antus wrote:There is not, this is hard stuff. A lot of the information that is known is pulled by using other tools and observing what changes, because the assembly code is very complicated and understanding all the logic is a difficult task. It is not impossible, but you would typically only do the RE you need to meet your objective and some of that might be educated guesswork based on what you already know about how it works, and maybe even with manual validation by patching the bin and observing the results. You probably wont find yourself ever doing the whole bin. Operating systems started getting too complicated to do that manually about this era. 32Kb bins were a big job. 128Kb bins are quite a stretch, 512kb+ is almost no chance.
Note that in ida you can turn on "auto comments" which will give every line a description of what the opcode does. That can be a nice way to get familiar with the instruction set, but after a while it's just clutter and gets in the way. Maybe its helpful, maybe its not.
Yeah, It just sucks because there's people who've done it, but don't/haven't shared. I understand keeping intellectual property, but I've never seen it kept at such a minimum before.
I haven't even worked it out but it looks like there's very little ROM space and just as little RAM space to add in custom subroutines. I'll have to keep it to a minimum.
I may start with a CEL flash with KR. That's always my favorite having done it on all my cars.
I was going to do a custom Performance button combination, but may just to a ground switch to the PCM instead since the code will be limited.
regarding the performance button, would it be worth looking at a bin from a car that had a factory performance shift button/mode (like the 97-00 Grand Prix GTP) and modifying/adapting that?
Although that is just a switch to ground so maybe that's already what you had in mind
zack4200 wrote:regarding the performance button, would it be worth looking at a bin from a car that had a factory performance shift button/mode (like the 97-00 Grand Prix GTP) and modifying/adapting that?
Although that is just a switch to ground so maybe that's already what you had in mind
Yeah, my idea is to hook the subroutine to go to mine instead where when I hold the cruise on/off button and press resume performance shift is turned on. Then when I hold cruise on/off and press cancel performance is turned off. I don't even know what parameters control it now. None of it's defined. Stupid to let the PCM do it. There's a massive amount of drivability to be gained from tuning it and being able to toggle it.
I'd rather do this than run some aftermarket switch and wiring into the car.
As far as the other bins. I've got my old Regal and GTP bins. 98 GTP was 01, regal was 02 and the Monte is 00. 01 is the grounded switch so that's the easiest.
0 = No switch
1 = Discrete switch
2 = Analog switch
3 = Class 2
4 = UART
Well nothing in the PID descriptions that I can find are accurate regarding the cruise buttons. I’ve logged every single pid I think and see no interaction from the cruise buttons or the traction switch.
This leads me to believe there’s the BCM doing the work and handing off something to the pcm like the cooling fans.
Going to take a lot more work. Hooray.
Any insight on BCM interaction somebody can point me at?
I cant speak for the USA cars, but in this era the Australian cars had an ALDL bus and a PIM device to bridge the two busses. ABS and BCM are different modules on the ALDL bus. Just some ideas to keep in mind as you look at wiring diagrams etc.
There is a cruise control module that handles all the input / outputs. PCM only can inhibit cruise control, or get a signal when it is engaged to switch to cruise trans tables.
You can monitor only the status of these two, while cruise is set on a running car.
The BCM communicates on the VPW bus with mostly everything else. There is a separate VPW bus that dedicated communication between the PCM and the BCM on most GMs 1999 through 2007. After that I am not 100% sure but I think they are using CAN. I do know that someone used PCM Hammer and made IPC Hammer for the instrument clusters. I would love to see something similar come out for the BCMs. It would be very cool to be able to add and modify features in the BCM.
Cruise Control Description and Operation
Cruise control is a speed control system that maintains a desired vehicle speed under normal driving conditions. However, steep grades may cause variations in the selected speeds. The electronic cruise control system has the capability to CRUISE, COAST, RESUME SPEED, ACCELERATE, and TAP-UP or TAP-DOWN.
The main parts of the cruise control system are:
The cruise control module assembly
The function control switches
The cruise control release switch
The stoplamp switch assembly
The vehicle speed sensor
The cruise control system uses the cruise control module assembly to maintain the desired vehicle cruise speed and operation. The cruise control module assembly has a controller and an electric stepper motor to vary the throttle in each different cruise control mode. The controller monitors vehicle speed and operates the stepper motor. The stepper motor operates in response to the controller, to maintain the desired cruise speed. The electric stepper motor moves a strap that is attached to the cruise control cable which moves the throttle linkage. The cruise control module assembly contains a low speed limit which will prevent system engagement below a minimum speed of 40 km/h (25 mph). The module assembly is not serviceable.
The operation of the controller is controlled by the function control switches located on the multifunction turn signal lever or optional steering wheel controls. The cruise control functional control switches include the ON/OFF, SET/COAST, R/A (resume/accelerate) . The switches provide driver control of the cruise control system.
The cruise control release switch and stoplamp switch are used to disengage the cruise control. A release switch assembly and a stoplamp switch assembly are mounted on the brake pedal bracket . To disengage the system the driver presses the brake pedal . The speed of the vehicle at brake actuation will be stored in the memory of the cruise module.
With cruise control, you can maintain a speed of about 40 km/h (25 mph) or more without keeping your foot on the accelerator. When the driver turns off the on/off switch or ignition switch, the cruise control turns off. The vehicle speed stored in the memory of the cruise module will be lost.
Ignition positive voltage is supplied from the cruise fuse, to the cruise control module. The cruise control module is grounded to the chassis. When the cruise control ON/OFF switch is on, ignition positive voltage is applied to the cruise control on switch signal circuit of the cruise control module. If the driver has not pressed the brake pedal , ignition positive voltage is supplied through the cruise release switch, to the cruise release signal circuit of the cruise control module. When the driver presses the brake pedal, battery positive voltage is supplied from the stop lamp fuse, through the closed stop lamp switch to the stop lamp switch signal circuit of the cruise control module. When the SET/COAST button is pressed , ignition positive voltage is applied to the cruise control set/coast switch signal circuit of the cruise control module. When pressing the R/A (resume/accelerate), ignition positive voltage is applied to the cruise control resume/ accelerate switch signal circuit of the cruise control module.
The cruise control module receives a vehicle speed signal input from the Powertrain Control Module (PCM). In operation, the voltage varies between 0 V and 5 V.
The cruise control module, cruise engaged circuit, sends a signal to the PCM when cruise is engaged. The cruise control module, cruise inhibit signal circuit, is a circuit used by the PCM to disengage cruise control when conditions inconsistent with cruise operation are present.
After the cruise control engaged criteria has been met and the cruise ON and Set/Coast have been commanded, the cruise control module sends a signal to the PCM that the cruise control is engaged. The PCM then sends a class 2 message to the instrument panel cluster (IPC) to illuminate the cruise light, if equipped.
The PCM will inhibit cruise control:
When vehicle speed is less than 40 km/h (25 mph).
When PARK, REVERSE, NEUTRAL, or 1st gear is indicated.
With low engine RPM
With high engine RPM (fuel cut-off)
When vehicle speed is to high
When an over or under charged battery voltage condition exists
Antilock brake system/traction control system is active for more than 2 seconds
If the PCM determines that any of the cruise control inhibit conditions are present, the PCM will disengage the cruise control . The PCM accomplishes this by opening the cruise control inhibit signal circuit.
