alt Hacker NewsThere are memory regions that are mapped to the same physical memory - https://psx-spx.consoledev.net/memorymap/
I worked on the Metal Gear Solid port from PSX to PC, and Konami programmers chose a wild trick to store how the "C4" bomb was planted - either on the wall, or on the ground.
Essentially the pointer pointed to the same physical memory address, but if it was planted on the wall (or on the ground, I forgot) - then it was OR-ing it with 80000000h or was A0000000h - or maybe something else - lol was long time ago.
It was fun porting this on PC, and right now I don't even remember what I did exactly - hahaha
Usually, that kind of stunt nowadays is done by using the lowest significant bits and masking them off when dereferencing the pointer, trading off for a higher alignment (so 4 bits gives you 16-byte alignment).
The PS1 also happens to have RAM aliasing, because there's not enough RAM to cover the entire decoding window for the RAM. I don't know the details, but I've seen PS1 executables setting their stack pointer to the end of the devkit's 8 MiB of RAM and yet they work on retail units, because it ends up at the end of the retail's 2 MiB of RAM. So theoretically, you could stuff bits in there too (and without messing with different memory regions with different cache behaviors).