Pages: 1 [2]
Author Topic: old motronic (8051 based) disassembly  (Read 10327 times)
rmrmd1956
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 2


« Reply #15 on: April 26, 2021, 04:18:33 PM »

Idapro 64 refers to the disassembler application itself - that it executes in 64 bit mode and like the older idapro 32 which executes in 32 bit mode, they can both analyze many ROMs ,8bit,16 bit,32bit etc
The disassembly datebase is .idb  from the older idapro which I believe is no longer supported. The new 64 bit program stores the disassembly as .i64 file
« Last Edit: April 26, 2021, 04:20:42 PM by rmrmd1956 » Logged
Jonathan226
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 4


« Reply #16 on: March 26, 2023, 01:22:06 PM »

Hello everyone,

coming back to project after a long time, had to postpone research. As prj said, you can find maps in old motronics with closed eyes. I've learned how to do it, so now I have 178 maps, but labelled with unknown axis descriptors. Any ideas how to find names for axis descriptors, for Motronic MP3.2, 2.0 Turbo ?
Logged
prj
Hero Member
*****

Karma: +903/-420
Online Online

Posts: 5789


« Reply #17 on: March 26, 2023, 07:38:46 PM »

Take my ida database, use it as a reference.
Disassemble your file, and look at the code, and find similarities to my ida db.

The older Motronic ECU's are all very similar.
Logged

PM's will not be answered, so don't even try.
Log your car properly.
vwnut8392
Sr. Member
****

Karma: +18/-7
Offline Offline

Posts: 271


« Reply #18 on: May 11, 2023, 12:49:35 PM »

I have a question about axes signaturebytes and ram addresses?

for example I know that on this ecu the rpm axis is signed 3B, the manifold pressure is 43, water temperature is 3A ...

and sometimes in assembly code there are ram addresses that carry the same values:

Code:
mov MD1, B ; Multiplication/Division Register 1
mov MD4, RAM_43 ; Multiplication/Division Register 4
mov MD5, #0 ; Multiplication/Division Register 5

Code:
mov B, A ; B-Register
mov A, RAM_3B
cjne A, B, code_4FAA ; B-Register

Is there a relationship?

maybe this will help you. remember, when you see all the code like mov   MD1, B its read backwards from right to left. move B to MD1.

Code:
mov MD1, B ; This one is moving whatever is in register B to MD1
mov MD4, RAM_43 ; This one moces RAM_43 to MD4
mov MD5, #0 ; This one moves the HEX value 0 to MD5

Code:
mov B, A ; Move register A to register B
mov A, RAM_3B ; Move RAM_3B to register A
cjne A, B, code_4FAA ; Compare register B to A and jump if not equal.
Logged
vwnut8392
Sr. Member
****

Karma: +18/-7
Offline Offline

Posts: 271


« Reply #19 on: May 11, 2023, 12:59:10 PM »

Take my ida database, use it as a reference.
Disassemble your file, and look at the code, and find similarities to my ida db.

The older Motronic ECU's are all very similar.

PRJ is right. even the RAM and how its populated is almost always the same or extremely similar. one thing thats i found is always the same is some of the math code itself. bosch did a lot of copy and paste in a sense with code when they made all these ECU's regardless of who it was made for. i have found identical code and functions when crossing audi M2.3.2 with BMW, porsche and even fiat ECU's. enough similarities that i can use M2.3.2 as the base than through comparison figure out the others. my suggestion is to figure out how to populate the RAM as much as possible in disassembly. the more you have detailed in RAM the easier it becomes to follow code and see what its doing.
Logged
Pages: 1 [2]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Page created in 0.03 seconds with 17 queries. (Pretty URLs adds 0s, 0q)