Views: 23,259,005 Homepage | Main | Rules/FAQ | Memberlist | Active users | Last posts | Calendar | Stats | Online users | Search 12-04-24 09:09 PM
Guest:

0 users reading the DSi findings stash | 1 bot

Main - Development - the DSi findings stash Hide post layouts | New reply


Arisotura
Posted on 06-18-19 04:35 PM Link | #1103
NDMA

* old DMA appears to have priority over NDMA (makes sense, in a way, if you're going to be using old DMA for hblank and/or other timing-critical shito, and NDMA for the newfangled shit)

* NDMAxBCNT is for delay between physical blocks
* round-robin mode:
** a channel with NDMAxBCNT set to zero will keep running until it has completed a logical block.
** a channel with a delay (NDMAxBCNT nonzero) will run for one physical block.

observed timings with a channel that has NDMAxBCNT set to 1, physicalblock=1word, logicalblock=16words, roundrobin=7 (64c)

67 67 7 67 67 7 ...

which is weird.

____________________
Kuribo64

Arisotura
Posted on 02-02-21 08:48 PM (rev. 4 of 08-16-21 09:13 AM) Link | #3261
haxing the DSi loader

0x27773DC and 0x27773E0 are loader error flags.

forcing these to zero bypasses the 'an error has occured' screen when loading certain ROMs. can serve as a base for better haxing.

* bypasses hash checks (loads haxed ROMs)
* bypasses 'is DSiware installed' check
* DSiware loaded this way seems to fail to save (may be trying to save to NAND and failing to access it or expect a savefile to already exist)
* homebrew ROMs don't show up at all (different kind of check, prolly similar to region check)
* address may vary between firmware versions


0x02FE71B0 is the current ROM's region bitmask.

forcing it to 0xFFFFFFFF effectively bypasses the region check.

firmware will blank out the current ROM header in memory if this has no set bit for the console's region, effectively preventing the ROM from showing up at all.


note: cart ROM header is stored at 0x02FE7000 (among others).

headers for NAND titles are stored at 0x027878A8, 0x3A0 bytes per title. (seems there are 0x170 blank bytes before the actual header chunk? actual start address is 0x02787738)

TODO: ensure this is reliable across different menu versions/regions, find a reliable way to detect we're running the DSi menu and apply region patching

it's not! that address is good for 1.4.5, European version. in 1.4.1 it's 0x0277E338.

____________________
Kuribo64

Saizo7
Posted on 03-13-21 09:41 AM Link | #3436
I don't know if this is important, I will just leave it here. :)

Digifiend
Posted on 03-27-21 05:20 PM Link | #3508
ARM7 bootloader dumped? Might be useful later, but not right now. Isn't ARM9 needed as well?

PoroCYon
Posted on 06-27-21 08:00 PM Link | #3900
(very late reply, I know, oh well)
Posted by Digifiend
ARM7 bootloader dumped? Might be useful later, but not right now. Isn't ARM9 needed as well?

Technically yes, but, trying to dump the ARM9 one has proven to be much harder than the ARM7's. It'll take A While (no ETA) even n months later.


Main - Development - the DSi findings stash Hide post layouts | New reply

Page rendered in 0.044 seconds. (2048KB of memory used)
MySQL - queries: 30, rows: 87/87, time: 0.030 seconds.
[powered by Acmlm] Acmlmboard 2.064 (2018-07-20)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.