ROM disassembly as raw text file
Automated table discovery is now a reality. 
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
Automated table discovery is now a reality.
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
Automated table discovery is now a reality.
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
Can't vouch for it's accuracy just yet, but what richard calls the "rombot" just found and generated XML for 307 new tables in the 52690021 ROM. I am going through right now and checking the scaling values by hand, so far so good.
excellent work sir. the developments from this could be HUGE
Any luck on finding similar tables in different roms?
i.e. Make it real simple for me to post fully defined roms definitions to my site for all roms out there.
I am working on an app that finds tables in different roms, but it works from a completely different angle. It works ok. The newer roms change little things that make it harder to find certain tables.
i.e. Make it real simple for me to post fully defined roms definitions to my site for all roms out there.
I am working on an app that finds tables in different roms, but it works from a completely different angle. It works ok. The newer roms change little things that make it harder to find certain tables.
I haven't done it yet, but I do have a strategy for it. My plan is to grab the table from the existing ROM, find the start of the header, then find all of the subroutines that reference the table. From there I'll "fingerprint" the subroutines, basically generating a model that can be used to compare and tell me whether or not another subroutine is a probable match.
Once I have my fingerprints, I'll look through the new ROM for a table that is referenced the same way by similar subroutines.
The table data changes between ROMs enough to make finding them via table comparison problematic, but the subroutines that are used to access the tables only change slightly if at all between ROMs, so this method should be fairly reliable.
Any method for doing this though is going to be imperfect, so there will be some cases where my tool can only find a "likely" match, not an exact match. In those cases it will be up to a human to go check the bot's work.
I haven't had time to work on this since my last post but I'm hoping to have some time this weekend.
Once I have my fingerprints, I'll look through the new ROM for a table that is referenced the same way by similar subroutines.
The table data changes between ROMs enough to make finding them via table comparison problematic, but the subroutines that are used to access the tables only change slightly if at all between ROMs, so this method should be fairly reliable.
Any method for doing this though is going to be imperfect, so there will be some cases where my tool can only find a "likely" match, not an exact match. In those cases it will be up to a human to go check the bot's work.
I haven't had time to work on this since my last post but I'm hoping to have some time this weekend.
For those interested, here are all of the tables I've found on my rom (52690021) grab a hex file if you don't have the right ROM on your car and you can take a peak at the maps.
http://raw.github.com/javiermuniz/ec...m/52690021.xml
For those with some assembly knowhow, my annotated assembly files are also on github. You have to download the entire repo because they are too big to browse.
I will be writing up easy to follow instructions for macos soon that will let you start doing this yourselves. If you don't have extensive knowledge of programming, it will probably be a waste of time for you (CS degree highly recommended).
p.s. homebrew accepted my pull request, so the default binutils now includes the m32r target. In order to install a working disassembler on the mac with homebrew, all you need to do now is type: brew install binutils
http://raw.github.com/javiermuniz/ec...m/52690021.xml
For those with some assembly knowhow, my annotated assembly files are also on github. You have to download the entire repo because they are too big to browse.
I will be writing up easy to follow instructions for macos soon that will let you start doing this yourselves. If you don't have extensive knowledge of programming, it will probably be a waste of time for you (CS degree highly recommended).
p.s. homebrew accepted my pull request, so the default binutils now includes the m32r target. In order to install a working disassembler on the mac with homebrew, all you need to do now is type: brew install binutils
This is very awesome indeed. Great Work...
This is exciting but to figure out what these maps do is the real challenge. So we barely touched a tip of the iceberg where we are with the X with the current ECUFLASH maps.
This is exciting but to figure out what these maps do is the real challenge. So we barely touched a tip of the iceberg where we are with the X with the current ECUFLASH maps.
