Write new code? - Page 4 - EvolutionM - Mitsubishi Lancer and Lancer Evolution Community



Write new code?

Reply
 
 
 
Thread Tools Search this Thread
Old May 19, 2009, 11:32 PM   #46
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

obviously choose an address that isn't DIRECTLY referenced.

but then you also have to choose an address that isn't inside a range...

0xffff8400 is a good start, john is using 0xffff8480+, so maybe look at 0xffff8500...
Offline
 
Reply With Quote
Old May 19, 2009, 11:33 PM   #47
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

half light, as in flashing on/off REALLY quick?

you are probably missing the main counting loop at the top (0->255)
Offline
 
Reply With Quote
Old May 19, 2009, 11:44 PM   #48
Evolved Member
 
acamus's Avatar
 
Join Date: Mar 2008
Location: Lattitude 48.38, Longitude 17.58, Altitude 146m = Slovakia, for common dude
Posts: 730
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: his wife crazy & 14 ASX

Code:
sub_35500
00035500                 sts.l   pr, @-r15
00035502                 mov.l   r0, @-r15
00035504                 mov.l   r1, @-r15
00035506                 mov.l   r2, @-r15
00035508                 mov.l   @(h'80,pc), r1 ; FFFF8500
0003550A                 mov.b   @r1, r0
0003550C                 add     #1, r0
0003550E                 and     #h'FF, r0
00035510                 mov.b   r0, @r1
00035512                 mov.l   @(h'7C,pc), r1 ; FFFF8501
00035514                 mov.w   @r1, r0
00035516                 mov.w   @(h'88,pc), r2 ;h'15E
00035518                 cmp/hi  r2, r0
0003551A                 bf      35520
0003551C                 mov     #0, r0
0003551E                 mov.w   r0, @r1
00035520                 mov.l   @(h'70,pc), r0 ;  mut_9a
00035522                 mov.w   @r0, r0
00035524                 mov.l   @(h'70,pc), r1 ; FFFF8502
00035526                 mov.w   r0, @r1
00035528                 mov.w   @(h'70,pc), r0 ;  1
0003552A                 tst     r0, r0
0003552C                 bt      35548
0003552E                 mov.w   @(h'6C,pc), r0 ;  1
00035530                 mov.l   @(h'50,pc), r1 ; mut_26
00035532                 mov.w   @r1, r1
00035534                 cmp/hs  r0, r1
00035536                 bf      35548
00035538                 mov.w   @(h'64,pc), r0 ; h'140
0003553A                 mov.l   @(h'4C,pc), r1 ; load_2b
0003553C                 mov.w   @r1, r1
0003553E                 cmp/hs  r0, r1
00035540                 bf      35548
00035542                 mov.l   @(h'4C,pc), r1 ; FFFF8501
00035544                 mov.w   @(h'5A,pc), r0 ; h'15E
00035546                 mov.w   r0, @r1
00035548                 mov.l   @(h'44,pc), r1 ; FFFF8501
0003554A                 mov.w   @r1, r0
0003554C                 tst     r0, r0
0003554E                 bt      35554
00035550                 add     #-1, r0
00035552                 mov.w   r0, @r1
00035554                 tst     r0, r0
00035556                 bt      3556C
00035558                 mov.l   @(h'30,pc), r0 ; FFFF8500
0003555A                 mov.b   @r0, r0
0003555C                 shlr2   r0
0003555E                 shlr2   r0
00035560                 tst     #1, r0
00035562                 bf      3556C
00035564                 mov.l   @(h'30,pc), r1 ; FFFF8502
00035566                 mov.w   @r1, r0
00035568                 xor     #8, r0
0003556A                 mov.w   r0, @r1
0003556C                 mov.l   @r15+, r2
0003556E                 mov.l   @r15+, r1
00035570                 mov.l   @r15+, r0
00035572                 mov.l   @(h'C,pc), r0 ; sub A98A
00035574                 jsr     @r0 ; sub_A98A
00035576                 nop
00035578                 lds.l   @r15+, pr
0003557A                 rts
0003557C                 nop
Maybe I do not understand how it shall work but with engine off (not started) it shall not be lit according to code. Yes exactly rapid on/offs. So I have picked exactly the addresses you have suggested .

Last edited by acamus; Nov 4, 2009 at 10:31 PM.
Offline
 
Reply With Quote
Old May 19, 2009, 11:49 PM   #49
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

check out 0x35512...

you are loading an odd offset into r1, then doing a mov.w from it. so you are getting an alignment problem..

fix that up first
Offline
 
Reply With Quote
Old May 19, 2009, 11:55 PM   #50
Evolved Member
 
acamus's Avatar
 
Join Date: Mar 2008
Location: Lattitude 48.38, Longitude 17.58, Altitude 146m = Slovakia, for common dude
Posts: 730
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: his wife crazy & 14 ASX

Oh, right, obvious bugs are always overlooked.

Thank you, you certainly deserve your GURU status
Offline
 
Reply With Quote
Old May 20, 2009, 11:26 PM   #51
Evolved Member
 
acamus's Avatar
 
Join Date: Mar 2008
Location: Lattitude 48.38, Longitude 17.58, Altitude 146m = Slovakia, for common dude
Posts: 730
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: his wife crazy & 14 ASX

Quote:
Originally Posted by tephra View Post
check out 0x35512...

you are loading an odd offset into r1, then doing a mov.w from it. so you are getting an alignment problem..

fix that up first
Dave I believe you are wrong here, the line @35512 is pretty legitimate according to manual:

MOV.W @(disp,PC),Rn
1001nnnndddddddd
(disp 2 + PC) → Sign extension → Rn

so displacement (disp) can be odd...., this must be something else...

you can search h'7c in your rom and will find many mov commands.
Offline
 
Reply With Quote
Old May 20, 2009, 11:29 PM   #52
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

its the mov.w @r1, r0 that im worried about.

its legal syntax, but i am pretty sure you will find that you are actually getting 0xffff8500 and 01, not 01 and 02 as you think.

it still needs to be word aligned...
Offline
 
Reply With Quote
Old May 21, 2009, 12:57 AM   #53
Evolved Member
 
acamus's Avatar
 
Join Date: Mar 2008
Location: Lattitude 48.38, Longitude 17.58, Altitude 146m = Slovakia, for common dude
Posts: 730
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: his wife crazy & 14 ASX

I understand now the mistake, I am trying to use variables of byte size for word assignments . Thank you again.
Offline
 
Reply With Quote
Old May 21, 2009, 01:52 AM   #54
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

ya

my mistake for not highlighting it properly!
Offline
 
Reply With Quote
Old May 21, 2009, 11:12 PM   #55
Evolved Member
iTrader: (12)
 
dude's Avatar
 
Join Date: Dec 2003
Location: Farmington, NM
Posts: 590
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: EVO VIII

Quote:
Originally Posted by tephra View Post
rte or rts?

NOP after jsr
Wow! What Rosetta Stone CD do I need to understand this language? I'm an Engineer and I don't understand any of this, though granted I only took VB and C++ and didn't enjoy either.

Keep up the good work guys, the more fellas we have attacking our ECU disasm, the more awesome our tuning platform becomes!


And Tephra, we need to get you another EVO!
Offline
 
Reply With Quote
Old May 21, 2009, 11:13 PM   #56
EvoM Guru
iTrader: (6)
 
Join Date: Feb 2007
Location: Melbourne, Australia
Posts: 9,475
Thanked 39 Times in 30 Posts

Drives: WW EvoX GSR

hehe.

hightlight my sig hidden secrets :P (or just bad colouring on my behalf :P)
Offline
 
Reply With Quote
Old Mar 6, 2017, 12:09 PM   #57
Newbie
 
Join Date: Nov 2012
Location: tbilisi, georgia
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: mitsubishi outlander turbo

stupid question here, how realistic is it to disassemble rom without IDA? any free alternatives?
Offline
 
Reply With Quote
Old Mar 6, 2017, 12:20 PM   #58
Evolved Member
iTrader: (2)
 
logic's Avatar
 
Join Date: Apr 2003
Location: Berkeley, CA
Posts: 1,020
Thanks: 0
Thanked 1 Time in 1 Post

Drives: 96530006

Wow, old thread.

I wrote an SH2 disassembler in Python years ago, if it helps: https://github.com/logic/sh2dis

No support, and you're definitely on your own for working with the resulting output.
Offline
 
Reply With Quote
Old Mar 9, 2017, 12:15 AM   #59
Newbie
 
Join Date: Jun 2014
Location: Russia
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts

Drives: Airtek

Quote:
Originally Posted by sowne View Post
stupid question here, how realistic is it to disassemble rom without IDA? any free alternatives?
you can use GNU binutils or KPIT
Offline
 
Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
New Mwmber from Italy Zeno EvoM Newbie / FAQs Forum 13 Nov 25, 2016 08:55 AM
5 SPEED SWAP write up mykep83 Evo Engine / Turbo / Drivetrain 1 Jul 9, 2016 09:29 AM
Website that compiles trackday list? CaliMR Motor Sports 3 Apr 15, 2016 02:33 PM
I am compiling all of the 2015 Black Friday tool ads in one spot. 99ishVR4 The Loft (Evom Car Talk Corner) 6 Nov 25, 2015 01:22 PM


Tags
255, alien, amd64, architecture, code, current, dpkggencontrol, dpkgshlibdeps, exit, failure, find, gnush, host, libcso6, library, needed, pac, returned, v0901

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 03:14 PM.


 
  • Ask a Question
    Get answers from community experts
Question Title:
Description:
Your question will be posted in: