T43 Dissasembly
Re: T43 Dissasembly
the older gen 3 stuff has a coast mode flag and then a seperate coast mode while braking flag. It might be that simple
Re: T43 Dissasembly
I wish
Re: T43 Dissasembly
Line pressure calc. There's a few places to adjust if needed. My lifes work lol
- Attachments
-
- Line Pressure Calc.pdf
- (130.39 KiB) Downloaded 471 times
-
antus
- Site Admin
- Posts: 8988
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: T43 Dissasembly
Good stuff. I like how you are using the code to chart exactly how these things work. There is no shortage of programs that can change things, but knowledge at this depth is rare and very helpful.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
Re: T43 Dissasembly
Ta, it's far easier to follow a chart I feel. In the future when I forget everything, referencing these charts will jog the memory that much faster than digging through partially labelled dis-jointed disassembly code again!
On a side note, I have a t43 techm sitting in front of me on loan from a very friendly bloke on this forum. I'm not quite ready to start playing with it, but not to far away hopefully. Just want to get this disassembly finished first. I think I have either borderline OCD or autism.
On a side note, I have a t43 techm sitting in front of me on loan from a very friendly bloke on this forum. I'm not quite ready to start playing with it, but not to far away hopefully. Just want to get this disassembly finished first. I think I have either borderline OCD or autism.
-
antus
- Site Admin
- Posts: 8988
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: T43 Dissasembly
Dont we all 
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
Re: T43 Dissasembly
And here is an update to the tcc pressure command. For those that use the regulator offset / gain settings, there is a few extra scalars and tables (approx. 7) not in HP or EFILive that can add to the offset. For the circle-d guys it might be worth some of your time investigating those to see if they're useful. Some are gear based too. Unfortunately not all OS's have this adder. I've marked it with a cloud. If you load up my disassembly from page 1, jump to address 0x0015b6cc to see it.
- Attachments
-
- TCC Pressure Command.pdf
- (146.82 KiB) Downloaded 315 times
Re: T43 Dissasembly
I never would have picked there are so many tcc modes. There are a crap tonne of transition criteria behind each mode which will keep me occupied.
- ACbadsn.png (32.83 KiB) Viewed 7859 times
Re: T43 Dissasembly
umm, calling powerpc assembly experts!
I'm jumping back into this after a bit of a break. Following trecools lead I'm wanting to understand how the code processes the can frame and where it ultimately lands in the ram area for use by the program.
To start with something easy; Can frame $0BE brake apply status coming in to address 0x00062ef4.
I'll start with the easy bit that I understand.
The data goes into FUN_00037994 which then moves it onto FUN_00045df0
Then it gets nasty and I'm lost!!! In assembly
And in pseudo code
I'm jumping back into this after a bit of a break. Following trecools lead I'm wanting to understand how the code processes the can frame and where it ultimately lands in the ram area for use by the program.
To start with something easy; Can frame $0BE brake apply status coming in to address 0x00062ef4.
I'll start with the easy bit that I understand.
Code: Select all
// Initial offset = 0
initOffset = 0x1fed16;
// Start of data section:
// Bytes 0-3 Address
// Bytes 4-7 Payload
puVar1 = &DAT_00062ef4;
// loop 41 times
i = 0x29;
do {
initOffset = initOffset + 1;
if (*initOffset < 0x1e) {
data = *puVar1;
local_14 = 8;
local_13 = *(puVar1 + 5);
local_12 = 0;
FUN_00037994(&data,*initOffset & 0xff);
}
puVar1 = puVar1 + 2;
i += -1;
} while (i != 0);Code: Select all
void FUN_00037994(uint *param_1,uint param_2)
{
int iVar1;
uint local_8;
undefined local_4;
undefined local_3;
undefined local_2;
local_8 = *param_1;
local_4 = *(param_1 + 1);
local_3 = *(param_1 + 5);
local_2 = *(param_1 + 6);
if (param_2 < 0x10) {
iVar1 = 0;
}
else {
param_2 = param_2 + 0xf0 & 0xff;
iVar1 = 3;
}
FUN_00045df0(&local_8,param_2,iVar1);
return;
}Code: Select all
**************************************************************
* FUNCTION *
**************************************************************
uint * __stdcall FUN_00045df0(uint * param_1, uint param
assume linkreg = 0x0
assume r13 = 0x400000
assume r2 = 0x8000
uint * r3:4 <RETURN>
uint * r3:4 param_1
uint r4:4 param_2
int r5:4 param_3
undefined4 Stack[0x4]:4 local_res4 XREF[2]: 00045dfc(W),
00046264(R)
undefined4 Stack[-0x28]:4 local_28 XREF[2]: 00045df8(W),
00046268(R)
undefined2 Stack[-0x36]:2 local_36 XREF[1]: 00046214(W)
undefined1 Stack[-0x38]:1 local_38 XREF[3]: 00045ea8(W),
00046014(W),
0004614c(W)
undefined4 Stack[-0x40]:4 local_40 XREF[1]: 00045df0(W)
FUN_00045df0 XREF[4]: FUN_000363bc:000363f8(c),
FUN_00037994:000379e0(c),
FUN_000479fc:00047a64(c),
FUN_000479fc:00047a74(c)
OS:045df0 94 21 ff c0 stwu r1,local_40(r1)
OS:045df4 7c 08 02 a6 mfspr r0,LR
OS:045df8 be c1 00 18 stmw r22,local_28(r1)
OS:045dfc 90 01 00 44 stw r0,local_res4(r1)
OS:045e00 3b 43 00 00 addi r26,param_1,0x0
OS:045e04 3b a4 00 00 addi r29,param_2,0x0
OS:045e08 3a c5 00 00 addi r22,param_3,0x0
OS:045e0c 2c 05 00 00 cmpwi param_3,0x0
OS:045e10 41 82 00 18 beq LAB_00045e28
OS:045e14 2c 05 00 01 cmpwi param_3,0x1
OS:045e18 41 82 01 7c beq LAB_00045f94
OS:045e1c 2c 05 00 03 cmpwi param_3,0x3
OS:045e20 41 82 02 ac beq LAB_000460cc
OS:045e24 48 00 04 40 b LAB_00046264
LAB_00045e28 XREF[1]: 00045e10(j)
OS:045e28 3e c0 00 30 lis r22,0x30
OS:045e2c 62 d6 70 8a ori r22,r22,DAT_0000708a = FFh
OS:045e30 54 9e 06 3e rlwinm r30,param_2,0x0,0x18,0x1f
OS:045e34 57 db 20 36 rlwinm r27,r30,0x4,0x0,0x1b
OS:045e38 6a c9 01 88 xori r9,r22,0x188
OS:045e3c 7f e9 da 14 add r31,r9,r27
OS:045e40 69 2c 00 06 xori r12,r9,0x6
OS:045e44 7f 0c da 14 add r24,r12,r27
OS:045e48 69 2b 00 03 xori r11,r9,0x3
OS:045e4c 7f 2b da 14 add r25,r11,r27
OS:045e50 83 8d 80 84 lwz r28,-0x7f7c(r13)=>DAT_003f8084 = ??
OS:045e54 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045e58 83 7c 00 1c lwz r27,0x1c(r28)
OS:045e5c 83 9c 00 18 lwz r28,0x18(r28)
OS:045e60 39 6b 00 08 addi r11,r11,0x8
OS:045e64 91 6d 80 80 stw r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045e68 3e e0 00 30 lis r23,0x30
OS:045e6c 3a f7 c0 10 subi r23,r23,DAT_00003ff0 = AAh
OS:045e70 81 4d 80 80 lwz r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045e74 81 37 00 38 lwz r9,0x38(r23)=>DAT_002fc048
OS:045e78 91 2a ff f8 stw r9,-0x8(r10)
OS:045e7c 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045e80 81 97 00 3c lwz r12,0x3c(r23)=>DAT_002fc04c
OS:045e84 91 8b ff fc stw r12,-0x4(r11)
OS:045e88 7c 60 00 a6 mfmsr param_1
OS:045e8c 7c 11 13 a6 mtspr spr051,r0
OS:045e90 7c 73 43 a6 mtspr SPRG3,param_1
OS:045e94 93 97 00 38 stw r28,0x38(r23)=>DAT_002fc048
OS:045e98 93 77 00 3c stw r27,0x3c(r23)=>DAT_002fc04c
OS:045e9c 7c 73 42 a6 mfspr param_1,SPRG3
OS:045ea0 7c 60 01 24 mtmsr param_1,0
OS:045ea4 89 59 00 00 lbz r10,0x0(r25)=>DAT_00307101 = ??
OS:045ea8 99 41 00 08 stb r10,local_38(r1)
OS:045eac 2c 1e 00 0f cmpwi r30,0xf
OS:045eb0 41 81 03 60 bgt LAB_00046210
OS:045eb4 89 9a 00 05 lbz r12,0x5(r26)
OS:045eb8 2c 0c 00 00 cmpwi r12,0x0
OS:045ebc 41 82 00 40 beq LAB_00045efc
OS:045ec0 83 da 00 00 lwz r30,0x0(r26)
OS:045ec4 57 cb 9c 34 rlwinm r11,r30,0x13,0x10,0x1a
OS:045ec8 57 ca 8f 7e rlwinm r10,r30,0x11,0x1d,0x1f
OS:045ecc 7d 6b 53 78 or r11,r11,r10
OS:045ed0 61 6b 00 18 ori r11,r11,0x18
OS:045ed4 b1 7f 00 00 sth r11,0x0(r31)=>DAT_00307102_CanDataArea??? = ??
OS:045ed8 57 cc 0c 3c rlwinm r12,r30,0x1,0x10,0x1e
OS:045edc b1 98 00 00 sth r12,0x0(r24)=>DAT_00307104 = ??
OS:045ee0 57 aa 06 3f rlwinm. r10,r29,0x0,0x18,0x1f
OS:045ee4 41 82 00 10 beq LAB_00045ef4
OS:045ee8 57 ac 06 3e rlwinm r12,r29,0x0,0x18,0x1f
OS:045eec 2c 0c 00 01 cmpwi r12,0x1
OS:045ef0 40 82 00 3c bne LAB_00045f2c
LAB_00045ef4 XREF[1]: 00045ee4(j)
OS:045ef4 3b e0 00 01 li r31,0x1
OS:045ef8 48 00 00 30 b LAB_00045f28
LAB_00045efc XREF[1]: 00045ebc(j)
OS:045efc 81 9a 00 00 lwz r12,0x0(r26)
OS:045f00 55 8c 2c 34 rlwinm r12,r12,0x5,0x10,0x1a
OS:045f04 b1 9f 00 00 sth r12,0x0(r31)=>DAT_00307102_CanDataArea??? = ??
OS:045f08 39 60 00 00 li r11,0x0
OS:045f0c b1 78 00 00 sth r11,0x0(r24)=>DAT_00307104 = ??
OS:045f10 57 aa 06 3f rlwinm. r10,r29,0x0,0x18,0x1f
OS:045f14 41 82 00 10 beq LAB_00045f24
OS:045f18 57 ac 06 3e rlwinm r12,r29,0x0,0x18,0x1f
OS:045f1c 2c 0c 00 01 cmpwi r12,0x1
OS:045f20 40 82 00 0c bne LAB_00045f2c
LAB_00045f24 XREF[1]: 00045f14(j)
OS:045f24 3b eb 00 00 addi r31,r11,0x0
LAB_00045f28 XREF[1]: 00045ef8(j)
OS:045f28 9b ed 8d b0 stb r31,-0x7250(r13)=>DAT_003f8db0 = ??
LAB_00045f2c XREF[2]: 00045ef0(j), 00045f20(j)
OS:045f2c 89 9a 00 06 lbz r12,0x6(r26)
OS:045f30 89 7a 00 04 lbz r11,0x4(r26)
OS:045f34 55 8c 38 30 rlwinm r12,r12,0x7,0x0,0x18
OS:045f38 7d 9f 5b 78 or r31,r12,r11
OS:045f3c 9b f9 00 00 stb r31,0x0(r25)=>DAT_00307101 = ??
OS:045f40 57 ea 06 31 rlwinm. r10,r31,0x0,0x18,0x18
OS:045f44 57 ec 07 3e rlwinm r12,r31,0x0,0x1c,0x1f
OS:045f48 40 82 00 2c bne LAB_00045f74
OS:045f4c 61 8c 00 40 ori r12,r12,0x40
OS:045f50 99 99 00 00 stb r12,0x0(r25)=>DAT_00307101 = ??
OS:045f54 a1 4d 8d 44 lhz r10,-0x72bc(r13)=>FLOAT_003f8d44 = ??
OS:045f58 39 60 00 01 li r11,0x1
OS:045f5c 7d 6b e8 30 slw r11,r11,r29
OS:045f60 7d 4a 58 78 andc r10,r10,r11
OS:045f64 b1 4d 8d 44 sth r10,-0x72bc(r13)=>FLOAT_003f8d44 = ??
OS:045f68 3d 80 00 40 lis r12,0x40
OS:045f6c 39 8c 8d 4a subi r12,r12,DAT_000072b6 = FFh
OS:045f70 48 00 02 70 b LAB_000461e0
LAB_00045f74 XREF[1]: 00045f48(j)
OS:045f74 61 8c 00 80 ori r12,r12,0x80
OS:045f78 99 99 00 00 stb r12,0x0(r25)=>DAT_00307101 = ??
OS:045f7c a1 6d 8d 44 lhz r11,-0x72bc(r13)=>FLOAT_003f8d44 = ??
OS:045f80 39 40 00 01 li r10,0x1
OS:045f84 7d 4a e8 30 slw r10,r10,r29
OS:045f88 7d 6b 53 78 or r11,r11,r10
OS:045f8c b1 6d 8d 44 sth r11,-0x72bc(r13)=>FLOAT_003f8d44 = ??
OS:045f90 48 00 02 80 b LAB_00046210
LAB_00045f94 XREF[1]: 00045e18(j)
OS:045f94 3e c0 00 30 lis r22,0x30
OS:045f98 62 d6 74 8a ori r22,r22,DAT_0000748a = FFh
OS:045f9c 54 9e 06 3e rlwinm r30,param_2,0x0,0x18,0x1f
OS:045fa0 57 db 20 36 rlwinm r27,r30,0x4,0x0,0x1b
OS:045fa4 6a c9 01 88 xori r9,r22,0x188
OS:045fa8 7f 09 da 14 add r24,r9,r27
OS:045fac 69 2c 00 06 xori r12,r9,0x6
OS:045fb0 7f ec da 14 add r31,r12,r27
OS:045fb4 69 2b 00 03 xori r11,r9,0x3
OS:045fb8 7f 2b da 14 add r25,r11,r27
OS:045fbc 83 8d 80 84 lwz r28,-0x7f7c(r13)=>DAT_003f8084 = ??
OS:045fc0 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045fc4 83 7c 00 1c lwz r27,0x1c(r28)
OS:045fc8 82 fc 00 18 lwz r23,0x18(r28)
OS:045fcc 39 6b 00 08 addi r11,r11,0x8
OS:045fd0 91 6d 80 80 stw r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045fd4 3f 80 00 30 lis r28,0x30
OS:045fd8 3b 9c c0 10 subi r28,r28,DAT_00003ff0 = AAh
OS:045fdc 81 4d 80 80 lwz r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045fe0 81 3c 00 38 lwz r9,0x38(r28)=>DAT_002fc048
OS:045fe4 91 2a ff f8 stw r9,-0x8(r10)
OS:045fe8 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:045fec 81 9c 00 3c lwz r12,0x3c(r28)=>DAT_002fc04c
OS:045ff0 91 8b ff fc stw r12,-0x4(r11)
OS:045ff4 7c 60 00 a6 mfmsr param_1
OS:045ff8 7c 11 13 a6 mtspr spr051,r0
OS:045ffc 7c 73 43 a6 mtspr SPRG3,param_1
OS:046000 92 fc 00 38 stw r23,0x38(r28)=>DAT_002fc048
OS:046004 93 7c 00 3c stw r27,0x3c(r28)=>DAT_002fc04c
OS:046008 7c 73 42 a6 mfspr param_1,SPRG3
OS:04600c 7c 60 01 24 mtmsr param_1,0
OS:046010 89 59 00 00 lbz r10,0x0(r25)=>DAT_00307500+1
OS:046014 99 41 00 08 stb r10,local_38(r1)
OS:046018 2c 1e 00 0f cmpwi r30,0xf
OS:04601c 41 81 01 f4 bgt LAB_00046210
OS:046020 89 9a 00 05 lbz r12,0x5(r26)
OS:046024 2c 0c 00 00 cmpwi r12,0x0
OS:046028 41 82 00 28 beq LAB_00046050
OS:04602c 83 da 00 00 lwz r30,0x0(r26)
OS:046030 57 cb 9c 34 rlwinm r11,r30,0x13,0x10,0x1a
OS:046034 57 ca 8f 7e rlwinm r10,r30,0x11,0x1d,0x1f
OS:046038 7d 6b 53 78 or r11,r11,r10
OS:04603c 61 6b 00 18 ori r11,r11,0x18
OS:046040 b1 78 00 00 sth r11,0x0(r24)=>DAT_00307502 = ??
OS:046044 57 cc 04 7e rlwinm r12,r30,0x0,0x11,0x1f
OS:046048 55 98 08 3c rlwinm r24,r12,0x1,0x0,0x1e
OS:04604c 48 00 00 14 b LAB_00046060
LAB_00046050 XREF[1]: 00046028(j)
OS:046050 81 9a 00 00 lwz r12,0x0(r26)
OS:046054 55 8c 2c 34 rlwinm r12,r12,0x5,0x10,0x1a
OS:046058 b1 98 00 00 sth r12,0x0(r24)=>DAT_00307502 = ??
OS:04605c 3b 00 00 00 li r24,0x0
LAB_00046060 XREF[1]: 0004604c(j)
OS:046060 b3 1f 00 00 sth r24,0x0(r31)=>DAT_00307504 = ??
OS:046064 89 9a 00 06 lbz r12,0x6(r26)
OS:046068 89 7a 00 04 lbz r11,0x4(r26)
OS:04606c 55 8c 38 30 rlwinm r12,r12,0x7,0x0,0x18
OS:046070 7d 9f 5b 78 or r31,r12,r11
OS:046074 9b f9 00 00 stb r31,0x0(r25)=>DAT_00307500+1
OS:046078 57 ea 06 31 rlwinm. r10,r31,0x0,0x18,0x18
OS:04607c 57 ec 07 3e rlwinm r12,r31,0x0,0x1c,0x1f
OS:046080 40 82 00 2c bne LAB_000460ac
OS:046084 61 8c 00 40 ori r12,r12,0x40
OS:046088 99 99 00 00 stb r12,0x0(r25)=>DAT_00307500+1
OS:04608c a1 4d 8d 46 lhz r10,-0x72ba(r13)=>FLOAT_003f8d44+2
OS:046090 39 60 00 01 li r11,0x1
OS:046094 7d 6b e8 30 slw r11,r11,r29
OS:046098 7d 4a 58 78 andc r10,r10,r11
OS:04609c b1 4d 8d 46 sth r10,-0x72ba(r13)=>FLOAT_003f8d44+2
OS:0460a0 3d 80 00 40 lis r12,0x40
OS:0460a4 39 8c 8d 6a subi r12,r12,DAT_00007296 = FFh
OS:0460a8 48 00 01 38 b LAB_000461e0
LAB_000460ac XREF[1]: 00046080(j)
OS:0460ac 61 8c 00 80 ori r12,r12,0x80
OS:0460b0 99 99 00 00 stb r12,0x0(r25)=>DAT_00307500+1
OS:0460b4 a1 6d 8d 46 lhz r11,-0x72ba(r13)=>FLOAT_003f8d44+2
OS:0460b8 39 40 00 01 li r10,0x1
OS:0460bc 7d 4a e8 30 slw r10,r10,r29
OS:0460c0 7d 6b 53 78 or r11,r11,r10
OS:0460c4 b1 6d 8d 46 sth r11,-0x72ba(r13)=>FLOAT_003f8d44+2
OS:0460c8 48 00 01 48 b LAB_00046210
LAB_000460cc XREF[1]: 00045e20(j)
OS:0460cc 3e c0 00 30 lis r22,0x30
OS:0460d0 62 d6 78 8a ori r22,r22,DAT_0000788a = FFh
OS:0460d4 54 9e 06 3e rlwinm r30,param_2,0x0,0x18,0x1f
OS:0460d8 57 db 20 36 rlwinm r27,r30,0x4,0x0,0x1b
OS:0460dc 6a c9 01 88 xori r9,r22,0x188
OS:0460e0 7f 09 da 14 add r24,r9,r27
OS:0460e4 69 2c 00 06 xori r12,r9,0x6
OS:0460e8 7f ec da 14 add r31,r12,r27
OS:0460ec 69 2b 00 03 xori r11,r9,0x3
OS:0460f0 7f 2b da 14 add r25,r11,r27
OS:0460f4 83 8d 80 84 lwz r28,-0x7f7c(r13)=>DAT_003f8084 = ??
OS:0460f8 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:0460fc 83 7c 00 1c lwz r27,0x1c(r28)
OS:046100 83 9c 00 18 lwz r28,0x18(r28)
OS:046104 39 6b 00 08 addi r11,r11,0x8
OS:046108 91 6d 80 80 stw r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:04610c 3e e0 00 30 lis r23,0x30
OS:046110 3a f7 c0 10 subi r23,r23,DAT_00003ff0 = AAh
OS:046114 81 4d 80 80 lwz r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046118 81 37 00 38 lwz r9,0x38(r23)=>DAT_002fc048
OS:04611c 91 2a ff f8 stw r9,-0x8(r10)
OS:046120 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046124 81 97 00 3c lwz r12,0x3c(r23)=>DAT_002fc04c
OS:046128 91 8b ff fc stw r12,-0x4(r11)
OS:04612c 7c 60 00 a6 mfmsr param_1
OS:046130 7c 11 13 a6 mtspr spr051,r0
OS:046134 7c 73 43 a6 mtspr SPRG3,param_1
OS:046138 93 97 00 38 stw r28,0x38(r23)=>DAT_002fc048
OS:04613c 93 77 00 3c stw r27,0x3c(r23)=>DAT_002fc04c
OS:046140 7c 73 42 a6 mfspr param_1,SPRG3
OS:046144 7c 60 01 24 mtmsr param_1,0
OS:046148 89 59 00 00 lbz r10,0x0(r25)=>DAT_00307901 = ??
OS:04614c 99 41 00 08 stb r10,local_38(r1)
OS:046150 2c 1e 00 0f cmpwi r30,0xf
OS:046154 41 81 00 bc bgt LAB_00046210
OS:046158 89 9a 00 05 lbz r12,0x5(r26)
OS:04615c 2c 0c 00 00 cmpwi r12,0x0
OS:046160 41 82 00 28 beq LAB_00046188
OS:046164 83 da 00 00 lwz r30,0x0(r26)
OS:046168 57 cb 9c 34 rlwinm r11,r30,0x13,0x10,0x1a
OS:04616c 57 ca 8f 7e rlwinm r10,r30,0x11,0x1d,0x1f
OS:046170 7d 6b 53 78 or r11,r11,r10
OS:046174 61 6b 00 18 ori r11,r11,0x18
OS:046178 b1 78 00 00 sth r11,0x0(r24)=>DAT_00307902 = ??
OS:04617c 57 cc 04 7e rlwinm r12,r30,0x0,0x11,0x1f
OS:046180 55 98 08 3c rlwinm r24,r12,0x1,0x0,0x1e
OS:046184 48 00 00 14 b LAB_00046198
LAB_00046188 XREF[1]: 00046160(j)
OS:046188 81 9a 00 00 lwz r12,0x0(r26)
OS:04618c 55 8c 2c 34 rlwinm r12,r12,0x5,0x10,0x1a
OS:046190 b1 98 00 00 sth r12,0x0(r24)=>DAT_00307902 = ??
OS:046194 3b 00 00 00 li r24,0x0
LAB_00046198 XREF[1]: 00046184(j)
OS:046198 b3 1f 00 00 sth r24,0x0(r31)=>DAT_00307904 = ??
OS:04619c 89 9a 00 06 lbz r12,0x6(r26)
OS:0461a0 89 7a 00 04 lbz r11,0x4(r26)
OS:0461a4 55 8c 38 30 rlwinm r12,r12,0x7,0x0,0x18
OS:0461a8 7d 9f 5b 78 or r31,r12,r11
OS:0461ac 9b f9 00 00 stb r31,0x0(r25)=>DAT_00307901 = ??
OS:0461b0 57 ea 06 31 rlwinm. r10,r31,0x0,0x18,0x18
OS:0461b4 57 ec 07 3e rlwinm r12,r31,0x0,0x1c,0x1f
OS:0461b8 40 82 00 3c bne LAB_000461f4
OS:0461bc 61 8c 00 40 ori r12,r12,0x40
OS:0461c0 99 99 00 00 stb r12,0x0(r25)=>DAT_00307901 = ??
OS:0461c4 a1 4d 8d 48 lhz r10,-0x72b8(r13)=>FLOAT_003f8d48 = ??
OS:0461c8 39 60 00 01 li r11,0x1
OS:0461cc 7d 6b e8 30 slw r11,r11,r29
OS:0461d0 7d 4a 58 78 andc r10,r10,r11
OS:0461d4 b1 4d 8d 48 sth r10,-0x72b8(r13)=>FLOAT_003f8d48 = ??
OS:0461d8 3d 80 00 40 lis r12,0x40
OS:0461dc 39 8c 8d 8a subi r12,r12,DAT_00007276 = FFh
LAB_000461e0 XREF[2]: 00045f70(j), 000460a8(j)
OS:0461e0 57 ab 0d fc rlwinm r11,r29,0x1,0x17,0x1e
OS:0461e4 7d 8c 5a 14 add r12,r12,r11
OS:0461e8 39 40 00 00 li r10,0x0
OS:0461ec b1 4c 00 00 sth r10,0x0(r12)=>FLOAT_003f8d88+2
OS:0461f0 48 00 00 20 b LAB_00046210
LAB_000461f4 XREF[1]: 000461b8(j)
OS:0461f4 61 8c 00 80 ori r12,r12,0x80
OS:0461f8 99 99 00 00 stb r12,0x0(r25)=>DAT_00307901 = ??
OS:0461fc a1 6d 8d 48 lhz r11,-0x72b8(r13)=>FLOAT_003f8d48 = ??
OS:046200 39 40 00 01 li r10,0x1
OS:046204 7d 4a e8 30 slw r10,r10,r29
OS:046208 7d 6b 53 78 or r11,r11,r10
OS:04620c b1 6d 8d 48 sth r11,-0x72b8(r13)=>FLOAT_003f8d48 = ??
LAB_00046210 XREF[6]: 00045eb0(j), 00045f90(j),
0004601c(j), 000460c8(j),
00046154(j), 000461f0(j)
OS:046210 a1 96 00 00 lhz r12,0x0(r22)=>DAT_0030788a = ??
OS:046214 b1 81 00 0a sth r12,local_36(r1)
OS:046218 7c 60 00 a6 mfmsr param_1
OS:04621c 7c 11 13 a6 mtspr spr051,r0
OS:046220 7c 73 43 a6 mtspr SPRG3,param_1
OS:046224 81 4d 80 80 lwz r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046228 3f a0 00 30 lis r29,0x30
OS:04622c 81 4a ff fc lwz r10,-0x4(r10)
OS:046230 3b bd c0 10 subi r29,r29,DAT_00003ff0 = AAh
OS:046234 91 5d 00 3c stw r10,0x3c(r29)=>DAT_002fc04c
OS:046238 81 8d 80 80 lwz r12,-0x7f80(r13)=>DAT_003f8080 = ??
OS:04623c 39 8c ff fc subi r12,r12,0x4
OS:046240 91 8d 80 80 stw r12,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046244 81 6d 80 80 lwz r11,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046248 81 6b ff fc lwz r11,-0x4(r11)
OS:04624c 91 7d 00 38 stw r11,0x38(r29)=>DAT_002fc048
OS:046250 81 4d 80 80 lwz r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:046254 39 4a ff fc subi r10,r10,0x4
OS:046258 91 4d 80 80 stw r10,-0x7f80(r13)=>DAT_003f8080 = ??
OS:04625c 7c 73 42 a6 mfspr param_1,SPRG3
OS:046260 7c 60 01 24 mtmsr param_1,0
LAB_00046264 XREF[1]: 00045e24(j)
OS:046264 80 01 00 44 lwz r0,local_res4(r1)
OS:046268 ba c1 00 18 lmw r22,local_28(r1)
OS:04626c 7c 08 03 a6 mtspr LR,r0
OS:046270 38 21 00 40 addi r1,r1,0x40
OS:046274 4e 80 00 20 blr
Code: Select all
uint * FUN_00045df0(uint *param_1,uint param_2,int param_3)
{
undefined4 *puVar1;
byte bVar2;
uint uVar3;
undefined4 *puVar4;
int iVar5;
undefined2 uVar6;
byte *pbVar7;
uint uVar8;
uint in_MSR;
uint *puVar9;
if (param_3 == 0) {
iVar5 = (param_2 & 0xff) * 0x10;
pbVar7 = &DAT_00307101 + iVar5;
puVar4 = _DAT_003f8080 + 2;
*_DAT_003f8080 = _DAT_002fc048;
_DAT_003f8080 = puVar4;
_DAT_003f8080[-1] = _DAT_002fc04c;
uVar8 = in_MSR >> 0xe & 1;
puVar9 = in_MSR & 0x9030 | in_MSR & 0xffff6fcf | (in_MSR >> 0xf & 1 | uVar8) << 0xf | (in_MSR >> 5 & 1 | uVar8) << 5 | (in_MSR >> 4 & 1 | uVar8) << 4;
if (0xf < (param_2 & 0xff)) goto LAB_00046210;
if (*(param_1 + 5) == '\0') {
*(&DAT_00307102_CanDataArea??? + iVar5) = *param_1 << 5;
*(&DAT_00307104 + iVar5) = 0;
if (((param_2 & 0xff) == 0) || ((param_2 & 0xff) == 1)) {
DAT_003f8db0 = 0;
}
}
else {
uVar8 = *param_1;
*(&DAT_00307102_CanDataArea??? + iVar5) = uVar8 >> 0xd & 0xffe0 | uVar8 >> 0xf & 7 | 0x18;
*(&DAT_00307104 + iVar5) = uVar8 << 1;
if (((param_2 & 0xff) == 0) || ((param_2 & 0xff) == 1)) {
DAT_003f8db0 = 1;
}
}
bVar2 = *(param_1 + 1);
uVar8 = *(param_1 + 6) << 7 | bVar2;
*pbVar7 = uVar8;
bVar2 &= 0xf;
if ((uVar8 & 0x80) != 0) {
*pbVar7 = bVar2 | 0x80;
FLOAT_003f8d44._0_2_ |= 1 << (param_2 & 0x3f);
goto LAB_00046210;
}
*pbVar7 = bVar2 | 0x40;
FLOAT_003f8d44._0_2_ &= ~(1 << (param_2 & 0x3f));
iVar5 = 0x3f8d4a;
}
else if (param_3 == 1) {
uVar3 = param_2 & 0xff;
pbVar7 = &DAT_00307500 + uVar3 * 0x10 + 1;
puVar4 = _DAT_003f8080 + 2;
*_DAT_003f8080 = _DAT_002fc048;
_DAT_003f8080 = puVar4;
_DAT_003f8080[-1] = _DAT_002fc04c;
uVar8 = in_MSR >> 0xe & 1;
puVar9 = in_MSR & 0x9030 | in_MSR & 0xffff6fcf | (in_MSR >> 0xf & 1 | uVar8) << 0xf | (in_MSR >> 5 & 1 | uVar8) << 5 | (in_MSR >> 4 & 1 | uVar8) << 4;
if (0xf < uVar3) goto LAB_00046210;
if (*(param_1 + 5) == '\0') {
(&DAT_00307502)[uVar3 * 8] = *param_1 << 5;
uVar6 = 0;
}
else {
uVar8 = *param_1;
(&DAT_00307502)[uVar3 * 8] = uVar8 >> 0xd & 0xffe0 | uVar8 >> 0xf & 7 | 0x18;
uVar6 = (uVar8 & 0x7fff) << 1;
}
(&DAT_00307504)[uVar3 * 8] = uVar6;
bVar2 = *(param_1 + 1);
uVar8 = *(param_1 + 6) << 7 | bVar2;
*pbVar7 = uVar8;
bVar2 &= 0xf;
if ((uVar8 & 0x80) != 0) {
*pbVar7 = bVar2 | 0x80;
FLOAT_003f8d44._2_2_ |= 1 << (param_2 & 0x3f);
goto LAB_00046210;
}
*pbVar7 = bVar2 | 0x40;
FLOAT_003f8d44._2_2_ &= ~(1 << (param_2 & 0x3f));
iVar5 = 0x3f8d6a;
}
else {
if (param_3 != 3) {
return param_1;
}
iVar5 = (param_2 & 0xff) * 0x10;
pbVar7 = &DAT_00307901 + iVar5;
puVar4 = _DAT_003f8080 + 2;
*_DAT_003f8080 = _DAT_002fc048;
_DAT_003f8080 = puVar4;
_DAT_003f8080[-1] = _DAT_002fc04c;
uVar8 = in_MSR >> 0xe & 1;
puVar9 = in_MSR & 0x9030 | in_MSR & 0xffff6fcf | (in_MSR >> 0xf & 1 | uVar8) << 0xf | (in_MSR >> 5 & 1 | uVar8) << 5 | (in_MSR >> 4 & 1 | uVar8) << 4;
if (0xf < (param_2 & 0xff)) goto LAB_00046210;
if (*(param_1 + 5) == '\0') {
*(&DAT_00307902 + iVar5) = *param_1 << 5;
uVar6 = 0;
}
else {
uVar8 = *param_1;
*(&DAT_00307902 + iVar5) = uVar8 >> 0xd & 0xffe0 | uVar8 >> 0xf & 7 | 0x18;
uVar6 = (uVar8 & 0x7fff) << 1;
}
*(&DAT_00307904 + iVar5) = uVar6;
bVar2 = *(param_1 + 1);
uVar8 = *(param_1 + 6) << 7 | bVar2;
*pbVar7 = uVar8;
bVar2 &= 0xf;
if ((uVar8 & 0x80) != 0) {
*pbVar7 = bVar2 | 0x80;
FLOAT_003f8d48._0_2_ |= 1 << (param_2 & 0x3f);
goto LAB_00046210;
}
*pbVar7 = bVar2 | 0x40;
FLOAT_003f8d48._0_2_ &= ~(1 << (param_2 & 0x3f));
iVar5 = 0x3f8d8a;
}
*(iVar5 + (param_2 & 0xff) * 2) = 0;
LAB_00046210:
puVar4 = _DAT_003f8080 + -1;
puVar1 = _DAT_003f8080 + -2;
_DAT_003f8080 = _DAT_003f8080 + -2;
_DAT_002fc04c = *puVar4;
_DAT_002fc048 = *puVar1;
return puVar9;
}-
antus
- Site Admin
- Posts: 8988
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: T43 Dissasembly
I am not sure if I can help here, I am deep in 68k but not PPC, but I took a look at the function in IDA. Its pseudocode looked quite different, It interpreted the if/else statements as a switch, it does looks like a switch statement which does 1 of 3 things (case 0, 1 and 3) from that decision point (variable from the caller in a3). But overall it didn't provide extra clarity and dropped out to asm in places so I dont think it worked well enough to be helpful. It has flagged a few instructions as controlling interrupt functionality in the CPU, so I think this could be an interrupt handler. But also it could have the wrong CPU configuration so it might not be real. Worth considering, but dont take it as a certainty. I am not sure if Ghidra can do a block diagram (aka graph) like Ida, but I like the visual representation as it helps get your head around the decision points and the chunks of code that do a thing. It helps guide thinking to a slightly higher level of logic than the actual opcodes. I took a couple of screenshots and stitched them together, maybe it can help your brain map out the asm. Ive also attached the Ida pseudocode, but I think it provides less clarity rather than more.
Code: Select all
unsigned int *__fastcall sub_45DF0(unsigned int *result, int a2, int a3)
{
int v3; // r13
unsigned int *v5; // r26
int v6; // r27
_WORD *v7; // r31
_WORD *v8; // r24
_BYTE *v9; // r25
int v10; // r28
int v11; // r27
int v12; // r28
unsigned int v15; // r30
char v16; // r31
char v17; // r31
char v18; // r12
int v19; // r12
int v20; // r27
_WORD *v21; // r24
_WORD *v22; // r31
_BYTE *v23; // r25
int v24; // r28
int v25; // r27
int v26; // r23
unsigned int v29; // r30
__int16 v30; // r24
char v31; // r31
char v32; // r12
int v33; // r27
_WORD *v34; // r24
_WORD *v35; // r31
_BYTE *v36; // r25
int v37; // r28
int v38; // r27
int v39; // r28
unsigned int v42; // r30
__int16 v43; // r24
char v44; // r31
char v45; // r12
v5 = result;
switch ( a3 )
{
case 0:
v6 = 16 * (unsigned __int8)a2;
v7 = (_WORD *)(v6 + 3174658);
v8 = (_WORD *)(v6 + 3174660);
v9 = (_BYTE *)(v6 + 3174657);
v10 = *(_DWORD *)(v3 - 32636);
v11 = *(_DWORD *)(v10 + 28);
v12 = *(_DWORD *)(v10 + 24);
*(_DWORD *)(v3 - 32640) += 8;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 8) = dword_2FC048;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 4) = dword_2FC04C;
__asm
{
mfmsr r3
mtspr eid, r0 # External interrupt disable
mtsprg3 r3
}
dword_2FC048 = v12;
dword_2FC04C = v11;
__asm
{
mfsprg3 r3
mtmsr r3
}
if ( (unsigned __int8)a2 > 0xFu )
goto LABEL_32;
if ( *((_BYTE *)v5 + 5) )
{
v15 = *v5;
*v7 = (*v5 >> 13) & 0xFFE0 | (*v5 >> 15) & 7 | 0x18;
*v8 = 2 * v15;
if ( (_BYTE)a2 && (unsigned __int8)a2 != 1 )
goto LABEL_14;
v16 = 1;
}
else
{
*v7 = 32 * *(_WORD *)v5;
*v8 = 0;
if ( (_BYTE)a2 && (unsigned __int8)a2 != 1 )
goto LABEL_14;
v16 = 0;
}
*(_BYTE *)(v3 - 29264) = v16;
LABEL_14:
v17 = (*((_BYTE *)v5 + 6) << 7) | *((_BYTE *)v5 + 4);
*v9 = v17;
v18 = v17 & 0xF;
if ( (v17 & 0x80) != 0 )
{
*v9 = v18 | 0x80;
*(_WORD *)(v3 - 29372) |= 1 << a2;
goto LABEL_32;
}
*v9 = v18 | 0x40;
*(_WORD *)(v3 - 29372) &= ~(1 << a2);
v19 = 4164938;
LABEL_30:
*(_WORD *)(v19 + ((2 * a2) & 0x1FE)) = 0;
goto LABEL_32;
case 1:
v20 = 16 * (unsigned __int8)a2;
v21 = (_WORD *)(v20 + 0x307502);
v22 = (_WORD *)(v20 + 0x307504);
v23 = (_BYTE *)(v20 + 0x307501);
v24 = *(_DWORD *)(v3 - 0x7F7C);
v25 = *(_DWORD *)(v24 + 28);
v26 = *(_DWORD *)(v24 + 24);
*(_DWORD *)(v3 - 32640) += 8;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 8) = dword_2FC048;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 4) = dword_2FC04C;
__asm
{
mfmsr r3
mtspr eid, r0 # External interrupt disable
mtsprg3 r3
}
dword_2FC048 = v26;
dword_2FC04C = v25;
__asm
{
mfsprg3 r3
mtmsr r3
}
if ( (unsigned __int8)a2 > 0xFu )
goto LABEL_32;
if ( *((_BYTE *)v5 + 5) )
{
v29 = *v5;
*v21 = (*v5 >> 13) & 0xFFE0 | (*v5 >> 15) & 7 | 0x18;
v30 = 2 * (v29 & 0x7FFF);
}
else
{
*v21 = 32 * *(_WORD *)v5;
v30 = 0;
}
*v22 = v30;
v31 = (*((_BYTE *)v5 + 6) << 7) | *((_BYTE *)v5 + 4);
*v23 = v31;
v32 = v31 & 0xF;
if ( (v31 & 0x80) != 0 )
{
*v23 = v32 | 0x80;
*(_WORD *)(v3 - 29370) |= 1 << a2;
goto LABEL_32;
}
*v23 = v32 | 0x40;
*(_WORD *)(v3 - 29370) &= ~(1 << a2);
v19 = 4164970;
goto LABEL_30;
case 3:
v33 = 16 * (unsigned __int8)a2;
v34 = (_WORD *)(v33 + 3176706);
v35 = (_WORD *)(v33 + 3176708);
v36 = (_BYTE *)(v33 + 3176705);
v37 = *(_DWORD *)(v3 - 32636);
v38 = *(_DWORD *)(v37 + 28);
v39 = *(_DWORD *)(v37 + 24);
*(_DWORD *)(v3 - 32640) += 8;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 8) = dword_2FC048;
*(_DWORD *)(*(_DWORD *)(v3 - 32640) - 4) = dword_2FC04C;
__asm
{
mfmsr r3
mtspr eid, r0 # External interrupt disable
mtsprg3 r3
}
dword_2FC048 = v39;
dword_2FC04C = v38;
__asm
{
mfsprg3 r3
mtmsr r3
}
if ( (unsigned __int8)a2 <= 0xFu )
{
if ( *((_BYTE *)v5 + 5) )
{
v42 = *v5;
*v34 = (*v5 >> 13) & 0xFFE0 | (*v5 >> 15) & 7 | 0x18;
v43 = 2 * (v42 & 0x7FFF);
}
else
{
*v34 = 32 * *(_WORD *)v5;
v43 = 0;
}
*v35 = v43;
v44 = (*((_BYTE *)v5 + 6) << 7) | *((_BYTE *)v5 + 4);
*v36 = v44;
v45 = v44 & 0xF;
if ( (v44 & 0x80) != 0 )
{
*v36 = v45 | 0x80;
*(_WORD *)(v3 - 29368) |= 1 << a2;
goto LABEL_32;
}
*v36 = v45 | 0x40;
*(_WORD *)(v3 - 29368) &= ~(1 << a2);
v19 = 4165002;
goto LABEL_30;
}
LABEL_32:
__asm
{
mfmsr r3
mtspr eid, r0 # External interrupt disable
mtsprg3 r3
}
dword_2FC04C = *(_DWORD *)(*(_DWORD *)(v3 - 32640) - 4);
*(_DWORD *)(v3 - 32640) -= 4;
dword_2FC048 = *(_DWORD *)(*(_DWORD *)(v3 - 32640) - 4);
*(_DWORD *)(v3 - 32640) -= 4;
__asm
{
mfsprg3 r3
mtmsr r3
}
break;
}
return result;
}
- Attachments
-
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396