1DGA disassembly

All hardware related, disassembly / programming and code discussions belong here.
jsa
Posts: 361
Joined: 2021 Feb 16, 15:46
Location: Australia
Vehicle Information: 95 Escort RS Cosworth
2.0 YBP
CARD / QUIK / COSY / ANTI
GHAJ0
SMD-190 / SMD-490 EEC-IV

Binary Editor
ForDiag

Re: 1DGA disassembly

Unread post by jsa »

Was the consolidated DIR of no value to you?
Jamie from oz
Posts: 54
Joined: 2022 Jul 08, 04:54
Location: South Australia
Vehicle Information: 1995 ford falcon ute 5.0 windsor efi

Re: 1DGA disassembly

Unread post by Jamie from oz »

I have been doing both and yes it has helped heaps.
just wanted to post the one that Dimitrios can also use for now
jsa
Posts: 361
Joined: 2021 Feb 16, 15:46
Location: Australia
Vehicle Information: 95 Escort RS Cosworth
2.0 YBP
CARD / QUIK / COSY / ANTI
GHAJ0
SMD-190 / SMD-490 EEC-IV

Binary Editor
ForDiag

Re: 1DGA disassembly

Unread post by jsa »

Why is he unable to use the consolidated one?
Jamie from oz
Posts: 54
Joined: 2022 Jul 08, 04:54
Location: South Australia
Vehicle Information: 1995 ford falcon ute 5.0 windsor efi

Re: 1DGA disassembly

Unread post by Jamie from oz »

I am not sure if he has yet.
Jamie from oz
Posts: 54
Joined: 2022 Jul 08, 04:54
Location: South Australia
Vehicle Information: 1995 ford falcon ute 5.0 windsor efi

Re: 1DGA disassembly

Unread post by Jamie from oz »

Almost finished the functions in the consolidated dir.
Should get that part finished tomorrow.
Jamie from oz
Posts: 54
Joined: 2022 Jul 08, 04:54
Location: South Australia
Vehicle Information: 1995 ford falcon ute 5.0 windsor efi

Re: 1DGA disassembly

Unread post by Jamie from oz »

Have named the tables and functions also aligned the A9L ones if you want to check my progress.
1DGA_256k_Consolidated_DIR.zip
(25.62 KiB) Downloaded 119 times
will start on the scalers next.
jsa
Posts: 361
Joined: 2021 Feb 16, 15:46
Location: Australia
Vehicle Information: 95 Escort RS Cosworth
2.0 YBP
CARD / QUIK / COSY / ANTI
GHAJ0
SMD-190 / SMD-490 EEC-IV

Binary Editor
ForDiag

Re: 1DGA disassembly

Unread post by jsa »

The cross matches I've looked at look good.

At some point the DIR commands will need to be put into a definition of one flavour or another. Retyping all that info is undesirable. I see you have taken the names from A9L DIR unchanged, which is perfectly ok, however the layout of the resulting DIR does not lend itself to conversion. The A9L dir was done long before the idea of automating some info transfer.

You may have noted that the consolidated DIR I generated has a consistent layout. Also have a look at the more complete RZASA I've posted in another thread. They were generated by getting data and processing it consistently. Ideally reversing that process can save a lot of manual retyping to build a definition. In the 1DGA DIR some Fn names are at the beginning, some at the end and some not at all. The beginning suits conversion because it starts at a set number of characters. Yes. some names maybe unknown so Fnx8A12 is better than nothing.

Copy the function and associated sym's to an excel worksheet, likewise tables to another, now try using text to columns to break out the address, FN name, sign and size from the commands. Could consistent layout make that easier?


Looking at Sub_49DD is 1DGA which matches Sub17 in TVRfans A9L.
I'd be inclined to name the Sub, something like;

Code: Select all

SUB 49DD  "Sub49DD_Adptv"
If I could find an exact subroutine match in the strategy docs, I'd name it after that.

This could be cleaned up by combining the correct info and eliminating the repeats.
Likewise for others as you progress.

Code: Select all

sym 8a1e "Spk_Injector_timing_Maf_Backflow_Sclr~RPM(Rpmscale)"          #{4}
fun 8a1e 8a39: UW X 10 : UW X 10 V 256                                  #{4}
#SYM8A1E "uuwFn070"                                                     #Spark, Injector Timing, MAF Backflow Scaler for RPM {2}
#FUN8A1E 8A39 :UW :UW #[UW=flo(X/4)] [UW=flo(X/256)]                    #rpm>column {2}
#SYM8A1E "uuwFn.0x8a1e"                                                 # {3}
#FUN8A1E 8A39 :UW :UW #[UW=flo(x*1)] [UW=flo(X/256)]                    #>SC {3}
I've looked in the GUFB strategy to confirm an appropriate function name.
Becomes something like;

Code: Select all

SYM 8A1E "uuwFn070_Adp_MAF-Bf_Inj_Spk~RPM"                              #RPM Normalizing function for Spark, Injector Timing, MAF Backflow. GUFB 6-38 {0}
FUN 8A1E 8A39 :UW V 4 :UW V 256 #[UW=flo(X/4)] [UW=flo(X/256)]          #rpm>column {0}
List looks like;
The first line is a comment from a CMT file entry.

Code: Select all

    # rpm > column
   uuwFn070_Adp_MAF-Bf_Inj_Spk~RPM:
8a1e: ff,ff,00,09         func      16383.75 ,         9    
8a22: 80,3e,00,09         func       4000    ,         9    
8a26: e0,2e,00,08         func       3000    ,         8    
8a2a: 70,17,00,05         func       1500    ,         5    
8a2e: f0,0a,00,01         func        700    ,         1    
8a32: c4,09,00,00         func        625    ,         0    
8a36: 00,00,00,00         func          0    ,         0    
With a view to generating a definition the commands would be broken up in a spreadsheet, something like;
Name;

Code: Select all

Fn070
or
uuwFn070_Adp_MAF-Bf_Inj_Spk~RPM
Short description;

Code: Select all

RPM Normalizing function for Spark, Injector Timing, MAF Backflow. GUFB 6-38
Sign;

Code: Select all

U
Size;

Code: Select all

W
X Equation;

Code: Select all

X/4
Y Equation;

Code: Select all

X/256
Address;

Code: Select all

8A1E
At some future point a database of Function names may be used to build detailed descriptions and other info into definition conversion, but that's not soon.

SCA and STR commands need to be added to tidy up the disassembly.

Have a look at the table at 0x8EFD in the DIR, drop the bank off of the end address. Yes the consolidated DIR should not have it to start with, my conversion mistake.
Jamie from oz
Posts: 54
Joined: 2022 Jul 08, 04:54
Location: South Australia
Vehicle Information: 1995 ford falcon ute 5.0 windsor efi

Re: 1DGA disassembly

Unread post by Jamie from oz »

Yes it's coming along slowly.

When I have them all in the dir I was going to add the short names (eg FN070 )

I didn't remove any extra lines that have the reference of origin as its been a good cross-reference.

Will look at that table and there was also a couple functions that had table naming in the A9L dir/cmt .

The 1dga xdf has most of the scalers functions and tables ### commented out and I will correct them for now and see if you can help me make a BE file and QH payload at some point.
jsa
Posts: 361
Joined: 2021 Feb 16, 15:46
Location: Australia
Vehicle Information: 95 Escort RS Cosworth
2.0 YBP
CARD / QUIK / COSY / ANTI
GHAJ0
SMD-190 / SMD-490 EEC-IV

Binary Editor
ForDiag

Re: 1DGA disassembly

Unread post by jsa »

Sounds good.

I'll suss out the payload in the mean time.
jsa
Posts: 361
Joined: 2021 Feb 16, 15:46
Location: Australia
Vehicle Information: 95 Escort RS Cosworth
2.0 YBP
CARD / QUIK / COSY / ANTI
GHAJ0
SMD-190 / SMD-490 EEC-IV

Binary Editor
ForDiag

Re: 1DGA disassembly

Unread post by jsa »

Chuck these in the DIR

Code: Select all

Sub 2032 "Sub2032_InitAll_Rst"                                          # {0}
Sub 2151 "Sbg2151_BG_Looper"                                            # {0}
SUB 2172 "Sbg2172_BG_LoopOfDeath"                                       # {0}

Sub 860B "Sbg860B_Cal_Console"                                          # {0}
Sub 860C "Sbg860C_CC/Patch"                                             # Call Calibration Console or Patchcode {0}

Post Reply