 20h,00h, 00h,00h,00h,00h) Unlicensed:Mode2+Audio INT3(stat) INT5(0Ah,90h, 20h,00h, 00h,00h,00h,00h) Debug/Yaroze:Mode2 INT3(stat) INT2(02h,00h, 20h,00h, 20h,20h,20h,20h) Licensed:Mode2 INT3(stat) INT2(02h,00h, 20h,00h, 53h,43h,45h,4xh) Modchip:Audio/Mode1 INT3(stat) INT2(02h,00h, 00h,00h, 53h,43h,45h,4xh) |
1st byte: stat (as usually, but with bit3 same as bit7 in 2nd byte)
2nd byte: flags (bit7=denied, bit4=audio... or reportedly import, uh?)
bit7: Licensed (0=Licensed Data CD, 1=Denied Data CD or Audio CD)
bit6: Missing (0=Disk Present, 1=Disk Missing)
bit4: Audio CD (0=Data CD, 1=Audio CD) (always 0 when Modchip installed)
3rd byte: Disk type (from TOC Point=A0h) (eg. 00h=Audio or Mode1, 20h=Mode2)
4th byte: Usually 00h (or 8bit ATIP from Point=C0h, if session info exists)
that 8bit ATIP value is taken form the middle 8bit of the 24bit ATIP value
5th-8th byte: SCEx region (eg. ASCII "SCEE" = Europe) (0,0,0,0 = Unlicensed)
|
| CDROM - CD Audio Commands |
amm/ass/asect are returned on asect=00h,20h,40h,60h ;-absolute time mm/ss+80h/sect are returned on asect=10h,30h,50h,70h ;-within current track (or, in case of read errors, report may be returned on other asect's) |
Setmode.bit1=1: AutoPause=On --> Issue INT4(stat) and PAUSE at end of TRACK Setmode.bit1=0: AutoPause=Off --> Issue INT4(stat) and STOP at end of DISC |
| CDROM - Test Commands |
| CDROM - Test Commands - Version, Switches, Region, Chipset, SCEx |
(unknown) ;DTL-H2000 (with SPC700 instead HC05) 94h,09h,19h,C0h ;PSX (PU-7) 19 Sep 1994, version vC0 (a) 94h,11h,18h,C0h ;PSX (PU-7) 18 Nov 1994, version vC0 (b) 95h,05h,16h,C1h ;PSX (LATE-PU-8) 16 May 1995, version vC1 (a) 95h,07h,24h,C1h ;PSX (LATE-PU-8) 24 Jul 1995, version vC1 (b) 95h,07h,24h,D1h ;PSX (LATE-PU-8,debug ver)24 Jul 1995, version vD1 (debug) 96h,08h,15h,C2h ;PSX (PU-16, Video CD) 15 Aug 1996, version vC2 (VCD) 96h,08h,18h,C1h ;PSX (LATE-PU-8,yaroze) 18 Aug 1996, version vC1 (yaroze) 96h,09h,12h,C2h ;PSX (PU-18) (japan) 12 Sep 1996, version vC2 (a.jap) 97h,01h,10h,C2h ;PSX (PU-18) (us/eur) 10 Jan 1997, version vC2 (a) 97h,08h,14h,C2h ;PSX (PU-20) 14 Aug 1997, version vC2 (b) 98h,06h,10h,C3h ;PSX (PU-22) 10 Jul 1998, version vC3 (a) 99h,02h,01h,C3h ;PSX/PSone (PU-23, PM-41) 01 Feb 1999, version vC3 (b) A1h,03h,06h,C3h ;PSone/late (PM-41(2)) 06 Jun 2001, version vC3 (c) (unknown) ;PS2, xx xxx xxxx, late PS2 models...? |
Caution: Supported only in BIOS version vC1 and up. Not supported in vC0. |
INT5(11h,10h) --> NTSC, Japan (vC0) --> requires "SCEI" discs
INT3("for Europe") --> PAL, Europe --> requires "SCEE" discs
INT3("for U/C") --> NTSC, North America --> requires "SCEA" discs
INT3("for Japan") --> NTSC, Japan / NTSC, Asia --> requires "SCEI" discs
INT3("for NETNA") --> Region-free yaroze version--> requires "SCEx" discs
INT3("for US/AEP") --> Region-free debug version --> accepts unlicensed CDRs
|
Caution: Supported only in BIOS version vC1 and up. Not supported in vC0. |
| CDROM - Test Commands - Test Drive Mechanics |
1 byte --> send CX(Xx) ;short 8bit command 2 bytes --> send CX(Xxxx) ;longer 16bit command 3 bytes --> send CX(Xxxxxx) ;full 24bit command 4 bytes --> send CX(Xxxxxxxx) ;extended 32bit command (BIOS vC3 only) 4..15 bytes: acts same as max (3 or 4 bytes) (extra bytes are ignored) 0 bytes or more than 15 bytes: generates an error |
| CDROM - Test Commands - Prototype Debug Transmission |
| CDROM - Test Commands - Read/Write Decoder RAM and I/O Ports |
index value 00h 04h ;04h=empty, 8Eh=licensed, 24h=audio 01h [0B1h] ;DCh=empty/licensed, DDh=audio 02h 00h 03h 00h ;or variable when disk inserted 04h 00h 05h 80h ;or 86h or 89h when disk inserted 06h C0h 07h 02h 08h 8Ah 09h C0h 0Ah 00h 0Bh C0h 0Ch [1F2h] 0Dh [1F3h] 0Eh 00h ;or 8Eh or E6h when disk inserted ;D4h/audio 0Fh 00h ;or sometimes 01h when disk inserted ;50h/audio 10h C0h 11h E0h 12h 71h 13h stat 14h FFh 15h..1Fh C0h-filled ;or 17h --> DEh |
;other response on param xx16h,xx18h with xx>00h |
The first bytes are NOT affected by: destroying [1F0h] via too-many-parameters in command-buffer, changes to [1F1h] which may occur after read command (eg. may be 20h) |
| CDROM - Test Commands - Read HC05 SUB-CPU RAM and I/O Ports |
000h 4 FF 7B 00 FF (other when disk inserted) 004h 5 11 00 20 20 0C 009h 1 00 (when disk inserted: changes between 00 or 80) 00Ah 2 71 00 00Ch 1 00 (when disk inserted: changes between 00 or 80) 00Dh 3 20 20 20 010h 8 02 80 00 60 00 00 99(orBB) 98 018h 4 changes randomly (even when no disk inserted) 01Ch 3 40 00 41 01Fh 1 changes randomly (even when no disk inserted) 020h 30 20h-filled 03Eh 2 82h 20h |
040h 4 08 00 00 00 ;or 98 07 xx 0B when disk inserted ;[40].Bit1=MUTE
044h 4 00h-filled
048h 3 40 20 00 ;or 58 71 0F when disk inserted
04Bh 1 changes randomly (nodisk: 00 or 80 / disk: BFh)
04Ch 1 Zero (or C0h)
04Dh 3 MM:SS:FF (begin of current track MM:SS:00h) (or increasing addr)
050h 10 Subchannel Q (adjusted position values)
05Ah 2 ...
05Ch 1 00h (or 64h)
05Dh 3 MM:SS:FF (current read address) (sticky address during pause)
060h 1 increments at circa 16Hz or so (or other rate when spinning)
061h 12 00h-filled ;or else when disk inserted
06Dh 1 01 ;or 0C when disk inserted
06Eh 2 SetFilter setting (file,channel)
070h 16 00h-filled ;or else when disk inserted
080h 8 00h-filled
088h 3 03:SS:FF (three, second, fraction)
08Bh 3 03:SS:FF (three, second, fraction)
08Eh 2 01 FF (or other values)
090h 1 00h (or 91h when disk inserted + spinning)
091h 13 Zero
09Eh 1 00h (or 01h when disk inserted + spinning)
09Fh 1 Zero
0A0h 1 Always 23h
0A1h 1 09h (5Dh when disk inserted)
0A2h 7 00h-filled
0A9h 1 40
0AAh 4 00h-filled
0AEh 1 00 (no disk) or 01 (disk) or so
0AFh 1 00 ;or 06 when disk inserted
0B0h 7 00 DC 00 02 00 E0 08 ;\or else when disk inserted
0B7h 1 20 ;Bit6+7=MUTE ;
0B8h 3 DE 00 00 ;/
0BBh 1 SetMode setting (mode)
0BCh 1 GetStat setting (stat)
0BDh 3 00h-filled
0C0h 6 FFh-filled ;stack... ;\
0C6h 1 Usually DFh ;sometimes [0EBh and up] are non-FFh, too
0C7h 15 FFh-filled ;(depending on disk or commands or so)
0D6h 1 Usually FDh (or FFh) ; ;
0D7h 24 FFh-filled ; stack
0EFh 4 on power-up FFh-filled, other once when disk read ;
0F3h 7 changes randomly (even when no disk inserted) ;
0FAh 6 2E 3C 2A D6 10 95 ;/
100h 2x99 TOC Entries for Start of Track 1..99 (MM:SS)
1C6h 1 TOC First Track number (usually 01h)
1C7h 1 TOC Last Track number (usually 01h or higher)
1C8h 3 TOC Entry for Start of Lead-Out (MM:SS:FF)
1CBh 2 Zero
1CDh 1 Depends on disk (01 or 02 or 06) (or 00 when no disk)
1CEh 1 Zero
1CFh 1 Depends on disk (NULL minus N*6) (or 00 when no disk)
(maybe reflection level / laser intensity or so)
[1CDh..1CFh]
01 00 E8 --> licensed/metalgear/kain
01 00 EE --> licensed/alone2
06 00 E2 or 00 00 02 00 E8 --> licensed/wipeout
02 00 DC --> unlicensed/elo
02 00 D6 --> unlicensed/driver
00 00 EE --> audio/lola
00 00 FA --> audio/marilyn
00 00 F4 --> audio/westen
00 00 00 --> disk missing
last byte is always in steps of 6
1D0h 4 SCEx String
1D4h 4 Zero
1D8h 2 SCEx Counters (total,success) ;for command 19h,05h
1DAh 6 00h-filled (or ... SS:FF)
1E0h 6 Command Buffer (usually 19h,60h,E2h,01h = Read RAM Command)
1E6h 7 00h-filled (unless destroyed by more-than-6-byte-commands)
1EDh 3 Setloc setting (MM:SS:FF)
1F0h 1 00h (unless destroyed by more-than-6-byte-commands)
1F1h 3 C0h 00h 00h ;or 20h,0Ch,50h or C0h,0Ch,08h ;for command(19h,75h)
;or 00h,00h,00h for audio
;or 80h,00h,00h for disk missing
1F4h 4 00h-filled ... or SCEx string
1F8h 1 00h
1F9h 1 Selected Target (parameter from Play and SetSession commands)
1FAh 5 00h-filled ;01 01 00 8B 00 00 ;or 01 02 8B 00 00
01 00 8B 00 00 -- audio/unlicensed
01 01 00 00 00 -- licensed
1FFh 1 00h-on power up, changes when disk inserted ;or 01 = Playing
1FDh 3 MM:SS:FF (only during command 19h,00h) (MM=98..99=TOC)
200h 10 Subchannel Q (real values)
20Ah 2 whatever
20Ch 1 Zero
20Dh 1 Desired Session (from SetSession command)
20Eh 1 Current Session (actual location of drive head)
20Fh 1 Zero
210h 10 Subchannel Q (adjusted position values)
21Ah 6 00h-filled
220h 4 Data Sector Header (MM:SS:FF:Mode)
224h 4 Data Sector CD-XA Subheader (file,channel,sm,ci)
228h 1 00h
229h 1 Usually 00h (shortly other value on power-up, and maybe on seek)
22Ah 1 10h (or 00h when no disk)
22Bh 3 00h-filled
22Eh 2 01,03 or 0A,00 or 03,01 (or else for other disk)
230h 3 00h-filled (or other during spin-up / read-toc or so)
233h 0Dh 00h-filled (unused RAM)
|
240h..2FFh - Invalid (00h-filled) (no ROM, RAM, or I/O mapped here) 300h..3FFh - Mirror of 200h..2FFh ;\the BIOS is doing that 400h..FFFFh - Mirrors of 000h..3FFh ;/mirroring by software |
| CDROM - Secret Unlock Commands |
Caution: Supported only in BIOS version vC1 and up. Not supported in vC0. Caution: Supported only in Europe/USA. Nonfunctional in Japan/Asia. Caution: When unsupported, Parameter Fifo isn't cleared after the command. |
"of America" ;for NTSC/US ;\ "(Europe)" ;for PAL/Europe ; handled, and actually working "World wide" ;for Yaroze ;/ "Inc." ;for NTSC/JP ;-non-functional |
| CDROM - Video CD Commands |
Caution: Supported only on SCPH-5903, not supported on any other consoles. Caution: When unsupported, Parameter Fifo isn't cleared after the command. |
1Fh VideoCD sub,a,b,c,d,e INT3(stat,a,b,c,d,e) ;<-- SCPH-5903 only 1Fh..4Fh - - INT5(11h,40h) ;-Unused/invalid |
0 Drive Door (0=Open) (from CDROM stat bit4) ;Open 1 Button /\ (0=Pressed) (from PSX pad bit12) ;N/A ;PBC: Back/LevelUp 2 Button [] (0=Pressed) (from PSX pad bit15) ;Enter Menu 3 Button () (0=Pressed) (from PSX pad bit13) ;Leave Menu ;PBC: Confirm 4 Button >< (0=Pressed) (from PSX pad bit14) ;N/A 5 Start (0=Pressed) (from PSX pad bit3) ;Play/Pause 6 Select (0=Pressed) (from PSX pad bit0) ;Stop (prompt restart/resume) 7 Always 0 (0) (fixed) ;N/A 8 DPAD Up (0=Pressed) (from PSX pad bit4) ;Menu Up ;PBC: +1 9 DPAD Right (0=Pressed) (from PSX pad bit5) ;Menu Right/change ;PBC: +10 10 DPAD Down (0=Pressed) (from PSX pad bit6) ;Menu Down ;PBC: -1 11 DPAD Left (0=Pressed) (from PSX pad bit7) ;Menu Left/change ;PBC: -10 12 Button R1 (0=Pressed) (from PSX pad bit11) ;Prev Track/Restart Track 13 Button R2 (0=Pressed) (from PSX pad bit9) ;Fast Forward (slowly) 14 Button L1 (0=Pressed) (from PSX pad bit10) ;Next Track (if any) 15 Button L2 (0=Pressed) (from PSX pad bit8) ;Fast Backward (slowly) |
00h Motor Off (or spin-up) (when stat.bit1=0) 01h Playing (when stat.bit7=1) 02h Paused (and not seeking) (when stat.bit6=0) (note: State remains unchanged when seeking) |
00h = Confirms that "Tocread" (aka setsession 1) request was processed 01h = Detect VCD Disc (used on power-up, and after door open) (after spin-up) 02h = Handshake (request ack response) 0Ah = Door opened during play (int5/door error) 80h = No disc FFh = No change (nop) |
00h Normal (no special event occured and no action requested) 01h Request CD to Seek_and_play (using mm:ss:ff response parameter bytes) 02h Request CD to Pause ;cmd(09h) -->int3(stat),int2(stat) 03h Request CD to Stop ;cmd(08h) -->int3(stat),int2(stat) 04h Request CD to Tocread (setsession1);cmd(12h,01h)-->int3(stat),int2(stat) 05h Handshake Command was processed, and this is the "ack" response 06h Request CD to Fast Forward ;cmd(04h) -->int3(stat) 07h Request CD to Fast Backward ;cmd(05h) -->int3(stat) 80h Detect Command was processed, and disc was detected as VCD 81h Detect Command was processed, and disc was detected as Non-VCD |
00h = Normal PSX Mode (PortF.3=LOW) (Audio/Video from GPU/SPU chips) 01h..FFh = Special VCD Mode (PortF.3=HIGH) (Audio/Video from MDEC/OSD chips) |
x = don't care/garbage
v = toggle state (00h=normal=PortF.3=LOW, 01h..FFh=special=PortF.3=HIGH)
(toggle gpu vs mpeg maybe?)
a,b,c,d,e = five bytes sent serially, and five bytes response received
serially (send/receive done simultaneously)
|
Port F.Bit0 = Serial Data In Port F.Bit1 = Serial Data Out Port F.Bit2 = Serial Clock Out Port F.Bit3 = Toggle (0=Normal, 1=Special) |
| CDROM - Mainloop/Responses |
check for incoming sectors (from CDROM decoder) check for incoming commands (from Main CPU) do maintenance stuff on the drive mechanics |
Main CPU has sent a command, AND, there is no INT pending (if an INT is pending, then the command won't be executed yet, but will be executed in following mainloop cycles; once when INT got acknowledged) (even if no INT is pending, the mainloop may generate INT1/INT2 before executing the command, if so, as said above, the command won't execute yet) |
07h MotorOn E - INT3(stat), INT2(stat) 08h Stop E - INT3(stat), INT2(stat) 09h Pause E - INT3(stat), INT2(stat) 0Ah Init - INT3(late-stat), INT2(stat) 12h SetSession E session INT3(stat), INT2(stat) 15h SeekL E - INT3(stat), INT2(stat) ;\use prior Setloc 16h SeekP E - INT3(stat), INT2(stat) ;/to set target 1Ah GetID E - INT3(stat), INT2/5(stat,flg,typ,atip,"SCEx") 1Dh GetQ E adr,point INT3(stat), INT2(10bytesSubQ,peak_lo) 1Eh ReadTOC - INT3(late-stat), INT2(stat) |
03h Play E (track) INT3(stat), optional INT1(report bytes) 04h Forward E - INT3(stat), optional INT1(report bytes) 05h Backward E - INT3(stat), optional INT1(report bytes) 06h ReadN E - INT3(stat), INT1(stat), datablock 1Bh ReadS E?- INT3(stat), INT1(stat), datablock |
| CDROM - Response Timings |
Command Average Min Max GetStat (normal) 000c4e1h 0004a73h..003115bh GetStat (when stopped) 0005cf4h 000483bh..00093f2h |
Init 0013cceh 000f820h..00xxxxxh |
Command Average Min Max GetID 0004a00h 0004922h..0004c2bh Pause (single speed) 021181ch 020eaefh..0216e3ch ;\time equal to Pause (double speed) 010bd93h 010477Ah..011B302h ;/about 5 sectors Pause (when paused) 0001df2h 0001d25h..0001f22h Stop (single speed) 0d38acah 0c3bc41h..0da554dh Stop (double speed) 18a6076h 184476bh..192b306h Stop (when stopped) 0001d7bh 0001ce8h..0001eefh |
Command Average Min Max Read (single speed) 006e1cdh 00686dah..0072732h Read (double speed) 0036cd2h 00322dfh..003ab2bh |
| CDROM - Response/Data Queueing |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Process INT1 --> receives sector header for 0:2:1 Process INT1 --> receives sector header for 0:2:2 Process INT1 --> receives sector header for 0:2:3 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 delay(1) Process INT1 --> receives sector header for 0:2:1 (oldest sector) Process INT1 --> receives sector header for 0:2:6 (newest sector) Process INT1 --> receives sector header for 0:2:7 (next sector) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 delay(2) Process INT1 --> receives sector header for 0:2:9 (oldest/overwritten) Process INT1 --> receives sector header for 0:2:11 (newest sector) Process INT1 --> receives sector header for 0:2:12 (next sector) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 delay(3) Process INT1 --> receives sector header for 0:2:17 (currently received) Process INT1 --> receives sector header for 0:2:16 (newest full sector) Process INT1 --> receives sector header for 0:2:17 (next sector) Process INT1 --> receives sector header for 0:2:18 (next sector) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 GetlocL Process INT3 --> receives getloc info for 0:2:0 Process INT1 --> receives sector header for 0:2:1 Process INT1 --> receives sector header for 0:2:2 Process INT1 --> receives sector header for 0:2:3 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) GetlocL Process INT1 --> receives sector header for 0:2:1 Process INT3 --> receives getloc info for 0:2:6 Process INT1 --> receives sector header for 0:2:6 Process INT1 --> receives sector header for 0:2:7 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 GetlocL Delay(1) Process INT3 --> receives getloc info for 0:2:0 Process INT1 --> receives sector header for 0:2:5 Process INT1 --> receives sector header for 0:2:6 Process INT1 --> receives sector header for 0:2:7 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) GetlocL Delay(1) Process INT1 --> receives sector header for 0:2:9 Process INT1 --> receives sector header for 0:2:11 Process INT3 --> receives getloc info for 0:2:12 Process INT1 --> receives sector header for 0:2:12 Process INT1 --> receives sector header for 0:2:13 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Pause Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) Pause Process INT1 --> receives sector header for 0:2:1 (oldest) Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Pause Delay(1) Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) Pause Delay(1) Process INT1 --> receives sector header for 0:2:9 (oldest/overwritten) Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 GetlocL Pause Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) GetlocL Pause Process INT1 --> receives sector header for 0:2:1 Process INT1 --> receives sector header for 0:2:6 Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 GetlocL Delay(1) Pause Process INT3 --> receives getloc info for 0:2:0 (first getloc response) Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) GetlocL Delay(1) Pause Process INT1 --> receives sector header for 0:2:9 (oldest/overwritten) Process INT3 --> receives stat=22h (first pause response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Pause GetlocL Process INT3 --> receives getloc info for 0:2:0 (first getloc response) Process INT1 --> receives sector header for 0:2:1 Process INT1 --> receives sector header for 0:2:2 Process INT1 --> receives sector header for 0:2:3 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) Pause GetlocL Process INT1 --> receives sector header for 0:2:1 Process INT3 --> receives getloc info for 0:2:6 (first getloc response) Process INT1 --> receives sector header for 0:2:6 Process INT1 --> receives sector header for 0:2:7 |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Pause Delay(1) GetlocL Process INT3 --> receives stat=22h (first pause response) Process INT3 --> receives getloc info for 0:2:6 (first getloc response) (No further INT's, ie. read is paused, but second-pause-response is lost). |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Pause Delay(1) GetlocL Delay(1) Process INT3 --> receives stat=22h (first pause response) Process INT3 --> receives getloc info for 0:2:6 (first getloc response) Process INT2 --> receives stat=02h (second pause response) |
Setloc(0:2:0)+Read Process INT1 --> receives sector header for 0:2:0 Delay(1) Pause Delay(1) GetlocL Process INT1 --> receives sector header for 0:2:9 Process INT1 --> receives sector header for 0:2:11 Process INT3 --> receives getloc info for 0:2:12 (first getloc response) Process INT1 --> receives sector header for 0:2:12 Process INT1 --> receives sector header for 0:2:13 |
| CDROM Disk Format |
Originally intended for Mode1 Sectors (but is also used for CD-XA Mode2) Supports "FILENAME.EXT;VERSION" filenames (version is usually "1") Supports all-uppercase filenames and directory names (0-9, A-Z, underscore) For PSX: Max 8-character filenames with max 3-character extensions For PSX: Max 8-character directory names, without extension For PSX: Max one sector per directory (?) For PSX: Max one sector (or less?) per path table (?) |
Uses Mode2 Sectors (see Sector Encoding chapter) Allows 800h or 914h byte data per sector (with/without error correction) Allows to break interleaved data into separate files/channels Supports XA-ADPCM compressed audio data Stores "CD-XA001" at 400h Primary Volume Descriptor (?) Stores 14 extra bytes in System Use area (LEN_SU) of Directory Entries |
Defines physical metrics of the CDROM and Audio disks Defines Sub-channels and Track.Index and Minute.Second.Fraction numbering Defines 14bit-per-byte encoding, and splits sectors into frames Defines ECC and EDC (error correction and error detection codes) |
sessions one or more sessions per disk tracks 99 tracks per disk (01h..99h) (usually only 01h on Data Disks) index 99 indices per track (01h..99h) (rarely used, usually always 01h) minutes 74 minutes per disk (00h..73h) (or more, with some restrictions) seconds 60 seconds per minute (00h..59h) sectors 75 sectors per second (00h..74h) frames 98 frames per sector bytes 33 bytes per frame (24+1+8 = data + subchannel + error correction) bits 14 bits per byte (256 valid combinations, and many invalid ones) |
| CDROM Subchannels |
Bits Expl. 2 Sub-channel synchronization field 8 ADR/Control (see below) 72 Data (content depends on ADR) 16 CRC-16-CCITT error detection code (big-endian: bytes ordered MSB, LSB) |
Bit0-3 ADR (0=No data, 1..3=see below, 4..0Fh=Reserved) Bit4 Audio Preemphasis (0=No, 1=Yes) (Audio only, must be 0 for Data) Bit5 Digital Copy (0=Prohibited, 1=Allowed) Bit6 Data (0=Audio, 1=Data) Bit7 Four-Channel Audio (0=Stereo, 1=Quad) (Audio only, must be 0 for Data) |
8 Track number (fixed, must be 00h=Lead-in)
8 Point (01h..99h or A0h..A2h, see last three bytes for more info)
24 MSF address (incrementing address within the Lead-in area)
Note: On some disks, these values are choosen so that the lead-in
<starts> at 00:00:00, on other disks so that it <ends> at 99:59:74.
8 Reserved (00h)
|
24 MSF address (absolute address, start address of the "Point" track) |
8 First Track number (BCD) 8 Disk Type Byte (00h=CD-DA or CD-ROM, 10h=CD-I, 20h=CD-ROM-XA) 8 Reserved (00h) |
8 Last Track number (BCD) 16 Reserved (0000h) |
8 Track number (01h..99h=Track 1..99) 8 Index number (00h=Pause, 01h..99h=Index within Track) 24 Track relative MSF address (decreasing during Pause) 8 Reserved (00h) 24 Absolute MSF address |
8 Track number (fixed, must be AAh=Lead-Out) 8 Index number (fixed, must be 01h) (there's no Index=00h in Lead-Out) 24 Track relative MSF address (increasing, 00:00:00 and up) 8 Reserved (00h) 24 Absolute MSF address |
52 EAN-13 barcode number (13-digit BCD) 12 Reserved (000h) 8 Absolute Sector number (BCD, 00h..74h) (always 00h during Lead-in) |
12 Country Code (two 6bit characters) (ASCII minus 30h) ;eg. "US" 18 Owner Code (three 6bit characters) (ASCII minus 30h) 2 Reserved (zero) 8 Year of recording (2-digit BCD) ;eg. 82h for 1982 20 Serial number (5-digit BCD) ;usually increments by 1 or 10 per track 4 Reserved (zero) 8 Absolute Sector number (BCD, 00h..74h) (always 00h during Lead-in) |
8 Track number (fixed, must be 00h=Lead-in)
8 POINT = B0h (multi-session disc)
24 MM:SS:FF = the start time for the next possible session's program area,
a final session is indicated by FFh:FFh:FFh,
or when the ADR=5 / Point=B0h is absent.
8 Number of different Mode-5 pointers present.
24 MM:SS:FF = the maximum possible start time of the outermost Lead-out
|
8 Track number (fixed, must be 00h=Lead-in) 8 POINT = C0h (Identifies a Multisession disc, together with POINT=B0h) 24 ATIP values from Special Information 1, ID=101 8 Reserved (must be 00h) 24 MM:SS:FF = Start time of the first Lead-in area of the disc |
8 Track number (fixed, must be 00h=Lead-in) 8 POINT=C1h 8x7 Copy of information from A1 point in ATIP |
8 Track number (fixed, must be AAh=Lead-out) 8 POINT = D1h (Identifies a Multisession lead-out) 24 Usually zero (or maybe ATIP as in Lead-In with Point=C0h...?) 8 Seems to be the session number? 24 MM:SS:FF = Absolute address of the First data sector of the session |
8 Track number (fixed, must be 00h=Lead-in) 8 POINT=01h..40h (This identifies a specific playback skip interval) 24 MM:SS:FF Skip interval stop time in 6 BCD digits 8 Reserved (must be 00h) 24 MM:SS:FF Skip interval start time in 6 BCD digits |
8 Track number (fixed, must be 00h=Lead-in) 8 POINT=B1h (Audio only: This identifies the presence of skip intervals) 8x4 Reserved (must be 00h,00h,00h,00h) 8 the number of skip interval pointers in POINT=01h..40h 8 the number of skip track assignments in POINT=B2h..B4h 8 Reserved (must be 00h) |
8 Track number (fixed, must be 00h=Lead-in) 8 POINT=B2h,B3h,B4h (This identifies tracks that should be skipped) 8 1st Track number to skip upon playback (01h..99h, must be nonzero) 8 2nd Track number to skip upon playback (01h..99h, or 00h=None) 8 3rd Track number to skip upon playback (01h..99h, or 00h=None) 8 Reserved (must be 00h)... unclear... OR... 4th (of 7) skip info's...? 8 4th Track number to skip upon playback (01h..99h, or 00h=None) 8 5th Track number to skip upon playback (01h..99h, or 00h=None) 8 6th Track number to skip upon playback (01h..99h, or 00h=None) |
CD-TEXT in the Lead-In area (see below) CD-TEXT in the Data area (rarely used) CD plus Graphics (CD+G) (rarely used) |
00h 1 Header Field ID1: Pack Type Indicator 01h 1 Header Field ID2: Track Number 02h 1 Header Field ID3: Sequence Number 03h 1 Header Field ID4: Block Number and Character Position Indicator 04h 12 Text/Data Field 10h 2 CRC-16-CCITT (big-endian) (across bytes 00h..0Fh) |
80h Titel (TEXT) 81h Performer (TEXT) 82h Songwriter (TEXT) 83h Composer (TEXT) 84h Arranger (TEXT) 85h Message (TEXT) 86h Disc ID (TEXT?) (content/format/purpose unknown?) 87h Genre (BINARY) (ID codes unknown?) 88h TOC (BINARY) (content/format/purpose unknown?) 89h TOC2 (BINARY) (content/format/purpose unknown?) 8Ah Reserved for future 8Bh Reserved for future 8Ch Reserved for future 8Dh Reserved for "content provider" aka "closed information" 8Eh UPC/EAN and ISRC Codes (TEXT) (content/format/purpose unknown?) 8Fh Blocksize (BINARY) (see below) |
00h Title/Performer/etc. for the Disc 01h..63h Title/Performer/etc. for Track 1..99 (Non-BCD) (Bit7=Extension) |
00h..FFh Incrementing Number (00h=First 18-byte fragment, 01h=Second, etc.) |
Bit7 Character Set (0=8bit, 1=16bit) Bit6-4 Block Number (0..7 = Language number, as set by "Blocksize") Bit3-0 Character Position (0..0Eh=Position, 0Fh=Append to prev fragment) |
ID TR SQ CH <------------Text/Data------------> -CRC- <---Text---> 80 00 00 00 54 65 73 74 44 69 73 6B 54 69 74 6C E2 22 TestDiskTitl 80 00 01 0C 65 00 54 65 73 74 54 72 61 63 6B 54 C9 1B e.TestTrackT 80 01 02 0A 69 74 6C 65 31 00 54 65 73 74 54 72 40 3A itle1.TestTr 80 02 03 06 61 63 6B 54 69 74 6C 65 32 00 00 00 80 E3 ackTitle2... 81 00 04 00 54 65 73 74 44 69 73 6B 50 65 72 66 03 DF TestDiskPerf 81 00 05 0C 6F 72 6D 65 72 00 54 65 73 74 54 72 12 A5 ormer.TestTr 81 01 06 06 61 63 6B 50 65 72 66 6F 72 6D 65 72 BC 5B ackPerformer 81 01 07 0F 31 00 54 65 73 74 54 72 61 63 6B 50 AC 41 1.TestTrackP 81 02 08 0A 65 72 66 6F 72 6D 65 72 32 00 00 00 64 1A erformer2... 8F 00 09 00 01 01 02 00 04 05 00 00 00 00 00 00 6D E2 ............ 8F 01 0A 00 00 00 00 00 00 00 00 03 0B 00 00 00 CD 0C ............ 8F 02 0B 00 00 00 00 00 09 00 00 00 00 00 00 00 FC 8C ............ 00 ;<--- for some reason, CDRWIN stores an ending 00h byte in .CDT files |
00h 1 Character set (00h,01h,80h,81h,82h = see below) 01h 1 First track number (usually/always 01h) 02h 1 Last track number (01h..63h) 03h 1 1bit-cd-text-in-data-area-flag, 7bit-copy-protection-flags 04h 16 Number of 18-byte packs for ID1=80h..8Fh 14h 8 Last sequence number of block 0..7 (or 00h=none) 1Ch 8 Language codes for block 0..7 (definitions are unknown) |
00h ISO 8859-1 01h ISO 646, ASCII 80h MS-JIS 81h Korean character code 82h Mandarin (standard) Chinese character code Other = reserved |
lsb=00h, msb=00h ;-initial value (zero for both CD-TEXT and Sub-Q)
for i=0 to len-1 ;-len (10h for CD-TEXT, 0Ah for Sub-Q)
x = [addr+i] xor msb
x = x xor (x shr 4)
msb = lsb xor (x shr 3) xor (x shl 4)
lsb = x xor (x shl 5)
next i
[addr+len+0]=msb xor FFh, [addr+len+1]=lsb xor FFh ;inverted / big-endian
|
| CDROM Sector Encoding |
000h 930h Audio Data (2352 bytes) (LeftLsb,LeftMsb,RightLsb,RightMsb) |
000h 0Ch Sync 00Ch 4 Header (Minute,Second,Sector,Mode=00h) 010h 920h Zerofilled |
000h 0Ch Sync 00Ch 4 Header (Minute,Second,Sector,Mode=01h) 010h 800h Data (2048 bytes) 810h 4 EDC (checksum accross [000h..80Fh]) 814h 8 Zerofilled 81Ch 114h ECC (error correction codes) |
000h 0Ch Sync 00Ch 4 Header (Minute,Second,Sector,Mode=02h) 010h 4 Sub-Header (File, Channel, Submode AND DFh, Codinginfo) 014h 4 Copy of Sub-Header 018h 800h Data (2048 bytes) 818h 4 EDC (checksum accross [010h..817h]) 81Ch 114h ECC (error correction codes) |
000h 0Ch Sync 00Ch 4 Header (Minute,Second,Sector,Mode=02h) 010h 4 Sub-Header (File, Channel, Submode OR 20h, Codinginfo) 014h 4 Copy of Sub-Header 018h 914h Data (2324 bytes) 92Ch 4 EDC (checksum accross [010h..92Bh]) (or 00000000h if no EDC) |
sector[000h]=00h,FFh,FFh,FFh,FFh,FFh,FFh,FFh,FFh,FFh,FFh,00h
sector[00ch]=bcd(adr/75/60) ;0..7x
sector[00dh]=bcd(adr/75 MOD 60) ;0..59
sector[00eh]=bcd(adr MOD 75) ;0..74
sector[00fh]=mode
if mode=00h then
sector[010h..92Fh]=zerofilled
if mode=01h then
adjust_edc(sector+0, 800h+10h)
sector[814h..817h]=00h,00h,00h,00h,00h,00h,00h,00h
calc_p_parity(sector)
calc_q_parity(sector)
if mode=02h and form=1
sector[012h]=sector[012h] AND (NOT 20h) ;indicate not form2
sector[014h..017h]=sector[010h..013h] ;copy of sub-header
adjust_edc(sector+10h,800h+8)
push sector[00ch] ;\temporarily clear header
sector[00ch]=00000000h ;/
calc_p_parity(sector)
calc_q_parity(sector)
pop sector[00ch] ;-restore header
if mode=02h and form=2
sector[012h]=sector[012h] OR 20h ;indicate form2
sector[014h..017h]=sector[010h..013h] ;copy of sub-header
adjust_edc(sector+10h,914h+8) ;edc is optional for form2
|
src=00ch, dst=81ch+offs, srcmax=dst
for i=0 to len-1
base=src, x=0000h, y=0000h
for j=j0 to 42
x=x xor GF8_PRODUCT[j,sector[src+0]]
y=y xor GF8_PRODUCT[j,sector[src+1]]
src=src+step1, if (step1=2*44) and (src>=srcmax) then src=src-2*1118
sector[dst+2*len+0]=x AND 0FFh, [dst+0]=x SHR 8
sector[dst+2*len+1]=y AND 0FFh, [dst+1]=y SHR 8
dst=dst+2, src=base+step2
|
x=00000000h
for i=0 to len-1
x=x xor byte[addr+i], x=(x shr 8) xor edc_table[x and FFh]
word[addr+len]=x ;append EDC value (little endian)
|
for i=0 to FFh
x=i, for j=0 to 7, x=x shr 1, if carry then x=x xor D8018001h
edc_table[i]=x
GF8_LOG[00h]=00h, GF8_ILOG[FFh]=00h, x=01h
for i=00h to FEh
GF8_LOG[x]=i, GF8_ILOG[i]=x
x=x SHL 1, if carry8bit then x=x xor 1dh
for j=0 to 42
xx=GF8_ILOG[44-j], yy=subfunc(xx xor 1,19h)
xx=subfunc(xx,01h), xx=subfunc(xx xor 1,18h)
xx=GF8_LOG[xx], yy = GF8_LOG[yy]
GF8_PRODUCT[j,0]=0000h
for i=01h to FFh
x=xx+GF8_LOG[i], if x>=255 then x=x-255
y=yy+GF8_LOG[i], if y>=255 then y=y-255
GF8_PRODUCT[j,i]=GF8_ILOG[x]+(GF8_ILOG[y] shl 8)
|
if a>0 then
a=GF8_LOG[a]-b, if a<0 then a=a+255
a=GF8_ILOG[a]
return(a)
|
| CDROM XA Subheader, File, Channel, Interleave |
0-7 File Number (00h..FFh) (for Audio/Video Interleave, see below) |
0-4 Channel Number (00h..1Fh) (for Audio/Video Interleave, see below) 5-7 Should be always zero |
0 End of Record (EOR) (all Volume Descriptors, and all sectors with EOF) 1 Video ;\Sector Type (usually ONE of these bits should be set) 2 Audio ; Note: PSX .STR files are declared as Data (not as Video) 3 Data ;/ 4 Trigger (for application use) 5 Form2 (0=Form1/800h-byte data, 1=Form2, 914h-byte data) 6 Real Time (RT) 7 End of File (EOF) (or end of Directory/PathTable/VolumeTerminator) |
0-7 Reserved (00h) |
0-1 Mono/Stereo (0=Mono, 1=Stereo, 2-3=Reserved) 2-2 Sample Rate (0=37800Hz, 1=18900Hz, 2-3=Reserved) 4-5 Bits per Sample (0=Normal/4bit, 1=8bit, 2-3=Reserved) 6 Emphasis (0=Normal/Off, 1=Emphasis) 7 Reserved (0) |
Interleave Data Format 1/1 (none) 44100Hz Stereo CD Audio at normal speed 1/8 37800Hz Stereo ADPCM compressed Audio at double speed 1/16 18900Hz Stereo ADPCM compressed Audio at double speed 1/16 37800Hz Mono ADPCM compressed Audio at double speed 1/32 18900Hz Mono ADPCM compressed Audio at double speed 7/8 15fps 320x224 pixel MDEC compressed Videos at double speed Unknown if 1/16 and 1/32 interleaves are actually possible (the PSX cdrom controller seems to overwrite the IC303 sector buffer entries once every eight sectors, so ADPCM data may get destroyed on interleaves above 1/8). (Crash Team Racing uses 37800Hz Mono at Double speed, so 1/16 must work). |
one file with eight 1/8 audio channels one file with one 1/8 audio channels, plus one 7/8 video channel (*) one file with one 1/8 audio channels, plus 7 unused channels eight different files with one 1/8 audio channel each etc. |
| CDROM XA Audio ADPCM Compression |
00h..03h Copy of below 4 bytes (at 04h..07h) 04h Header for 1st Block/Mono, or 1st Block/Left 05h Header for 2nd Block/Mono, or 1st Block/Right 06h Header for 3rd Block/Mono, or 2nd Block/Left 07h Header for 4th Block/Mono, or 2nd Block/Right 08h Header for 5th Block/Mono, or 3rd Block/Left ;\unknown/unused 09h Header for 6th Block/Mono, or 3rd Block/Right ; for 8bit ADPCM 0Ah Header for 7th Block/Mono, or 4th Block/Left ; (maybe 0, or maybe 0Bh Header for 8th Block/Mono, or 4th Block/Right ;/copy of above) 0Ch..0Fh Copy of above 4 bytes (at 08h..0Bh) |
10h..13h 1st Data Word (packed 1st samples for 2-8 blocks) 14h..17h 2nd Data Word (packed 2nd samples for 2-8 blocks) 18h..1Bh 3rd Data Word (packed 3rd samples for 2-8 blocks) ... Nth Data Word (packed Nth samples for 2-8 blocks) 7Ch..7Fh 28th Data Word (packed 28th samples for 2-8 blocks) |
0-3 Shift (0..12) (0=Loudest) (13..15=Reserved/Same as 9) 4-5 Filter (0..3) (only four filters, unlike SPU-ADPCM which has five) 6-7 Unused (should be 0) |
0-3 Nibble for 1st Block/Mono, or 1st Block/Left (-8h..+7h) 4-7 Nibble for 2nd Block/Mono, or 1st Block/Right (-8h..+7h) 8-11 Nibble for 3rd Block/Mono, or 2nd Block/Left (-8h..+7h) 12-15 Nibble for 4th Block/Mono, or 2nd Block/Right (-8h..+7h) 16-19 Nibble for 5th Block/Mono, or 3rd Block/Left (-8h..+7h) 20-23 Nibble for 6th Block/Mono, or 3rd Block/Right (-8h..+7h) 24-27 Nibble for 7th Block/Mono, or 4th Block/Left (-8h..+7h) 28-31 Nibble for 8th Block/Mono, or 4th Block/Right (-8h..+7h) |
0-7 Byte for 1st Block/Mono, or 1st Block/Left (-80h..+7Fh) 8-15 Byte for 2nd Block/Mono, or 1st Block/Right (-80h..+7Fh) 16-23 Byte for 3rd Block/Mono, or 2nd Block/Left (-80h..+7Fh) 24-31 Byte for 4th Block/Mono, or 2nd Block/Right (-80h..+7Fh) |
src=src+12+4+8 ;skip sync,header,subheader
for i=0 to 11h
for blk=0 to 3
IF stereo ;left-samples (LO-nibbles), plus right-samples (HI-nibbles)
decode_28_nibbles(src,blk,0,dst_left,old_left,older_left)
decode_28_nibbles(src,blk,1,dst_right,old_right,older_right)
ELSE ;first 28 samples (LO-nibbles), plus next 28 samples (HI-nibbles)
decode_28_nibbles(src,blk,0,dst_mono,old_mono,older_mono)
decode_28_nibbles(src,blk,1,dst_mono,old_mono,older_mono)
ENDIF
next blk
src=src+128
next i
src=src+14h+4 ;skip padding,edc
|
shift = 12 - (src[4+blk*2+nibble] AND 0Fh)
filter = (src[4+blk*2+nibble] AND 30h) SHR 4
f0 = pos_xa_adpcm_table[filter]
f1 = neg_xa_adpcm_table[filter]
for j=0 to 27
t = signed4bit((src[16+blk+j*4] SHR (nibble*4)) AND 0Fh)
s = (t SHL shift) + ((old*f0 + older*f1+32)/64);
s = MinMax(s,-8000h,+7FFFh)
halfword[dst]=s, dst=dst+2, older=old, old=s
next j
|
pos_xa_adpcm_table[0..4] = (0, +60, +115, +98, +122) neg_xa_adpcm_table[0..4] = (0, 0, -52, -55, -60) |
. .
.--------------. | | | |
| | .'.'.'----'.'.'.
| | | | | |
| | | |
| Decompressed | | Final |
| XA-ADPCM | | XA-ADPCM |
| Waveform | | Output |
| | | | | |
| | ---.'.'.' '.'.'.---
--------' '-------- | | | |
' '
|
Output37800Hz(sample):
ringbuf[p AND 1Fh]=sample, p=p+1, sixstep=sixstep-1
if sixstep=0
sixstep=6
Ouput44100Hz(ZigZagInterpolate(p,Table1))
Ouput44100Hz(ZigZagInterpolate(p,Table2))
Ouput44100Hz(ZigZagInterpolate(p,Table3))
Ouput44100Hz(ZigZagInterpolate(p,Table4))
Ouput44100Hz(ZigZagInterpolate(p,Table5))
Ouput44100Hz(ZigZagInterpolate(p,Table6))
Ouput44100Hz(ZigZagInterpolate(p,Table7))
endif
ZigZagInterpolate(p,TableX):
sum=0
for i=1 to 29, sum=sum+(ringbuf[(p-i) AND 1Fh]*TableX[i])/8000h, next i
return MinMax(sum,-8000h,+7FFFh)
Table1, Table2, Table3, Table4, Table5, Table6, Table7 ;Index
0 , 0 , 0 , 0 , -0001h, +0002h, -0005h ;1
0 , 0 , 0 , -0001h, +0003h, -0008h, +0011h ;2
0 , 0 , -0001h, +0003h, -0008h, +0010h, -0023h ;3
0 , -0002h, +0003h, -0008h, +0011h, -0023h, +0046h ;4
0 , 0 , -0002h, +0006h, -0010h, +002Bh, -0017h ;5
-0002h, +0003h, -0005h, +0005h, +000Ah, +001Ah, -0044h ;6
+000Ah, -0013h, +001Fh, -001Bh, +006Bh, -00EBh, +015Bh ;7
-0022h, +003Ch, -004Ah, +00A6h, -016Dh, +027Bh, -0347h ;8
+0041h, -004Bh, +00B3h, -01A8h, +0350h, -0548h, +080Eh ;9
-0054h, +00A2h, -0192h, +0372h, -0623h, +0AFAh, -1249h ;10
+0034h, -00E3h, +02B1h, -05BFh, +0BCDh, -16FAh, +3C07h ;11
+0009h, +0132h, -039Eh, +09B8h, -1780h, +53E0h, +53E0h ;12
-010Ah, -0043h, +04F8h, -11B4h, +6794h, +3C07h, -16FAh ;13
+0400h, -0267h, -05A6h, +74BBh, +234Ch, -1249h, +0AFAh ;14
-0A78h, +0C9Dh, +7939h, +0C9Dh, -0A78h, +080Eh, -0548h ;15
+234Ch, +74BBh, -05A6h, -0267h, +0400h, -0347h, +027Bh ;16
+6794h, -11B4h, +04F8h, -0043h, -010Ah, +015Bh, -00EBh ;17
-1780h, +09B8h, -039Eh, +0132h, +0009h, -0044h, +001Ah ;18
+0BCDh, -05BFh, +02B1h, -00E3h, +0034h, -0017h, +002Bh ;19
-0623h, +0372h, -0192h, +00A2h, -0054h, +0046h, -0023h ;20
+0350h, -01A8h, +00B3h, -004Bh, +0041h, -0023h, +0010h ;21
-016Dh, +00A6h, -004Ah, +003Ch, -0022h, +0011h, -0008h ;22
+006Bh, -001Bh, +001Fh, -0013h, +000Ah, -0005h, +0002h ;23
+000Ah, +0005h, -0005h, +0003h, -0001h, 0 , 0 ;24
-0010h, +0006h, -0002h, 0 , 0 , 0 , 0 ;25
+0011h, -0008h, +0003h, -0002h, +0001h, 0 , 0 ;26
-0008h, +0003h, -0001h, 0 , 0 , 0 , 0 ;27
+0003h, -0001h, 0 , 0 , 0 , 0 , 0 ;28
-0001h, 0 , 0 , 0 , 0 , 0 , 0 ;29
|
.------------. ....-----.
| | .'' |
| Raw | .' XA |
| ADPCM | | Emphasis '.
| Waveform | | Output '..
--------' '---------- --------' ''''---
|
00h 4 "RIFF" 04h 4 Total Filesize (minus 8) 08h 8 "CDXAfmt " 10h 4 Size of below stuff (10h) 14h 14 Stuff (looks like the "LEN_SU" region from XA-Directory Record) 22h 2 Zero (probably just dummy padding for 32bit alignment) 24h 4 "data" 28h 4 Size of following data (usually N*930h) |
| CDROM ISO Volume Descriptors |
Sector 0..3 - Zerofilled (Mode2/Form1, 4x800h bytes, plus ECC/EDC) Sector 4 - Licence String Sector 5..11 - Playstation Logo (3278h bytes) (remaining bytes FFh-filled) Sector 12..15 - Zerofilled (Mode2/Form2, 4x914h bytes, plus EDC) |
000h 32 Line 1 (" Licensed by ")
020h 32+6 Line 2 (EU) ("Sony Computer Entertainment Euro"," pe ") ;\either
020h 32+1 Line 2 (JP) ("Sony Computer Entertainment Inc.",0Ah) ; one of
020h 32+6 Line 2 (US) ("Sony Computer Entertainment Amer"," ica ") ;/these
041h 1983 Empty (JP) (filled by repeating pattern 62x30h,1x0Ah, 1x30h)
046h 1978 Empty (EU/US) (filled by 00h-bytes)
|
0000h .. 41h,00h,00h,00h,00h,00h,00h,00h,01h,00h,00h,00h,1Ch,23h,00h,00h 0010h .. 51h,01h,00h,00h,A4h,2Dh,00h,00h,99h,00h,00h,00h,1Ch,00h,00h,00h 0020h .. ... 3278h 588h FF-filled (remaining bytes on sector 11) |
Sector 16 - Primary Volume Descriptor Sector 17 - Volume Descriptor Set Terminator |
000h 1 Volume Descriptor Type (01h=Primary Volume Descriptor)
001h 5 Standard Identifier ("CD001")
006h 1 Volume Descriptor Version (01h=Standard)
007h 1 Reserved (00h)
008h 32 System Identifier (a-characters) ("PLAYSTATION")
028h 32 Volume Identifier (d-characters) (max 8 chars for PSX?)
048h 8 Reserved (00h)
050h 8 Volume Space Size (2x32bit, number of logical blocks)
058h 32 Reserved (00h)
078h 4 Volume Set Size (2x16bit) (usually 0001h)
07Ch 4 Volume Sequence Number (2x16bit) (usually 0001h)
080h 4 Logical Block Size in Bytes (2x16bit) (usually 0800h) (1 sector)
084h 8 Path Table Size in Bytes (2x32bit) (max 800h for PSX)
08Ch 4 Path Table 1 Block Number (32bit little-endian)
090h 4 Path Table 2 Block Number (32bit little-endian) (or 0=None)
094h 4 Path Table 3 Block Number (32bit big-endian)
098h 4 Path Table 4 Block Number (32bit big-endian) (or 0=None)
09Ch 34 Root Directory Record (see next chapter)
0BEh 128 Volume Set Identifier (d-characters) (usually empty)
13Eh 128 Publisher Identifier (a-characters) (company name)
1BEh 128 Data Preparer Identifier (a-characters) (empty or other)
23Eh 128 Application Identifier (a-characters) ("PLAYSTATION")
2BEh 37 Copyright Filename ("FILENAME.EXT;VER") (empty or text)
2E3h 37 Abstract Filename ("FILENAME.EXT;VER") (empty)
308h 37 Bibliographic Filename ("FILENAME.EXT;VER") (empty)
32Dh 17 Volume Creation Timestamp ("YYYYMMDDHHMMSSFF",timezone)
33Eh 17 Volume Modification Timestamp ("0000000000000000",00h)
34Fh 17 Volume Expiration Timestamp ("0000000000000000",00h)
360h 17 Volume Effective Timestamp ("0000000000000000",00h)
371h 1 File Structure Version (01h=Standard)
372h 1 Reserved for future (00h-filled)
373h 141 Application Use Area (00h-filled for PSX and VCD)
400h 8 CD-XA Identifying Signature ("CD-XA001" for PSX and VCD)
408h 2 CD-XA Flags (unknown purpose) (00h-filled for PSX and VCD)
40Ah 8 CD-XA Startup Directory (00h-filled for PSX and VCD)
412h 8 CD-XA Reserved (00h-filled for PSX and VCD)
41Ah 345 Application Use Area (00h-filled for PSX and VCD)
573h 653 Reserved for future (00h-filled)
|
000h 1 Volume Descriptor Type (FFh=Terminator)
001h 5 Standard Identifier ("CD001")
006h 1 Terminator Version (01h=Standard)
007h 2041 Reserved (00h-filled)
|
000h 1 Volume Descriptor Type (00h=Boot Record)
001h 5 Standard Identifier ("CD001")
006h 1 Boot Record Version (01h=Standard)
007h 32 Boot System Identifier (a-characters)
027h 32 Boot Identifier (a-characters)
047h 1977 Boot System Use (not specified content)
|
000h 1 Volume Descriptor Type (02h=Supplementary Volume Descriptor) 001h .. Same as for Primary Volume Descriptor (see there) 007h 1 Volume Flags (8bit) 008h .. Same as for Primary Volume Descriptor (see there) 058h 32 Escape Sequences (32 bytes) 078h .. Same as for Primary Volume Descriptor (see there) |
000h 1 Volume Descriptor Type (03h=Volume Partition Descriptor)
001h 5 Standard Identifier ("CD001")
006h 1 Volume Partition Version (01h=Standard)
007h 1 Reserved (00h)
008h 32 System Identifier (a-characters) (32 bytes)
028h 32 Volume Partition Identifier (d-characters) (32 bytes)
048h 8 Volume Partition Location (2x32bit) Logical Block Number
050h 8 Volume Partition Size (2x32bit) Number of Logical Blocks
058h 1960 System Use (not specified content)
|
000h 1 Volume Descriptor Type (04h..FEh=Reserved, don't use) 001h 2047 Reserved (don't use) |
| CDROM ISO File and Directory Descriptors |
00h 1 Length of Directory Record (LEN_DR) (33+LEN_FI+pad+LEN_SU)
01h 1 Extended Attribute Record Length (usually 00h)
02h 8 Data Logical Block Number (2x32bit)
0Ah 8 Data Size in Bytes (2x32bit)
12h 7 Recording Timestamp (yy-1900,mm,dd,hh,mm,ss,timezone)
19h 1 File Flags 8 bits (usually 00h=File, or 02h=Directory)
1Ah 1 File Unit Size (usually 00h)
1Bh 1 Interleave Gap Size (usually 00h)
1Ch 4 Volume Sequence Number (2x16bit, usually 0001h)
20h 1 Length of Name (LEN_FI)
21h LEN_FI File/Directory Name ("FILENAME.EXT;1" or "DIR_NAME" or 00h or 01h)
xxh 0..1 Padding Field (00h) (only if LEN_FI is even)
xxh LEN_SU System Use (LEN_SU bytes) (see below for CD-XA disks)
|
00h 2 Owner ID Group (whatever, usually 0000h, big endian)
02h 2 Owner ID User (whatever, usually 0000h, big endian)
04h 2 File Attributes (big endian):
0 Owner Read (usually 1)
1 Reserved (0)
2 Owner Execute (usually 1)
3 Reserved (0)
4 Group Read (usually 1)
5 Reserved (0)
6 Group Execute (usually 1)
7 Reserved (0)
8 World Read (usually 1)
9 Reserved (0)
10 World Execute (usually 1)
11 IS_MODE2 (0=MODE1 or CD-DA, 1=MODE2)
12 IS_MODE2_FORM2 (0=FORM1, 1=FORM2)
13 IS_INTERLEAVED (0=No, 1=Yes...?) (by file and/or channel?)
14 IS_CDDA (0=Data or ADPCM, 1=CD-DA Audio Track)
15 IS_DIRECTORY (0=File or CD-DA, 1=Directory Record)
Commonly used Attributes are:
0D55h=Normal Binary File (with 800h-byte sectors)
2555h=Unknown (wipeout .AV files) (MODE1 ??)
4555h=CD-DA Audio Track (wipeout .SWP files, alone .WAV file)
3D55h=Streaming File (ADPCM and/or MDEC or so)
8D55h=Directory Record (parent-, current-, or sub-directory)
06h 2 Signature ("XA")
08h 1 File Number (Must match Subheader's File Number)
09h 5 Reserved (00h-filled)
|
00h 1 Length of Directory Name (LEN_DI) (01h..08h for PSX) 01h 1 Extended Attribute Record Length (usually 00h) 02h 4 Directory Logical Block Number 06h 2 Parent Directory Number (0001h and up) 08h LEN_DI Directory Name (d-characters, d1-characters) (or 00h for Root) xxh 0..1 Padding Field (00h) (only if LEN_FI is odd) |
00h 4 Owner Identification (numerical value) ;\used only if
04h 4 Group Identification (numerical value) ; File Flags Bit4=1
08h 2 Permission Flags (16bit, little-endian) ;/
0Ah 17 File Creation Timestamp ("YYYYMMDDHHMMSSFF",timezone)
1Bh 17 File Modification Timestamp ("0000000000000000",00h)
2Ch 17 File Expiration Timestamp ("0000000000000000",00h)
3Dh 17 File Effective Timestamp ("0000000000000000",00h)
4Eh 1 Record Format (numerical value)
4Fh 1 Record Attributes (numerical value)
50h 4 Record Length (numerical value)
54h 32 System Identifier (a-characters, a1-characters)
74h 64 System Use (not specified content)
B4h 1 Extended Attribute Record Version (numerical value)
B5h 1 Length of Escape Sequences (LEN_ESC)
B6h 64 Reserved for future standardization (00h-filled)
F6h 4 Length of Application Use (LEN_AU)
FAh LEN_AU Application Use
xxh LEN_ESC Escape Sequences
|
| CDROM ISO Misc |
2x16bit value 1234h ---> stored as 34h,12h,12h,34h 2x32bit value 12345678h ---> stored as 78h,56h,34h,12h,12h,34h,56h,78h |
"0..9", "A..Z", and "_" |
"0..9", "A..Z", SPACE, "!"%&'()*+,-./:;<=>?_" |
"YYYYMMDDHHMMSSFF",timezone "0000000000000000",00h ;empty timestamp |
year-1900,month,day,hour,minute,second,timezone 00h,00h,00h,00h,00h,00h,00h ;empty timestamp |
0 Existence (0=Normal, 1=Hidden)
1 Directory (0=File, 1=Directory)
2 Associated File (0=Not an Associated File, 1=Associated File)
3 Record
If set to ZERO, shall mean that the structure of the information in
the file is not specified by the Record Format field of any associated
Extended Attribute Record (see 9.5.8).
If set to ONE, shall mean that the structure of the information in
the file has a record format specified by a number other than zero in
the Record Format Field of the Extended Attribute Record (see 9.5.8).
4 Restrictions (0=None, 1=Restricted via Permission Flags)
5 Reserved (0)
6 Reserved (0)
7 Multi-Extent (0=Final Directory Record for the file, 1=Not final)
|
0-3 Permissions for upper-class owners 4-7 Permissions for normal owners 8-11 Permissions for upper-class users 12-15 Permissions for normal users |
Bit0 Permission to read the file (0=Yes, 1=No) Bit1 Must be set (1) Bit2 Permission to execute the file (0=Yes, 1=No) Bit3 Must be set (1) |
| CDROM File Formats |
BOOT = cdrom:\abcd_123.45;1 arg ;boot exe (drive:\path\name.ext;version) TCB = 4 ;HEX (=4 decimal) ;max number of threads EVENT = 10 ;HEX (=16 decimal) ;max number of events STACK = 801FFF00 ;HEX (=memtop-256) |
000h-007h ASCII ID "PS-X EXE"
008h-00Fh Zerofilled
010h Initial PC (usually 80010000h, or higher)
014h Initial GP/R28 (usually 0)
018h Destination Address in RAM (usually 80010000h, or higher)
01Ch Filesize (must be N*800h) (excluding 800h-byte header)
020h Unknown/Unused (usually 0)
024h Unknown/Unused (usually 0)
028h Memfill Start Address (usually 0) (when below Size=None)
02Ch Memfill Size in bytes (usually 0) (0=None)
030h Initial SP/R29 & FP/R30 Base (usually 801FFFF0h) (or 0=None)
034h Initial SP/R29 & FP/R30 Offs (usually 0, added to above Base)
038h-04Bh Reserved for A(43h) Function (should be zerofilled in exefile)
04Ch-xxxh ASCII marker
"Sony Computer Entertainment Inc. for Japan area"
"Sony Computer Entertainment Inc. for Europe area"
"Sony Computer Entertainment Inc. for North America area"
(or often zerofilled in some homebrew files)
(the BIOS doesn't verify this string, and boots fine without it)
xxxh-7FFh Zerofilled
800h... Code/Data (loaded to entry[018h] and up)
|
| CDROM Protection - SCEx Strings |
| CDROM Protection - Bypassing it |
| CDROM Protection - Modchips |
entrypoint: ;at power_up
gate=input/highz
data=input/highz
wait 50 ms
data=output/low
wait 850 ms
gate=output/low
wait 314 ms
loop:
wait 72 ms ;pause (eighteen "1=low" bits)
sendbyte("S") ;1st letter
sendbyte("C") ;2nd letter
sendbyte("E") ;3rd letter
sendbyte(...) ;4th letter (A, E, or I, depending on region)
goto loop
sendbyte(char):
sendbit(0) ;one start bit (0=highz)
for i=0 to 7
sendbit(char AND 1) ;output data (LSB first)
char=char/2
next i
sendbit(1) ;1st stop bit (1=low)
sendbit(1) ;2nd stop bit (1=low)
return
sendbit(bit):
if bit=1 then data=output/low elseif bit=0 then data=input/highz
wait 4 ms ;4ms per bit = 250 bits per second
return
|
Board data gate PU-xx unknown? unknown? ;older PSX boards |
Board data sync PU-23, PM-41 CXD2938Q.Pin42 CXD2938Q.Pin5 ;newer PSX and older PSone PM-41(2) CXD2941R.Pin36 CXD2941R.Pin76 ;newer PSone boards |
1. Com 19h,20h ;Retrieve CDROM Controller timestamp 2. Com 01h ;CdlNop: Get CD status 3. Com 07h ;CdlMotorOn: Make CD-ROM drive ready (blah?) 4. Com 02h,1,1,1 ;CdlSetloc(01:01:01) (sector that does NOT have SCEx data) 5. Com 0Eh,1 ;CdlSetmode: Turn on CD-DA read mode 6. Short Delay 7. Com 16h ;CdlSeekP: Seek to Setloc's parameters (4426) 8. Com 0Bh ;CdlMute: Turn off sound so CdlPlay is inaudible 9. Com 03h ;CdlPlay: Start playing CD-DA. 10. Com 19h,04h ;ResetSCExInfo (reset GetSCExInfo response to 0,0) 11. Long Delay ;wait until the modchip (if any) has output SCEx data 12. Com 19h,05h ;GetSCExInfo (returns total,success counters) 13. Com 09h ;CdlPause: Stop command 19h. |
1 3.5V (supply)
2 IC304.Pin44 (unknown?) (XLAT)
3 BIOS.Pin15 (D2)
4 BIOS.Pin31 (A18)
5 SPU.Pin5 ("sync")
6 SPU.Pin42 ("data")
7 IC304.Pin19 (SHELL_OPEN)
8 GND (supply)
|
SPU.Pin42 "data" -------|>|------ CPU.Pin149 (A20) SPU.Pin5 "sync" ---------------- IC723.Pin17 |
| CDROM Protection - Chipless Modchips |
A20 = the normal SCEX signal (inverted ASCII, eg. "A" = BEh) ;all boards A21 = uninverted SCEX signal (uninverted ASCII, eg. "A" = 41h) ;PU-7..PU-20 A21 = always 1 during SCEX output ;PU-22 and up |
.--------.-. .--------.-.
GATE--------|C NPN | . DATA--------|C NPN | .
A20--[10K]--|B BC | | A21--[10K]--|B BC | |
GND---------|E 547 | ' GND---------|E 547 | '
'--------'-' '--------'-'
|
.-------------------.
A21----|OE1,OE2 |
A20----|IN1 74HC126 OUT1|--- DATA
WFCK---|IN2 OUT2|--- SYNC
'-------------------'
|
GATE---------GND DATA---------A20 |
SYNC--------WFCK DATA---|>|---A20 |
GATE is IC703.Pin2 (?) (8pin chip with marking "082B") ;PU-7? .. PU-16 GATE is IC706.Pin7/10 (16pin "118" (uPC5023GR-118) ;PU-18 .. PU-20 SYNC is IC723.Pin17(TEO)(20pin "SONY CXA2575N") ;PU-22 .. PM-41(2) DATA is IC???.Pin7 (CG) (8pin chip with marking "2903") ;PU-7? .. PU-16 DATA is IC706.Pin1 (CG) (16pin "118" (uPC5023GR-118) ;PU-18 .. PU-20 DATA is HC05.Pin17 (CG) (52pin "SONY SC4309xxPB") ;PU-7 .. EARLY-PU-8 DATA is HC05.Pin32 (CG) (80pin "SONY E35D, 4246xx 185") ;LATE-PU-8 .. PU-20 DATA is SPU.Pin42 (CEI) (208pin "SONY CXD2938Q") ;PU-22 .. PM-41 DATA is SPU.Pin36?(CEI) (176pin "SONY CXD2941R") ;PM-41(2) WFCK is SPU.Pin5 (WFCK) (208pin "SONY CXD2938Q") ;PU-22 .. PM-41 WFCK is SPU.Pin84(WFCK) (176pin "SONY CXD2941R") ;PM-41(2) A20 is CPU.Pin149(A20) (208-pin CPU CXD8530 or CXD8606) ;PU-7 .. PM-41(2) A20 is EXP.Pin28 (A20) (68-pin Expansion Port) ;PU-7 .. PU-22 A21 is CPU.Pin150(A21) (208-pin CPU CXD8530 or CXD8606) ;PU-7 .. PM-41(2) A21 is EXP.Pin62 (A21) (68-pin Expansion Port) ;PU-7 .. PU-22 |
| CDROM Protection - LibCrypt |
1. 2 bits from both MSFs are modified,
CRC-16 is recalculated and XORed with 0x0080.
Games: MediEvil (E).
2. 2 bits from both MSFs are modified,
original CRC-16 is XORed with 0x8001.
Games: CTR: Crash Team Racing (E) (No EDC), CTR: Crash Team Racing (E)
(EDC), Dino Crisis (E), Eagle One: Harrier Attack (E) et al.
3. Either 2 bits or none from both MSFs are modified,
CRC-16 is recalculated and XORed with 0x0080.
Games: Ape Escape (S) et al.
|
No. <------- Minute=03/Normal -------> <------- Minute=09/Backup -------> Bit15 14105 (03:08:05) 14110 (03:08:10) 42045 (09:20:45) 42050 (09:20:50) Bit14 14231 (03:09:56) 14236 (03:09:61) 42166 (09:22:16) 42171 (09:22:21) Bit13 14485 (03:13:10) 14490 (03:13:15) 42432 (09:25:57) 42437 (09:25:62) Bit12 14579 (03:14:29) 14584 (03:14:34) 42580 (09:27:55) 42585 (09:27:60) Bit11 14649 (03:15:24) 14654 (03:15:29) 42671 (09:28:71) 42676 (09:29:01) Bit10 14899 (03:18:49) 14904 (03:18:54) 42813 (09:30:63) 42818 (09:30:68) Bit9 15056 (03:20:56) 15061 (03:20:61) 43012 (09:33:37) 43017 (09:33:42) Bit8 15130 (03:21:55) 15135 (03:21:60) 43177 (09:35:52) 43182 (09:35:57) Bit7 15242 (03:23:17) 15247 (03:23:22) 43289 (09:37:14) 43294 (09:37:19) Bit6 15312 (03:24:12) 15317 (03:24:17) 43354 (09:38:04) 43359 (09:38:09) Bit5 15378 (03:25:03) 15383 (03:25:08) 43408 (09:38:58) 43413 (09:38:63) Bit4 15628 (03:28:28) 15633 (03:28:33) 43634 (09:41:59) 43639 (09:41:64) Bit3 15919 (03:32:19) 15924 (03:32:24) 43963 (09:46:13) 43968 (09:46:18) Bit2 16031 (03:33:56) 16036 (03:33:61) 44054 (09:47:29) 44059 (09:47:34) Bit1 16101 (03:34:51) 16106 (03:34:56) 44159 (09:48:59) 44164 (09:48:64) Bit0 16167 (03:35:42) 16172 (03:35:47) 44312 (09:50:62) 44317 (09:50:67) |
| CDROM Disk Images CCD/IMG/SUB (CloneCD) |
00h..0Bh 12 Subchannel P (Pause-bits, usually all set, or all cleared) 0Ch..17h 12 Subchannel Q (ADR/Control, custom info, CRC-16-CCITT) 18h..5Fh .. Subchannel R..W (usually zero) (can be used for CD-TEXT) |
[CloneCD] ;File ID and version [Disc] ;Overall Disc info [CDText] ;CD-TEXT (included only if present) [Session N] ;Session(s) (numbered 1 and up) [Entry N] ;Lead-in entries (numbered 0..."TocEntries-1") [TRACK N] ;Track info (numbered 1 and up) |
Version=3 ;-version (usually 3) (rarely 2) |
TocEntries=4 ;-number of [Entry N] fields (lead-in info blocks) Sessions=1 ;-number of sessions (usually 1) DataTracksScrambled=0 ;-unknown purpose (usually 0) CDTextLength=0 ;-total size of 18-byte CD-TEXT chunks (usually 0) CATALOG=NNNNNNNNNNNNN ;-13-digit EAN-13 barcode (included only if present) |
Entries=N ;number of following entries (CDTextLength/18) (not /16) Entry 0=80 00 NN NN NN NN NN NN NN NN NN NN NN NN NN NN ;entry 0 Entry 1=80 NN NN NN NN NN NN NN NN NN NN NN NN NN NN NN ;entry 1 ... Entry XX=8f NN NN NN NN NN NN NN NN NN NN NN NN NN NN NN ;entry N-1 Note: Each entry contains 16 bytes (ie. "18-byte CD-TEXT" with CRC excluded) "NN NN NN.." consists of 2-digit lowercase HEX numbers (without leading "0x") |
PreGapMode=2 ;-unknown purpose (usually 1 or 2) PreGapSubC=1 ;-unknown purpose (usually 0 or 1) |
Session=1 ;-session number that this entry belongs to (usually 1) Point=0xa0 ;-point (0..63h=Track, non-BCD!) (A0h..XXh=specials) Q2 ADR=0x01 ;-lower 4bit of ADR/Control (usually 1) Q0.lo Control=0x04 ;-upper 4bit of ADR/Control (eg. 0=audio, 4=data) Q0.hi TrackNo=0 ;-usually/always 0 (as [Entry N]'s are in Lead-in) Q1 AMin=0 ;\current MSF address Q3 ASec=0 ; (dummy zero values) (actual content Q4 AFrame=0 ; would be current lead-in position) Q5 ALBA=-150 ;/ALBA=((AMin*60+ASec)*75+AFrame)-PreGapSize Zero=0 ;-probably reserved byte from Q channel Q6 PMin=1 ;\referenced MSF address (non-BCD!), for certain Q7 PSec=32 ; Point's, PMin may contain a Track number, and PSec Q8 PFrame=0 ; the disc type value (that without non-BCD-glitch) Q9 PLBA=6750 ;/PLBA=((PMin*60+PSec)*75+PFrame)-PreGapSize |
MODE=2 ;-mode (0=Audio, 1=Mode1, 2=Mode2) ISRC=XXXXXNNNNNNN ;-12-letter/digit ISRC code (included only if present) INDEX 0=N ;-1st sector with index 0, missing EVEN if any? INDEX 1=N ;-1st sector with index 1, usually same as track's PLBA INDEX 2=N ;-1st sector with index 2, if any etc. |
| CDROM Disk Images CDI (DiscJuggler) |
Sector Data (sector 00:00:00 and up) ;-body Number of Sessions (1 byte) <--- located at "Filesize-Footersize" Session Block for 1st session (15 bytes) ;\ nnn-byte info for 1st track ; 1st session nnn-byte info for 2nd track (if any) ; etc. ;/ Session Block for 2nd session (15 bytes) ;\ nnn-byte info for 1st track ; 2nd session (if any) nnn-byte info for 2nd track (if any) ; etc. ;/ etc. ;-further sessions (if any) Session Block for no-more-sessions (15 bytes) ;-end marker nnn-byte Disc Info Block ;-general disc info Entrypoint (4 bytes) <--- located at "Filesize-4" |
00h 1 Number of Sessions (usually 1) |
00h 1 Unknown (00h) 01h 1 Number of Tracks in session (01h..63h) (or 00h=No More Sessions) 02h 7 Unknown (00h-filled) 09h 1 Unknown (01h) 0Ah 3 Unknown (00h-filled) 0Dh 2 Unknown (FFh,FFh) |
00h 12 Unknown (FFh,FFh,00h,00h,01h,00h,00h,00h,FFh,FFh,FFh,FFh) 0Ch 3 Unknown (DAh,0Ah,D5h or 64h,05h,2Ah) (random/id/chksum?) 0Fh 1 Total Number of Tracks on Disc (00h..63h) (non-BCD) 10h 1 Length of below Path/Filename (F) 11h (F) Full Path/Filename (eg. "C:\folder\file.cdi") 11h+F 11 Unknown (00h-filled) 1Ch+F 1 Unknown (02h) 1Dh+F 10 Unknown (00h-filled) 27h+F 1 Unknown (80h) 28h+F 4 Unknown (00057E40h) (=360000 decimal) (disc capacity 80 minutes?) 2Ch+F 2 Unknown (00h,00h) 2Eh+F 2 Medium Type (0098h=CD-ROM, 0038h=DVD-ROM) |
00h 30h+F Track/Disc Header (see above)
30h+F 02h Number of Indices (usually 0002h) (I=Num*4)
32h+F (I) 32bit Lengths (per index) (eg. 00000096h,00007044h)
32h+FI 04h Number of CD-Text blocks (usually 0) (T=Num*18+VariableLen's)
36h+FI (T) CD-Text (if any) (see "mirage_parser_cdi_parse_cdtext")
36h+FIT 02h Unknown (00h,00h)
38h+FIT 01h Track Mode (0=Audio, 1=Mode1, 2=Mode2/Mixed)
39h+FIT 07h Unknown (00h,00h,00h,00h,00h,00h,00h)
40h+FIT 04h Session Number (starting at 0) (usually 00h)
44h+FIT 04h Track Number (non-BCD, starting at 0) (00h..62h)
48h+FIT 04h Track Start Address (eg. 00000000h)
4Ch+FIT 04h Track Length (eg. 000070DAh)
50h+FIT 0Ch Unknown (00h-filled)
5Ch+FIT 04h Unknown (00000000h or 00000001h)
60h+FIT 04h read_mode (0..4)
0: Mode1, 800h, 2048
1: Mode2, 920h, 2336
2: Audio, 930h, 2352
3: Raw+PQ, 940h, 2352+16 non-interleaved (P=only 1bit)
4: Raw+PQRSTUVW, 990h, 2352+96 interleaved
64h+FIT 4 Control (Upper 4bit of ADR/Control, eg. 00000004h=Data)
68h+FIT 1 Unknown (00h)
69h+FIT 4 Track Length (eg. 000070DAh) (same as above)
6Dh+FIT 4 Unknown (00h,00h,00h,00h)
71h+FIT 12 ISRC Code 12-letter/digit (ASCII?) string (00h-filled if none)
7Dh+FIT 4 ISRC Valid Flag (0=None, Other?=Yes?)
81h+FIT 1 Unknown (00h)
82h+FIT 8 Unknown (FFh,FFh,FFh,FFh,FFh,FFh,FFh,FFh)
8Ah+FIT 4 Unknown (00000001h)
8Eh+FIT 4 Unknown (00000080h)
92h+FIT 4 Unknown (00000002h) (guess: maybe audio num channels??)
96h+FIT 4 Unknown (00000010h) (guess: maybe audio bits/sample??)
9Ah+FIT 4 Unknown (0000AC44h) (44100 decimal, ie. audio sample rate?)
9Eh+FIT 2Ah Unknown (00h-filled)
C8h+FIT 4 Unknown (FFh,FFh,FFh,FFh)
CCh+FIT 12 Unknown (00h-filled)
D8h+FIT 1 session_type ONLY if last track of a session (else 0)
(0=Audio/CD-DA, 1=Mode1/CD-ROM, 2=Mode2/CD-XA)
D9h+FIT 5 Unknown (00h-filled)
DEh+FIT 1 Not Last Track of Session Flag (0=Last Track, 1=Not Last)
DFh+FIT 1 Unknown (00h)
E0h+FIT 4 address for last track of a session? (otherwise 00,00,FF,FF)
|
00h 30h+F Track/Disc Header (see above) 30h+F 4 Disc Size (total number of sectors) 34h+F 1 Volume ID Length (V) ;\from Primary Volume Descriptor[28h..47h] 35h+F (V) Volume ID String ;/(ISO Data discs) (unknown for Audio) 35h+FV 1 Unknown (00h) 36h+FV 4 Unknown (01h,00h,00h,00h) 3Ah+FV 4 Unknown (01h,00h,00h,00h) 3Eh+FV 13 EAN-13 Code 13-digit (ASCII?) string (00h-filled if none) 4Bh+FV 4 EAN-13 Valid Flag (0=None, Other?=Yes?) 4Fh+FV 4 CD-Text Length in bytes (T=Num*1) 53h+FV (T) CD-Text (for Lead-in) (probably 18-byte units?) 53h+FVT 8 Unknown (00h-filled) 5Bh+FVT 4 Unknown (06h,00h,00h,80h) |
00h 4 Footer Size in bytes |
| CDROM Disk Images CUE/BIN/CDT (Cdrwin) |
FILE "PATH\FILENAME.BIN" BINARY
TRACK 01 MODE2/2352
INDEX 01 00:00:00 ;real address = 00:02:00 (+2 seconds)
TRACK 02 AUDIO
PREGAP 00:02:00 ;two missing seconds (NOT stored in .BIN)
INDEX 01 08:09:29 ;real address = 08:13:29 (+2 seconds +pregap)
TRACK 03 AUDIO
INDEX 00 14:00:29 ;real address = 14:04:29 (+2 seconds +pregap)
INDEX 01 14:02:29 ;real address = 14:06:29 (+2 seconds +pregap)
TRACK 04 AUDIO
INDEX 00 18:30:20 ;real address = 18:34:20 (+2 seconds +pregap)
INDEX 01 18:32:20 ;real address = 18:36:20 (+2 seconds +pregap)
|
(must appear before any other commands, except CATALOG) (uh, may also appear before further tracks) |
AUDIO ;930h ;bytes 000h..92Fh CDG ;? ;? MODE1/2048 ;800h ;bytes 010h..80Fh MODE1/2352 ;930h ;bytes 000h..92Fh MODE2/2336 ;920h ;bytes 010h..92Fh MODE2/2352 ;930h ;bytes 000h..92Fh CDI/2336 ;920h ;? CDI/2352 ;930h ;bytes 000h..92Fh |
(ISRC must be after TRACK, and before INDEX) |
| CDROM Disk Images MDS/MDF (Alcohol 120%) |
Bit7..0 = Subchannel P..W (in that order, eg. Bit6=Subchannel Q) |
1st..8th bit = Bit7..Bit0 of 1st byte (in that order, ie. MSB/Bit7 first)
9st..16th bit = Bit7..Bit0 of 2nd byte ("")
17th.. = etc.
|
Header (58h bytes) Session block(s) (usually one 18h byte entry) Data blocks (N*50h bytes) Index blocks (usually N*8 bytes) Filename blocks(s) (usually one 10h byte entry) Filename string(s) (usually one 6 byte string) |
00h 16 File ID ("MEDIA DESCRIPTOR")
10h 2 Unknown (01h,03h or 01h,04h or 01h,05h) (Fileformat version?)
12h 2 Media Type (0=CD-ROM, 1=CD-R, 2=CD-RW, 10h=DVD-ROM, 12h=DCD-R)
14h 2 Number of sessions (usually 1)
16h 4 Unknown (02h,00h,00h,00h)
1Ah 2 Zero (for DVD: Length of BCA data)
1Ch 8 Zero
24h 4 Zero (for DVD: Offset to BCA data)
28h 18h Zero
40h 4 Zero (for DVD: Offset to Disc Structures) (from begin of .MDS file)
44h 0Ch Zero
50h 4 Offset to First Session-Block (usually 58h) (from begin of .MDS file)
54h 4 Zero (for DVD?: Offset to DPM data blocks) (from begin of .MDS file)
|
00h 4 Session Start Sector (starting at FFFFFF6Ah=-150 in first session) 04h 4 Session End Sector (XXX plus 150 ?) 08h 2 Session number (starting at 1) (non-BCD) 0Ah 1 Number of Data Blocks with any Point value (Total Data Blocks) 0Bh 1 Number of Data Blocks with Point>=A0h (Special Lead-In info) 0Ch 2 First Track Number in Session (01h..63h, non-BCD!) 0Eh 2 Last Track Number in Session (01h..63h, non-BCD!) 10h 4 Zero 14h 4 Offset to First Data-Block (usually 70h) (from begin of .MDS file) |
00h 1 Track mode (see below for details)
01h 1 Number of subchannels in .MDF file (0=None, 8=Sector has +60h bytes)
02h 1 ADR/Control (but with upper/lower 4bit swapped, ie. MSBs=ADR!) Q0
03h 1 TrackNo (usually/always 00h; as this info is in Lead-in area) Q1
04h 1 Point (Track 01h..63h, non-BCD!) (or A0h and up=Lead-in info) Q2
05h 4 Zero (probably dummy MSF and reserved byte from Q channel) Q3..Q6?
09h 1 Minute (Non-BCD!) (if track >= 0xA0 -> info about track ###) Q7
(if track = 0xA2 -> min. @ lead-out)
0Ah 1 Second (Non-BCD!) (if track = 0xA2 -> sec. @ lead-out) Q8
0Bh 1 Frame (Non-BCD!) (if track = 0xA2 -> frame @ lead-out) Q9
|
0Ch 4 Offset to Index-block for this track (from begin of .MDS file) 10h 2 Sector size (800h..930h) (or 860h..990h if with subchannels) 12h 1 Unknown (02h) (maybe number of indices?) 13h 11h Zero 24h 4 Track start sector, PLBA (00000000h=00:02:00) 28h 8 Track start offset (from begin of .MDF file) 30h 4 Number of Filenames for this track (usually 1) 34h 4 Offset to Filename Block for this track (from begin of .MDS file) 38h 18h Zero |
(upper 4bit seem to be meaningless?) 00h=None (used for entries with Point=A0h..FF) A9h=AUDIO ;sector size = 2352 930h ;bytes 000h..92Fh AAh=MODE1 ;sector size = 2048 800h ;bytes 010h..80Fh ABh=MODE2 ;sector size = 2336 920h ;bytes 010h..92Fh ACh=MODE2_FORM1 ;sector size = 2048 800h ;bytes 018h..817h (incomplete!) ADh=MODE2_FORM2 ;sector size = 2324+0? 914h ;bytes 018h..91Bh (incomplete!) ADh=MODE2_FORM2 ;sector size = 2324+4? 918h ;bytes ??..?? (contains what?) ECh=MODE2 ;sector size = 2448 990h ;(930h+60h) (with subchannels) |
00h 4 Number of sectors with Index 0 (usually 96h or zero) 04h 4 Number of sectors with Index 1 (usually size of main-track area) |
00h 4 Offset to Filename (from begin of .MDS file) 04h 1 Filename format (0=8bit, 1=16bit characters) 05h 11 Zero |
00h 6 Filename, terminated by zero (usually "*.mdf",00h) |
| CDROM Disk Images NRG (Nero) |
4 File ID "NERO"/"NER5" 4/8 Fileoffset of first chunk |
4 Chunk ID "CUES"/"CUEX" 4 Chunk size (bytes) |
1 ADR/Control from TOC (usually LSBs=ADR=1=fixed, MSBs=Control=Variable) 1 Track (BCD) (00h=Lead-in, 01h..99h=Track N, AAh=Lead-out) 1 Index (BCD) (usually 00h=pregap, 01h=actual track) 1 Zero |
1 Zero 1 Minute (BCD) ;starting at 00:00:00 = 2 seconds before ISO vol. descr. 1 Second (BCD) 1 Sector (BCD) |
4 Logical Sector Number (HEX) ;starting at FFFFFF6Ah (=00:00:00) |
4 Chunk ID "DAOI"/"DAOX" 4 Chunk size (bytes) 4 Garbage (usually same as above Chunk size) 13 EAN-13 Catalog Number (13-digit ASCII) (or 00h-filled if none/unknown) 1 Zero 1 Disk type (00h=Mode1 or Audio, 20h=XA/Mode2) (and probably 10h=CD-I?) 1 Unknown (01h) 1 First track (Non-BCD) (01h..63h) 1 Last track (Non-BCD) (01h..63h) |
12 ISRC in ASCII (eg. "USXYZ9912345") (or 00h-filled if none/unknown)
2 Sector size (usually 800h, 920h, or 930h) (see Mode entry for more info)
1 Mode:
0=Mode1/800h ;raw mode1 data (excluding sync+header+edc+errorinfo)
3=Mode2/920h ;almost full sector (exluding first 16 bytes; sync+header)
6=Mode2/930h ;full sector (including first 16 bytes; sync+header)
7=Audio/930h ;full sector (plain audio data)
Mode values from wikipedia:
00h for data Mode1/800h
02h
03h for Mode 2 Form 1 data eh? FORM1??? Mode2/920h
05h for raw data Mode1?/930h
06h for raw Mode 2/form 1 data Mode2/930h
07h for audio Audio/930h
0Fh for raw data with sub-channel Mode1?/930h+WHAT?
10h for audio with sub-channel Audio/930h+WHAT?
11h for raw Mode 2/form 1 data with sub-channel Mode2/WHAT?+WHAT?
Note: Some newer files do actually use different sector sizes for each
track (eg. 920h for the data track, and 930h for any following audio
tracks), older files were using the same sector size for all tracks
(eg. if the disk contained 930-byte Audio tracks, then Data tracks
were stored at the same size, rather than at 800h or 920h bytes).
3 Unknown (always 00h,00h,01h)
4/8 Fileoffset 1 (Start of Track's Pregap) (with Index=00h)
4/8 Fileoffset 2 (Start of actual Track) (with Index=01h and up)
4/8 Fileoffset 3 (End of Track+1) (aka begin of next track's pregap)
|
4 Chunk ID "END!" 4 Chunk size (always zero) |
4 Chunk ID "TINF"/"ETNF"/"ETN2" 4 Chunk size (bytes) |
4/4/8 Track fileoffset ;\32bit in TINF/ETNF chunks, 4/4/8 Track length (bytes) ;/64bit in ETN2 chunks 4 Mode (should be same as in DAO chunks, see there) (implies sector size) 0/4/4 Start lba on disc ;\only in ETNF/ETN2 chunks, 0/4/4 Unknown? ;/not in TINF chunks |
4 Chunk ID "RELO" 4 Chunk size (bytes) 4 Zero |
4 Chunk ID "TOCT" 4 Chunk size (bytes) 1 Disk type (00h=Mode1 or Audio, 20h=XA/Mode2) (and probably 10h=CD-I?) 1 Zero (00h) |
4 Chunk ID "SINF" 4 Chunk size (bytes) 4 Number of tracks in session |
4 Chunk ID None/"CDTX" 4 Chunk size (bytes) (must be a multiple of 18 bytes) |
18 Raw 18-byte CD-text data fragments |
4 Chunk ID "MTYP" 4 Chunk size (bytes) 4 Unknown? (00000001h for CDROM) (maybe other value for DVD) |
| CDROM Disk Image/Containers CDZ |
FileID ("CDZ",00h for cdztool v0/v1, or "CDZ",01h for cdztool v2 and up)
One or two Chunk(s)
|
4 32bit Decompressed Size (of all blocks) (must be other than "ZLIB") |
4 ZLIB ID ("ZLIB")
8 64bit Decompressed Size (of all blocks)
|
4 Chunk ID (eg. "CUE",00h)
8 Chunk Size in bytes (starting at "ZLIB" up to including Footer, if any)
4 ZLIB ID ("ZLIB")
8 64bit Decompressed Size (of all blocks)
|
4 Number of Blocks (N) 4 Block 1 Compressed Size (CS.1) 4 Block 1 Decompressed Size (always 00010000h, except last block) CS.1 Block 1 Compressed ZLIB Data (starting with 78h,9Ch) ... ... ;\ 4 Block N Compressed Size (CS.N) ; further block(s) 4 Block N Decompressed Size ; (if any) CS.N Block N Compressed ZLIB Data ;/ |
4*N Directory Entries for N blocks ;-this ONLY for BIN chunk |
BPD*(N-1) Directory Entries for N-1 blocks ;\this ONLY for BIN chunk 1 Bytes per Directory Entry (BPD) ;/(not for CUE/CCD/MDS) |
noname+noname --> .CUE+.BIN (cdztool v1 and below) "BIN",0 --> .ISO (cdztool v2? and up) "CUE",0+"BIN",0 --> .CUE+.BIN (cdztool v2 and up) "CCD",0+"BIN",0 --> .CCD+.IMG (cdztool v2 and up) "CCD",0+"BIN",01h --> .CCD+.IMG+.SUB (930h sectors, plus 60h subchannels) "MDS",0+"BIN",0 --> .MDS+.MDF (cdztool v5 only) |
cdztool.exe v0, unrelased prototype cdztool.exe v1, 22 May 2005, CRC32=620dbb08, 102400 bytes, pSX v1.0-5 cdztool.exe v2, 02 Jul 2006, CRC32=bcb29c1e, 110592 bytes, pSX v1.6 cdztool.exe v3, 22 Jul 2006, CRC32=4062ba82, 110592 bytes, pSX v1.7 cdztool.exe v4, 13 Aug 2006, CRC32=7388dd3d, 118784 bytes, pSX v1.8-11 cdztool.exe v5, 22 Jul 2007, CRC32=f25c1659, 155648 bytes, pSX v1.12-13 |
| CDROM Disk Image/Containers ECM |
45 43 4D 00 ;FileID "ECM",00h 3C ;Type 0, Len=10h (aka 0Fh+1) 00 FF FF FF FF FF FF FF FF FF FF 00 00 02 00 02 ;16 data bytes 02 ;Type 2, Len=1 (aka 00h+1) 00 00 08 00 00 00 00 00 00 00 00 ..... 00 00 00 ;804h data bytes 3C ;Type 0, Len=10h (aka 0Fh+1) 00 FF FF FF FF FF FF FF FF FF FF 00 00 02 01 02 ;16 data bytes 02 ;Type 2, Len=1 (aka 00h+1) 00 00 08 00 00 00 00 00 00 00 00 ..... 00 00 00 ;804h data bytes ... FC FF FF FF 3F ;End Code (Len=FFFFFFFFh+1) NN NN NN NN ;EDC (on decompressed data) |
1st Byte: Bit7=More, Bit6-2=LengthBit4-0, Bit1-0=Type(0..3) 2nd Byte: Bit7=More, Bit6-0=LengthBit5-11 3rd Byte: Bit7=More, Bit6-0=LengthBit12-18 4th Byte: Bit7=More, Bit6-0=LengthBit19-25 5th Byte: Bit7-6=Reserved/Zero, Bit5-0=LengthBit26-31 |
Type 0: load 1 byte, save 1 byte Type 1: load 803h bytes [0Ch..0Eh,10h..80Fh], save 930h bytes [0..92Fh] Type 2: load 804h bytes [14h..817h], save 920h bytes [10h..92Fh] Type 3: load 918h bytes [14h..91Bh], save 920h bytes [10h..92Fh] |
A RAR file containing a 7Z file containing a ECM file containing a BIN file. The BIN containing only Track 1, other tracks stored in APE files. And, of course, the whole mess without including the required CUE file. |
| CDROM Subchannel Images |
4 bytes FileID ("SBI",00h)
|
3 bytes real absolute MM:SS:FF address where the sub q data was bad 1 byte Format: the format can be 1, 2 or 3: Format 1: complete 10 bytes sub q data (Q0..Q9) Format 2: 3 bytes wrong relative MM:SS:FF address (Q3..Q5) Format 3: 3 bytes wrong absolute MM:SS:FF address (Q7..Q9) |
Q0..Q9 Subchannel Q data (normally position data) Q10..Q11 Subchannel Q checksum Q12..Q15 Dummy/garbage/padding (usually 00000000h or FFFFFFFFh) |
1. With CRC (Q0..Q11 intact) (and Q12..Q15 randomly 00000000h or FFFFFFFFh) 2. Without CRC (only Q0..Q9 intact, but Q10..Q15 zerofilled) 3. Without anything (only Q0 intact, but Q1..Q15 zerofilled) |
CCD/IMG/SUB (CloneCD) P-W 60h-bytes Non-interleaved (in separate .SUB file) CDI (DiscJuggler) P-Q 10h-bytes Non-interleaved (in .CDI file) "" P-W 60h-bytes Interleaved (in .CDI file) CUE/BIN/CDT (Cdrwin) N/A ISO (single-track) N/A MDS/MDF (Alcohol 120%) P-W 60h-bytes Interleaved (in .MDF file) NRG (Nero) P-W 60h-bytes Interleaved (in .NRG file) |
00h-07h 80 C0 80 80 80 80 80 C0 ;P=FFh, Q=41h=ADR/Control, R..W=00h 08h-0Fh 80 80 80 80 80 80 80 C0 ;P=FFh, Q=01h=Track, R..W=00h 10h-17h 80 80 80 80 80 80 80 C0 ;P=FFh, Q=01h=Index, R..W=00h 18h-1Fh 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=RelMinute, R..W=00h 20h-27h 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=RelSecond, R..W=00h 28h-2Fh 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=RelSector, R..W=00h 30h-37h 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=Reserved, R..W=00h 38h-3Fh 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=AbsMinute, R..W=00h 40h-47h 80 80 80 80 80 80 C0 80 ;P=FFh, Q=02h=AbsSecond, R..W=00h 48h-4Fh 80 80 80 80 80 80 80 80 ;P=FFh, Q=00h=AbsSector, R..W=00h 50h-57h 80 80 C0 80 C0 80 80 80 ;P=FFh, Q=28h=ChecksumMsb, R..W=00h 58h-5Fh 80 80 C0 C0 80 80 C0 80 ;P=FFh, Q=32h=ChecksumLsb, R..W=00h |
00h-0Bh FF FF FF FF FF FF FF FF FF FF FF FF ;Subchannel P (Pause) 0Ch-17h 41 01 01 00 00 00 00 00 02 00 28 32 ;Subchannel Q (Position) 18h-23h 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel R 24h-2Fh 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel S 30h-3Bh 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel T 3Ch-47h 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel U 48h-53h 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel V 54h-5Fh 00 00 00 00 00 00 00 00 00 00 00 00 ;Subchannel W |
This is probably based on MMC protocol, which would be as crude as this: The 96 pause bits are summarized in 1 bit. Pause/Checksum are optional. 00h-09h 41 01 01 00 00 00 00 00 02 00 ;Subchannel Q (Position) 0Ah-0Bh 28 32 ;<-- OPTIONAL, can be zero! ;Subchannel Q (Checksum) 0Ch-0Eh 00 00 00 ;Unused padding (zero) 0F 80 ;<-- OPTIONAL, can be zero! ;Subchannel P (Bit7=Pause) |
| CDROM Disk Images Other Formats |
ntracks 3 size 39:33:17 data1 00:02:00 track02 31:36:46 track03 36:03:17 ;(insert 2 blanks lines here, and insert 1 leading space in next line) trk end 39:37:17 |
header: 200h bytes header (see below) data: 990h bytes per sector (2352 Main, 96 Sub), 00:00:00->Lead Out |
000h 00 001h 00 002h First Track 003h Last Track 004h Track 1 (ADR << 4) | CTRL ;\ 005h Track 1 Start Minutes ; Track 1 006h Track 1 Start Seconds ; 007h Track 1 Start Frames ;/ ... ... ;-Probably Further Tracks (?) n+0 Last Track Start Minutes ;\ n+1 Last Track Start Seconds ; Last Track n+2 Last Track Start Frames ; n+3 Last Track (ADR << 4) | CTRL ;/ n+4 Lead-Out Track Start Minutes ;\ n+5 Lead-Out Track Start Seconds ; Lead-Out n+6 Lead-Out Track Start Frames ; n+7 Lead-Out Track (ADR << 4) | CTRL ;/ ... 00 1FFh 00 |
| CDROM Internal Info on PSX CDROM Controller |
| CDROM Internal HC05 Instruction Set |
Opcode Clk HINZC Name Syntax x6 ... 2-5 --NZ- LDA MOV A,<op> ;A=op xE ... 2-5 --NZ- LDX MOV X,<op> ;X=op x7 ... 4-6 --NZ- STA MOV <op>,A ;op=A xF ... 4-6 --NZ- STX MOV <op>,X ;op=X xC ... 2-4 ----- JMP JMP <op> ;PC=op xD ... 5-7 ----- JSR CALL <op> ;[SP]=PC, PC=op xB ... 2-5 H-NZC ADD ADD A,<op> ;A=A+op x9 ... 2-5 H-NZC ADC ADC A,<op> ;A=A+op+C x0 ... 2-5 --NZC SUB SUB A,<op> ;A=A-op x2 ... 2-5 --NZC SBC SBC A,<op> ;A=A-op-C x4 ... 2-5 --NZ- AND AND A,<op> ;A=A AND op xA ... 2-5 --NZ- ORA OR A,<op> ;A=A OR op x8 ... 2-5 --NZ- EOR XOR A,<op> ;A=A XOR op x1 ... 2-5 --NZC CMP CMP A,<op> ;A-op x3 ... 2-5 --NZC CPX CMP X,<op> ;X-op x5 ... 2-5 --NZ- BIT TEST A,<op> ;A AND op A7,AF,AC = Reserved (no STA/STX/JMP with immediate operand) |
Opcode Clk ALU/LDA/LDX Clk STA/STX Clk JMP/CALL Ax nn 2 cmd r,nn - N/A -/6 call relative (BSR) Bx nn 3 cmd r,[nn] 4 mov [nn],r 2/5 cmd nn Cx nn mm 4 cmd r,[nnmm] 5 mov [nnmm],r 3/6 cmd nnmm Dx nn mm 5 cmd r,[X+nnmm] 6 mov [X+nnmm],r 4/7 cmd X+nnmm Ex nn 4 cmd r,[X+nn] 5 mov [X+nn],r 3/6 cmd X+nn Fx 3 cmd r,[X] 4 mov [X],r 2/5 cmd X |
Opcode Clk HINZC Name Syntax xC ... 3-6 --NZ- INC INC op ;increment ;op=op+1 xA ... 3-6 --NZ- DEC DEC op ;decrement ;op=op-1 xF ... 3-6 --01- CLR ?? op,00h ;clear ;op=op AND 00h x3 ... 3-6 --NZ1 COM NOT op ;complement ;op=op XOR FFh x0 ... 3-6 --NZC NEG NEG op ;negate ;op=00h-op x9 ... 3-6 --NZC ROL RCL op ;rotate left through carry x6 ... 3-6 --NZC ROR RCR op ;rotate right through carry x8 ... 3-6 --NZC LSL SHL op ;shift left logical x4 ... 3-6 --0ZC LSR SHR op ;shift right logical x7 ... 3-6 --NZC ASR SAR op ;shift right arithmetic xD ... 3-5 --NZ- TST TEST op,FFh ;test for negative or zero (AND FFh?) x1,x2,x5,xB,xE = Reserved (except for: 42 = MUL) |
Opcode Clk RMW Clk CLR Clk TST 3x nn 5 cmd [nn] 5 MOV [nn],00h 4 TEST [nn],0FFh 4x 3 cmd A 3 MOV A,00h,slow 3 TEST A,0FFh,slow 5x 3 cmd X 3 MOV X,00h,slow 3 TEST X,0FFh 6x nn 6 cmd [X+nn] 6 MOV [X+nn],00h 5 TEST [X+nn],0FFh 7x 5 cmd [X] 5 MOV [X],00h 4 TEST [X],0FFh |
Opcode Clk HINZC Name Syntax 00h+i*2 nn dd 5 ----C BRSET JNZ [nn].i,dest ;C=[nn].i, branch if set 01h+i*2 nn dd 5 ----C BRCLR JZ [nn].i,dest ;C=[nn].i, branch if clear 10h+i*2 nn 5 ----- BSET SET [nn].i ;set [nn].i 11h+i*2 nn 5 ----- BCLR RES [nn].i ;clear [nn].i |
Opcode Clk HINZC Name Syntax 20 nn 3 ----- BRA JR nn ;branch always 21 nn 3 ----- BRN NUL nn ;branch never 22 nn 3 ----- BHI JA nn ;if C=0 and Z=0, higher ? 23 nn 3 ----- BLS JBE nn ;if C=1 or Z=1, lower or same ? 24 nn 3 ----- BCC/BHS JNC/JAE nn ;if C=0, carry clear, higher.same 25 nn 3 ----- BCS/BLO JC/JB nn ;if C=1, carry set, lower 26 nn 3 ----- BNE JNZ/JNE nn ;if Z=0, not equal / not zero 27 nn 3 ----- BEQ JZ/JE nn ;if Z=1, equal / zero 28 nn 3 ----- BHCC JNH nn ;if H=0, half-carry clear 29 nn 3 ----- BHCS JH nn ;if H=1, half-carry set 2A nn 3 ----- BPL JNS nn ;if S=0, plus / not signed 2B nn 3 ----- BMI JS nn ;if S=1, minus / signed 2C nn 3 ----- BMC JEI nn ;if I=0, interrupt mask clear 2D nn 3 ----- BMS JDI nn ;if I=1, interrupt mask set 2E nn 3 ----- BIL JIL nn ;if XX=LO, interrupt line low 2F nn 3 ----- BIH JIH nn ;if XX=HI, interrupt line high AD nn 6 ----- BSR CALL relative nn ;branch to subroutine always |
Opcode Clk HINZC Name Syntax 9D 2 ----- NOP NOP ;no operation 97 2 ----- TAX MOV X,A ;transfer A to X 9F 2 ----- TXA MOV A,X ;transfer X to A 9C 2 ----- RSP MOV SP,00FFh ;reset stack pointer (SP=00FFh) 42 11 0---0 MUL MUL X,A ;X:A=X*A (unsigned multiply) 81 6 ----- RTS RET ;return from subroutine 80 9 xxxxx RTI RETI ;return from interrupt 99 2 ----1 SEC STC ;set carry flag 98 2 ----0 CLC CLC ;clear carry flag 9B 2 -1--- SEI DI ;set interrupt mask (disable ints) 9A 2 -0--- CLI EI ;clear interrupt mask (enable ints) 8E ..2 -0--- STOP STOP ;? 8F ..2 -0--- WAIT WAIT ;? 83 10 -1--- SWI SWI ;software interrupt ...? PC=[FFFCh] <IRQ> ? ????? Interrupt ;? PC=[FFFxh] <RESET> ? ????? Reset ;? PC=[FFFEh] 82,84..8D,90..96,9E = Reserved |
A 8bit accumulator X 8bit index register SP 6bit stack pointer (range 00C0h..00FFh) PC 16bit program pointer (range 0000h..FFFFh) CCR 5bit condition code register (flags) (111HINZC) |
SP.highest PC.lo
PC.hi
X
A
SP.lowest Flags (CCR, 5bit condition code register) (111HINZC)
|
nn immediate ;00h..FFh [nn] direct address ;[0000h..00FFh] [nnmm] extended address ;[0000h..FFFFh] [X] indexed, no offset ;[0000h..00FFh] [X+nn] indexed, 8bit offset ;[0000h..01FEh] [X+nnmm] indexed, 16bit offset ;[0000h..FFFFh] [nn].i bit ;[0000h..00FFh].bit0..7 dd relative ;$+2..3+(-80h..+7Fh) |
operand "X+nn" performs an unsigned addition, and can address 0000h..01FEh. 16bit operands (nnmm) are encoded in BIG-ENDIAN format (same for pushed PC). |
Vector Prio Usage FFF0h 7=lo TBI Vector (Timebase) FFF2h 6 SSPI Vector (SPI bus) (SPI1 and SPI2) FFF4h 5 Timer 2 Interrupt Vector (Timer 2 Input/Compare) FFF6h 4 Timer 1 Interrupt Vector (Timer 1 Input/Compare/Overflow) FFF8h 3 KWI Vector (Key Wakeup) (KWI0..7 pins) FFFAh 2 External Interrupt Vector (/IRQ1 and /IRQ2 pins) FFFCh none Software Interrupt Vector (SWI opcode) ;\regardless of FFFEh 1=hi Reset Vector (/RESET signal and COP) ;/CPU's "I" |
.hc05 select HC05 instruction set (default would be .mips) .nocash select nocash syntax (default would be .native opcode names) db ... define 8bit byte(s), or quoted ascii strings dw ... define 16bit word(s) in BIG ENDIAN (for HC05 exception vectors) org nnnn change origin for following opcodes end end of file mov c,[nn].i alias for "jnz [nn].i,$+3" (dummy jump & set carry=[nn].i) |
| CDROM Internal HC05 On-Chip I/O Ports |
0 OPTM Option Map Select (bank-switching for Port 00h..0Fh) 1 FOSCE Fast (Main) Oscillator Enable (0=Disable OSC, 1=Normal) 2-3 SYS System Clock Select (0=OSC/2, 1=OSC/4, 2=OSC/64, 3=XOSC/2) 4-5 - Not used (0) 6 STUP XOSC Time Up Flag (R) 7 FTUP OSC Time Up Flag (R) (0=Busy, 1=Ready/Good/Stable) |
PA.0-7 PAn Port A Bit0..7 Input/Output (0=Low, 1=High) (R/W) PB.0-7 PBn Port B Bit0..7 Input /KWI0..7 (0=Low, 1=High) (R) PC.0 PC0 Port C Bit0 Input/Output /SDI1 (SPI)(0=Low, 1=High) (R/W) PC.1 PC1 Port C Bit1 Input/Output /SDO1 (SPI)(0=Low, 1=High) (R/W) PC.2 PC2 Port C Bit2 Input/Output /SCK1 (SPI)(0=Low, 1=High) (R/W) PC.3 PC3 Port C Bit3 Input/Output /TCAP (T1) (0=Low, 1=High) (R/W) PC.4 PC4 Port C Bit4 Input/Output /EVI (T2) (0=Low, 1=High) (R/W) PC.5 PC5 Port C Bit5 Input/Output /EVO (T2) (0=Low, 1=High) (R/W) PC.6 PC6 Port C Bit6 Input/Output /IRQ2 (0=Low, 1=High) (R/W) PC.7 PC7 Port C Bit7 Input/Output /IRQ1 (0=Low, 1=High) (R/W) PD.0-7 PDn Port D Bit0..7 Input/Output (0=Low, 1=High) (R/W) PE.0-7 PEn Port E Bit0..7 Input/Output (0=Low, 1=High) (R/W) PF.0-7 PFn Port F Bit0..7 Input/Undoc A/D-input (0=Low, 1=High) (R)(R/W) |
DDRX.0-7 DDRXn Port X Data Direction Bit0..7 (0=Input, 1=Output) (R/W) |
RCR1.0 RAL Port A.Bit0-3 Pullup Resistors (0=Off, 1=On) RCR1.1 RAH Port A.Bit4-7 Pullup Resistors (0=Off, 1=On) RCR1.2 RBL Port B.Bit0-3 Pullup Resistors (0=Off, 1=On) RCR1.3 RBH Port B.Bit4-7 Pullup Resistors (0=Off, 1=On) RCR1.4 RGL Port G.Bit0-3 Pullup Resistors (0=Off, 1=On) ;\ RCR1.5 RGH Port G.Bit4-7 Pullup Resistors (0=Off, 1=On) ; on chips RCR1.6 RHL Port H.Bit0-3 Pullup Resistors (0=Off, 1=On) ; with Port G,H RCR1.7 RHH Port H.Bit4-7 Pullup Resistors (0=Off, 1=On) ;/ RCR2.0-7 RCn Port C.Bit0-7 Pullup Resistors (0=Off, 1=On) |
WOM1.0 AWOML Port A.Bit0-3 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.1 AWOMH Port A.Bit4-5 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.2 GWOML Port G.Bit0-3 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.3 GWOMH Port G.Bit4-5 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.4 HWOML Port H.Bit0-3 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.5 HWOMH Port H.Bit4-5 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM1.6-7 - Not used (0) WOM2.0-5 CWOMn Port C.Bit0..5 Open Drain Mode when DDR=1 (0=No, 1=Open Drain) WOM2.6-7 - Not used (always both bits set) |
0-1 - Not used (0) 2 IRQ2S IRQ2 Select Edge-Sensitive Only (0=LowLevelAndNegEdge, 1=NegEdge) 3 IRQ1S IRQ1 Select Edge-Sensitive Only (0=LowLevelAndNegEdge, 1=NegEdge) 4 KWIE Key Wakeup Interrupt Enable (0=Disable, 1=Enable) 5 - Not used (0) 6 IRQ2E IRQ2 Interrupt Enable (0=Disable, 1=Enable) 7 IRQ1E IRQ1 Interrupt Enable (0=Disable, 1=Enable) |
0 RKWIF Reset Key Wakeup Interrupt Flag (0=No Change, 1=Reset) (W) 1 - Not used (0) 2 RIRQ2 Reset IRQ2 Interrupt Flag (0=No Change, 1=Reset) (W) 3 RIRQ1 Reset IRQ1 Interrupt Flag (0=No Change, 1=Reset) (W) 4 KWIF Key Wakeup Interrupt Flag (PB/KWI) (0=No, 1=IRQ) (R) 5 - Not used (0) 6 IRQ2F IRQ2 Interrupt Flag (PC6) (0=No, 1=IRQ) (R) 7 IRQ1F IRQ1 Interrupt Flag (PC7) (0=No, 1=IRQ) (R) |
0-7 KWIEn Port B.Bit0..7 Key Wakeup Interrupt Enable (0=Disable, 1=Enable) |
0 SPRn SPI Clock Rate (0=ProcessorClock/2, 1=ProcessorClock/16) 1-3 - Not used (0) 4 MSTRn SPI Master Mode Select (0=Slave/SCK.In, 1=Master/SCK.Out) 5 DORDn SPI Data Transmission Order (0=MSB First, 1=LSB First) 6 SPEn SPI Enable (SPI1:PortC, SPI2:PortG) (0=Disable, 1=Enable) 7 SPIEn SPI Interrupt Enable (... ack HOW?) (0=Disable, 1=Enable) |
0-5 - Not used (0) 6 DCOLn SPI Data Collision Occurred (0=No, 1=Collision) 7 SPIFn SPI Transfer Complete Flag (0=Busy, 1=Complete) (R) |
0-7 BITn Data to be sent / being received |
0-1 T2R Timer2 Prescaler (0=SysClk, 1=SysClk/4, 2=SysClk/32, 3=SysClk/256) 2-3 T3R PWM Prescaler (0=CLK3, 1=CLK3/2, 2=CLK3/8, 3=Timer2compare) 4-6 - Not used (0) 7 TBCLK Time Base Clock (0=XOSC, 1=OSC/128) ;<-- write-able only ONCE |
0 COPC COP Clear 2bit COP timeout divider (0=No Change, 1=Clear) (W) 1 COPE COP Enable ;<-- write-able only ONCE 2 - Not used (0) 3 RTBIF Reset Time Base Interrupt Flag (0=No Change, 1=Clear TBIF) (W) 4-5 TBR Time Base Interrupt Rate (0=TBCLK/128, 1=/4096, 2=/8192, 3=/16384) 6 TBIE Time Base Interrupt Enable (0=Disable, 1=Enable) 7 TBIF Time Base Interrupt Flag (0=No, 1=IRQ) (R) |
0-4 - Not used (0) 5 XOSCR XOSC Feedback Resistor (0=None, 1=Implemented) 6 OSCR OSC Feedback Resistor (0=None, 1=Implemented) 7 RSTR /RESET Pullup Resistor (0=None, 1=Implemented) |
0 OLVL Output Level on TCMP pin on Compare Match? (0=Low, 1=High) 1 IEDG Input Edge on TCAP pin (0=NegativeEdge, 1=PositiveEdge) 2-4 - Not used (0) 5 TOIE Timer Overflow Interrupt Enable (0=Disable, 1=Enable) 6 OC1IE Output Compare Interrupt Enable (0=Disable, 1=Enable) 7 ICIE Input Capture Interrupt Enable (0=Disable, 1=Enable) |
0-4 - Not used (0) 5 TOF Timer Overflow Flag (0=No, 1=Yes) (R) ;clear by Port 19h access 6 OC1F Output Compare Flag (0=No, 1=Yes) (R) ;clear by Port 17h access 7 ICF Input Capture Flag (0=No, 1=Yes) (R) ;clear by Port 15h access |
0-15 Capture Value |
0-15 Compare Value |
0-15 Counter |
0-15 Alternate Counter (uh, what?) |
0 OL2 Timer Output 2 Edge (0=Falling, 1=Rising) 1 OE2 Timer Output 2 Enable (EVO) (0=Disable, 1=Enable) 2 IL2 Timer Input 2 Edge/Level (0=Low/Falling, 1=High/Rising) 3 IM2 Timer Input 2 Mode Select for EVI (0=EventMode, 1=GatedByCLK2) 4 T2CLK Timer 2 Clock Select (0=CLK2 from Prescaler, 1=EXCLK from EVI) 5 - Not used (0) 6 OC2IE Output Compare 2 Interrupt Enable (0=Disable, 1=Enable) 7 TI2IE Timer Input 2 Interrupt Enable (EVI) (0=Disable, 1=Enable) |
0-1 - Not used (0) 2 ROC2F Reset Output Compare 2 Interrupt Flag (0=No Change, 1=Clear) (W) 3 RTI2F Reset Timer Input 2 Interrupt Flag (0=No Change, 1=Clear) (W) 4-5 - Not used (0) 6 OC2F Output Compare 2 Interrupt Flag (0=No, 1=Yes) (R) 7 TI2F Timer Input 2 Interrupt Flag (EVI) (0=No, 1=Yes) (R) |
0-7 Compare Value ("Transferred to buffer on certain events?")
|
0-7 Counter Value, incremented at T2R (set to 01h on Compare Matches) |
I/O bank 0: 0:06h..07h, 0:0Dh..0Fh I/O bank 1: 1:01h, 1:06h..07h, 1:0Ch..0Dh, and upper 4bit of 1:05h Unbanked I/O: 20h..3Dh Unused Memory: 0240h..0FFFh, 5000h..FDFFh |
[nn],[mmnn],[nn+x],[mmnn+x] --> returns LAST byte of current opcode (=nn) [x] --> returns FIRST byte of following opcode |
| CDROM Internal HC05 On-Chip I/O Ports - Extras |
PG.0 PG0 Port G Bit0 Input/Output /SDI2 (0=Low, 1=High) (R/W) PG.1 PG1 Port G Bit1 Input/Output /SDO2 (0=Low, 1=High) (R/W) PG.2 PG2 Port G Bit2 Input/Output /SCK2 (0=Low, 1=High) (R/W) PG.3 PG3 Port G Bit3 Input/Output /TCMP (0=Low, 1=High) (R/W) PG.4 PG4 Port G Bit4 Input/Output /PWM0 (0=Low, 1=High) (R/W) PG.5 PG5 Port G Bit5 Input/Output /PWM1 (0=Low, 1=High) (R/W) PG.6 PG6 Port G Bit6 Input/Output /PWM2 (0=Low, 1=High) (R/W) PG.7 PG7 Port G Bit7 Input/Output /PWM3 (0=Low, 1=High) (R/W) PH.0-7 PHn Port H Bit0..7 Input/Output (0=Low, 1=High) (R/W) PJ.0-3 PJn Port J Bit0..3 Output (0=Low, 1=High) (R/W) PJ.4-7 - Not used (0) |
0-7 DDRXn Port X Data Direction Bit0..7 (0=Input, 1=Output) (R/W) |
0 - Not used (0) 1 PDH Select Port D (H) (0=FP35-FP38 pins, 1=PD7-PD4 pins) 2 PEL Select Port E (L) (0=FP31-FP34 pins, 1=PE3-PE0 pins) 3 PEH Select Port E (H) (0=FP27-FP30 pins, 1=PE7-PE4 pins) 4 - Not used (0) 5-6 DUTY LCD Duty Select (...) 7 LCDE LCD Output Enable BP and FP pins (0=Disable, 1=Enable) |
0-3 First Data Unit ;\Fourty 4bit LCD values (in the twenty registers) 4-7 Second Data Unit ;/(some duties use only the LSBs of that 4bit values) |
0-3 CH0-3 PWM Channel 0..3 on Port G.Bit4-7 Enable (0=Disable, 1=Enable) 4-7 - Not used (0) |
0-7 PWM Counter, incremented at PHI2 (range 01h..FFh) |
0-7 Duty (N cycles High, 255-N cycles Low) |
0-3 A/D Conversion result (probably unsigned, 00h=Lowest, FFh=Max voltage?) |
0-3 CH0-3 A/D Channel (0..7=PortF.Bit0-7, 8..0Fh=Reserved/Vref/FactorTest) 4 - Not used (0) 5 ADON A/D Charge Pump enable (0=Disable, 1=Enable) 6 ADRC A/D RC Oscillator On (0=Normal/Use CPU Clock, 1=Use RC Clock) 7 COCO A/D Conversion Complete (0=Busy, 1=Complete) (R) |
0 PGM EPROM Program Command (0=Normal, 1=Apply Programming Power) 1 ELAT EPROM Latch Control (0=Normal/Read, 1=Latch/Write) 2-7 RES Reserved for Factory Testing (always 0 in user mode) |
| CDROM Internal HC05 I/O Port Usage in PSX |
porta.0-7 i/o CXD1815Q.Data (indexed via Port E) porta.0 in debug.dta.serial.in ;\normally unused (exists in early bios) porta.1 out debug.dta.serial.out ; (prototype/debug_status stuff) porta.2 out debug.clk.serial.out ;/(with portc.5 = debug.select) |
portb.0 in F-BIAS ;unused portb.1 in SCEx input (serial 250 baud, received via 1000Hz timer2 irq) portb.2 in LMTSW aka /POS0 ;\pos0 and door switches portb.3 in DOOR aka SHELL_OPEN ;/ portb.4 in TEST2 portb.5 in TEST1 (CL316) enter test mode (instead of mainloop) portb.6 in COUT ;<-- unused, extra pin, not "SENSE=COUT" portb.7 in CXD2510Q.SENSE ;-from CXD2510Q (and forwarded from CXA1782BR) |
portc.0 in CXD2510Q.SUBQ ;\ portc.1 in? NC (SPI.OUT) ; used via SPDR1 to receive SPI bus SUBQ data portc.2 out CXD2510Q.SQCK ;/ portc.3 out SPEED portc.4 out ="SPEED XOR 1" ... AL/TE ... or CG ... or MIRR ? portc.5 out ROMSEL: debug.select (or "SCLK" on later boards???) portc.6 in CXD1815Q.XINT/IRQ2 ;unused (instead INTSTS bits are polled) portc.7 in CXD2510Q.SCOR/IRQ1 ;used via polling INTSR.7 (not as irq) |
portd.0 out NC ;-unused (always 1) portd.1 out CXD2510Q.DATA ;\serial bus for CXD2510Q portd.2 out CXD2510Q.XLAT ; (and also forwarded to CXA1782BR) portd.3 out CXD2510Q.CLOK ;/ portd.4 out CXD1815Q.DECCS ;\ portd.5 out CXD1815Q.DECWR ; control for data/index on Port A/E portd.6 out CXD1815Q.DECRD ;/ portd.7 out LDON ... IC723.Pin11 ... maybe "laser on" ? |
porte.0-4 out CXD1815Q.Index (for data on Port A) porte.5 out NC, not used porte.6 out NC, see "idx_4xh" maybe test signal ??? porte.7 out? NC, TEST? configured as OUTPUT... but used as INPUT? |
portf.0 out NC, TX ;\ portf.1 in NC, RX ; not used by sony's cdrom bios portf.2 out NC, RTS ; (but used by motorola's bootstrap rom) portf.3 out NC, DTR ;/ portf.0 in Serial Data In (from daughterboard) ;\ portf.1 out Serial Data Out (to daughterboard) ; usage in SCPH-5903 portf.2 out Serial Clock Out (to daughterboard) ; (PSX with Video CD) portf.3 out Audio/Video Select (0=Normal, 1=VCD) ;/ portf.4-7 - NC, not used (probably pins don't even exist) |
SPI 1 - used for receiving SUBQ (via Port C) IRQ 1 - used for latching/polling SUBQ's "SCOR" (not used as interrupt) IRQ 2 - connects to CXD1815Q.XINT, but isn't actually used at all Timer 1 - unused Timer 2 - generates 1000Hz interrupts (for 250 baud "SCEx" string transfers) DDRx - data directions for Port A-F (as listed above) |
| CDROM Internal HC05 Motorola Selftest Mode |
| CDROM Internal HC05 Motorola Selftest Mode (52pin chips) |
Pin30 PortC.6 (/IRQ2) (/XINT) ----> wire to 3.5V (VCC) Pin31 PortC.7 (/IRQ1) (SCOR) ----> wire to 7V (2xVCC) |
Pin16 PortB.0 ----> ModeSelectBit0 (0=GND, 1=3.5V) Pin17 PortB.1 ----> ModeSelectBit1 (0=GND, 1=3.5V) |
Mode0: Jump to RAM Address 0040h (useless when RAM is empty) Mode1: Semifunctional Selftest (useless) Mode2: Upload 200h bytes to RAM & jump to 0040h (allows fast/custom dumping) Mode3: Download ROM as ASCII hexdump (nice, but very slow) |
Pin50 PortF.0 ----> TX output (11bytes: 0Dh,0Ah," AAAA DD ") Pin51 PortF.1 <---- RX input (1byte: "!" to request next 11 bytes) Pin52 PortF.2 ----> RTS output or so (not needed) Pin1 PortF.3 ----> DTR output or so (not needed) Ground ------------ GND for RX/TX |
http://www.psxdev.net/forum/viewtopic.php?f=70&t=557 |
.------------ pin31, PC7, SCOR, cut the connection
39 | 27 to Signal Processor,
.-----------------. then wire Pin31 to 7.5V
40 | | 26
| C nnnn |
| SC4309nnPB |
| G63C 185 |
pin50, TX <--- | | ---- pin17, PB1, SCEX, wire to 3.5V,
pin51, RX ---> | | for Mode2 Selection
52 | O | 14
'-----------------'
1 13
|
CN602.Pin1 = 7.5V ;\on PSX boards (with either 5pin or CN602.Pin3 = 3.5V ;/ 7pin CN602 connectors) IC601.Pin1 = 7.5V ;-on PSone boards (3pin 78M05 voltage regulator) IC102.Pin32 = 3.5V ;-on PSone boards (32pin Main BIOS ROM chip) |
CXD2510Q.Pin63 (eg. on PU-8 boards) ;\ CXD2545Q.Pin74 (eg. on PU-18 boards) ; either one of these, depending CXD1817R.Pin49 (eg. on PU-20 boards) ; on which chipset you have CXD2938Q.Pin77 (eg. on PM-41 boards) ; CXD2941R.Pin85 (eg. PM-41(2) boards) ;/ |
4-digit ASCII HEX address --> change address, and return 0Dh,0Ah," AAAA DD " chr(00h) --> increment address, and return 0Dh,0Ah," AAAA DD " chr(07h) --> jump to current address (not so useful) other characters --> same as chr(00h) All digits/characters sent to RX input will produce an echo on TX output. |
| CDROM Internal HC05 Motorola Selftest Mode (80pin chips) |
Pin PortC 46 PC7/IRQ1 (SCOR) disconnect from PCB, then wire the pin to Vtst (7.6V) 45 PC6/IRQ2 (/XINT) wire to Vdd (3.5V) (you have to solder to the pin) |
Pin PortA DDRA Usage 23 PA0 in RXD 24 PA1 out TXD 25 PA2 in - 26 PA3 in Testmode.bit0 (GND=0, 3.5V=1) 27 PA4 in Testmode.bit1 (GND=0, 3.5V=1) 28 PA5 in Testmode.bit2 (GND=0, 3.5V=1) 29 PA6 out RTS (don't care) 30 PA7 out - |
PA5 PA4 PA3 Effect 0 x x Jump to 0040h ;\ 1 0 0 Test (complex) ; not so useful 1 0 1 Test (simple loop) ;/ 1 1 0 ROM Dump 4200h bytes (plain binary, non-ASCII) 1 1 1 RAM Upload 100h bytes to 0040h..013Fh, then jump to 0040h |
.------------ pin46, PC7/IRQ1, SCOR, cut & wire to 7.5V
|.----------- pin45, PC6/IRQ2, wire to 3.5V
60 || 41
.-----------------.
61 | o | 40
| Sony Computer | ,----- pin28, PA5, wire to 3.5V
| Entertainment | _________/ ,--- pin27, PA4, wire to 3.5V
| Inc. (C) E35D | ==========='---- pin26, PA3, mode select
| 4246xx 185 | ----> pin24, PA1, TXD (for ROM dump)
| | <---- pin23, PA0, RXD (for RAM upload)
80 | O | 21
'-----------------'
1 20
|
CN602.Pin1 = 7.5V ;\on PSX boards (with 7pin CN602 connectors) CN602.Pin3 = 3.5V ;/ |
| CDROM Internal CXD1815Q Sub-CPU Configuration Registers |
0-1 "L" Reserved (should be 0) 2 LSB 1st CD DSP DATA order (0=MSB first, 1=LSB first) 3-4 BCK MD CD DSP Number of BCLKs per WCLK (0=16, 1=24, 2=32, 3=Reserved) 5 BCK RED Strobe DATA on BLCK Edge (0=Falling Edge, 1=Rising Edge) 6 LCH LOW Channel on LRCK=Low (0=Right, 1=Left) 7 C2PL1st ... C2PO lower byte 1st |
0 HCLKDIS HCLK Pin Output (0=8.4672MHz, 1=Disable; Fixed Low) 1 CLKDIS CLK Pin Output (0=16.9344MHz, 1=Disable; Fixed Low) 2 9BITRAM SRAM Databus width (0=8bit/normal, 1=9bit) 3-4 RAM SZ SRMA Address bus (0=32K, 1=64K, 2=128K, 3=Reserved) 5 PRTYCTL ... Priority Control 6 XSLOW Number of clock cycles per DMA cycle (0=12, 1=4) (for SRAM) 7 "L" Reserved (should be 0) |
0 "L" Reserved (should be 0) 1 DACODIS .... DAC Out Disable 2 DAMIXEN Digital Audio Mixer Enable (0=Attentuator/Mixer for CD-DA, 1=No) 3 SMBF2 Number of Sound Map Buffer Surfaces (0=Three, 1=Two) 4 SPMCTL Sound Parameter Majority Control (0=?) ;\for ADPCM params 5 SPECTL Sound Parameter Error Control (0=?) ;/ 6-7 "L" Reserved (should be 0) |
0-2 DECMD Decoder Mode (0-7)
0 or 1 Decoder Disable ;-disable sector reading
2 or 3 Monitor-only Mode ;\no error correction
4 Write-only Mode ;/
5 Real-time Correction Mode ;\with error correction
6 Repeat Correction Mode ;/
7 CD-DA Mode ;-audio
3 AUTODIST Auto Distinction (0=Use MODESEL/FORMSEL bits, 1=Use Sector Hdr)
(Error Correction is done according to above MODE/FORM values)
4 FORMSEL Form Select (0=FORM1, 1=FORM2) (must be 0 for MODE1)
5 MODESEL Mode Select (0=MODE1, 1=MODE2)
6 ECCSTR ECC Strategy (0=Normal, 1=Use Error Flags; requires 9bit SRAM)
7 ENDLADR Enable Drive Last Address ...
|
0 "L" Reserved (should be 0) 1 DBLSPD Double Speed Mode (0=Normal, 1=Double) (init CD DSP first) 2 RPSTART Repeat Correction Start (0=No, 1=Start) (automatically cleared) 3 SWOPEN Sync Window Open (0=SyncControlledByIC, 1=OpenDetectionWindow) 4 CD-DA CD-DA Play (0=No, 1=Playback CD-DA as audio) 5 CDDAMUTE CD-DA Mute (0=Normal, 1=Mute CD-DA Audio) 6 RTMUTE Real-time Mute (0=Normal, 1=Mute CDROM ADPCM) 7 SMMUTE Sound Map Mute (0=Normal, 1=Mute Sound Map ADPCM) |
| CDROM Internal CXD1815Q Sub-CPU Sector Status Registers |
0 CFORM FORM assumed by Error Correction (0=FORM1, 1=FORM2) 1 CMODE MODE assumed by Error Correction (0=MODE1, 1=MODE2) 2 ECCOK ECC Okay (0=Bad, 1=Okay) 3 EDCOK EDC Okay (0=Bad, 1=Okay) 4 CORDONE Correction Done (0=None, 1=Error occurred and was corrected) 5 CORINH Correction Inhibit (0=Okay,1=AUTODIST couldn't determine MODE/FORM) 6 ERINBLK Erasure in Block (0=Okay, 1=At least 1 byte is wrong & uncorrected) 7 EDCALL0 EDC all-zero (0=No/EDC Exists, 1=Yes/All four EDC bytes are 00h) |
0 NOSYNC No Sync (0=Okay, 1=Sector Sync Mark Missing) 1 SHRTSCT Short Sector (0=Okay, 1=Sector Sync Mark within Sector Data) 2-4 - Reserved (undefined) 5 RTADPBSY Real-time ADPCM Busy (0=No, 1=Busy/playback) 6-7 - Reserved (undefined) |
0 CI Error in 4th Subheader byte (Coding Info) (0=Okay, 1=Error) 1 SUBMODE Error in 3rd Subheader byte (Submode) (0=Okay, 1=Error) 2 CHANNEL Error in 2nd Subheader byte (Channel) (0=Okay, 1=Error) 3 FILE Error in 1st Subheader byte (File) (0=Okay, 1=Error) 4 MODE Error in 4th Header byte (MODE) (0=Okay, 1=Error) 5 BLOCK Error in 3rd Header byte (FF) (0=Okay, 1=Error) 6 SEC Error in 2nd Header byte (SS) (0=Okay, 1=Error) 7 MIN Error in 1st Header byte (MM) (0=Okay, 1=Error) |
1st read: 1st Header byte (MM) 2nd read: 2nd Header byte (SS) 3rd read: 3rd Header byte (FF) 4th read: 4th Header byte (MODE) |
1st read: 1st Subheader byte (File) 2nd read: 2nd Subheader byte (Channel) 3rd read: 3rd Subheader byte (Submode) (SM) 4th read: 4th Subheader byte (Coding Info) (CI) |
(1) The corrected value in the real-time correction or
repeat correction mode
(2) Value of the raw data from the drive in the monitor-only
or write-only mode
The CMOME? and CMODE bits (bits 1, 0) of ECCSTS indicate the FORM and MODE
of the sector the decoder has discriminated by the raw data from the drive.
Due to erroneous correction, the values of these bits may be at variance
with those of the HDR register MODE byte and SHDR register submode byte
bit5.
|
| CDROM Internal CXD1815Q Sub-CPU Address Registers |
0-6 CMADR Address bit10-16 (in 1Kbyte steps) 7 - Reserved (undefined) |
HADR = (CMADR AND 7Fh)*400h+offset HXFR = length OR 4000h |
ADPMNT = (CMADR AND 7Fh) OR 80h |
0-6 ADPxxx ADPCM source Address bit10-16 (in 1Kbyte-steps) 7 RTADPEN Real-time ADPCM Enable (0=Disable, 1=Enable Real-time ADPCM) |
0-16 DLADR Addr. bit0-16 ... 17-23 "L" Reserved (should be 0) |
0-16 DADRC Incrementing Drive-to-Buffer Write Address, bit0-16 17-23 "L" Reserved (should be 0) |
0-15 DADRC Address bit0-15 ;bit16 is in Port 0Bh ... |
0-11 HXFR number of data bytes, bit0-11 (0..FFFh) ...
12 HADR.16 HADR bit16
13 "L" Reserved (should be 0)
14 "L" ?? Reserved (should be 0) ;<-- XXX but on PSX: Always 1 !?!
; seems to Disable INT8 ?!!!
15 DISHXFRC Disable HXFRC (0=Use HXFRC, 1=Disable, Infinite-or-Zero Len?)
|
0-15 HADR Addr. bit0-15 ;bit16 in Port 0Dh ... |
0-11 HXFRC Host Transfer Counter bit0-11 (number of remaining bytes) 12 HADRC bit16 ;MSB of Port 0Ch/0Dh 13 DADRC bit16 ;MSB of Port 0Eh/0Fh 14-15 - Reserved (undefined) (usually both bits set) |
0-15 HADRC Address bit0-15 ;bit16 is in Port 0Bh |
900h is loaded into HXFRC and 600Ch, 6A0Ch, or 740Ch is loaded into HADRC (at least, supposedly, above addresses , for cases when using 32K SRAM) |
HADR and HXFR are loaded into HADRC and HXFRC |
0000h 1st Sector (at 0000h..0923h) (unused gap at 0924h..0BFFh) 0C00h 2nd Sector (at 0C00h..1523h) (unused gap at 1524h..17FFh) 1800h 3rd Sector (at 1800h..2123h) (unused gap at 2124h..23FFh) 2400h 4th Sector (at 2400h..2D23h) (unused gap at 2D24h..2FFFh) 3000h 5th Sector (at 3000h..3923h) (unused gap at 3924h..3BFFh) 3C00h 6th Sector (at 3C00h..4523h) (unused gap at 4524h..47FFh) 4800h 7th Sector (at 4800h..5123h) (unused gap at 5124h..53FFh) 5400h 8th Sector (at 5400h..5D23h) (unused gap at 5D24h..5FFFh) 6000h Soundmap ADPCM Buffer (at 600Ch..690Bh) (gaps at 6000h and 690Ch) 6A00h Soundmap ADPCM Buffer (at 6A0Ch..730Bh) (gaps at 6A00h and 730Ch) 7400h Soundmap ADPCM Buffer (at 740Ch..7D0Bh) (gaps at 7400h and 7D0Ch) 7E00h Unknown/Unused |
| CDROM Internal CXD1815Q Sub-CPU Misc Registers |
0-2 HINT Request Host Interrupt (INT1..INT7, or 0=None/No change) 3-7 "L" Reserved (should be 0) |
0-2 HINTSTS Pending Host Interrupt (INT1..INT7, or 0=None/All acknowledged) 3 DMABUSY DMA Busy (0=Data FIFO Empty and HXFRC=0, 1=Data Transfer Busy) 4 PRMRRDY Paramter Read Ready (0=Parameter FIFO Empty, 1=Ready/Not Empty) 5 RSLEMPT Result Empty (0=Response FIFO Not Empty, 1=Empty) 6 RSLWRDY Result Write Ready (0=Response FIFO Full, 1=Ready/Not Full) 7 BUSYSTS Command Busy Status (0=Command Not Empty, 1=Ack'ed by CLRBUSY) |
0 RESYNC Sync with CD DSP (0=No change, 1=Resync, eg. after speed change) 1-3 "L" Reserved (should be 0) 4 RTADPCLR Abort Real-time ADPCM (0=No Change, 1=Abort; when ADPMNT.7=0) 5 CLRRSLT Clear Reply FIFO (0=No change, 1=Acknowledge; clear FIFO) 6 CLRBUSY Acknowledge Command (0=No change, 1=Acknowledge; clear BUSYSTS) 7 CHPRST Chip Reset (0=No change, 1=Do Chip Initialization) |
0 HCRISD Host Chip Reset Issued 1 HSTCMND Host Command ... 2 DECINT Decoder Interrupt .. 3 HDMACMP Host DMA Complete . <-- PSX: used for retry ?!?!!! 4 RTADPEND Real-time ADPCM end 5 RSLTEMPT Result Empty 6 DECTOUT Decoder Time Out 7 DRVOVRN Drive Overrun |
0-7 Param FIFO (check HIFSTS.4 to see if the FIFO is empty) |
0-7 Command (check INTSTS.1 or HIFSTS.7 to see if a command was sent) |
0-7 Data (has 8-byte FIFO) |
0 S/M ADPCM Stereo/Mono (0=Mono, 1=Stereo) 1 - Reserved (undefined) 2 FS ADPCM Sampling Frequency (0=37.8kHz, 1=18.9kHz) 3 - Reserved (undefined) 4 BITLNGTH ADPCM Sample Bit Length (0=Normal/4bit, 1=8bit) 5 ADPBUSY ADPCM Decoding (0=No, 1=Yes/Busy) 6 EMPHASIS ADPCM Emphasis (0=Normal/Off, 1=On) 7 MUTE DA Data is Muted (uh?) (0=No, 1=Yes/Muted) |
0 S/M ADPCM Stereo/Mono (0=Mono, 1=Stereo) 1 "L" Reserved (should be 0) 2 FS ADPCM Sampling Frequency (0=37.8kHz, 1=18.9kHz) 3 "L" Reserved (should be 0) 4 BITLNGTH ADPCM Sample Bit Length (0=Normal/4bit, 1=8bit) 5 "L" Reserved (should be 0) 6 EMPHASIS ADPCM Emphasis (0=Normal/Off, 1=On) 7 "L" Reserved (should be 0) |
0-7 Reserved (undefined) |
0-7 Reserved (should be 00h) (or don't write at all) |
| CDROM Internal Commands CX(0x..3x) - CXA1782BR Servo Amplifier |
23-20 4bit Command (00h) 19 1bit FS4 Focus Servo (0=Off, 1=On) 18 1bit FS3 DEFECT 17 1bit FS2 Enable Focus Search Voltage (0=Off, 1=On) 16 1bit FS1 Select Focus Search Voltage (0=Falling, 1=Rising) 15-0 16bit Unused (don't care) |
23-20 4bit Command (01h) 19 1bit TG1,TG2 ON/OFF Tracking Servo Gain Up/Normal (hmmm?) 18 1bit Brake Circuit ON/OFF 17-16 2bit PS Sled Kick Height (0=+/-1, 1=+/-2, 2=Undoc, 3="Don't use"?) 15-0 16bit Unused (don't care) |
23-20 4bit Command (02h) 19-18 2bit Tracking Control (0=Off, 1=Servo On, 2=F-Jump, 3=R-Jump) ;TM1,3,4 17-16 2bit Sled Control (0=Off, 1=Servo On, 2=F-Fast, 3=R-Fast) ;TM2,5,6 15-0 16bit Unused (don't care) |
23-20 4bit Command (03h) 19 1bit Value to be adjusted (0=Balance, 1=Gain) 18-16 3bit New Balance or Gain value (depending on above bit) 15-0 16bit Unused (don't care) |
N-N 4bit Command (04h..07h) |
N-N 4bit Command (08h..0Fh) |
| CDROM Internal Commands CX(4x..Ex) - CXD2510Q Signal Processor |
23-20 4bit Command (4) 19-16 4bit AS3-0 Auto Sequence Command (see below) 15-12 4bit MT3-0 Max Timer Value (N timer units, or 0=Invalidate Timer) 11 1bit LSSL Timer Units (0=2.9ms, 1=186ms) (for above MT value) 10-8 3bit Unused (zero) 7-0 8bit Unused (don't care) |
00h Cancel 04h/05h Forward/Reverse Fine Search ;<--sends CX(25h) ;\these do internally 07h Focus-On ;<--sends CX(02h) ; send commands to 08h/09h Forward/Reverse 1 Track Jump ;\ ; CXA1782BR 0Ah/0Bh Forward/Reverse 10 Track Jump ; sends CX(25h) ; and, auto sequence 0Ch/0Dh Forward/Reverse 2N Track Jump ;/ ;/is interrupted? 0Eh/0Fh Forward/Reverse 1N Track Move ;<--CXD2545Q only(Reserved on CXD2510Q) 01h..03h,06h = Reserved |
23-20 4bit Command (5) 19-16 4bit TR3-0 Timer (N*0.022ms for Blind/Overflow, N*0.045ms for Brake) 15-8 8bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (6) 19-16 4bit SD3-0 Timer KICK.D (N*2.9ms for Fine Search? else N*1.45ms?) 15-12 4bit KF3-0 Timer KICK.F (N*0.09ms) 11-8 4bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (7) 19-4 16bit Track Jump Count Setting (0..65535) for Command 4x 3-0 4bit Unused (don't care) |
23-20 4bit Command (8) 19 1bit CDROM (0=Audio, 1=CDROM; no average and pre-value stuff) 18 1bit DOUT Mute (0=Not muted, 1=Mute DOUT) 17 1bit D.out Mute-F (0=Not muted, 1=Mute DA) 16 1bit WSEL (0=Enhanced Sync Window, 1=Enhanced Anti-Rolling) 15 1bit VCO SEL (0=Double Correction, 1=Quadruple Correction) 14 1bit ASHS (0=Double Correction, 1=Quadruple Correction) 13 1bit SOCT (0=Output SubQ to SQSO, 1=Output Each? to SQSO) 12 1bit Unused (zero) 11-8 4bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (9) 19 1bit DCLV ON-OFF (complex stuff, related to gain and frequencies) 18 1bit DSPB ON-OFF (0=Normal Speed, 1=Double Speed; fixed pitch) 17 1bit ASEQ ON-OFF (select output on SENS pin) 16 1bit DPLL ON-OFF (0=Analog RFPLL, 1=Digital RFPLL) 15-14 1bit Bilingual Audio (0=Stereo, 1=RightOnly, 2=LeftOnly, 3=Mute) 13 1bit FLFC (normally 0) 12 1bit Unused (zero) 11-8 4bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (0Ah) 19 1bit Vari Up (write 1-then-0 to increase pitch by +0.1%) 18 1bit Vari Down (write 1-then-0 to decrease pitch by -0.1%) 17 1bit Mute (0=Not muted; unless muted elsewhere, 1=Mute & Peak=0) 16 1bit ATT (0=Attentuation off, 1=Minus 12 dB) 15-14 2bit PCT (0=Normal, 1=LevelMeter, 2=PeakMeter, 3=Normal) (0-1=QuadC2) 13-12 2bit Unused (zero) 11-8 4bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (0Bh) 19-4 16bit Traverse Monitor Count (used when monitored by COMP and COUT) (?) 3-0 4bit Unused (don't care) |
23-20 4bit Command (0Ch) 19-18 2bit Gain MDP for CLVP mode (0=-6db, 1=0dB, 1=+6dB, 3=Reserved) 17-16 2bit Gain MDS for CLVS/CLVP (0=-12dB, 1=-6dB, 2=0dB, 3=Reserved) 15 1bit Zero (zero) 14 1bit Gain DCLV0 overall gain (0=0dB, 1=+6dB 13-12 2bit Unused (zero) 11-8 4bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (0Dh) 19 1bit DCLV PWM MD Digital CLV PWM mode (0=Use MDS+MDP, 1=Ternary MDP) 18 1bit TB Bottom Hold in CLVS/CLVH modes (0=At cycle RFCK/32, 1=RFCK/16) 17 1bit TP Peak Hold in CLVS mode (0=At cycle RFCK/4, 1=RFCK/2) 16 1bit Gain CLVS for CLVS mode (0=0dB, 1=+6dB)(always +6dB in CLVP mode) 15-8 8bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
23-20 4bit Command (0Eh) 19-16 4bit CM3-0 15-8 8bit Unused (don't care on CXD2510Q, zero on CXD2545Q) 7-0 8bit Unused (don't care) |
00h Stop Spindle Motor Stop mode 06h CLVA Automatic CLVS/CLVP switching mode, normally used for playback 08h Kick Spindle Motor Forward rotation mode 0Ah Brake Spindle Motor Reverse rotation mode 0Ch CLVH Peak hold at 34kHz 0Eh CLVS Rough Servo Mode, RF-PLL related 0Fh CLVP PLL Servo mode |
23-0 N/A Don't use |
80bit subq 15bit peak level (lsb first) (absolute/unsigned value) 1bit peak l/r flag (aka appears as "MSB" of peak level) |
Index ASEQ=0 ASEQ=1 ;<-- ASEQ can be set via CX(9xx) 0X HighZ SEIN (FZC) ;\aka SENS output 1X HighZ SEIN (A.S) ... aka DEFECT ; from CXA1782BR 2X HighZ SEIN (T.Z.C) ... aka TZC ; forwarded through 3X HighZ SEIN (SSTOP) ... aka Gain/Bal ;/CXD2510Q 4X HighZ XBUSY 5X HighZ FOK 6X HighZ SEIN (HighZ) AX GFS GFS BX COMP COMP CX COUT COUT EX /OV64 /OV64 7X-9X,DX,FX HighZ 0 |
FZC Focus Zero Cross
DEFECT Defect?
TZC Tracking Zero Cross
SSTOP Gain or Balance adjust reached wanted level
XBUSY Low while the auto sequencer operation is busy
FOK High for "focus OK" (same as FOK pin)
GFS High when the played back frame sync is obtained with correct timing
COMP Measures the number of tracks set with Reg B. High when Reg B is
latched, low when the initial Reg B number is input by CNIN
COUT Measures the number of tracks set with Reg B. High when Reg B is
latched, toggles each time the Reg B number is input by CNIN. While
$44 and $45 are being executed, toggles with each CNIN 8-count
instead of the Reg B number
OV64 Low when filtered EFM signal is lengthened by 64 channel clock
pulses or more
|
| CDROM Internal Commands CX(0x..Ex) - CXD2545Q Servo/Signal Combo |
23-20 4bit Command (01h) 19 1bit Anti Shock (0=Off, 1=On) 18 1bit Brake (0=Off, 1=On) 17 1bit Tracking Gain (0=Normal, 1=Up) 16 1bit Tracking Gain Filter (0=Select 1, 1=Select 2) 15-0 16bit Unused (don't care) |
23-20 4bit Command (03h) 19-18 2bit Subcommand (0) 17-16 2bit Sled Kick Level (0=+/-1, 1=+/-2, 2=+/-3, 3=+/-4) 15-0 16bit Unused (don't care) |
23-16 8bit Command (34h) 15 1bit Zero (0) 14-8 7bit Address (00h..4Fh = Select Coefficient K00..K4F) 7-0 8bit Data (00h..FFh = New value) PLUS 8bit Eight more bits on PSone (!) |
23-12 12bit Command (34Fh) 11-10 2bit Index (0=TRVSC, 1=FBIAS, 2=?, 3=?) 9-0 10bit Data (for FBIAS: bit0=don't care) |
23-16 8bit Command (35h) 15-14 2bit FT Focus Search-up speed 1 13-8 6bit FS Focus Search limit voltage (default 011000b) (+/-1.875V) 7 1bit FTZ Focus Search-up speed 2 6-0 7bit FG AGF Convergence Gain Setting (default 0101101b) |
23-16 8bit Command (36h) 15 1bit Zero (0) 14 1bit DTZC DTZC Delay (0=4.25us/Default, 1=8.5us) 13-8 6bit TJ Track Jump voltage (default 001110b) (+/-1.09V) 7 1bit Zero (0) 6-0 7bit TG AGT Convergence Gain Setting (default 0101110b) |
23-16 8bit Command (37h) 15-14 2bit FZS XXX pg. 84 13-8 6bit SM Sled Move Voltage 7 1bit AGS 6 1bit AGJ 5 1bit AGGF 4 1bit AGGT 3 1bit AGV1 2 1bit AGV2 1 1bit AGHS 0 1bit AGHT |
23-16 8bit Command (38h) 15 1bit VCLM VC level measurement on/off 14 1bit VCLC VC level compensation for FCS_In Register on/off 13 1bit FLM Focus zero level measurement on/off 12 1bit FLC0 Focus zero level compensation for FZC Register on/off 11 1bit RFLM RF zero level measurement on/off 10 1bit RFLC RF zero level compensation on/off 9 1bit AGF Focus automatic gain adjustment on/off 8 1bit AGT Tracking automatic gain adjustment on/off 7 1bit DFSW Defect switch disable (1=disable defect measurement) 6 1bit LKSW Lock switch (1=disable sled free-running prevention) 5 1bit TBLM Traverse center measurement on/off 4 1bit TCLM Tracking zero level measurement on/off 3 1bit FLC1 Focus zero level compensation for FCS_In Register on/off 2 1bit TLC2 Traverse center compensation on/off 1 1bit TLC1 Tracking zero level compensation on/off 0 1bit TLC0 VC level compensation for TRK/SLD_In register on/off |
23-16 8bit Command (39h) 15 1bit DAC Serial data readout DAC mode on/off 14-8 7bit SD Serial readout data select (see below) 7-0 8bit Unused (don't care) |
Addr Data Content 00h 8bit VC input signal 01h 8bit SE input signal 02h 8bit TE input signal 03h 8bit FE input signal 04h-07h 9bit TE AVRG register (mirrored to 04h-07h) 08h-0Bh 9bit FE AVRG register (mirrored to 08h-0Bh) 0Ch-0Fh 9bit VC AVRG register (mirrored to 0Ch-0Fh) 12h 8bit RFDC envelope (peak) 13h 8bit RFDC envelope (bottom) 1Ch 9bit TRVSC register 1Dh 9bit FBIAS register 1Eh 8bit RFDC input signal 1Fh 8bit RF AVRG register 20h-3Fh 16bit Data RAM (M00-M1F) 40h-7Fh 8bit Coefficient RAM (K00-K3F) (note: K40-K4F cannot be read out) |
23-16 8bit Command (3Ah) 15 1bit Zero (0) 14 1bit FBON: FBIAS register addition (0=off, 1=Add FBIAS to FCS) 13-0 14bit Zero (0) |
23-16 8bit Command (3Bh) 15-14 2bit SFO FOK Slice Level (...depends on SFOX) 13-12 2bit SDF DFCT Slice Level (0=89mV, 1=134mV, 2=179mV, 3=224mV) 11-10 2bit MAX DFCT Maximum Time (0=No Limit, 1=2ms, 2=2.36ms, 3=2.72ms) 9 1bit SFOX FOK Slice Level (...depends on SFO) 8 1bit BTF Bottom Hold Double-Speed Count-Up mode for MIRR (0=off) 7-6 2bit D2V Peak Hold 2 for DFCT (0=22.05kHz, 1=44.1, 2=88.2, 3=176.4) 5-4 2bit D1V Peak Hold 1 for DFCT (0=176.4kHz, 1=352.8, 2=705.6, 3=1411) 3-0 4bit Zero (0) |
23-16 8bit Command (3Ch) 15-0 16bit Unused (don't care) |
23-16 8bit Command (3Dh) 15-0 16bit Unused (don't care) |
23-16 8bit Command (3Eh) 15-14 2bit F1NDM FCS servo filter 1st stage (1=normal, 2=down) 13-12 2bit F3NUM FCS servo filter 3rd stage (1=normal, 2=up) 11-10 2bit T1NDM TRK servo filter 1st stage (1=normal, 2=down) 9-8 2bit T3NUM TRK servo filter 3rd stage (1=normal, 2=up) 7 1bit DFIS FCS hold filter input extraction node (0=M05, 1=M04) 6 1bit TLCD Mask TLC2 set by D2 of CX(38) only when FOK low 5 1bit RFLP Pass signal from RFDC pin through low-pass-filter 4-0 5bit Zero (0) |
23-16 8bit Command (3Fh) ... XXX pg. 89 15-14 2bit Unused (0) 13-12 2bit XTD 11 1bit Unused (0) 10-8 3bit DRR 7 1bit Unused (0) 6 1bit ASFG 5 1bit Unused (0) 4 1bit LPAS 3-2 2bit SRO 1-0 2bit Unused (0) |
Index ASEQ=0 ASEQ=1 Length $0X Z FZC - $1X Z AS - $2X Z TZC - $38 Z AGOK*1 - $38 Z XAVEBSY*1 - $30-37,$3A-3F Z SSTP - $3904 Z TE Avrg Reg. 9 bit $3908 Z FE Avrg Reg. 9 bit $390C Z VC Avrg Reg. 9 bit $391C Z TRVSC Reg. 9 bit $391D Z FB Reg. 9 bit $391F Z RFDC Avrg Reg. 8 bit $4X Z XBUSY - $5X Z FOK - $6X Z 0 - $AX GFS GFS - $BX COMP COMP - $CX COUT COUT - $EX OV64 OV64 - $7X-9X,DX,FX Z 0 - |
| CDROM Internal Commands CX(0x..Ex) - CXD2938Q Servo/Signal/SPU Combo |
CX(34910000) NewScexStopReading CX(3491xy80) NewScexRandomKey(xy) CX(34920000) NewScexFlushResyncOrSo CX(34944A00) NewScexInitValue1 CX(3498C000) NewScexInitValue2 CX(349C1000) NewScexThis ;\inverse ;\use CX(3C2080) for COUT selection CX(349D1000) NewScexThat ;/of COUT ;/ |
1st byte: Unknown/unused (normally ADR/Control) ;\these should be probably 2nd byte: Unknown/unused (normally Track) ; set to some invalid values 3rd byte: Unknown/unused (normally Index/Point) ;/to avoid SUB-Q confusion 4th..10th byte: SCEx data or Dummy bytes (depending on xy.bit7..1) 11th..12th byte: Unknown/unused (normally Audio Peak level) |
CXD2545Q CXD2938Q CX(3C) CX(3C0080) TzcCoutSelectHPTZC;\ <--formerly CX(3C) - CX(3C2080) TzcCoutSelectSCEX ; <--special NewScex mode CX(3D) CX(3C4080) TzcCoutSelectDTZC ;/ <--formerly CX(3D) |
CXD2545Q CXD2938Q CX(8180) CX(810408) MODE = Audio (CD-DA) CX(8120) CX(812400) MODE = Audio (CD-DA) (manual SPI bus access) CX(8980) CX(890408) MODE = CDROM (Data) - CX(898000) MODE = CDROM (Data) (used on RESET) |
| CDROM Internal Commands CX(xx) - Notes |
| CDROM Internal Commands CX(xx) - Summary of Used CX(xx) Commands |
<--vC1--> <--vC2--> <--vC3--> CXD2510Q CXD2545Q CXD2938Q CX(00) CX(00) CX(00) AllFocusSwitchesOff CX(02) CX(02) CX(02) FocusSearchVoltageFalling CX(03) CX(03) CX(03) FocusSearchVoltageRising ;ForTestOnly CX(08) CX(08) CX(08) FocusServoOn CX(0C) CX(0C) CX(0C) FocusServoOnAndDefectOn ;diff.usage vC# ? ----- CX(11) - - SledKickHeight2 CX(12) - - SledKickHeightInvalid CX(19) - - TrackingGainAndSledKickHeight2 CX(1D) - - TrackingGainBrakeAndSledKickHeight2 CX(1E) - - TrackingGainBrakeAndSledKickHeightInvalid ----- - CX(11) CX(11) AntiShockOff ;\ - CX(13) CX(13) AntiShockOffGainUp ; - CX(17) CX(17) AntiShockOffGainUpBrake ;/ ----- CX(20) CX(20) CX(20) SledAndTrackingOff CX(21) CX(21) CX(21) SledServoOn ;ForTestOnly CX(22) CX(22) CX(22) SledFastForward CX(23) CX(23) CX(23) SledFastReverse CX(24) - - TrackingServoOn CX(25) CX(25) CX(25) SledAndTrackingServoOn - CX(26) CX(26) SledFastForwardAndTrackingServoOn CX(28) CX(28) CX(28) TrackingForwardJump ;ForTestOnly CX(2C) CX(2C) CX(2C) TrackingReverseJump ;ForTestOnly ----- CX(30+n) - - BalanceAdjust(0..7) CX(38+n) - - GainAdjust(0..7) ----- - CX(30) CX(30) SetSledKickLevel1 ;\ - CX(31) CX(31) SetSledKickLevel2 ; - CX(32) CX(32) SetSledKickLevel3 ;/ ----- - CX(3400E6) CX(3400E6) SetK00toE6hSledInputGain ;def=E0h - CX(340730) CX(340730) SetK07to30hSledAutoGain ;blah ;def=30h - CX(34114A) CX(34114A) SetK11to4AhFocusOutputGain ;def=32h - CX(341330) CX(341330) SetK13to30hFocusAutoGain ;blah ;def=30h - CX(341D6F) CX(341D6F) SetK1Dto6FhTrackingLowBoostFilterAL ;def=44h - CX(341F64) CX(341F64) SetK1Fto64hTrackingLowBoostFilterBL ;def=5Eh - CX(342220) CX(342220) SetK22to20hTrackingOutputGain ;def=18h - CX(342330) CX(342330) SetK23to30hTrackingAutoGain ;blah ;def=30h - CX(342D28) CX(342D28) SetK2Dto28hFocusGainDownOutputGain ;def=1Bh - CX(343E70) CX(343E70) SetK3Eto70hTrackingGainUpOutputGain ;def=57h - - CX(34910000) NewScexStopReading ;\ - - CX(3491x180) NewScexRandomKey(x) ; - - CX(34920000) NewScexFlushResyncOrSo ; SCEX SPECIAL - - CX(34944A00) NewScexInitValue1 ; see also: - - CX(3498C000) NewScexInitValue2 ; CX(3C2080) - - CX(349C1000) NewScexThis ;\inverse ; - - CX(349D1000) NewScexThat ;/of COUT ;/ - CX(34F000) CX(34F000) SetTRVSCto000h - CX(34Fxxx) CX(34Fxxx) SetFBIAStoNNNh ----- - CX(3740AA) CX(3740AA) SetSMto00h ;\set SM to 0,6,7,9 - CX(3746AA) CX(3746AA) SetSMto06h ; (sled move voltage) - CX(3747AA) CX(3747AA) SetSMto07h ; (and init several - CX(3749AA) CX(3749AA) SetSMto09h ;/fixed settings) ----- - CX(380010) CX(380010) ModeMeasureTrackingZeroLevel ;\Measure modes - CX(380800) CX(380800) ModeMeasureRfZeroLevel ; (accepted - CX(382000) CX(382000) ModeMeasureFocusZeroLevel ; every 2.9ms) - CX(388000) CX(388000) ModeMeasureVcLevel ;/ - CX(38140A) CX(38140A) ModeCompensate - CX(38140E) CX(38140E) ModeCompensateAndTraverseCenter - CX(38148A) CX(38148A) ModeCompensateAndDefectOff - CX(38148E) CX(38148E) ModeCompensateAndDefectOffTraverseCenter - CX(3814AA) CX(3814AA) ModeCompensateAndStuffAndMeasureTraverse ;! - CX(38150A) CX(38150A) ModeCompensateAndTrackingAutoGain - CX(38150E) CX(38150E) ModeCompensateAndTrackingAutoGain - CX(38160A) CX(38160A) ModeCompensateAndFocusAutoGain ----- - CX(391E) - SenseRFDCinputSignalWithoutDAC ;\rather - CX(3983) - SenseFEinputSignalWithDAC ;/unused - CX(399C) - SenseTRVSCregisterWithDAC ;\only if - CX(399D) - SenseFBIASregisterWithDAC ;/TEST1=LOW ----- - CX(3A0000) CX(3A0000) FocusBiasAdditionOff ;\ - CX(3A4000) CX(3A4000) FocusBiasAdditionOn ;/ - CX(3B2250)!CX(3B7250)!InitOperationForMirrDfctFok <-- vC2/vC3 DIFF - CX(3C) !!!CX(3C0080) TzcCoutSelectHPTZC;\ <--formerly CX(3C) - - !!!CX(3C2080) TzcCoutSelectSCEX ; <--special NewScex mode - CX(3D) !!!CX(3C4080) TzcCoutSelectDTZC ;/ <--formerly CX(3D) - CX(3E0000) CX(3E0000) InitFilterBits ;\ - CX(3E0008) CX(3E0008) InitFilterBitsInvalid ;/ - CX(3F0008) CX(3F0008) InitOtherStuff ;- ----- CX(4000) CX(4000) CX(4000) AutoSeqCancel CX(4700) CX(4700) CX(4700) AutoSeqFocusOn CX(4800) CX(4800) CX(4800) Forward1track CX(4900) CX(4900) CX(4900) Reverse1track CX(4C00) CX(4C00) CX(4C00) Forward2Ntrack CX(4D00) CX(4D00) CX(4D00) Reverse2Ntrack ----- CX(54) CX(54) CX(54) BlindBrakeOverflowTimer=4 CX(5A) CX(5A) CX(5A) BlindBrakeOverflowTimer=A CX(6100) CX(6100) CX(6100) SledKickBrakeKickTimer CX(70xxx0) CX(70xxx0) CX(70xxx0) TrackJumpCountSetting CX(8180) CX(8180)!!!CX(810408) MODE = Audio (CD-DA) - CX(8120)!!!CX(812400) MODE = Audio (CD-DA) (manual SPI bus access) - - CX(810000/UNUSED) - - CX(812000/UNUSED) CX(8980) CX(8980) CX(890408) MODE = CDROM (Data) - - CX(898000) MODE = CDROM (Data) (used on RESET) CX(9B00) CX(9B00)!!!CX(9B1000) NormalSpeed CX(9F00) CX(9F00)!!!CX(9F1000) DoubleSpeed CX(A040) CX(A040) CX(A040) Attentuation Off CX(A140) CX(A140) CX(A140) Attentuation -12 dB CX(B01000) CX(B01000) CX(B01000) TraverseMonitorCounterSetting CX(C600) CX(C600) CX(C600) SpindleServoCoefficientSetting CX(D7) CX(D7) CX(D70000) ClvControl (fixed) CX(E0) CX(E0) CX(E00000) SpindleMotorStop - - CX(E02000) <-- aka bugged CX(E0) with CRAP=2000h CX(E6) CX(E6) CX(E60000) AutomaticNormal CX(E8) CX(E8) CX(E80000) SpindleMotorForward - - CX(E8crap) <-- aka bugged CX(E8) with CRAP=xxxxh CX(EA) CX(EA) CX(EA0000) SpindleMotorReverse - - CX(EAcrap) <-- aka bugged CX(EA) with CRAP=xxxxh CX(EE) CX(EE) CX(EE0000) RoughServo ----- CX(F) CX(F) CX(F) Unused (N/A) ----- CX(Xx) CX(Xx) CX(Xx) ;\ CX(Xxxx) CX(Xxxx) CX(Xxxx) ; TestCommand (cmd_19h_50h) CX(Xxxxxx) CX(Xxxxxx) CX(Xxxxxx) ; - - CX(Xxxxxxxx) ;/ - CX(Xxxxxx) CX(Xxxxxx) SerialSense, CX(Xxxx) with extra 8bit junk |
sense(30) SEIN.BAL ;vC2: SSTP sense(38) SEIN.GAIN ;vC2: AGOK(AGT/AGF) or XAVEBSY(AVRG) or SSTP(else?) sense(40) XBUSY (low=AutoSeqBusy) sense(50) FOK (high=FokusOkay) sense(A0) GFS (high=GoodFrameSync, ie. CorrectPlaybackSpeed) sense(C5) COUT (toggles each 100h 'tracks') (100h=selected via CX(B01000)) sense(EA) /OV64 (low=EFM too long?) |
| CDROM Internal Coefficients (for CXD2545Q) |
Addr Val Expl. K00 E0 Sled input gain K01 81 Sled low boost filter A-H K02 23 Sled low boost filter A-L K03 7F Sled low boost filter B-H K04 6A Sled low boost filter B-L K05 10 Sled output gain K06 14 Focus input gain K07 30 Sled auto gain K08 7F Focus high cut filter A K09 46 Focus high cut filter B K0A 81 Focus low boost filter A-H K0B 1C Focus low boost filter A-L K0C 7F Focus low boost filter B-H K0D 58 Focus low boost filter B-L K0E 82 Focus phase compensate filter A K0F 7F Focus defect hold gain K10 4E Focus phase compensate filter B K11 32 Focus output gain K12 20 Anti shock input gain K13 30 Focus auto gain K14 80 HPTZC / Auto Gain High pass filter A K15 77 HPTZC / Auto Gain High pass filter B K16 80 Anti shock high pass filter A K17 77 HPTZC / Auto Gain low pass filter B K18 00 Fix (should not change this preset value) K19 F1 Tracking input gain K1A 7F Tracking high cut filter A K1B 3B Tracking high cut filter B K1C 81 Tracking low boost filter A-H K1D 44 Tracking low boost filter A-L K1E 7F Tracking low boost filter B-H K1F 5E Tracking low boost filter B-L K20 82 Tracking phase compensate filter A K21 44 Tracking phase compensate filter B K22 18 Tracking output gain K23 30 Tracking auto gain K24 7F Focus gain down high cut filter A K25 46 Focus gain down high cut filter B K26 81 Focus gain down low boost filter A-H K27 3A Focus gain down low boost filter A-L K28 7F Focus gain down low boost filter B-H K29 66 Focus gain down low boost filter B-L K2A 82 Focus gain down phase compensate filter A K2B 44 Focus gain down defect hold gain K2C 4E Focus gain down phase compensate filter B K2D 1B Focus gain down output gain K2E 00 Not used K2F 00 Not used K30 80 Fix (should not change this preset value) K31 66 Anti shock low pass filter B K32 00 Not used K33 7F Anti shock high pass filter B-H K34 6E Anti shock high pass filter B-L K35 20 Anti shock filter comparate gain K36 7F Tracking gain up2 high cut filter A K37 3B Tracking gain up2 high cut filter B K38 80 Tracking gain up2 low boost filter A-H K39 44 Tracking gain up2 low boost filter A-L K3A 7F Tracking gain up2 low boost filter B-H K3B 77 Tracking gain up2 low boost filter B-L K3C 86 Tracking gain up phase compensate filter A K3D 0D Tracking gain up phase compensate filter B K3E 57 Tracking gain up output gain K3F 00 Not used K40 04 Tracking hold filter input gain K41 7F Tracking hold filter A-H K42 7F Tracking hold filter A-L K43 79 Tracking hold filter B-H K44 17 Tracking hold filter B-L K45 6D Tracking hold filter output gain K46 00 Not used K47 00 Not used K48 02 Focus hold filter input gain K49 7F Focus hold filter A-H K4A 7F Focus hold filter A-L K4B 79 Focus hold filter B-H K4C 17 Focus hold filter B-L K4D 54 Focus hold filter output gain K4E 00 Not used K4F 00 Not used |
| CDROM Video CDs (VCD) |
| VCD ISO Basic Files (INFO, ENTRIES, AVSEQnn, ISO Filesystem) |
008h 32 System Identifier (always "CD-RTOS CD-BRIDGE" for VCDs)
028h 32 Volume Identifier (often nonsense, eg. "" or "__" or "VolumeLabel")
23Eh 128 Application Identifier ("CDI/CDI_APPL.VCD;1" or "CDI/CDI_VCD.APP;1")
400h 8 CD-XA Identifying Signature ("CD-XA001" for PSX and VCD)
|
VCDs are using MODE2 (with 800h-byte and 914h-byte sectors) MPEG videos are on extra data tracks (outside of the ISO area on Track 1) Files in VCD or SVCD folders use fixed sectors numbers (00:04:00 and up) All 16bit/32bit values in files in VCD,SVCD,EXT,etc are BIG-ENDIAN |
000h 8 ID "VIDEO_CD" for VCD (or "SUPERVCD"/"HQ-VCD " for SVCD) 008h 1 Version ;Version Major (01h) (or 02h for VCD 2.0) 009h 1 System Profile Tag ;Version Minor (00h) (or 01h for VCD 1.1 or HQ) 00Ah 16 Album ID/Desc (name in ASCII, padded with SPC) (usually empty) 01Ah 2 Total Number of CDs in Album (1..N) ;\usually always 1,1 (even 01Ch 2 Number of this CD in Album (1..N) ;/for movies with 2 discs) 01Eh 13 PAL Flags, 98x1bit, for each Track? (0=NTSC, 1=PAL) 02Bh 1 InfoStatusFlags (see below) Below is usually zero-filled when not using PBC 02Ch 4 Size of PSD.VCD file (or PSD.SVD?) (0=None) 030h 3 First segment addr MM:SS:00 in BCD (00:02:00 ???) 033h 1 Offset Multiplier for "PsdOffset" values in PSD.VCD (must be 8) 034h 2 Number of ListIDs in LOT.VCD file (1..7FFFh, plus 1 in some discs) 036h 2 Number of ITEMnnnn.DAT files (plus nonsense in some discs?) Below is usually zero-filled (maybe exists on SVCD only?) 038h 1980 SegmentContent[1..1980] (b0-1=Audio, b2-4=Video, b5=Cont, b6-7=OGT) 7F4h 5*2 volume start time[0]: 5x16bit ;aka playing_time[5] in seconds (?) 7FEh 2 Reserved (0) |
bit0 Reserved, must be zero bit1-2 Restriction (0=No, 1..3=Restricted category 1..3) (eg. "not for kids") bit3 Special Information is encoded in the pictures, uh? bit4 MPEG User Data is used for Closed Caption (user_data_cc) (0=No, 1=Yes) bit5 Next Disc with PBC (0=Start at ListID#1, 1=Start at ListID#2) bit6 Next Disc without PBC (0=Start at Track #2, 1=Start at Track #3) bit7 Extended PBC available (0=No, 1=Yes... aka EXT\PSD_X exists?) |
000h 8 ID "ENTRYVCD" for VCD and SVCD (or "ENTRYSVD" for VCD30) 008h 1 Version ;\same as in INFO.VCD/SVD 009h 1 System Profile Tag ;/ 00Ah 2 Number of Entries/Chapters (1..500) 00Ch 4*500 Entry[N] (Track 02h..99h, and MM:SS:FF) (all 4 bytes in BCD) 7DCh 36 Reserved (0) |
0x02 --- VCD2.0 0x01 --- SVCD, should be same as version in INFO.SVD |
0x01 if VCD1.1 0x00 else |
| VCD ISO Playback Control PBC Files (PSD, LOT, ITEMnnnn) |
PsdPlayListDescriptor (14+2*N bytes):
00h 1 Type (10h=PlayList)
01h 1 Number of Items (noi) ;for Start-of-Movie and Numeric-Input?
02h 2 ListID for this Descriptor (1..7FFFh)
04h 2 PsdOffset for Prev button (FFFFh=Disable)
06h 2 PsdOffset for Next button (FFFFh=Disable)
08h 2 PsdOffset for Return/back button (FFFFh=Disable)
0Ah 2 Play time in 1/15s (=max 72.8 minutes) (or 0000h=full item)
0Ch 1 Delay time in "1s/10s" units after ;<-- uh, after? after what?
0Dh 1 Auto pause time in "1s/10s" units (used for each item in list if
the auto pause flag in a sector is true) [WHAT is that? Trigger bit?]
0Eh 2*N ItemID[N] ;item number (0..599 or 1000..2979)
Entry 0 is for "start of movie" (usually 0002h=Track 2)
Entry 1..N-1 is for numeric input ?
PsdSelectionListDescriptor (20+2*N bytes, or 36+6*N bytes):
00h 1 Type (18h=SELECTION_LIST, or 1Ah=EXT_SELECTION_LIST)
01h 1 Flags (bit0=SelectionArea, bit1=CommandList, bit2-7=Reserved)
02h 1 nos <-- aka Number of Numeric-input selections ?
03h 1 bsn <-- ?
04h 2 ListID for this Descriptor (1..7FFFh)
06h 2 PsdOffset for Prev button
08h 2 PsdOffset for Next button
0Ah 2 PsdOffset for Return/back button
0Ch 2 PsdOffset for Default button (uh, what is that?)
0Eh 2 PsdOffset for Timeout
10h 1 totime <-- aka Timeout Time maybe? in WHAT units?
11h 1 loop <-- aka ?
12h 2 itemid <-- aka Item to be displayed during the selection?
14h 2*N PsdOffset[N] for Numeric-input ?
Below only for SVCDs (with Type=18h), or for Extended VCDs (with Type=1Ah):
(14h+2*N) 4 Area for Prev (x1,y1,x2,y2) ;\these extra entries exist for
(18h+2*N) 4 Area for Next (x1,y1,x2,y2) ; SVCDs with Type=18h, and
(1Ch+2*N) 4 Area for Return (x1,y1,x2,y2) ; Extended VCDs with Type=1Ah
(20h+2*N) 4 Area for Default (x1,y1,x2,y2) ; (but do NOT exist for
(24h+2*N) 4*N Area[N] (x1,y1,x2,y2) ;/older VCDs with Type=18h)
PsdEndListDescriptor (8 bytes)
00h 1 Type (1Fh=EndList)
01h 1 Next_disc ;00h to stop PBC or NNh to switch to disc no NN (BCD!?)
02h 2 Item (0 or 1000..2979, should be still image, eg. Change Disc pic)
04h 4 Reserved (0)
N/A - This descriptor doesn't have a ListID (unlike as other descriptors)
PsdCommandListDescriptor (5+2*N bytes)
00h 1 Type (20h=CommandList)
01h 2 Command_count
03h 2 ListID for this Descriptor (1..7FFFh)
05h 2*N command[EMPTY_ARRAY_SIZE] ;uh, WHAT is a command?
PsdAlignmentPadding (after each list entry)
00h 0..7 Padding to next 8-byte PsdOffset boundary (00h-filled)
|
1..60 --> wait "N" seconds 61..254 --> wait "(N-60)*10+60" seconds 255 --> wait infinite |
0..1 - Play nothing 2..99 - Play Track 2..99 (TOC tracks, for AVSEQnn.DAT and AUDIOnn.DAT?) 100..599 - Play Entry 1..500 from table in ENTRIES file up to end of track 600..999 - Reserved 1000..2979 - Play SPI Segment Play Item 1..1980 (ITEMnnnn.DAT file) 2980..65535 - Reserved |
0..N Offset within PSD.VCD file, in 8-byte units FFFDh PSD_OFS_MULTI_DEF_NO_NUM ;\uh, what is that? FFFEh PSD_OFS_MULTI_DEF ;/ FFFFh PSD_OFS_DISABLED ;-no function assigned to the button |
0000h 2 Reserved (0) 0002h 2*7FFFh PsdOffset[1..7FFFh] ;for ListID 1..7FFFh |
| VCD ISO Search Files (SCANDATA, SEARCH, TRACKS, SPICONTX) |
TRACKS_SVD_SECTOR = (PSD_VCD_SECTOR+1) ;aka 2nd sector in PSD.SVD? SEARCH_DAT_SECTOR = (TRACKS_SVD_SECTOR+1) ;aka 3rd..Nth sector in PSD.SVD? |
SCANDATA.DAT Format for VCD 2.0 (12+3*N bytes):
000h 8 ID "SCAN_VCD"
008h 1 Version (02h for VCD 2.0)
009h 1 Reserved (0)
00Ah 2 Number of scan points (in 0.5s units) (max FFFFh = ca. 9.1 hours)
00Ch 3*N Scan Point[0..N-1] ;MM:SS:FF of closest I-frame
SCANDATA.DAT Format for SVCD (16+3*N+2*X+3*Y+3*Z bytes):
000h 8 ID "SCAN_VCD"
008h 1 Version (01h for SVCD)
009h 1 Reserved (0)
00Ah 2 scandata_count ;number of 3-byte entries in the table
00Ch 2 track_count ;number of MPEG tracks on disc
00Eh 2 spi_count ;number of consecutively recorded play item segments
; (as opposed to the number of segment play items).
010h 3*N msf_t cum_playtimes[N] ;cumulative playing time up to track N.
; (track time just wraps at 99:59:74)
xxxh 2*X spi_indexes[X] ;Indexes into the following scandata table
xxxh 2 mpegtrack_start_index ;Index into the following scandata table
; (where the MPEG track scan points start)
xxxh 3*Y The scandata table... [Y] ;8bit Track Number and 16bit Index
uint8_t track_num; /* Track number as in TOC
uint16_t table_offset; /* Index into scandata table
xxxh 3*Z msf_t scandata_table[Z] ;MM:SS:FF
|
000h 8 ID "SEARCHSV" 008h 1 Version (01h) 009h 1 Reserved (0) 00Ah 2 Number of scan points 00Ch 1 Time_interval (in units of 0.5 seconds) (must be 01h) 00Dh 3*N Scan Point[0..N-1] ;MM:SS:FF of closest I-frame |
SVCD\TRACKS.SVD Format for SVCD (11+4*N bytes): 000h 8 ID "TRACKSVD" 008h 1 Version (01h) 009h 1 Reserved (0) 00Ah 1 Number of MPEG tracks (N) 00Bh 3*N Track playing_time[N] (MM:SS:FF, in BCD)(in sectors, not real time) 0xxh 1*N TrackContent[N] ;bit0-1=Audio,bit2-4=Video,bit5=Reserved,bit6-7=OGT SVCD\TRACKS.SVD Format for VCD30 (11+5*N bytes) (some sort of SVCD-prototype): 000h 8 ID "TRACKSVD" 008h 1 Version (01h) 009h 1 Reserved (0) 00Ah 1 Number of MPEG tracks (N) 00Bh 5*N Cum_Playing_time and Content (MM:SS:FF in BCD, and OGT, Audio) |
0000h 8 ID "SPICONSV" 0008h 1 Version (01h) 0009h 1 Reserved (0) 000Ah 2*1980 Segment Content[1..1980] (1st byte=OGT, 2nd byte=Audio) 0F82h 126 Reserved (0) |
bit0-1 Audio characteristics:
0 = No MPEG audio stream
1 = One MPEG1 or MPEG2 audio stream without extension
2 = Two MPEG1 or MPEG2 audio streams without extension
3 = One MPEG2 multi-channel audio stream with extension
bit2-4 Video characteristics:
In TRACKS.SVD this must be 0,3,7 (no still pictures)
0 = No MPEG video data
1 = NTSC still picture
2 = NTSC Reserved (NTSC still pic hires?)
3 = NTSC motion picture
4 = Reserved
5 = PAL still picture
6 = PAL Reserved (PAL still pic hires?)
7 = PAL motion picture
bit5 Indicates segment is continuation of an item
In TRACKS.SVD this must be 0 (reserved)
0 = First or only segment of item
1 = Second or later segment of item
bit6-7 Overlay Graphics/Text (OGT):
0 = No OGT substream
1 = Sub-stream 0 available
2 = Sub-stream 0 & 1 available
3 = All OGT sub-substreams available
|
1st byte = Audio characteristics ;\probably same values as 2nd byte = Overlay Graphics/Text (OGT) ;/in above bitfields? |
| VCD ISO Misc files (CAPTnn, AUDIOnn, KARINFO, PICTURES, CDI) |
Revision A (spotted on two discs from 1997 and 1999): CDI_APPL.VCD 80702 bytes, 04-Mar-1996, CRC32=AE8FC5D0h ;executable VCD_BACK.DYV 92572 bytes, 18-Jul-1995, CRC32=00693E5Eh ;whatever? VCD_BTN.C8 93719 bytes, 18-Jul-1995, CRC32=FF0A636Ah ;whatever? Revision B (spotted on a disc from 2003): CDI_VCD.APP 20648 bytes, 00-Nul-0000 CRC32=DC885F70h ;executable CDI_FONT.FNT 145388 bytes, 00-Nul-0000 CRC32=FB4D63F4h ;font? CDI_ALL.RTF ? bytes, CRC32=? ;realtimefile? CDI_BUM.RTF ? bytes, CRC32=? ;realtimefile? Revision C (spotted on a disc from 2006, and homebrews from 2001 and 2017): CDI_VCD.APP 102400 bytes, 00-Nul-0000 CRC32=E91E128Dh ;executable CDI_VCD.CFG 193 bytes, 00-Nul-0000 CRC32=D1C6F7ADh ;config/ascii CDI_TEXT.FNT 13616 bytes, 00-Nul-0000 CRC32=BDC55E86h ;font? CDI_IMAG.RTF 1510028 bytes, 00-Nul-0000 CRC32=(RIFF) ;realtimefile? |
| VCD MPEG-1 Multiplex Stream |
VCD discs --> Sector Size = 914h bytes (the discs MODE2/FORM2 sector size) .mpg files --> Sector Size = 800h bytes (regardless of physical sector size) |
32bit PACK_START_CODE (000001BAh) ;-4byte 2bit Fixed (00b for MPEG-1) (would be 01b for MPEG-2) ;\ 2bit Fixed (10b) ; 3bit System Clock Reference, bit32-30 ;\ ; 1bit Marker (1) ; System Clock Reference (SCR) ; 15bit System Clock Reference, bit29-15 ; (intended Time, ; 5byte 1bit Marker (1) ; in 90kHz clock cycles) ; 15bit System Clock Reference, bit14-0 ;/ ; 1bit Marker (1) ;/ 1bit Marker (1) ;\ 22bit Multiplex Rate (total bitrate of the stream, in 400bit/s units) ; 3byte 1bit Marker (1) ;/ |
32bit SYSTEM_HEADER_START_CODE (000001BBh) ;\6byte 16bit Header Length minus 6 (in bytes) (0006h+N*3) ;/ 1bit Marker (1) ;\ 22bit Rate bound (max multiplex rate of all packs in the stream, ; 3byte 1bit Marker (1) in 400bit/s units) ;/ 6bit Audio Bound (max number of audio streams in this ISO stream) ;\ 1bit Fixed Flag (1=Fixed bitrate) ; 1byte 1bit CSPS Flag (1=Constrained) ;/ 1bit System Audio Lock Flag XXX ;\ 1bit System Video Lock Flag XXX ; 1byte 1bit Marker (1) ; 5bit Video Bound (max number of video streams in this ISO stream) ;/ 8bit Reserved (FFh) ;-1byte |
8bit Stream ID (C0h..DFh=Audio, E0h..EFh=Video) ;\ 2bit Fixed (11b) ; 3byte 1bit STD buffer scale (0=Mul128/audio, 1=Mul1024/video) ; 13bit STD buffer size (largest required buffer over all packets) ;/ |
32bit START (000001xxh BDh-BFh=Special, C0h-DFh=Audio, E0h-EFh=Video);\6byte 16bit Packet Length minus 6 (in bytes) (1..18, plus data) ;/ |
(2bit) Fixed (11b, indicates presence of stuffing) ;\optional 0..16byte (6bit) Fixed (111111b) ;/ |
(2bit) Fixed (01b, indicates presence of buffer size) ;\ (1bit) STD Buffer Scale (0=Mul128/audio, 1=Mul1024/video) ; optional 2byte (13bit) STD Buffer Size (for decoding, in above scale units) ;/ |
2bit Fixed (00b, indicates no further stuffing/buffer info);\ 1bit PTS Flag (Presentation Time Stamp) ; 0.5 bytes 1bit DTS Flag (Decoding Time Stamp) ;/ |
(3bit) Presentation Time Stamp, bit32-30 ;\ (1bit) Marker (1) ; optional 4.5 bytes (15bit) Presentation Time Stamp, bit29-15 ; (time when to output the (1bit) Marker (1) ; the packet to audio/video (15bit) Presentation Time Stamp, bit14-0 ; hardware, in 90kHz cycles) (1bit) Marker (1) ;/ |
(4bit) Fixed (0001b) ;\ (3bit) Decoding Time Stamp, bit32-30 ; optional 5 bytes (1bit) Marker (1) ; (recommended time when (15bit) Decoding Time Stamp, bit29-15 ; to decode the block, (1bit) Marker (1) ; in 90kHz cycles) (15bit) Decoding Time Stamp, bit14-0 ; (1bit) Marker (1) ;/ |
(4bit) Fixed (1111b) ;-optional 0.5 bytes |
... packet data bytes ;-data...(not crossing sector) |
32bit END_CODE (000001B9h) ;-4byte |
| VCD MPEG-1 Video Stream |
32bit SEQUENCE_HEADER_CODE (000001B3h) ;-4byte 12bit Width in pixels (1..4095) ;\3byte 12bit Height in pixels (1..2800, for max AFh slices) ;/ 4bit Aspect Ratio (01h..0Eh, see below) ;\1byte 4bit Framerate (01h..08h, see below) ;/ 18bit Bitrate (in 400bit/s units, 3FFFFh=variable rate) ;\ 1bit Marker (1) ; 3byte 10bit VBV (required decoding memory size, in "16 kB" units) ; +6bit 1bit Constrained Parameter Flag ;/ 1bit Load Intra Q Matrix (0=No, use Standard Matrix, 1=Yes, Custom) |
(64byte) Intra Quantizer Matrix (64 x 8bit, unsigned) (in zigzag order) 1bit Load Non-Intra Q Matrix (0=No, use Standard Matrix, 1=Yes, Custom) |
(64byte) Non-Intra Quantizer Matrix (64 x 8bit, unsigned) (in zigzag order) |
0 - ;forbidden 1 1.0 ;square pixels 2 0.6735 ;0.6735 3 0.7031 ;16:9, 625 line, PAL 4 0.7615 ;0.7615 5 0.8055 ;0.8055 6 0.8437 ;16:9, 525 line, NTSC 7 0.8935 ;0.8935 8 0.9157 ;4:3, 625 line, PAL, CCIR601 9 0.9815 ;0.9815 10 1.0255 ;1.0255 11 1.0695 ;1.0695 12 1.0950 ;4:3, 525 line, NTSC, CCIR601 13 1.1575 ;1.1575 14 1.2015 ;1.2015 15 - ;reserved |
0 - ;forbidden 1 23.976 (24000/1001) ;NTSC encapsulated film rate 2 24.0 ;Standard international cinema film rate 3 25.0 ;PAL video frame rate (625/50) 4 29.97 (30000/1001) ;NTSC video frame rate 5 30.0 ;NTSC video frame rate drop-frame (525/60) 6 50.0 ;PAL double frame rate/progressive 7 59.94 (60000/1001) ;NTSC double frame rate 8 60.0 ;NTSC double frame rate drop-frame 9-15 - ;reserved |
32bit GROUP_START_CODE (000001B8h) 1bit Drop Frame (1=drop this frame; for reducing 30 fps to 29.97 fps) 5bit Time Code Hours (0..23) 6bit Time Code Minutes (0..59) 1bit Marker (1) 6bit Time Code Seconds (0..59) 6bit Time Code Picture (0..59) 1bit Closed GOP 1bit Broken Link |
32bit PICTURE_START_CODE (00000100h) ;\ 10bit Temporal Reference (display order, 0..3FFh) ; 61bit 3bit Coding Type (0=Invalid, 1=I, 2=P, 3=B, 4=D, 5-7=Reserved); 16bit VBV Delay (in 90kHz cycles, FFFFh=variable bitrate) ;/ |
(1bit) full fel forward vector (0=half pix, 1=full pix) ;\optional 4bit (3bit) forward f code (0=invalid, 1..7=0..6bits) ;/ |
(1bit) full backward vector ;\optional 4bit (3bit) backward f code ;/ |
(1bit) Fixed (1, indicates presence of Extra Info) ;\opt. N*9bit (8bit) Extra Information ;/ |
1bit Fixed (0, indicates no further Extra Info) ;-1bit 0-7bit Padding to byte boundary (0) ;-0..7bit |
0 Forbidden 1 I - Intra Coded (full image) 2 P - Predictive Coded (based on prev I or P frame) 3 B - Bidirectionally Predictive Coded (based on prev+next I or P frame) 4 D - DC Intra Coded (don't care, lowres thumbnail) 5 Reserved 6 Reserved 7 Reserved |
DISPLAY ORDER: I B B B P B B B P B B B P B B B I B B B P B B B P B B B P B B B ... | |_______|_______| | |_______|_______| | | | | I-Frame P-frames I-Frame P-frames |
STORAGE ORDER: I P B B B P B B B P B B B I B B B P B B B P B B B P B B B ... | |_______|_______| | |_______|_______| | | | | I-Frame P-frames I-Frame P-frames |
32bit PACK_START_CODE (000001xxh; xx=01h..AFh; vertical index) ;-4byte 5bit Quantizer Scale (1..31) (may be later changed by blocks) ;-5bit |
(1bit) Fixed (1, indicates presence of Extra Info) ;\opt. N*9bit (8bit) Extra Information ;/ |
1bit Fixed (0, indicates no further Extra Info) ;-1bit |
... Macroblock (within horizontal line) ;... |
0-7bit Padding to byte boundary (0) ;-0..7bit |
32bit START_CODE (000001B2h=User Data, 000001B5h=Extension Data) ;-4byte ... data (end is signaled by presence of next 000001xxh code) ;-data |
32bit SEQUENCE_END_CODE (000001B7h) ;-4byte |
N*11bit Macroblock_address_increase escape/stuffing codes (if any)
1..11bit Macroblock_address_increase
1-6bit Macroblock_type
5bit Quantizer_scale
... Motion_vector
3-9bit Coded_block_pattern
... Block(i)
|
Addr Incr Type Motion Vector QScale CBP Block b0 (Y1) Block b1 (Y2) Block b2 (Y3) Block b3 (Y4) Block b4 (Cb) Block b5 (Cr) |
| VCD MP2 Audio Stream |
Header (32bit) Optional CRC (16bit) (or 0bit if none) Allocation Information Scale Factor Selector Information Scale Factors Data |
12bit Syncword (FFFh) ;\
1bit Revision (0=MPEG-2, 1=MPEG-1) ; 2 bytes
2bit Layer (2=Audio LayerII) ;
(3=LayerI, 1=LayerIII, r3=reserved) ;
1bit Protection_bit (1=no crc) ;/
4bit Bitrate_index (1..14) ;\
(0=free format, 15=reserved) ;
2bit Sampling_frequency ; 1 byte
1bit Padding_bit ;
1bit Private_bit ;/
2bit Mode ;\
2bit Mode_extension (aka bound) ;
1bit Copyright ; 1 byte
1bit Original/home ;
2bit Emphasis ;/
|
16bit CRC |
XXX... |
| Inflate |
| Inflate - Core Functions |
tinf_init() ;init constants (needed to be done only once) tinf_align_src_to_byte_boundary() repeat bfinal=tinf_getbit() ;read final block flag (1 bit) btype=tinf_read_bits(2) ;read block type (2 bits) if btype=0 then tinf_inflate_uncompressed_block() if btype=1 then tinf_build_fixed_trees(), tinf_inflate_compressed_block() if btype=2 then tinf_decode_dynamic_trees(), tinf_inflate_compressed_block() if btype=3 then ERROR ;reserved until bfinal=1 tinf_align_src_to_byte_boundary() ret |
tinf_align_src_to_byte_boundary() len=LittleEndian16bit[src+0] ;get len if LittleEndian16bit[src+2]<>(len XOR FFFFh) then ERROR ;verify inverse len src=src+4 ;skip len values for i=0 to len-1, [dst]=[src], dst=dst+1, src=src+1, next i ;copy block ret |
repeat sym1=tinf_decode_symbol(tinf_len_tree) if sym1<256 [dst]=sym1, dst=dst+1 if sym1>256 len = tinf_read_bits(length_bits[sym1-257])+length_base[sym1-257] sym2 = tinf_decode_symbol(tinf_dist_tree) dist = tinf_read_bits(dist_bits[sym2])+dist_base[sym2] for i=0 to len-1, [dst]=[dst-dist], dst=dst+1, next i until sym1=256 ret |
sum=0, cur=0, len=0 repeat ;get more bits while code value is above sum cur=cur*2 + tinf_getbit() len=len+1 sum=sum+tree.table[len] cur=cur-tree.table[len] until cur<0 return tree.trans[sum+cur] |
val=0 for i=0 to num-1, val=val+(tinf_getbit() shl i), next i return val |
bit=tag AND 01h, tag=tag/2 if tag=00h then tag=[src], src=src+1, bit=tag AND 01h, tag=tag/2+80h return bit |
tag=01h ;empty/end-bit (discard any bits, align src to byte-boundary) ret |
| Inflate - Initialization & Tree Creation |
tinf_build_bits_base(length_bits, length_base, 4, 3) length_bits[28]=0, length_base[28]=258 tinf_build_bits_base(dist_bits, dist_base, 2, 1) ret |
for i=0 to 29 bits[i]=min(0,i-delta)/delta base[i]=base_val base_val=base_val+(1 shl bits[i]) ret |
for i=0 to 6, tinf_len_tree.table[i]=0, next i ;[0..6]=0 ;len tree... tinf_len_tree.table[7,8,9]=24,152,112 ;[7..9]=24,152,112 for i=0 to 23, tinf_len_tree.trans[i+0] =i+256, next i ;[0..23] =256..279 for i=0 to 143, tinf_len_tree.trans[i+24] =i+0, next i ;[24..167] =0..143 for i=0 to 7, tinf_len_tree.trans[i+168]=i+280, next i ;[168..175]=280..287 for i=0 to 111, tinf_len_tree.trans[i+176]=i+144, next i ;[176..287]=144..255 for i=0 to 4, tinf_dist_tree.table[i]=0, next i ;[0..4]=0,0,0,0,0 ;\dist tinf_dist_tree.table[5]=32 ;[5]=32 ; tree for i=0 to 31, tinf_dist_tree.trans[i]=i, next i ;[0..31]=0..31 ;/ ret |
hlit = tinf_read_bits(5)+257 ;get 5 bits HLIT (257-286) hdist = tinf_read_bits(5)+1 ;get 5 bits HDIST (1-32) hclen = tinf_read_bits(4)+4 ;get 4 bits HCLEN (4-19) for i=0 to 18, lengths[i]=0, next i for i=0 to hclen-1 ;read lengths for code length alphabet lengths[clcidx[i]]=tinf_read_bits(3) ;get 3 bits code length (0-7) tinf_build_tree(code_tree, lengths, 19) ;build code length tree for num=0 to hlit+hdist-1 ;decode code lengths for dynamic trees sym = tinf_decode_symbol(code_tree) len=1, val=sym ;default (for sym=0..15) if sym=16 then len=tinf_read_bits(2)+3, val=lengths[num-1] ;3..6 previous if sym=17 then len=tinf_read_bits(3)+3, val=0 ;3..10 zeroes if sym=18 then len=tinf_read_bits(7)+11, val=0 ;11..138 zeroes for i=1 to len, lengths[num]=val, num=num+1, next i tinf_build_tree(tinf_len_tree, 0, hlit) ;\build trees tinf_build_tree(tinf_dist_tree, 0+hlit, hdist) ;/ ret |
for i=0 to 15, tree.table[i]=0, next i ;clear code length count table ;scan symbol lengths, and sum code length counts... for i=0 to num-1, x=lengths[i+first], tree.table[x]=tree.table[x]+1, next i tree.table[0]=0 sum=0 ;compute offset table for distribution sort for i=0 to 15, offs[i]=sum, sum=sum+tree.table[i], next i for i=0 to num-1 ;create code to symbol xlat table (symbols sorted by code) x=lengths[i+first], if x<>0 then tree.trans[offs[x]]=i, offs[x]=offs[x]+1 next i ret |
clcidx[0..18] = 16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15 ;constants |
typedef struct TINF_TREE: unsigned short table[16] ;table of code length counts unsigned short trans[288] ;code to symbol translation table |
TINF_TREE tinf_len_tree ;length/symbol tree TINF_TREE tinf_dist_tree ;distance tree TINF_TREE code_tree ;temporary tree (for generating the dynamic trees) unsigned char lengths[288+32] ;temporary 288+32 x 8bit ;\for dynamic tree unsigned short offs[16] ;temporary 16 x 16bit ;/creation |
unsigned char length_bits[30] unsigned short length_base[30] unsigned char dist_bits[30] unsigned short dist_base[30] |
| Inflate - Headers and Checksums |
src_start=src, dst_start=dst ;memorize start addresses if (src[0]<>1fh or src[1]<>8Bh) then ERROR ;check id bytes if (src[2]<>08h) then ERROR ;check method is deflate flg=src[3] ;get flag byte if (flg AND 0E0h) then ERROR ;verify reserved bits src=src+10 ;skip base header if (flg AND 04h) then src=src+2+LittleEndian16bit[src] ;skip extra data if (flg AND 08h) then repeat, src=src+1, until [src-1]=00h ;skip file name if (flg AND 10h) then repeat, src=src+1, until [src-1]=00h ;skip file comment hcrc=(tinf_crc32(src_start, src-src_start) & 0000ffffh)) ;calc header crc if (flg AND 02h) then x=LittleEndian16bit[src], src=src+2 ;get header crc if (flg AND 02h) then if x<>hcrc then ERROR ;verify header tinf_uncompress(dst, destLen, src, src_start+sourceLen-src-8) ;----> inflate crc32=LittleEndian32bit[src], src=src+4 ;get crc32 of decompressed data dlen=LittleEndian32bit[src], src=src+4 ;get decompressed length if (dlen<>destLen) then ERROR ;verify dest len if (crc32<>tinf_crc32(dst_start,dlen)) then ERROR ;verify crc32 ret |
src_start=src, dst_start=dst ;memorize start addresses hdr=BigEndian16bit[src], src=src+2 ;get header if (hdr MOD 31)<>0 then ERROR ;check header checksum (modulo) if (hdr AND 20h)>0 then ERROR ;check there is no preset dictionary if (hdr AND 0F00h)<>0800h then ERROR ;check method is deflate if (had AND 0F000h)>7000h then ERROR ;check window size is valid tinf_uncompress(dst, destLen, src, sourceLen-6) ;------> inflate chk=BigEndian32bit[src], src=src+4 ;get data checksum if src-src_start<>sourceLen then ERROR ;verify src len if dst-dst_start<>destLen then ERROR ;verify dst len if a32<>tinf_adler32(dst_start,destLen)) then ERROR ;verify data checksum ret |
s1=1, s2=0 while (length>0) k=max(length,5552) for i=0 to k-1, s1=s1+[src], s2=s2+s1, src=src+1, next i s1=s1 mod 65521, s2=s2 mod 65521, length=length-k return (s2*10000h+s1) |
| Controllers and Memory Cards |
| Controller and Memory Card I/O Ports |
0-7 Data to be sent 8-31 Not used |
0-7 Received Data (1st RX FIFO entry) (oldest entry) 8-15 Preview (2nd RX FIFO entry) 16-23 Preview (3rd RX FIFO entry) 24-31 Preview (4th RX FIFO entry) (5th..8th cannot be previewed) |
0 TX Ready Flag 1 (1=Ready/Started) 1 RX FIFO Not Empty (0=Empty, 1=Not Empty) 2 TX Ready Flag 2 (1=Ready/Finished) 3 RX Parity Error (0=No, 1=Error; Wrong Parity, when enabled) (sticky) 4 Unknown (zero) (unlike SIO, this isn't RX FIFO Overrun flag) 5 Unknown (zero) (for SIO this would be RX Bad Stop Bit) 6 Unknown (zero) (for SIO this would be RX Input Level AFTER Stop bit) 7 /ACK Input Level (0=High, 1=Low) 8 Unknown (zero) (for SIO this would be CTS Input Level) 9 Interrupt Request (0=None, 1=IRQ7) (See JOY_CTRL.Bit4,10-12) (sticky) 10 Unknown (always zero) 11-31 Baudrate Timer (21bit timer, decrementing at 33MHz) |
0-1 Baudrate Reload Factor (1=MUL1, 2=MUL16, 3=MUL64) (or 0=MUL1, too) 2-3 Character Length (0=5bits, 1=6bits, 2=7bits, 3=8bits) 4 Parity Enable (0=No, 1=Enable) 5 Parity Type (0=Even, 1=Odd) (seems to be vice-versa...?) 6-7 Unknown (always zero) 8 CLK Output Polarity (0=Normal:High=Idle, 1=Inverse:Low=Idle) 9-15 Unknown (always zero) |
0 TX Enable (TXEN) (0=Disable, 1=Enable) 1 /JOYn Output (0=High, 1=Low/Select) (/JOYn as defined in Bit13) 2 RX Enable (RXEN) (0=Normal, when /JOYn=Low, 1=Force Enable Once) 3 Unknown? (read/write-able) (for SIO, this would be TX Output Level) 4 Acknowledge (0=No change, 1=Reset JOY_STAT.Bits 3,9) (W) 5 Unknown? (read/write-able) (for SIO, this would be RTS Output Level) 6 Reset (0=No change, 1=Reset most JOY_registers to zero) (W) 7 Not used (always zero) (unlike SIO, no matter of FACTOR) 8-9 RX Interrupt Mode (0..3 = IRQ when RX FIFO contains 1,2,4,8 bytes) 10 TX Interrupt Enable (0=Disable, 1=Enable) ;when JOY_STAT.0-or-2 ;Ready 11 RX Interrupt Enable (0=Disable, 1=Enable) ;when N bytes in RX FIFO 12 ACK Interrupt Enable (0=Disable, 1=Enable) ;when JOY_STAT.7 ;/ACK=LOW 13 Desired Slot Number (0=/JOY1, 1=/JOY2) (set to LOW when Bit1=1) 14-15 Not used (always zero) |
0-15 Baudrate Reload value for decrementing Baudrate Timer |
BitsPerSecond = (44100Hz*300h) / MIN(((Reload*Factor) AND NOT 1),1) |
Actually, /IRQ7 means "more-data-request", accordingly, it does NOT get triggered after receiving the LAST byte. |
| Controller and Memory Card Misc |
Memory Card 1 Memory Card 2 Controller 1 Controller 2 |
JOYDAT,JOYCMD,JOYCLK Data in/out/clock +7.5V,+3.5V,GND Supply /JOY1,/JOY2 Selects controller/memorycard 1, or controller/memorycard 2 /ACK Indicates that the device is ready to send more data (IRQ7) /IRQ10 Lightgun (controllers only, not memory card) (IRQ10) |
| Controller and Memory Card Signals |
____ _____
/SEL |____________________________________________________________|
______ ____ ____ ____ ____ _________
CLK |||||||| |||||||| |||||||| |||||||| ||||||||
_______________________________________________________________________
CMD X 01h XXXX 42h XXXX 00h XXXX 00h XXXX 00h XXXX
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_____________________________________________________________
DAT -----XXXXXXXXXXXXX ID XXXX 5Ah XXXX key1 XXXX key2 XXXX-----
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/ACK ---------------|_|---------|_|---------|_|---------|_|-----------------
|
____
/SEL |__________________________________________________________________
______ _ _ _ _ _ _ _ __________________ _ _ _ _
CLK |_| |_| |_| |_| |_| |_| |_| |_| |_| |_| |_| |_|
__________ ___
CMD |________________________________________________| |_______
____
DAT -----XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |___________
/ACK ----------------------------------------------|___|--------------------
|
| Controller and Memory Card Multitap Adaptor |
01 42 00 00 .. ;normal read |
01 42 01 00 .. ;method 1: receive special ID and data from ALL four pads 0n 42 00 00 .. ;method 2: receive data from pad number "n" (1..4) |
Halfword 0 --> Controller ID for MultiTap (5A80h=Multitap) Halfword 1..4 --> Player A (Controller ID, Buttons, Analog Inputs, if any) Halfword 5..8 --> Player B (Controller ID, Buttons, Analog Inputs, if any) Halfword 9..12 --> Player C (Controller ID, Buttons, Analog Inputs, if any) Halfword 13..16 --> Player D (Controller ID, Buttons, Analog Inputs, if any) |
Previous access had REQ=0 and returned Slot A data ---> returns Slot A data Previous access had REQ=0 and returned Slot A-D data -> returns Slot A data Previous access had REQ=1 and returned Slot A data ---> returns Slot A-D data Previous access had REQ=1 and returned Slot A-D data -> returns garbage Previous access had REQ=1 and returned garbage -------> returns Slot A-D data |
80 xx .. .. ;normal access |
8n xx .. .. ;access memory card in slot "n" (1..4) |
Bomberman World Breakout: Off the Wall Fun Circuit Breakers Crash Team Racing FIFA series soccer games Frogger Gauntlet: Dark Legacy Hot Shots Golf 2 & 3 NBA Live (any year) (up to 8 players with two multitaps) Need For Speed 3 Need For Speed 5 Poy Poy (4 players hitting each other with rocks and trees) Running Wild |
.------.
SCPH-1070 | | SCPH-111
(gray case) | | (white case)
(for PSX) | D | (for PSone)
| | .----------------.
cable | | cable .' D C '.
''--.. | C | '''--..__| |
\| | | |
.----------------' | '. A B .'
| | '----------------'
| |
| A B /
'---------------------'
|
| Controllers - Communication Sequence |
Send Reply Comment 01h Hi-Z Controller Access (unlike 81h=Memory Card access), dummy response 42h idlo Receive ID bit0..7 (variable) and Send Read Command (ASCII "B") TAP idhi Receive ID bit8..15 (usually/always 5Ah) MOT swlo Receive Digital Switches bit0..7 MOT swhi Receive Digital Switches bit8..15 --- transfer stops here for digital pad (or analog pad in digital mode) --- 00h adc0 Receive Analog Input 0 (if any) (eg. analog joypad or mouse) 00h adc1 Receive Analog Input 1 (if any) (eg. analog joypad or mouse) --- transfer stops here for analog mouse ---------------------------------- 00h adc2 Receive Analog Input 2 (if any) (eg. analog joypad) 00h adc3 Receive Analog Input 3 (if any) (eg. analog joypad) --- transfer stops here for analog pad (in analog mode) ------------------- --- transfer stops here for nonstandard devices (steering/twist/paddle) --- |
0-3 Number of following halfwords (01h..0Fh=1..15, or 00h=16 halfwords) 4-7 Controller Type (or currently selected Controller Mode) 8-15 Fixed (5Ah) |
xx00h=N/A (initial buffer value from InitPad BIOS function) 5A12h=Mouse (two button mouse) 5A23h=NegCon (steering twist/wheel/paddle) 5A31h=Konami Lightgun (IRQ10-type) 5A41h=Digital Pad (or analog pad/stick in digital mode; LED=Off) 5A53h=Analog Stick (or analog pad in "flight mode"; LED=Green) 5A63h=Namco Lightgun (Cinch-type) 5A73h=Analog Pad (in normal analog mode; LED=Red) 5A80h=Multitap (multiplayer adaptor) (when activated) 5AE3h=Jogcon (steering dial) 5AF3h=Config Mode (when in config mode; see rumble command 43h) FFFFh=High-Z (no controller connected, pins floating High-Z) |
| Controllers - Standard Digital/Analog Controllers |
___ ___ ___ ___
__/_L_\__ Analog Pad __/_R_\__ __/_L_\__ Digital Pad __/_R_\__
/ _ \--------------/ \ / _ \--------------/ \
| _| |_ | | /\ | | _| |_ | | /\ |
| |_ X _| |SEL STA| [] () | | |_ X _| | | [] () |
| |_| ___ ANALOG ___ >< | | |_| | SEL STA | >< |
|\______ / L \ LED / R \ ______/| |\_________/--------------\_________/|
| | Joy |--------| Joy | | | | | |
| / \___/ \___/ \ | | / \ |
\____/ \____/ \____/ \____/
|
__Halfword 0 (Controller Info)_______________________________________________ 0-15 Controller Info (5A41h=digital, 5A73h=analog/pad, 5A53h=analog/stick) __Halfword 1 (Digital Switches)______________________________________________ 0 Select Button (0=Pressed, 1=Released) 1 L3/Joy-button (0=Pressed, 1=Released/None/Disabled) ;analog mode only 2 R3/Joy-button (0=Pressed, 1=Released/None/Disabled) ;analog mode only 3 Start Button (0=Pressed, 1=Released) 4 Joypad Up (0=Pressed, 1=Released) 5 Joypad Right (0=Pressed, 1=Released) 6 Joypad Down (0=Pressed, 1=Released) 7 Joypad Left (0=Pressed, 1=Released) 8 L2 Button (0=Pressed, 1=Released) (Lower-left shoulder) 9 R2 Button (0=Pressed, 1=Released) (Lower-right shoulder) 10 L1 Button (0=Pressed, 1=Released) (Upper-left shoulder) 11 R1 Button (0=Pressed, 1=Released) (Upper-right shoulder) 12 /\ Button (0=Pressed, 1=Released) (Triangle, upper button) 13 () Button (0=Pressed, 1=Released) (Circle, right button) 14 >< Button (0=Pressed, 1=Released) (Cross, lower button) 15 [] Button (0=Pressed, 1=Released) (Square, left button) __Halfword 2 (Right joystick) (analog pad/stick in analog mode only)_________ 0-7 adc0 RightJoyX (00h=Left, 80h=Center, FFh=Right) 8-15 adc1 RightJoyY (00h=Up, 80h=Center, FFh=Down) __Halfword 3 (Left joystick) (analog pad/stick in analog mode only)__________ 0-7 adc2 LeftJoyX (00h=Left, 80h=Center, FFh=Right) 8-15 adc3 LeftJoyY (00h=Up, 80h=Center, FFh=Down) |
...''''''''''...
____ .''________________''._____ ___ 00h
| .'' ''. |
|.' '.| ___ 10h
.' '.
:| |:
: | | : ___ 60h
.' | .''''''. | '.
: | .' '. | :
: | : : | : ___ 80h
: | : : | :
: | '. .' | :
'. | '......' | .' ___ A0h
: | | :
:| |:
'. .' ___ F0h
|'. .'|
|__'..______________________..'__| ___ FFh
. '.. ..' .
00h '''..........''' FFh
|
Big Circle --> Mechanically possible field of motion Square Area --> Digitally visible 8bit field of motion Small Circle --> Resting position when releasing the joystick |
SCPH-1150 Min=(00,00), Mid: (72..90,79..AC), Max=(FF,FF) at 25'C SCPH-1200 Min=(0E,0E), Mid: (6C..8A,75..79), Max=(ED,ED) at 16'C SCPH-110 Min=(11,11), Mid: (8A..9F,70..96), Max=(FD,FD) at 16'C |
ID is 5A53h (identifying itself as analog stick) (rather than analog pad) Left/right joy-buttons disabled (as for real analog stick, bits are always 1) Some buttons are re-arranged: bit9=L1 bit10=[] bit11=/\ bit12=R1 bit15=R2 |
| Controllers - Mouse |
__Halfword 0 (Controller Info)________________ 0-15 Controller Info (5A12h=Mouse) __Halfword 1 (Mouse Buttons)__________________ 0-7 Not used (All bits always 1) 8-9 Unknown (Seems to be always 0) (maybe SNES-style sensitivity?) 10 Right Button (0=Pressed, 1=Released) 11 Left Button (0=Pressed, 1=Released) 12-15 Not used (All bits always 1) __Halfword 2 (Mouse Motion Sensors)___________ 0-7 Horizontal Motion (-80h..+7Fh = Left..Right) (00h=No motion) 8-15 Vertical Motion (-80h..+7Fh = Up..Down) (00h=No motion) |
3D Lemmings Alien Resurrection Area 51 Ark of Time Atari Anniversary Edition Atlantis: The Lost Tales Breakout: Off the Wall Fun Broken Sword: The Shadow of the Templars Broken Sword II: The Smoking Mirror Clock Tower: The First Fear Clock Tower II: The Struggle Within Command & Conquer: Red Alert Command & Conquer: Red Alert - Retaliation Constructor (Europe) Die Hard Trilogy Die Hard Trilogy 2: Viva Las Vegas Discworld Discworld II: Missing Presumed...!? Discworld Noir Dune 2000 Final Doom Galaxian 3 Ghoul Panic Klaymen Klaymen: Neverhood no Nazon (Japan) Lemmings and Oh No! More Lemmings Monopoly Music 2000 Myst Neorude (Japan) Perfect Assassin Policenauts (Japan) Puchi Carat Quake II Railroad Tycoon II Rescue Shot Risk Riven: The Sequel to Myst RPG Maker Sentinel Returns SimCity 2000 Syndicate Wars Tempest 2000 (Tempest X3) Theme Aquarium (Japan) Transport Tycoon Warhammer: Dark Omen Warzone 2100 X-COM: Enemy Unknown X-COM: Terror from the Deep Z |
1x 3pin 4.00MHz "[M]4000A, 85 2" 2x 2pin button (left/right) 1x 8pin connector (to cable with shield and 7 wires) 1x 3pin "811, T994I" 2x 3pin photo transistor (black) ;\or so, no idea which one is 2x 2pin photo diode (transparent) ;/sender and which is sensor 1x 2pin electrolyt capacitor 16V, 10uF |
1x 32pin "(M), SC442116, FB G22K, JSAA815B" 1x 14pin "BA10339F, 817 L67" (Quad Comparator) 2x 3pin "LC" (amplifier for photo diodes) 1x 3pin "24-" (looks like a dual-diode or so) plus many SMD resistors/capacitors |
PSX.Controller.Pin1 JOYDAT ---- brown -- Mouse.Pin4 PSX.Controller.Pin2 JOYCMD ---- red -- Mouse.Pin3 PSX.Controller.Pin3 +7.5V ---- N/A PSX.Controller.Pin4 GND ---- orange -- Mouse.Pin7 GND (G) PSX.Controller.Pin5 +3.5V ---- yellow -- Mouse.Pin1 PSX.Controller.Pin6 /JOYn ---- green -- Mouse.Pin5 PSX.Controller.Pin7 JOYCLK ---- blue -- Mouse.Pin2 PSX.Controller.Pin8 /IRQ10 ---- N/A PSX.Controller.Pin9 /ACK ---- purple -- Mouse.Pin6 PSX.Controller.Shield --------- shield -- Mouse.Pin8 GND (SHIELD) |
__First Character____________________ 6 First Character Flag (1) 5 Left Button (1=Pressed) 4 Right Button (1=Pressed) 2-3 Upper 2bit of Vertical Motion 0-1 Upper 2bit of Horizontal Motion __Second Character___________________ 6 Non-first Character Flag (0) 5-0 Lower 6bit of Horizontal Motion __Third Character____________________ 6 Non-first Character Flag (0) 5-0 Lower 6bit of Vertical Motion __Fourth Character (if any)__________ 6 Non-first Character Flag (0) 5 Middle Button (1=Pressed) 4 Unused ??? 3-0 Wheel ??? |
"M" = Two-Button Mouse (aka "Microsoft" mouse) "3" = Three-Button Mouse (aka "Logitech" mouse) "Z" = Mouse-Wheel |
__First Byte_________________________ 7-3 First Byte Code (10000b) 2 Left? Button (0=Pressed) 1 Middle? Button (0=Pressed) 0 Right? Button (0=Pressed) __Second Byte________________________ 7-0 Horizontal Motion (X1) __Third Byte_________________________ 7-0 Vertical Motion (Y1) __Fourth Byte________________________ 7-0 Horizontal Motion (X2) __Fifth Byte_________________________ 7-0 Vertical Motion (Y2) |
| Controllers - Racing Controllers |
__Halfword 0 (Controller Info)_______________________________________________ 0-15 Controller Info (5A23h=neGcon) __Halfword 1 (Digital Switches)______________________________________________ 0-2 Not used (always 1) (would be Select, L3, R3 on other pads) 3 Start Button (0=Pressed, 1=Released) 4 Joypad Up (0=Pressed, 1=Released) 5 Joypad Right (0=Pressed, 1=Released) 6 Joypad Down (0=Pressed, 1=Released) 7 Joypad Left (0=Pressed, 1=Released) 8-10 Not used (always 1) (would be L2, R2, L1 on other pads) 11 R Button (0=Pressed, 1=Released) (would be R1 on other pads) 12 B Button (0=Pressed, 1=Released) (would be /\ on other pads) 13 A Button (0=Pressed, 1=Released) (would be () on other pads) 14-15 Not used (always 1) (would be ><, [] on other pads) __Halfword 2 (Right joystick) (analog pad/stick in analog mode only)_________ 0-7 Steering Axis (00h=Left, 80h=Center, FFh=Right) (or vice-versa?) 8-15 Analog I button (00h=Out ... FFh=In) (Out=released, in=pressed?) __Halfword 3 (Left joystick) (analog pad/stick in analog mode only)__________ 0-7 Analog II button (00h=Out ... FFh=In) (Out=released, in=pressed?) 8-15 Analog L button (00h=Out ... FFh=In) (Out=released, in=pressed?) |
_____ _ _ _____ ____
|__L__\_______/ || \_______/__R__| / \
/ _ namco || neGcon \ / \
| _| |_ || B | | |
| |_ X _| ....||.... II A | .... Rotation Axis ... | ... \|/
| |_| || I | |
| START || | \
| ________ || ________ | \__\
| / \_||_/ \ | /
\____/ \____/
|
_______ | namco | Halfword 1 (digital buttons): | | Bit3 Button A (0=Pressed) (aka neGcon Start button) | A B | Bit13 Button B (0=Pressed) (aka neGcon A button aka () button) | | Other bits (not used, always 1) | _ | Halfword 2 and 3 (analog inputs): | (_) | Steering Axis (00h..FFh) (as for neGcon) |_______| Analog I,II,L button values (not used, always 00h) |
____ ____ Halfword 1 (digital buttons): | / _ \ Bit12 Button (0=Pressed) (aka neGcon B button aka /\ button) |_ / (_) ) Other bits (not used, always 1) |_|___ /\ Halfword 2 and 3 (analog inputs): ____| |_ Steering Axis (00h..FFh) (as for neGcon) |__________| Analog I,II,L button values (not used, always 00h) |
__________________________
/ ____________________ \ Stick
/ / \ \ ___ Brakes Gas
/ ( ) \ ( ) II I
/ I \ / A \ \ / ___ ___
/ /\ II \____________MODE__/ B /\ \ | | | | |
| | \ L _ R / | | | |!!!|_|!!!|___
| | ) _| |_ MadCatz ( | |_|_ /|!!!| |!!!| /
| | | |_ X _| | | | | | / |___| |___| /
| | | |_| | | | / / =========== /
| | \ SEL STA / | | / / =========== /
\ \__/ ______________________ \__/ / / /_____________/
\____/ \____/_/
|___________________________|
|
____________________
/ ________________ \ ___ Stick Brakes Gas
/ / MC2 \ \ ( ) ___ ___
/ /__________________\ \ \ / | | | |
| A () _|_ I >< | | |!!!|_|!!!|___
| B /\ _ | _ II [] | | /|!!!| |!!!| /
___| L2 / \ STA / \ R2 |_|_ / |___| |___| /
/ \ / | SEL | \ / \ / =========== /
/ ____\ |___| |___| /____ \ / =========== /
/__/ \____________________/ \__\ /_____________/
|
Mode Buttons...................... Gas Brake Stick Wheel Digital >< [] () /\ L1 R1 L2 R2 L1 R1 >< () L1/R1 lt/rt Analog >< [] () /\ L1 R1 L2 R2 L3 R3 UP DN L1/R1 LT/RT Negcon I II A B L R L R L R I II up/dn Twist |
__Halfword 0 (Controller Info)___________________ 0-15 Controller Info (5AE3h=Jogcon in Jogcon mode) (ie. not Digital mode) halfword1: buttons: same as digital pad halfword2: 0 unknown (uh, this isn't LSB of rotation?) 1-15 dial rotation (signed offset since last read?) (or absolute position?) halfword3: 0 flag: dial was turned left (0=no, 1=yes) 1 flag: dial was turned right (0=no, 1=yes) 2-15 unknown |
___ ________ ___
__/_L_\__ / \ __/_R_\__
/ _ \ / LED MODE \-/ \
| _| |_ | SEL STA | /\ |
| |_ X _| | ________ | [] () |
| |_| | / \ | >< |
|\_________/\/ \/\__ ______/|
| | | JOGCON | | |
| | | DIAL | | |
| | \ / | |
| | \________/ | |
| | | |
| | | |
\_____/ \_____/
|
| Controllers - Lightguns |
| Controllers - Lightguns - Namco (GunCon) |
__Halfword 0 (Controller Info)___________________ 0-15 Controller Info (5A63h=Namco Lightgun; GunCon/Cinch Type) __Halfword 1 (Buttons)___________________________ 0-2 Not used (All bits always 1) 3 Button A (Left Side) (0=Pressed, 1=Released) ;aka Joypad Start 4-12 Not used (All bits always 1) 13 Trigger Button (0=Pressed, 1=Released) ;aka Joypad O-Button 14 Button B (Right Side) (0=Pressed, 1=Released) ;aka Joypad X-Button 15 Not used (All bits always 1) __Halfword 2 (X)_________________________________ 0-15 8MHz clks since HSYNC (01h=Error, or 04Dh..1CDh) __Halfword 3 (Y)_________________________________ 0-15 Scanlines since VSYNC (05h/0Ah=Error, PAL=20h..127h, NTSC=19h..F8h) |
ERROR: Sensed light during VSYNC (eg. from a Bulb or Sunlight). |
ERROR: no light sensed at all (not aimed at screen, or screen too dark). BUSY: no light sensed yet (when trying to read gun during rendering). |
666666h Minimum Gray 770000h Minimum Blue 007700h Minimum Green 000099h Minimum Red |
__Halfword 2 (X)_________________________________ 0-7 X-Coordinate (actual: see X-Offset) ;\with unspecified 8-15 X-Offset (00h: X=X-80, Nonzero: X=X-80+220) ;/dotclock? __Halfword 3 (Y)_________________________________ 0-7 Y-Coordinate (actual: Y=Y-25) (but then, max is only 230, not 263 ?) 8-15 Pad ID (uh, what id?) (reportedly too dark/bright error flag?) |
_-_______________________--_
-----> | namco \\\\ \ Namco G-Con 45 (light gray) (cinch)
sensor |............ .. .....\\\\...|_
|_ : :.. _____ _\
| O :__../ )))| (
\__________/ |_\____/| \
: : | |
: : | | NPC-103
A-Button (Left) Trigger | | SLPH-00034/SLEH-0007/SLUH-00035
B-Button (Right) |______|
|
| Controllers - Lightguns - Konami Justifier/Hyperblaster (IRQ10) |
Send 01h 42h 00h x0h 00h Reply HiZ 31h 5Ah buttons |
__Halfword 0 (Controller Info)___________________ 0-15 Controller Info (5A31h=Konami Lightgun; Timer/IRQ10 type) __Halfword 1 (Buttons) 0-2 Not used (All bits always 1) 3 Start Button (Left Side) (0=Pressed, 1=Released) ;aka Joypad Start 4-13 Not used (All bits always 1) 14 Back Button (Rear End) (0=Pressed, 1=Released) ;aka Joypad X-Button 15 Trigger Button (0=Pressed, 1=Released) ;aka Joypad []-Button |
__ ______ _
_|__\_______________/ ___ \ \ Konami Justifier/Hyperblaster (light green)
| _______________ __ / \ \ \
|__| _ _ _ _ |==| O| \O\ .... Back Button (Rear End)
|__:_:_:_:_:__ |___\__ / ( (
|_| ) \ : \ \
Trigger ...... \___/| :...|.|.... Start Button (Left Side)
| | |
| | | SLPH-00013/SLPH-00014/SLEH-0005/SLUH-00017
/ _|_|
\___--
|
IF NTSC then X=(Timer0-140)*0.198166, Y=Timer1 IF PAL then X=(Timer0-140)*0.196358, Y=Timer1 |
| Controllers - Lightguns - PSX Lightgun Games |
Area 51 (Mesa Logic/Midway) (IRQ10)
Crypt Killer (Konami) (IRQ10)
Die Hard Trilogy 1: (Probe Entertainment) (IRQ10)
Die Hard Trilogy 2: Viva Las Vegas (n-Space) (IRQ10/Cinch)
Elemental Gearbolt (Working Designs) (IRQ10/Cinch)
Extreme Ghostbusters: Ultimate Invasion (LSP) (Cinch)
Galaxian 3 (Cinch)
Ghoul Panic (Namco) (Cinch)
Gunfighter: The Legend of Jesse James (Rebellion) (Cinch)
Judge Dredd (Gremlin) (Cinch)
Lethal Enforcers 1-2 (Konami) (IRQ10)
Maximum Force (Midway) (IRQ10/Cinch)
Mighty Hits Special (Altron) (EU/JPN) (Cinch)
Moorhuhn series (Phenomedia) (Cinch)
Point Blank 1-3 (Namco) (Cinch)
Project Horned Owl (Sony) (IRQ10)
Rescue Shot (Namco) (Cinch)
Resident Evil: Gun Survivor (Capcom) (JPN/PAL versions) (Cinch)
Silent Hill (IRQ10) ("used for an easter egg")
Simple 1500 Series Vol.024 - The Gun Shooting (unknown type)
Simple 1500 Series Vol.063 - The Gun Shooting 2 (unknown type)
Snatcher (IRQ10)
Sporting Clays (Charles Doty) (homebrew with buggy source code) (IRQ10/Cinch)
Star Wars: Rebel Assault II (IRQ10)
Time Crisis, and Time Crisis 2: Project Titan (Namco) (Cinch)
|
| Controllers - Rumble Configuration |
SCPH-1150 DualAnalog Pad with 1 motor ;-old rumble method SCPH-1200 DualAnalog Pad with 2 motors, PSX-design ;\new rumble method SCPH-110 DualAnalog Pad with 2 motors, PSone-design ;/ Blaze Scorpion Lightgun with rumble ;\unknow how to control rumble Fishing controllers with rumble ;/ SCPH-1180 Analog Pad without rumble ;\unknow if there're config commands SCPH-1110 Analog Stick without rumble ;/for analog mode (probably not) |
Send 01h 42h 00h xx yy (00h 00h 00h 00h) Reply HiZ id 5Ah buttons ( analog-inputs ) |
xx --> must be 40h..7Fh (ie. bit7=0, bit6=1) ;\switches motor on yy --> must be 01h,03h,...,FDh,FFh (ie. bit0=1) ;/ |
42h "B" Read Buttons (and analog inputs when in analog mode) 43h "C" Enter/Exit Configuration Mode (stay normal, or enter) |
40h "@" Unknown (response HiZ F3h 5Ah 6x00h) 41h "A" Unknown (response HiZ F3h 5Ah 6x00h) 42h "B" Read Buttons AND analog inputs (even when in digital mode) 43h "C" Enter/Exit Configuration Mode (stay config, or exit) 44h "D" Set LED State (analog mode on/off) 45h "E" Get LED State (and whatever other status/version values) 46h "F" Get Variable Response A (depending on incoming bit) 47h "G" Get whatever values (response HiZ F3h 5Ah 00h 00h 02h 00h 01h 00h) 48h "H" Unknown (response HiZ F3h 5Ah 00h 00h 00h 00h 01h 00h) 49h "I" Unknown (response HiZ F3h 5Ah 6x00h) 4Ah "J" Unknown (response HiZ F3h 5Ah 6x00h) 4Bh "K" Unknown (response HiZ F3h 5Ah 6x00h) 4Ch "L" Get Variable Response B (depending on incoming bit) 4Dh "M" Unlock Rumble (and select response length) 4Eh "N" Unknown (response HiZ F3h 5Ah 6x00h) 4Fh "O" Unknown (response HiZ F3h 5Ah 6x00h) |
Send 01h 42h 00h xx yy (00h 00h 00h 00h) Reply HiZ id 5Ah buttons ( analog-inputs ) |
yy.bit0-7 ---> Left/Large Motor M1 (analog slow/fast) (00h=stop, FFh=fastest) xx.bit0 ---> Right/small Motor M2 (digital on/off) (0=off, 1=on) |
Send 01h 43h 00h xx 00h (zero padded...) Reply HiZ id 5Ah buttons (analog inputs...) |
xx=00h Stay in Normal mode xx=01h Enter Configuration mode |
Send 01h 42h 00h M2 M1 00h 00h 00h 00h Reply HiZ F3h 5Ah buttons analog-inputs |
Send 01h 43h 00h xx 00h 00h 00h 00h 00h Reply HiZ F3h 5Ah 00h 00h 00h 00h 00h 00h |
xx=00h Enter Normal mode (Exit Configuration mode) xx=01h Stay in Configuration mode |
Send 01h 44h 00h val sel 00h 00h 00h 00h Reply HiZ F3h 5Ah 00h 00h 00h 00h 00h 00h |
Send 01h 45h 00h 00h 00h 00h 00h 00h 00h Reply HiZ F3h 5Ah 01h 02h val 02h 01h 00h |
Send 01h 46h 00h xx 00h 00h 00h 00h 00h Reply Hiz F3h 5Ah 00h 00h yy yy yy yy |
Send 01h 47h 00h 00h 00h 00h 00h 00h 00h Reply HiZ F3h 5Ah 00h 00h 02h 00h 01h 00h |
Send 01h 4Ch 00h xx 00h 00h 00h 00h 00h Reply Hiz F3h 5Ah 00h 00h 00h yy 00h 00h |
Send 01h 4Dh 00h aa bb cc dd ee ff Reply Hiz F3h 5Ah <-----old values-----> |
when cc.bit1-7 are all zero --> transfer one extra halfword when ee.bit1-7 are all zero --> transfer another extra halfword when cc,dd,ee,ff are ALL nonzero --> unlock small motor when aa=01h --> unlock large motor (and swap VAL1 and VAL2) when bb=01h --> unlock large motor (default) when cc.bit0=1 --> disable large motor (unless cc.bit7=1) when ff.bit0=1 --> disable large motor (unless something) |
Send 01h 48h 00h 00h 00h 00h 00h 00h 00h Reply HiZ F3h 5Ah 00h 00h 00h 00h 01h 00h |
Send 01h 4xh 00h 00h 00h 00h 00h 00h 00h Reply HiZ F3h 5Ah 00h 00h 00h 00h 00h 00h |
| Controllers - Dance Mats |
D.D.R. Dance Dance Revolution 2nd Remix (and maybe whatever further games) |
US Version (white/black/red/blue) Handheld Version (blue/gray)
__________.---------.___________ _____/ MINI \_____
| \ / | | D.D.R. |
| SELECT '-------' START | |L1 L2 SEL STA R2 R1|
|------------.------.------------| | ___ ___ ___ |
| .''''. / \ .''''. | || X | | ^ | | O ||
| | \/ | | /\ | | .''. | | ||___| |___| |___||
| | /\ | | /..\ | | '..' | | | ___ .---. ___ |
| '....' '. || .' '....' | || < | |Stay | | > ||
| .-------. .''''''''. .-------. | ||___| |Cool!| |___||
|/ /| .' '. |\ \| | ___ '___' ___ |
| / |-- | | --| \ | || []| | v | | /\||
| \ |-- | Stay Cool! | --| / | ||___| |___| |___||
|\ \| '. .' |/ /| |___________________|
| '-------' '........' '-------' |
| .''''. .' || '. .''''. | Gothic Dance Mat (black/silver)
| | /\ | | \''/ | | |''| | | _.----------._
| | /__\ | | \/ | | |..| | | | \ SEL STA / | This one
| '....' \ / '....' | | '--------' | wasn't ever
'------------'------'------------' | .----------. | produced,
| | .''''. | | as cool as
European Version (pink/blue/yellow) | | | /\ | | | it could have
__________.---------.___________ | | | /..\ | | | been, the lame
| \ SEL STA / | | | '.||.' | | marketing
| '-------' | | +----------+ | people didn't
|----------.----------.----------| | | .''''. | | even think
| .''''. | .''''. | .''''. | | | | /\ | | | about it.
| | \/ | | | /\ | | | .''. | | | | | /..\ | | |
| | /\ | | | /..\ | | | '..' | | | | '.||.' | |
| '....' | '.||.' | '....' | | +----------+ |
|----------+-.. ..-+----------| | | .'||'. | |
| .'/|'. / '''' \ .'|\'. | | | | \''/ | | |
| | / |--|/ \|--| \ | | | | | \/ | | |
| | \ |--|\ /|--| / | | | | '....' | |
| '.\|.' \ .... / '.|/.' | | +----------+ |
|----------+-'' ''-+----------| | | .'||'. | |
| .''''. | .'||'. | .''''. | | | | \''/ | | |
| | /\ | | | \''/ | | | |''| | | | | | \/ | | |
| | /__\ | | | \/ | | | |..| | | | | '....' | |
| '....' | '....' | '....' | | '----------' '
'----------|----------|----------' '--------------'
|
| Controllers - Fishing Controllers |
Action Bass (Syscom Entertainment) (1999) (SLPH-00100) Bass Landing (ASCII/agetec) (1999) (SLPH-00100, SLUH-00063) Bass Rise, Fishing Freaks (Bandai) (1999) (BANC-0001) Bass Rise Plus, Fishing Freaks (Bandai) (2000) (BANC-0001, SLPH-00100) Breath of Fire IV (Capcom) (SLUH-00063) Championship Bass (EA Sports) (2000) (SLUH-00063) Fish On! Bass (Pony Canyon) (1999) (BANC-0001, SLPH-00100) Fisherman's Bait 2/Exiting Bass2 - Big Ol'Bass(Konami)(SLPH-00100,SLUH-00063) Fishing Club: (series with 3 titles) (have "headset-logo" on back?) Lake Masters II (1999) (Dazz/Nexus) (SLPH-00100) Lake Masters Pro (1999) (Dazz/Nexus) (BANC-0001, SLPH-00100) Let's Go Bassfishing!: Bass Tsuri ni Ikou! (Banpresto) (1999) (SLPH-00100) Matsukata Hiroki no World Fishing (BPS The Choice) (1999) (SLPH-00100) Murakoshi Seikai-Bakuchou Nihon Rettou (Victor) (SLPH-00100) Murakoshi Masami-Bakuchou Nippon Rettou:TsuriConEdition (1999) (SLPH-00100) Pakuchikou Seabass Fishing (JP, 03/25/99) (Victor) (SLPH-00100) Perfect Fishing: Bass Fishing (2000) (Seta) (yellow/green logo) Perfect Fishing: Rock Fishing (2000) (Seta) (yellow/green logo) Oyaji no Jikan: Nechan, Tsuri Iku De! (2000) (Visit) (BANC-0001, SLPH-00100) Reel Fishing II / Fish Eyes II (2000)(Natsume/Victor)(SLPH-00100, SLUH-00063) Simple 1500 Series Vol. 29: The Tsuri (2000) (yellow/green logo) Suizokukan Project: Fish Hunter e no Michi (1999)(Teichiku)(SLPH-00100) Super Bass Fishing (1999) (King) (BANC-0001, SLPH-00100, yellow/green logo) Super Black Bass X2 (2000) (Starfish) (SLPH-00100) Tsuwadou Keiryuu Mizuumihen (Best Edition)(2000) (ASCII PS1+PS2 controllers?) Tsuwadou Seabass Fishing (PlayStation the Best) (1999) (Oz Club) (SLPH-00100) Uki Uki Tsuri Tengoku Nagami/Uokami Densetsu Oe (2000) (Teichiku)(SLPH-00100) Umi no Nushi Tsuri-Takarajima ni Mukatte (1999)(Victor)(BANC-0001,SLPH-00100) Winning Lure (Hori) (2000) (for Hori HPS-97 controller) AKA HPS-98 ? |
ASCII SLPH-00100 (silver) ASCII PS2-version? (silver) (similar to SLPH-00100, with new mode switch?) agetec SLUS-00063 (silver) (US version of ASCII's SLPH-00100 controller) Bandai BANC-0001 (dark gray/blue) (has less buttons than ASCII/agetec) Interact Fission (light gray/blue)(similar to ASCII/agetec, 2 extra buttons?) Naki (transparent blue) (looks like a clone of the ASCII/agetec controllers) Hori HPS-97/HPS-98 (black/gray) (a fishing rod attached to a plastic fish) |
___
__|___|__
_| |_ _ __
| | | | | |=|__| <--- crank handle
| | SEL STA | | | |
| | | |---| \ ASCII SLPH-00100
| \ / |---| / agetec SLUH-00063
/ L1 R1 \ | | __
| L2 .---. R2 | |_|=|__|
| | joy | |
| |stick| | <------- analog thumb controlled joystick
| /\ '---' >< |
| [] () |
\ ASCII /
'.___________.' \___ 10 buttons (SEL,STA,L1,L2,R1,R2,/\,[],(),><)
\ _____ /
| | Note: many (not all) agetec controllers
| | have the >< and () buttons exchanged
| |
| | Aside from the crank/buttons/joystick,
| | the controller reportedly contains:
| | some sort of motion sensors?
| | some kind of rumble/vibration?
| |
'.___.'
'--...___ cable
|
___
__|___|__
_| | _ __
| .---. |\ | |=|__| <--- crank handle
|| joy | | | | |
||stick| | |-#-| \
| '---' | |-#-| /
/ \ | \ | | __
| | ... | | |_|=|__|
| | : : | ()|
| |O :___: O| | <--- two buttons: () and ><
| |- |___| -| ><| and some slide switch with I and 0 positions?
| | | |
\ | BANDAI | / unknown if the joystick is digital or analog
'._\_______/_.'
| | unknown if there are motion sensors and/or rumble
'. .'
| |
| |
| |
| |
| |
| |
| |
'.___.'
'--...___ cable
|
....----------------O
.'' \ HPS-97 (controller bundled with game)
_:_ \ \ HPS-98 (controller only, for HPS-96 game)
__|___|__ \ short \
_| |_ elastic \
| | pole \
| | \ <--- string (from pole to
| SW? | _ __ \ reel inside of fish)
/ \ | |=|__| \
| .---. | | | \
| ( ) | joy | |--| \ \ ___
| |stick| |--| / \ / /
| ( ) '---' | | | __ \ ...---''''''--. /|
| | |_|=|__| <--- crank \ ' '/ |
\ ( ) ( ) / handle '..| |.
'.___________.' |__________________| :
\ / \ plastic fish :
| | joystick, (presumable some heavy :
| | four buttons, stationary thing that :
| | and a switch? rests on floor) :
| | (presumably with :
| | motor-driven reel?) :
| | :
| | the two cables do probably connect :
| | to both of the PSX controller slots :
'.___.' cable 2 ---'
'--...___ cable 1
|
| Controllers - I-Mode Adaptor (Mobile Internet) |
Doko Demo Issyo (PlayStation the Best release only) (Sony) 2000 Doko Demo Issyo Deluxe Pack (Bomber eXpress/Sony) 2001 Hamster Club-I (SLPS-03266) (Jorudan) 2002 iMode mo Issyo: Dokodemo Issho Tsuika Disc (Bomber/Sony) 2001 Keitai Eddy (iPC) 2000 (but, phone connects to SIO port on REAR side of PSX?) Komocchi (Victor) 2001 Mobile Tomodachi (Hamster) 2002 Motto Trump Shiyouyo! i-Mode de Grand Prix (Pure Sound) 2002 One Piece Mansion (Capcom) 2001 (japanese version only) |
| Controllers - Additional Inputs |
| Controllers - Misc |
SCPH-1010 digital joypad (with short cable) SCPH-1080 digital joypad (with longer cable) SCPH-1030 mouse (with short cable) SCPH-1090 mouse (with longer cable) SCPH-1092 mouse (european?) SCPH-1110 analog joystick SCPH-1150 analog joypad (with one vibration motor, with red/green led) SCPH-1180 analog joypad (without vibration motors, with red/green led) SCPH-1200 analog joypad (with two vibration motors) (dualshock) SCPH-110 analog joypad (with two vibration motors) (dualshock for psone) SCPH-10010 dualshock2 (analog buttons, except L3/R3/Start/Select) (for ps2) SCPH-1070 multitap |
SCPH-4010 VPick (guitar-pick controller) (for Quest for Fame, Stolen Song) |
Adaptor with short cable to PSX-controller port (and prototype marking) Adaptor without cable, directly plugged into controller port (final version?) |
__________ __________
| | | ^ | ^
| L1 R1 | | X <+> O | <+> = Digital Stick
\ ___| <--- L2 [] ---> |___ v / v
| | <--- R2 /\ ---> | |
___| |___________________________| |___ Not sure if all buttons
| | | SEL STA =?= | | | are shown at their
| | | | | | correct locations?
| | |_ [] /\ _| | |
| _| / L1 R1 \ |_ |
| \_____/ X O \_____/ |
| /___\ L2 R2 /___\ |
| |
| |
\___________________________________________/
|
The thumb buttons on the left act as L1 and R1,
the trigger is L2, the pinky button is R2
The thumb buttons on the right act as X and O,
the trigger is Square and the pinky button is Triangle.
I find this odd as the triggers should've been L1 and R1,
the pinkies L2 and R2.
The buttons are redundantly placed on the base as large buttons like what
you'd see on a fight/arcade stick. Also with Start and Select.
There is also a physical analog mode switch,
not a button like on dual shock.
|
| Memory Card Read/Write Commands |
Send Reply Comment 81h N/A Memory Card Access (unlike 01h=Controller access), dummy response 52h FLAG Send Read Command (ASCII "R"), Receive FLAG Byte 00h 5Ah Receive Memory Card ID1 00h 5Dh Receive Memory Card ID2 MSB (00h) Send Address MSB ;\sector number (0..3FFh) LSB (pre) Send Address LSB ;/ 00h 5Ch Receive Command Acknowledge 1 ;<-- late /ACK after this byte-pair 00h 5Dh Receive Command Acknowledge 2 00h MSB Receive Confirmed Address MSB 00h LSB Receive Confirmed Address LSB 00h ... Receive Data Sector (128 bytes) 00h CHK Receive Checksum (MSB xor LSB xor Data bytes) 00h 47h Receive Memory End Byte (should be always 47h="G"=Good for Read) |
Send Reply Comment 81h N/A Memory Card Access (unlike 01h=Controller access), dummy response 57h FLAG Send Write Command (ASCII "W"), Receive FLAG Byte 00h 5Ah Receive Memory Card ID1 00h 5Dh Receive Memory Card ID2 MSB (00h) Send Address MSB ;\sector number (0..3FFh) LSB (pre) Send Address LSB ;/ ... (pre) Send Data Sector (128 bytes) CHK (pre) Send Checksum (MSB xor LSB xor Data bytes) 00h 5Ch Receive Command Acknowledge 1 00h 5Dh Receive Command Acknowledge 2 00h 4xh Receive Memory End Byte (47h=Good, 4Eh=BadChecksum, FFh=BadSector) |
Send Reply Comment 81h N/A Memory Card Access (unlike 01h=Controller access), dummy response 53h FLAG Send Get ID Command (ASCII "S"), Receive FLAG Byte 00h 5Ah Receive Memory Card ID1 00h 5Dh Receive Memory Card ID2 00h 5Ch Receive Command Acknowledge 1 00h 5Dh Receive Command Acknowledge 2 00h 04h Receive 04h 00h 00h Receive 00h 00h 00h Receive 00h 00h 80h Receive 80h |
Send Reply Comment 81h N/A Memory Card Access (unlike 01h=Controller access), dummy response xxh FLAG Send Invalid Command (anything else than "R", "W", or "S") |
| Memory Card Data Format |
Total Memory 128KB = 131072 bytes = 20000h bytes 1 Block 8KB = 8192 bytes = 2000h bytes 1 Frame 128 bytes = 80h bytes |
00h-01h Memory Card ID (ASCII "MC") 02h-7Eh Unused (zero) 7Fh Checksum (all above bytes XORed with each other) (usually 0Eh) |
00h-03h Block Allocation State
00000051h - In use ;first-or-only block of a file
00000052h - In use ;middle block of a file (if 3 or more blocks)
00000053h - In use ;last block of a file (if 2 or more blocks)
000000A0h - Free ;freshly formatted
000000A1h - Free ;deleted (first-or-only block of file)
000000A2h - Free ;deleted (middle block of file)
000000A3h - Free ;deleted (last block of file)
04h-07h Filesize in bytes (2000h..1E000h; in multiples of 8Kbytes)
08h-09h Pointer to the NEXT block number (minus 1) used by the file
(ie. 0..14 for Block Number 1..15) (or FFFFh if last-or-only block)
0Ah-1Eh Filename in ASCII, terminated by 00h (max 20 chars, plus ending 00h)
1Fh Zero (unused)
20h-7Eh Garbage (usually 00h-filled)
7Fh Checksum (all above bytes XORed with each other)
|
"BI"=Japan, "BE"=Europe, "BA"=America |
in "AAAA-NNNNN" form ;for Pocketstation executables replace "-" by "P" |
"abcdefgh" |
00h-03h Broken Sector Number (Block*64+Frame) (FFFFFFFFh=None) 04h-7Eh Garbage (usually 00h-filled) (some cards have [08h..09h]=FFFFh) 7Fh Checksum (all above bytes XORed with each other) |
00h-7Fh Data (usually FFh-filled, if there's no broken sector) |
00h-7Fh Unused (usually FFh-filled) |
00h-01h ID (ASCII "SC")
02h Icon Display Flag
11h...Icon has 1 frame (static) (same image shown forever)
12h...Icon has 2 frames (animated) (changes every 16 PAL frames)
13h...Icon has 3 frames (animated) (changes every 11 PAL frames)
Values other than 11h..13h seem to be treated as corrupted file
(causing the file not to be listed in the bootmenu)
03h Block Number (1-15) "icon block count" Uh?
(usually 01h or 02h... might be block number within
files that occupy 2 or more blocks)
(actually, that kind of files seem to HAVE title frames
in ALL of their blocks; not only in their FIRST block)
(at least SOME seem to have such duplicated title frame,
but not all?)
04h-43h Title in Shift-JIS format (64 bytes = max 32 characters)
44h-4Fh Reserved (00h)
50h-5Fh Reserved (00h) ;<-- this region is used for the Pocketstation
60h-7Fh Icon 16 Color Palette Data (each entry is 16bit CLUT)
|
00h-7Fh Icon Bitmap (16x16 pixels, 4bit color depth) |
00h-7Fh Data |
81h,40h --> SPC 81h,43h..97h --> punctuation marks 82h,4Fh..58h --> "0..9" 82h,60h..79h --> "A..Z" 82h,81h..9Ah --> "a..z" |
| Memory Card Images |
SmartLink .PSM, WinPSM .PS, DataDeck .DDF, FPSX .MCR, ePSXe .MCD... |
Connectix Virtual Game Station format (.MEM): "VgsM", 64 bytes
PlayStation Magazine format (.PSX): "PSV", 256 bytes
|
00h..14h Filename in ASCII, terminated by 00h (max 20 chars, plus ending 00h) 15h..35h Title in ASCII, terminated by 00h (max 32 chars, plus ending 00h) 36h.. File Block(s) (starting with the Title sector) |
000h 12 ASCII String "123-456-STD",00h 00Ch 4 Usually zerofilled (or meaningless garbage in some files) 010h 5 Always 00h,00h,01h,00h,01h 015h 16 Copy of Sector 0..15 byte[00h] ;"M", followed by allocation states 025h 16 Copy of Sector 0..15 byte[08h] ;00h, followed by next block values 035h 11 Usually zerofilled (or meaningless garbage in some files) 040h F00h Fifteen Description Strings (each one 100h bytes, padded with 00h) F40h 128K Memory Card Image (128K) (unused sectors 00h or FFh filled) |
| Memory Card Notes |
Send Reply Comment 21h N/A? Probably replies HighZ (ie. probably reads FFh)? 53h 0xh? Replies unknown 8bit value (upper 4bit are known to be zero)? |
| Pocketstation |
| Pocketstation Overview |
CPU ARM7TDMI (32bit RISC Processor) (variable clock, max 7.995MHz)
Memory 2Kbytes SRAM (battery backed), 16Kbytes BIOS ROM, 128Kbytes FLASH
Display 32x32 pixel LCD (black and white) (without any grayscales)
Sound Mini Speaker "(12bit PCM) x 1 unit" / "8bit PCM with 12bit range"
Controls 5 input buttons, plus 1 reset button
Infrared Bi-directional (IrDA based)
Connector Playstation memory card interface
RTC Battery backed Real-Time Clock with time/date function
Supply CR2032 Battery (3VDC) (used in handheld mode, and for SRAM/RTC)
_________
/ _______ \
| | | |
| | LCD | | __
| |_______| | Side Views | _|
|\_________/| || <-------- Button Cover
| O | (Closed) (Open) ||
| O O O | ____________ _____|| .------- Reset Button
| O | | LCD \____ | | LCD \|__|_
|___________| |___________|| |___________| <--- Memory card plug
|
| Pocketstation I/O Map |
00000000h RAM (2KB RAM) (first 512 bytes bytes reserved for kernel) 02000000h FLASH1 Flash ROM (virtual file-mapped addresses in this region) 04000000h BIOS_ROM Kernel and GUI (16KB) 06000000h F_CTRL Control of Flash ROM 06000004h F_STAT Unknown? 06000008h F_BANK_FLG FLASH virtual bank mapping enable flags(16 bits)(R/W) 0600000Ch F_WAIT1 waitstates...? 06000010h F_WAIT2 waitstates, and FLASH-Write-Control-and-Status...? 06000100h F_BANK_VAL FLASH virtual bank mapping addresses (16 words) (R/W) 06000300h F_EXTRA Extra FLASH (256 bytes, including below F_SN, F_CAL) 06000300h F_SN_LO Extra FLASH Serial Number LSBs (nocash: 6BE7h) 06000302h F_SN_HI Extra FLASH Serial Number MSBs (nocash: 426Ch) 06000304h F_? Extra FLASH Unknown ? (nocash: 05CAh) 06000306h F_UNUSED1 Extra FLASH Unused halfword (nocash: FFFFh) 06000308h F_CAL Extra FLASH LCD Calibration (nocash: 001Ah) 0600030Ah F_UNUSED2 Extra FLASH Unused halfword (nocash: FFFFh) 0600030Ch F_? Extra FLASH Unknown ? (nocash: 0010h) 0600030Eh F_UNUSED3 Extra FLASH Unused halfword (nocash: FFFFh) 06000310h F_UNUSED4 Extra FLASH Unused (310..3FFh) (nocash: FFFFh-filled) 08000000h FLASH2 Flash ROM (128KB) (physical addresses in this region) 08002A54h F_KEY1 Flash Unlock Address 1 (W) 080055AAh F_KEY2 Flash Unlock Address 2 (W) |
0A000000h INT_LATCH Interrupt hold (R) 0A000004h INT_INPUT Interrupt Status (R) 0A000008h INT_MASK_READ Read Interrupt Mask (R) 0A000008h INT_MASK_SET Set Interrupt Mask (W) 0A00000Ch INT_MASK_CLR Clear Interrupt Mask (W) 0A000010h INT_ACK Clear Interrupt hold (W) 0A800000h T0_RELOAD Timer 0 Maximum value 0A800004h T0_COUNT Timer 0 Current value 0A800008h T0_MODE Timer 0 Mode 0A800010h T1_RELOAD Timer 1 Maximum value 0A800014h T1_COUNT Timer 1 Current value 0A800018h T1_MODE Timer 1 Mode 0A800020h T2_RELOAD Timer 2 Maximum value 0A800024h T2_COUNT Timer 2 Current value 0A800028h T2_MODE Timer 2 Mode 0B000000h CLK_MODE Clock control (CPU and Timer Speed) (R/W) 0B000004h CLK_STOP Clock stop (Sleep Mode) 0B800000h RTC_MODE RTC Mode 0B800004h RTC_ADJUST RTC Adjust 0B800008h RTC_TIME RTC Time (R) 0B80000Ch RTC_DATE RTC Date (R) |
0C000000h COM_MODE Com Mode 0C000004h COM_STAT1 Com Status Register 1 (Bit1=Error) 0C000008h COM_DATA Com RX Data (R) and TX Data (W) 0C000010h COM_CTRL1 Com Control Register 1 0C000014h COM_STAT2 Com Status Register 2 (Bit0=Ready) 0C000018h COM_CTRL2 Com Control Register 2 0C800000h IRDA_MODE Infrared Control (R/W) 0C800004h IRDA_DATA Infrared TX Data 0C80000Ch IRDA_MISC Infrared Unknown/Reserved 0D000000h LCD_MODE Video Control (R/W) 0D000004h LCD_CAL Video Calibration (?) 0D000100h LCD_VRAM Video RAM (80h bytes; 32x32bit) (R/W) 0D800000h IOP_CTRL IOP control 0D800004h IOP_STAT Read Current Start/Stop bits? (R) 0D800004h IOP_STOP Stop bits? (W) 0D800008h IOP_START Start bits? (W) 0D80000Ch IOP_DATA IOP data? (not used by bios) 0D800010h DAC_CTRL DAC Control (R/W) 0D800014h DAC_DATA DAC data 0D800020h BATT_CTRL Battery Monitor Control |
WRAM 1 cycle (for ARM and THUMB) FLASH 2 cycles (for ARM), or 1 cycle (for THUMB) BIOS ? |
WRAM (and some F_xxx ports) 1 cycle VIRT/PHYS/XTRA_FLASH, BIOS, VRAM, I/O 2 cycles |
00000800h-00FFFFFFh Mirrors of 00000000h-000007FFh (2K RAM) 01000000h-01FFFFFFh Invalid (read causes data abort) (unused 16MB area) 020xxxxxh-0201FFFFh Invalid (read causes data abort) (disabled FLASH banks) 02020000h-02FFFFFFh Invalid (read causes data abort) (no Virt FLASH mirrors) 03000000h-03FFFFFFh Invalid (read causes data abort) (unused 16MB area) 04004000h-04FFFFFFh Mirrors of 04000000h-04003FFFh (16K BIOS) 05000000h-05FFFFFFh Invalid (read causes data abort) 06000014h-060000FFh Zerofilled (or maybe mirror of a ZERO port?) (F_xxx) 06000140h-060002FFh Zerofilled (or maybe mirror of a ZERO port?) (F_xxx) 06000400h-06FFFFFFh Zerofilled (or maybe mirror of a ZERO port?) (F_xxx) 07000000h-07FFFFFFh Invalid (read causes data abort) (unused 16MB area) 08020000h-08FFFFFFh Mirrors of 08000000h-0801FFFFh (128K Physical FLASH) 09000000h-09FFFFFFh Invalid (read causes data abort) (unused 16MB area) 0A000014h-0A7FFFFFh Mirrors of 0A000008h-0A00000Bh (INT_MASK_READ) (I_xxx) 0A80000Ch Mirror of 0A800000h-0A800003h (T0_RELOAD) (T0_xxx) 0A80001Ch Mirror of 0A800000h-0A800003h (T0_RELOAD) (T1_xxx) 0A80002Ch Mirror of 0A800000h-0A800003h (T0_RELOAD) (T2_xxx) 0A800030h-0AFFFFFFh Mirrors of 0A800000h-0A800003h (T0_RELOAD) (T_xxx) 0B000008h-0B7FFFFFh Mirrors of .... ? (CLK_xxx) 0B800010h-0BFFFFFFh Mirrors of 0B800008h-0B80000Bh (RTC_TIME) 0C00000Ch-0C00000Fh Zero (COM_xxx) 0C00001Ch-0C7FFFFFh Zerofilled (or maybe mirror of a ZERO port?) (COM_xxx) 0C800008h-0CFFFFFFh ? (IRDA_xxx) 0D000008h-0D0000FFh Zerofilled (or maybe mirror of a ZERO port?) (LCD_xxx) 0D000180h-0D7FFFFFh Zerofilled (or maybe mirror of a ZERO port?) (LCD_xxx) 0D800018h ? (DAC_xxx) 0D80001Ch ? (DAC_xxx) 0D800024h-0DFFFFFFh Zerofilled (or maybe mirror of a ZERO port?) (BATT_xxx) 0E000000h-FFFFFFFFh Invalid (read causes data abort) (unused 3872MB area) |
02000000h-0201FFFFh VIRT_FLASH ;\ 04000000h-04FFFFFFh BIOS_ROM ; "garbage_byte" (see below) 06000300h-060003FFh EXTRA_FLASH ; 08000000h-08FFFFFFh PHYS_FLASH ;/ 0A800001h-0AFFFFFFh Timer area, odd addresses (with A0=1) mirror to 0A800001h 0B800001h-0BFFFFFFh RTC area, odd addresses (with A0=1) mirror to ...? |
0B800002h-0BFFFFFEh RTC area, odd addresses (with A1=1) mirror to 0B80000Ah |
garbage_word = (prefetch OR (ramdata AND FFFFFFD0h)) garbage_byte = (garbage_word shr (8*(addr and 3))) AND FFh |
prefetch.bit0-31 = [curr_arm_opcode_addr+8] ;-eg. from arm LDRB |
prefetch.bit0-15 = [recent_arm_opcode_addr+8] ;-eg. from arm BX to thumb prefetch.bit16-31 = [curr_thumb_opcode_addr+4] ;-eg. from thumb LDRB |
ramdata.bit0-31 = [recent_ram_read_addr] ;-eg. from LDR/POP from RAM |
| Pocketstation Memory Map |
00000000h RAM RAM (2K) (or mirror of BIOS ROM upon reset) 02000000h FLASH1 Flash ROM (virtual file-mapped addresses in this region) 04000000h BIOS_ROM BIOS (16K) (Kernel and GUI) 06000300h F_SN... Seems to contain a bunch of additional FLASH bytes? 08000000h FLASH2 Flash ROM (128K) (physical addresses in this region) 0D000100h LCD_VRAM Video RAM (128 bytes) (32x32 pixels, 1bit per pixel) |
0000000h 20h Exception handler opcodes (filled with LDR R15,[$+20h] opcodes) 0000020h 20h Exception handler addresses (in ARM state, no THUMB bit here) 0000040h 80h Sector buffer (and BU command parameter work space) 00000C0h 8 ComFlags (see GetPtrToComFlags(), SWI 06h for details) 00000C8h 2 BU Command FUNC3 Address (see GetPtrToFunc3addr() aka SWI 17h) 00000CAh 1 Value from BU Command_50h, reset by SWI 05h (sense_auto_com) 00000CBh 2 Not used 00000CDh 1 Old Year (BCD, 00h..99h) (for sensing wrapping to new century) 00000CEh 1 Alternate dir_index (when [0D0h]=0) (see SWI 15h and SWI 16h) 00000CFh 1 Current Century (BCD, 00h..99h) (see GetBcdDate() aka SWI 0Dh) 00000D0h 2 Current dir_index (for currently executed file, or 0=GUI) 00000D2h 2 New dir_index (PrepareExecute(flag,dir_index,param), SWI 08h) 00000D4h 4 New param (PrepareExecute(flag,dir_index,param), SWI 08h) 00000D8h 8 Alarm Setting (see GetPtrToAlarmSetting() aka SWI 13h) 00000E0h 4 Pointer to SWI table (see GetPtrToPtrToSwiTable() aka SWI 14h) 00000E4h 3x4 Memory Card BU Command variables 00000F0h 1 Memory Card FLAG byte (bit3=new_card, bit2=write_error) 00000F1h 1 Memory Card Error offhold (0=none, 1=once) 00000F2h 6 Not used 00000F8h 4x4 Callback Addresses (set via SetCallbacks(index,proc), SWI 01h) 0000108h 4 Snapshot ID (0xh,00h,"SE") 000010Ch 74h IRQ and SWI stack (stacktop at 180h) 0000180h 80h FIQ stack (stacktop at 200h) |
4000000h 1E00h Begin of Kernel (usually 1E00h bytes) 4000014h 4 BCD Date in YYYYMMDDh format (19981023h for ALL versions) 4001DFCh 4 Core Kernel Version (usually "C061" or "C110") 4001E00h 2200h Begin of GUI (usually 2200h bytes) 4003FFCh 4 Japanese GUI Version (usually "J061" or "J110") |
| Pocketstation IO Video and Audio |
0-2 Draw mode; seems to turn off bits of the screen;
0: All 32 rows on ;\
1: First 8 rows on ;
2: Second 8 rows on ;
3: Third 8 rows on ; (these are not necessarily all correct?)
4: Fourth 8 rows on ;
5: First 16 rows on ;
6: Middle 16 rows on ;
7: Bottom 16 rows on ;/
3 CPEN (0=Does some weird fade out of the screen, 1=Normal)
4-5 Refresh rate
0: Makes a single blue (yes, blue, yes, on a black/white display)
line appear at the top or middle of the screen - don't use!
1: 64Hz? (might be 32Hz too, like 2)
2: 32Hz
3: 16Hz (results in less intensity on black pixels)
6 Display active (0=Off, 1=On)
7 Rotate display by 180 degrees (0=For Handheld Mode, 1=For Docked Mode)
8-31 Unknown (should be zero)
|
[D000100h]=Top, through [D00017Ch]=Bottom-most scanline |
Bit0=Left, through Bit31=Right-most Pixel (0=White, 1=Black) |
0 Audio Enable enable (0=Off, 1=On) 1-31 Unknown, usually zero |
0-7 Probably unused, usually zero (or fractional part when lowered volume) 8-15 Signed Audio Outut Level (usually -7Fh..+7Fh) (probably -80h works too) 16-31 Probably unused, usually sign-expanded from bit15 |
| Pocketstation IO Interrupts and Buttons |
Bit Type Meaning
0 IRQ Button Fire (0=Released, 1=Pressed)
1 IRQ Button Right (0=Released, 1=Pressed)
2 IRQ Button Left (0=Released, 1=Pressed)
3 IRQ Button Down (0=Released, 1=Pressed)
4 IRQ Button Up (0=Released, 1=Pressed)
5 ? Unknown? (?)
6 FIQ (!) COM ;for the COM_registers? (via /SEL Pin?)
7 IRQ Timer 0
8 IRQ Timer 1
9 IRQ RTC (square wave) (usually 1Hz) (when RTC paused: 4096Hz)
10 IRQ Battery Low (0=Normal, 1=Battery Low)
11 IRQ Docked ("IOP") (0=Undocked, 1=Docked to PSX) (via VCC Pin?)
12 IRQ Infrared Rx
13 FIQ (!) Timer 2
14-15 N/A Not used
|
INT_MASK_SET Enable Interrupt Flags (0=No change, 1=Enable) (W) INT_MASK_CLR Disable Interrupt Flags (0=No change, 1=Disable) (W) INT_MASK_READ Current Interrupt Enable Flags (0=Disabled, 1=Enabled) (R) |
INT_LATCH Latched Interrupt Requests (0=None, 1=Interrupt Request) (R) INT_ACK Clear Interrupt Requests (0=No change, 1=Acknowledge) (W) |
| Pocketstation IO Timers and Real-Time Clock |
INT_INPUT.7 Timer 0 IRQ ;used as 30Hz frame rate IRQ by GUI INT_INPUT.8 Timer 1 IRQ ;used as Audio square wave IRQ by GUI INT_INPUT.13 Timer 2 FIQ (this one via FIQ vector, not IRQ vector) INT_INPUT.9 RTC IRQ (usually 1Hz) (or 4096Hz when RTC paused) |
0-15 Reload Value (when timer becomes less than zero) |
0-15 Current value (decrementing) |
0-1 Timer Divider (0=Div2, 1=Div32, 2=Div512, 3=Div2 too) 2 Timer Enable (0=Stop, 1=Decrement) 3-15 Unknown (should be zero) |
0 Pause RTC (0=Run/1Hz, 1=Pause/4096Hz) 1-3 Select value to be modified via RTC_ADJUST 4-31 Not used? |
00h = Second ;\ 01h = Minute ; 02h = Hour ; used in combination with RTC_ADJUST 03h = Day of Week ; while RTC is paused 04h = Day ; 05h = Month ; 06h = Year ;/ 07h = Unknown ;-usually used when RTC isn't paused |
0-7 Seconds (00h..59h, BCD) 8-15 Minutes (00h..59h, BCD) 16-23 Hours (00h..23h, BCD) 24-31 Day of week (1=Sunday, ..., 7=Saturday) |
0-7 Day (01h..31h, BCD) 8-11 Month (01h..12h, BCD) 16-23 Year (00h..99h, BCD) 24-31 Unknown? (this is NOT used as century) |
| Pocketstation IO Infrared |
0 Transfer Direction (0=Receive, 1=Transmit) 1 Disable IRDA (0=Enable, 1=Disable) 2 Unknown (reportedly IR_SEND_READY, uh?) 3 Unknown (reportedly IR_RECV_READY, uh?) 4-31 Unknown (should be zero) |
0 Transmit Data in Send Direction (0=LED Off, 1=LED On) 1-31 Unknown (should be zero) |
___------------------___ One HIGH bit send as SINGLE-LONG-ON pulse (BAD) ___-_-_-_-_-_-_-_-_-____ One HIGH bit send as MULTIPLE-ON-OFF pulses (OK) |
| Pocketstation IO Memory-Control |
0-31 Unknown |
00000000h Used when disabling all virtual flash banks 00000001h Used before setting new virtual bank values 00000002h Used after setting virtual bank enable bits 03h Replace ROM at 00000000h by RAM (used after reset) |
0-31 Unknown |
0-15 Enable physical banks 0..15 in virtual region (0=Disable, 1=Enable) 16-31 Unknown (should be zero) |
0-3 Virtual bank number 4-31 Should be 0 |
0..3 Unknown/not tested 4 hangs hardware? but that bit is used in some cases! 5..31 Unknown/not tested |
F_WAIT1=00000000h when CPU Speed = 00h..07h F_WAIT1=00000010h when CPU Speed = 08h..0Fh |
0 no effect? but that bit is used in some cases! maybe write-enable? 1 hangs hardware? 2 no effect? READ: indicates 0=write-busy, 1=ready? (R) 3 hangs hardware? 4 makes FLASH slower? 5 makes WRAM and F_xxx as slow as other memory (0=1 cycle, 1=2 cycles) 6 hangs hardware? but that bit is used in some cases! 7 no effect? 8..31 Unknown/not tested |
F_WAIT2=00000000h when CPU Speed = 00h..07h ;\same as F_WAIT1 F_WAIT2=00000010h when CPU Speed = 08h..0Fh ;/ |
F_WAIT2=00000021h ;SWI 10h, FlashWritePhysical(sector,src) F_WAIT2=00000041h ;SWI 0Fh, FlashWriteSerial(serial_number) |
wait until reading returns F_WAIT2.Bit2 = 1 and then set F_WAIT2=00000000h |
if write_sector ;\
F_WAIT2=00000021h ; write enable or so
if write_header ;
F_WAIT2=00000041h ;/
[80055AAh]=FFAAh ;\
[8002A54h]=FF55h ; unlock flash
[80055AAh]=FFA0h ;/
if write_sector ;\
for i=0 to 3Fh ;
[8000000h+sector*80h+i*2]=src[i*2] ; write data
if write_header ;
[8000000h]=new F_SN_LO value ;
[8000002h]=new F_SN_HI value ;
[8000008h]=new F_CAL value ;/
first, wait 4000 clock cycles ;\wait
then, wait until F_WAIT2.Bit2=1 ;/
F_WAIT2=00000000h ;-write disable or so
|
0-15 Data |
| Pocketstation IO Communication Ports |
0 Data Output Enable (0=None/HighZ, 1=Output Data Bits) 1 /ACK Output Level (0=None/HighZ, 1=Output LOW) 2 Unknown (should be set when expecting a NEW command...?) 3-31 Unknown (should be zero) |
0-7 Data (Write: to be transmitted to PSX, Read: been received from PSX) 8-31 Unknown |
0 Unknown 1 Error flag or so (0=Okay, 1=Error) 2-31 Unknown |
0 Ready flag (0=Busy, 1=Ready) (when 8bits have been transferred) 1-31 Unknown |
0 Unknown (should be set AT BEGIN OF A NEW command...?) 1 Unknown (0=Disable something, 1=Enable something) 2-31 Unknown (should be zero) |
00000000h = unknown? disable 00000002h = unknown? enable 00000003h = unknown? at BEGIN of a new command |
0 Unknown (should be set, probably starts or acknowledges something) 1 Unknown (should be set when expecting a NEW command...?) 2-31 Unknown (should be zero) |
00000001h = unknown? used before AND after each byte-transfer 00000003h = unknown? used after LAST byte of command (and when init/reset) |
(via FIQ vector, not IRQ vector) |
| Pocketstation IO Power Control |
0-3 Clock Ratio (01h..08h, see below) (usually 7 = 3.99MHz) (R/W) 4 Clock Change State (0=Busy, 1=Ready) (Read-only) 5-15 ? |
00h = hangs hardware ;-don't use 01h = 0.063488 MHz ;\ 02h = 0.126976 MHz ; 03h = 0.253952 MHz ; 31*8000h / 1,2,4,8,16 04h = 0.507904 MHz ; 05h = 1.015808 MHz ;/ 06h = 1.998848 MHz ;\ 07h = 3.997696 MHz ; 61*8000h * 1,2,4 08h = 7.995392 MHz ;/ 09h..0Fh = same as 08h ;-aliases |
0 Stop Clock (1=Stop) 1-15 ? |
DAC_CTRL=0 ;\disable sound IOP_STOP=20h ;/ LCD_MODE=0 ;-disable video IRDA=whatever ;-disable infrared (if it was used) BATT_CTRL=BATT_CTRL AND FFFFFFFCh ;-do whatever INT_MASK_SET=801h ;-enable Docking/Fire wakeup interrupts |
0-3 Probably Direction for IOP_DATA bit0..3 (0=Input, 1=Output) 4-31 Unknown/Unused (seems to be always zero) |
0 Unknown, STARTED by Kernel upon reset 1 Red LED, Communication related (START=Whatever, STOP=Whatelse) (?) 2 Unknown, STARTED by Kernel upon reset 3 Unknown, STARTED by Kernel upon reset 4 Never STARTED nor STOPPED by BIOS (maybe an INPUT, read via IOP_DATA) 5 Sound Enable (START=On, STOP=Off) 6 Unknown, STOPPED by Kernel upon reset 7-31 Unknown, never STARTED nor STOPPED by BIOS |
0 ? 1 Red LED (0=On, 1=Off) 2 ? 3 ? 4 Seems to be always 1 (maybe Infrared input?) 5-31 Unknown/Unused (seems to be always zero) |
INT_INPUT.10 IRQ Battery Low (0=Normal, 1=Battery Low) |
| Pocketstation SWI Function Summary |
SWI 00h - Reset() ;don't use out: everything destroyed SWI 01h - SetCallbacks(index,proc) out: old proc SWI 02h - CustomSwi2(r0..r6,r8..r10) out: r0 SWI 03h - FlashWriteVirtual(sector,src) out: 0=okay, 1=failed SWI 04h - SetCpuSpeed(speed) out: old_speed SWI 05h - SenseAutoCom() out: garbage SWI 06h - GetPtrToComFlags() out: ptr (usually 0C0h) SWI 07h - ChangeAutoDocking(flags.16-18) out: incoming flags AND 70000h SWI 08h - PrepareExecute(flag,dir_index,param) out: dir_index (new or old) SWI 09h - DoExecute(snapshot_saving_flag) out: r0=r0 (failed) or r0=param SWI 0Ah - FlashReadSerial() out: F_SN SWI 0Bh - ClearComFlagsBit10() out: new [ComFlags] (with bit10=0) SWI 0Ch - SetBcdDateTime(date,time) out: garbage (RTC_DATE/10000h) SWI 0Dh - GetBcdDate() out: date (with century in MSBs) SWI 0Eh - GetBcdTime() out: time and day-of-week SWI 0Fh - FlashWriteSerial(serial_number) out: garbage (r0=0) ;old BIOS only! SWI 10h - FlashWritePhysical(sector,src) out: 0=okay, 1=failed SWI 11h - SetComOnOff(flag) out: garbage retadr to swi handler SWI 12h - TestSnapshot(dir_index) out: 0=normal, 1=MCX1 with 1,0,"SE" SWI 13h - GetPtrToAlarmSetting() out: ptr to alarm_setting SWI 14h - GetPtrToPtrToSwiTable() out: ptr-to-ptr to swi_table SWI 15h - MakeAlternateDirIndex(flag,dir_index) out: alt_dir_index (new/old) SWI 16h - GetDirIndex() out: dir_index (or alternate) SWI 17h - GetPtrToFunc3addr() out: ptr to func3 address SWI 18h - FlashReadWhateverByte(sector) out: [8000000h+sector*80h+7Eh] SWI 19h..FFh - garbage SWI 100h..FFFFFFh - mirrors of SWI 00h..FFh |
| Pocketstation SWI Misc Functions |
r0=0 Set SWI 02h callback (r1=proc, or r1=0=reset/default) r0=1 Set IRQ callback (r1=proc, or r1=0=none/default) r0=2 Set FIQ callback (r1=proc, or r1=0=none/default) r0=3 Set Download Notification callback (r1=proc, or r1=0=bugged/default) |
| Pocketstation SWI Communication Functions |
0-3 Whatever (set/cleared when docked/undocked, and modified by bu_cmd's) 4-7 Not used (should be zero) 8 IRQ-11 (IOP) occurred (set by irq handler, checked/cleared by SWI 05h) 9 Communication Enabled And Docked (0=No, 1=Yes; prevents DoExecute) 10 Reject writes to Broken Sector Region (sector 16..55) (0=No, 1=Yes) 11 Start file request (set by bu_cmd_59h, processed by GUI, not by Kernel) 12-15 Not used (should be zero) 16 Automatically power-down DAC audio on insert/removal (0=No, 1=Yes) 17 Automatically power-down IRDA infrared on insert/removal (0=No, 1=Yes) 18 Automatically adjust LCD screen rotate on insert/removal (0=No, 1=Yes) 19-27 Not used (should be zero) 28 Indicates if a standard bu_cmd (52h/53h/57h) was received (0=No, 1=Yes) 29 Set date/time request (set by bu_cmd FUNC0, processed by BIOS) 30 Destroy RTC and Start GUI request (set by bu_cmd_59h, dir_index=FFFEh) 31 Not used (should be zero) |
0-15 Not used (should be zero) 16 Automatically power-down DAC audio on insert/removal (0=No, 1=Yes) 17 Automatically power-down IRDA infrared on insert/removal (0=No, 1=Yes) 18 Automatically adjust LCD screen rotate on insert/removal (0=No, 1=Yes) 19-31 Not used (should be zero) |
| Pocketstation SWI Execute Functions |
0-7 Command number (see below, MSBs=Primary command, LSBs=another dir_index) 8 Do not store Alarm setting in Kernel RAM (0=Normal, 1=Don't store) 9-31 Not used (should be zero) |
Command 0xh --> Erase RTC time/date Command 1xh --> Enter GUI Time Screen with speaker symbol Command 20h --> Enter GUI Time Screen with alarm symbol Command 2xh --> Prompt for new Date/Time, then start dir_index (x) Command 3xh --> Enter GUI File Selection Screen, with dir_index (x) selected Command xxh --> Erase RTC time/date (same as Command 0xh) |
| Pocketstation SWI Date/Time/Alarm Functions |
0-7 Day (01h..31h, BCD) 8-11 Month (01h..12h, BCD) 16-31 Year (0000h..9999h, BCD) |
0-7 Seconds (00h..59h, BCD) 8-15 Minutes (00h..59h, BCD) 16-23 Hours (00h..23h, BCD) 24-31 Day of week (1=Sunday, ..., 7=Saturday) |
0-7 Alarm Minute (00h..59h, BCD) 8-15 Alarm Hour (00h..23h, BCD) 16 Alarm Enable (0=Off, 1=On) 17 Button Lock (0=Normal, 1=Lock) (pressing all 5 buttons in GUI) 18-19 Volume Shift (0=Normal/Loud, 1=Medium/Div4, 2=Mute/Off) 20-22 Not used (should be zero) 23 RTC Initialized (0=Not yet, 1=Yes, was initialized from within GUI) 24-31 Not used (should be zero) 32-63 Pointer to 8x8 BIOS Charset (characters "0"..."9" plus strange symbols) |
CHR(00h..09h) = Digits "0..9" CHR(0Ah) = Space " " CHR(0Bh) = Colon ":" CHR(0Ch) = Button Lock (used by Final Fantasy 8's Chocobo World) CHR(0Dh) = Speaker Medium; or loud if followed by chr(0Eh) CHR(0Eh) = Speaker Loud; to be appended to chr(0Dh) CHR(0Fh) = Speaker Off CHR(10h) = Battery Low (used by PocketMuuMuu's Cars) CHR(11h) = Alarm Off CHR(12h) = Alarm On CHR(13h) = Memory Card symbol |
| Pocketstation SWI Flash Functions |
| Pocketstation SWI Useless Functions |
| Pocketstation BU Command Summary |
50h Change a FUNC 03h related value or so 51h N/A 52h Standard Read Sector command 53h Standard Get ID command 54h N/A 55h N/A 56h N/A 57h Standard Write Sector command 58h Get an ID or Version value or so 59h Prepare File Execution with Dir_index, and Parameter 5Ah Get Dir_index, ComFlags, F_SN, Date, and Time 5Bh Execute Function and transfer data from Pocketstation to PSX 5Ch Execute Function and transfer data from PSX to Pocketstation 5Dh Execute Custom Download Notification Function ;via SWI 01h with r0=3 5Eh Get-and-Send ComFlags.bit1,3,2 5Fh Get-and-Send ComFlags.bit0 |
FUNC 00h - Get or Set Date/Time FUNC 01h - Get or Set Memory Block FUNC 02h - Get or Set Alarm/Flags FUNC 03h - Custom Function 3 ;via SWI 17h, GetPtrToFunc3addr() FUNC 80h..FFh - Custom Functions 80h..FFh ;via Function Table in File Header |
| Pocketstation BU Standard Memory Card Commands |
FDh Reject write to Directory Entries of currently executed file FEh Reject write to write-protected Broken Sector region (sector 16..55) |
| Pocketstation BU Basic Pocketstation Commands |
Send Reply Comment 81h N/A Memory Card Access 50h FLAG Send Command 50h VAL 00h Send new [0CAh], receive length of following data (00h) |
Send Reply Comment 81h N/A Memory Card Access 58h FLAG Send Command 58h (0) 02h Send dummy/zero, receive length of following data (02h) (0) 01h Send dummy/zero, receive whatever value (01h) (0) 01h Send dummy/zero, receive another value (01h) |
Send Reply Comment 81h N/A Memory Card Access 59h FLAG Send Command 59h (0) 06h Send dummy/zero, receive length of following data (06h) NEW OLD Send new dir_index.8-15, receive old dir_index.8-15 NEW OLD Send new dir_index.0-7, receive old dir_index.0-7 PAR (0) Send exec_parameter.0-7, receive dummy/zero PAR (0) Send exec_parameter.8-15, receive dummy/zero PAR (0) Send exec_parameter.16-23, receive dummy/zero PAR (0) Send exec_parameter.24-31, receive dummy/zero |
0000h..000Fh --> Request to Start GUI or File (with above parameter bits) 0010h..FFFDh --> Not used, acts same as FFFFh (see below) FFFEh --> Request to Destroy RTC and Start GUI (with parameter 00000000h) FFFFh --> Do nothing (transfer all bytes, but don't store the new values) |
Send Reply Comment 81h N/A Memory Card Access 5Ah FLAG Send Command 5Ah (0) 12h Send dummy/zero, receive length of following data (12h) (0) INDX Send dummy/zero, receive curr_dir_index.bit8-15 (00h) (0) INDX Send dummy/zero, receive curr_dir_index.bit0-7 (00h..0Fh) (0) FLG Send dummy/zero, receive ComFlags.bit0 (00h or 01h) (0) FLG Send dummy/zero, receive ComFlags.bit1 (00h or 01h) (0) FLG Send dummy/zero, receive ComFlags.bit3 (00h or 01h) (0) FLG Send dummy/zero, receive ComFlags.bit2 (00h or 01h) (0) SN Send dummy/zero, receive F_SN.bit0-7 (whatever) (0) SN Send dummy/zero, receive F_SN.bit8-15 (whatever) (0) SN Send dummy/zero, receive F_SN.bit16-23 (whatever) (0) SN Send dummy/zero, receive F_SN.bit24-31 (whatever) (0) DATE Send dummy/zero, receive BCD Day (01h..31h) (0) DATE Send dummy/zero, receive BCD Month (01h..12h) (0) DATE Send dummy/zero, receive BCD Year (00h..99h) (0) DATE Send dummy/zero, receive BCD Century (00h..99h) (0) TIME Send dummy/zero, receive BCD Second (00h..59h) (0) TIME Send dummy/zero, receive BCD Minute (00h..59h) (0) TIME Send dummy/zero, receive BCD Hour (00h..23h) (0) TIME Send dummy/zero, receive BCD Day of Week (01h..07h) |
Send Reply Comment 81h N/A Memory Card Access 5Eh FLAG Send Command 5Eh (0) 03h Send dummy/zero, receive length of following data (03h) NEW OLD Send new ComFlags.bit1, receive old ComFlags.bit1 (00h or 01h) NEW OLD Send new ComFlags.bit3, receive old ComFlags.bit3 (00h or 01h) NEW OLD Send new ComFlags.bit2, receive old ComFlags.bit2 (00h or 01h) |
Send Reply Comment 81h N/A Memory Card Access 5Fh FLAG Send Command 5Fh (0) 01h Send dummy/zero, receive length of following data (01h) NEW OLD Send new ComFlags.bit0, receive old ComFlags.bit0 (00h or 01h) |
| Pocketstation BU Custom Pocketstation Commands |
Send Reply Comment 81h N/A Memory Card Access 5Bh FLAG Send Command 5Bh FUNC FFh Send Function Number, receive FFh (indicating variable length) (0) LEN1 Send dummy/zero, receive length of parameters (depending on FUNC) ... (0) Send parameters (LEN1 bytes), and receive dummy/zero <-------- at this point, the function is executed for the first time (0) LEN2 Send dummy/zero, receive length of data (depending on FUNC) (0) ... Send dummy/zero, receive data (LEN2 bytes) from pocketstation (0) FFh Send dummy/zero, receive FFh <-------- at this point, the function is executed for the second time |
Send Reply Comment 81h N/A Memory Card Access 5Ch FLAG Send Command 5Ch FUNC FFh Send Function Number, receive FFh (indicating variable length) (0) LEN1 Send dummy/zero, receive length of parameters (depending on FUNC) ... (0) Send parameters (LEN1 bytes), and receive dummy/zero <-------- at this point, the function is executed for the first time (0) LEN2 Send dummy/zero, receive length of data (depending on FUNC) ... (0) Send data (LEN2 bytes) to pocketstation, receive dummy/zero (0) FFh Send dummy/zero, receive FFh <-------- at this point, the function is executed for the second time |
Send Reply Comment 81h N/A Memory Card Access 5Dh FLAG Send Command 5Dh (0) 03h Send dummy/zero, receive length of following data (03h) VAL (0) Send receive value.16-23 (whatever), receive dummy/zero VAL (0) Send receive value.8-15 (download flags), receive dummy/zero VAL (0) Send receive value.0-7 (download duration), receive dummy/zero |
If value.8-15 = 00h, then ComFlags.bit10=1, else ComFlags.bit10=0. If download_callback<>0 then call download_callback with r0=value.0-23. |
bit0-7 download duration (in whatever units... 30Hz, RTC, seconds...?) bit8 download finished (0=no, 1=yes, cancel any old/busy duration) bit9-23 not used by gui |
DATE Get or Send BCD Day (01h..31h) DATE Get or Send BCD Month (01h..12h) DATE Get or Send BCD Year (00h..99h) DATE Get or Send BCD Century (00h..99h) TIME Get or Send BCD Second (00h..59h) TIME Get or Send BCD Minute (00h..59h) TIME Get or Send BCD Hour (00h..23h) TIME Get or Send BCD Day of Week (01h..07h) |
ADDR Send Pocketstation Memory Address.bit0-7 ADDR Send Pocketstation Memory Address.bit8-15 ADDR Send Pocketstation Memory Address.bit16-23 ADDR Send Pocketstation Memory Address.bit24-31 LEN2 Send Desired Data Length (00h..80h, automatically clipped to max=80h) |
... Get or Send LEN2 Data byte(s), max 80h bytes |
DATA Get or Send Alarm.bit0-7, Alarm Minute (00h..59h, BCD) DATA Get or Send Alarm.bit8-15, Alarm Hour (00h..23h, BCD) DATA Get or Send Alarm.bit16-23, Flags, see SWI 13h, GetPtrToAlarmSetting() DATA Get or Send Alarm.bit24-31, Not used (usually 00h) DATA Get or Send Alarm.bit32-39, BIOS Charset Address.0-7 DATA Get or Send Alarm.bit40-47, BIOS Charset Address.8-15 DATA Get or Send Alarm.bit48-55, BIOS Charset Address.16-23 DATA Get or Send Alarm.bit56-63, BIOS Charset Address.24-31 |
VAL Send Parameter Value.bit0-7 VAL Send Parameter Value.bit8-15 VAL Send Parameter Value.bit16-23 VAL Send Parameter Value.bit24-31 |
... Get or Send LEN2 Data byte(s) |
... Send LEN1 Parameter Value(s), max 80h bytes (destroys Kernel when >80h) |
... Get or Send LEN2 Data byte(s), max 80h bytes (clipped to max=80h) |
;above LEN1 should be 00h..80h (the parameters are stored
;in a 80h-byte buffer in kernel RAM, so len LEN1=81h..FFh would
;destroy the kernel RAM that is located after that buffer)
|
r0=flags (09h=Pre-Data to PSX, or 0Ah=Pre-Data from PSX) r1=pointer to parameter buffer (which contains LEN1 bytes) (in Kernel RAM) |
r0 = Pointer to 64bit memory location (or r0=00000000h=Failed) |
0-31 BUF2 address of data buffer (src/dst) 32-63 LEN2 (00000000h..00000080h) (clipped to max 00000080h if bigger) |
r0=flags (11h=Post-Data to PSX, 12h=Post-Data from PSX; plus 04h if Bad-Data) r1=pointer to data buffer (which contains LEN2 bytes) (BUF2 address) |
There's no return value required on 2nd call (although the kernel functions seem to return the same stuff as on 1st call). |
0 To-PSX (when used by Command 5Bh) 1 From-PSX (when used by Command 5Ch) 2 Error occurred during Data transfer 3 Pre-Data 4 Post-Data 5-31 Not used (zero) |
09h Pre-Data to PSX 0Ah Pre-Data from PSX 11h Post-Data to PSX 12h Post-Data from PSX 15h Post-Bad-Data to PSX 16h Post-Bad-Data from PSX |
| Pocketstation File Header/Icons |
PSX Title Sector ;80h bytes PSX Colored Icon(s) ;(hdr[02h] AND 0Fh)*80h bytes Pocketstation Saved Snapshot ;800h bytes if hdr[52h]="MCX1", else 0 bytes Pocketstation Function Table ;(hdr[57h]*8+7Fh) AND NOT 7Fh bytes Pocketstation File Viewer Mono Icon ;hdr[50h]*80h bytes Pocketstation Executable Mono Icon List ;hdr[56h]*8 bytes Body (Pocketstation Executable Code/Data, PSX Game Position, Exec-Icons) |
50h 2 Number of File Viewer Mono Icon Frames (or 0000h=Use Exec-Icons)
52h 4 Pocketstation Identifier ("MCX0"=Normal, "MCX1"=With Snapshot)
56h 1 Number of entries in Executable Mono Icon List (01h..FFh)
57h 1 Number of BU Command 5Bh/5Ch Get/Set Functions (00h..7Fh, usually 00h)
58h 4 Reserved (zero)
5Ch 4 Entrypoint in FLASH1 (ie. Fileoffset plus 02000000h) (bit0=THUMB)
|
000h r1..r12 (ie. without r0) 030h r13_usr (sp_usr) 034h r14_usr (lr_usr) 038h r15 (pc) 03Ch psr_fc 040h Snapshot ID (0xh,00h,"SE") 044h unused (3Ch bytes) 200h Copy of user RAM at 200h..7FFh |
00h 4 LEN1 (00000000h..00000080h) (destroys Kernel RAM if bigger) 04h 4 Function Address (bit0 can be set for THUMB code) |
1st word = top-most scanline, 31st word = bottom-most scanline bit0 = left-most pixel, bit31 = right-most pixel (0=white, 1=black) |
00h 2 Animation Length (0001h..any number) (icon frames) 02h 2 Animation Delay (N 30Hz units per icon frame) 04h 4 Address of icon frame(s) in Virtual FLASH (at 02000000h and up) |
| Pocketstation File Images |
It seems as if the file (including the 4-byte ID) is intended to be
mapped to address 02000000h, and that the entrypoint is fixed at
02000004h (in ARM state).
Since the File doesn't have a valid file header with "SC" and "MCXn" IDs,
it won't be recognized by real hardware, the PSX BIOS would treat it as
a corrupted/deleted file, the Pocketstation BIOS would treat it as a
non-executable file.
So, that fileformat is apparently working only on whatever emulators,
apparently on the one developed by SN Systems.
If one should want to use that files on real hardware, one could add
a 2000h byte stub at the begin of the file; with valid headers, and
with a small executable that remaps the "SN" stuff to 02000000h via
the F_BANK_VAL registers.
Ah, and the "SN" files seem to access RAM at 01000000h and up, unknown
if RAM is mirrored to that location on real hardware, reportedly that
region is unused... and doesn't contain RAM...?
Some games use The Undefined Instruction for TTY Output.
Most games do strange 8bit writes to LCD_MODE+0 and LCD_MODE+1
The games usually don't allow to return to the GUI (except by Reset).
|
| Pocketstation XBOO Cable |
Pin CNTR DB25 Pocketstation _______________________ ACK 10 10 --------- 1 JOYDTA | | | | D0 2 2 --------- 2 JOYCMD | 9 7 6 | 5 4 3 | 2 1 | CARD GND 19-30 18-25 ------- 4 GND |_______|_______|_______| D1 3 3 --------- 6 /JOYSEL _______________________ D2 4 4 --------- 7 JOYCLK | | | | PE 12 12 --------- 9 /JOYACK (/IRQ7) | 9 8 7 | 6 5 4 | 3 2 1 | PAD NC -------------------- 8 /JOYGUN (/IRQ10) \______|_______|______/ NC -------------------- 3 7.5V (rumble.supply) SUPPLY.5V --|>|---|>|-- 5 3.5V (VCC) (eg. PC's +5V via two 1N4001 diodes) SUPPLY.0V ------------- 4 GND (not needed when same as GND on CNTR/DB25) |
TitleSector[58h] = "TTY+" |
;------------------
.data?
org 200h
...
tty_bufsiz equ 128 ;max=128=fastest (can be smaller if you are short of RAM)
func3_info: ;\ ;\
func3_buf_base dd 0 ;fixed="func3_buf" ; ; func3_info+00h
func3_buf_len dd 0 ;range=0..128 ;/ ; func3_info+04h
func3_stack dd 0 ; func3_info+08h
func3_buffer: defs tty_bufsiz ;/ func3_info+0Ch
ptr_to_comflags dd 0
...
.code
...
;------------------
tty_wrchr: ;in: r0=char
dd 0e6000010h ;=undef opcode ;-Write chr(r0) to TTY
bx lr
;------------------
init_tty: ;in: r0=param (from entrypoint)
ldr r1,=2B595454h ;"TTY+" ;\check if xboo-cable present
cmp r1,r0 ; (r0=incoming param from
beq @@tty_by_xboo_cable ;/executable's entrypoint)
;- - -
mov r1,0 ;\dummy und_handler
ldr r2,=0e1b0f00eh ;=movs r15,r14 ; (just return from exception,
str r2,[r1,04h] ;und_handler ;/for normal cable-less mode)
b @@finish
;---
@@tty_by_xboo_cable:
swi 17h ;GetPtrToFunc3addr() ;\
ldr r1,=(tty_func3_handler AND 0ffffh) ; init FUNC3 aka TTY handler
strh r1,[r0] ;/
ldr r1,=func3_info ;\
mov r0,0 ;\ ; mark TTY as len=empty
str r0,[r1,4] ;func3_buf_len ;/ ; and
add r0,r1,0ch ;=func3_buffer ;\ ; init func3 base
str r0,[r1,0] ;func3_buf_base ;/ ;/
mov r1,0 ;\
ldr r2,=0e59ff018h ;=ldr r15,[pc,NN] ;
str r2,[r1,04h] ;und_handler ; special xboo und_handler
add r2,=tty_xboo_und_handler ;
str r2,[r1,24h] ;und_vector ;/
@@finish:
swi 06h ;GetPtrToComFlags() ;\
ldr r1,=ptr_to_comflags ; get ptr to ComFlags
str r0,[r1] ;/
bx lr
;------------------
tty_xboo_und_handler: ;in: r0=char
ldr r13,=func3_info ;aka sp_und ;-base address (in sp_und)
str r12,[r13,8] ;func3_stack ;-push r12
@@wait_if_buffer_full: ;\
ldr r12,=ptr_to_comflags ; ;\exit if execute file request
ldr r12,[r12] ;ptr to ComFlags ; ; ComFlg.Bit11 ("bu_cmd_59h"),
ldr r12,[r12] ;read ComFlags ; ; ie. allow that flag to be
tst r12,1 shl 11 ;test bit11 ; ; processed by main program,
bne @@exit ; ;/without hanging here
ldrb r12,[r13,4] ;func3_buf_len ; wait if buffer full
cmp r12,tty_bufsiz ; (until drained by FIQ)
beq @@wait_if_buffer_full ;/
mov r12,1bh+0c0h ;mode=und, FIQ/IRQ=off ;\disable FIQ (no COMMUNICATION
mov cpsr_ctl,r12 ;/interrupt during buffer write)
ldrb r12,[r13,4] ;func3_buf_len ;\
add r12,1 ;raise len ; write char to buffer
strb r12,[r13,4] ;func3_buf_len ; and raise buffer length
add r12,0ch-1 ;=func3_buffer+INDEX ;
strb r0,[r13,r12] ;append char to buf ;/
@@exit:
ldr r12,[r13,8] ;func3_stack ;-pop r12
movs r15,r14 ;return from exception (and restore old IRQ/FIQ state)
;------------------
tty_func3_handler: ;in: r0=flags, r1=ptr
tst r0,10h ;test if PRE/POST data (pre: Z, post: NZ)
;ldreq r1,[r1] ;read 32bit param (aka the four LEN1 bytes of FUNC3)
ldr r0,=func3_info ;ptr to two 32bit values (FUNC3 return value)
movne r1,0 ;\for POST data: mark buffer empty
strne r1,[r0,4] ;func3_buf_len=0 ;/
bx lr ;-for PRE data: return r0=func3_info
|
| Serial Port (SIO) |
0-7 Data to be sent 8-31 Not used |
0-7 Received Data (1st RX FIFO entry) (oldest entry) 8-15 Preview (2nd RX FIFO entry) 16-23 Preview (3rd RX FIFO entry) 24-31 Preview (4th RX FIFO entry) (5th..8th cannot be previewed) |
0 TX Ready Flag 1 (1=Ready/Started) (depends on CTS) (TX requires CTS) 1 RX FIFO Not Empty (0=Empty, 1=Not Empty) 2 TX Ready Flag 2 (1=Ready/Finished) (depends on TXEN and on CTS) 3 RX Parity Error (0=No, 1=Error; Wrong Parity, when enabled) (sticky) 4 RX FIFO Overrun (0=No, 1=Error; Received more than 8 bytes) (sticky) 5 RX Bad Stop Bit (0=No, 1=Error; Bad Stop Bit) (when RXEN) (sticky) 6 RX Input Level (0=Normal, 1=Inverted) ;only AFTER receiving Stop Bit 7 DSR Input Level (0=Off, 1=On) (remote DTR) ;DSR not required to be on 8 CTS Input Level (0=Off, 1=On) (remote RTS) ;CTS required for TX 9 Interrupt Request (0=None, 1=IRQ) (sticky) 10 Unknown (always zero) 11-25 Baudrate Timer (15bit timer, decrementing at 33MHz) 26-31 Unknown (usually zero, sometimes all bits set) |
0-1 Baudrate Reload Factor (1=MUL1, 2=MUL16, 3=MUL64) (or 0=STOP) 2-3 Character Length (0=5bits, 1=6bits, 2=7bits, 3=8bits) 4 Parity Enable (0=No, 1=Enable) 5 Parity Type (0=Even, 1=Odd) (seems to be vice-versa...?) 6-7 Stop bit length (0=Reserved/1bit, 1=1bit, 2=1.5bits, 3=2bits) 8-15 Not used (always zero) |
0 TX Enable (TXEN) (0=Disable, 1=Enable, when CTS=On) 1 DTR Output Level (0=Off, 1=On) 2 RX Enable (RXEN) (0=Disable, 1=Enable) ;Disable also clears RXFIFO 3 TX Output Level (0=Normal, 1=Inverted, during Inactivity & Stop bits) 4 Acknowledge (0=No change, 1=Reset SIO_STAT.Bits 3,4,5,9) (W) 5 RTS Output Level (0=Off, 1=On) 6 Reset (0=No change, 1=Reset most SIO_registers to zero) (W) 7 Unknown? (read/write-able when FACTOR non-zero) (otherwise always zero) 8-9 RX Interrupt Mode (0..3 = IRQ when RX FIFO contains 1,2,4,8 bytes) 10 TX Interrupt Enable (0=Disable, 1=Enable) ;when SIO_STAT.0-or-2 ;Ready 11 RX Interrupt Enable (0=Disable, 1=Enable) ;when N bytes in RX FIFO 12 DSR Interrupt Enable (0=Disable, 1=Enable) ;when SIO_STAT.7 ;DSR=On 13-15 Not used (always zero) |
0-15 Baudrate Reload value for decrementing Baudrate Timer |
BitsPerSecond = (44100Hz*300h) / MIN(((Reload*Factor) AND NOT 1),Factor) |
JOY_BAUD is multiplied by Factor, and does then ellapse "2" times per bit. SIO_BAUD is NOT multiplied, and, instead, ellapses "2*Factor" times per bit. |
| Expansion Port (PIO) |
| EXP1 Expansion ROM Header |
Address Size Content
1F000000h 4 Post-Boot Entrypoint (eg. 1F000100h and up)
1F000004h 2Ch Post-Boot ID ("Licensed by Sony Computer Entertainment Inc.")
1F000030h 50h Post-Boot TTY Message (must contain at least one 00h byte)
1F000080h 4 Pre-Boot Entrypoint (eg. 1F000100h and up)
1F000084h 2Ch Pre-Boot ID ("Licensed by Sony Computer Entertainment Inc.")
1F0000B0h 50h Not used (should be zero, but may contain code/data/io)
1F000100h .. Code, Data, I/O Ports, etc.
|
| EXP2 Dual Serial Port (for TTY Debug Terminal) |
7-0 Data (aka Character) |
7 RxRTS Control (0=No, 1=Yes) 6 RxINT Select (0=RxRDY, 1=FFULL) 5 Error Mode (0=Char, 1=Block) 4-3 Parity Mode (0=With Parity, 1=Force Parity, 2=No Parity, 3=Multidrop) 2 Parity Type (0=Even, 1=Odd) 1-0 Bits per Character (0=5bit, 1=6bit, 2=7bit, 3=8bit) |
7-6 Channel Mode (0=Normal, 1=Auto-Echo, 2=Local loop, 3=Remote loop) 5 TxRTS Control (0=No, 1=Yes) (when 1 --> OP0=RTSA / OP1=RTSB) 4 CTS Enable (0=No, 1=Yes) (when 1 --> IP0=CTSA / IP1=CTSB) 3-0 Tx Stop Bit Length (00h..0Fh = see below) |
0=0.563 1=0.625 2=0.688 3=0.750 4=0.813 5=0.875 6=0.938 7=1.000 8=1.563 9=1.625 A=1.688 B=1.750 C=1.813 D=1.875 E=1.938 F=2.000 |
7-4 Rx Clock Select (0..0Ch=See Table, 0Dh=Timer, 0Eh=16xIP, 0Fh=1xIP) 3-0 Tx Clock Select (0..0Ch=See Table, 0Dh=Timer, 0Eh=16xIP, 0Fh=1xIP) |
Rate 00h 01h 02h 03h 04h 05h 06h 07h 08h 09h 0Ah 0Bh 0Ch Set1 50 110 134.5 200 300 600 1200 1050 2400 4800 7200 9600 38400 Set2 75 110 134.5 150 300 600 1200 2000 2400 4800 1800 9600 19200 Set3 4800 880 1076 19200 28800 57600 115200 1050 57600 4800 57600 9600 38400 Set4 7200 880 1076 14400 28800 57600 115200 2000 57600 4800 14400 9600 19200 |
7 Not used (should be 0) 6-4 Miscellaneous Commands (0..7 = see below) 3 Disable Tx (0=No change, 1=Disable) 2 Enable Tx (0=No change, 1=Enable) ;Don't use with Command 3 (Reset Rx) 1 Disable Rx (0=No change, 1=Disable) 0 Enable Rx (0=No change, 1=Enable) ;Don't use with Command 2 (Reset Tx) |
0 No command ;no effect 1 Reset MR pointer ;force "FirstAccess" state for MR1A (or MR1B) access 2 Reset receiver ;reset RxA (or RxB) registers, disable Rx, flush Fifo 3 Reset transmitter ;reset TxA (or TxB) registers 4 Reset Error Flags ;reset SRA.7-4 (or SRB.7-4) to zero 5 Reset Break-Change IRQ Flag ;reset ISR.2 (or ISR.6) to zero 6 Start break ;after current char, pause Tx with TxDA=Low (or TxDB=Low) 7 Stop break ;output one High bit, then continue Tx (ie. undo pause) |
7 Input Port Change (0=No, 1=Yes) (Ack via reading IPCR) ;see ACR.3-0 6 Break Change B (0=No, 1=Yes) (Ack via CRB/Command5) 5 RxRDYB/FFULLB (0=No, 1=Yes) (Ack via reading data) ;see MR1B.6 4 THRB Empty (TxRDYB) (0=No, 1=Yes) (Ack via writing data) ;same as SRB.2 3 Counter Ready (0=No, 1=Yes) (Ack via CT_STOP) 2 Break Change A (0=No, 1=Yes) (Ack via CRA/Command5) 1 RxRDYA/FFULLA (0=No, 1=Yes) (Ack via reading data) ;see MR1A.6 0 THRA Empty (TxRDYA) (0=No, 1=Yes) (Ack via writing data) ;same as SRA.2 |
7 Rx Received Break* (0=No, 1=Yes) ;received 00h without stop bit 6 Rx Framing Error* (0=No, 1=Yes) ;received data without stop bit 5 Rx Parity Error* (0=No, 1=Yes) ;received data with bad parity 4 Rx Overrun Error (0=No, 1=Yes) ;Rx FIFO full + RxShiftReg full 3 Tx Underrun (TxEMT) (0=No, 1=Yes) ;both TxShiftReg and THR empty 2 Tx THR Empty (TxRDY) (0=No, 1=Yes) ;same as ISR.0 / ISR.4 1 Rx FIFO Full (FFULL) (0=No, 1=Yes) ;set upon 3 or more characters 0 Rx FIFO Not Empty (RxRDY) (0=No, 1=Yes) ;set upon 1 or more characters |
7 Select Baud Rate Generator (BRG) Set (0=Set1/Set3, 1=Set2/Set4) 6-4 Counter/Timer Mode and Source (see below) 3-0 IP3..IP0 Change Interrupt Enable Flags (0=Off, 1=On) |
Num Mode Clock Source 0h Counter External (IP2) 1h Counter TxCA - 1x clock of Channel A transmitter 2h Counter TxCB - 1x clock of Channel B transmitter 3h Counter Crystal or external clock (x1/CLK) divided by 16 4h Timer External (IP2) 5h Timer External (IP2) divided by 16 6h Timer Crystal or external clock (x1/CLK) 7h Timer Crystal or external clock (x1/CLK) divided by 16 |
7-4 IP3..IP0 Change Occured Flags (0=No, 1=Yes) ;auto reset after read 3-0 Current IP3-IP0 Input states (0=Low, 1=High) ;Same as IP.3-0 |
7 Not used (always 1) 6-0 Current IP6-IP0 Input states (0=Low, 1=High) ;LSBs = Same as IPCR.3-0 |
IP6 External RxB Clock ;see CSRB.7-4 IP5 External TxB Clock ;see CSRB.3-0 IP4 External RxA Clock ;see CSRA.7-4 IP3 External TxA Clock ;see CSRA.3-0 IP2 External Timer Input ;see AUX.6-4 IP1 Clear to Send B (CTSB) ;see MR2B.5 IP0 Clear to Send A (CTSA) ;see MR2A.5 |
7-0 Change "OPR" OP7-OP0 Output states (0=No change, 1=Set/Reset) |
7 OP7 (0=OPR.7, 1=TxRDYB) 6 OP6 (0=OPR.6, 1=TxRDYA) 5 OP5 (0=OPR.5, 1=RxRDY/FFULLB) 4 OP4 (0=OPR.4, 1=RxRDY/FFULLA) 3-2 OP3 (0=OPR.3, 1=Clock/Timer Output, 2=TxCB(1x), 3=RxCB(1x)) 1-0 OP2 (0=OPR.2, 1=TxCA(16x), 2=TxCA(1x), 3=RxCA(1x)) |
7-0 Not used (just issue a dummy-read to toggle the test mode on/off) |
7-0 Not used (just issue a dummy-read to strobe start/stop command) |
24pin basic cut-down version ;without IP0-1/OP0-1 = without CTS/RTS 28pin additional IP2,OP0,OP1,X2 ;without IP0-1 = without CTS 40pin additional IP0-IP6,OP0-OP7,X2 ;full version 44pin same as 40pin with four NC pins ;full version (SMD) |
| EXP2 DTL-H2000 I/O Ports |
0 Unknown, used for something 1 Unknown/unused 2 Unknown, used for something 3 TTY/Atcons TX Ready (0=Busy, 1=Ready) 4 TTY/Atcons RX Available (0=None, 1=Yes) 5-7 Unknown/unused |
0-7 TTY/Atcons RX/TX Data |
0-15 Data...? |
0 ... used for something 1 Lightgun IRQ (write: 0=No change, 1=Acknowledge) (read: 0=None, 1=IRQ) 2-3 Unknown/unused (write: 0=Normal) 4 ... acknowledged at 1FA00B04h, otherwise unused 5 ... TTY RX ? 6-7 Unknown/unused (write: 0=Normal) 8-31 Not used by DTL-H2000 BIOS (but Lightgun games write 0 to these bits) |
IF [BFC00104h]=00002000h then Port 1F802030h does exist (DTL-H2000) IF [BFC00104h]=00002500h then Port 1F802030h does NOT exist IF [BFC00104h]=00000003h then Port 1F802030h does NOT exist (default) IF [BFC00104h]= <other> then Port 1F802030h does NOT exist |
0 Used for something (CLEARED on some occassions) 1-3 Unknown/unused 4 Used for something (SET on some occassions) 5-7 Unknown/unused |
0-7 DIP Value (00h..FFh, but should be usually 00h..02h) |
DIP=0 --> .. long delay before TTY? with "PSX>" prompt, throws CDROM cmds DIP=1 --> .. long delay before TTY? no "PSX>" prompt PSY-Q? DIP=2 --> .. instant TTY? with "PSX>" prompt DIP=3 --> Lockup DIP=04h..FFh --> Lockup with POST=04h..FFh |
| EXP2 Post Registers |
0-3 Current Boot Status (00h..0Fh) 4-7 Not used by BIOS (always set to 0) |
0-7 Post/LED value |
| EXP2 Nocash Emulation Expansion |
0 CDROM Turbo (0=Normal, 1=Turbo) 1 Memory Card Turbo (0=Normal, 1=Turbo) 2 Controller Turbo (0=Normal, 1=Turbo) 3-7 Reserved (must be zero) |
| Memory Control |
0-23 Base Address (Read/Write) 24-31 Fixed (Read only, always 1Fh) |
0-3 Unknown (R/W) 4-7 Access Time (00h..0Fh=00h..0Fh Cycles) 8 Use COM0 Time (0=No, 1=Yes, add to Access Time) 9 Use COM1 Time (0=No, 1=Probably Yes, but has no effect?) 10 Use COM2 Time (0=No, 1=Yes, add to Access Time) 11 Use COM3 Time (0=No, 1=Yes, clip to MIN=(COM3+6) or so?) 12 Data Bus-width (0=8bit, 1=16bit) 13-15 Unknown (R/W) 16-20 Memory Window Size (1 SHL N bytes) (0..1Fh = 1 byte ... 2 gigabytes) 21-23 Unknown (always zero) 24-27 Unknown (R/W) ;must be non-zero for SPU-RAM reads 28 Unknown (always zero) 29 Unknown (R/W) 30 Unknown (always zero) 31 Unknown (R/W) (Port 1F801008h only; always zero for other ports) |
0-3 COM0 - Offset A ;used for SPU/EXP2 (and for adjusted CDROM timings) 4-7 COM1 - No effect? ;used for EXP2 8-11 COM2 - Offset B ;used for BIOS/EXP1/EXP2 12-15 COM3 - Min Value ;used for CDROM 16-17 COM? - Unknown ;used for whatever 18-31 Unknown/unused (read: always 0000h) |
1ST=0, SEQ=0, MIN=0 IF Use_COM0 THEN 1ST=1ST+COM0-1, SEQ=SEQ+COM0-1 IF Use_COM2 THEN 1ST=1ST+COM2, SEQ=SEQ+COM2 IF Use_COM3 THEN MIN=COM3 IF 1ST<6 THEN 1ST=1ST+1 ;(somewhat like so) 1ST=1ST+AccessTime+2, SEQ=SEQ+AccessTime+2 IF 1ST<(MIN+6) THEN 1ST=(MIN+6) IF SEQ<(MIN+2) THEN SEQ=(MIN+2) |
0-2 Unknown (no effect) 3 Crashes when zero (except PU-7 and EARLY-PU-8, which <do> set bit3=0) 4-6 Unknown (no effect) 7 Delay on simultaneous CODE+DATA fetch from RAM (0=None, 1=One Cycle) 8 Unknown (no effect) (should be set for 8MB, cleared for 2MB) 9-11 Define 8MB Memory Window (first 8MB of KUSEG,KSEG0,KSEG1) 12-15 Unknown (no effect) 16-31 Unknown (Garbage) |
0 = 1MB Memory + 7MB Locked 1 = 4MB Memory + 4MB Locked 2 = 1MB Memory + 1MB HighZ + 6MB Locked 3 = 4MB Memory + 4MB HighZ 4 = 2MB Memory + 6MB Locked ;<--- would be correct for PSX 5 = 8MB Memory ;<--- default by BIOS init 6 = 2MB Memory + 2MB HighZ + 4MB Locked ;<-- HighZ = Second /RAS 7 = 8MB Memory |
0-2 Unknown (Read/Write) (R/W) 3 Scratchpad Enable 1 (0=Disable, 1=Enable when Bit7 is set, too) (R/W) 4-5 Unknown (Read/Write) (R/W) 6 Unknown (read=always zero) (R) or (W) or unused..? 7 Scratchpad Enable 2 (0=Disable, 1=Enable when Bit3 is set, too) (R/W) 8 Unknown (R/W) 9 Crash (0=Normal, 1=Crash if code-cache enabled) (R/W) 10 Unknown (read=always zero) (R) or (W) or unused..? 11 Code-Cache Enable (0=Disable, 1=Enable) (R/W) 12-31 Unknown (R/W) |
Init Cache Step 1: [FFFE0130h]=00000804h, then set cop0_sr=00010000h, then zerofill each FOURTH word at [0000..0FFFh], then set cop0_sr=zero. Init Cache Step 2: [FFFE0130h]=00000800h, then set cop0_sr=00010000h, then zerofill ALL words at [0000h..0FFFh], then set cop0_sr=zero. Finish Initialization: read 8 times 32bit from [A0000000h], then set [FFFE0130h]=0001E988h |
| Unpredictable Things |
Address Content W.8bit W.16bit W.32bit 00000000h-00xFFFFFh Main RAM OK OK OK 1F800000h-1F8003FFh Scratchpad OK OK OK 1F801000h-1F801023h MEMCTRL (w32) (w32) OK 1F80104xh JOY_xxx (w16) OK CROP 1F80105xh SIO_xxx (w16) OK CROP 1F801060h-1F801063h RAM_SIZE (w32) (w32) OK (with crash) 1F801070h-1F801077h IRQCTRL (w32) (w32) OK 1F8010x0h-1F8010x3h DMAx.ADDR (w32) (w32) OK 1F8010x4h-1F8010x7h DMAx.LEN OK OK OK 1F8010x8h-1F8010xFh DMAx.CTRL/MIRR (w32) (w32) OK 1F8010F0h-1F8010F7h DMA.DPCR/DICR (w32) (w32) OK 1F8010F8h-1F8010FFh DMA.unknown IGNORE IGNORE IGNORE 1F801100h-1F80110Bh Timer 0 (w32) (w32) OK 1F801110h-1F80110Bh Timer 1 (w32) (w32) OK 1F801120h-1F80110Bh Timer 2 (w32) (w32) OK 1F801800h-1F801803h CDROM OK ? ? 1F801810h-1F801813h GPU.GP0 ? ? OK 1F801814h-1F801817h GPU.GP1 ? ? OK 1F801820h-1F801823h MDEC.CMD/DTA ? ? OK 1F801824h-1F801827h MDEC.CTRL ? ? OK 1F801C00h-1F801E7Fh SPU (i16) OK OK 1F801E80h-1F801FFFh SPU.UNUSED IGNORE IGNORE IGNORE 1F802020h-1F80202Fh DUART OK ? ? 1F802041h POST OK ? ? FFFE0130h-FFFE0133h CACHE.CTRL (i32) (i32) OK |
OK works (w32) write full 32bits (left-shifted if address isn't word-aligned) (w16) write full 16bits (left-shifted if address isn't halfword-aligned) (i32) write full 32bits (ignored if address isn't word-aligned) (i16) write full 16bits (ignored if address isn't halfword-aligned) CROP write only lower 16bit (and leave upper 16bit unchanged) |
FFFE0130h-FFFE0133h 8bit (+16bit?) read works ONLY from word-aligned address |
00800000h ;-when Main RAM configured to end at 7FFFFFh 1F080000h 780000h ;-when Expansion 1 configured to end at 7FFFFh 1F800400h C00h ;-region after Scratchpad 1F801024h 1Ch ;\ 1F801064h 0Ch ; 1F801078h 08h ; 1F801140h 6C0h ; gaps in I/O region 1F801804h 0Ch ; 1F801818h 08h ; 1F801828h 3D8h ;/ 1F802080h 3FDF80h ;-when Expansion 2 configured to end at 7Fh 1FC80000h 60380000h ;-when BIOS ROM configured to end at 7FFFFh C0000000h 1FFE0000h ;\ FFFE0020h E0h ; gaps in KSEG2 (cache control region) FFFE0140h 1FEC0h ;/ |
1F80108Ch+N*10h - D#_CHCR Mirrors - (N=0..6, for DMA channel 0..6) |
1F801062h (2 bytes) ;\ 1F801072h (2 bytes) ; unused addresses in Memory and Interrupt Control area 1F801076h (2 bytes) ;/ 1F801102h (2 bytes) ;\ 1F801106h (2 bytes) ; unused addresses in Timer 0 area 1F80110Ah (6 bytes) ;/ 1F801112h (2 bytes) ;\ 1F801116h (2 bytes) ; unused addresses in Timer 1 area 1F80111Ah (6 bytes) ;/ 1F801122h (2 bytes) ;\ 1F801126h (2 bytes) ; unused addresses in Timer 2 area and next some bytes 1F80112Ah (22 bytes) ;/ 1F801820h (4 bytes) ;-read MDEC Data-Out port (if there is no data) FFFE0000h (32 bytes) ;\ FFFE0100h (48 bytes) ; unused addresses in Cache control area FFFE0132h (2 bytes) ; (including write-only upper 16bit of Port FFFE0130h) FFFE0134h (12 bytes) ;/ |
| CPU Specifications |
| CPU Registers |
Name Alias Common Usage (R0) zero Constant (always 0) (this one isn't a real register) R1 at Assembler temporary (destroyed by some pseudo opcodes!) R2-R3 v0-v1 Subroutine return values, may be changed by subroutines R4-R7 a0-a3 Subroutine arguments, may be changed by subroutines R8-R15 t0-t7 Temporaries, may be changed by subroutines R16-R23 s0-s7 Static variables, must be saved by subs R24-R25 t8-t9 Temporaries, may be changed by subroutines R26-R27 k0-k1 Reserved for kernel (destroyed by some IRQ handlers!) R28 gp Global pointer (rarely used) R29 sp Stack pointer R30 fp(s8) Frame Pointer, or 9th Static variable, must be saved R31 ra Return address (used so by JAL,BLTZAL,BGEZAL opcodes) - pc Program counter - hi,lo Multiply/divide results, may be changed by subroutines |
sub sp,20h mov [sp+14h],ra mov [sp+18h],r16 mov [sp+1Ch],r17 |
[sp+00h..0Fh] wasted stack (may, or may not, be used by sub-functions) [sp+10h..13h] 8-byte alignment padding (not used) [sp+14h..1Fh] pushed registers |
| CPU Opcode Encoding |
00h=SPECIAL 08h=ADDI 10h=COP0 18h=N/A 20h=LB 28h=SB 30h=LWC0 38h=SWC0 01h=BcondZ 09h=ADDIU 11h=COP1 19h=N/A 21h=LH 29h=SH 31h=LWC1 39h=SWC1 02h=J 0Ah=SLTI 12h=COP2 1Ah=N/A 22h=LWL 2Ah=SWL 32h=LWC2 3Ah=SWC2 03h=JAL 0Bh=SLTIU 13h=COP3 1Bh=N/A 23h=LW 2Bh=SW 33h=LWC3 3Bh=SWC3 04h=BEQ 0Ch=ANDI 14h=N/A 1Ch=N/A 24h=LBU 2Ch=N/A 34h=N/A 3Ch=N/A 05h=BNE 0Dh=ORI 15h=N/A 1Dh=N/A 25h=LHU 2Dh=N/A 35h=N/A 3Dh=N/A 06h=BLEZ 0Eh=XORI 16h=N/A 1Eh=N/A 26h=LWR 2Eh=SWR 36h=N/A 3Eh=N/A 07h=BGTZ 0Fh=LUI 17h=N/A 1Fh=N/A 27h=N/A 2Fh=N/A 37h=N/A 3Fh=N/A |
00h=SLL 08h=JR 10h=MFHI 18h=MULT 20h=ADD 28h=N/A 30h=N/A 38h=N/A 01h=N/A 09h=JALR 11h=MTHI 19h=MULTU 21h=ADDU 29h=N/A 31h=N/A 39h=N/A 02h=SRL 0Ah=N/A 12h=MFLO 1Ah=DIV 22h=SUB 2Ah=SLT 32h=N/A 3Ah=N/A 03h=SRA 0Bh=N/A 13h=MTLO 1Bh=DIVU 23h=SUBU 2Bh=SLTU 33h=N/A 3Bh=N/A 04h=SLLV 0Ch=SYSCALL 14h=N/A 1Ch=N/A 24h=AND 2Ch=N/A 34h=N/A 3Ch=N/A 05h=N/A 0Dh=BREAK 15h=N/A 1Dh=N/A 25h=OR 2Dh=N/A 35h=N/A 3Dh=N/A 06h=SRLV 0Eh=N/A 16h=N/A 1Eh=N/A 26h=XOR 2Eh=N/A 36h=N/A 3Eh=N/A 07h=SRAV 0Fh=N/A 17h=N/A 1Fh=N/A 27h=NOR 2Fh=N/A 37h=N/A 3Fh=N/A |
31..26 |25..21|20..16|15..11|10..6 | 5..0 | 6bit | 5bit | 5bit | 5bit | 5bit | 6bit | -------+------+------+------+------+--------+------------ 000000 | N/A | rt | rd | imm5 | 0000xx | shift-imm 000000 | rs | rt | rd | N/A | 0001xx | shift-reg 000000 | rs | N/A | N/A | N/A | 001000 | jr 000000 | rs | N/A | rd | N/A | 001001 | jalr 000000 | <-----comment20bit------> | 00110x | sys/brk 000000 | N/A | N/A | rd | N/A | 0100x0 | mfhi/mflo 000000 | rs | N/A | N/A | N/A | 0100x1 | mthi/mtlo 000000 | rs | rt | N/A | N/A | 0110xx | mul/div 000000 | rs | rt | rd | N/A | 10xxxx | alu-reg 000001 | rs | 00000| <--immediate16bit--> | bltz 000001 | rs | 00001| <--immediate16bit--> | bgez 000001 | rs | 10000| <--immediate16bit--> | bltzal 000001 | rs | 10001| <--immediate16bit--> | bgezal 00001x | <---------immediate26bit---------> | j/jal 00010x | rs | rt | <--immediate16bit--> | beq/bne 00011x | rs | N/A | <--immediate16bit--> | blez/bgtz 001xxx | rs | rt | <--immediate16bit--> | alu-imm 001111 | N/A | rt | <--immediate16bit--> | lui-imm 100xxx | rs | rt | <--immediate16bit--> | load rt,[rs+imm] 101xxx | rs | rt | <--immediate16bit--> | store rt,[rs+imm] x1xxxx | <------coprocessor specific------> | coprocessor (see below) |
31..26 |25..21|20..16|15..11|10..6 | 5..0 | 6bit | 5bit | 5bit | 5bit | 5bit | 6bit | -------+------+------+------+------+--------+------------ 0100nn |0|0000| rt | rd | N/A | 000000 | MFCn rt,rd_dat ;rt = dat 0100nn |0|0010| rt | rd | N/A | 000000 | CFCn rt,rd_cnt ;rt = cnt 0100nn |0|0100| rt | rd | N/A | 000000 | MTCn rt,rd_dat ;dat = rt 0100nn |0|0110| rt | rd | N/A | 000000 | CTCn rt,rd_cnt ;cnt = rt 0100nn |0|1000|00000 | <--immediate16bit--> | BCnF target ;jump if false 0100nn |0|1000|00001 | <--immediate16bit--> | BCnT target ;jump if true 0100nn |1| <--------immediate25bit--------> | COPn imm25 010000 |1|0000| N/A | N/A | N/A | 000001 | COP0 01h ;=TLBR 010000 |1|0000| N/A | N/A | N/A | 000010 | COP0 02h ;=TLBWI 010000 |1|0000| N/A | N/A | N/A | 000110 | COP0 06h ;=TLBWR 010000 |1|0000| N/A | N/A | N/A | 001000 | COP0 08h ;=TLBP 010000 |1|0000| N/A | N/A | N/A | 010000 | COP0 10h ;=RFE 1100nn | rs | rt | <--immediate16bit--> | LWCn rt_dat,[rs+imm] 1110nn | rs | rt | <--immediate16bit--> | SWCn rt_dat,[rs+imm] |
| CPU Load/Store Opcodes |
movbs rt,[imm+rs] lb rt,imm(rs) rt=[imm+rs] ;byte sign-extended movb rt,[imm+rs] lbu rt,imm(rs) rt=[imm+rs] ;byte zero-extended movhs rt,[imm+rs] lh rt,imm(rs) rt=[imm+rs] ;halfword sign-extended movh rt,[imm+rs] lhu rt,imm(rs) rt=[imm+rs] ;halfword zero-extended mov rt,[imm+rs] lw rt,imm(rs) rt=[imm+rs] ;word |
movb [imm+rs],rt sb rt,imm(rs) [imm+rs]=(rt AND FFh) ;store 8bit movh [imm+rs],rt sh rt,imm(rs) [imm+rs]=(rt AND FFFFh) ;store 16bit mov [imm+rs],rt sw rt,imm(rs) [imm+rs]=rt ;store 32bit |
lwr rt,imm(rs) load right bits of rt from memory (usually imm+0) lwl rt,imm(rs) load left bits of rt from memory (usually imm+3) swr rt,imm(rs) store right bits of rt to memory (usually imm+0) swl rt,imm(rs) store left bits of rt to memory (usually imm+3) |
lwl r2,$0003(t0) ;\no delay required between these lwr r2,$0000(t0) ;/(although both access r2) nop ;-requires load delay HERE (before reading from r2) and r2,r2,0ffffh ;-access r2 (eg. reducing it to unaligned 16bit data) |
lwr/swr [N*4+0] transfer whole 32bit of Rt to/from [N*4+0..3] lwr/swr [N*4+1] transfer lower 24bit of Rt to/from [N*4+1..3] lwr/swr [N*4+2] transfer lower 16bit of Rt to/from [N*4+2..3] lwr/swr [N*4+3] transfer lower 8bit of Rt to/from [N*4+3] |
lwl/swl [N*4+0] transfer upper 8bit of Rt to/from [N*4+0] lwl/swl [N*4+1] transfer upper 16bit of Rt to/from [N*4+0..1] lwl/swl [N*4+2] transfer upper 24bit of Rt to/from [N*4+0..2] lwl/swl [N*4+3] transfer whole 32bit of Rt to/from [N*4+0..3] |
| CPU ALU Opcodes |
addt rd,rs,rt add rd,rs,rt rd=rs+rt (with overflow trap) add rd,rs,rt addu rd,rs,rt rd=rs+rt subt rd,rs,rt sub rd,rs,rt rd=rs-rt (with overflow trap) sub rd,rs,rt subu rd,rs,rt rd=rs-rt addt rt,rs,imm addi rt,rs,imm rt=rs+(-8000h..+7FFFh) (with ov.trap) add rt,rs,imm addiu rt,rs,imm rt=rs+(-8000h..+7FFFh) |
setlt slt rd,rs,rt if rs<rt then rd=1 else rd=0 (signed) setb sltu rd,rs,rt if rs<rt then rd=1 else rd=0 (unsigned) setlt slti rt,rs,imm if rs<(-8000h..+7FFFh) then rt=1 else rt=0 (signed) setb sltiu rt,rs,imm if rs<(FFFF8000h..7FFFh) then rt=1 else rt=0(unsigned) |
and rd,rs,rt and rd,rs,rt rd = rs AND rt or rd,rs,rt or rd,rs,rt rd = rs OR rt xor rd,rs,rt xor rd,rs,rt rd = rs XOR rt nor rd,rs,rt nor rd,rs,rt rd = FFFFFFFFh XOR (rs OR rt) and rt,rs,imm andi rt,rs,imm rt = rs AND (0000h..FFFFh) or rt,rs,imm ori rt,rs,imm rt = rs OR (0000h..FFFFh) xor rt,rs,imm xori rt,rs,imm rt = rs XOR (0000h..FFFFh) |
shl rd,rt,rs sllv rd,rt,rs rd = rt SHL (rs AND 1Fh) shr rd,rt,rs srlv rd,rt,rs rd = rt SHR (rs AND 1Fh) sar rd,rt,rs srav rd,rt,rs rd = rt SAR (rs AND 1Fh) shl rd,rt,imm sll rd,rt,imm rd = rt SHL (00h..1Fh) shr rd,rt,imm srl rd,rt,imm rd = rt SHR (00h..1Fh) sar rd,rt,imm sra rd,rt,imm rd = rt SAR (00h..1Fh) mov rt,i*10000h lui rt,imm rt = (0000h..FFFFh) SHL 16 |
smul rs,rt mult rs,rt hi:lo = rs*rt (signed) umul rs,rt multu rs,rt hi:lo = rs*rt (unsigned) sdiv rs,rt div rs,rt lo = rs/rt, hi=rs mod rt (signed) udiv rs,rt divu rs,rt lo = rs/rt, hi=rs mod rt (unsigned) mov rd,hi mfhi rd rd=hi ;move from hi mov rd,lo mflo rd rd=lo ;move from lo mov hi,rs mthi rs hi=rs ;move to hi mov lo,rs mtlo rs lo=rs ;move to lo |
__umul_execution_time_____________________________________________________ Fast (6 cycles) rs = 00000000h..000007FFh Med (9 cycles) rs = 00000800h..000FFFFFh Slow (13 cycles) rs = 00100000h..FFFFFFFFh __smul_execution_time_____________________________________________________ Fast (6 cycles) rs = 00000000h..000007FFh, or rs = FFFFF800h..FFFFFFFFh Med (9 cycles) rs = 00000800h..000FFFFFh, or rs = FFF00000h..FFFFF801h Slow (13 cycles) rs = 00100000h..7FFFFFFFh, or rs = 80000000h..FFF00001h __udiv/sdiv_execution_time________________________________________________ Fixed (36 cycles) no matter of rs and rt values |
Opcode Rs Rd Hi/Remainder Lo/Result udiv 0..FFFFFFFFh 0 --> Rs FFFFFFFFh sdiv 0..+7FFFFFFFh 0 --> Rs -1 sdiv -80000000h..-1 0 --> Rs +1 sdiv -80000000h -1 --> 0 -80000000h |
| CPU Jump Opcodes |
jmp dest j dest pc=(pc and F0000000h)+(imm26bit*4) call dest jal dest pc=(pc and F0000000h)+(imm26bit*4),ra=$+8 jmp rs jr rs pc=rs call rs,ret=rd jalr (rd,)rs(,rd) pc=rs, rd=$+8 ;see caution je rs,rt,dest beq rs,rt,dest if rs=rt then pc=$+4+(-8000h..+7FFFh)*4 jne rs,rt,dest bne rs,rt,dest if rs<>rt then pc=$+4+(-8000h..+7FFFh)*4 js rs,dest bltz rs,dest if rs<0 then pc=$+4+(-8000h..+7FFFh)*4 jns rs,dest bgez rs,dest if rs>=0 then pc=$+4+(-8000h..+7FFFh)*4 jgtz rs,dest bgtz rs,dest if rs>0 then pc=$+4+(-8000h..+7FFFh)*4 jlez rs,dest blez rs,dest if rs<=0 then pc=$+4+(-8000h..+7FFFh)*4 calls rs,dest bltzal rs,dest if rs<0 then pc=$+4+(..)*4, ra=$+8 callns rs,dest bgezal rs,dest if rs>=0 then pc=$+4+(..)*4, ra=$+8 |
syscall imm20 generates a system call exception break imm20 generates a breakpoint exception |
| CPU Coprocessor Opcodes |
mov rt,cop#Rd(0-31) mfc# rt,rd ;rt = cop#datRd ;data regs mov rt,cop#Rd(32-63) cfc# rt,rd ;rt = cop#cntRd ;control regs mov cop#Rd(0-31),rt mtc# rt,rd ;cop#datRd = rt ;data regs mov cop#Rd(32-63),rt ctc# rt,rd ;cop#cntRd = rt ;control regs mov cop#cmd,imm25 cop# imm25 ;exec cop# command 0..1FFFFFFh mov cop#Rt(0-31),[rs+imm] lwc# rt,imm(rs) ;cop#dat_rt = [rs+imm] ;word mov [rs+imm],cop#Rt(0-31) swc# rt,imm(rs) ;[rs+imm] = cop#dat_rt ;word jf cop#flg,dest bc#f dest ;if cop#flg=false then pc=$+disp jt cop#flg,dest bc#t dest ;if cop#flg=true then pc=$+disp rfe rfe ;return from exception (COP0) tlb<xx> tlb<xx> ;virtual memory related (COP0) |
| CPU Pseudo Opcodes |
nop ;alias for sll r0,r0,0 move rd,rs ;alias for addu rd,rs,r0 la rx,imm32 ;load address (alias for lui rx / addiu rx) li rx,imm32 ;load immediate (alias for lui rx / ori rx) li rx,imm16 ;load immediate (alias for ori, range 0..FFFFh) li rx,-imm15 ;load immediate (alias for addiu, range -1..-8000h) li rx,imm16*10000h ;load immediate (alias for lui) lw rx,imm32 ;load from address (lui rx / lw rx,rx) sw rx,imm32 ;store to address (lui r1 / sw rx,r1) (destroys r1!) lb,lh,lwl,lwr,lbu,lhu;as above pseudo lw sb,sh,swl,swr ;as above pseudo sw (ie. also destroys r1!) alu rx,op ;alias for alu rx,rx,op alu(u) rx,rx,imm ;alias for alui(u) rx,rx,imm jalr rx ;alias for jalr (RA,)rx(,RA) subi(u) rt,rs,imm ;alias for addi(u) rt,rs,-imm beqz rx,dest ;alias for beq rx,r0,dest bnez rx,dest ;alias for bne rx,r0,dest b dest ;alias for beq r0,r0,dest (jump relative/spasm) bra dest ;alias for ...? (jump relative/gnu) bal dest ;alias for ...? (call relative/spasm) |
mov rx,NNNN0000h ;alias for lui rx,NNNNh mov rx,0000NNNNh ;alias for or rx,r0,NNNNh ;max +FFFFh mov rx,-imm15 ;alias for add rx,r0,-NNNNh ;min -8000h mov rx,ry ;alias for or rx,ry,0 (or "addiu") nop ;alias for shl r0,r0,0 jrel dest ;alias for blez R0,dest ;relative jump crel dest ;alias for callns R0,dest ;relative call jz rx,dest ;alias for je rx,R0,dest jnz rx,dest ;alias for jne rx,R0,dest call rx ;alias for call rx,ret=RA ret ;alias for jmp ra subt rt,rs,imm ;alias for addt rt,rs,-imm sub rt,rs,imm ;alias for add rt,rs,-imm alu rx,op ;alias for alu rx,rx,op neg(t) rx,ry ;alias for sub(t) rx,R0,ry not rx,ry ;alias for nor rx,R0,ry neg(t)/not rx ;alias for neg(t)/not rx,rx setz rx,ry ;alias for setb rx,ry,1 (set if zero) setnz rx,ry ;alias for setb rx,R0,ry (set if nonzero) syscall/break ;alias for syscall/break 000000h |
movp rx,imm32 ;alias for lui rx,imm16 -plus- or rx,rx,imm16) mov(bhs)p rx,[imm32] ;load from address (lui rx,imm16 / mov rx,[rx+imm16]) movu [rs+imm] ;alias for lwr/swr [rs+imm] plus lwl/swl [rs+imm+3] reti ;alias for jmp k0 plus rfe |
push rlist ;alias for sub sp,n*4 -- mov [sp+(1..n)*4],r1..rn pop rlist ;alias for mov r1..rn,[sp+(1..n)*4] -- add sp,n*4 pop pc,rlist ;alias for pop ra,rlist -- jmp ra |
call x0000000h ;call y0000000h (could be half-working for mem mirrors?) setae,setge ;--> setb,setlt with swapped operands |
.mips ;select MIPS instruction set (alternately .hc05 for MC68HC05) .bios ;create a .ROM file (instead of .EXE) .auto_nop ;append NOPs to jumps ;unless next opcode starts with a + org imm ;assume following code to be originated at address "imm" db n(,n(..))) ;define 8bit data values(s) or quoted ASCII strings dw n(,n(..))) ;define 16bit data values(s) (not 32bit data!) dd n(,n(..))) ;define 32bit data values(s) .align imm 0 ;alias for immediate 0 and register R0 (whichever fits) |
org imm ;self-explaining (but, default=$80010000 for spasm!) align imm ;self-explaining (probably zeropadded?) db n(,n(..))) ;define 8bit data values(s) or quoted ASCII strings dh n(,n(..))) ;define 16bit data values(s) dw n(,n(..))) ;define 32bit data values(s) (not 16bit data!) dcb len,value ;fill <len> bytes by <value> (different as DCB on ARM CPUs) xyz ;define label "xyz" at current address (without colon) xyz equ n ;assign value n to xyz xyz = n ;probably same/sililar as "equ" ;xyz ;comments invoked with semicolon (spasm) incbin file.bin ;import binary file include file.asm ;import asm file zero ;alias for r0 >imm32 ;alias for (i-(i AND 8000h))/10000h, and/or i/10000h ? <imm32 ;alias for (i AND 0FFFFh), used for SW(+/-) and ORI(+)? end ;N/A ;no "end" or ".end" directive needed/used by spasm r1 aka at ;N/A ;some assemblers may (optionally) reject to use r1/at |
| COP0 - Register Summary |
cop0r0-r2 - N/A cop0r3 - BPC - Breakpoint on execute (R/W) cop0r4 - N/A cop0r5 - BDA - Breakpoint on data access (R/W) cop0r6 - JUMPDEST - Randomly memorized jump address (R) cop0r7 - DCIC - Breakpoint control (R/W) cop0r8 - BadVaddr - Bad Virtual Address (R) cop0r9 - BDAM - Data Access breakpoint mask (R/W) cop0r10 - N/A cop0r11 - BPCM - Execute breakpoint mask (R/W) cop0r12 - SR - System status register (R/W) cop0r13 - CAUSE - (R) Describes the most recently recognised exception cop0r14 - EPC - Return Address from Trap (R) cop0r15 - PRID - Processor ID (R) cop0r16-r31 - Garbage cop0r32-r63 - N/A - None such (Control regs) |
| COP0 - Exception Handling |
0-1 - Not used (zero)
2-6 Excode Describes what kind of exception occured:
00h INT Interrupt
01h MOD Tlb modification (none such in PSX)
02h TLBL Tlb load (none such in PSX)
03h TLBS Tlb store (none such in PSX)
04h AdEL Address error, Data load or Instruction fetch
05h AdES Address error, Data store
The address errors occur when attempting to read
outside of KUseg in user mode and when the address
is misaligned. (See also: BadVaddr register)
06h IBE Bus error on Instruction fetch
07h DBE Bus error on Data load/store
08h Syscall Generated unconditionally by syscall instruction
09h BP Breakpoint - break instruction
0Ah RI Reserved instruction
0Bh CpU Coprocessor unusable
0Ch Ov Arithmetic overflow
0Dh-1Fh Not used
7 - Not used (zero)
8-15 Ip Interrupt pending field. Bit 8 and 9 are R/W, and
contain the last value written to them. As long
as any of the bits are set they will cause an
interrupt if the corresponding bit is set in IM.
16-27 - Not used (zero)
28-29 CE Contains the coprocessor number if the exception
occurred because of a coprocessor instuction for
a coprocessor which wasn't enabled in SR.
30 - Not used (zero)
31 BD Is set when last exception points to the
branch instuction instead of the instruction
in the branch delay slot, where the exception
occurred.
|
0 IEc Current Interrupt Enable (0=Disable, 1=Enable) ;rfe pops IUp here
1 KUc Current Kernal/User Mode (0=Kernel, 1=User) ;rfe pops KUp here
2 IEp Previous Interrupt Disable ;rfe pops IUo here
3 KUp Previous Kernal/User Mode ;rfe pops KUo here
4 IEo Old Interrupt Disable ;left unchanged by rfe
5 KUo Old Kernal/User Mode ;left unchanged by rfe
6-7 - Not used (zero)
8-15 Im 8 bit interrupt mask fields. When set the corresponding
interrupts are allowed to cause an exception.
16 Isc Isolate Cache (0=No, 1=Isolate)
When isolated, all load and store operations are targetted
to the Data cache, and never the main memory.
(Used by PSX Kernel, in combination with Port FFFE0130h)
17 Swc Swapped cache mode (0=Normal, 1=Swapped)
Instruction cache will act as Data cache and vice versa.
Use only with Isc to access & invalidate Instr. cache entries.
(Not used by PSX Kernel)
18 PZ When set cache parity bits are written as 0.
19 CM Shows the result of the last load operation with the D-cache
isolated. It gets set if the cache really contained data
for the addressed memory location.
20 PE Cache parity error (Does not cause exception)
21 TS TLB shutdown. Gets set if a programm address simultaneously
matches 2 TLB entries.
(initial value on reset allows to detect extended CPU version?)
22 BEV Boot exception vectors in RAM/ROM (0=RAM/KSEG0, 1=ROM/KSEG1)
23-24 - Not used (zero)
25 RE Reverse endianness (0=Normal endianness, 1=Reverse endianness)
Reverses the byte order in which data is stored in
memory. (lo-hi -> hi-lo)
(Has affect only to User mode, not to Kernel mode) (?)
(The bit doesn't exist in PSX ?)
26-27 - Not used (zero)
28 CU0 COP0 Enable (0=Enable only in Kernal Mode, 1=Kernal and User Mode)
29 CU1 COP1 Enable (0=Disable, 1=Enable) (none such in PSX)
30 CU2 COP2 Enable (0=Disable, 1=Enable) (GTE in PSX)
31 CU3 COP3 Enable (0=Disable, 1=Enable) (none such in PSX)
|
0-31 Return Address from Exception |
if (cause AND 7Ch)=00h ;if excode=interrupt
if ([epc] AND FE000000h)=4A000000h ;and opcode=cop2cmd
epc=epc+4 ;then skip that opcode
|
mov k0,epc ;get return address push k0 ;save epc in memory (if you expect nested exceptions) ... ;whatever (ie. process CAUSE) pop k0 ;restore from memory (if you expect nested exceptions) jmp k0 ;jump to K0 (after executing the next opcode) +rfe ;move SR bit4/5 --> bit2/3 --> bit0/1 |
Exception BEV=0 BEV=1 Reset BFC00000h BFC00000h (Reset) UTLB Miss 80000000h BFC00100h (Virtual memory, none such in PSX) COP0 Break 80000040h BFC00140h (Debug Break) General 80000080h BFC00180h (General Interrupts & Exceptions) |
Reset At any time (highest) ;-reset AdEL Memory (Load instruction) ;\ AdES Memory (Store instruction) ; memory (data load/store) DBE Memory (Load or store) ;/ MOD ALU (Data TLB) ;\ TLBL ALU (DTLB Miss) ; none such TLBS ALU (DTLB Miss) ;/ Ovf ALU ;-overflow Int ALU ;-interrupt Sys RD (Instruction Decode) ;\ Bp RD (Instruction Decode) ; RI RD (Instruction Decode) ; CpU RD (Instruction Decode) ;/ TLBL I-Fetch (ITLB Miss) ;-none such AdEL IVA (Instruction Virtual Address) ;\memory (opcode fetch) IBE RD (end of I-Fetch, lowest) ;/ |
| COP0 - Misc |
0-7 Revision 8-15 Implementation 16-31 Not used |
| COP0 - Debug Registers |
0 Automatically set by hardware upon Any break (R/W) 1 Automatically set by hardware upon BPC Code break (R/W) 2 Automatically set by hardware upon BDA Data break (R/W) 3 Automatically set by hardware upon BDA Data-Read break (R/W) 4 Automatically set by hardware upon BDA Data-Write break (R/W) 5 Automatically set by hardware upon any-jump break (R/W) 6-11 Not used (always zero) 12-13 Jump Redirection (0=Disable, 1..3=Enable) (see note) (R/W) 14-15 Unknown? (R/W) 16-22 Not used (always zero) 23 Super-Master Enable 1 for bit24-29 24 Execution breakpoint (0=Disabled, 1=Enabled) (see BPC, BPCM) 25 Data access breakpoint (0=Disabled, 1=Enabled) (see BDA, BDAM) 26 Break on Data-Read (0=No, 1=Break/when Bit25=1) 27 Break on Data-Write (0=No, 1=Break/when Bit25=1) 28 Break on any-jump (0=No, 1=Break on branch/jump/call/etc.) 29 Master Enable for bit28 (..and/or exec-break at address>=80000000h?) 30 Master Enable for bit24-27 31 Super-Master Enable 2 for bit24-29 |
mov rx,[mem] ;load rx from memory ... ;one or more opcodes that do not change rx jmp/call rx ;jump or call to rx |
| Kernel (BIOS) |
| BIOS Overview |
| BIOS Memory Map |
BFC00000h Kernel Part 1 (code/data executed in uncached ROM) BFC10000h Kernel Part 2 (code/data relocated to cached RAM) BFC18000h Intro/Bootmenu (code/data decompressed and relocated to RAM) BFC64000h Character Sets |
BFC00100h Kernel BCD date (YYYYMMDDh) BFC00104h Console Type (see Port 1F802030h, Secondary IRQ10 Controller) BFC00108h Kernel Maker/Version Strings (separated by one or more 00h bytes) BFC7FF32h GUI Version/Copyright Strings (if any) (separated by one 00h byte) |
00000000h 10h Garbage Area (see notes below) 00000010h 30h Unused/reserved 00000040h 20h COP0 debug-break vector (not used by Kernel) (in KSEG0) 00000060h 4 RAM Size (in megabytes) (2 or 8) 00000064h 4 Unknown (set to 00000000h) 00000068h 4 Unknown (set to 000000FFh) 0000006Ch 14h Unused/reserved 00000080h 10h Exception vector (actually in KSEG0, ie. at 80000080h) 00000090h 10h Unused/reserved 000000A0h 10h A(nnh) Function Vector 000000B0h 10h B(nnh) Function Vector 000000C0h 10h C(nnh) Function Vector 000000D0h 30h Unused/reserved 00000100h 58h Table of Tables (BIOS Control Blocks) (see below) 00000158h 28h Unused/reserved 00000180h 80h Command line argument from SYSTEM.CNF; BOOT = fname argument 00000200h 300h A(nnh) Jump Table 00000500h ... Kernel Code/Data (relocated from ROM) 0000Cxxxh ... Unused/reserved 0000DF80h 80h Used for BIOS Patches (ie. used by games, not used by BIOS) 0000DFFCh 4 Response value from Intro/Bootmenu 0000E000h 2000h Kernel Memory; ExCBs, EvCBs, and TCBs allocated via B(00h) |
00010000h ... Begin of User RAM (Exefile, Data, Heap, Stack, etc.) 001FFF00h ... Default Stacktop (usually in KSEG0) 1F800000h 400h Scratchpad (Data-Cache mis-used as Fast RAM) |
00000100h ExCB Exception Chain Entrypoints (addr=var, size=4*08h) 00000108h PCB Process Control Block (addr=var, size=1*04h) 00000110h TCB Thread Control Blocks (addr=var, size=N*C0h) 00000118h - Unused/reserved 00000120h EvCB Event Control Blocks (addr=var, size=N*1Ch) 00000128h - Unused/reserved 00000130h - Unused/reserved 00000138h - Unused/reserved 00000140h FCB File Control Blocks (addr=fixed, size=10h*2Ch) 00000148h - Unused/reserved 00000150h DCB Device Control Blocks (addr=fixed, size=0Ah*50h) |
[00000000h]=3C1A0000h ;<-- but overwritten by 00000003h after soon [00000004h]=275A0C80h ;<-- or 275A0C50h (in older BIOS) [00000008h]=03400008h [0000000Ch]=00000000h |
| BIOS Function Summary |
A(00h) or B(32h) FileOpen(filename,accessmode) A(01h) or B(33h) FileSeek(fd,offset,seektype) A(02h) or B(34h) FileRead(fd,dst,length) A(03h) or B(35h) FileWrite(fd,src,length) A(04h) or B(36h) FileClose(fd) A(05h) or B(37h) FileIoctl(fd,cmd,arg) A(06h) or B(38h) exit(exitcode) A(07h) or B(39h) FileGetDeviceFlag(fd) A(08h) or B(3Ah) FileGetc(fd) A(09h) or B(3Bh) FilePutc(char,fd) A(0Ah) todigit(char) A(0Bh) atof(src) ;Does NOT work - uses (ABSENT) cop1 !!! A(0Ch) strtoul(src,src_end,base) A(0Dh) strtol(src,src_end,base) A(0Eh) abs(val) A(0Fh) labs(val) A(10h) atoi(src) A(11h) atol(src) A(12h) atob(src,num_dst) A(13h) SaveState(buf) A(14h) RestoreState(buf,param) A(15h) strcat(dst,src) A(16h) strncat(dst,src,maxlen) A(17h) strcmp(str1,str2) A(18h) strncmp(str1,str2,maxlen) A(19h) strcpy(dst,src) A(1Ah) strncpy(dst,src,maxlen) A(1Bh) strlen(src) A(1Ch) index(src,char) A(1Dh) rindex(src,char) A(1Eh) strchr(src,char) ;exactly the same as "index" A(1Fh) strrchr(src,char) ;exactly the same as "rindex" A(20h) strpbrk(src,list) A(21h) strspn(src,list) A(22h) strcspn(src,list) A(23h) strtok(src,list) ;use strtok(0,list) in further calls A(24h) strstr(str,substr) - buggy A(25h) toupper(char) A(26h) tolower(char) A(27h) bcopy(src,dst,len) A(28h) bzero(dst,len) A(29h) bcmp(ptr1,ptr2,len) ;Bugged A(2Ah) memcpy(dst,src,len) A(2Bh) memset(dst,fillbyte,len) A(2Ch) memmove(dst,src,len) ;Bugged A(2Dh) memcmp(src1,src2,len) ;Bugged A(2Eh) memchr(src,scanbyte,len) A(2Fh) rand() A(30h) srand(seed) A(31h) qsort(base,nel,width,callback) A(32h) strtod(src,src_end) ;Does NOT work - uses (ABSENT) cop1 !!! A(33h) malloc(size) A(34h) free(buf) A(35h) lsearch(key,base,nel,width,callback) A(36h) bsearch(key,base,nel,width,callback) A(37h) calloc(sizx,sizy) ;SLOW! A(38h) realloc(old_buf,new_siz) ;SLOW! A(39h) InitHeap(addr,size) A(3Ah) SystemErrorExit(exitcode) A(3Bh) or B(3Ch) std_in_getchar() A(3Ch) or B(3Dh) std_out_putchar(char) A(3Dh) or B(3Eh) std_in_gets(dst) A(3Eh) or B(3Fh) std_out_puts(src) A(3Fh) printf(txt,param1,param2,etc.) A(40h) SystemErrorUnresolvedException() A(41h) LoadExeHeader(filename,headerbuf) A(42h) LoadExeFile(filename,headerbuf) A(43h) DoExecute(headerbuf,param1,param2) A(44h) FlushCache() A(45h) init_a0_b0_c0_vectors A(46h) GPU_dw(Xdst,Ydst,Xsiz,Ysiz,src) A(47h) gpu_send_dma(Xdst,Ydst,Xsiz,Ysiz,src) A(48h) SendGP1Command(gp1cmd) A(49h) GPU_cw(gp0cmd) ;send GP0 command word A(4Ah) GPU_cwp(src,num) ;send GP0 command word and parameter words A(4Bh) send_gpu_linked_list(src) A(4Ch) gpu_abort_dma() A(4Dh) GetGPUStatus() A(4Eh) gpu_sync() A(4Fh) SystemError A(50h) SystemError A(51h) LoadAndExecute(filename,stackbase,stackoffset) A(52h) SystemError ----OR---- "GetSysSp()" ? A(53h) SystemError ;PS2: set_ioabort_handler(src) A(54h) or A(71h) CdInit() A(55h) or A(70h) _bu_init() A(56h) or A(72h) CdRemove() ;does NOT work due to SysDeqIntRP bug A(57h) return 0 A(58h) return 0 A(59h) return 0 A(5Ah) return 0 A(5Bh) dev_tty_init() ;PS2: SystemError A(5Ch) dev_tty_open(fcb,and unused:"path\name",accessmode) ;PS2: SystemError A(5Dh) dev_tty_in_out(fcb,cmd) ;PS2: SystemError A(5Eh) dev_tty_ioctl(fcb,cmd,arg) ;PS2: SystemError A(5Fh) dev_cd_open(fcb,"path\name",accessmode) A(60h) dev_cd_read(fcb,dst,len) A(61h) dev_cd_close(fcb) A(62h) dev_cd_firstfile(fcb,"path\name",direntry) A(63h) dev_cd_nextfile(fcb,direntry) A(64h) dev_cd_chdir(fcb,"path") A(65h) dev_card_open(fcb,"path\name",accessmode) A(66h) dev_card_read(fcb,dst,len) A(67h) dev_card_write(fcb,src,len) A(68h) dev_card_close(fcb) A(69h) dev_card_firstfile(fcb,"path\name",direntry) A(6Ah) dev_card_nextfile(fcb,direntry) A(6Bh) dev_card_erase(fcb,"path\name") A(6Ch) dev_card_undelete(fcb,"path\name") A(6Dh) dev_card_format(fcb) A(6Eh) dev_card_rename(fcb1,"path\name1",fcb2,"path\name2") A(6Fh) ? ;card ;[r4+18h]=00000000h ;card_clear_error(fcb) or so A(70h) or A(55h) _bu_init() A(71h) or A(54h) CdInit() A(72h) or A(56h) CdRemove() ;does NOT work due to SysDeqIntRP bug A(73h) return 0 A(74h) return 0 A(75h) return 0 A(76h) return 0 A(77h) return 0 A(78h) CdAsyncSeekL(src) A(79h) return 0 ;DTL-H: Unknown? A(7Ah) return 0 ;DTL-H: Unknown? A(7Bh) return 0 ;DTL-H: Unknown? A(7Ch) CdAsyncGetStatus(dst) A(7Dh) return 0 ;DTL-H: Unknown? A(7Eh) CdAsyncReadSector(count,dst,mode) A(7Fh) return 0 ;DTL-H: Unknown? A(80h) return 0 ;DTL-H: Unknown? A(81h) CdAsyncSetMode(mode) A(82h) return 0 ;DTL-H: Unknown? A(83h) return 0 ;DTL-H: Unknown? A(84h) return 0 ;DTL-H: Unknown? A(85h) return 0 ;DTL-H: Unknown?, or reportedly, CdStop (?) A(86h) return 0 ;DTL-H: Unknown? A(87h) return 0 ;DTL-H: Unknown? A(88h) return 0 ;DTL-H: Unknown? A(89h) return 0 ;DTL-H: Unknown? A(8Ah) return 0 ;DTL-H: Unknown? A(8Bh) return 0 ;DTL-H: Unknown? A(8Ch) return 0 ;DTL-H: Unknown? A(8Dh) return 0 ;DTL-H: Unknown? A(8Eh) return 0 ;DTL-H: Unknown? A(8Fh) return 0 ;DTL-H: Unknown? A(90h) CdromIoIrqFunc1() A(91h) CdromDmaIrqFunc1() A(92h) CdromIoIrqFunc2() A(93h) CdromDmaIrqFunc2() A(94h) CdromGetInt5errCode(dst1,dst2) A(95h) CdInitSubFunc() A(96h) AddCDROMDevice() A(97h) AddMemCardDevice() ;DTL-H: SystemError A(98h) AddDuartTtyDevice() ;DTL-H: AddAdconsTtyDevice ;PS2: SystemError A(99h) AddDummyTtyDevice() A(9Ah) SystemError ;DTL-H: AddMessageWindowDevice A(9Bh) SystemError ;DTL-H: AddCdromSimDevice A(9Ch) SetConf(num_EvCB,num_TCB,stacktop) A(9Dh) GetConf(num_EvCB_dst,num_TCB_dst,stacktop_dst) A(9Eh) SetCdromIrqAutoAbort(type,flag) A(9Fh) SetMemSize(megabytes) |
A(A0h) WarmBoot() A(A1h) SystemErrorBootOrDiskFailure(type,errorcode) A(A2h) EnqueueCdIntr() ;with prio=0 (fixed) A(A3h) DequeueCdIntr() ;does NOT work due to SysDeqIntRP bug A(A4h) CdGetLbn(filename) ;get 1st sector number (or garbage when not found) A(A5h) CdReadSector(count,sector,buffer) A(A6h) CdGetStatus() A(A7h) bu_callback_okay() A(A8h) bu_callback_err_write() A(A9h) bu_callback_err_busy() A(AAh) bu_callback_err_eject() A(ABh) _card_info(port) A(ACh) _card_async_load_directory(port) A(ADh) set_card_auto_format(flag) A(AEh) bu_callback_err_prev_write() A(AFh) card_write_test(port) ;CEX-1000: jump_to_00000000h A(B0h) return 0 ;CEX-1000: jump_to_00000000h A(B1h) return 0 ;CEX-1000: jump_to_00000000h A(B2h) ioabort_raw(param) ;CEX-1000: jump_to_00000000h A(B3h) return 0 ;CEX-1000: jump_to_00000000h A(B4h) GetSystemInfo(index) ;CEX-1000: jump_to_00000000h A(B5h..BFh) N/A ;jump_to_00000000h |
B(00h) alloc_kernel_memory(size) B(01h) free_kernel_memory(buf) B(02h) init_timer(t,reload,flags) B(03h) get_timer(t) B(04h) enable_timer_irq(t) B(05h) disable_timer_irq(t) B(06h) restart_timer(t) B(07h) DeliverEvent(class, spec) B(08h) OpenEvent(class,spec,mode,func) B(09h) CloseEvent(event) B(0Ah) WaitEvent(event) B(0Bh) TestEvent(event) B(0Ch) EnableEvent(event) B(0Dh) DisableEvent(event) B(0Eh) OpenThread(reg_PC,reg_SP_FP,reg_GP) B(0Fh) CloseThread(handle) B(10h) ChangeThread(handle) B(11h) jump_to_00000000h B(12h) InitPad(buf1,siz1,buf2,siz2) B(13h) StartPad() B(14h) StopPad() B(15h) OutdatedPadInitAndStart(type,button_dest,unused,unused) B(16h) OutdatedPadGetButtons() B(17h) ReturnFromException() B(18h) SetDefaultExitFromException() B(19h) SetCustomExitFromException(addr) B(1Ah) SystemError ;PS2: return 0 B(1Bh) SystemError ;PS2: return 0 B(1Ch) SystemError ;PS2: return 0 B(1Dh) SystemError ;PS2: return 0 B(1Eh) SystemError ;PS2: return 0 B(1Fh) SystemError ;PS2: return 0 B(20h) UnDeliverEvent(class,spec) B(21h) SystemError ;PS2: return 0 B(22h) SystemError ;PS2: return 0 B(23h) SystemError ;PS2: return 0 B(24h) jump_to_00000000h B(25h) jump_to_00000000h B(26h) jump_to_00000000h B(27h) jump_to_00000000h B(28h) jump_to_00000000h B(29h) jump_to_00000000h B(2Ah) SystemError ;PS2: return 0 B(2Bh) SystemError ;PS2: return 0 B(2Ch) jump_to_00000000h B(2Dh) jump_to_00000000h B(2Eh) jump_to_00000000h B(2Fh) jump_to_00000000h B(30h) jump_to_00000000h B(31h) jump_to_00000000h B(32h) or A(00h) FileOpen(filename,accessmode) B(33h) or A(01h) FileSeek(fd,offset,seektype) B(34h) or A(02h) FileRead(fd,dst,length) B(35h) or A(03h) FileWrite(fd,src,length) B(36h) or A(04h) FileClose(fd) B(37h) or A(05h) FileIoctl(fd,cmd,arg) B(38h) or A(06h) exit(exitcode) B(39h) or A(07h) FileGetDeviceFlag(fd) B(3Ah) or A(08h) FileGetc(fd) B(3Bh) or A(09h) FilePutc(char,fd) B(3Ch) or A(3Bh) std_in_getchar() B(3Dh) or A(3Ch) std_out_putchar(char) B(3Eh) or A(3Dh) std_in_gets(dst) B(3Fh) or A(3Eh) std_out_puts(src) B(40h) chdir(name) B(41h) FormatDevice(devicename) B(42h) firstfile(filename,direntry) B(43h) nextfile(direntry) B(44h) FileRename(old_filename,new_filename) B(45h) FileDelete(filename) B(46h) FileUndelete(filename) B(47h) AddDevice(device_info) ;subfunction for AddXxxDevice functions B(48h) RemoveDevice(device_name_lowercase) B(49h) PrintInstalledDevices() |
B(4Ah) InitCard(pad_enable) ;uses/destroys k0/k1 !!! B(4Bh) StartCard() B(4Ch) StopCard() B(4Dh) _card_info_subfunc(port) ;subfunction for "_card_info" B(4Eh) write_card_sector(port,sector,src) B(4Fh) read_card_sector(port,sector,dst) B(50h) allow_new_card() B(51h) Krom2RawAdd(shiftjis_code) B(52h) SystemError ;PS2: return 0 B(53h) Krom2Offset(shiftjis_code) B(54h) GetLastError() B(55h) GetLastFileError(fd) B(56h) GetC0Table B(57h) GetB0Table B(58h) get_bu_callback_port() B(59h) testdevice(devicename) B(5Ah) SystemError ;PS2: return 0 B(5Bh) ChangeClearPad(int) B(5Ch) get_card_status(slot) B(5Dh) wait_card_status(slot) B(5Eh..FFh) N/A ;jump_to_00000000h ;CEX-1000: B(5Eh..F6h) only B(100h....) N/A ;garbage ;CEX-1000: B(F7h.....) and up |
C(00h) EnqueueTimerAndVblankIrqs(priority) ;used with prio=1 C(01h) EnqueueSyscallHandler(priority) ;used with prio=0 C(02h) SysEnqIntRP(priority,struc) ;bugged, use with care C(03h) SysDeqIntRP(priority,struc) ;bugged, use with care C(04h) get_free_EvCB_slot() C(05h) get_free_TCB_slot() C(06h) ExceptionHandler() C(07h) InstallExceptionHandlers() ;destroys/uses k0/k1 C(08h) SysInitMemory(addr,size) C(09h) SysInitKernelVariables() C(0Ah) ChangeClearRCnt(t,flag) C(0Bh) SystemError ;PS2: return 0 C(0Ch) InitDefInt(priority) ;used with prio=3 C(0Dh) SetIrqAutoAck(irq,flag) C(0Eh) return 0 ;DTL-H2000: dev_sio_init C(0Fh) return 0 ;DTL-H2000: dev_sio_open C(10h) return 0 ;DTL-H2000: dev_sio_in_out C(11h) return 0 ;DTL-H2000: dev_sio_ioctl C(12h) InstallDevices(ttyflag) C(13h) FlushStdInOutPut() C(14h) return 0 ;DTL-H2000: SystemError C(15h) tty_cdevinput(circ,char) C(16h) tty_cdevscan() C(17h) tty_circgetc(circ) ;uses r5 as garbage txt for ioabort C(18h) tty_circputc(char,circ) C(19h) ioabort(txt1,txt2) C(1Ah) set_card_find_mode(mode) ;0=normal, 1=find deleted files C(1Bh) KernelRedirect(ttyflag) ;PS2: ttyflag=1 causes SystemError C(1Ch) AdjustA0Table() C(1Dh) get_card_find_mode() C(1Eh..7Fh) N/A ;jump_to_00000000h C(80h.....) N/A ;mirrors to B(00h.....) |
SYS(00h) NoFunction() SYS(01h) EnterCriticalSection() SYS(02h) ExitCriticalSection() SYS(03h) ChangeThreadSubFunction(addr) ;syscall with r4=03h, r5=addr SYS(04h..FFFFFFFFh) calls DeliverEvent(F0000010h,4000h) |
BRK(1C00h) Division by zero (commonly checked/invoked by software) BRK(1800h) Division overflow (-80000000h/-1, sometimes checked by software) |
BRK(1h) Whatever lockup or so? BRK(101h) PCInit() Inits the fileserver. BRK(102h) PCCreat(filename, fileattributes) BRK(103h) PCOpen(filename, accessmode) BRK(104h) PCClose(filehandle) BRK(105h) PCRead(filehandle, length, memory_destination_address) BRK(106h) PCWrite(filehandle, length, memory_source_address) BRK(107h) PClSeek(filehandle, file_offset, seekmode) BRK(3C400h) User has typed "break" command in debug console |
| BIOS File Functions |
out: V0 File handle (00h..0Fh), or -1 if error. |
bit0 1=Read ;\These bits aren't actually used by the BIOS, however, at bit1 1=Write ;/least 1 should be set; won't work when all 32bits are zero bit2 1=Exit without waiting for incoming data (when TTY buffer empty) bit9 0=Open Existing File, 1=Create New file (memory card only) bit15 1=Asynchronous mode (memory card only; don't wait for completion) bit16-31 Number of memory card blocks for a new file on the memory card |
seektype 0 = from start of file (with positive offset)
1 = from current file pointer (with positive/negative offset)
2 = Bugs. Should be from end of file.
|
out: V0 Number of bytes actually read, -1 if failed. |
out: V0 Number of bytes written. |
out: R2=character (sign-expanded) or FFFFFFFFh=error |
out: R2=Number of bytes actually written, -1 if failed |
in: A0 Pointer to new directory path (eg. "cdrom:\path") |
00h 14h Filename, terminated with 00h 14h 4 File attribute (always 0 for cdrom) (50h=norm or A0h=del for card) 18h 4 File size 1Ch 4 Pointer to next direntry? (not used?) 20h 4 First Sector Number 24h 4 Reserved (not used) |
00h okay (though many successful functions leave old error code unchanged) 02h file not found 06h bad device port number (tty2 and up) 09h invalid or unused file handle 10h general error (physical I/O error, unformatted, disk changed for old fcb) 11h file already exists error (create/undelete/rename) 12h tried to rename a file from one device to another device 13h unknown device name 16h sector alignment error, or fpos>=filesize, unknown seektype or ioctl cmd 18h not enough free file handles 1Ch not enough free memory card blocks FFFFFFFFh invalid or unused file handle passed to B(55h) function |
| BIOS File Execute and Flush Cache |
load_file A(42h) load_exec A(51h) add_device B(47h) (and all "add_xxx_device" functions) init_card B(4Ah) and by intro/boot code |
| BIOS CDROM Functions |
| BIOS Memory Card Functions |
--- Below are some lower level memory card functions --- |
01h=ready 02h=busy/read 04h=busy/write 08h=busy/info 11h=failed/timeout (eg. when no cartridge inserted) 21h=failed/general error |
| BIOS Interrupt/Exception Handling |
00h 4 r31/ra,pc ;usually ptr to ReturnFromException function 04h 4 r28/sp ;usually exception stacktop, minus 4, for whatever reason 08h 4 r30/fp ;usually 0 0Ch 4x8 r16..r23 ;usually 0 2Ch 4 r28/gp ;usually 0 |
Prio Chain Content 0 CdromDmaIrq, CdromIoIrq, SyscallException 1 CardSpecificIrq, VblankIrq, Timer2Irq, Timer1Irq, Timer0Irq 2 PadCardIrq 3 DefInt |
00h 4 pointer to next element (0=none) ;this pointer is inserted by BIOS 04h 4 pointer to SECOND function (0=none) ;executed if func1 returns r2<>0 08h 4 pointer to FIRST function (0=none) ;executed first 0Ch 4 Not used (usually zero) |
| BIOS Event Functions |
class,spec - triggers if BOTH values match
mode - (1000h=execute function/stay busy, 2000h=no func/mark ready)
func - Address of callback function (0=None) (used only when mode=1000h)
out: R2 = Event descriptor (F1000000h and up), or FFFFFFFFh if failed
|
0000000xh memory card (for file handle fd=x) |
F0000001h IRQ0 VBLANK F0000002h IRQ1 GPU F0000003h IRQ2 CDROM Decoder F0000004h IRQ3 DMA controller F0000005h IRQ4 RTC0 (timer0) F0000006h IRQ5/IRQ6 RTC1 (timer1 or timer2) F0000007h N/A Not used (this should be timer2) F0000008h IRQ7 Controller (joypad/memcard) F0000009h IRQ9 SPU F000000Ah IRQ10 PIO ;uh, does the PIO have an IRQ signal? (IRQ10 is joypad) F000000Bh IRQ8 SIO F0000010h Exception ;CPU crashed (BRK,BadSyscall,Overflow,MemoryError, etc.) F0000011h memory card (lower level BIOS functions) F0000012h memory card (not used by BIOS; maybe used by Sony's devkit?) F0000013h memory card (not used by BIOS; maybe used by Sony's devkit?) |
F1xxxxxxh event (not used by BIOS; maybe used by Sony's devkit?) |
F2000000h Root counter 0 (Dotclock) (hardware timer) F2000001h Root counter 1 (horizontal retrace?) (hardware timer) F2000002h Root counter 2 (one-eighth of system clock) (hardware timer) F2000003h Root counter 3 (vertical retrace?) (this is a software timer) |
F3xxxxxxh user (not used by BIOS; maybe used by games and/or Sony's devkit?) |
F4000001h memory card (higher level BIOS functions) F4000002h libmath (not used by BIOS; maybe used by Sony's devkit?) |
FFxxxxxxh thread (not used by BIOS; maybe used by Sony's devkit?) |
0001h counter becomes zero 0002h interrupted 0004h end of i/o 0008h file was closed 0010h command acknowledged 0020h command completed 0040h data ready 0080h data end 0100h time out 0200h unknown command 0400h end of read buffer 0800h end of write buffer 1000h general interrupt 2000h new device 4000h system call instruction ;SYS(04h..FFFFFFFFh) 8000h error happened 8001h previous write error happened 0301h domain error in libmath 0302h range error in libmath |
1000h Execute callback function, and stay busy (do NOT mark event as ready) 2000h Do NOT execute callback function, and mark event as ready |
| BIOS Event Summary |
F0000003h,10h cdrom DMA finished (all sectors finished) F0000003h,20h cdrom ? F0000003h,40h cdrom dead feature (delivered only by unused functions) F0000003h,80h cdrom INT4 (reached end of disk) F0000003h,100h n/a ? ;undelivered, but not opened, nor delivered F0000003h,200h ;undelivered, but not opened F0000003h,8000h |
0000000xh,4 card file handle (x=fd) done okay F4000001h,4 card done okay (len=0) F4000001h,100h card err busy ;A(A9h) F4000001h,2000h card err eject ;A(AAh) or unformatted (bad "MC" id) F4000001h,8000h card err write ;A(A8h) or A(AEh) or general error |
F0000011h,4 finished okay F0000011h,100h err busy F0000011h,200h n/a ? F0000011h,2000h err F0000011h,8000h err F0000011h,8001h err (this one is NOT undelivered!) |
F2000000h,2 Timer0 (IRQ4) F2000001h,2 Timer1 (IRQ5) F2000002h,2 Timer2 (IRQ6) F2000003h,2 Vblank (IRQ0) (unstable since IRQ0 is also used for joypad) |
F0000001h,1000h ;IRQ0 (VBLANK) F0000002h,1000h ;IRQ1 (GPU) F0000003h,1000h ;IRQ2 (CDROM) F0000004h,1000h ;IRQ3 (DMA) F0000005h,1000h ;IRQ4 (TMR0) F0000006h,1000h ;IRQ5 (TMR1) F0000006h,1000h ;IRQ6 (TMR2) (accidently uses same event as TMR1) F0000008h,1000h ;IRQ7 (joypad/memcard) F0000009h,1000h ;IRQ9 (SPU) F000000Ah,1000h ;IRQ10 (Joypad and PIO) F000000Bh,1000h ;IRQ8 (SIO) |
F0000010h,1000h unknown exception ;neither IRQ nor SYSCALL F0000010h,4000h unknown syscall ;syscall(04h..FFFFFFFFh) |
| BIOS Thread Functions |
| BIOS Timer Functions |
if flags.bit4=0 then mode=0048h else mode=0049h if flags.bit0=0 then mode=mode OR 100h if flags.bit12=1 then mode=mode OR 10h |
| BIOS Joypad Functions |
00h Status (00h=okay, FFh=timeout/wrong ID2) 01h ID1 (eg. 41h=digital_pad, 73h=analogue_pad, 12h=mouse, etc.) 02h..21h Data (max 16 halfwords, depending on lower 4bit of ID1) |
| BIOS GPU Functions |
| BIOS Memory Allocation |
| BIOS Memory Fill/Copy/Compare (SLOW) |
| BIOS String Functions |
",,TEXT,,,END" with list="," returns "", "TEXT", "END" ",,TEXT,,,END" with list=",." returns "", "", "TEXT", "", "", "END" |
| BIOS Number/String/Character Conversion |
| BIOS Misc Functions |
00h Get Kernel BCD Date (eg. 19951204h) (YYYYMMDDh) 01h Get Kernel Flags or so (usually/always 000000003h) 02h Get Kernel Version String (eg. "CEX-3000/1001/1002 by K.S.",0) 03h Get whatever halfword (usually 0) ;PS2: returns cop0r15 04h Get whatever halfword (usually 0) 05h Get RAM Size in kilobytes (usually 2048) ;=[00000060h] SHL 10 06h..0Eh Get whatever halfwords (usually 0,400h,0,200h,0,0,1,1,1) 0Fh N/A (returns zero) ;PS2: returns 0000h (effectively = same as zero) 10h..FFFFFFFFh Not used (returns zero) |
00h 4 r31 (ra) (aka caller's pc) 04h 4 r29 (sp) 08h 4 r30 (fp) 0Ch 4x8 r16..r23 2Ch 4 r28 (gp) |
| BIOS Internal Boot Functions |
| BIOS More Internal Functions |
A(5Bh) dev_tty_init() ;PS2: SystemError A(5Ch) dev_tty_open(fcb,and unused:"path\name",accessmode) ;PS2: SystemError A(5Dh) dev_tty_in_out(fcb,cmd) ;PS2: SystemError A(5Eh) dev_tty_ioctl(fcb,cmd,arg) ;PS2: SystemError A(5Fh) dev_cd_open(fcb,"path\name",accessmode) A(60h) dev_cd_read(fcb,dst,len) A(61h) dev_cd_close(fcb) A(62h) dev_cd_firstfile(fcb,"path\name",direntry) A(63h) dev_cd_nextfile(fcb,direntry) A(64h) dev_cd_chdir(fcb,"path") A(65h) dev_card_open(fcb,"path\name",accessmode) A(66h) dev_card_read(fcb,dst,len) A(67h) dev_card_write(fcb,src,len) A(68h) dev_card_close(fcb) A(69h) dev_card_firstfile(fcb,"path\name",direntry) A(6Ah) dev_card_nextfile(fcb,direntry) A(6Bh) dev_card_erase(fcb,"path\name") A(6Ch) dev_card_undelete(fcb,"path\name") A(6Dh) dev_card_format(fcb) A(6Eh) dev_card_rename(fcb1,"path\name1",fcb2,"path\name2") A(6Fh) ? ;card ;[r4+18h]=00000000h ;card_clear_error(fcb) or so A(96h) AddCDROMDevice() A(97h) AddMemCardDevice() A(98h) AddDuartTtyDevice() ;PS2: SystemError A(99h) AddDummyTtyDevice() B(47h) AddDevice(device_info) ;subfunction for AddXxxDevice functions B(48h) RemoveDevice(device_name_lowercase) B(5Bh) ChangeClearPad(int) ;pad AND card (ie. used also for Card) C(15h) tty_cdevinput(circ,char) C(16h) tty_cdevscan() C(17h) tty_circgetc(circ) ;uses r5 as garbage txt for ioabort C(18h) tty_circputc(char,circ) |
Castlevania is trying to access an unknown device named "sim:". Caetla (a firmware replacement for Cheat Devices) supports "pcdrv:" device. |
| BIOS PC File Server |
out: V0 0 = success, -1 = failure
V1 file handle or error code if V0 is negative
|
bit0 Read only file (R) bit1 Hidden file (H) bit2 System file (S) bit3 Not used (zero) bit4 Directory (D) bit5 Archive file (A) bit6-31 Not used (zero) |
out: V0 0 = success, -1 = failure
V1 file handle or error code if V0 is negative
|
out: V0 0 = success, -1 = failure
V1 0 = success, error code if V0 is negative
|
out: V0 0 = success, -1 = failure
V1 number of read bytes or error code if V0 is negative.
|
out: V0 0 = success, -1 = failure
V1 number of written bytes or error code if V0 is negative.
|
out: V0 0 = success, -1 = failure
V1 file pointer
|
| BIOS TTY Console (std_io) |
in: A0 Pointer to 0 terminated string
A1,A2,A3,[SP+10h..] Argument(s)
|
c display ASCII character s display ASCII string i,d,D display signed Decimal number (d/i=default32bit, D=force32bit) u,U display unsigned Decimal number (u=default32bit, U=force32bit) o,O display unsigned Octal number (o=default32bit, O=force32bit) p,x,X display unsigned Hex number (p=lower/force32bit, x=lower, X=upper) n write 32bit/16bit string length to [parameter] (default32bit) |
+ or SPC show leading plus or space character in positive signed numbers NNN fixed width (for padding or so) (first digit must be 1..9) (not 0) .NNN fixed width (for clipping or so) * variable width (using one of the parameters) (negative=ending_spc) .* variable width - force ending space padding (in case of width being specified) # show leading "0x" or "0X" (hex), or ensure 1 leading zero (octal) 0 show leading zero's L unknown/no effect? h,l force 16bit (h=halfword), or 32bit (l=long/word) |
in: R4=address of string (terminated by 00h) |
in: r4=dst (pointer to a 128-byte buffer) - out: r2=dst (same is incoming r4) |
call output_post_r4 ;\output POST(E) +mov r4,0Eh ;/ mov r1,0A0010000h ;\set [0A000B9B0h]=0 ;TTY=dummy/off call reset_cont_d_3 ; and call reset_cont_d_3 +mov [r1-4650h],0 ;/ |
mov r1,1h ;\set [0A000B9B0h]=1 ;TTY=duart/on call reset_cont_d_3 ; and call reset_cont_d_3 +mov [r28-4650h-0ff0h],r1 ;/ |
| BIOS Character Sets |
In: r4 = 16bit Shift-JIS character code Out: r2 = address in BIOS ROM of the desired character (or -1 = error) |
In: r4 = 16bit Shift-JIS character code Out: r2 = offset within charset (without charset base address) |
BFC64000h Charset 1 (16x15 pix, letters with accent marks) (NOT in JAPAN) BFC65CB6h Garbage (four-and-a-half reverb tables, ioports, printf strings) BFC66000h Charset 2 (16x15 pix, various alphabets, english, greek, etc.) BFC69D68h Charset 3 (16x15 pix, japanese or chinese symbols or so) BFC7F8DEh Charset 4 (8x15 pix, mainly ASCII letters) BFC7FE6Fh Charset 5 (8x15 pix, additional punctuation marks) (NOT in PS2) BFC7FF32h Version (Version and Copyright strings) (NOT in SCPH1000) BFC7FF8Ch Charset 6 (8x15 pix, seven-and-a-half japanese chars) (NOT in PS2) BFC80000h End (End of 512kBYTE BIOS ROM) |
| BIOS Control Blocks |
00h 4 ptr to first element of exception chain 04h 4 not used (zero) |
00h 4 class (events are triggered when class and spec match) 04h 4 status (0=free,1000h=disabled,2000h=enabled/busy,4000h=enabled/ready) 08h 4 spec (events are triggered when class and spec match) 0Ch 4 mode (1000h=execute function/stay busy, 2000h=no func/mark ready) 10h 4 ptr to function to be executed when ready (or 0=none) 14h 8 not used (uninitialized) |
00h 4 status (1000h=Free TCB, 4000h=Used TCB) 04h 4 not used (set to 1000h by OpenThread) (not for boot executable?) 08h 80h r0..r31 (entries for r0/zero and r26/k0 are unused) 88h 4 cop0r14/epc (aka r26/k0 and pc when returning from exception) 8Ch 8 hi,lo (the mul/div registers) 94h 4 cop0r12/sr (stored/restored by exception, NOT init by OpenThread) 98h 4 cop0r13/cause (stored when entering exception, NOT restored on exit) 9Ch 24h not used (uninitialized) |
00h 4 ptr to TCB of current thread |
00h 4 status (0=Free FCB) (nonzero=accessmode)
04h 4 cdrom: disk_id (checksum across path table of the corresponding disk),
memory card: port number (00h=slot1, 10h=slot2)
08h 4 transfer address (for dev_in_out function)
0Ch 4 transfer length (for dev_in_out function)
10h 4 current file position
14h 4 device flags (copy of DCB[04h])
18h 4 error ;used by B(55h) - GetLastFileError(fd)
1Ch 4 Pointer to DCB for the file
20h 4 filesize
24h 4 logical block number (start of file) (for cdrom: at least)
28h 4 file control block number (simply 0..15 for FCB number 0..15)
|
00h 4 ptr to lower-case short name ("cdrom", "bu", "tty") (or 0=Free DCB)
04h 4 device flags (cdrom=14h, bu=14h, tty/dummy=1, tty/duart=3)
08h 4 sector size (cdrom=800h, bu=80h, tty=1)
0Ch 4 ptr to upper-case long name ("CD-ROM", "MEMORY CARD", "CONSOLE")
10h 4 ptr to init() (TTY only)
14h 4 ptr to open(fcb,"path\name",accessmode)
18h 4 ptr to in_out(fcb,cmd) (TTY only)
1Ch 4 ptr to close(fcb)
20h 4 ptr to ioctl(fcb,cmd,arg) (TTY only)
24h 4 ptr to read(fcb,dst,len)
28h 4 ptr to write(fcb,src,len)
2Ch 4 ptr to erase(fcb,"path\name")
30h 4 ptr to undelete(fcb,"path\name")
34h 4 ptr to firstfile(fcb,"path\name",direntry)
38h 4 ptr to nextfile(fcb,direntry)
3Ch 4 ptr to format(fcb)
40h 4 ptr to chdir(fcb,"path") (CDROM only)
44h 4 ptr to rename(fcb1,"path\name1",fcb2,"path\name2")
48h 4 ptr to remove()
4Ch 4 ptr to testdevice(fcb,"path\name")
|
| BIOS Versions |
28-Jul-1994 "DTL-H2000" ;v0.x (pre-retail devboard) 22-Sep-1994 "CEX-1000 KT-3 by S.O." ;v1.0 through v2.0 no-new-date "CEX-3000 KT-3 by K.S." ;v2.1 only (old Port 1F801060h) 04-Dec-1995 "CEX-3000/1001/1002 by K.S." ;v2.2 through v4.5 (except v4.0) 29-May-1997 "CEX-7000/-7001 by K.S. " ;v4.0 only (new Port 1F801010h) 17-Jan-2000 "PS compatible mode by M.T." ;v5.0 (Playstation 2) |
Ver CRC32 Used in System ROM Version Kernel 0.xj 18D0F7D8 DTL-H2000 (no version string) dtlh2000 1.0j 3B601FC8 SCPH-1000 and DTL-H1000 (no version string) cex1000 1.1j 3539DEF6 SCPH-3000 and DTL-H1000H "1.1 01/22/95" "" 2.0a 55847D8C DTL-H1001 "2.0 05/07/95 A" "" 2.0e 9BB87C4B SCPH-1002 and DTL-H1002 "2.0 05/10/95 E" "" 2.1j BC190209 SCPH-3500 "2.1 07/17/95 J" cex3000 2.1a AFF00F2F SCPH-1001 and DTL-H1101 "2.1 07/17/95 A" "" 2.1e 86C30531 SCPH-1002 and DTL-H1102 "2.1 07/17/95 E" "" 2.2j 24FC7E17 SCPH-5000 and DTL-H1200 "2.2 12/04/95 J" cex3000/100x 2.2a 37157331 SCPH-1001 and DTL-H1201/3001 "2.2 12/04/95 A" "" 2.2e 1E26792F SCPH-1002 and DTL-H1202/3002 "2.2 12/04/95 E" "" 2.2v 446EC5B2 SCPH-5903 (VCD, 1Mbyte) "2.2 12/04/95 J" "" 2.2d DECB22F5 DTL-H1100 "2.2 03/06/96 D" "" 3.0j FF3EEB8C SCPH-5500 "3.0 09/09/96 J" "" 3.0a 8D8CB7E4 SCPH-5501/7003 "3.0 11/18/96 A" "" 3.0e D786F0B9 SCPH-5502/5552 "3.0 01/06/97 E" "" 4.0j EC541CD0 SCPH-7000/9000 "4.0 08/18/97 J" cex7000 4.1w B7C43DAD SCPH-7000W ...XXX... 4.1a 502224B6 SCPH-7001/7501/7503/9001 "4.1 12/16/97 A" cex3000/100x 4.1e 318178BF SCPH-7002/7502/9002 "4.1 12/16/97 E" "" 4.3j F2AF798B SCPH-100 (PSone) "4.3 03/11/00 J" "" 4.4a 6A0E22A0 SCPH-101 (PSone) "4.4 03/24/00 ..XXX.. 4.4e 0BAD7EA9 SCPH-102 (PSone) "4.4 03/24/00 E" "" 4.5a 171BDCEC SCPH-101 (PSone) "4.5 05/25/00 A" "" 4.5e 76B880E5 SCPH-102 (PSone) "4.5 05/25/00 E" "" 5.0t B7EF81A9 SCPH10000 (Playstation 2) "5.0 01/17/00 T" PS compatible |
| BIOS Patches |
240A00B0 mov r10,0B0h ;\ 00000000 nop
0140F809 call r10 ; 00000000 nop
24090056 +mov r9,56h ;/ 241A0100 mov k0,100h
3C0Axxxx mov r10,xxxx0000h ;\ 8F5A0008 mov k0,[k0+8h]
3C09xxxx mov r9,xxxx0000h ; 00000000 nop
8C420018 mov r2,[r2+06h*4] ;=C(06h) ; 8F5A0000 mov k0,[k0]
254Axxxx add r10,xxxxh ;=@@new_data ; 00000000 nop
2529xxxx add r9,xxxxh ;=@@new_data_end ;/ 235A0008 addt k0,8h
@@copy_lop: ;\ AF410004 mov [k0+4h],r1
8D430000 mov r3,[r10] ; AF420008 mov [k0+8h],r2
254A0004 add r10,4h ; AF43000C mov [k0+0Ch],r3
24420004 add r2,4h ; AF5F007C mov [k0+7Ch],ra
1549FFFC jne r10,r9,@@copy_lop ; 40026800 mov r2,cop0r13
AC43FFFC +mov [r2-4h],r3 ;/ 00000000 nop
|
240A00B0 mov r10,0B0h ;\ 00000000 nop
0140F809 call r10 ; 00000000 nop
24090056 +mov r9,56h ;/ 241A0100 mov k0,100h
3C1Axxxx mov k0,xxxx0000h ;\ 8F5A0008 mov k0,[k0+8h]
3C1Bxxxx mov k1,xxxx0000h ; 00000000 nop
8C420018 mov r2,[r2+06h*4] ;=C(06h) ; 8F5A0000 mov k0,[k0]
275Axxxx add k0,xxxxh ;=@@new_data ; 00000000 nop
277Bxxxx add k1,xxxxh ;=@@new_data_end ;/ 235A0008 addt k0,8h
@@copy_lop: ;\ AF410004 mov [k0+4h],r1
8F430000 mov r3,[k0] ; AF420008 mov [k0+8h],r2
275A0004 add k0,4h ; AF43000C mov [k0+0Ch],r3
24420004 add r2,4h ; AF5F007C mov [k0+7Ch],ra
175BFFFC jne k0,k1,@@copy_lop ; 40026800 mov r2,cop0r13
AC43FFFC +mov [r2-4h],r3 ;/ 00000000 nop
|
24090056 mov r9,56h ;\
240A00B0 mov r10,0B0h ; B(56h) GetC0Table
0140F809 call r10 ;
00000000 +nop ;/
8C420018 mov r2,[r2+06h*4] ;=00000C80h = exception_handler = C(06h)
00000000 nop
24420028 add r2,28h
00407821 mov r15,r2
3C0Axxxx lui r10,xxxxh ;\@@ori_data ;\
254Axxxx add r10,xxxxh ;/ ;
3C09xxxx lui r9,xxxxh ;\@@ori_data_end ; @@ori_data:
2529xxxx add r9,xxxxh ;/ ; AF410004 mov [k0+4h],r1
@@verify_lop: ; AF420008 mov [k0+8h],r2
8D430000 mov r3,[r10] ; AF43000C mov [k0+0Ch],r3
8C4B0000 mov r11,[r2] ; AF5F007C mov [k0+7Ch],ra
254A0004 add r10,4h ; 40037000 mov r3,cop0r14
146B000E jne r3,r11,@@verify_mismatch ; 00000000 nop
24420004 +add r2,4h ;
1549FFFA jne r10,r9,@@verify_lop ;
00000000 +nop ;/
01E01021 mov r2,r15
3C0Axxxx lui r10,xxxxh ;\@@new_data ;\
254Axxxx add r10,xxxxh ;/ ;
3C09xxxx lui r9,xxxxh ;\@@new_data_end ; @@new_data:
2529xxxx add r9,xxxxh ;/ ; AF410004 mov [k0+4h],r1
@@copy_lop: ; AF420008 mov [k0+8h],r2
8D430000 mov r3,[r10] ; 40026800 mov r2,cop0r13
00000000 nop ; AF43000C mov [k0+0Ch],r3
AC430000 mov [r2],r3 ; 40037000 mov r3,cop0r14
254A0004 add r10,4h ; AF5F007C mov [k0+7Ch],ra
1549FFFB jne r10,r9,@@copy_lop ;
24420004 +add r2,4h ;/
@@verify_mismatch:
|
;BUG1: 8bit "movb r6" should be 32bit "mov r6"
;BUG2: @@copy_lop should transfer 6 words (not 7 words)
;BUG3: and, asides, the minimum demo works only with PAL BIOS (not NTSC)
0xxxxxxx call xxxxxxxxh ;\B(56h) GetC0Table
00000000 +nop ;/(mov r8,0B0h, jmp r8, +mov r9,56h)
3C04xxxx mov r4,xxxx0000h ;\@@ori_data
2484xxxx add r4,xxxxh ;/
90460018 movb r6,[r2+06h*4] ;BUG1 ;exception_handler = C(06h)
24870018 add r7,r4,18h ;@@ori_end ;\
24C50028 add r5,r6,28h ;C(06h)+28h ;
00A03021 mov r6,r5 ; @@ori_data:
@@verify_lop: ; 80086520 AF410004 mov [k0+4h],r1
8CA30000 mov r3,[r5] ; 80086524 AF420008 mov [k0+8h],r2
8C820000 mov r2,[r4] ; 80086528 AF43000C mov [k0+0Ch],r3
00000000 nop ; 8008652C AF5F007C mov [k0+7Ch],ra
1462000C jne r3,r2,@@verify_mismatch ; 80086530 40037000 mov r3,cop0r14
24840004 +add r4,4h ; 80086534 00000000 nop
1487FFFA jne r4,r7,@@verify_lop ; @@ori_end:
24A50004 +add r5,4h ;/
00C02821 mov r5,r6 ;\ @@new_data:
3C04xxxx mov r4,xxxx0000h ;\@@new_data; 80086538 AF410004 mov [k0+4h],r1
2484xxxx add r4,xxxxh ;/ ; 8008653C AF420008 mov [k0+8h],r2
2483001C add r3,r4,1Ch ;@@bugged_end ; 80086540 40026800 mov r2,cop0r13
@@copy_lop: ; 80086544 AF43000C mov [k0+0Ch],r3
8C820000 mov r2,[r4] ; 80086548 40037000 mov r3,cop0r14
24840004 add r4,4h ; 8008654C AF5F007C mov [k0+7Ch],ra
ACA20000 mov [r5],r2 ; @@new_end:
1483FFFC jne r4,r3,@@copy_lop ; 80086550 00000000 nop ;BUG2
24A50004 +add r5,4h ;/ @@bugged_end:
@@verify_mismatch:
|
24090056 mov r9,56h ;\ ; @@new_data:
240A00B0 mov r10,0B0h ; B(56h) GetC0Table ;3C02A001 lui r2,0A001h
0140F809 call r10 ; ;2442DFAC sub r2,2054h
00000000 +nop ;/ ;00400008 jmp r2 ;=@@new_cont_d
8C420018 mov r2,[r2+06h*4] ;\get C(06h) ;00000000 +nop ;=A000DFACh
00000000 nop ;/ ;00000000 nop
8C430070 mov r3,[r2+70h] ;\ ; @@new_data_end:
00000000 nop ; get ; @@new_cont_d:
3069FFFF and r9,r3,0FFFFh ; early_card ;8C621074 mov r2,[r3+1074h]
00094C00 shl r9,10h ; irq_handler ;00000000 nop
8C430074 mov r3,[r2+74h] ; ;30420080 and r2,80h ;I_STAT.7
00000000 nop ; ;1040000B jz r2,@@ret
306AFFFF and r10,r3,0FFFFh ;/ ;00000000 +nop
012A1821 add r3,r9,r10 ; @@wait_lop:
24620028 add r2,r3,28h ;=early+28h ;8C621044 mov r2,[r3+1044h]
3C0Axxxx lui r10,xxxxh ;\@@new_data ;00000000 nop
254Axxxx sub r10,xxxxh ;/ ;30420080 and r2,80h ;JOY_STAT.7
3C09xxxx lui r9,xxxxh ;\@@new_data_end ;1440FFFC jnz r2,@@wait_lop
2529xxxx sub r9,xxxxh ;/ ;00000000 +nop
@@copy_lop: ;3C020001 lui r2,0001h
8D430000 mov r3,[r10] ;8C42DFFC mov r2,[r2-2004h]
00000000 nop ;00000000 nop
AC430000 mov [r2],r3 ;00400008 jmp r2 ;=[0000DFFCh]
254A0004 add r10,4h ;00000000 +nop
1549FFFB jne r10,r9,@@copy_lop ; @@ret:
24420004 +add r2,4h ;03E00008 ret
3C010001 lui r1,0001h ;\[DFFCh]=r2 ;00000000 +nop
0xxxxxxx call xxxxxxxxh ; and call ... ;
AC22DFFC +mov [r1-2004h],r2 ;/ ;
|
240A00B0 mov r10,0B0h ;\ ; @@new_data:
0140F809 call r10 ; B(56h) GetC0Table ;3C02xxxx lui r2,8xxxh
24090056 +mov r9,56h ;/ ;2442xxxx sub r2,xxxxh
8C420018 mov r2,[r2+06h*4] ;\get C(06h) ;00400008 jmp r2 ;=@@new_cont_d
00000000 nop ;/ ;00000000 +nop ;=8xxxxxxxh
8C430070 mov r3,[r2+70h] ;\ ;00000000 nop
00000000 nop ; get ; @@new_data_end:
3069FFFF and r9,r3,0FFFFh ; early_card ; @@new_cont_d:
8C430074 mov r3,[r2+74h] ; irq_handler ;8C621074 mov r2,[r3+1074h]
00094C00 shl r9,10h ; ;00000000 nop
306AFFFF and r10,r3,0FFFFh ; ;30420080 and r2,80h ;I_STAT.7
012A1821 add r3,r9,r10 ;/ ;1040000B jz r2,@@ret
3C0Axxxx mov r10,xxxx0000h ;00000000 +nop
3C09xxxx mov r9,xxxx0000h ; @@wait_lop:
24620028 add r2,r3,28h ;=early+28h ;8C621044 mov r2,[r3+1044h]
254Axxxx sub r10,xxxxh ;=@@new_data ;00000000 nop
2529xxxx sub r9,xxxxh ;=@@new_data_end ;30420080 and r2,80h ;JOY_STAT.7
@@copy_lop: ;1440FFFC jnz r2,@@wait_lop
8D430000 mov r3,[r10] ;00000000 +nop
254A0004 add r10,4h ;3C02xxxx lui r2,8xxxh
24420004 add r2,4h ;8C42xxxx mov r2,[r2-xxxxh]
1549FFFC jne r10,r9,@@copy_lop ;00000000 nop
AC43FFFC +mov [r2-4h],r3 ;00400008 jmp r2 ;=[8xxxxxxxh]
3C018xxx mov r1,8xxx0000h ;\[...]=r2, ;00000000 +nop
0xxxxxxx call xxxxxxxxh ; and call ... ; @@ret:
AC22xxxx +mov [r1+xxxxh],r2 ;/ ;03E00008 ret
... ;00000000 +nop
|
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(56h) GetC0Table
24090056 +mov r9,56h ;/
3C0Axxxx mov r10,xxxx0000h
3C09xxxx mov r9,xxxx0000h
8C420018 mov r2,[r2+06h*4] ;=00000C80h = exception_handler = C(06h)
254Axxxx add r10,xxxxh ;@@new_data
2529xxxx add r9,xxxxh ;@@new_data_end
@@copy_lop: ;\ @@new_data:
8D430000 mov r3,[r10] ; 00000000 nop
254A0004 add r10,4h ; 00000000 nop
24420004 add r2,4h ; 00000000 nop
1549FFFC jne r10,r9,@@copy_lop ; @@new_data_end:
AC43006C +mov [r2+70h-4],r3 ;/
|
24090056 mov r9,56h ;\
240A00B0 mov r10,0B0h ; B(56h) GetC0Table
0140F809 call r10 ;
00000000 +nop ;/
8C420018 mov r2,[r2+06h*4] ;=00000C80h = exception_handler = C(06h)
3C0Axxxx mov r10,xxxx0000h ;\@@new_data
254Axxxx add r10,xxxxh ;/
3C09xxxx mov r9,xxxx0000h ;\@@new_data_end
2529xxxx add r9,xxxxh ;/
@@copy_lop: ;\
8D430000 mov r3,[r10] ; @@new_data:
00000000 nop ; 00000000 nop
AC430070 mov [r2+70h],r3 ; 00000000 nop
254A0004 add r10,4h ;src ; 00000000 nop
1549FFFB jne r10,r9,@@copy_lop ; @@new_data_end:
24420004 +add r2,4h ;dst ;/
|
24090057 mov r9,57h ;\ ; @@new_data:
240A00B0 mov r10,0B0h ; B(57h) GetB0Table ; 3C08A001 lui r8,0A001h
0140F809 call r10 ;/ ; 2508DF80 sub r8,2080h
00000000 +nop ; 0100F809 call r8 ;=A000DF80h
8C42016C mov r2,[r2+5Bh*4] ;B(5Bh) ; 00000000 +nop
00000000 nop ; 00000000 nop
8C4309C8 mov r3,[r2+9C8h] ;blah ; @@new_data_end:
3C0Axxxx lui r10,xxxxh ;\@@new_data ; 946F000A movh r15,[r3+0Ah]
254Axxxx sub r10,xxxxh ;/ ; 3C080000 mov r8,0h
3C09xxxx lui r9,xxxxh ;\@@new_data_end ; 01E2C025 or r24,r15,r2
2529xxxx sub r9,xxxxh ;/ ; 37190012 or r25,r24,12h
@@copy_lop: ; A479000A movh [r3+0Ah],r25
8D480000 mov r8,[r10] ; 24080028 mov r8,28h
00000000 nop ; @@wait_lop:
AC4809C8 mov [r2+9C8h],r8 ;B(5Bh)+9C8h.. ; 2508FFFF sub r8,1h
254A0004 add r10,4h ; 1500FFFE jnz r8,@@wait_lop
1549FFFB jne r10,r9,@@copy_lop ; 00000000 +nop
24420004 +add r2,4h ; 03E00008 ret ;above delay is
... ; 00000000 +nop ;in UNCACHED RAM
|
240A00B0 mov r10,0B0h ;\ ; @@swap_begin:
0140F809 call r10 ; B(57h) GetB0Table ; 3C088xxx lui r8,8xxxh
24090057 +mov r9,57h ;/ ; 2508xxxx sub r8,xxxxh
8C42016C mov r2,[r2+5Bh*4] ;B(5Bh) ; 0100F809 call r8 ;=8xxxxxxxh
3C0Axxxx mov r10,xxxx0000h ; 00000000 +nop
3C09xxxx mov r9,xxxx0000h ; 00000000 nop
8C4309C8 mov r3,[r2+9C8h] ;blah ; @@swap_end:
254Axxxx sub r10,xxxxh ;=@@swap_begin ; ;- - -
2529xxxx sub r9,xxxxh ;=@@swap_end ; 00000000 nop
@@swap_lop: ; 240800C8 mov r8,0C8h
8C4309C8 mov r3,[r2+9C8h] ;B(5Bh)+9C8h.. ; @@wait_lop:
8D480000 mov r8,[r10] ; 2508FFFF sub r8,1h
254A0004 add r10,4h ; 1500FFFE jnz r8,@@wait_lop
AD43FFFC mov [r10-4h],r3 ; 00000000 +nop
24420004 add r2,4h ; 03E00008 ret ;above delay is
1549FFFA jne r10,r9,@@swap_lop ; 00000000 +nop ;in CACHED RAM
AC4809C4 +mov [r2+9C4h],r8 ;
|
24090057 mov r9,57h ;\ 240A00B0 mov r10,0B0h ; B(57h) GetB0Table 0140F809 call r10 ; 00000000 +nop ;/ 240A0009 mov r10,9h ;=blah 8C42016C mov r2,[r2+5Bh*4] ;=B(5Bh) 00000000 nop 20431988 addt r3,r2,1988h ;=B(5Bh)+1988h ;\store a NOP, 0xxxxxxx call xxxxxxxxh ; and call ... AC600000 +mov [r3],0 ;=nop ;/ |
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(57h) GetB0Table
24090057 +mov r9,57h ;/
8C42016C mov r2,[r2+5Bh*4] ;=B(5Bh)
3C01xxxx mov r1,xxxx0000h
20430884 addt r3,r2,884h ;B(5Bh)+884h
AC23xxxx mov [r1+xxxxh],r3 ;<--- SetPadEnableFlag()
3C01xxxx mov r1,xxxx0000h
20430894 addt r3,r2,894h ;B(5Bh)+894h
2409000B mov r9,0Bh ;len
AC23xxxx mov [r1+xxxxh],r3 ;<--- ClearPadEnableFlag()
@@fill_lop: ;\
2529FFFF sub r9,1h ;
AC400594 mov [r2+594h],0 ;B(5Bh)+594h.. ; erase error handling
1520FFFD jnz r9,@@fill_lop ;
24420004 +add r2,4h ;/
|
24090057 mov r9,57h ;\
240A00B0 mov r10,0B0h ; B(57h) GetB0Table
0140F809 call r10 ;
00000000 +nop ;/
8C42016C mov r2,[r2+5Bh*4]
2409000B mov r9,0Bh ;len
20430884 addt r3,r2,884h
3C01xxxx mov r1,xxxx0000h
AC23xxxx mov [r1+xxxxh],r3 ;<--- SetPadEnableFlag()
20430894 addt r3,r2,894h
3C01xxxx mov r1,xxxx0000h
AC23xxxx mov [r1+xxxxh],r3 ;<--- ClearPadEnableFlag()
@@fill_lop: ;\
AC400594 mov [r2+594h],0 ;
24420004 add r2,4h ; erase error handling
2529FFFF sub r9,1h ;
1520FFFC jnz r9,@@fill_lop ;
00000000 +nop ;/
|
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(57h) GetB0Table
24090057 +mov r9,57h ;/
8C42016C mov r2,[r2+5Bh*4] ;=B(5Bh)
2409000B mov r9,0Bh ;len ;\
@@fill_lop: ;
2529FFFF sub r9,1h ; erase error handling
AC400594 mov [r2+594h],0 ;B(5Bh)+594h.. ;
1520FFFD jnz r9,@@fill_lop ;
24420004 +add r2,4h ;/
|
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(57h) GetB0Table
24090057 +mov r9,57h ;/
8C42016C mov r2,[r2+5Bh*4] ;B(5Bh)
3C0Axxxx mov r10,xxxx0000h
3C09xxxx mov r9,xxxx0000h
3C01xxxx mov r1,xxxx0000h
204307A0 addt r3,r2,7A0h ;B(5Bh)+7A0h
254Axxxx add r10,xxxxh ;=@@new_data
2529xxxx add r9,xxxxh ;=@@new_data_end
AC23xxxx mov [r1-xxxxh],r3 ;<--- SetPadOutput(src1,blah1,src2,blah2)
@@double_copy_lop: ;\
8D430000 mov r3,[r10] ; @@new_data:
254A0004 add r10,4h ; 00551024 and r2,r21
AC4303D8 mov [r2+3D8h],r3 ;<--- here ; 00000000 nop
24420004 add r2,4h ; 00000000 nop
1549FFFB jne r10,r9,@@double_copy_lop ; 00000000 nop
AC4304DC +mov [r2+4DCh],r3 ;<--- here ;/ @@new_data_end:
|
24090057 mov r9,57h ;\
240A00B0 mov r10,0B0h ; B(57h) GetB0Table
0140F809 call r10 ;
00000000 +nop ;/
3C0Axxxx mov r10,xxxx0000h
254Axxxx add r10,xxxxh ;=@@new_data
3C09xxxx movp r9,xxxx0000h
2529xxxx add r9,xxxxh ;=@@new_data_end
8C42016C mov r2,[r2+5Bh*4] ;B(5Bh)
00000000 nop
204307A0 addt r3,r2,7A0h ;B(5Bh)+7A0h
3C01xxxx mov r1,xxxx0000h
AC23xxxx mov [r1+xxxxh],r3 ;<--- SetPadOutput(src1,blah1,src2,blah2)
@@double_copy_lop: ;\
8D430000 mov r3,[r10] ; @@new_data:
00000000 nop ; 00551024 and r2,r21
AC4303D8 mov [r2+3D8h],r3 ; 00000000 nop
AC4304E0 mov [r2+4E0h],r3 ; 00000000 nop
24420004 add r2,4h ; 00000000 nop
254A0004 add r10,4h ; @@new_data_end:
1549FFF9 jne r10,r9,@@double_copy_lop ;
00000000 +nop ;/
|
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(57h) GetB0Table
24090057 +mov r9,57h ;/
8C42016C mov r2,[r2+5Bh*4] ;=B(5Bh)
240A0009 mov r10,9h ;len ;\
2043062C addt r3,r2,62Ch ;=B(5Bh)+62Ch ;
@@fill_lop: ;
254AFFFF sub r10,1h ;
AC600000 mov [r3],0 ;
1540FFFD jnz r10,@@fill_lop ;
24630004 +add r3,4h ;/
|
24090057 mov r9,57h ;\
240A00B0 mov r10,0B0h ; B(57h) GetB0Table
0140F809 call r10 ;
00000000 +nop ;/
240A0009 mov r10,9h ;len
8C42016C mov r2,[r2+5Bh*4]
00000000 nop
2043062C addt r3,r2,62Ch
@@fill_lop: ;\
AC600000 mov [r3],0 ;
24630004 add r3,4h ;
254AFFFF sub r10,1h ;
1540FFFC jnz r10,@@fill_lop ;
00000000 +nop ;/
|
240A00B0 mov r10,0B0h ;\
0140F809 call r10 ; B(56h) GetC0Table
24090056 +mov r9,56h ;/
3C0Axxxx mov r10,xxxx0000h ;src
3C09xxxx mov r9,xxxx0000h ;src.end
8C420018 mov r2,[r2+06h*4] ;C(06h)
254Axxxx add r10,xxxxh ;src
2529xxxx add r9,xxxxh ;src.end (=src+10h)
@@copy_lop: ;\ ; @@src:
8D430000 mov r3,[r10] ; ;3C02xxxx mov r2,xxxx0000h
254A0004 add r10,4h ; ;2442xxxx add r2,xxxxh
24420004 add r2,4h ; ;0040F809 call r2 ;lightgun_proc
1549FFFC jne r10,r9,@@copy_lop ; ;00000000 +nop
AC43007C +mov [r2+80h-4],r3 ;/ @@src_end:
|
24090056 mov r9,56h ;\
240A00B0 mov r10,0B0h ; B(56h) GetC0Table
0140F809 call r10 ;
00000000 +nop ;/
8C420018 mov r2,[r2+06h*4] ;=00000C80h = exception_handler = C(06h)
3C0Axxxx mov r10,xxxx0000h ;\@@new_data (3xNOP)
254Axxxx add r10,-xxxxh ;/
3C09xxxx mov r9,xxxx0000h ;\@@new_data_end
2529xxxx add r9,-xxxxh ;/
@@copy_lop: ;\
8D430000 mov r3,[r10] ; @@new_data: ;for (un-)install...
00000000 nop ; 00000000 nop / 3C02xxxx mov r2,xxxx0000h
AC430080 mov [r2+80h],r3 ; 00000000 nop / 2442xxxx add r2,-xxxxh
254A0004 add r10,4h ; 00000000 nop / 0040F809 call r2 ;proc
1549FFFB jne r10,r9,@@copy_lop ; @@new_data_end:
24420004 +add r2,4h ;/
|
8C030474 mov r3,[200h+(9Dh*4)] ;\get ptr to A(9Dh) GetConf (done so, 00000000 nop ;/as there's no "GetA0Table" funtion) 94620000 movh r2,[r3+0h] ;lui msw ;\ 84630004 movhs r3,[r3+4h] ;lw lsw+8 ; extract ptr to "boot_cnf_values" 00021400 shl r2,10h ;msw*10000h ; (from first 2 opcodes of GetConf) 2442FFF8 sub r2,8h ;undo +8 ; 00431021 add r2,r3 ;lsw ;/ AC450000 mov [r2+0h],r5 ;num_TCB ;\set num_EvCB,num_TCB,stacktop AC440004 mov [r2+4h],r4 ;num_EvCB ; (unlike A(9Ch) SetConf, without 03E00008 ret ; actually reallocting anything) AC460008 +mov [r2+8h],r6 ;stacktop ;/ |
| Arcade Cabinets |
Namco System 11, System 12 (and System 10?) Capcom/Sony ZN-1, ZN-2 Konami GV, Konami GQ Taito FX-1A, Taito FX-1B Atlus PSX, PS Arcade 95, Tecmo TPS |
| Cheat Devices |
First Digit Usage 3,8 Same for Gameshark & Xplorer (for Xplorer: can be encrypted) 1,2,C,D,E Gameshark 4,6,7,9,B,F Xplorer 0,5 Meaning differs for Gameshark & Xplorer A Unused |
| Cheat Devices - Datel I/O |
1F000000h-1F01FFFFh R/W Flash (first 128K) 1F020010h R Comms Link STB pin state (bit0) 1F020018h R Switch Setting (bit0: 0=Off, 1=On) 1F040000h-1F05FFFFh R/W Flash (second 128K) + feedback area (see below) 1F060000h R Comms Link data in (byte) 1F060008h W Comms Link data out (byte, pulses ACK to Comms Link) |
1f000000-1f01ffff ROM. Change in bank switching. 1f020000-1f03ffff ROM. Change in bank switching. 1f040000-1f05ffff whopping RAM. It is able to use. 1f060000-1f06003f I/O. Intently mirror to the subsequent 1f07ffff. |
1f060000 for reception. (1f060000 use only.) All bytes same treatment like.
It is 01h in the state that does not connected anything.
1f060008 for transmission. (1f060008 use only.) This is ffh in the state
that does not connected anything.
1f060010 during data reception it will stand the least significant bit.
Usually is fe.
1f060018 state of the push button. In not pressed and fefefefefefefefe,
it will Ost ffffffffffffffff.
1f060020 I think 1f060020 unused. It is ffffffffffffffff.
1f060028 I think 1f060028 unused. It is ffffffffffffffff.
1f060030 bank switching. 1 put and run-time of the ROM, and changes to the
3's and the start-up of the ROM.
1f060038 would be what? It is lbu. Like there is a meaning bits 0 and 1.
It was fcfcfcfcfcfcfcfc. I think that it is bank cult.
|
| Cheat Devices - Datel DB25 Comms Link Protocol |
Repeatedly send 8bit "W", until receiving "R" Repeatedly send 8bit "B", until receiving "W" Send 8bit command "X" (upload/exec) or "U" (upload/flash), and receive ECHO Send 32bit ADDRESS, and receive ECHO or "BX" (bad command) Send 32bit LENGTH, and receive ECHO Send DATA[LENGTH], and receive ECHO Send 16bit CHECKSUM, and receive ECHO (for upload/flash and if checksum was good, PSX will now BURN ADDR,LENGTH) Send 16bit DUMMY, and receive "OK"/"BC"/"BF" (okay, bad chksum, bad flash) (for upload/exec and if checksum was good, PSX will now CALL ADDR) (thereafter, PAR2.0 and up will reboot via jmp BFC00000h) |
| Cheat Devices - Datel Chipset Pinouts |
PSX Expansion cards: PCB Controller FLASH DB25 spotted by DATEL REF 1215 GAL + 74HC245 128K+128K yes Type79 DATEL REF 1288 DATEL ASIC1 256K yes nocash DATEL xxx? GAL + PIC + HC245 128K yes CharlesMacD noname? GAL + 74HC245 256K+0K yes Type79 DATEL REF 1324 lots of chips? lots? no CyrusDevX DATEL REF 1326 lots of chips? lots? yes Type79 PS-121 ZISAN GAL + PIC? + HC245 128K yes Kryptonick Comms Link ISA cards: PCB Chipset spotted by DATEL COMMS LINK, XXX? blurry SMD chipset? lowres photo DATEL REF 1113, IBM SATURN LINK 1x74HC74, 2x74HC373, 1xXXX? Type79 EMS, PCCOM 1x74HC74, 2x74HC373, 1xXXX? jokergameth DIY Alternatives to Comms Link FiveWire ;simple hardware mod for use with parallel ports, for SPP/EPP FreeWing ;parallel port adaptor, lots of 74xxx TTL chips, for SPP/EPP ExStand ;parallel port adaptor, lots of 74xxx TTL chips, for EPP CommLinkUSB ;USB adaptor, Buy-and-Diy technology (adafruit/teensy based) |
Label: "EQUALIZER, EVEN THE ODDS" (sticker on outside of case) Case: "DATEL ENGLAND" (printed inside of case) PCB: "DATEL REF1288 SONY SONYPSX2meg" U: 44pin "DATEL, ASIC1, A8B1944A, 9832" ;custom logic chip U: 32pin "SST, 29EE020, 150-4C-NH, 981918-D" ;256Kx8 EEPROM U: 8pin "83BA, LM78L, 05ACM" ;5V voltage regulator CN: 25pin DB25 connector (for Comms Link ISA card) CN: 68pin PSX expansion port connector SW: 3pin Switch |
7 D0 18 DB25.2.DATA0 29 D0 (same as pin7) 40 A3
8 D1 19 DB25.3.DATA1 30 EERPROM./WE 41 A4
9 D2 20 DB25.4.DATA2 31 /WR 42 /EXP
10 GND 21 GND 32 GND 43 GND
11 D3 22 DB25.5.DATA3 33 /RD 44 A17
12 D4 23 DB25.6.DATA4 34 /MODE ("jumper") 1 A18
13 D5 24 DB25.7.DATA5 35 VCC 2 GND
14 VCC 25 VCC 36 DB25.11.ACK 3 VCC
15 D6 26 DB25.8.DATA6 37 ? 4 EEPROM./OE
16 VCC 27 DB25.9.DATA7 38 VCC 5 DB25.10.STB
17 D7 28 EEPROM./CS 39 ? 6 SWITCH
|
1-NC 8-NC 15-NC 22-NC 2-FBIN 9-CPU.A4 16-GNDed 23-FLASH./WE 3-CPU.A17 10-CPU./EXP 17-DB25.pin10 (PAR.STB) 24-FBOUT 4-CPU./WR 11-CPU.A3 18-FLASH./CS 25-FLASH./OE (and BUF.DIR) 5-CPU./RD 12-CPU.A5 19-DB25.pin11 (PAR.ACK) 26-BUF./EN 6-CPU.A18 13-SWITCH 20-CPU.D0 27-unused 7-CPU.A20 14-GND 21-FLASH.A17 28-VCC |
1-FBIN 7-CPU.A4.NC? 13-GNDed 19-FLASH./WE 2-PIC.RC1 8-CPU./EXP.NC? 14-PAR.STB 20-FBOUT 3-CPU./WR 9-CPU.A3 15-PIC.RA0 21-BUF.DIR 4-CPU./RD 10-CPU.A2 16-PAR.ACK 22-BUF./OE 5-CPU.A18 11-SWITCH 17-CPU.D0 23-PIC.RC0 6-CPU.A17 12-GND 18-FLASH./OE 24-VCC |
1-FBIN 6-CPU.A17 11-CPU.A2 16-FBOUT 2-SWITCH 7-CPU.A4.NC? 12-PAR.ACK 17-CPU.A20 3-CPU./WR 8-CPU./EXP.NC? 13-CPU.D0 18-PAR.STB 4-CPU./RD 9-CPU.A3 14-FLASH./OE 19-BUF./OE 5-CPU.A18 10-GND 15-FLASH./WE 20-VCC |
1-/STATUS 7-ISA.A6 13-JP2 19-NC 2-ISA.A1 8-ISA.A7 14-ISA.A9 20-PCWR 3-ISA.A2 9-ISA.A8 15-NC 21-/PCRD 4-ISA.A3 10-ISA.AEN 16-ISA./IOW 22-NC 5-ISA.A4 11-JP1 17-/IRQ 23-ISA./IOR 6-ISA.A5 12-GND 18-ISA.D0 24-VCC |
Pin Parallel Port CommsLink (PC) cable PAR (PSX) 1 /STB ----> "strobe" ----.---o-------------o-- -- NC 2-9 DATA <-/----> DATA <-- | --o-------------o-------> DATA 10 /ACK <---- "strobe" ----'---o-------------o-------> "strobe" 11 BUSY <---- "ack" <-------o-------------o-------- "ack" 12 PE <---- NC -- --o-------------o-- -- NC 13 SLCT <---- NC -- --o-------------o-- -- NC 14 /AUTOLF ----> NC -- --o-------------o--. .-- GNDed 15 /ERROR <---- NC -- --o-------------o--. .-- GNDed 16 /INIT ----> NC -- --o-------------o--. .-- GNDed 17 /SELECT ----> GNDed --. .--o-------------o--. .-- GNDed 18-25 GND ----- GND --'--'--o-------------o--'--'-- GND |
disconnect DB25.pin14,15,16,17 from GND (may require to desolder the DB25) repair any GND connections that were "routed through" above pins wire DB25.pin1./STB to DB25.pin10./ACK wire DB25.pin16./INIT to PSX.EXPANSION.pin2./RESET wire DB25.pin15./ERROR to PSX.EXPANSION.pin28.A20 wire DB25.pin13.SLCT to PSX.EXPANSION.pin62.A21 wire DB25.pin12.PE to PSX.EXPANSION.pin29.A22 |
| Cheat Devices - Datel Cheat Code Format |
30aaaaaa 00dd ;-8bit Write [aaaaaa]=dd 80aaaaaa dddd ;-16bit Write [aaaaaa]=dddd |
D0aaaaaa dddd ;-16bit/Equal If dddd=[aaaaaa] then (exec next code) D1aaaaaa dddd ;-16bit/NotEqual If dddd<>[aaaaaa] then (exec next code) D2aaaaaa dddd ;-16bit/Less If dddd<[aaaaaa] then (exec next code) D3aaaaaa dddd ;-16bit/Greater If dddd>[aaaaaa] then (exec next code) E0aaaaaa 00dd ;-8bit/Equal If dd=[aaaaaa] then (exec next code) E1aaaaaa 00dd ;-8bit/NotEqual If dd<>[aaaaaa] then (exec next code) E2aaaaaa 00dd ;-8bit/Less If dd<[aaaaaa] then (exec next code) E3aaaaaa 00dd ;-8bit/Greater If dd>[aaaaaa] then (exec next code) 10aaaaaa dddd ;-16bit Increment [aaaaaa]=[aaaaaa]+dddd 11aaaaaa dddd ;-16bit Decrement [aaaaaa]=[aaaaaa]-dddd 20aaaaaa 00dd ;-8bit Increment [aaaaaa]=[aaaaaa]+dd 21aaaaaa 00dd ;-8bit Decrement [aaaaaa]=[aaaaaa]-dd |
D4000000 dddd ;-Buttons/If If dddd=JoypadButtons then (exec next code) D5000000 dddd ;-Buttons/On If dddd=JoypadButtons then (turn on all codes) D6000000 dddd ;-Buttons/Off If dddd=JoypadButtons then (turn off all codes) C0aaaaaa dddd ;-If/On If dddd=[aaaaaa] (turn on all codes) |
5000nnbb dddd ;\Slide Code aka Patch Code aka Serial Repeater aaaaaaaa ??ee ;/for i=0 to nn-1, [aaaaaaaa+(i*bb)]=dddd+(i*??ee), next i 00000000 0000 ;-Dummy (do nothing?) needed between slides (CD version only) |
C1000000 nnnn ;-Delays activation of codes by nnnn (4000-5000 = 20-30 sec) C2ssssss nnnn ;\Copy ssss bytes from 80ssssss to 80tttttt 80tttttt 0000 ;/ |
C3aaaaaa 0000 ;\Indirect 8bit Write [[aaaaaa]+bbbb]=dd 9100bbbb 000000dd ;/ C3aaaaaa 0001 ;\Indirect 16bit Write [[aaaaaa]+bbbb]=dddd (Tomb Raider 2) 9100bbbb 0000dddd ;/ C3aaaaaa 0002 ;\Indirect 32bit Write [[aaaaaa]+bbbb]=dddddddd 9100bbbb dddddddd ;/ FFFFFFFF 0001 ;-Optional prefix for GameShark 2.2 codes(force non-caetla) 12aaaaaa dddddddd ;-32bit Increment [aaaaaa]=[aaaaaa]+dddddddd 22aaaaaa dddddddd ;-32bit Decrement [aaaaaa]=[aaaaaa]-dddddddd |
| Cheat Devices - Xplorer Memory and I/O Map |
1F000000h-1F03FFFFh.RW First 256K of FLASH (fixed mapping) 1F040000h-1F05FFFFh.RW Map-able: 2x128K FLASH or 4x128K SRAM (if any) 1F060000h-1F060007h.xx I/O Ports 1F060008h-1F06FFFFh Mirrors of I/O at 1F060000h..1F060007h 1F070000h-1F07FFFFh Unused (open bus) |
1F005555h.W FLASH Cmd 1st/3rd byte ;\for first FLASH chip
1F002AAAh.W FLASH Cmd 2nd byte ;/
1F045555h.W FLASH Cmd 1st/3rd byte ;\for 2nd FLASH chip (if any)
1F042AAAh.W FLASH Cmd 2nd byte ;/
1F060000h.R I/O - Switch Setting (bit0: 0=Off, 1=On)
1F060001h.R I/O - 8bit Data from PC (bit0-7)
1F060001h.W I/O - 8bit Latch (Data to PC, and Memory Mapping)
0 DB25.pin13.SLCT ;\
1 DB25.pin12.PE ; used for data to PC
2 DB25.pin11.BUSY ;/
3 DB25.pin10./ACK ;-used for handshake to PC
4 Memory Mapping (0=EEPROM, 1=SRAM)
5 Memory Mapping (EEPROM A17 when A18=1)
6 Memory Mapping (SRAM A17 or SRAM CE2)
7 Memory Mapping (SRAM A18 or NC)
1F060002h.R I/O - Handshake from PC (bit0) (DB25.pin17./SEL)
1F060005h.W I/O - Unknown (used by Xplorer v4.52, set to 03h)
1F060006h.R I/O - Unknown (used by Xplorer v4.52, bit0 used)
1F060007h.R I/O - Unknown (used by Xplorer v4.52, bit0 used)
|
| Cheat Devices - Xplorer DB25 Parallel Port Function Summary |
GetByteByAddr32 Tx(5702h,Addr32), Rx(Data8) OldMenuBuReadFile Tx(5703h), TxFilename, RxDataFFEEh OldMenuBuDeleteFile Tx(5704h), TxFilename OldMenuBuWriteFile Tx(5705h), TxFilename, TxFiledata OldMenuBuGetFileHdr Tx(5706h), TxFilename, Rx(00h,00h), RxTurbo, Rx(02h) OldMenuBuOpenEvents Tx(5707h) SetCop0Breakpoint Tx(5708h,Addr32,Mask32,Ctrl32) ;Menu: Dummy? OldMenuBuCopyFile Tx(5709h), TxFilename ;to other memcard OldMenuBuFormat Tx(570Ah,Port8) OldMenuBuGetStatus2x Tx(570Bh), Rx(Stat8,Stat8) ;\different in old/new NewMenuBuGetStatus1x Tx(570Bh,Port8), Rx(Stat8) ;/ MenuGetSetFlag Tx(570Ch), Rx(Flag8) ;get old flg, then set flg=01h NewMenuBuReadSector Tx(570Dh,Port8,Sector16), Rx(Data[80h]) NewMenuBuWriteSector Tx(570Eh,Port8,Sector16,Data[80h]) NewRawExecute Tx(570Fh,Addr32) ;call Addr MidMenuBuggedExecJump Tx(5710h,ORra32,ORgp32,ORsp32,pc32) ;aka r31,r28,r29,pc MidMenuSendComment Tx(5711h,Len8,AsciiMessage[Len]) NewMenuFillVram Tx(5712h,Xloc32,Yloc32,Xsiz32,Ysiz32,FillValue32) NewGetVram Tx(5713h,Xloc32,Yloc32), Rx(Data[800h]) ;32x32pix NewGetSetIrqMask Tx(5714h), Rx(OldMask16), Tx(NewMask16) ;Menu: Dummy NewSetVram Tx(5715h,Xloc8,Yloc8,Data[800h]) ;X/Y=div32 ;32x32pix NewMenuGetFlgAndOrVal Tx(5716h), Rx(00h, or 01h,Val32) ;\ NewMenuGetTwoValues Tx(5717h), Rx(Val32,Val32) ; NewMenu... Tx(5718h), ... ; NewMenuGet2kGarbage Tx(5719h,Dummy32), Rx(Garbage[800h]) ; whatever NewMenuGetSomeValue Tx(571Ah), Rx(Val32) ; NewMenu... Tx(571Bh,Data[4]) ;similar to 5763h ; NewMenuNoLongerSupp. Tx(571Ch) ;probably WAS supported someday ;/ GameAddCheatCode Tx(5741h,Addr32,Data16), Rx(Index8) MenuReBootKernel Tx(5742h) ;jumps to BFC00000h GameDelCheatCode Tx(5744h,Index8) GetMem Tx(5747h,Addr32,Len32), Rx(Data[Len]), TxRxChksum Lock/Freeze Tx(574Ch) OldMenuBuGetDirectory Tx(574Dh), RxTurbo MenuTestDB25Handshake Tx(574Eh), ... MenuOptimalGetMem Tx(574Fh,Addr32,Len32), RxFaster(Data[Len]), TxRxChksum OldMenuGetWhatever Tx(5750h), RxDataFFEEh ;-whatever Release/Unfreeze Tx(5752h) SetMem Tx(5753h,Addr32,Len32,Data[Len]), TxRxChksum TurboGetMem Tx(5754h,Addr32,Len32), RxFast(Data[Len]), TxRxChksum MenuSetMemAndBurnFirm Tx(5755h,Addr32,Len32,Data[Len]), TxRxChksum ;burnFlash GetStateGameOrMenu Tx(5757h), Rx(47h=Game, or 58h=Menu) SetMemAndExecute Tx(5758h,Addr32,Len32,Data[Len]), TxRxChksum ;call Addr NewMenu... Tx(5763h,Val32) ;similar to 571Bh ;-whatever GetByteByAddr24 Tx(5767h,Addr24), Rx(Data8) NewMenuBuggedExecJump Tx(577Ah,ORra32,ORgp32,ORsp32,pc32) ;formerly 5710h NewMenuFlashAndReboot Tx(57C7h,Dest32,Len32,DataXorD3h[Len]) |
| Cheat Devices - Xplorer DB25 Parallel Port Command Handler |
OLD Explorer Firmware: Call command handler ONCE (in MENU mode)
NEW Explorer Firmware: Call command handler TWICE (in MENU mode)
if SWITCH=ON or [80000030h]="WHB." then
NEW Explorer Firmware: Call command handler ONCE AGAIN (in MENU mode)
Install Mid-Boot hook
endif
|
Call command handler ONCE (in MENU mode) alongsides with each joypad read |
Install GAME mode hook for the B(17h) ReturnFromException() handler OLD Explorer Firmware: Call command handler ONCE (still in MENU mode) NEW Explorer Firmware: Call command handler ONCE (already in GAME mode) |
if SWITCH=ON
Call command handler ONCE (in GAME mode) upon each B(17h)
And, process game cheat codes (if any) upon each B(17h)
endif
|
| Cheat Devices - Xplorer DB25 Parallel Port Low Level Transfer Protocol |
Output 8bit data to DATA0-7 (DB25.pin2-9) ;-Send Data (D0-D7) Output /SEL=HIGH (DB25.pin17) ;\Handshake High Wait until /ACK=HIGH (DB25.pin10) ;/ Output /SEL=LOW (DB25.pin17) ;\Handshake Low Wait until /ACK=LOW (DB25.pin10) ;/ |
Wait until /ACK=HIGH (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 1st Part (D6,D7,HIGH) Output /SEL=HIGH (DB25.pin17) ;/ Wait until /ACK=LOW (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 2nd Part (D3,D4,D5) Output /SEL=LOW (DB25.pin17) ;/ Wait until /ACK=HIGH (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 3rd Part (D0,D1,D2) Output /SEL=HIGH (DB25.pin17) ;/ Wait until /ACK=LOW (DB25.pin10) ;\4th Part (ver,LOW,LOW) Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; (ver=LOW for v1.091) Output /SEL=LOW (DB25.pin17) ;/ (ver=HIGH for v4.52) Wait until all 4bits LOW (DB25.pin13,12,11,10);-xlink95 fails if not |
Wait for BUSY=LOW (DB25.pin11) Output DATA = 00h (DB25.pin2-9) Wait for BUSY=HIGH (DB25.pin11) Output DATA = ECh (DB25.pin2-9) |
Wait for /ACK transition (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 1st Part (D6,D7,LOW) Output DATA = 02h (DB25.pin2-9) ;/ Wait for /ACK transition (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 2nd Part (D3,D4,D5) Output DATA = 04h (DB25.pin2-9) ;/ Wait for /ACK transition (DB25.pin10) ;\ Get 3bit from SLCT,PE,BUSY (DB25.pin13,12,11) ; 3rd Part (D0,D1,D2) Output DATA = 01h (DB25.pin2-9) ;/ |
Output DATA = 00h ;<-- crap (DB25.pin2-9) ;-BUGGY, but REQUIRED |
Get 4bit from SLCT,PE,BUSY,/ACK (DB25.pin13,12,11,10);\1st Part (D4,D5,D6,D7) Output DATA = 00h (DB25.pin2-9) ;/ Get 4bit from SLCT,PE,BUSY,/ACK (DB25.pin13,12,11,10);\2nd Part (D0,D1,D2,D3) Output DATA = 01h (DB25.pin2-9) ;/ |
Tx(chkMsb), Rx(chkMsb), Tx(chkLsb), Rx(chkLsb), Rx("OK" or "CF" or "BG")
|
Rx(Addr32), Tx(Addr32,Len32,Data[Len]), TxRxChksum |
Rx(Filename[26h]) ;-name from TxFilename, echo'ed back Rx(Addr32) ;-buffer address for fragments Tx(NumFragments8) ;-number of fragments Tx(Addr32,Len32,Data[Len]), TxRxChksum ;<-- repeat this for each fragment Rx(FileHandle8) ;-ending dummy byte (filehandle) |
Rx(FFEEh,"W",Len32,Data[Len] ;<-- can be repeated for several fragments Rx(FFEEh,"CA") ;<-- End Code (after last fragment) |
Rx(Addr32), Tx(Addr32,Len32), RxFast(Data[Len]), TxRxChksum |
| Cheat Devices - Xplorer Versions |
Xploder (Germany/USA) Xplorer (England/Spain/Netherlands) X-Terminator (Japan) |
V1/V2/V3 normal boards (256K EEPROM, no SRAM, no DB25 resistor) FX/DX extended boards (512K EEPROM, 128K SRAM, with DB25 resistor) PRO meaningless suffix |
1) PXT6 ;original board 2) Nameless ;with alternate solder pads for smaller SRAM/GAL 3) PXT6-3 ;with alternate solder pads for smaller SRAM/GAL and 2nd EEPROM |
- FX carts have some extra components & more memory installed. (needed for "bigger" firmwares, mainly needed for the X-Assist add-on) - FLASH chips from different manufacturers can occassionally cause problems (eg. older software not knowing how to program newer FLASH chips). - DB25 transfer protocol has some changed commands in each firmware version (and most transfer tools tend to rely on such commands, so most tools will fail unless the cart is flashed with a certain firmware version). |
| Cheat Devices - Xplorer Chipset Pinouts |
1 IN0 (DB25.pin17./SEL) 2 IN1 (PSX.pin14.A0) 3 IN2 (PSX.pin48.A1) 4 IN3 (PSX.pin15.A2) 5 IN4 (74373.pin15.Q5) 6 IN5 (PSX.pin4./EXP) 7 IN6 (74373.pin12.Q4) 8 IN7 (PSX.pin26.A16) (EEPROM.pin2.A16) (SRAM.pin2.A16) (10000h) 9 IN8 (PSX.pin60.A17) (20000h) 10 IN9 (PSX.pin27.A18) (EEPROM.pin1.A18 or NC) (40000h) 11 IN10 (PSX.pin30./RD) 12 GND --- 13 IN11 (GND) 14 IN12 (/SWITCH_ON) 15 IO (74373.pin11.LE) 16 IO (PSX.pin6.D0) 17 IO (SRAM./CE.pin22) 18 IO (EEPROM2./CE.pin22) (for 2nd EEPROM chip, if any) 19 IO (EEPROM1./CE.pin22) (for 1st EEPROM chip) 20 IO (NC) (reportedly has wire?) 21 IO (EEPROM.pin30.A17) (reportedly A14 ?) 22 IO (74245.pin19./E) 23 IN13 (PSX.pin64./WR) (SRAM.29, EEPROM.31) 24 VCC |
1 /OE (GND) 2 Q0 (DB25.pin13.SLCT) 3 D0 (PSX) 4 D1 (PSX) 5 Q1 (DB25.pin12.PE) 6 Q2 (DB25.pin11.BUSY) 7 D2 (PSX) 8 D3 (PSX) 9 Q3 (DB25.pin10./ACK) 10 GND 11 LE (GAL.pin15.LatchEnable) 12 Q4 (GAL.pin7) (0=EEPROM, 1=SRAM) 13 D4 (PSX) 14 D5 (PSX) 15 Q5 (GAL.pin5) (EEPROM bank 2/3) 16 Q6 (SRAM.pin30.A17 or CE2) 17 D6 (PSX) 18 D7 (PSX) 19 Q7 (SRAM.pin1.A18 or NC) 20 VCC |
1 DIR (GNDed) 2 D7 (PSX) 3 D6 (PSX) 4 D5 (PSX) 5 D4 (PSX) 6 D3 (PSX) 7 D2 (PSX) 8 D1 (PSX) 9 D0 (PSX) 10 GND 11 D0 (DB25.pin2) 12 D1 (DB25.pin3) 13 D2 (DB25.pin4) 14 D3 (DB25.pin5) 15 D4 (DB25.pin6) 16 D5 (DB25.pin7) 17 D6 (DB25.pin8) 18 D7 (DB25.pin9) 19 /E (GAL.pin22) 20 VCC |
1 5V (VCC) 2 GND (GND) 3 7.5V (PSX.pin18,52) |
OFF NC COM PAL.pin14 (with 10K pull-up to VCC) ON GND |
1 In /STB (NC) 2 In DATA0 (74245.pin11) 3 In DATA1 (74245.pin12) 4 In DATA2 (74245.pin13) 5 In DATA3 (74245.pin14) 6 In DATA4 (74245.pin15) 7 In DATA5 (74245.pin16) 8 In DATA6 (74245.pin17) 9 In DATA7 (74245.pin18) 10 Out /ACK (74373.Q3) 11 Out BUSY (74373.Q2) 12 Out PE (74373.Q1) 13 Out SLCT (74373.Q0) --- 14 In /LF (NC) 15 Out /ERR (VCC via 0.47ohm) (installed only on carts with SRAM) 16 In /INIT (NC) 17 In /SEL (GAL.IN0.pin1) 18..25 GND (Ground) |
| Cheat Devices - Xplorer Cheat Code Format |
3taaaaaa 00dd ;-8bit write [aaaaaa]=dd 8taaaaaa dddd ;-16bit write [aaaaaa]=dddd 00aaaaaa dddd ;-32bit write [aaaaaa]=0000dddd <-- not "0taaaaaa dddd" ? 4t000000 000x ;-Slow Motion (delay "x" whatever/ns,us,ms,frames?) 7taaaaaa dddd ;-IF [aaaaaa]=dddd then <execute following code> 9taaaaaa dddd ;-IF [aaaaaa]<>dddd then <execute following code> Ftaaaaaa dddd ;-IF [aaaaaa]=dddd then activate "other selected" codes (uh?) 5taaaaaa ?nnn ;\ d0d1d2d3 d4d5 ; write "?nnn" bytes to [aaaaaa] ;ordered d0,d1,d2... ? d6d7d8.. .... ;/ 6t000000 nnnn ;\COP0 hardware breakpoint aaaaaaaa cccc ; aaaaaaaa=break_address, mmmmmmmm=break_mask mmmmmmmm d0d1 ; nnnn=num_bytes (d0,d1,d2,etc.), cccc=break_type (see below) d2d3d4.. .... ;/ B?nnbbbb eeee ;\Slide/Patch Code, with unclear end: "end=?nn+/-1" ? 10aaaaaa dddd ;/for i=0 to end, [aaaaaa+(i*bbbb)]=dddd+(i*eeee), next i C0aaaaaa dddd ;-garbage/mirror of 70aaaaaa dddd ? ;\or maybe meant to be D0aaaaaa dddd ;-garbage/mirror of 70aaaaaa dddd ? ;/same as on GameShark? |
E180 (instruction gotton by CPU but not yet implemented) (uh, gotton what?) EE80 (data to be read or written) ;<--looks okay E680 (data to be read) ;<--looks okay EA80 (data to be wrtten) ;<--looks okay EF80 (instruction) ;<-- looks crap, should be probably E180 |
| Cheat Devices - Xplorer Cheat Code and ROM-Image Decryption |
key = x[0] and 07h ;'''''''' AABBCCDD EEFF '''''''';
x[0] = x[0] xor key ; / / / \ \ \ ;
if key=0 ; x[0] --' / / \ \ '-- x[5] ;
;unencrypted (keep as is) ; x[1] ---' / \ '--- x[4] ;
elseif key=4 ; x[2] ----' '----- x[3] ;
x[1] = x[1] xor (025h) ;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,;
x[2] = x[2] xor (0FAh + (x[1] and 11h))
x[3] = x[3] xor (0C0h + (x[2] and 11h) + (x[1] xor 12h))
x[4] = x[4] xor (07Eh + (x[3] and 11h) + (x[2] xor 12h) + x[1])
x[5] = x[5] xor (026h + (x[4] and 11h) + (x[3] xor 12h) + x[2] + x[1])
elseif key=5
x[1] = (x[1] + 057h) ;"W"ayne
x[2] = (x[2] + 042h) ;"B"eckett
x[3] = (x[3] + 031h) ;"1"
x[4] = (x[4] + 032h) ;"2"
x[5] = (x[5] + 033h) ;"3"
elseif key=6
x[1] = (x[1] + 0ABh) xor 01h
x[2] = (x[2] + 0ABh) xor 02h
x[3] = (x[3] + 0ABh) xor 03h
x[4] = (x[4] + 0ABh) xor 04h
x[5] = (x[5] + 0ABh) xor 05h
elseif key=7
x[5] = x[5] + 0CBh
x[4] = x[4] + 0CBh + (x[5] and 73h)
x[3] = x[3] + 05Ah + (x[4] and 73h) - (x[5] xor 90h)
x[2] = x[2] + 016h + (x[3] and 73h) - (x[4] xor 90h) + x[5]
x[1] = x[1] + 0F5h + (x[2] and 73h) - (x[3] xor 90h) + x[4] + x[5]
else
error ;(key=1,2,3)
endif
|
for i=0 to romsize-1
x=45h
y=(i and 37h) xor 2Ch
if (i and 001h)=001h then x=x xor 01h
if (i and 002h)=002h then x=x xor 01h
if (i and 004h)=004h then x=x xor 06h
if (i and 008h)=008h then x=x xor 04h
if (i and 010h)=010h then x=x xor 18h
if (i and 020h)=020h then x=x xor 30h
if (i and 040h)=040h then x=x xor 60h
if (i and 080h)=080h then x=x xor 40h
if (i and 100h)=100h then x=x xor 80h
if (i and 006h)=006h then x=x xor 0ch
if (i and 00Eh)=00Eh then x=x xor 08h
if (i and 01Fh)>=016h then x=x-10h
rom[i]=(rom[i] XOR x)+y
next i
|
| Cheat Devices - FLASH/EEPROMs |
[5555h]=AAh, [2AAAh]=55h, [5555h]=A0h, [addr..]=byte(s) ;write page [5555h]=AAh, [2AAAh]=55h, [5555h]=90h, id=[0000h..0001h] ;enter id mode [5555h]=AAh, [2AAAh]=55h, [5555h]=F0h ;exit id mode [5555h]=AAh, [2AAAh]=55h, [5555h]=80h ;erase chip, step 1 [5555h]=AAh, [2AAAh]=55h, [5555h]=10h ;erase chip, step 2 |
Wait 10us (around 340 cpu cycles on PSX) ;-step 1, hardcoded delay Wait until [addr]=[addr] ;-step 2, check toggle bit Wait until [addr]=data ;-step 3, check data |
Enter Chip ID mode (at 1F000000h) Compare 400h bytes at 1F000000h vs 1F020000h If different --> assume Datel PAR1/PAR2 hardware If same --> assume Xplorer hardware (or Datel PAR3, whatever that is) Exit Chip ID mode (at 1F000000h) |
Enter Chip ID mode (at 1F000000h) Read the two ID bytes (at 1F00000xh) Exit Chip ID mode (at 1F000000h) |
If cart=xplorer AND 1st_chip=256K --> might have a 2nd 256K chip If cart=datel AND 1st_chip=128K --> might have a 2nd 128K chip |
Enter Chip ID (at 1F000000h) and Enter Chip ID (at 1F400000h) ;id1+id2 Exit Chip ID (at 1F000000h) and Enter Chip ID (at 1F400000h) ;id2 Exit Chip ID (at 1F400000h) and Enter Chip ID (at 1F000000h) ;id1 Exit Chip ID (at 1F400000h) and Exit Chip ID (at 1F000000h) ;none |
If they are all same --> there is only one chip (mirrored to both areas) If different --> 1F400000h is either garbage, or a 2nd chip |
ChipID Kbyte Page Maker/Name ;notes
1Fh,D5h 128K 128 ATMEL AT29C010A ;xplorer/prototypes?
1Fh,35h 128K 128 ATMEL AT29LV010A ;-
1Fh,DAh 256K 256 ATMEL AT29C020 ;xplorer
1Fh,BAh 256K 256 ATMEL AT29BV020 ;xplorer
1Fh,A4h 512K 256 ATMEL AT29C040A ;xplorer
1Fh,C4h 512K 256 ATMEL AT29xV040A ;-
BFh,07h 128K 128 SST SST29EE010 ;-
BFh,08h 128K 128 SST SST29xE010 ;-
BFh,22h 128K 128 SST SST29EE010A ;-
BFh,23h 128K 128 SST SST29xE010A ;-
BFh,10h 256K 128 SST SST29EE020 ;xplorer
BFh,12h 256K 128 SST SST29xE020 ;xplorer
BFh,24h 256K 128 SST SST29EE020A ;-
BFh,25h 256K 128 SST SST2xEE020A ;-
BFh,04h 512K 256 SST SST28SF040 ;said to be used in "AR/GS Pro"
DAh,C1h 128K 128 WINBOND W29EE01x ;-
DAh,45h 256K 128 WINBOND W29C020 ;-
DAh,46h 512K 256 WINBOND W29C040 ;xplorer
01h,A4h 512K 1 AMD AM29F040 ;nocash psone bios (intact console)
20h,20h 128K 1 ST M29F010B ;nocash psone bios (broken console)
31h,B4h 128K ?? CATALYST CAT28F010 ;NEEDS VPP=12V !!! ("PS-121 ZISAN")
|
| PSX Dev-Board Chipsets |
CL825 20pin pin test points (2x10 pins) CL827 20pin pin test points (2x10 pins) U83 64pin SEC KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM U84 64pin SEC KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM CL828 20pin pin test points (2x10 pins) CL826 20pin pin test points (2x10 pins) X10 4pin JC53.20 (PAL, 53.203425MHz) X2 4pin 53.69317MHz (NTSC, 53.693175MHz) U62 20pin LVT244 (dual 4-bit 3-state noninverting buffer/line driver) U27 64pin Sony CXD2923AR ;GPU'b CL813 20pin pin test points (2x10 pins) CL814 20pin pin test points (2x10 pins) (with one resistor or so installed) U16 160pin Sony CXD8514Q ;GPU'a X7 4pin 67.73760 MHz CL807 20pin pin test points (2x10 pins) CL809 20pin pin test points (2x10 pins) CL811 20pin pin test points (2x10 pins) U801 208pin Sony CXD8530BQ ;CPU U11 28pin SEC KM48V2104AJ-6 (DRAM 2Mx8) ;Main RAM U10 28pin SEC KM48V2104AJ-6 (DRAM 2Mx8) ;Main RAM U9 28pin SEC KM48V2104AJ-6 (DRAM 2Mx8) ;Main RAM U8 28pin SEC KM48V2104AJ-6 (DRAM 2Mx8) ;Main RAM CN801 100pin Blue connector (to other ISA board) U66 48pin LVT16244? (quad 4-bit 3-state noninverting buffer/line driver) U65 48pin LVT16244? (quad 4-bit 3-state noninverting buffer/line driver) U64 48pin LVT16245? (dual 8-bit 3-state noninverting bus transceiver) U34 100pin Sony CXD2922Q ;SPU U63 14pin 74F74N (dual flipflop) U32 44pin SEC KM416V256B1-8 (DRAM 256Kx16) ;SoundRAM CL801 20pin pin test points (2x10 pins) CL802 20pin pin test points (2x10 pins) Q881 3pin voltage stuff? U31 20pin 74ACT244P (dual 4-bit 3-state noninverting buffer/line driver) U35 18pin Sony CXD2554P or OKI M6538-01 (aka MSM6538-01?) (audio related?) U36 20pin Sanyo LC78815 ;16bit D/A Converter U37 8pin NEC ...? C4558C? D426N0B or 9426HOB or so? J806 8pin solder pads... J805 9pin solder pads... J804 10pin solder pads... (11pins, with only 10 contacts?) - 48pin solder pads (12x4pin config jumpers or so) U26 20pin SN74ALSxxx logic? U71 24pin Sony CXA1xxxx? ;RGB? JPxx 9pin PAL/NTSC Jumpers (three 3pin jumpers) J801 24pin solder pads... J803 9pin rear connector: Serial Port (3.3V) (aka "J308") (DB9) (5+4pin) J802 15pin rear connector: AV Multi-out (5+5+5pin) CN881 98pin ISA Bus Cart-edge (2x31 basic pins, plus 2x18 extended pins) |
JP72x 68pin Black connector (maybe equivalent to 68pin PSX expansion port?) SWI 5pin solder pads... U371 40pin HN27C4000G-12 (512Kx8 / 256Kx16 EPROM) (sticker: "94/7/27") U370 84pin Altera EPM7160ELC84-12 (sticker: "U730, cntl 1") U3 14pin SN74ALS1004N (hex inverters) U43 44pin Altera EPM7032LC44-10 (sticker: "U43, add 1") U716 28pin Sharp LH5498D-35 (FIFO 2Kx9) U717 28pin Sharp LH5498D-35 (FIFO 2Kx9) U719 28pin Sharp LH5498D-35 (FIFO 2Kx9) U720 28pin Sharp LH5498D-35 (FIFO 2Kx9) U724 20pin SN74ALS688N (8bit inverting identity comparator with enable) U722 20pin SN74ALS245AN (8bit tristate noninverting bus transceiver) U47 20pin 74FCT244ATP (dual 4-bit 3-state noninverting buffer/line driver) U732 48pin LVT16245? (dual 8-bit 3-state noninverting bus transceiver) U711 20pin SN74ALS244BN (dual 4-bit 3-state noninverting buffer/line driver) U712 20pin SN74ALS244BN (dual 4-bit 3-state noninverting buffer/line driver) U713 20pin 74HC244AP (dual 4-bit 3-state noninverting buffer/line driver) U714 20pin 74HC244AP (dual 4-bit 3-state noninverting buffer/line driver) U721 20pin SN74ALS244BN (dual 4-bit 3-state noninverting buffer/line driver) U55 14pin SN74ALS08N (quad 2-input AND gates) U726 20pin SN74ALS245AN (8bit tristate noninverting bus transceiver) U715 20pin 74HC244AP (dual 4-bit 3-state noninverting buffer/line driver) JPxx 100pin Blue connector (to other ISA board) U738 20pin LVT244 (SMD) (dual 4-bit 3-state noninverting buffer/line driver) U734 32pin KM684000G-7 (SRAM 512Kx8) ;\maybe 1Mbyte EXP3 RAM ? U733 32pin KM684000G-7 (SRAM 512Kx8) ;/ U725 20pin SN74ALS688N (8bit inverting identity comparator with enable) S700 24pin 12bit DIP switch (select I/O Address bits A15..A4) JP700 8pin Jumper (4x2 pins) (select IRQ15/IRQ12/IRQ11/IRQ10) JP7xx 12pin Jumper (3x4 pins) (select DMA7/DMA6/DMA5) U64 48pin LVT16245? (dual 8-bit 3-state noninverting bus transceiver) U65 48pin LVT16244? (quad 4-bit 3-state noninverting buffer/line driver) U66 48pin LVT16244? (quad 4-bit 3-state noninverting buffer/line driver) U737 48pin LVT16244? (quad 4-bit 3-state noninverting buffer/line driver) U710 20pin SN74ALS244BN (dual 4-bit 3-state noninverting buffer/line driver) U709 20pin HD74HC245P (8bit tristate noninverting bus transceiver) U723 14pin SN74ALS38AN (quad open-collector NAND gates with buffered output) U2 14pin SN74LS19AN (hex inverters with schmitt-trigger) U1 8pin Dallas DS1232 (MicroMonitor Chip) ;power-good-detect ? U708 20pin HD74HC245P (8bit tristate noninverting bus transceiver) X3 2pin 4.1900 (4.19MHz for SPC700 CPU) U42 80pin P823, U01Q (Sony CXP82300 SPC700 CPU with piggyback EPROM socket) U42' 32pin 27C256A-15 (EPROM 32Kx8) (sticker: "94/11/28") U706 10pin some slim chip with 1x10 pins BT700 2pin battery (or super-cap?) for DS1302S (?) (not installed) U729? 5pin voltage stuff? U40 8pin Dallas DS1302S (real time clock) X4 2pin small crystal (32.768kHz for DS1302S) JP702 34pin Black connector (maybe for internal CDROM Emulator ISA cart?) U736 28pin Sony CXK58257ASP-70L (SRAM 32Kx8) ;CDROM Sector Buffer? U735 100pin Sony CXD1199BQ ;CDROM Decoder/FIFO JP715 40pin Blue connector... to external DTL-H2010 CDROM drive? JP721 9pin rear connector: Joypad/Memcard 2 (DB9) JP719 9pin rear connector: Joypad/Memcard 1 (DB9) ? - rear hole for cdrom-cable to Blue 40pin connector? J70x 98pin ISA Bus Cart-edge (2x31 basic pins, plus 2x18 extended pins) |
Mainboard "PI-27 1-589-867-11, DTL-H2500, MAIN BOARD 1575E01A0, SONY" Daughterboard "SONY,CN-102 1-589-865-11,CONNECTOR BOARD,DTL-H2500,1575E02A0" CJ1 9pin rear connector: DB9 CJ2? 15pin rear connector: AV Multi-out (5+5+5pin) CJ3 10pin gray connector (to controller daughterboard with two DB9's) CJ4 34pin black connector (maybe for internal CDROM Emulator ISA cart?) CJ5 50pin black connector (to DTL-H2510, Gray Internal CDROM Drive?) CJ6 68pin black connector (maybe equivalent to 68pin PSX expansion port?) - 124pin PCI bus cart edge connector CJ1' 9pin rear connector: DB9 (CTR1, joypad 1) ;\ CJ2' 9pin rear connector: DB9 (CTR2, joypad 2) ; on daughterboard CJ3' 10pin gray ribbon cable (to CJ3 on main board) ;/ IC103 208pin Sony CXD8530CQ (CPU) IC106 28pin SEC KM48V2104AT-6 (DRAM 2Mx8) IC107 28pin SEC KM48V2104AT-6 (DRAM 2Mx8) IC108 28pin SEC KM48V2104AT-6 (DRAM 2Mx8) IC109 28pin SEC KM48V2104AT-6 (DRAM 2Mx8) IC201 64pin SEC KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM IC202 64pin SEC KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM IC203 160pin Sony CXD8514Q ;GPU'a IC207 64pin Sony CXD2923AR ;GPU'b IC303 28pin HM62W256LFP-7T (CDROM SRAM 32Kx8) ;on back side IC304 52pin "D 2021, SC430920PB, G64C 185, JSAA9618A" (Sub-CPU) ;on back IC305 100pin Sony CXD1199BQ (CDROM Decoder/FIFO) ;on back side IC308 100pin Sony CXD2922BQ (SPU) ;on back side IC310 44pin SEC KM416V256BLT-7 (DRAM 256Kx16) ;SoundRAM ;on back side IC402 24pin something bigger IC404 8pin something small IC405 8pin something small IC501 24pin Sony CXA1645M (Analog RGB to Composite) ;on back side IC701 4pin "RD, 5B" or so ;on back side IC801 +++pin "ALTERA, FLEX, EPF8820ARC208-3, A9607" IC802 20pin LVT245A <-- ;on back side IC803 52pin "IDT71321, LA35J, S9704P" (2Kx8 dual port SRAM) IC804 20pin LVT244A IC805 8pin something with socket (sticker: "PD3") IC807-2 32pin MX 27C1000MC-90 (PROM) ;\on back side IC808 32pin F 29F040A-90 (FLASH) ;/BIOS on these chip(s) or so? IC901 4pin 37, 69 ;\on back side IC902 4pin 37, 69 ;/ ICxxx? 28pin "DALLAS, DS1230Y-100, NONVOLATILE SRAM" U28 20pin LVT244A Z1 20pin LVT244A ;\on back side Z2 20pin LVT245A <-- ;/ Z3 20pin LVT244A Z4 20pin LVT244A ;\ Z5 20pin LVT245A <-- ; on back side Z6 20pin LVT244A ;/ Z7 20pin LVT244A Z8 20pin LVT244A Z9 20pin LVT244A X101 4pin RC67.73, JVC 5L (67.7376MHz oscillator for main cpu) X201 4pin JC53.20, JVC 6A (for GPU, PAL) X202 4pin JC53.69, JVC 6A (for GPU, NTSC) X302 3pin 4.000MHz (for sub-cpu) |
X2 xpin TXC-2 OSC 66.000MHz X1 xpin TXC-2AOSC 53.693MHz U16 14pin 74F74 (dual flipflop) U29 14pin 74AS04 (hex inverters) U14 20pin LVT244 (dual 4-bit 3-state noninverting buffer/line driver) U18 20pin LVT244 (dual 4-bit 3-state noninverting buffer/line driver) U15 20pin ACT244 (dual 4-bit 3-state noninverting buffer/line driver) U11 84pin Altera EPM7096LC84-12 (sticker: "artpc13" or "ARTPC13") U13 160pin Sony CXD8514Q ;GPU'a U5 14pin ALS38A ? (quad open-collector NAND gates with buffered output) U27 20pin ALS244AJ ? (dual 4bit tristate noninverting buffer/line driver) Q1 3pin T B596 U23 64pin KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM U22 64pin KM4216V256G-60 (DRAM 256Kx16) ;dual-ported VRAM U28 64pin Sony CXD2923AR ;GPU'b S1 16pin 8bit DIP switch (select I/O address A15..A8) S2 8pin 4bit DIP switch (select I/O address A7..A4) U1 20pin SN74ALS688N (8bit inverting identity comparator with enable) U2 20pin SN74ALS688N (8bit inverting identity comparator with enable) U3 20pin ALS245A (8bit tristate noninverting bus transceiver) JP9 12pin Jumper (6x2 pins) (select IRQ15/IRQ11/IRQ10/IRQ9/IRQ5/IRQ3) U26 24pin Sony CXA1145M ? ;RGB? JP10 3pin Jumper ;\ JP12 3pin Jumper ; select "S" or "O" (?) JP11 3pin Jumper ;/ J3 2pin? Yellow connector (composite video out?) J2? pin? Mini DIN? connector (maybe S-video out?) J1 15pin High Density SubD (maybe video multi out?) CJx 98pin ISA Bus Cart-edge (2x31 basic pins, plus 2x18 extended pins) |
Yellow PCB "CD Emulator System, (C) Cirtech & SN Systems Ldt, 1994 v1.2" IC 24pin GAL20V8B IC 68pin Analog Devices ADSP-2101 (16bit DSP Microprocessor) IC 20pin HD74HC244P IC15 20pin HD74HC244P IC14 20pin CD74HCT245E IC7 28pin 27C512-10 (EPROM 64Kx8) (yellow sticker, without text) IC 28pin HY62256ALP-70 (SRAM 32Kx8) IC12 28pin HY62256ALP-70 (SRAM 32Kx8) IC 28pin HY62256ALP-70 (SRAM 32Kx8) IC13 84pin Emulex/QLogic FAS216 (Fast Architecture SCSI Processor) IC5 84pin Emulex/QLogic FAS216 (Fast Architecture SCSI Processor) IC4 24pin GAL20V8B (near IO Addr jumpers) IC 20pin 74LS244B1 (near lower 8bit of ISA databus) IC 20pin SN74LS245N? (near lower 8bit of ISA databus) IC 20pin SN74LS245N (near upper 8bit of ISA databus) DMA 12pin Jumpers (select DMA7/6/5) IRQ 12pin Jumpers (select IRQ15/12/11/10/7/5) IO 16pin Jumpers (select IO Addr 300/308/310/318/380/388/390/398) SCSI 6pin Jumpers (select SCSI ID 4/2/1) (aka 3bit 0..7 ?) PL3 34pin Connector to DTL-H2000 ? PL1 50pin Connector to INTERNAL SCSI hardware ? PL2 50pin? Connector to EXTERNAL SCSI hardware ? (25pin plug/50pin cable?) Jx 98pin ISA Bus Cart-edge (2x31 basic pins, plus 2x18 extended pins) |
32pin GM76C8128ALLFW85 (SRAM 128Kx8) 44pin ALTERA EPM7032LC44-15T 34pin EMULEX FAS101 (SCSI Interface Processor) 28pin 27C64 (EPROM 8Kx8) (green sticker, without text) 20pin LCX245 (=74245?) 8pin 2112, CPA, H9527 (?) 3pin transistor? voltage regulator? 20pin DIP socket (containing two 10pin resistor networks) 20pin DIP socket (containing two 10pin resistor networks) 2pin CR2032 Battery 3V 68pin Connector to PSX "Parallel I/O" expansion port 25pin Connector to SCSI hardware (to DTL-S510B or DTL-S2020 ISA cart or so?) |
U15 24pin ?
U5 28pin 27C256 (EPROM 32Kx8) (not installed)
U7 4pin 67.7376MHz oscillator
U8 14pin ?
U11 44pin SEC KM416V256B1-8 (DRAM 256Kx16) ;SoundRAM
(44pin package with middle 4pin missing, 40pins used)
U10 100pin Sony CXD2925Q ;SPU
U4 160pin Lattice IspLSI 3256 (sticker: "VER3")
U6 128pin Lattice IspLSI xxxx ?
U12 48pin ?
U13 48pin ?
U3 20pin 74ACT244
U14 5pin "LM25755, -3.3 P+" ?
U2 54pin ?
U1 54pin ?
U9 ?pin GP1F31T (light transmitting unit for optical fibre cable)
? 124pin PCI bus cart edge connector
? 8pin internal jumper/connector? (7pin installed, 1pin empty)
|
U1 14pin SN74ALS388N ? U2 20pin SN74ALS688N (8bit inverting identity comparator with enable) U3 20pin SN74ALS688N (8bit inverting identity comparator with enable) U4 24pin PALxxx ? U5 20pin SN74ALS245AN U6 20pin SN74ALS245AN U7 20pin SN74ALS244N U8 20pin SN74ALS244N U9 20pin SN74ALS245AN U10 20pin SN74ALS245AN U11 20pin SN74ALS244N S2 16pin 8bit DIP switch (ISA 15/14/13/12/11/10/9/8) ;I/O address bit15-8 S1 8pin 4bit DIP switch (ISA 7/6/5/4) ;I/O address bit7-4 S3 8pin 4bit DIP switch (BISO? 3/2/1/0) ;BISO? or BISD? or 8150? JPxx .... several jumpers (unknown purpose) Jx 98pin ISA Bus Cart-edge (2x31 basic pins, plus 2x18 extended pins) J5 68pin Connector on rear side (unknown purpose) |
IC101 100pin SONY CXD2515Q (Signal Processor + Servo Amp) ;\ IC102 28pin BA6297AFP ; on mainboard ICxx 20pin SONY CXA1571N (RF Amp) (on tiny daughtboard) ; (HCMK-81X) CN101 21pin connector to DEX2010.SCH board ; CN10x 12pin connector to KSS-240A (laser pickup) ; S101 2pin pos0 switch or so? ; M101 2pin spindle motor ;/ U1 20pin 74ALS244BN ;\ U2 20pin 74ALS244BN ; U3 20pin 74ALS244BN ; on DEX2010.SCH board J1 2pin connector to EJECT BUTTON ; J2 5pin connector to LOADING MOTOR ; J3 21pin connector to mainboard ; JP1 40pin external connector to DTL-H2000 ;/ CN151 5pin connector to DEX2010.SCH board ;\ M151 2pin loading motor (eject motor) ; on CDM 14, CMK PSX board S151 2pin OUT SW ;\switches, probably to ; S152 2pin IN SW ;/sense load/eject status ;/ CN1 2pin connector to DEX2010.SCH board ;\on DTL-H2010(1) board SW1 2pin eject button ;/ |
IC309 80pin Sony CXD2510Q (CDROM Signal Processor) ICxx ?pin Unknown if there are further ICs (eg. CXA1782BR should exist?) CN1 10pin Connector to daughterboard (with drive unit) CN2 4pin Connector to PC power supply (12V/5V and 2xGND) CN3 50pin Connector to DTL-H2500 or so? (need "PCS-E50FC" plug?) |
| Hardware Numbers |
SCPH-1000 PlayStation (1994) (NTSC-J) (with S-Video) SCPH-1001 PlayStation (1995) (NTSC-U/C) (without S-Video) SCPH-1002 PlayStation (199x) (PAL) (without S-Video) SCPH-1010 Digital joypad (with short cable) (1994) SCPH-1020 Memory Card 1Mbits (1994) SCPH-1030 2-button Mouse (with short cable) (1994) SCPH-1040 Serial Link Cable SCPH-1050 RGB Cable (21-pin RGB Connector) SCPH-1060 RFU Cable/Adaptor (antennae connector) (NTSC-JP?) (1995) SCPH-1061 RFU Cable/Adaptor (antennae connector) (NTSC-US?) SCPH-1062 RFU Cable/Adaptor (antennae connector) (PAL) SCPH-1070 Multitap adaptor (four controllers/memory cards on one slot) (1995) SCPH-1080 Digital joypad (with longer cable) (1996) SCPH-1090 2-button Mouse (with longer cable) (1998) SCPH-1100 S Video Cable (1995) SCPH-1110 Analog Joystick (1996) SCPH-1120 RFU Adaptor (antennae connector) (NTSC-JP?) (1996) SCPH-1121 RFU Adaptor (antennae connector) (NTSC-US?) SCPH-1122 RFU Adaptor (antennae connector) (PAL) SCPH-1130 AC Power Cord (1996) SCPH-1140 AV Cable (1997) SCPH-1150 Analog Joypad (with one vibration motor, with red/green led) (1997) SCPH-1160 AV Adaptor (1997) SCPH-1170 Memory Card Triple Pack (three Memory Cards) (1996) SCPH-1180 Analog Joypad (without vibration motors, with red/green led) SCPH-119X Memory Card (X=different colors) (1997) SCPH-1200 Analog Joypad (with two vibration motors) (dualshock) (1997) SCPH-1210 Memory Card Case (1998) SCPH-2000 Keyboard/Mouse adapter (PS/2 to PSX controller port; for Lightspan) SCPH-3000 PlayStation (1995) (NTSC-J) (with the S-video output removed) SCPH-3500 PlayStation Fighting Box (console bundled with 2 controllers)(1996) SCPH-4000 PocketStation (Memory Card with LCD-screen) (1999) SCPH-4010 VPick (guitar-pick controller) (for Quest for Fame, Stolen Song) SCPH-4020 Long Strap for PocketStation (1999) SCPH-4030 Wrist Strap for PocketStation (1999) SCPH-5000 PlayStation (cost reduced) (Japan) (1996) ;\exists in these three SCPH-5001 PlayStation (cost reduced) (North America) ; regions only (not SCPH-5003 PlayStation (Asia) ;/in Europe) SCPH-5500 PlayStation without Cinch sockets (ie. AV Multi Out only) (1996)(J) SCPH-5501 "" North American version of the 5500 SCPH-5502 "" European version of the 5500 (shipped with 1 digital joypad) SCPH-5552 Same as SCPH-5502 (but shipped with memcard and 2 digital joypads) SCPH-5903 PlayStation with built-in MPEG Video-CD decoder (Asia-only) SCPH-7000 PlayStation with Dualshock (1997) (Japan) SCPH-7001 PlayStation with Dualshock (199x) (North America) SCPH-7002 PlayStation with Dualshock (199x) (Europe) SCPH-7003 PlayStation with Dualshock (199x) (Asia) SCPH-7000W PlayStation (10 million model, not for sale, blue, region free) SCPH-7500 PlayStation with Dualshock, cost reduced (1999) (Japan) SCPH-7501 PlayStation with Dualshock, cost reduced (199x) (North America) SCPH-7502 PlayStation with Dualshock, cost reduced (199x) (Europe) SCPH-7503 PlayStation with Dualshock, cost reduced (199x) (Asia) SCPH-9000 PlayStation without Parallel I/O port (1999) (Japan) SCPH-9001 PlayStation without Parallel I/O port (199x) (North America) SCPH-9002 PlayStation without Parallel I/O port (199x) (Europe) SCPH-9003 PlayStation without Parallel I/O port (199x) (Asia) SCPH-9903 Rare SCEx-free PSX (Property of Sony Computer Entertainment, U/C) SFX-100 PlayStation Super Disc Prototype (with SNES chipset, no PSX chips) |
SCPH-100 PSone (miniaturized PlayStation) (2000) (Japan) SCPH-101 PSone (miniaturized PlayStation) (200x) (North America) SCPH-102 PSone (miniaturized PlayStation) (200x) (Europe) SCPH-103 PSone (miniaturized PlayStation) (200x) (Asia) SCPH-102A PSone Europe (UK/AU, with A/V cable) ;\revision of "SCPH-102" SCPH-102B PSone Europe (UK, with RFU adaptor) ; with PM-41(2) board ? SCPH-102C PSone Europe (Continent, with A/V cable) ;/ SCPH-110 Dual Analog Pad (for PSone) (Dualshock) (2000) SCPH-111 Multitap for PSone (seems to be quite rare, except in brazil) SCPH-112 AC adapter for PSone (In: 110-220VAC, Out: 7.5VDC, 2.0A, Japan) SCPH-113 AC adapter for PSone (In: 120VAC/60Hz, Out: 7.5VDC, 2.0A, USA) SCPH-114 AC adapter for PSone (In: 220-240VAC, Out: 7.5VDC, 2.0A, Europe) SCPH-115 AC adapter for PSone (In: 220-240VAC, Out: 7.5VDC, 2.0A, UK) SCPH-116 AC adapter for PSone (In: 220-240VAC, Out: 7.5VDC, 2.0A, Australia) SCPH-117 AC adapter for PSone (In: 110VAC, Out: 7.5VDC, 2.0A, Asia?) SCPH-120 AC adapter for PSone with LCD Screen (In: 100VAC, Out: 7.5VDC, 3.0A) SCPH-130 LCD Screen for PSone (to be attached to the console) (2001) SCPH-140 PSone and LCD screen combo (2001) SCPH-152 LCD screen for PSone (PAL SCPH-152C) SCPH-162 PSone and LCD screen (PAL SCPH-162C) SCPH-170 Car Adapter for PSone from car cigarette lighter (2001) SCPH-180 AV Connection Cable for LCD-screen's AV IN SCPH-10180K DoCoMo I-Mode Adaptor Cable (for internet via mobile phones) |
DTL-H201A Graphic Artist Board (ISA bus) (with NTSC video out) DTL-H240 PS-X RGB Cable DTL-H500C Digital joypad prototype (SNES-style design, with DB9 connector) DTL-H505 PS-X (Code Name) Target Box ? (PSX prototype, SCSI instead CDROM?) DTL-H700 Sound Artist Board (NuBus for Mac) DTL-H800 Sound Artist Board (PCI Bus for IBM) (with optical fibre sound out) DTL-H1000 Debugging Station (CD-R compatible PSX console) (Japan) DTL-H1001 Debugging Station (CD-R compatible PSX console) (North America) DTL-H1002 Debugging Station (CD-R compatible PSX console) (Europe) DTL-H1030 Mouse ? DTL-H1040 Link Cable ? DTL-H1050 RGB Cable ? DTL-H110x Debugging Station revision? (DC-powered) DTL-H120x Debugging Station revision? (AC-powered) DTL-H1500 Stand-Alone Box ? With ethernet, for SGI Workstation ? DTL-H2000 Dev board v1 (PSX on two ISA carts) (old pre-retail) DTL-H2010 Black External CDROM Drive for DTL-H2000 (CD-R compatible) DTL-H2040 Memory Box ? DTL-H2050 Adaptor for Controller port ? DTL-H2060 Serial Link cable DTL-H2070 RGB Cable ? DTL-H2080 Controller Box (joypad/memcard adaptor for DTL-H2000/DTL-xxxx?) DTL-H2500 Dev board (PCI bus) DTL-H2510 Gray Internal CDROM Drive for DTL-H2500/DTL-H2700 (CD-R compatible) DTL-H2700 Dev board (ISA bus) (CPU, ANALYZER ...?) DTL-H3000 Net Yaroze (hobby programmer dev kit) (Japan) DTL-H3001 Net Yaroze (hobby programmer dev kit) (North America) DTL-H3002 Net Yaroze (hobby programmer dev kit) (Europe) DTL-H3020 Access Card (for yaroze) DTL-H3050 Communication Cable (link port to rs232, for yaroze) DTL-D2020 Documentation: BUILD CD (Manual of Programmer's Tool) DTL-D2120 Documentation: (Manual of Programmer's Tool) DTL-D2130 Documentation: PsyQ (Manual of Programmer's Tool) DTL-D2130 Documentation: SdevTC (Manual of Programmer's Tool) DTL-D2140A Documentation: Ver.1.0 (Manual of Programmer's Tool) DTL-D2150A Documentation: Ver.2.0 (Manual of Programmer's Tool) |
DTL-S510B Unknown (another CDROM emulator version?) DTL-S2020 CD-ROM EMULATOR for DTL-H2000/DTL-H2500/DTL-H2700 |
SLPH-00001 Namco neGcon (white) (NPC-101), Twist controller (SLEH-0003)
SLPH-00002 Hori Fighting stick, digital stick with autofire/slowmotion/rumble
SLPH-00003 ASCII Fighter stick V, psx-shaped digital stick (SLEH-0002)
SLPH-00004 Sunsoft Sunstation pad, digital pad with autofire/slowmotion
SLPH-00005 ASCII ASCIIPAD V, digital pad with autofire/slowmotion
SLPH-00006 Imagineer Sandapaddo ThunderPad
SLPH-00007 SANKYO N.ASUKA aka Nasca Pachinco Handle, bizarre paddle
SLPH-00008 Spital SANGYO Programmable joystick
SLPH-00009 Hori Fighting commander 2way controller
SLPH-00010 Optec Super Pro Commander
SLPH-00011 Super Pro Commander Accessory / Extended memo repack memory
SLPH-00012 Hori Fighting Commander 10B Pad (gray), digital pad with extras
SLPH-00013 Konami Hyper Blaster (green) ;\IRQ10-based Lightgun
SLPH-00014 Konami Hyper Blaster (black) ;/(SLEH-0005/SLUH-00017)
SLPH-00015 Namco Volume controller, paddle with 2 buttons
SLPH-00016 Waka Up Scan Converter "[chiyo] clean! peripheral equipment?"
SLPH-00017 Hori Fighting Commander 10B Pad (black), digital pad with extras
SLPH-00018 Hori Real Arcade Stick, digital stick, small L1/L2 (HPS-10)
SLPH-00019 Konami Hyperstick
SLPH-00020 Imagineer Thunder Pad Transparent
SLPH-00021 Imagineer Imagegun
SLPH-00022 Optec AI Commander Pro, digital pad with extras / lcd display
SLPH-00023 Namco Joystick (SLEH-00004)
SLPH-00024 Optec Cockpit Wheel, analog joystick/analog pedals or so
SLPH-00025 Optec AI Commander Accessory (extended memo repack ZERO2 version)
SLPH-00026 Hori Command Stick PS (SLPH-00026 aka HPS11)
SLPH-00027 ASCII Grip, single-handed digital pad (SLEH-00008)
SLPH-00028 Hori Grip (gray) (see also: SLPH-00040, and 00086..00088)
SLPH-00029 Hori Horipad (clear), digital pad
SLPH-00030 Hori Horipad (black), digital pad
SLPH-00031 Hori Horipad (gray), digital pad
SLPH-00032 Hori Horipad (white), digital pad
SLPH-00033 Hori Horipad (blue), digital pad
SLPH-00034 Namco G-CON 45, Cinch-based Lightgun (SLEH-0007/SLUH-00035)
SLPH-00035 ASCII Fighter stick V Jr. (SLEH-00009)
SLPH-00036 Optec Wireless Dual Shot, digital pad with turbo button
SLPH-00037 ?
SLPH-00038 ASCII Pad V Jr., digital pad without any extras
SLPH-00039 ASCII Pad V2 (gray), digital pad with turbo switches (SLEH-00010)
SLPH-00040 Hori Grip (black)
SLPH-00041 ASCII Grip V
SLPH-00042 ASCII Grip V plus (Derby Stallion'99 supplement set), single-hand
SLPH-00043 ASCII Pad V2 (clear pink)
SLPH-00044 ASCII Pad V2 (clear white)
SLPH-00045 ASCII Pad V2 (clear blue)
SLPH-00046 ASCII Pad V2 (clear green)
SLPH-00047 ASCII Pad V2 (clear black)
SLPH-00048 ASCII Pad V2 (clear red/lead?)
SLPH-00049 ASCII Pad V2 (clear yellow)
SLPH-00050 ASCII Pad V2 (clear orange)
SLPH-00051 Taito Streetcar GO! Controller 2 steering "wheel?" tie toe strange
SLPH-00052 Koei Video Capture, Ergosoft EGWord, and Lexmark Printer bundle
SLPH-00053 Koei Word Processor Ergosoft September EGWORD Ver.2.00
SLPH-00054 Hori Zerotech Steering Controller (black)
SLPH-00055 Hori Grip (clear blue)
SLPH-00056 Hori Grip (clear pink)
SLPH-00057 Hori Grip (clear yellow)
SLPH-00058 ASCII Pad V2 (gold)
SLPH-00059 ASCII Pad V2 (silver)
SLPH-00060 ASCII Biohazard, digital pad with re-arranged buttons (SLEH-0011)
SLPH-00061 ASCII Pad V2 (pearl white)
SLPH-00062 ASCII Pad V2 (pearl blue)
SLPH-00063 ASCII Pad V2 (pearl pink)
SLPH-00064 ASCII Pad V2 (pearl green)
SLPH-00065 ASCII Pad V Pro, with lcd for button-combinations (ASC-0508GX)
SLPH-00066 ASCII Arcade Stick 3 "Ultimate"
SLPH-00067 ASCII Pad V2 (purple metallic)
SLPH-00068 ASCII Pad V2 (lead metallic)
SLPH-00069 Namco neGcon (black) (NPC-104), Twist controller (SLEH-0003)
SLPH-00070 Sankyo Pachinko FF Controller (alternate to SLPH-00007)
SLPH-00071 Hori Command Stick PS Custom
SLPH-00072 ASCII Command Pack (memory card add-on or so)
SLPH-00073 Optec Wireless digital set (gray) ;\
SLPH-00074 Optec Wireless digital set (black) ; pad with receiver
SLPH-00075 Optec Wireless digital set (clear) ;
SLPH-00076 Optec Wireless digital set (clear blue) ;
SLPH-00077 Optec Wireless digital set (clear black) ;/
SLPH-00078 Optec Wireless digital shot (gray) ;\
SLPH-00079 Optec Wireless digital shot (black) ; extra pad for
SLPH-00080 Optec Wireless digital shot (clear) ; second player
SLPH-00081 Optec Wireless digital shot (clear blue) ; (without receiver)
SLPH-00082 Optec Wireless digital shot (clear black) ;/
SLPH-00083 ASCII Stick Justice controller
SLPH-00084 Hori ZeroTech Steering Controller (clear)
SLPH-00085 Hori Compact joystick (black)
SLPH-00086 Hori Compact joystick (clear)
SLPH-00087 Hori Compact joystick (clear blue)
SLPH-00088 Hori Multi Analog Pad (clear) or Hori Grip (pink?)
SLPH-00089 Hori AV Cable with selector
SLPH-00090 Hori Multi Analogue Pad (clear black)
SLPH-00091 Hori AV Multi-Out Converter
SLPH-00092 ASCII Pad V2 (margin green)
SLPH-00093 ASCII Pad V2 (margin blue)
SLPH-00094 ASCII Pad V2 (margin pink)
SLPH-00095 ASCII Pad V2 (margin orange)
SLPH-00096 ASCII Hyper Steering V ("high pass tear ring V controller?")
SLPH-00097 Hori S Cable with selector (uh, maybe S-video or so?) (HPS-36)
SLPH-00098 NSYSCOM Pachinko slot controller (NSC-1)
SLPH-00099 ASCII Pad V2 (rainbow)
SLPH-00100 ASCII 'Hanging' Fishing Controller, controller for fishing games
SLPH-00101 Optec Cockpit big shock
SLPH-00102 ASCII Grip V (set for mars story)
SLPH-00103 Hori Pad V2 (clear)
SLPH-00104 Hori Pad V2 (clear blue)
SLPH-00105 Hori Pad V2 (clear pink)
SLPH-00106 Hori Pad V2 (black)
SLPH-00107 Hori Compact Joystick (camouflage)
SLPH-00108 Hori Rumble Digital Pad (clear blue)
SLPH-00109 Hori Monoaural AV Cable
SLPH-00110 ASCII Pad V2 (marble)
SLPH-00111 ASCII Pad V2 (camouflage)
SLPH-00112 ASCII Pad V3
SLPH-00113 ASCII Pad V3 with cable reel
SLPH-00114 ASCII Pad V3 with V2 (pearl white) bundle
SLPH-00115 ASCII Pad V3 with V2 (pearl pink) bundle
SLPH-00116 ASCII Pad V3 with V2 (pearl blue) bundle
SLPH-00117 ASCII Pad V3 (blue) with V2 (pearl green) bundle
SLPH-00118 Hori Pad V3
SLPH-00119 Hori Pad V3 (white)
SLPH-00120 Hori Analog Rumble Pad (clear pink)
SLPH-00121 Hori Analog Rumble Pad (clear)
SLPH-00122 Hori Analog Rumble Pad (clear blue)
SLPH-00123 Hori Analog Rumble Pad (clear red)
SLPH-00124 Hori Analog Rumble Pad (clear black)
SLPH-00125 Hori Analog Rumble Pad (clear yellow)
SLPH-00126 Namco Jogcon, digital pad, steering dial (SLEH-0020/SLUH-00059)
SLPH-00127 ?
SLPH-00128 ASCII stick ZERO3
SLPH-00129 ASCII Pad V2 (wood grain pitch)
SLPH-00130 Hori Real Arcade (camouflage)
SLPH-00131 Hori Ehrgeiz Stick
SLPH-00132 ASCII Pad V3 (blue)
SLPH-00133 ASCII Fighter Stick V Jr. (limited edition)
SLPH-00134 ASCII Pad V3 (blue) with cable reel
SLPH-00135 ASCII Pad V3 (blue) with V2 (silver)
SLPH-00136 ASCII Pad V3 with V2 (purple metallic)
SLPH-00137 ASCII Pad V3 with V2 (gold)
SLPH-00138 ASCII Pad V3 with "VPRO. aka Ascii Fighter Stick V"
SLPH-00139 Hori Analog Rumble Pad (gray)
SLPH-00140 Hori Analog Rumble Pad (black)
SLPH-00141 Hori Analog Rumble Pad (blue)
|
ASC-05158B ASCII Beatmania Junk (similar to SLEH-0021) ASC-0528T Sammy Shakkato Tambourine BANC-0001 Bandai Fishing Controller BANC-0002 Bandai Kids Station RU017 Konami Dance Dance Revolution Controller (Dance Mat) GAE001 G.A.E. Baton stick with 2 buttons (for The Maestromusic) |
RU029 Konami Beatmania IIDX RU014 Konami Pop'n Music (buttons A,B,C,D,E,F,G,H,I, and Select/Start) ? Produce! Paca Paca Passion ? Sega/Ascii Minimoni Shakatto Tambourine |
SLEH-00001 Ascii Specialized Pad (similar to SLPH-00005: ASCII ASCIIPAD V) SLEH-00002 Ascii Arcade Stick, psx-shaped digital stick (SLPH-00003) SLEH-00003 Namco Negcon, Twist controller (SLPH-00001) SLEH-00004 Namco Arcade Stick (SLPH-00023) SLEH-00005 Konami Hyper Blaster, IRQ10-based Lightgun (SLPH-00014/SLUH-00017) SLEH-00006 Mad Catz Steering Wheel (SLPH-?) SLEH-00007 Namco G-Con 45, Cinch-based Lightgun (SLPH-00034/SLUH-00035) SLEH-00008 Ascii Grip, single-handed digital pad (SLPH-00027/SLUH-00038) SLEH-00009 Ascii Arcade Stick v2 (SLPH-00035) SLEH-00010 Ascii Enhanced Control Pad (similar as SLEH-00001) (SLPH-00039) SLEH-00011 Resident Evil Pad (aka SLPH-00060 ASCII Biohazard) SLEH-00012 Reality-Quest The Glove (right-handed only) (SLUH-00045/SLPH-?) SLEH-00013 CD Case (small nylon bag for fourteen CDs) (SLPH-?) SLEH-00014 ? SLEH-00015 PlayStation Case (bigger bag for the console) (SLPH-?) SLEH-00016 PlayStation Case + Digital Joypad + Memory Card SLEH-00017 ? SLEH-00018 Ascii Sphere 360 (SLUH-00028/SLPH-?) SLEH-00019 Interact V3 Racing Wheel (SLPH-?) SLEH-00020 Namco JogCon, digital pad, steering dial (SLPH-00126/SLUH-00059) SLEH-00021 Konami Beatmania Controller (SLPH-?) SLEH-00022 ? SLEH-00023 Official Dance Mat (RU017/SLUH-00071) (for PSone and PS2) SLEH-00024 Fanatec Speedster 2 (wheel with pedals) (for PSone and PS2) SLEH-00025 Mad Catz 8MB Memory Card (for PS2) SLEH-00026 Olympus Eye-Trek FMD-20P Game/DVD glasses (for PS2) SLEH-00027 Logitech Cordless Controller... or Eye-Trek FMD-20P, too? (PSx?) SLEH-00028 ? SLEH-00029 Fanatec Speedster 3 (for PS2) SLEH-00030 Logitech Eye Toy (camera?) (for PS2) |
Mad Catz Wrist Rumbler (rumble add-on for pre-dualshock controllers) |
SLUH-00001 Specialized Joystick (single-axis, digital?) SLUH-00002 Control Pad (redesigned joypad) SLUH-00003 InterAct Piranha Pad, digital pad, autofire/slowmotion SLUH-00017 Konami Justifier, IRQ10-based Lightgun (Hyperblaster/SLPH-00014) SLUH-00018 Enhanced Pad (joypad with whatever extra functions) SLUH-00022 Analog and Digital Steering Wheel with pedals (for testdrive 4?) SLUH-00026 Optec Mach 1 (gray steering/flight controller with pedals) SLUH-00028 Ascii Sphere 360 (SLEH-00018) SLUH-00029 Namco NPC-102 Joystick (single-axis, digital?) SLUH-00031 Interact Program Pad SLUH-00033 Piranha Pad (redesigned joypad) SLUH-00034 NUBY Manufacturing The Heater, white lightgun (irq10 or cinch?) SLUH-00035 Namco G-CON 45, Cinch-based Lightgun (SLEH-0007/SLPH-00034) SLUH-00037 Arcade Stick (single-axis, digital?) SLUH-00038 ASCII Grip V, single-handed digital pad (SLPH-00027/SLEH-00008) SLUH-00040 System Organizer (huh? looks like... a black storage box?) SLUH-00041 V3 Racing Wheel with pedals SLUH-00043 GunCon (bundled with Time Crisis 1) SLUH-00044 Remote Wizard (looks like wireless joypad or so) SLUH-00045 Reality-Quest The Glove (right-handed only) (SLEH-00012/SLPH-?) SLUH-00046 GunCon (bundled with Point Blank) SLUH-00055 Aftershock Wheel with pedals SLUH-00056 UltraRacer Steering Controller (grip-style) SLUH-00057 EA Sports Game Pad (redesigned joypad) SLUH-00058 something for point blank 2 (?) (maybe a lightgun) SLUH-00059 Namco Jogcon, digital pad, steering dial (SLEH-0020/SLPH-00126) SLUH-00061 MadCatz MC2 Racing Wheel (black/gray) SLUH-00063 Bass Landing Fishing Reel controller SLUH-00066 Sportster racing wheel SLUH-00068 Jungle Book Rhythm N Groove Dance Pack SLUH-00071 Konami Dance Pad (DDR Dance Pad) (RU017) SLUH-00072 GunCon (bundled with Point Blank 3) SLUH-00073 GunCon (bundled with Time Crisis 2 - Project Titan) SLUH-00077 Logitech Cordless Controller, analog pad (ps1/ps2) SLUH-00081 Logitech NetPlay Controller, pad with keyboard (usb/ps2) SLUH-00083 Konami Dance Dance Revolution Controller (for PS1 and PS2) SLUH-00084 NYKO iType2, pad with keyboard (usb/ps2) SLUH-00085 Logitech Cordless Action Controller (for PS2) SLUH-00086 Namco/Taiko Drum Master (Taiko Controller Pack) (for PS2) SLUH-00088 RedOctane In the Groove Dance Pad Controller ? SLUH-00090 Dance Pad (bundled with Pump It Up) (for PS2) |
Unknown (if any) |
SCEH-0001 SingStar (USB to Microfon) (for PS2) |
SCES-NNNNN Sony Computer Europe Software SCED-NNNNN Sony Computer Europe Demo SLES-NNNNN Sony Licensed Europe Software SLED-NNNNN Sony Licensed Europe Demo SCPS-NNNNN Sony Computer Japan Software SLPS-NNNNN Sony Licensed Japan Software SLPM-NNNNN Sony Licensed Japan ... ? SCUS-NNNNN Sony Computer USA Software SLUS-NNNNN Sony Licensed USA Software PAPX-NNNNN Demo ...? LSP-NNNNNN Lightspan series (non-retail educational games) |
| Pinouts |
| Pinouts - Controller Ports and Memory-Card Ports |
1 In JOYDAT Data from joypad/card (data in) _______________________ 2 Out JOYCMD Data to joypad/card (command out) | | | | 3 - +7.5V +7.5VDC supply (eg. for Rumble) | 9 7 6 | 5 4 3 | 2 1 | CARD 4 - GND Ground |_______|_______|_______| 5 - +3.5V +3.5VDC supply (normal supply) _______________________ 6 Out /JOYn Select joypad/card in Slot 1/2 | | | | 7 Out JOYCLK Data Shift Clock | 9 8 7 | 6 5 4 | 3 2 1 | PAD 8 In /IRQ10 IRQ10 (Joy only, not mem card) \______|_______|______/ 9 In /ACK IRQ7 Acknowledge (each eight CLKs) Shield Ground (Joypad only, not memory card) |
| Pinouts - Audio, Video, Power, Expansion Ports |
1 RGB-Video Green 2 RGB-Video Red 3 Supply +5.0V (eg. supply for external RF adaptor) 4 RGB-Video Blue 5 Supply Ground 6 S-Video C (chrominance) 7 Composite Video (yellow cinch) 8 S-Video Y (luminance) ____________________________ 9 Audio Left (white cinch) | | 10 Audio Left Ground | 12 11 10 9 8 7 6 5 4 3 2 1 | 11 Audio Right (red cinch) |____________________________| 12 Audio Right Ground Shield Video Ground |
________
| | Console Rear View
GND ==| 1 35 |== GND .-------------------------.
/RESET =| 2 36 |= DACK5 |1 2 3 ... ... 32 33 34|
DREQ5 =| 3 37 |= /IRQ10 |35 36 37 ... ... 66 67 68|
/EXP? =| 4 38 |= /WR1? (CPU99) |__.-------------------.__|
NC?GND? =| 5 39 |= GND?NC?
D0 =| 6 40 |= D1
D2 =| 7 41 |= D3
D4 =| 8 42 |= D5
D6 =| 9 43 |= D7
D8 =|10 44 |= D9
D10 =|11 45 |= D11
D12 =|12 46 |= D13
D14 =|13 47 |= D15
A0 =|14 48 |= A1
A2 =|15 49 |= A3
NC?GND? =|16 50 |= GND?NC?
+3.5V ==|17 51 |== +3.5V
+7.5V ==|18 52 |== +7.5V
GND? =|19 53 |= GND?NC?
A4 =|20 54 |= A5
A6 =|21 55 |= A7
A8 =|22 56 |= A9
A10 =|23 57 |= A11
A12 =|24 58 |= A13
A14 =|25 59 |= A15
A16 =|26 60 |= A17
A18 =|27 61 |= A19
A20 =|28 62 |= A21
A22 =|29 63 |= A23
/RD =|30 64 |= /WR0
NC!X? =|31 65 |= X?NC!
SYSCK? =|32 66 |= LRCK (44.1kHz)
SCLK? =|33 67 |= SDATA?
GND ==|34 68 |== GND
|________|
|
EDIT: see http://cgfm2.emuviews.com/new/psx-pio.png apparently, many of the "unknown" pins are just GROUND, is that possible? |
Inner +7.5V DC 2.0A (inside diameter 0.8mm) Outer GND (outside diameter 5.0mm) |
| Pinouts - SIO Pinouts |
1 SIO1 In RXD receive data (from remote TXD) 2 SIO2 - VCC +3.5VDC (supply, eg. for voltage conversion) 3 SIO3 In DSR (from remote CTS) _________________ 4 SIO4 Out TXD transmit data (to remote RXD) | | 5 SIO5 In CTS clear to send (from remote RTS) | 8 7 6 5 4 3 2 1 | 6 SIO6 Out DTR (to remote DSR) |_________________| 7 SIO7 - GND Ground (supply, eg. for voltage conversion) 8 SIO8 Out RTS request to send (to remote CTS) Shield GND Ground (to/from remote GND) |
CPU70.RTS
CPU71.CTS CPU74.TxD
CPU72.DTR CPU75.RxD CPU73.DSR
|
SIO8 SIO6 SIO4 SIO1 SIO3 SIO5 SIO2 SIO7---GND
| | | | | | |
FB112 FB114 FB116 FB115 FBnnn FBnnn o--L102-------3.5V
| | | | | |
| | o-------|-------|-------|--------diode-------GND
| | | o-------|-------|--------diode-------GND
| | | | o-------|--------diode-------GND
| | | | | o--------diode-------GND
| | | | | |
| | | o-------|-------|--------[1K]--------3.5V
| | | | o-------|--------[1K]--------3.5V
[22] [22] [22] [22] | o--------[1K]--------3.5V
| | | | | |
Q105-----|-------|-------|-------|-------|--------------------GND
| Q105-----|-------|-------|-------|--------------------GND
| | | | Q106-----|--------------------GND
| | | | | Q106------------------GND
| | | | | |
| | | | o-------|--------[470]-------3.5V
| | | | | o--------[470]-------3.5V
| | | | | |
RTS DTR TxD RxD DSR CTS
CPU70 CPU72 CPU74 CPU75 CPU73 CPU71 <-- CPU Pin Numbers
out out out in in in
|
PSX.VCC--+||--PSX.GND PSX.GND----DSUB.5.GND----DSUB.SHIELD DSUB.1,9----NC
______ ______
,-----------||+-|1 16|-------PSX.VCC ,-----------||+-|1 16|-------PSX.VCC
| PSX.GND---||+-|2 15|-------PSX.GND | PSX.GND---||+-|2 15|-------PSX.GND
'---------------|3 14|----DSUB.3.TXD '---------------|3 14|--- N/A
,---+||--|4 13|----DSUB.2.RXD ,---+||--|4 13|--- N/A
'--------|5 12|-------PSX.RXD '--------|5 12|--- N/A
PSX.GND--+||--|6 11|-------PSX.TXD PSX.GND--+||--|6 11|--- N/A
DSUB.7.RTS----|7 10|--o<|--PSX.RTS DSUB.4.DTR----|7 10|--o<|--PSX.DTR
DSUB.8.CTS----|8 9|--|>o--PSX.CTS DSUB.6.DSR----|8 9|--|>o--PSX.DSR
|______| |______|
|
| Pinouts - Chipset Summary |
Board Expl.
PU-7 PSX, with AV multiout+cinch+svideo, GPU in two chips (160+64pins)
PU-8 PSX, with AV multiout+cinch, four 8bit Main RAM chips
EARLY-PU-8: "PU-8 1-658-467-11, N4" --> old chipset, resembles PU-7
LATE-PU-8: "PU-8 1-658-467-22, N6" --> new chipset, other as PU-7
PU-9 PSX, without SCPH-number (just sticker saying "NOT FOR SALE, SONY)
PU-16 PSX, with extra Video CD daughterboard (for SCPH-5903)
PU-18 PSX, with AV multiout only, single 32bit Main RAM (instead 4x8bit)
PU-20 PSX, unknown if/how it differs from PU-18
PU-22 PSX, unknown if/how it differs from PU-18
PU-23 PSX, with serial port, but without expansion port
PM-41 PSone, older PSone, for GPU/SPU with RAM on-board (see revisions)
PM-41(2) PSone, newer PSone, for GPU/SPU with RAM on-chip
|
PM-41, 1-679-335-21 PSone with incomplete RGB signals on multiout port PM-41, 1-679-335-51 PSone with complete RGB signals on multiout port |
IC103 - 208pin - "SONY CXD8530BQ" ;seen on PU-7 board IC103 - 208pin - "SONY CXD8530CQ" ;seen on PU-7 and PU-8 boards IC103 - 208pin - "SONY CXD8606Q" ;seen in PU-18 schematic IC103 - 208pin - "SONY CXD8606AQ" ;seen on PU-xx? board IC103 - 208pin - "SONY CXD8606BQ" ;seen on PM-41, PU-23, PU-20 boards IC103 - 208pin - "SONY CXD8606CQ" ;seen on PM-41 board, too |
IC203 - 160pin - "SONY CXD8514Q" ;seen on PU-7 and EARLY-PU-8 boards IC203 - 208pin - "SONY CXD8561Q" ;seen on LATE-PU-8 board IC203 - 208pin - "SONY CXD8561BQ" ;seen on PU-18, PU-20 boards IC203 - 208pin - "SONY CXD8561CQ" ;seen on PM-41 board IC203 - 208pin - "SONY CXD9500Q" ;with on-chip RAM ;for PM-41(2) board IC21 - 208pin - "SONY CXD8538Q" ;seen on GP-11 (namco System 11) boards IC103 - 208pin - "SONY CXD8654Q" ;seen on GP-15 (namco System 12) boards |
IC308 - 100pin - "SONY CXD2922Q" (SPU) ;PU-7 and EARLY-PU-8 IC308 - 100pin - "SONY CXD2922BQ"(SPU) ;EARLY-PU-8 IC308 - 100pin - "SONY CXD2925Q" (SPU) ;LATE-PU-8, PU-18, PU-20 IC732 - 208pin - "SONY CXD2938Q" (SPU+CDROM) ;PSone/PM-41 Board IC732 - 176pin - "SONY CXD2941R" (SPU+CDROM+SPU_RAM) ;PSone/PM-41(2) Board IC402 - 24pin - "AKM AK4309VM" (Serial 2x16bit DAC);older boards only IC405 - 8pin - "NJM2100E (TE2)" Audio Amplifier ;PU-8 and PU-22 boards IC405 - 14pin - "NJM2174" Audio Amplifier with Mute ;later boards |
IC106/IC107/IC108/IC109 - NEC 424805AL-A60 (28pin, 512Kx8) (PU-8 board) IC106 - "Samsung K4Q153212M-JC60" (70pin, 512Kx32) (newer boards) IC106 - "Toshiba T7X16 (70pin, 512Kx32) (newer boards, too) |
IC201 - 64pin NEC uPD482445LGW-A70-S ;VRAM ;\on PU-7 and EARLY-PU-8 board IC202 - 64pin NEC uPD482445LGW-A70-S ;VRAM ;/split into 2 chips ! IC201 - 64pin SEC KM4216Y256G-60 ;VRAM ;\on other PU-7 board IC202 - 64pin SEC KM4216Y256G-60 ;VRAM ;/split into 2 chips ! IC201 - 100pin - Samsung KM4132G271BQ-10 (128Kx32x2) ;-on later boards IC201 - 100pin - Samsung K4G163222A-PC70 (256Kx32x2) ;-on PM-41 |
IC310 - 40pin - "TOSHIBA TC51V4260DJ-70" ;seen on PU-8 board IC310 - 40pin - EliteMT M11B416256A-35J (256K x 16bit) |
IC102 - 40pin - "SONY ..." ;seen on PU-7 & early-PU-8 board (40pin!) IC102 - 44pin - "SONY M538032E-02" ;seen on PU-16 (video CD, 1Mbyte BIOS) IC102 - 32pin - "SONY M534031C-25" ;seen on later-PU-8 board IC102 - 32pin - "SONY 2030" ;seen on PU-18 board IC102 - 32pin - "SONY M534031E-47" ;seen on PM-41 board and PM-41(2) IC102 - 32pin - "SONY M27V401D-41" ;seen on PM-41 board, too |
X101 - 4pin - "67.737" (NTSC, presumably) ;PU-7 .. PU-20 X201 - 2pin - "17.734" (PAL) or "14.318" (NTSC) ;PU-22 .. PM-41(2) IC204 - 8pin - "2294A" (PAL) or <unknown?> (NTSC) ;PU-22 .. PM-41(2) |
IC601 - 3pin - "78M05" or "78005" ;used in PSone |
IC606 16pin/10mm "TL594CD" (alternately to IC607) ;seen on PM-41 board IC607 16pin/5mm "T594" (alternately to IC606) ;seen on PM-41 board, too |
IC002 - 8pin - <not installed> (would be alternately to IC003) ;\on PSone IC003 - 5pin - <usually installed> ;/ IC101 - 5pin - M51957B (Reset Generator) (on PSX-power supply boards) |
U42 80pin SUB-CPU (CXP82300) with piggyback EPROM ;DTL-H2000 IC304 80pin SUB-CPU (MC68HC05L16) 80pin package ;PU-7 and EARLY-PU-8 IC304 52pin SUB-CPU (MC68HC05G6) 52pin package ;LATE-PU-8 and up IC305 - 100pin SONY CXD1199BQ (Decoder/FIFO) ;PU-7 IC305 - 100pin SONY CXD1815Q (Decoder/FIFO) ;PU-8, PU-18 IC309 - 100pin SONY CXD2516Q (Signal Processor) ;PU-7 (100pin!) IC309 - 80pin SONY CXD2510Q (Signal Processor) ;PU-8 and DTL-H2510 IC702 - 48pin SONY CXA1782BR (Servo Amplifier) ;PU-7, PU-8 IC101 - 100pin SONY CXD2515Q (=CXD2510Q+CXA1782BR) ;DTL-H2010 IC701 - 100pin SONY CXD2545Q (=CXD2510Q+CXA1782BR) ;PU-18 IC720 - 144pin SONY CXD1817R (=CXD2545Q+CXD1815Q) ;PU-20 IC102 - 28pin - "BA6297AFP" ;seen on DTL-H2010 drives IC704 - 28pin - "BA6398FP" ;seen on PU-7 IC722 - 28pin - "BA6397FP" ;seen on late PU-8 IC722 - 28pin - "BA5947FP" ;seen on PM-41 and various boards IC722 - 28pin - "Panasonic AN8732SB" ;seen on PM-41 board ICxxx - 20pin SONY CXA1571N (RF Amplifier) (on DTL-H2010 drives) IC703 - 20pin SONY CXA1791N (RF Amplifier) (on PU-18 boards) IC723 - 20pin SONY CXA2575N-T4 (RF Matrix Amplifier) (on PU-22 .. PM-41(2)) |
IC207 64pin "SONY CXD2923AR" VRAM Data to Analog RGB ;\oldest IC501 24pin "SONY CXA1645M" Analog RGB to Composite ;/ IC202 44pin "Philips TDA8771H" Digital RGB to Analog RGB ;\old boards IC202 44pin "Motorola MC141685FT" Digital RGB to Analog RGB ;/ IC? 48pin "H7240AKV" 24bit RGB to Analog+Composite ;-SCPH-7001? IC502 48pin "SONY CXA2106R-T4" 24bit RGB to Analog+Composite ;-newer boards |
CDROM Drive: "KSM-440BAM" ;seen used with PM-41 board IC602 5pin "L/\1B" or "<symbol> 3DR" |
U? 24pin "9625H, CFS8121" ;SCPH-1080, digital pad (alternate?) U? ?pin "SC438001" ;SCPH-1080, digital pad (alternate?) U? 32pin "(M), SC401800" ;SCPH-1080, digital pad U? 32pin "(M), SC442116" ;SCPH-xxxx, mouse IC? 64pin "SONY CXD103, -166Q" ;SCPH-1070, multitap U1 42pin "SD657, 9702K3006" ;SCPH-1150, analog pad, single motor U1 42pin "SD657, 9726K3002" ;SCPH-1180, analog pad, without motor U1 44pin "SONY CXD8771Q" ;SCPH-1200, analog pad, two motors (PSX) U1 44pin "SD707, 039 107" ;SCPH-110, analog pad, two motors (PSone) U1 44pin "SD787A" ;SCPH-xxx, analog pad, two motors (PS2?) U? 64pin "SONY CXD8732AQ" ;SCPH-1020, memory card, on-chip FLASH U? XXpin other chips ;SCPH-xxxx, memory card, external FLASH U1 44pin "NAMCO103P" ;NPC-103, namco lightgun |
| Pinouts - CPU Pinouts |
1-3.5V 27-GND 53-3.5V 79-3.5V 105-3.5V 131-3.5V 157-3.5V 183-3.5V 2-3.5V 28-DQ12 54-3.5V 80-/JOY1 106-3.5V 132-A5 158-3.5V 184-GD19 3-67/NC 29-DQ11 55-A11:A8 81-JOYCLK 107-D0 133-A6 159-HBLANK 185-GD20 4-67MHz 30-DQ10 56-A10:NC 82-/IRQ7 108-D1 134-A7 160-DOTCLK 186-GD21 5-DQ31 31-DQ9 57-A9 83-JOYCMD 109-D2 135-A8 161-GD0 187-GD22 6-DQ30 32-DQ8 58-A8:NC 84-JOYDAT 110-D3 136-A9 162-GD1 188-GD23 7-DQ29 33-DQ7 59-A7 85-DACK5 111-D4 137-A10 163-GD2 189-GD24 8-DQ28 34-DQ6 60-A6 86-DREQ5 112-D5 138-A11 164-GD3 190-GD25 9-DQ27 35-DQ5 61-A5 87-DMA4 113-D6 139-A12 165-GD4 191-GD26 10-DQ26 36-DQ4 62-A4 88-/SPUW 114-D7 140-A13 166-GD5 192-GD27 11-DQ25 37-DQ3 63-A3 89-/IRQ10 115-D8 141-A14 167-GD6 193-GD28 12-DQ24 38-3.5V 64-A2 90-/IRQ9 116-D9 142-A15 168-GD7 194-GD29 13-DQ23 39-GND 65-GND 91-GND 117-GND 143-GND 169-GD8 195-GND 14-3.5V 40-DQ2 66-3.5V 92-3.5V 118-3.5V 144-3.5V 170-GND 196-3.5V 15-GND 41-DQ1 67-A1 93-GND 119-D10 145-A16 171-3.5V 197-GD30 16-DQ22 42-DQ0 68-A0 94-/IRQ2 120-D11 146-A17 172-GD9 198-GD31 17-DQ21 43-/W 69-3.5V 95-/CD 121-D12 147-A18 173-GD10 199-VBLANK 18-DQ20 44-/RAS1 70-RTS 96-/SPU 122-D13 148-A19 174-GD11 200-GPU12 19-DQ19 45-/RAS 71-CTS 97-/BIOS 123-D14 149-A20 175-GD12 201-33MHzG 20-DQ18 46-/CAS3 72-DTR 98-/EXP 124-D15 150-A21 176-GD13 202-GPU5 21-DQ17 47-/CAS2 73-DSR 99- CPU99 125-A0 151-A22 177-GD14 203-/GWR 22-DQ16 48-/CAS1 74-TxD 100-/WR 126-A1 152-A23 178-GD15 204-/GRD 23-DQ15 49-/CAS0 75-RxD 101-/RD 127-A2 153-GPU.A2 179-GD16 205-/GPU 24-DQ14 50-3.5V 76-/RES 102-/IRQ1 128-A3 154-33MHzS 180-GD17 206-67MHzG 25-DQ13 51-GND 77-/JOY2 103-GND 129-A4 155-GND 181-GD18 207-GND 26-3.5V 52-GND 78-GND 104-GND 130-GND 156-GND 182-GND 208-GND |
85=DACK5 93=GND=/CSHTST 199=/INT0 44=/RAS1:NC 86=DREQ5 99=/SWR1=NC 200=DREQ2 45=/RAS0 87=DACK4 100=/SWR0 201=SYSCLK0 88=DREQ4 154=SYSCLK1 202=DACK2 |
| Pinouts - GPU Pinouts (for old 160-pin GPU) |
1-VCC 21-GND 41-D16 61-D2 81-D12'a 101-GND 121-D7'b 141-GND 2-GND 22-D31 42-D15 62-D1 82-D11'a 102-DT/OE'b 122-D6'b 142-53MHz 3-/GPU 23-D30 43-VCC 63-D0 83-D10'a 103-DT/OE'a 123-D5'b 143-VCC 4-GPU.A2 24-D29 44-GND 64-GND 84-D9'a 104-/RAS 124-D4'b 144-GND 5-/GRD 25-D28 45-D14 65-VCC 85-D8'a 105-/WE'a 125-D3'b 145-FSC 6-/GWR 26-D27 46-D13 66-A8'a 86-VCC 106-/WE'b 126-D2'b 146-VCC 7-DACK2 27-D26 47-D12 67-A7'a 87-GND 107-/SE 127-D1'b 147-GND 8-/RES 28-VCC 48-D11 68-A6'a 88-D7'a 108-SC 128-D0'b 148-DOTCLK 9-VCC 29-GND 49-D10 69-A5'a 89-D6'a 109-VCC 129-VCC 149-VCC 10-GND 30-D25 50-GND 70-GND 90-D5'a 110-GND 130-GND 150-GND 11-33MHzG 31-D24 51-VCC 71-A4'a 91-D4'a 111-D15'b 131-A8'b 151-MEMCK1 12-VCC 32-D23 52-D9 72-A3'a 92-D3'a 112-D14'b 132-A7'b 152-MEMCK2 13-GND 33-D22 53-D8 73-A2'a 93-D2'a 113-D13'b 133-A6'b 153-BLANK 14-DREQ2 34-D21 54-D7 74-A1'a 94-D1'a 114-D12'b 134-A5'b 154-/24BPP 15-/IRQ1 35-D20 55-D6 75-A0'a 95-D0'a 115-D11'b 135-A4'b 155-/SYNC 16-HBLANK 36-VCC 56-D5 76-GND 96-VCC 116-D10'b 136-A3'b 156-/HSYNC 17-VBLANK 37-GND 57-D4 77-VCC 97-DSF 117-D9'b 137-A2'b 157-/VSYNC 18-high? 38-D19 58-D3 78-D15'a 98-/CAS'b 118-D8'b 138-A1'b 158-VCC 19-high? 39-D18 59-GND 79-D14'a 99-/CAS'a 119-VCC 139-A0'b 159-GND 20-VCC 40-D17 60-VCC 80-D13'a 100-VCC 120-GND 140-VCC 160-67MHzG |
151-? --- (mem clock?) 152-? (mem clock?) 153-BLANK (high in HBLANK & VBLANK) 154-/24BPP (high=15bpp, low=24bpp) 156-/HSYNC rate:65us=15KHz, low:3.5us 157-/VSYNC rate:20ms=50Hz, low:130us=TwoLines |
1-test? 9-BLUE 17-GND 25-D0'a 33-D8'a 41-D15'a 49-D7'b 57-D13'b 2-test? 10-Vxx 18-MEMCK1 26-D1'a 34-D9'a 42-D0'b 50-D8'b 58-D14'b 3-Vxx 11-test? 19-/24BPP 27-D2'a 35-D10'a 43-D1'b 51-D9'b 59-D15'b 4-Vxx 12-test? 20-MEMCK2 28-D3'a 36-D11'a 44-D2'b 52-D10'b 60-GND 5-RED 13-test? 21-BLANK 29-D4'a 37-D12'a 45-D3'b 53-D11'b 61-GND 6-Vxx 14-aGND? 22-DOTCLK 30-D5'a 38-D13'a 46-D4'b 54-D12'b 62-GND 7-GREEN 15-aGND? 23-GND 31-D6'a 39-D14'a 47-D5'b 55-GND 63-test? 8-GND 16-aGND? 24-Vxx 32-D7'a 40-GND 48-D6'b 56-Vxx 64-GND |
1-VCC 9-Q2 17-D5 25-/UWE 33-GND 41-DSF 49-Q10 57-VCC 2-/DT/OE 10-D2 18-VCC 26-/RAS 34-A3 42-GND 50-D11 58-D14 3-GND 11-Q3 19-Q6 27-A8 35-A2 43-D8 51-Q11 59-Q14 4-Q0 12-D3 20-D6 28-A7 36-A1 44-Q8 52-GND 60-D15 5-D0 13-GND 21-Q7 29-A6 37-A0 45-D9 53-D12 61-Q15 6-Q1 14-Q4 22-D7 30-A5 38-QSF 46-Q9 54-Q12 62-GND 7-D1 15-D4 23-GND 31-A4 39-/CAS 47-VCC 55-D13 63-/SE 8-VCC 16-Q5 24-/LWE 32-VCC 40-NC 48-D10 56-Q13 64-SC |
1-GND1 4-BIN 7-NPIN 10-SYNCIN 13-IREF 16-YOUT 19-VCC2 22-GOUT 2-RIN 5-NC 8-BFOUT 11-BC 14-VREF 17-YTRAP 20-CVOUT 23-ROUT 3-GIN 6-SCIN 9-YCLPC 12-VCC1 15-COUT 18-FO 21-BOUT 24-GND2 |
GPU pin 145 (old 160-pin GPU) GPU pin 154 (new 208-pin GPU) IC204 (on later boards, eg. PSone) |
| Pinouts - GPU Pinouts (for new 208-pin GPU) |
1-/GPU 27-GD28 53-GD10 79-D29 105-GND 131-CLK 157-/PAL 183-R3 2-GPU.A2 28-GD27 54-GD9 80-3.5V 106-3.5V 132-GND 158-/VSYNC 184-GND 3-/GRD 29-3.5V 55-GD8 81-GND 107-D17 133-3.5V 159-/HSYNC 185-3.5V 4-/GWR 30-GND 56-GD7 82-D28 108-D16 134-CLK 160-B0 186-R4 5-CPU202 31-GD26 57-GD6 83-D27 109-D7 135-GND 161-B1 187-R5 6-/RES 32-GD25 58-GD5 84-D26 110-D6 136-3.5V 162-B2 188-R6 7-3.5V 33-GD24 59-GD4 85-D25 111-D5 137-(A10) 163-B3 189-R7 8-GND 34-GD23 60-GND 86-D24 112-D4 138-A9/AP 164-GND 190-GND 9-33MHzG 35-GD22 61-3.5V 87-3.5V 113-GND 139-A7 165-3.5V 191-3.5V 10-3.5V 36-GD21 62-GD3 88-GND 114-3.5V 140-A6 166-B4 192-53MHzP 11-GND 37-3.5V 63-GD2 89-D15 115-D3 141-3.5V 167-B5 193-3.5V 12-CPU200 38-GND 64-GD1 90-D14 116-D0 142-GND 168-B6 194-GND 13-/IRQ1 39-GD20 65-GD0 91-D13 117-D1 143-A5 169-B7 195-3.5V 14-HBLANK 40-GD19 66-GND 92-D12 118-D2 144-A4 170-G0 196-53MHzN 15-GND 41-GD18 67-3.5V 93-D11 119-GND 145-A3 171-G1 197-3.5V 16-3.5V 42-GD17 68-(high) 94-D10 120-3.5V 146-GND 172-G2 198-GND 17-VBLANK 43-3.5V 69-(high) 95-D9 121-NC 147-3.5V 173-G3 199-DOTCLK 18-(pull) 44-GND 70-(high) 96-GND 122-/CS 148-A2 174-GND 200-GND 19-(low) 45-GD16 71-3.5V 97-3.5V 123-DSF 149-A1 175-3.5V 201-3.5V 20-GND 46-GD15 72-3.5V 98-D8 124-/RAS 150-A0 176-G4 202-BLANK 21-(low) 47-GD14 73-3.5V 99-D18 125-/CAS 151-3.5V 177-G5 203-(low) 22-3.5V 48-GD13 74-3.5V 100-D19 126-/WE 152-GND 178-G6 204-GND 23-3.5V 49-GD12 75-3.5V 101-D20 127-DQM1 153-FSC 179-G7 205-3.5V 24-GD31 50-GD11 76-GND 102-D21 128-DQM0 154-3.5V 180-R0 206-67MHzG 25-GD30 51-3.5V 77-D31 103-D22 129-GND 155-GND 181-R1 207-GND 26-GD29 52-GND 78-D30 104-D23 130-3.5V 156-/SYNC 182-R2 208-3.5V |
1-IREF 6-GNDd1 11-R1 16-G4 21-B7 26-B2 31-CLK 36-OUTB 41-NC 2-GNDa1 7-VDDd1 12-R0 17-G3 22-B6 27-VDDd2 32-VDDa1 37-NC 42-GNDa2 3-R7 8-R4 13-G7 18-G2 23-B5 28-GNDd2 33-VREF 38-NC 43-VDDa4 4-R6 9-R3 14-G6 19-G1 24-B4 29-B1 34-NC 39-VDDa3 44-OUTR 5-R5 10-R2 15-G5 20-G0 25-B3 30-B0 35-VDDa2 40-OUTG |
1-(cap) 7-Comp. 13-/PAL 19-R4 25-G7 31-G1 37-B3 43-NC 2-GND 8-Chro. 14-/SYNC 20-5.0V 26-G6 32-G0 38-B2 44-(cap) 3-Red 9-5.0V 15-4.4MHz 21-R3 27-G5 33-B7 39-B1 45-GND 4-Green 10-YTRAP 16-R7 22-R2 28-G4 34-B6 40-B0 46-(cap) 5-Blue 11-NC 17-R6 23-R1 29-G3 35-B5 41-DOTCLK 47-5.0V 6-Lum. 12-NC 18-R5 24-R0 30-G2 36-B4 42-GND 48-(cap) |
| Pinouts - SPU Pinouts |
1-D0 14-D11 27-A8 40-GND 53-3.5V 66-A15 79-5V 92-LRIA 2-D1 15-GND 28-3.5V 41-SYSCK 54-GND 67-A14 80-A3 93-DTIA 3-3.5V 16-D12 29-GND 42-GND 55-D7 68-A13 81-A2 94-BCIB 4-GND 17-D13 30-A9 43-TEST 56-D6 69-A12 82-A1 95-LRIB 5-D2 18-D14 31-/SPU 44-TES2 57-D5 70-A11 83-A0 96-DTIB 6-D3 19-D15 32-/RD 45-D15 58-D4 71-A10 84-/WE0 97-BCKO 7-D4 20-A1 33-/WR 46-D14 59-D3 72-A9 85-/OE0 98-LRCO 8-D5 21-A2 34-DACK 47-D13 60-D2 73-A8 86-/WE1 99-DATO 9-D6 22-A3 35-/IRQ 48-D12 61-D1 74-A7 87-/OE1 100-WCKO 10-D7 23-A4 36-DREQ 49-D11 62-D0 75-A6 88-GND 11-D8 24-A5 37-MUTE 50-D10 63-/RAS 76-A5 89-XCK 12-D9 25-A6 38-/RST 51-D9 64-/CAS 77-A4 90-GND 13-D10 26-A7 39-NC 52-D8 65-GND 78-GND 91-BCIA |
1-DA16 23-FILO 45-LOCK 67-FSTO 89-SCSY 111-XCS 133-HD9 155-VSS5 2-DA15 24-FILI 46-SSTP 68-COUT 90-SCLK 112-XRD 134-HD8 156-HA1 3-DA14 25-PCO 47-SFDR 69-XDRST 91-SQSO 113-XWR 135-HD7 157-HA0 4-VDDM0 26-CLTV 48-SRDR 70-DA11 92-SENS 114-HINT 136-HD6 158-VDDM3 5-DA13 27-AVSSO 49-TFDR 71-DA10 93-DATA 115-XIRQ 137-VDD4 159-XCK 6-DA12 28-RFAC 50-TRDR 72-DA09 94-XLAT 116-VDDM2 138-HD5 160-DTIB 7-LRCK 29-BIAS 51-VSSM1 73-DA08 95-CLOK 117-XSCS 139-HD4 161-BCKO 8-WDCK 30-ASYI 52-FFDA 74-AVSMO 96-XINT 118-XHCS 140-HD3 162-LRCO 9-VDD0 31-AVDDO 53-FRDA 75-AVDMO 97-A4 119-XHRD 141-HD2 163-DAVDD0 10-VSS0 32-ASYO 54-MDP 76-DA07 98-A3 120-XHWR 142-VSS4 164-DAREFL 11-PSSL 33-VC 55-MDS 77-DA06 99-A2 121-DACK 143-HD1 165-AOUTL 12-ASYE 34-CE 56-VDD2 78-VDDM1 100-A1 122-DREQ 144-HD0 166-DAVSS0 13-GND 35-CEO 57-VSS2 79-DA05 101-A0 123-XRST 145-VSSM3 167-DAVSS1 14-C4M 36-CEI 58-MIRR 80-DA04 102-D7 124-VDD3 146-HA9 168-AOUTR 15-C16M 37-RFDC 59-DFCT 81-DA03 103-D6 125-SYSCK 147-HA8 169-DAREFR 16-FSOF 38-ADIO 60-AVSM1 82-DA02 104-D5 126-VSS3 148-HA7 170-DAVDD1 17-XTSL 39-AVDD1 61-AVDM1 83-DA01 105-D4 127-HD15 149-HA6 171-MUTO 18-VDD1 40-IGEN 62-FOK 84-WFCK 106-VSSM2 128-HD14 150-HA5 172-DATO 19-GND 41-AVSS1 63-PWMI 85-SCOR 107-D3 129-HD13 151-HA4 173-MTS3 20-VPCO1 42-TE 64-FSW 86-SBSO 108-D2 130-HD12 152-VDD5 174-MTS2 21-VPCO2 43-SE 65-MON 87-EXCK 109-D1 131-HD11 153-HA3 175-MTS1 22-VCTL 44-FE 66-ATSK 88-SQCK 110-D0 132-HD10 154-HA2 176-MTS0 |
1-SCLK 27-RFAC 53-TrckR 79-/XINT 105-A0 131-3.5V 157-(tst) 183-A8 2-GNDed 28-GNDed 54-TrckF 80-SQCK 106-3.5V 132-D9 158-(tst) 184-A7 3-GNDed 29-CLTV 55-FocuR 81-SQSO 107-A1 133-D8 159-GND 185-A6 4-SBSO 30-PCO 56-3.5V 82-SENSE 108-A2 134-D7 160-D15 186-A5 5-WFCK 31-FILI 57-FocuF 83-GND 109-A3 135-D6 161-D0 187-GND 6-GNDed 32-FILO 58-SledR 84-GND 110-A4 136-D5 162-D14 188-A4 7-C16M 33-VCTL 59-SledF 85-CD.D7 111-A5 137-3.5V 163-D1 189-A3 8-3.5V 34-VPC02 60-NC 86-CD.D6 112-3.5V 138-D4 164-D13 190-A2 9-C4M 35-VPC01 61-GND 87-CD.D5 113-A6 139-D3 165-3.5V 191-A1 10-GNDed 36-VC 62-NC 88-CD.D4 114-A7 140-D2 166-D2 192-A0 11-4.3MHz 37-FE 63-GND 89-CD.D3 115-A8 141-D1 167-D12 193-3.5V 12-12MHz 38-SE 64-(tst) 90-CD.D2 116-A9 142-D0 168-D3 194-NC 13-V16M 39-TE 65-(tst) 91-CD.D1 117-/IRQ2 143-GND 169-D11 195-(tst) 14-DOUT 40-CE 66-note 92-CD.D0 118-/IRQ9 144-33MHzS 170-D10 196-GND 15-LACK 41-CEO 67-note 93-3.5V 119-/RD 145- 171-D4 197-(tst) 16-WDCK 42-CEI 68-(tst) 94-CD/CS 120-/WR 146-3.48V 172-D9 198-NC 17-3.5Ved 43-RFDC 69-3.5V 95-CD/WR 121-DMA4 147-ZZ11 173-GND 199-NC 18-LOCK 44-ADIO 70-(tst) 96-CD/RD 122-GND 148-GND 174-D5 200-NC 19-GND 45-GND 71-(tst) 97-CD.A0 123-GND 149-GND 175-D8 201-3.5V 20-MDS 46-IGEN 72-(tst) 98-CD.A1 124-/SPUW 150-ZZ7 176-D6 202-NC 21-MDP 47-AVD1 73-(tst) 99-CD.A2 125-D15 151-3.48V 177-D7 203-NC 22-3.5Ved 48-GNDed 74-DATA 100-GND 126-D14 152-/RES 178-/CAS 204-NC 23-AVDO 49-GNDed 75-XLAT 101-CDA3 127-D13 153-3.5V 179-/WE 205-GND 24-ASYO 50-GND 76-CLOK 102-CDA4 128-D12 154-ZZ5 180-3.5V 206-(tst) 25-ASYI 51-GNDed 77-SCOR 103-/CD 129-D11 155-(tst) 181-/OE 207-(tst) 26-BIAS 52-GNDed 78-GND 104-/SPU 130-D10 156-(tst) 182-/RAS 208-GND |
SPU155 (tst) always low ;=maybe external audio (serial) this? SPU156 (tst) 45kHz (22us) ;=probably 44.1kHz (ext audio sample-rate) SPU157 (tst) 2777kHz (0.36us) ;=probably 64*44.1kHz (ext audio bit-rate) SPU158 (tst) always high ;=maybe external audio (serial) or this? |
SPU197 (*) 7.35kHz (44.1kHz/6) (stable clock, maybe DESIRED drive speed) SPU5 (*) 7.35kHz (44.1kHz/6) (unstable clock, maybe ACTUAL drive speed) SPU15 (*) 44.1kHz (44.1kHz*1) SPU16 (*) 88.2kHz (44.1kHz*2) SPU206 (*) circa 2.27MHz SPU70 (*) whatever clock (with SHORT low pulses) |
SPU207 fastsignal? SPU195 slowsignal? SPU18 usually high, low during seek or spinup or so SPU44 superslow hi/lo with superfast noise on it SPU73 mainly LOW with occasional HIGH levels... SPU71 LOW=SPIN_OK, PULSE=SPIN_UP/DOWN_OR_STOPPED SPU72 similar as SPU71 SPU64 LOW=STOP, HI=SPIN SPU68 always low...? SPU65 whatever? SPU75 mainly HIGH, short LOW pulses when changing speed up/down/break |
| | SPU73
| CXD2938Q (SPU) | SPU72
| (on PM-41 board) | SPU70 SPU71
| | SPU64 SPU65 SPU68
SPU206 SPU207 |_______________________________________|
SPU197
SPU195 SPU16 SPU44
SPU18 SPU5 SPU15
SPU12
|
1-TST? 4-/PD 7-CKS 10-LRCK 13-NC? 16-AOUTL 19-GNDa 22-VREFH 2-VCCd 5-/RST 8-BICK 11-NC? 14-NC? 17-VCOM 20-NC? 23-VREFL 3-GNDd 6-MCLK 9-SDATA 12-NC? 15-AOUTR 18-VCCa 21-NC? 24-DZF? |
1 GND 2 NC ? via 100ohm to multiout pin 9 ;Audio Left (white cinch) 3 OUT-R ? 4 MUTE1 ;specified as LOW = Mute 5 MUTE2 ;specified as HIGH = Mute 6 MUTEC ;unspecified, maybe capacitor, or output based on MUTE1+MUTE2? 7 IN-R via capacitor to SPU.150 8 BIAS 9 NC 10 NC 11 IN-L via capacitor to SPU.147 12 OUT-L ? 13 NC ? via 100ohm to multiout pin 11 ;Audio Right (red cinch) 14 VCC +5.0V (via L401) |
1-ROUT 2-RIN- IC732.SPU.150 3-RIN+ 4-GND 5-LIN+ 6-LIN- IC732.SPU.147 7-LOUT 8-VCC 4.9V (+5.0V via L401) |
| Pinouts - DRV Pinouts |
1-D0 14-/XINT 27-/HRD 40-GND 53-VDD 66-/MWR 79-GND 92-LRCO 2-D1 15-GND 28-VDD 41-HDRQ 54-GND 67-MDB0 80-CLK 93-WCKO 3-VDD 16-A0 29-GND 42-/HAC 55-MA8 68-MDB1 81-HCLK 94-BCKO 4-GND 17-A1 30-/HWR 43-MA0 56-MA9 69-MDB2 82-CKSL 95-MUTE 5-D2 18-A2 31-HD0 44-MA1 57-MA10 70-MDB3 83-RMCK 96-TD7 6-D3 19-A3 32-HD1 45-MA2 58-MA11 71-MDB4 84-LRCK 97-TD6 7-D4 20-A4 33-HD2 46-T01 59-MA12 72-MDB5 85-DATA 98-TD5 8-D5 21-TD0 34-HD3 47-T02 60-MA13 73-MDB6 86-BCLK 99-TD4 9-D6 22-/HRS 35-HD4 48-MA3 61-MA14 74-MDB7 87-C2PO 100-TD3 10-D7 23-/HCS 36-HD5 49-MA4 62-MA15 75-MDBP 88-EMP 11-/CS 24-HA0 37-HD6 50-MA5 63-MA16 76-XTL2 89-/RST 12-/RD 25-HA1 38-HD7 51-MA6 64-/MOE 77-XTL1 90-GND 13-/WR 26-HINT 39-HDP 52-MA7 65-GND 78-VDD 91-DATO |
1-FEO 7-FE_M 13-RA_O 19-CLK 25-FOK 31-RF_O 37-FE_BIAS 43-LPFI 2-FEI 8-SRCH 14-SL_P 20-XLT 26-CC2 32-RF_M 38-F 44-TEI 3-FDFCT 9-TGU 15-SL_M 21-DATA 27-CC1 33-LD 39-E 45-ATSC 4-FGD 10-TG2 16-SL_O 22-XRST 28-CB 34-PD 40-EI 46-TZC 5-FLB 11-FSET 17-ISET 23-C.OUT 29-CP 35-PD1 41-GND 47-TDFCT 6-FE_O 12-TA_M 18-VCC 24-SENS 30-RF_I 36-PD2 42-TEO 48-VC |
1-FOK 11-PDO 21-GNDa 31-WDCK 41-DA09-XPLCK 51-APTL 61-EMPH 71-DATA 2-FSW 12-GND 22-VLTV 32-LRCK 42-DA08-GFS 52-GND 62-WFCK 72-XLAT 3-MON 13-TEST0 23-VDDa 33-VDD 5V 43-DA07-RFCK 53-XTAI 63-SCOR 73-VDD 4-MDP 14-NC 24-RF 34-DA16-SDTA48 44-DA06-C2PO 54-XTAO 64-SBSO 74-CLOK 5-MDS 15-NC 25-BIAS 35-DA15-SCLK48 45-DA05-XRAOF 55-XTSL 65-EXCK 75-SEIN 6-LOCK 16-VPCO 26-ASYI 36-DA14-SDTA64 46-DA04-MNT3 56-FSTT 66-SQSO 76-CNIN 7-NC 17-VCKI 27-ASYO 37-DA13-SCLK64 47-DA03-MNT2 57-FSOF 67-SQCK 77-DATO 8-VCOO 18-FILO 28-ASYE 38-DA12-LRCK64 48-DA02-MNT1 58-C16M 68-MUTE 78-XLTO 9-VCOI 19-FILI 29-NC 39-DA11-GTOP 49-DA01-MNT0 59-MD2 69-SENS 79-CLKO 10-TEST 20-PCO 30-PSSL 40-DA10-XUGF 50-APTR 60-DOUT 70-XRST 80-MIRR |
1-SRON 14-TEST 27-TE 40-VDDa 53-DA09-XPLCK 66-FSTI 79-MUTE 92-DFCT 2-SRDR 15-GND 28-SE 41-VDD 54-DA08-GFS 67-FSTO 80-SENS 93-FOK 3-SFON 16-TES2 29-FE 42-ASYE 55-DA07-RFCK 68-FSOF 81-XRST 94-FSW 4-TFDR 17-TES3 30-VC 43-PSSL 56-DA06-C2PO 69-C16M 82-DIRC 95-MON 5-TRON 18-PDO 31-FILO 44-WDCK 57-DA05-XRAOF 70-MD2 83-SCLK 96-MDP 6-TRDR 19-VPCO 32-FILI 45-LRCK 58-DA04-MNT3 71-DOUT 84-DFSW 97-MDS 7-TFON 20-VCKI 33-PCO 46-DA16-SDTA48 59-DA03-MNT2 72-EMPH 85-ATSK 98-LOCK 8-FFDR 21-VDDa 34-CLTV 47-DA15-SCLK48 60-DA02-MNT1 73-WFCK 86-DATA 99-SSTP 9-FRON 22-IGEN 35-GNDa 48-DA14-SDTA64 61-DA01-MNT0 74-SCOR 87-XLAT 100-SFDR 10-FRDR 23-GNDa 36-RFAC 49-DA13-SCLK64 62-XTAI 75-SBSO 88-CLOK 11-FFON 24-ADIO 37-BIAS 50-DA12-LRCK64 63-XTAO 76-EXCK 89-COUT 12-VCOO 25-RFC 38-ASYI 51-DA11-GTOP 64-XTSL/GNDed 77-SQSO 90-VDD 13-VCOI 26-RFDC 39-ASYO 52-DA10-XUGF 65-GND 78-SQCK 91-MIRR |
1..48 - unknown 49 - SCOR 50..144 - unknown |
1-8 Unknown (maybe CDROM related, at least it's near other CDROM chips) |
1 to pin24,27 2 SPINDLE - via 15K to SPU21 3 SW (ON/OFF) - IC304.27 4 TRACKING FORWARD 5 TRACKING REVERSE 6 FOCUS FORWARD 7 FOCUS REVERSE 8 GND - CN702 pin 11 9 NC (INTERNAL) - via C731 (10uF) to GND 10 +7.5V (Pow VCC ch1,2) 11 FOCUS COIL (1) - CN702 pin 15 12 FOCUS COIL (2) - CN702 pin 14 13 TRACKING COIL (1) - CN702 pin 16 14 TRACKING COIL (2) - CN702 pin 13 15 SPINDLE MOTOR (1) - CN701 pin 4 16 SPINDLE MOTOR (2) - CN701 pin 3 17 SLED MOTOR (1) - CN701 pin 1 18 SLED MOTOR (2) - CN701 pin 2 19 +7.5V (Pow VCC ch3,4) 20 MUTE - /RES (via 5K6) 21 GND 22 SLED REVERSE 23 SLED FORWARD 24 to pin1 25 via capacitors to pin1 26 BIAS 1.75V 27 to pin1 28 +7.5V (Pre VCC) |
1 LD O APC amplifier output 2 PD I APC amplifier input 3 PD1 I Input 1 for RF I-V amplifiers 4 PD2 I Input 2 for RF I-V amplifiers 5 GND/VEE - Supply Ground 6 F I Input F for I-V amplifier 7 E I Input E for I-V amplifier 8 VR O DC Voltage Output (VCC+VEE)/2 9 VC I Center Voltage Input 10 NC - NC 11 NC - NC 12 EO O Monitoring Output for I-V amplifier E 13 EI - Gain Adjust for I-V amplifier E 14 TE O Tracking Error Amplifier Output 15 FE_BIAS I BIAS Adjustment for Focus Error 16 FE O Focus Error Amplifier Output 17 RFO O RF Amplifier Output 18 RFI I RF Amplifier Input 19 /LD_ON I APC amplifier ON=GND, OFF=VCC 20 VCC - Supply |
1-TEIM 2-TEIG 3-VEE GND 4-E via 33K to CN702 pin 4 5-F via 33K to CN702 pin 8 6-PD2 via 36K to CN702 pin 6 7-PD1 via 36K to CN702 pin 7 8-PD to CN702 pin 9 9-LD 10-VC CL710, and CN702.Pin3, and via resistor?/diode? to SPU42 11-LD_ON IC304.Pin49 "LDON" ..... XXX or is that Pin 20 "LD_ON" ? 12-G_CONT ;or AL/TE? 13-RF0 CL704, and... 14-RFM 15-FE CL708, and... (maybe focus error?) 16-TE CL709, and via 15K to SPU.39 (maybe tracking error?) 17-TE0 18-COMP+ 19-MIRR via 4K7 to SPU66 20-VCC 3.48V (not 3.5V) |
1-LD to Q701 2-VCC to Q701 3-VC to IC723.Pin10 (and CL710) 4-F- to IC723.Pin4 (via 33K ohm) 5-NC to CL776 6-PD2 to IC723.Pin6 (via 33K ohm) 7-PD1 to IC723.Pin7 (via 33K ohm) 8-E- to IC723.Pin5 (via 33K ohm) 9-M1 to IC723.Pin8 10-VR via 91 ohm to GND 11-GND GND 12-LS /POS0 (switch, GNDed when at head is at inner-most position) 13-FCS+ TRACKING COIL (2) ;\ 14-TRK+ FOCUS COIL (2) ; or swapped? 15-TRK FOCUS COIL (1) ; 16-FCS TRACKING COIL (1) ;/ |
1-SL- SLED MOTOR (1) 2-SL+ SLED MOTOR (2) 3-SP+ SPINDLE MOTOR (2) 4-SP- SPINDLE MOTOR (1) |
CL616 +7.5V (PM-41 only, not PM-23) (before power switch) CL617 GND (PM-41 only, not PM-23) CL316 to IC304 pin 21 CL704 to IC723.Pin13 CL706 GND CL708 to IC723.Pin15 CL709 to IC723.Pin16 CL710 to IC723.Pin10, and CN702.Pin3 CL711 via 1K to IC723.Pin15 CL776 to CN702.Pin5 |
| Pinouts - VCD Pinouts |
IC102 44pin SONY, M538032E-02, JAPAN 6465401 (uncommonly big BIOS, 1Mx8) IC304 52pin C 4021 SC430924PB (HC05 sub-cpu, with extra Video CD command 1Fh) C318 2pin S5 ;\tantalum capacitors with lower height (instead C325 2pin CA7 ; of the electrolytic capacitors on PU-8 boards) C327 2pin CA7 ;/ ICnnn 16pin 4053C (Triple multiplexor, for Audio LRCK,BCLK,DATA) (PCB top) ICnnn 16pin 4053C (Triple multiplexor, for Video FSC,CSYNC) (PCB bottom) ICnnn 16pin 2283 (Triple multiplexor, for Video R,G,B) (PCB bottom) CNnnn 30pin Connector to daughterboard (PCB top) |
IC102 3pin TA78M05F voltage regulator (7.5V to 5V) (Toshiba) IC104 120pin CXD1852AQ Video CD decoder (Sony) IC106 40pin MB814260-70 (256Kx16 DRAM) (Fujitsu) ;see also: IC114 IC107 20pin 6230FV 649 115 (OSD, similar to BU6257AFV-E2) (PCB back) IC109 14pin Y2932 (TLC2932 PLL) (TI) (for RGB.DAC.CLK) IC110 44pin TDA8771AH Triple Video DAC for RGB (Philips) (PCB back) IC111 64pin CXP10224-603R 732A02E (MCU) (Sony) IC112 14pin HCT32A (74HCT32 Quad OR gate) (TI) (PCB back) (for RGB.DAC.CLK) IC113 8pin H74 7H (single D-type flip-flop; OSD clock divider) (PCB back) IC114 40pin MB814260-70 (256Kx16 DRAM) (Fujitsu) ;see also: IC106 CN101 30pin Male Connector (to female 30pin socket on PU-16 mainboard) X103 2pin 45.00MHz (for VCD decoder chip) X104 4pin 12.000MHz (for MCU chip) X105 2pin 28.636MHz (for VCD decoder chip) (8*3.579545 NTSC clock) |
.--.---.
GND / 1 2 | GND
(CXD1815Q.86) CD.BCLK | 3 4 | CD.LRCK (CXD1815Q.84)
(CXD1815Q.87) CD.C2PO | 5 6 | CD.DATA (CXD1815Q.85)
GND | 7 8 | CD.SQCK (CXD2510Q.67) CXP.31
(TDA.44) VIDEO.OUTR | 9 10 | CD.SQSO (CXD2510Q.66) CXP.29
GND | 11 12 | SIO.OUT (HC05.51.PORTF1 to CXP.47)
(TDA.40) VIDEO.OUTG | 13 14 | SIO.IN (HC05.50.PORTF0 from CXP.48)
GND | 15 16 | SIO.CLK (HC05.52.PORTF2 to CXP.49)
(TDA.36) VIDEO.OUTB | 17 18 | VIDEO.FSC (CXD1852AQ.95)
GND | 19 20 | VIDEO.CSYNC(CXD1852AQ.96)
(PSU.3) 3.5V | 21 22 | 3.5V (PSU.3)
(PSU.1) 7.5V | 23 24 | AUDIO.FSXI (CXD1852AQ.103 to VCD)
(PSU.7) /RES | 25 26 | AUDIO.DATA (CXD1852AQ.100)
(CXD1852AQ.102) AUDIO.BCLK | 27 28 | AUDIO.LRCK (CXD1852AQ.101)
GND | 29 30 | GND
'--------'
|
1-GND 16-HD7 31-GND 46-MD4 61-GND 76-G/Y3 91-GND 106-XTL2O 2-XTL0O 17-MA3 32-MA7 47-MD11 62-/VOE 77-G/Y4 92-HSYNC 107-XTL2I 3-XTL0I 18-MA4 33-MA8 48-MD3 63-R/Cr0 78-G/Y5 93-VSYNC 108-VDD 4-VDD 19-MA2 34-/RAS 49-MD12 64-R/Cr1 79-G/Y6 94-FID/FHREF 109-C2PO 5-HA2 20-MA5 35-/MWE 50-MD2 65-R/Cr2 80-G/Y7 95-CBLNK/FSC 110-LRCI 6-HA3 21-MA1 36-/CAS2 51-MD13 66-R/Cr3 81-B/Cb0 96-CSYNC 111-DATI 7-HD0 22-GND 37-/CAS0 52-MD1 67-R/Cr4 82-B/Cb1 97-/SGRST 112-BCKI 8-HD1 23-MA6 38-MD7 53-MD14 68-R/Cr5 83-B/Cb2 98-CLK0O 113-DOIN 9-HD2 24-MA0 39-MD8 54-MD0 69-R/Cr6 84-B/Cb3 99-DOUT 114-/HCS 10-HD3 25-BC 40-MD6 55-MD15 70-R/Cr7 85-B/Cb4 100-DATO 115-/HDT 11-HD4 26-TCKI 41-MD9 56-OSDEN 71-G/Y0 86-B/Cb5 101-LRCO 116-HRW 12-HD5 27-TDI 42-MD5 57-OSDB 72-G/Y1 87-B/Cb6 102-BCKO 117-/HIRQ 13-HD6 28-TENA1 43-MD10 58-OSDG 73-G/Y2 88-B/Cb7 103-FSXI 118-/RST 14-VDD 29-TDO 44-VDD 59-OSDR 74-VDD 89-DCLK 104-VDD 119-HA0 15-GND 30-VST 45-GND 60-VDD 75-GND 90-VDD 105-GND 120-HA1 |
1-SIO.CLK 5-VDD 9-TEST 13-BLK2 17-OSDG 2-SIO./CS 6-/CKOUT 10-GND 14-VC2 18-OSDB 3-SIO.DTA 7-OSCOUT 11-BLK1 15-OSDEN 19-/VSYNC 4-/RESET 8-OSCIN 12-VC1 16-OSDR 20-/HSYNC |
1-PB5=TP 17-PD5=/HCS 33-AVREF=VDD 49-PG5/SCK1=HC05.PF2 2-PB4=TP 18-PD4=TP 34-AVDD=VDD 50-PG4=/RST.OUT 3-PB3=HA3 19-PD3=TP 35-PF7/AN7=TP 51-PG3/TO=TP 4-PB2=HA2 20-PD2=TP 36-PF6/AN6=OSD.DTA 52-PA7=TP 5-PB1=HA1 21-PD1=TP 37-PF5/AN5=OSD./CS 53-PA6=TP 6-PB0=HA0 22-PD0=TP 38-PF4/AN4=OSD.CLK 54-PA5=TP 7-PC7=HD7 23-MP/TEST=GND 39-PF3/AN3=GND 55-PA4=TP 8-PC6=HD6 24-XTAL=12MHZ 40-PF2/AN2=GND 56-VPP=VDD 9-PC5=HD5 25-EXTAL=12MHZ 41-PF1/AN1=GND 57-VDD=VDD 10-PC4=HD4 26-VSS=GND 42-PF0/AN0=10KtoGND 58-VSS=GND 11-PC3=HD3 27-/RST=/RES 43-PE3/PWM1=TP 59-PA3=TP 12-PC2=HD2 28-/CS0=VDD 44-PE2/PWM0=TP 60-PA2=TP 13-PC1=HD1 29-SI0=CD.SQSO 45-PE1/INT2/EC=/VSYNC 61-PA1=TP 14-PC0=HD0 30-SO0=TP 46-PE0/INT0=/HIRQ 62-PA0=TP 15-PD7=HRW 31-/SCK0=CD.SQCK 47-PG7/SI1/INT1=HC05.PF1 63-PB7=TP 16-PD6=/HDT 32-AVSS=GND 48-PG6/SO1=HC05.PF0 64-PB6=TP |
1-LOGIC_VDD=5V 5-FIN-B=HSYNC.PLL 9-PFD_INHIBIT=GND 13-BIAS 2-SELECT=5V 6-PFD_OUT 10-VCO_INHIBIT=GND 14-VCO_VDD=5V 3-VCO_OUT=RGB.DAC.CLK.PLL 7-LOGIC_GND=GND 11-VCO_GND=GND 4-FIN-A=FID/FHREF.PLL 8-NC 12-VCO_IN |
1-FID/FHREF.MPEG 4-HSYNC.MPEG 8-(low) 11-RGB.DAC.CLK.TDA 7-GND 2-FID/FHREF.MPEG 5-HSYNC.MPEG 9-GNDed 12-RGB.DAC.CLK.PLL 14-VCC/5V 3-FID/FHREF.PLL 6-HSYNC.PLL 10-GNDed 13-RGB.DAC.CLK.PLL |
1-CLK 2-D 3-/Q 4-GND 5-Q 6-/RES 7-/SET 8-VCC |
1-IN2B=DATA.VCD 5-IN3A=LRCK.SPU 9-SEL3=LRCK.SEL 13-IN1B=BCLK.VCD 2-IN2A=DATA.SPU 6-/OE=GNDed 10-SEL2=DATA.SEL 14-OUT1=BCLK.OUT 3-IN3B=LRCK.VCD 7-VEE=GNDed 11-SEL1=BCLK.SEL 15-OUT2=DATA.OUT 4-OUT3=LRCK.OUT 8-GND=GND 12-IN1A=BCLK.SPU 16-VDD=VDD/3.5V |
1-IN2B=FSC.VCD 5-IN3A=CSYNC.PSX 9-SEL3=CSYNC.SEL 13-IN1B=GNDed 2-IN2A=FSC.PSX 6-/OE=GNDed 10-SEL2=FSC.SEL 14-OUT1=NCed 3-IN3B=CSYNC.VCD 7-VEE=GNDed 11-SEL1=DUMMY.SEL 15-OUT2=FSC.OUT 4-OUT3=CSYNC.OUT 8-GND=GND 12-IN1A=GNDed 16-VDD=VCC/5V |
1-IN1B=R.VCD 5-OUT2=G.OUT 9-IN3B=B.VCD 13-V=VCC/5V 2-SEL1=R.SEL 6-OUT3=B.OUT 10-GND3=81ohm/GND 14-IN2B=G.VCD 3-OUT1=R.OUT 7-SEL3=B.SEL 11-IN2A=G.PSX 15-GND1=GND 4-GND2=GND 8-IN3A=B.PSX 12-SEL2=G.SEL 16-IN1A=R.PSX |
| Pinouts - HC05 Pinouts |
80pin "4246xx" - MC68HC05L16, on-chip ROM (DTL-H120x & old retail consoles) 80pin "MC68HC705L16CFU" - MC68HC705L16, on-chip ROM (DTL-H100x, and PU-9) 52pin "SC4309xx" - MC68HC05G6, on-chip ROM (newer retail consoles) |
1 NC NC (TEST:DTR/out) (VCD:AVSEL/out) ;-Port F ;PortF.Bit3 2 VDD 3.5V 3 NC NC ;\ ;maybe PortE.Bit7? 4 NC NC ; maybe MSBs of Port E ;maybe PortE.Bit6? 5 NC NC ;/ ;maybe PortE.Bit5? 6 DECA4 SPU102 ;\ ;PortE.Bit4 7 DECA3 SPU101 ; Port E [04h], aka Address/Index ;PortE.Bit3 8 DECA2 SPU99 ; ;PortE.Bit2 9 DECA1 SPU98 ; ;PortE.Bit1 10 DECA0 SPU97 ;/ ;PortE.Bit0 11 VSS GND 12 NDLY GND reserved for factory test, should be wired to VDD, not GND? 13 /RES /RES (via 5K6) 14 OSC1 4.3MHz (SPU11)(used as external clock for some modchips)(low volts) 15 OSC2 NC 16 F-BIAS aka FOK=NC (in SCPH-5500) ;PortB.Bit0 17 CG NC aka CG=CG (in SCPH-5500) ;this IS portb.1! ;PortB.Bit1 18 LMTSW /POS0 (switch, GNDed when head at inner-most position) ;PortB.Bit2 19 DOOR SHELL_OPEN ;PortB.Bit3 20 TEST2 NC ;PortB.Bit4 21 TEST1 to CL316 ;PortB.Bit5 22 COUT NC ;PortB.Bit6 23 SENSE SPU82 ;CXD2510Q.69 ;PortB.Bit7 24 SUBQ SPU81 ;CXD2510Q.66 ;PortC.Bit0 25 NC NC ;NC ;PortC.Bit1 26 SQCK SPU80 ;CXD2510Q.67 ;PortC.Bit2 27 SPEED IC722.Pin3 (SW) ;PortC.Bit3 28 AL/TE ;transisor aka MIRROR=.. (in SCPH-5500);ISN'T PortB.Bit1 ! 29 ROMSEL ;NC aka ROMSEL=SCLK (in SCPH-5500) ;PortC.Bit5 30 /XINT SPU79 ;CXD1815Q.14 ;PortC.Bit6 31 SCOR SPU77 ;CXD2510Q.63 ;PortC.Bit7 32 VDD 3.5V 33 DECD0 CD.D0 ;\ ;PortA.Bit0 34 DECD1 CD.D1 ; ;PortA.Bit1 35 DECD2 CD.D2 ; ;PortA.Bit2 36 DECD3 CD.D3 ; Port A [00h], aka Data ;PortA.Bit3 37 DECD4 CD.D4 ; ;PortA.Bit4 38 DECD5 CD.D5 ; ;PortA.Bit5 39 VSS GND ; 40 DECD6 CD.D6 ; ;PortA.Bit6 41 DECD7 CD.D7 ;/ ;PortA.Bit7 42 NC NC ;maybe PortD.Bit0? 43 DATA SPU74 (via 22 ohm) ;PortD.Bit1 44 XLAT SPU75 (via 22 ohm) ;PortD.Bit2 45 CLOK SPU76 (via 22 ohm) ;PortD.Bit3 46 DECCS SPU94 ;PortD.Bit4 47 DECWR SPU95 ;PortD.Bit5 48 DECRD SPU96 ;PortD.Bit6 49 LDON IC723.Pin11 ;PortD.Bit7 50 NC NC (TEST:TX/out) (VCD:SIO.IN/in) ;\PortF (used by ;PortF.Bit0 51 NC NC (TEST:RX/in) (VCD:SIO.OUT/out) ; Motorola Testmode;PortF.Bit1 52 NC NC (TEST:RTS/out) (VCD:SIO.CLK/out) ;/and VCD version) ;PortF.Bit2 |
PU-8 4.0000MHz from separate 4.000MHz oscillator (X302) PU-16 4.0000MHz from separate 4.000MHz oscillator (X302) DTL-H2000 4.1900MHz from separate 4.1900MHz oscillator (SPC700, not HC05) PU-18 4.2336MHz from CXD2545Q.pin68 (Servo+Signal) (FSOF=16.9344MHz/4) PU-20 4.2xxxMHz from CXD1817R.pin? (Servo+Signal+Decoder) PM-41 4.2xxxMHz from CXD2938Q.pin11 (Servo+Signal+Decoder+SPU) |
1 VDD 2 FP28/PE6 ;\ 3 FP29/PE5 ; 4 FP30/PE4 ; 5 FP31/PE3 ; Port E LSBs 6 FP32/PE2 ; 7 FP33/PE1 ; 8 FP34/PE0 ;/ 9 FP35/PD7 ;\ 10 FP36/PD6 ; Port D MSBs 11 FP37/PD5 ; 12 FP38/PD4 ;/ 13 VLCD3 14 VLCD2 15 VLCD1 16 VSS 17 NDLY 18 XOSC1 19 XOSC2 20 /RESET --- 21 OSC1 22 OSC2 23 PA0 ;\ 24 PA1 ; 25 PA2 ; 26 PA3 ; Port A 27 PA4 ; 28 PA5 ; 29 PA6 ; 30 PA7 ;/ 31 PB0/KWI0 ;\ 32 PB1/KWI1 ; 33 PB2/KWI2 ; 34 PB3/KWI3 ; Port B 35 PB4/KWI4 ; 36 PB5/KWI5 ; 37 PB6/KWI6 ; 38 PB7/KWI7 ;/ 39 PC0/SDI ;\ 40 PC1/SDO ; --- ; 41 PC2/SCK ; Port C 42 PC3/TCAP ; 43 PC4/EVI ; 44 PC5/EVO ; 45 PC6/IRQ2 ; 46 PC7/IRQ1 ;/ 47 VDD 48 BP3/PD3 ;\ 49 BP2/PD2 ; Port D LSBs 50 BP1/PD1 ; 51 BP0 (no "PD0") ;/ 52 FP0 53 FP1 54 FP2 55 FP3 56 FP4 57 FP5 58 FP6 59 FP7 60 VSS --- 61 FP8 62 FP9 63 FP10 64 FP11 65 FP12 66 FP13 67 FP14 68 FP15 69 FP16 70 FP17 71 FP18 72 FP19 73 FP20 74 FP21 75 FP22 76 FP23 77 FP24 78 FP25 79 FP26 80 FP27/PE7 ;- Port E MSB |
| Pinouts - MEM Pinouts |
1-A19 5-A7 9-A3 13-D0 17-D3 21-D7 25-A11 29-A14 2-A16 6-A6 10-A2 14-D1 18-D4 22-/CE 26-A9 30-A17 ;/CE=/BIOS 3-A15 7-A5 11-A1 15-D2 19-D5 23-A10 27-A8 31-A18 4-A12 8-A4 12-A0 16-GND 20-D6 24-/OE 28-A13 32-3.5V ;/OE=/RD |
1-A18 6-A4 11-GND 16-D9 21-VCC 26-D6 31-GND(/BYTE) 36-A13 2-A8 7-A3 12-/OE 17-D2 22-D4 27-D14 32-A17 37-A12 3-A7 8-A2 13-D0 18-D10 23-D12 28-D7 33-A16 38-A11 4-A6 9-A1 14-D8 19-D3 24-D5 29-A0(D15) 34-A15 39-A10 5-A5 10-/CS 15-D1 20-D11 25-D13 30-GND 35-A14 40-A9 |
1-NC 5-A7 9-A3 13-GND 17-D1 21-D3 25-D12 29-D14 33-/BYT 37-A14 41-A10 2-A19 6-A6 10-A2 14-/OE 18-D9 22-D11 26-D5 30-D7 34-A17 38-A13 42-A9 3-A18 7-A5 11-A1 15-D0 19-D2 23-VCC 27-D13 31-D15/A0 35-A16 39-A12 43-NC 4-A8 8-A4 12-/CE 16-D8 20-D10 24-D4 28-D6 32-GND 36-A15 40-A11 44-NC |
1-VCC 11-N.C 21-DQ15 31-A3 41-N.C 51-DQ17 61-DQ24 2-DQ0 12-VCC 22-N.C 32-A4 42-N.C 52-DQ18 62-DQ25 3-DQ1 13-DQ8 23-N.C! 33-A5 43-/OE 53-DQ19 63-DQ26 4-DQ2 14-DQ9 24-N.C 34-A6 44-/W 54-VSS 64-DQ27 5-DQ3 15-DQ10 25-N.C 35-VCC 45-/CAS3 55-DQ20 65-VSS 6-VCC 16-DQ11 26-N.C 36-VSS 46-/CAS2 56-DQ21 66-DQ28 7-DQ4 17-VCC 27-/RAS 37-A7 47-/CAS1 57-DQ22 67-DQ29 8-DQ5 18-DQ12 28-A0 38-A8 48-/CAS0 58-DQ23 68-DQ30 9-DQ6 19-DQ13 29-A1 39-A9 49-N.C 59-VSS 69-DQ31 10-DQ7 20-DQ14 30-A2 40-N.C 50-DQ16 60-N.C 70-VSS |
1-VCC 5-DQ3 9-A9 13-A3 17-A5 21-NC 25-DQ5 2-DQ0 6-NC 10-A0 14-VCC 18-A6 22-/OE 26-DQ6 3-DQ1 7-/W 11-A1 15-GND 19-A7 23-/CAS 27-DQ7 4-DQ2 8-/RAS 12-A2 16-A4 20-A8 24-DQ4 28-GND |
1-5.0V 6-5.0V 11-NC 16-A0 21-VSS 26-A8 31-I/O8 36-I/O12 2-I/O0 7-I/O4 12-NC 17-A1 22-A4 27-/OE 32-I/O9 37-I/O13 3-I/O1 8-I/O5 13-/WE 18-A2 23-A5 28-/CASH 33-I/O10 38-I/O14 4-I/O2 9-I/O6 14-/RAS 19-A3 24-A6 29-/CASL 34-I/O11 39-I/O15 5-I/O3 10-I/O7 15-NC 20-5.0V 25-A7 30-NC 35-VSS 40-VSS |
1-A14 4-A6 7-A3 10-A0 13-D2 16-D4 19-D7 22-/OE 25-A8 28-VCC 2-A12 5-A5 8-A2 11-D0 14-GND 17-D5 20-/CS 23-A11 26-A13 3-A7 6-A4 9-A1 12-D1 15-D3 18-D6 21-A10 24-A9 27-/WE |
1-DQ3 13-DQ19 25-/WE 37-N.C 49-A6 61-DQ9 73-VDDQ 85-VSS 97-DQ0 2-VDDQ 14-VDDQ 26-/CAS 38-N.C 50-A7 62-VSSQ 74-DQ24 86-N.C 98-DQ1 3-DQ4 15-VDD 27-/RAS 39-N.C 51-A8 63-DQ10 75-DQ25 87-N.C 99-VSSQ 4-DQ5 16-VSS 28-/CS 40-N.C 52-N.C 64-DQ11 76-VSSQ 88-N.C 100-DQ2 5-VSSQ 17-DQ20 29-A9(BA) 41-N.C 53-DSF 65-VDD 77-DQ26 89-N.C 6-DQ6 18-DQ21 30-NC(GND) 42-N.C 54-CKE 66-VSS 78-DQ27 90-N.C 7-DQ7 19-VSSQ 31-A0 43-N.C 55-CLK 67-VDDQ 79-VDDQ 91-N.C 8-VDDQ 20-DQ22 32-A1 44-N.C 56-DQM1 68-DQ12 80-DQ28 92-N.C 9-DQ16 21-DQ23 33-A2 45-N.C 57-DQM3 69-DQ13 81-DQ29 93-N.C 10-DQ17 22-VDDQ 34-A3 46-VSS 58-NC 70-VSSQ 82-VSSQ 94-N.C 11-VSSQ 23-DQM0 35-VDD 47-A4 59-VDDQ 71-DQ14 83-DQ30 95-N.C 12-DQ18 24-DQM2 36-N.C 48-A5 60-DQ8 72-DQ15 84-DQ31 96-VDD |
| Pinouts - CLK Pinouts |
For PAL, Fsc=4.43361875MHz (5^6*283.75Hz+25Hz) --> 4*Fsc=17.734MHz For NTSC, Fsc=3.579545MHz (4.5*455/572 MHz) --> 4*Fsc=14.318MHz |
1 53MHz ;17.734MHz*3 = 53.202 MHz (?) 2 GND 3 X1 17.734MHz 4 X2 17.734MHz 5 67MHz ;17.734MHz*3*2*7/11 = 67.711636 MHz (?) 6 4.4Mhz ;17.734MHz/4 = 4.4335MHz (?) ;via 2K2 to IC502.pin15 7 3.5V 8 3.5V |
3*3*7*5/2/11 = 14.3181818 3*3*7*7*100 = 44100 |
14.3181818 * 3*7*11*64 / (5*5*5*5*5) = 67.737600 |
14.3181818 * 2*2*13/11 ... or so? |
X101: 67.737MHz (div2 = CPU Clock = 33.8685MHz) (div600h = 44.1kHz audio) X201: 53.20MHz (GPU Clock) (div12 = PAL color clock) X302: 4.000MHz (for CDROM SUB CPU) |
X101: 67.737MHz (div2 = CPU Clock = 33.8685MHz) (div600h = 44.1kHz audio) X201: 53.69MHz (GPU Clock) (div15 = NTSC color clock) X302: 4.000MHz (for CDROM SUB CPU) |
| Pinouts - PWR Pinouts |
+7.5V Used to generate other voltages and CDROM/Joypad/MemoryCard/Expansion +5.0V Used for Multiout, IC405, and IC502, and IC602 +3.5V Used for most ICs, and for Joypad/MemoryCard/Expansion +3.48V Used for SPU and CDROM GND Ground, shared for all voltages |
1 +7.5V 2 GND 3 +5.0V (used for Multiout, IC405, and IC502) |
1 VIN 5.0V (in) 2 GND GND 3 ON/OFF 5.0V (in) 4 NOISE ? 5 VOUT 3.48V (out) |
IC002 IC003 Expl. 2 2 connected to Q002 (reset input?) 5 5 connected via capacitor to GND 6 1 reset-output (IC002=wired to /RES, IC003: via Q004 to /RES) 7 - 7.5V 4 3 GND 1,3,8 4 NC |
1 1IN+ 2 1IN- 3 FEEDBACK 4 DTC 5 CT 6 RT 7 GND 8 C1 9 E1 10 E2 11 C2 12 VCC 13 OUTPUT CTRL 14 REF 15 2IN- 16 2IN+ |
x +7.5V y +3.5V z REG |
1 Brown 7.5V (actually 7.69V) 2 Red GND Ground 3 Orange 3.5V (actually 3.48V) 4 Yellow GND Ground 5 White STAND-BY (3.54V, always ON, even if power switch is off) 6 Blue GND Ground 7 Magenta /RES Reset input (from power-on logic and reset button) |
1 Brown 7.5V (actually 7.92V or so) (ie. higher than in PSone) 2 Red GND Ground 3 Orange 3.5V (actually 3.53V or so) (ie. quite same as PSone) 4 Yellow GND Ground 5 White /RES Reset input (from power-on logic and reset button) |
1 /IRQ10 (/IRQ10) 2 /ACK (/IRQ7) 3 /JOY2 4 7.5V (or actually 7.92V) 5 /JOY1 6 DAT 7 GND 8 CMD 9 3.5V 10 CLK |
| Pinouts - Component List and Chipset Pin-Outs for Digital Joypad, SCPH-1080 |
Case: "SONY, CONTROLLER, Sony Computer Entertainment Inc. H" Case: "SCPH-1080 Made in China" PCB: "CMK-PIHB /\, CFS8121-200010-01" U?: 32pin "(M), SC401800, FB C37B, JSJD520C" (Motorola) (TQFP-32 package) U?: 14pin "BA10339F, 528 293" (Quad Comparator) (/ACK,JOYDAT,and reset or so) X?: 3pin "4.00G1f" (on PCB bottom side) Z1: 2pin z-diode or so (on PCB bottom side) (+1.7V VREF for BA10339F) CN?: 7pin cable to controller port (plus shield; but not connected to PCB) C1 2pin to GND and R5 C2 2pin capacitor for power supply input (between +3.5V and GND) C3 2pin between BA.pin8 and (via R6) BA.pin15 R1 2pin 1M ohm (for X1) R2 2pin 2.7K R3 2pin 8xK ohm? R4 2pin 100K R5 2pin 22K ohm R6 2pin 56K ohm RN1 8pin 4x200 ohm (/JOYn,JOYCMD,JOYCLK) RN2 8pin 4x22K ohm (pull-ups for button bit0..3) RN3 8pin 4x22K ohm (pull-ups for button bit12..15) RN4 8pin 4x22K ohm (pull-ups for button bit8..11) RN5 8pin 4x22K ohm (pull-ups for button bit4..7) |
PSX.1 -------brown---- PAD.2 JOYDAT PSX.2 -------orange--- PAD.6 JOYCMD PSX.3 --- NC +7.5V PSX.4 -------black---- PAD.3 GND PSX.5 -------red------ PAD.4 +3.5V PSX.6 -------yellow--- PAD.5 /JOYn PSX.7 -------blue----- PAD.7 JOYCLK PSX.8 --- NC /IRQ10 PSX.9 -------green---- PAD.1 /ACK PSX.Shield --shield--- NC (cable is shielded but isn't connected in joypad) |
1 Bit14 SW-X 2 Bit13 SW-O 3 Bit12 SW-/\ 4 Bit11 SW-R1 (via cable pin1, white wire) 5 Bit10 SW-L1 (via cable pin1, white wire) 6 Bit9 SW-R2 (via cable pin3, black wire) 7 Bit8 SW-L2 (via cable pin3, black wire) 8 via BA10339F.pin7 to cn.2 JOYDAT (PSX.1) --- 9 via RN1 (200 ohm) to cn.5 /JOYn (PSX.6) 10 via RN1 (200 ohm) to cn.6 JOYCMD (PSX.2) 11 via RN1 (200 ohm) to cn.7 JOYCLK (PSX.7) 12 GND to cn.3 (PSX.4) 13 Bit7 SW-LEFT 14 Bit6 SW-DOWN 15 Bit5 SW-RIGHT 16 via BA10339F.pin5 to cn.1 /ACK (PSX.9) --- 17 Bit4 SW-UP 18 Bit3 SW-START 19 Bit2 (HI) (would be R3 on Analog Pads) ;\unused, but working button inputs 20 Bit1 (HI) (would be L3 on Analog Pads) ;/(each fitted with a RN2 pullup) 21 Bit0 SW-SELECT 22 23 24 wired to SC401800.pin25 --- 25 wired to SC401800.pin24 26 4.00MHz'a 27 4.00MHz'b 28 +3.5V to cn.4 (PSX.5) 29 wired to SC401800.pin32, and via 22K ohm to +3.5V, and to BA.14 30 31 Bit15 SW-[] 32 wired to SC401800.pin29 |
1 OUT2 CN.2 JOYDAT (PSX.1) 2 OUT1 CN.1 /ACK (PSX.9) 3 VCC +3.5V 4 -IN1 +1.7V VREF via Z1 to GND 5 +IN1 CXD.16 /ACK 6 -IN2 +1.7V VREF via Z1 to GND 7 +IN2 CXD.8 JOYDAT --- 8 -IN3 +1.7V VREF via Z1 to GND 9 +IN3 C3,R3,R4 10 -IN4 C1 to +3.5V 11 +IN4 GND 12 GND GND 13 OUT4 NC ?? 14 OUT3 CXD.29/32 |
| Pinouts - Component List and Chipset Pin-Outs for Analog Joypad, SCPH-1150 |
SCPH-1150 Analog Pad with Single Rumble Motor (japan only) SCPH-1180 Analog Pad without Rumble Motor |
Case "SONY, ANALOG, CONTROLLER, SonyCompEntInc. A, SCPH-1150 MADE IN CHINA" PCB1 "DD1P09A" (mainboard with digital buttons) PCB2 "DD1Q14A" (daughterboard with analog joysticks) PCB3 "DD1Q15A-R" (daughterboard with R-1, R-2 buttons) (J3) PCB4 "DD1Q15A-L" (daughterboard with L-1, L-2 buttons) (J2) U1 42pin "SD657, 9702K3006" (2x21pins, L=17.8mm, W=7mm, W+Pins=11mm) U2 3pin "DR, 4.Z" Q1 3pin "BQ03" or so (motor post-amp) Q2 3pin "S6","SG","9S" or so (motor pre-amp) Y1 3pin "400CMA" CN1 8pin cable to PSX controller port CN2 8pin ribbon cable to analog-joystick daughterboard (not so robust cable) J1 2pin wires to rumble motor (in left handle) (digital, on/off) J2 3pin ribbon cable to L-1, L-2 button daughterboard J3 3pin ribbon cable to R-1, R-2 button daughterboard LED1 4pin red/green LED (optics without mirror) D1,D2 diodes plus resistors/capacitors |
PSX.1 -------brown---- PAD.2 JOYDAT PSX.2 -------orange--- PAD.6 JOYCMD PSX.3 -------magenta-- PAD.8 +7.5V PSX.4 -------black---- PAD.3 GND PSX.5 -------red------ PAD.4 +3.5V PSX.6 -------yellow--- PAD.5 /JOYn PSX.7 -------blue----- PAD.7 JOYCLK PSX.8 --- NC /IRQ10 PSX.9 -------green---- PAD.1 /ACK PSX.Shield --shield--- NC (cable is shielded but isn't connected in joypad) |
8 +3.5V to POT pins 7 Button L3 pins A,C 6 GND to POT pins and Button L3/R3 pins B,D 5 Button R3 pins A,C 4 Axis R_Y middle POT pin (SD657.18) 3 Axis R_X middle POT pin (SD657.17) 2 Axis L_Y middle POT pin (SD657.16) 1 Axis L_X middle POT pin (SD657.15) |
1 (red) R1 2 (gray) GND 3 (gray) R2 |
1 (red) L1 2 (gray) GND 3 (gray) L2 |
1 (red) +7.5V 2 (black) Q1 |
1 NC? 2 NC? 3 /RESET? (U2.3) 4 OSC 5 OSC 6 BUTTON Bit3 START SW1 7 BUTTON Bit2 R3 (via CN2.5) 8 BUTTON Bit1 L3 (via CN2.7) 9 BUTTON Bit0 SELECT SW3 10 GND 11 BUTTON Bit7 LEFT SW4 12 BUTTON Bit6 DOWN SW5 13 BUTTON Bit5 RIGHT SW6 14 BUTTON Bit4 UP SW7 15 Analog Axis L_X (via CN2.1) 16 Analog Axis L_Y (via CN2.2) 17 Analog Axis R_X (via CN2.3) 18 Analog Axis R_Y (via CN2.4) 19 NC? 20 3.5V 21 3.5V --- 22 BUTTON Bit15 [] SW11 23 BUTTON Bit14 >< SW10 24 BUTTON Bit13 () SW9 25 BUTTON Bit11 R1 (via J3.1) 26 BUTTON Bit12 /\ SW8 27 BUTTON Bit10 L1 (via J3.1) 28 BUTTON Bit9 R2 (via J3.3) 29 BUTTON Bit8 L2 (via J3.3) 30 PSX.2/CN1.6 JOYCMD orange (via 220 ohm R14) 31 PSX.1/CN1.2.JOYDAT brown (via 22 ohm R13 and diode D2) 32 PSX.7/CN1.7 JOYCLK blue (via 220 ohm R12) 33 PSX.6/CN1.5./JOYn yellow (via 220 ohm R11) 34 LED.GREEN (LED.4) 35 LED.RED (LED.3) 36 MOTOR (via 4.7Kohm R8 to Q2, then via Q1 to motor) 37 NC? 38 NC? 39 PSX.9/CN1.1./ACK green (via 22 ohm R10) 40 NC? 41 MODE SW2 (analog button) 42 GND |
1 from 3.5V (via R1,D1,R2) 2 to U1.3 (/RESET?) (U2.rear contact = same as U2.pin2) 3 GND |
1 Q2.2 (via 1Kohm R7) 2 to Motor (-) 3 GND |
1 SD657.36 (via 4.7Kohm R8) 2 Q1.1 (via 1Kohm R7) (and via 100Kohm R13 to GND) 3 3.5V |
27.5mm Total Length (18.5mm Motor, 2mm Axis, 7mm Weight/block) 12.0mm Width/Diameter (of Weight, and of Motor at flat side) |
| Pinouts - Component List and Chipset Pin-Outs for Analog Joypad, SCPH-1200 |
Case "SONY, ANALOG, CONTROLLER, SonyCompEntInc. H, SCPH-1200 MADE IN CHINA" PCB1 "01, /\YG-H2, (r)RU" (mainboard with digital buttons) PCB2 "M-29-01, YG-H3, (r)RU" (daughterboard with analog joysticks) PCB3 "E, /\YG-H2, (r)RU, 01" (daughterboard with R-1, R-2 buttons) (J1) PCB4 "01, W, /\YG-H2, (r)RU" (daughterboard with L-1, L-2 buttons) (J2) U1 44pin "SONY, CXD8771Q 4A03, JAPAN 9840 HAL, 148896" U2 4pin ",\\ 29" (PST9329) (System Reset with 2.9V detection voltage) U3 8pin "2904, 8346G, JRC" (NJM2904) (Dual Operational Amplifier) Q1 3pin ".Y S'" (big transistor for big M1 rumble motor) Q2 3pin "Z" (small transistor for small M2 rumble motor) Y1 3pin "800CMLX" or so (hides underneath of the CN2 ribbon cable) CN1 8pin cable to PSX controller port CN2 8pin ribbon cable to analog-joystick daughterboard J1 3pin ribbon cable to R-1, R-2 button daughterboard J2 3pin ribbon cable to L-1, L-2 button daughterboard M1 2pin wires to left/big rumble motor (analog, slow/fast) M2 2pin wires to right/small rumble motor (digital, on/off) ZD1,ZD2 some Z-diodes D1,D2 diodes near M1,M2 motors (these diodes aren't installed) LED1 red analog mode LED (with transparent optics/light direction mirror) plus resistors/capacitors |
PSX.1 -------brown---- PAD.2 JOYDAT PSX.2 -------orange--- PAD.6 JOYCMD PSX.3 -------magenta-- PAD.8 +7.5V PSX.4 -------black---- PAD.3 GND PSX.5 -------red------ PAD.4 +3.5V PSX.6 -------yellow--- PAD.5 /JOYn PSX.7 -------blue----- PAD.7 JOYCLK PSX.8 --- NC /IRQ10 PSX.9 -------green---- PAD.1 /ACK PSX.Shield --shield--- NC (cable is shielded but isn't connected in joypad) |
1 +3.5V to POT pins 2 Button L3 pins C,D 3 GND to POT pins and Button L3/R3 pins A,B 4 Button R3 pins C,D 5 Axis R_Y middle POT pin (CXD.20) 6 Axis R_X middle POT pin (CXD.19) 7 Axis L_X middle POT pin (CXD.21) 8 Axis L_Y middle POT pin (CXD.22) |
1 (red) R1 2 (gray) GND 3 (gray) R2 |
1 (red) L1 2 (gray) GND 3 (gray) L2 |
+ (red) Q1.E - (black) GND |
+ (red) +7.5V - (black) Q2.C |
1 PSX.7/CN1.7 JOYCLK (via 220 ohm R2) 2 via R10 to U3.3 (for big M1 motor) 3 via R15 to Q2.B (for small M2 motor) 4 GND 5 BUTTON Bit15 [] 6 BUTTON Bit14 >< 7 BUTTON Bit13 () 8 BUTTON Bit12 /\ 9 BUTTON Bit11 R1 (via J1.1) 10 BUTTON Bit10 L1 (via J2.1) 11 BUTTON Bit9 R2 (via J1.3) --- 12 BUTTON Bit8 L2 (via J2.3) 13 GND 14 U2.Pin3 (reset) 15 Y1'a 16 Y1'b 17 GND 18 +3.5V 19 Analog Axis R_X via CN2.6 20 Analog Axis R_Y via CN2.5 21 Analog Axis L_X via CN2.7 22 Analog Axis L_Y via CN2.8 --- 23 GND 24 GND 25 GND 26 GND 27 GND 28 +3.5V 29 BUTTON Bit0 SELECT 30 BUTTON Bit1 L3 (via CN2.2) 31 BUTTON Bit2 R3 (via CN2.4) 32 BUTTON Bit3 START 33 BUTTON Bit4 UP --- 34 BUTTON Bit5 RIGHT (aka spelled RIHGT on the PCB) 35 BUTTON Bit6 DOWN 36 BUTTON Bit7 LEFT 37 PSX.6/CN1.5./JOYn (via 220 ohm R1) 38 ANALOG BUTTON 39 GND 40 +3.5V 41 /LED (to LED1, and from there via 300 ohm R6 to +3.5V) 42 PSX.9/CN1.1./ACK (via 22 ohm R5) 43 PSX.1/CN1.2.JOYDAT (via 22 ohm R3) 44 PSX.2/CN1.6 JOYCMD (via 220 ohm R4) |
1 NC GND 2 GND GND 3 Vout U1.14 4 VCC +3.5V |
1 A.OUTPUT Q1.B (big motor M1 transistor) 2 A.INPUT- to R11/R12 3 A.INPUT+ to R10/R17 4 GND PSX.4/CN1.3 GND 5 B.INPUT+ GND 6 B.INPUT- NC? 7 B.OUTPUT NC? 8 VCC PSX.3/CN1.8 +7.5V |
E M1+ B U3.1 (NJM2904) C +7.5V |
E GND B via 1K ohm R15 to U1.3 (CXD), and via 100K ohm R16 to GND C M2- |
Left/Large Motor (SCPH-1200) 24.0mm Total Length (12.0mm Motor, 2.5mm Axis, 9.5mm Weight/plates) 24.0mm Diameter (Motor), 20.0mm Diameter (Weight/plates) Right/Small Motor (SCPH-1200) 25.4mm Total Length (18.7mm Motor, 2mm Axis, 4.7mm Weight/plates) 12.0mm Width/Diameter (of Weight, and of Motor at flat side) |
| Pinouts - Component List and Chipset Pin-Outs for Analog Joypad, SCPH-110 |
Case "SONY, ANALOG CONTROLLER, SonyCompEntInc. A, SCPH-110 MADE IN CHINA" PCB1 "SA1Q22A, <PF-LP>, KPC, 7694V-0" (mainboard with joysticks onboard) PCB2 "..." (membrane/foil with digital buttons) U1 44pin "SD707, 039 107"" (4x11pin) Q1 3pin "KA" (big transistor for left/big M1 rumble motor) Q2 3pin "LG" (small transistor for right/small M2 rumble motor) D1 2pin diode (for large motor, reference Z-diode with pull-up?) D2 3pin dual-diode (R5/IRQ7 to GND and R3/DAT to GND) CN1 9pin cable to PSX controller port J1 16pin ribbon cable from membrane/foil M1 2pin wires to left/big rumble motor (analog, slow/fast) M2 2pin wires to right/small rumble motor (digital, on/off) LED1 2pin red analog mode LED (with long legs, without mirror/optics) plus resistors/capacitors |
1 +3.5V (logic supply) 2 GND3 (logic supply) 3 /IRQ7 4 /SEL 5 CMD 6 DAT 7 CLK 8 GND7 (motor supply) 9 +7.5V (motor supply) |
1 BUTTON Bit8 L2 2 BUTTON Bit10 L1 3 BUTTON Bit4 UP 4 BUTTON Bit5 RIGHT 5 BUTTON Bit6 DOWN 6 BUTTON Bit7 LEFT 7 GND3 8 ANALOG BUTTON 9 BUTTON Bit0 SELECT 10 BUTTON Bit3 START 11 BUTTON Bit15 SQUARE [] 12 BUTTON Bit14 CROSS >< 13 BUTTON Bit13 CIRCLE () 14 BUTTON Bit12 TRIANGLE /\ 15 BUTTON Bit11 R1 16 BUTTON Bit9 R2 |
1 (red) Q1 2 (black) GND (via some ohm) |
1 (red) +7.5V 2 (black) Q2 |
1 via R9/Q2 to M2 (right/small) (digital 0V=off, 3V=on) 2 via "JP1" to LED (330 ohm) 3 +3.5V 4 BUTTON Bit2 R3 5 vr2 RX (lt/rt) 6 vr1 RY (up/dn) 7 vr4 LX (lt/rt) 8 vr3 LY (up/dn) 9 BUTTON Bit1 L3 10 GND3 11 GND7 --- 12 via Q1 to M1 (left/large) (1V=off, 6V=fast) 13 via D1/R7 to M1 (left/large) (6.7V) 14 +7.5V 15 +7.5V 16 BUTTON Bit8 L2 17 BUTTON Bit10 L1 18 BUTTON Bit4 UP 19 BUTTON Bit5 RIGHT 20 BUTTON Bit6 DOWN 21 BUTTON Bit7 LEFT 22 GND3 --- 23 BUTTON Bit9 R2 24 BUTTON Bit11 R1 25 BUTTON Bit12 TRIANGLE /\ 26 BUTTON Bit13 CIRCLE () 27 BUTTON Bit14 CROSS >< 28 BUTTON Bit15 SQUARE [] 29 BUTTON Bit3 START 30 BUTTON Bit0 SELECT 31 ANALOG BUTTON 32 NC 33 +3.5V --- 34 GND3 35 NC 36 via R5 to /IRQ7 37 via R1 to /SEL 38 via R4 to CMD 39 via R3 to DAT 40 via R2 to CLK 41 +7.5V 42 +7.5V 43 GND7 44 GND7 |
Left/Large Motor (SCPH-110) 23.0mm Total Length (12.0mm Motor, 3mm Axis, 8.0mm Weight/plates) 24.0mm Diameter (Motor), 20.0mm Diameter (Weight/plates) Right/Small Motor (SCPH-110) 25.4mm Total Length (18.7mm Motor, 2mm Axis, 4.7mm Weight/plates) 12.0mm Width/Diameter (of Weight, and of Motor at flat side) |
M1+ --o---Q1---o--------- U1.12
| | | analog
Left | | C9
Large | | |
| o----o--------- 7.5V
| |
C8 R7
| D1 | 6.7V
o---|>|--o--------- U1.13
|
M1- --o------------------ GND7
|
M2+ --o------------------ 7.5V
|
Right | o-------o--R9-- U1.1
Small | | | on/off
C7 | R10
| | |
M2- --o---Q2------o------ GND7
___ ___ ____
axis | | / \ \
__/___ ______| m | __.____________|__. | |
/__/__/ | | w | | | | | | axis | | |
| |/ weight |___| |___| \___/_/ \___/____/
\____/ weight motor
|
| Pinouts - Component List and Chipset Pin-Outs for Namco Lightgun, NPC-103 |
U1 44pin "NAMCO103P, 1611U1263, JAPAN 9847EAI, D0489AAF" U2 8pin "7071, 8C19" (=BA7071F, Sync Separator IC with AFC) XTAL 2pin "CSA 8.00WT" PS1 3pin Light sensor with metal shielding J1 9pin Connector for 9pin cable to PSX controller and GunCon plugs plus resistors and capacitors, and A1,A2,B1,B2,T1,T2 wires to buttons |
DIP Button (with black T1,T2 wires) (trigger) |
Button A (with red A1,A2 wires) (left side) Button B (with white B1,B2 wires) (right side) |
Lens (20mm) |
J1.Pin1 green PSX.Controller.Pin5 +3.5V J1.Pin2 brown PSX.Controller.Pin4 GND J1.Pin3 black PSX.Controller.Pin9 /ACK/IRQ7 J1.Pin4 red PSX.Controller.Pin6 /JOYn J1.Pin5 yellow PSX.Controller.Pin1 JOYDAT J1.Pin6 orange PSX.Controller.Pin2 JOYCMD J1.Pin7 blue PSX.Controller.Pin7 JOYCLK J1.Pin8 gray GunCon shield (GND) J1.Pin9 white GunCon composite video N/A PSX.Controller.Pin3 +7.5V N/A PSX.Controller.Pin8 /IRQ10 N/A PSX.Controller Shield |
1 GND 12 SYNC (from U2) 23 3.5V 34 SW1 (A) 2 GND 13 3.5V 24 3.5V 35 3.5V 3 GND 14 3.5V 25 3.5V 36 3.5V 4 GND 15 SW3 (TRIGGER) 26 GND 37 SW2 (B) 5 GND 16 JOYCLK (J1.Pin7 via 220 ohm R7) 27 GND 38 3.5V 6 GND 17 3.5V 28 GND 39 3.5V 7 GND 18 JOYCMD (J1.Pin6 via 220 ohm R8) 29 GND 40 LIGHT (from PS1) 8 GND 19 JOYDAT (J1.Pin5 via 0 ohm R10) 30 - 41 GND 9 - 20 /JOYn (J1.Pin4 via 220 ohm R9) 31 GND 42 GND 10 GND 21 /ACK/IRQ7 (J1.Pin3 via 0 ohm R11) 32 GND 43 OSC 8MHz 11 GND 22 GND 33 GND 44 OSC 8MHz |
1 VIN = SYNC.IN from J1.Pin9 Composite Video (via C5/C6/C7/R6) 2 HD_OUT = NC 3 GND = GND 4 PD_OUT = NC 5 HOSC_R = via 100K to GND 6 VCC = 3.5V 7 VD_OUT = NC 8 SYNC_OUT = SYNC.OUT to U1.pin12 (with R4 pull-up) |
| Pinouts - Component List and Chipset Pin-Outs for Multitap, SCPH-1070 |
Case "SONY, MULTITAP, SonyComputerEntertainmentInc, SCPH-1070 MADE IN CHINA" PCB1 "SONY 1-659-343-11" (mainboard with Slot A,B, ICs, X1, PSX-cable) PCB2 "SONY 1-711-414-11" (daughterboard with Slot C,D) IC? 64pin "SONY JAPAN, CXD103, -166Q, 550D66E" (smd/back side) IC02 8pin "7W14, 5K" some tiny SMD chip (for JOYCLK) (smd/back side) X1 2pin "4.00G CMj" oscillator (front side) J34 2pin fuse or 1 ohm resistor or so (for +3.5V input) (front side) Jxx 2pin normal wire bridges (except: J34 is NOT a wire) (front side) |
1pin black wire Shield/GND (lower edge) 1pin black wire Shield/GND (upper edge) 2x8pin red/gray ribbon cable (side edge) 2x2pin red/gray ribbon cable (lower edge) 2pin red/gray ribbon cable (upper middle) (gray=+3.3V, red=+7.5V) |
PSX.1 -------brown------ TAP.1 JOYDAT ;via 47 ohm (R57) to CXD.35 PSX.2 -------orange----- TAP.2 JOYCMD ;via 220 ohm (R58) to CXD.37 PSX.3 -------magenta---- TAP.3 +7.5V ;directly to +7.5V on JOY/CARD's PSX.4 -------black------ TAP.4 GND ;directly to GND PSX.5 -------red-------- TAP.5 +3.5V ;via 1 ohm or so (J34) to +3.3V PSX.6 -------yellow----- TAP.6 /JOYn ;via 220 ohm (R59) to CXD.46 PSX.7 -------blue------- TAP.7 JOYCLK ;via 220 ohm (R60) to IC02.pin6 PSX.8 -------gray------- TAP.8 /IRQ10 ;via 47 ohm (R02/R16/R30/R44) to JOY's PSX.9 -------green------ TAP.9 /ACK ;via 47 ohm (R61) to CXD.51 PSX.Shield --shield----- TAP.shielding.plate (GND) |
1 JOYDAT Via 47 ohm (R11/R25/R38/R5x) to CXD.18/29/60/5 (and to JOY slot) 2 JOYCMD Via 220 ohm (R10/R24/R39/R52) to CXD.19/30/62/6 3 +7.5V Directly to PSX.3 4 GND Directly to PSX.4 5 +3.3V Via J34 to PSX.5 (+3.5V) 6 /JOYn Via 220 ohm (R09/R2x/Rxx/R51) to CXD.11/22/52/61 7 JOYCLK Via 220 ohm (R08/R2x/Rxx/R50) to CXD.33/33/47/47 9 /ACK Via 47 ohm (R07/R2x/Rxx/R49) to CXD.12/21/45/64 |
1 JOYDAT Via 47 ohm (R06/Rxx/R34/R5x) to CXD.18/29/60/5 (and to CARD slot) 2 JOYCMD Via 220 ohm (R05/R19/R35/R5x) to CXD.17/28/59/4 3 +7.5V Directly to PSX.3 4 GND Directly to PSX.4 5 +3.3V Via 1 ohm or so (J34) to PSX.5 (+3.5V) 6 /JOYn Via 220 ohm (R04/R18/R32/R4x) to CXD.16/20/55/63 7 JOYCLK Via 220 ohm (R03/R17/R31/R45) to CXD.15/23/56/2 8 /IRQ10 Via 47 ohm (R02/R16/R30/R44) to PSX.8 9 /ACK Via 47 ohm (R01/R15/R29/R43) to CXD.13/27/54/7 Shield Directly to Shield/GND |
1 2 3 4 GND 5 6 via 220 ohm (R60) to PSX.7 (JOYCLK) 7 to CXD.Pin48 8 +3.3V, aka via 1 ohm (J34) to PSX.5 (+3.5V) |
1 via to 10K (R63) to +3.3V, and via C13 to GND (probably power-on reset) 2 JOY.D.7.JOYCLK 3 4 JOY.D.2.JOYCMD 5 JOY/CARD.D.1.JOYDAT 6 CARD.D.2.JOYCMD 7 JOY.D.9./ACK 8 4MHz X1/C12 9 4MHz X1/C11 10 GND 11 CARD.A.6./JOYn 12 CARD.A.9./ACK 13 JOY.A.9./ACK 14 15 JOY.A.7.JOYCLK 16 JOY.A.6./JOYn 17 JOY.A.2.JOYCMD 18 JOY/CARD.A.1.JOYDAT 19 CARD.A.2.JOYCMD --- 20 JOY.B.6./JOYn 21 CARD.B.9./ACK 22 CARD.B.6./JOYn 23 JOY.B.7.JOYCLK 24 25 GND 26 +3.3V 27 JOY.B.9./ACK 28 JOY.B.2.JOYCMD 29 JOY/CARD.B.1.JOYDAT 30 CARD.B.2.JOYCMD 31 GND 32 --- 33 CARD.A/B.7.JOYCLK 34 35 PSX.1.JOYDAT 36 37 PSX.2.JOYCMD 38 39 40 41 42 GND 43 44 GND 45 CARD.C.9./ACK 46 PSX.6./JOYn 47 CARD.C/D.7.JOYCLK 48 IC02.Pin7.PSX.JOYCLK 49 50 51 PSX.9./ACK --- 52 CARD.C.6./JOYn 53 54 JOY.C.9./ACK 55 JOY.C.6./JOYn 56 JOY.C.7.JOYCLK 57 GND 58 +3.3V 59 JOY.C.2.JOYCMD 60 JOY/CARD.C.1.JOYDAT 61 CARD.D.6./JOYn 62 CARD.C.2.JOYCMD 63 JOY.D.6./JOYn 64 CARD.D.9./ACK |
| Pinouts - Memory Cards |
5 = /IRQ7 (via 22 ohm) 2 = /RESET (from U2) 6 = JOYCLK (via 220 ohm) 30,31 = CF1,CF2 (12 clock pulses per 2us) 7 = /JOYn (via 220 ohm) 14,16,25,32,38,39,61 = 3.5V (via 3.3 ohm) 12 = JOYCMD (via 220 ohm) 8,15,28,29 = GND 13 = JOYDAT (via 22 ohm) All other pins = Not connected |
1=P40/A0 9=P13 17=TP0 25=VDD 33=A11 41=NC 49=A7 57=NC 2=/RES 10=P14 18=TP1 26=NC 34=A9 42=NC 50=A6 58=NC 3=TEST2 11=P15 19=TP2 27=NC 35=A8 43=NC 51=A5 59=NC 4=TEST1 12=P16 20=TP3 28=NC 36=A13 44=NC 52=A4 60=NC 5=P10 13=P17 21=TP4 29=VSS 37=A14 45=A17 53=NC 61=NC61 6=P11 14=/CE 22=TP5 30=CF1 38=/WE 46=A16 54=NC 62=P43/A3 7=P12 15=A10 23=TP6 31=CF2 39=VDD 47=A15 55=NC 63=P42/A2 8=VSS 16=/OE 24=TP7 32=VDD 40=EP 48=A12 56=NC 64=P41/A1 |
P10/DQ0/SEPMOD P12/DQ2/FSI0 P14/DQ4 P16/DQ6/SI0/FSTART P11/DQ1/SCLK0/FSCLK P13/DQ3 P15/DQ5 P17/DQ7/SO0/FRW |
| Mods - Nocash PSX-XBOO Upload |
GND (BOARD) --------- GND (SUBD.18-25, CNTR.19-30) A16 (ROM.2) --------- SLCT (SUBD.13, CNTR.13) ;\ A17 (ROM.30) --------- PE (SUBD.12, CNTR.12) ; 4bit.dta.out A18 (ROM.31) --------- /ACK (SUBD.10, CNTR.10) ; A19 (ROM.1) --------- BUSY (SUBD.11, CNTR.11) ;/ /RESET ---|>|--- /INIT (SUBD.16, CNTR.31) ;-reset.in D0..D7 (74HC541) --------- DATA (SUBD.2-9, CNTR.2-9) ;\ Y0..Y7 (74HC541) --------- D0..D7 (ROM.13-15,17-21) ; 7bit.dta.in, and /OE1 (74HC541.1) --------- /EXP (CPU.98) ; 1bit.dta.clk.in /OE2 (74HC541.19) --------- /OE (ROM.24) ; GND (74HC541.10) --------- GND (BOARD) ; VCC (74HC541.20) --------- +5V (BOARD) ;/ |
A0..A19 (ROM) --------- A0..A19 (EPROM) D0..D7 (ROM) --------- D0..D7 (EPROM) /BIOS (CPU.97)--------- /CS (EPROM.22) /OE (ROM.24) --------- /OE (EPROM.24) +5V (BOARD) --------- VCC (EPROM.32) GND (BOARD) --------- GND (EPROM.16) /CS (ROM.22) --/cut/-- /BIOS (CPU.97) /CS (ROM.22) --------- +5V (BOARD) (direct, or via 100k ohm) |
SPU.Pin42 "data" -------|>|------ CPU.Pin149 (A20) SPU.Pin5 "sync" ---------------- IC723.Pin17 |
32pin socket for EPROM EPROM (or FLASH) 74HC541 (8-bit 3-state noninverting buffer/line driver) 1N4148 diode (for reset signal) 1N4148 diode (for optional "modchip" feature) 36pin Centronics socket for printer cable (or 25pin dsub) |
______ ______ ____ ____
| \/ | | \/ |
A19,VPP12 | 1 32 | VCC6 /OE1 |1 20| VCC
A16 | 2 31 | A18,/PGM D0 |2 19| /OE2
A15 | 3 30 | A17 D1 |3 18| Y0
A12 | 4 29 | A14 D2 |4 17| Y1
A7 | 5 28 | A13 D3 |5 74541 16| Y2
A6 | 6 27 | A8 D4 |6 15| Y3
A5 | 7 26 | A9,IDENT12 D5 |7 14| Y4
A4 | 8 25 | A11 D6 |8 13| Y5
A3 | 9 24 | /OE,VPP12 D7 |9 12| Y6
A2 | 10 23 | A10 GND |10 11| Y7
A1 | 11 22 | /CE,(/PGM) |__________|
A0 | 12 21 | D7
D0 | 13 20 | D6
D1 | 14 19 | D5
D2 | 15 18 | D4
GND | 16 17 | D3
|______________|
|
- Datel: use the FiveWire mod to get it parallel port compatible - Xplorer: simply wire DB25./INIT to EXP./RESET (with diode, if needed) |
| Mods - PAL/NTSC Color Mods |
color encoding PAL NTSC color clock 4.43361875MHz 3.579545MHz frame rate 50Hz 60Hz |
/PAL (IC502.pin13) ---/cut/--- /PAL (GPU.pin157) /PAL (IC502.pin13) ----------- GND (PAL) or VCC (NTSC) |
GPU ------------------/cut/--- CXA1645M.pin6 SCIN GPU ------------------/cut/--- CXA1645M.pin7 /PAL Osc.pin14 VCC ---------------- CXA1645M.pin12 VCC (5V) Osc.pin7 GND ---------------- CXA1645M.pin1 GND Osc.pin8 OUT ---------------- CXA1645M.pin6 SCIN Osc.pin1 NC -- GND (PAL) or VCC (NTSC) ------ CXA1645M.pin7 /PAL |
| About & Credits |
| Index |