Pages: 1 ... 8 9 [10]
Author Topic: Map Switching Routine  (Read 200070 times)
ejg3855
Full Member
***

Karma: +6/-0
Offline Offline

Posts: 123


« Reply #135 on: February 10, 2020, 09:17:26 AM »

I understand that aspect, i also didn't say anything about blindly copying.

How would one apply the map switching routines to other .bins, I guess would be a more appropriate question.
Logged
BWF
Jr. Member
**

Karma: +3/-0
Offline Offline

Posts: 25


« Reply #136 on: April 12, 2020, 12:07:51 PM »

Good afternoon, thank this forum for the great information that there is reverse engineering.

I am doing my map switching, I can find several maps well, but problems to find the KFZW in the address 812120.

Searching and comparing several projects I found the code that refers to the KFZW, but I don't understand the "mov r13, # 311Ah"
For me it would have to be "mov r13, # 204h"

204 * 4000 = 810000
810000 + (r12 value) = 812120
« Last Edit: April 12, 2020, 12:10:06 PM by BWF » Logged
fknbrkn
Hero Member
*****

Karma: +185/-23
Offline Offline

Posts: 1454


mk4 1.8T AUM


« Reply #137 on: April 12, 2020, 01:45:58 PM »

311Ah is the rl_w axis of the kfzw 0x1311A obviously
its the short addressing method for the maps stored in 204 205 segs
and thats why you cannot simply create a new kfzw maps outside

math routine (0x78B8) should be also moved and changed to respect new segment addressing
« Last Edit: April 12, 2020, 01:47:35 PM by fukenbroken » Logged
BWF
Jr. Member
**

Karma: +3/-0
Offline Offline

Posts: 25


« Reply #138 on: April 13, 2020, 08:01:59 AM »

Is there a way to move the map to the end of the file?
I understand that R12 is the beginning of the map, r13 is axis, r14 and 15 are the variables of each axis.

If I just modify r12 to the new address, will it work?
Logged
fknbrkn
Hero Member
*****

Karma: +185/-23
Offline Offline

Posts: 1454


mk4 1.8T AUM


« Reply #139 on: April 13, 2020, 09:53:54 AM »

Quote
Is there a way to move the map to the end of the file?
yes
Quote
math routine (0x78B8) should be also moved and changed to respect new segment addressing

Quote
If I just modify r12 to the new address, will it work?
only if you place new map(s) in 204 205 segments (if you can find a free space there  Smiley)
OR
in the ram area 380000-384000 iirc
i didnt try the second option imo its a more complex way to solve this
Logged
BWF
Jr. Member
**

Karma: +3/-0
Offline Offline

Posts: 25


« Reply #140 on: April 13, 2020, 10:32:39 AM »

yesonly if you place new map(s) in 204 205 segments (if you can find a free space there  Smiley)
OR
in the ram area 380000-384000 iirc
i didnt try the second option imo its a more complex way to solve this
Thank you, I will look for a place in 204 205 segmens

Enviado desde mi MI 9 mediante Tapatalk

Logged
Slizu
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 1


« Reply #141 on: October 03, 2020, 08:38:59 AM »

hi guys!
Can anyone give me some advices or links to help me with transfering this to the 1.8T AMK?
Don't do this for me, just let me read smth. Smiley
Logged
Dejw0089
Full Member
***

Karma: +2/-6
Offline Offline

Posts: 100



« Reply #142 on: May 14, 2021, 02:15:08 AM »

hi guys!
Can anyone give me some advices or links to help me with transfering this to the 1.8T AMK?
Don't do this for me, just let me read smth. Smiley
I want to do this in AMK too but its a long way and I didnt have Ida pro for now.
Unfortunately there isnt a description of function in bin file so hard to find what we need change directly in bin file.
Logged
Dejw0089
Full Member
***

Karma: +2/-6
Offline Offline

Posts: 100



« Reply #143 on: July 03, 2021, 08:50:16 AM »

I start to diassemble code from m box ori and with map change and compare.
Please tell me what mean if in ori we have for ex. :
mov     r12, #0F28h
mov     r13, #206h

and in mod file is changed for :

mov     r12, word_BF62
mov     r13, word_BF6A

I want to understand how it work and how to read this.
Logged
morgano
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 26


« Reply #144 on: February 21, 2022, 06:59:24 AM »

I start to diassemble code from m box ori and with map change and compare.
Please tell me what mean if in ori we have for ex. :
mov     r12, #0F28h
mov     r13, #206h

and in mod file is changed for :

mov     r12, word_BF62
mov     r13, word_BF6A

I want to understand how it work and how to read this.

It seems ORI code point to a fixed address (in flash) and MOD code point to a ram address whose content can be modified dinamically elsewhere so you get an effective address switching method. IMHO.

Haven't really thrown a single second looking at it on IDA, but from the snippet you posted... this is my assumption.

Regards,
Logged
trichard3000
Full Member
***

Karma: +6/-1
Offline Offline

Posts: 57


« Reply #145 on: November 12, 2022, 11:52:21 AM »

Did anyone ever patch this multi-map routine into the 002 version of the M-Box bin?  Looking to combine these features with the 5120 hacked bin and I'm worried about potential differences between 001 and 002.

Thanks!
Logged
Pages: 1 ... 8 9 [10]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Page created in 0.027 seconds with 17 queries. (Pretty URLs adds 0s, 0q)