pgmfi.org

Hacking up Honda's ECU
It is currently Fri Mar 29, 2024 8:45 am

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post subject: Decompilation
PostPosted: Fri Jan 16, 2004 4:21 pm 
Offline

Joined: Tue Jul 27, 2004 2:21 am
Posts: 268
Location: Milwaukee, WI
First: I hate to post about vaporware. But I'm doing it today because I think this is pretty neat. The code is all available under the asm662/experimental directory in CVS. It's written in Objective Caml, except for the Perl 66207.op -> opcode.ml converter.

Here's a glimpse of what I've been playing with lately:

<http://www.a1k0n.net/honda/p30cfg>

The .PNGs are control flow graphs of various entry points into the ROM. The control flow graphs for the INT1 and startup routines are way too complex to make a graph of with AT&T GraphViz (it runs my machine out of memory), so those have been omitted.

<http://a1k0n.net/honda/p30cfg/decomp_5063.txt> is a glimpse of the dataflow analysis program I've started on. I pre-set the local register base to 0x200, so r2 appears as RAM @0x202. Any references to data not already assigned to are assumed to be inputs to the procedure, and are tagged with ramw_in[addr] or ramb_in[addr]. Otherwise, ramb[addr] and ramw[addr] stand for RAM locations that have been assigned to, and it can do dataflow analysis on. So the next step is to implement liveness analysis and eliminate dead code, such as unused assignments to condition flags.

It does a limited amount of expression simplification, and seems to work well enough for now. I plan to have a full single-static-assignment form algorithm implemented soon which will hopefully be able to decompile the whole ROM into a C-like language.

In the meantime, if anyone has any requests for a dataflow analysis of a particular routine in a particular ROM, I will give it a shot.


Top
 Profile  
Reply with quote  
 Post subject: Re: Decompilation
PostPosted: Fri Jan 16, 2004 8:37 pm 
O2 Correction and Open Loop operation should be a priority!!!

i will appreciate anything you can work on this respect!


Top
  
Reply with quote  
 Post subject: Re: Decompilation
PostPosted: Fri Jan 16, 2004 8:45 pm 
Offline

Joined: Tue Jul 27, 2004 2:21 am
Posts: 268
Location: Milwaukee, WI
On a P30, just set 6011 to FF to enable open loop. I guess the Wiki should be a little more clear on that.


Top
 Profile  
Reply with quote  
 Post subject: Re: Decompilation
PostPosted: Fri Jan 16, 2004 10:50 pm 
Offline
Senior Developer

Joined: Tue Jul 27, 2004 2:21 am
Posts: 677
Location: New Jersey
How did you find/know these programs? (GraphViz)... That's resourceful.

[%sig%]


Top
 Profile  
Reply with quote  
 Post subject: Re: Decompilation
PostPosted: Sat Jan 17, 2004 12:41 pm 
Offline
Senior Developer

Joined: Tue Jul 27, 2004 2:09 am
Posts: 4383
Location: Cincinnati, Ohio
I'm drooling, and working on a 8051.op file so that this can help the OBD0 crowd too...

[%sig%]


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group