Why auto disassembly is tough

This is where the BIN Hackers and definition junkies discuss the inner workings of the EEC code and hardware. General tuning questions do not go here. Only technical/hardware-specific/code questions and discussions belong here.

Moderators: cgrey8, EDS50, Jon 94GT, 2Shaker

Post Reply
jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Tue May 01, 2018 6:22 pm

tvrfan wrote:
Tue May 01, 2018 2:49 pm
My original idea was to show a whole ENTRY (or CELL) as one printed row, which matches my IT programming view. This matches up with a TABLE which is a 2D structure with rows and columns.

For a command , you specify one entry of a struct and then SAD then fills in the following entries automatically until END address. Seems logical to me, but then I admit my strong IT bias. Not sure how one on each line would identify it as a structure, but I'm open to ideas.
As it is SAD does a good job too note a block of code as a structure, then commands are added to the DIR manually to give the structure context.
From your A9L DIR and LST

Code: Select all

word 862a 862d
strct 862e 864f : Y N :Y
word 8650 865d
strct 865e 868d : Y N D 100:Y
word 868e 869b :
strct 869c 86c9 : Y N D 200:Y
word 86ca 86d7
strct 86d8 86e5 : Y N D 300:Y
word 86e6 86e7

Code: Select all

863e: b0,1e   struct            ECT, 1e                                            #ECT
8640: b1,1e   struct            ACT, 1e                                            #ACT
8642: c2,28   struct            Saf, 28                                            #Saf
Take it further and individual cells can be calculated

Code: Select all

word 862a 862d
strct 862e 863d : Y N :Y
strct 863e 863f  : Y N :Y V 1
strct 8640 8641  : Y N :Y V 1
strct 8642 8643  : Y N :Y V 4
strct 8644 864f : Y N :Y
To give

Code: Select all

863e: b0,1e   struct            ECT, 30                                            #ECT

8640: b1,1e   struct            ACT, 30                                            #ACT

8642: c2,28   struct            Saf, 10  
Straight up, I would like to have a formula, as an option, to convert to Cº. This equally applies to all SFT. Quickly skimming through a DEF I see 4 different formulas that can not be covered by divisor. So free form formulas could be avoided by having something like;

Code: Select all

strct 863e 863f  : Y N :Y F 1
F 1 tells SAD to run hard coded Formula 1 against that byte (W or Y_Y or Y^ word). In this case it is hex Fº to dec Cº.

A multiplier would also be nice to avoid untidy 1/ numbers.

Bung on a units option for good measure, again for all SFT

Code: Select all

strct 863e 863f  : Y N :Y F 1 U Cº
Or
                              U PSI
                              U Hg"
                              U Advº
                              U thingamejigs
Again A9L

Code: Select all

866e: 16,c0   struct            EVP_Raw, c0                                        #EVP_Raw = 0x4cc0
8670: 17,4c   struct            117, 4c                                            #
How about an option to tell SAD this is all a word loaded as 2 bytes, something like;

Code: Select all

strct 866e 8671  :Y_Y N :Y_Y V 12800
_ signifies pass over a byte to get the next part of the word.

For loading a high byte (low byte is a byte), something like;

Code: Select all

strct bcde bcdf  :Y' N :Y V 12800 U Volts
or
strct acde acdf  :Y N :Y^ V 12800 U Volts
' or ^ tells SAD to calculate a word with the value as the high byte. SAD also picks up the SYM name from the low byte, but would SAD need an explicit Hi byte option for both address and value........
Did I miss that in the doc ? OK.....
Thanks for the explanation, Q did not make a difference for the structure I tried against. It had the 0xFF, but I probably camouflaged it with a FILL elsewhere.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Tue May 01, 2018 10:50 pm

I think I see what you are getting at , e.g. where an initialise list loads the two bytes separately, and your formula suggestion fits right in with my "class" idea.

Your example - if you specify a register as a temperature, everything related to it gets scaled as a temperature too.

My idea was to simply specify a divisor (or multiplier) and do it that way. hmm... I could also add a little units text or a preset list
multiplier instead of divisor - yes probably should do that.
Hmm.... thoughts on your multiples....if I'm understanding it right....
How about I add the ability to define what size a symbol is ? (at the moment it's only ever an address)
if you can specify a Y or a W as a size qualifier, then what you are asking could perhaps get done this way with a simpler command syntax ??
I'll have to move the 'W' (which means write in a SYM), but that's no big deal....

[ interesting aside - this could be fun if you specify a 24 or 32 bit value (e.g. Time), and SAD could then allow for the 32 bit adds....for later on !! ]

Then the struct printout could automatically put 4 bytes on that line..... with a char to switch it on or off , or perhaps if you do a 'N' (=name) it happens
automatically ... Hmmm... something like that - Anyway - I reckon that's simpler for the same outcome ??

I'll have a think about those ideas - good one.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Wed May 02, 2018 6:48 pm

tvrfan wrote:
Tue May 01, 2018 10:50 pm
I think I see what you are getting at , e.g. where an initialise list loads the two bytes separately, and your formula suggestion fits right in with my "class" idea.

Your example - if you specify a register as a temperature, everything related to it gets scaled as a temperature too.

My idea was to simply specify a divisor (or multiplier) and do it that way. hmm... I could also add a little units text or a preset list
multiplier instead of divisor - yes probably should do that.
Indeed, your class approach is good. I'm thinking all 3 multiplier, divisor and preset equation.

I went through all the BE defs I have here and distilled out all the equations that can't be done with a simple multiplier or divisor. Obviously some can be boiled down.

Code: Select all

(X*2-32)/1.8
(X/128-32)/1.8
(X/2.56)+50
(X/256)+0.5
(X/128)+1
X/2+1
((X/512)*14.64)+14.64
(X/236.25255)*14.74-14.74
X/239*14.7-14.7
1-(X/128)
2.56-(X/25600)
This worst case example can be boiled down to a divisor, but easier as a multiplier

Code: Select all

X/0.000002400*3600/2.204623/(2^31)
X/0.000005333*3600/2.204623/(2^31)
Hmm.... thoughts on your multiples....if I'm understanding it right....
How about I add the ability to define what size a symbol is ? (at the moment it's only ever an address)
if you can specify a Y or a W as a size qualifier, then what you are asking could perhaps get done this way with a simpler command syntax ??
I'll have to move the 'W' (which means write in a SYM), but that's no big deal....
Sym more or less behaves as a bYte by default at the moment and it has biT as an option, so adding Word makes sense. Alternatively make Sym behave as a word by default and add Y to the T option.

Write is one of those undocumented features. :surprised: I see it in the MSG though and have just let SAD do that automatically.

I don't mind if it is coded this way or some other way. Defining a sym size is much easier than picking apart structures and what not. Hopefully it all works out.
[ interesting aside - this could be fun if you specify a 24 or 32 bit value (e.g. Time), and SAD could then allow for the 32 bit adds....for later on !! ]
Hmmm....... what to name those options. .......don't want to break existing DIR. Do they always follow endian layout???

For the sake of backwards compatibility, existing W and Y command options would have to take precedence over SYM options.
Then the struct printout could automatically put 4 bytes on that line..... with a char to switch it on or off , or perhaps if you do a 'N' (=name) it happens
automatically ... Hmmm... something like that - Anyway - I reckon that's simpler for the same outcome ??

I'll have a think about those ideas - good one.
Yeah, the N option triggering the printing of class information is a neat solution, run with that.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sat May 05, 2018 5:56 pm

tvrfan wrote:
Tue May 01, 2018 2:49 pm
Did I miss that in the doc ? OK.....
Sorry, found Q in V3.06 help file. Too many files with the same name.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sun May 06, 2018 3:11 am

Another to ponder

Code: Select all

b9d3: b1,20,3e            ldb   R3e,20           R3e = 20;                     # B5 Set 1
.
.
b9eb: 91,40,3e            orb   R3e,40           R3e |= 40;                    # B6 Set 1
.
.
ba06: 91,80,3e            orb   R3e,80           R3e |= 80; } }                # B7 Set 1
.
.
ba09: b2,31,3c            ldb   R3c,[R30++]      R3c = [R30++];                # [R30++} is x20 B5 Set 1
.
.
ba2c: 50,3c,3e,00         an3b  R0,R3e,R3c       R0 = R3e & R3c;               # B5 is 1, Z flag not set
ba30: df,d7               je    ba09             if (R0 = 0) goto ba09;
I find this more informative;

Code: Select all

ba30: df,d7               je    ba09             if (Z_PSW = 1) goto ba09;
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sun May 13, 2018 1:41 am

I am seeing LOAD in immediate address mode having names applied to the immediate value.

In some cases the immediate value does get used as an address of a named variable.

In other cases it appears to be coincidence that the value is the same as an address elsewhere.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Thu May 17, 2018 4:17 pm

Hah !!

Just discovered why I couldn't get signed/unsigned to work reliably in SAD. Would you believe there were THREE minor bugs.
Each bug on its own didn't affect anything, even though it was wrong, but acting together they screwed up the reliable logging of the bit flags used
to mark signed/unsigned functions and tables. No wonder I had trouble finding it.

Even after 30-odd years in IT...... this stuff still surprises me !

OK, will fix issues raised (thanksagain jsa) and release a 3.07 soon.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Thu May 17, 2018 4:53 pm

Haha, gotta love those seemingly unrelated fault combo's. Great that you have found them.

Looking forward to the next version, thank you.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sun May 27, 2018 2:22 am

Just in time for the next release, haha


The auto comment is not created ## R3C<R38

Code: Select all

9191: 68,38,3c            sb2w  R3c,R38          R3c -= R38;
9194: de,0d               jlt   91a3             if (R3c < 0) goto 91a3;
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sun May 27, 2018 7:18 pm

This one's a ripper.

1st line of OFAB.bin

Code: Select all

FF FA FF E7 FC 22 FF FF FF FF 0E C0 00 A0 5D 00
SAD 3.06 output

Code: Select all

2000: 22,9b               sjmp  229d             goto 229d;

2002: 32,02,34,38,22,04,db,0a ?? 
Attachments
0FAB.BIN
(56 KiB) Downloaded 14 times
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Mon May 28, 2018 12:35 am

0FAB - Oh dear, that's totally wrong

I can quickly see why though - it's the repeated 0xff (= NOP) before the jump. Currently SAD code only expects ONE of each type of 'skippable' opcode for fingerprint of the first jump (i.e. NOP, DI, etc). OK - - - will change that to different logic check.
(why two NOPS ? doesn't make sense to me...anyway, another time perhaps !)

2. (R3c - R38 and then a JLT). Actually that's correct ( as I coded it that is ). On the basis the sb2w sets the PSW code, jlt jumps if R3C result is less than zero.... I was (so far) only creating extra comment for the cases where I couldn't represent the maths correctly, and for shifts.

Would you prefer a comment on ALL/ more conditional jumps ?? Can do that if it helps understanding....
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Mon May 28, 2018 2:05 am

Most other if DI's have a following FF. Maybe they just stayed with the convention until the compiler was tweaked.

Being a creature of habit, I looked to across for it, and instantly thought where is it.
So it could be worthwhile commenting all, for no other reason than consistency and crazy accusations from sleepy users. :oops:

I have been thinking about the output formatting order for auto comments and spacing for between a Subr end and the start of the next Subr.
I am thinking Auto comments should go at the line end after user comments.
For Subr gap I think the auto gap should be after the Subr end, followed by user comments and then straight into the next Subr. That way the user controls the gap from comments to next Subr.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Thu May 31, 2018 3:21 pm

jsa wrote:
Mon May 28, 2018 2:05 am
Most other if DI's have a following FF. Maybe they just stayed with the convention until the compiler was tweaked.

Being a creature of habit, I looked to across for it, and instantly thought where is it.
So it could be worthwhile commenting all, for no other reason than consistency and crazy accusations from sleepy users. :oops:

I have been thinking about the output formatting order for auto comments and spacing for between a Subr end and the start of the next Subr.
I am thinking Auto comments should go at the line end after user comments.
For Subr gap I think the auto gap should be after the Subr end, followed by user comments and then straight into the next Subr. That way the user controls the gap from comments to next Subr.
OK.

At the moment, auto comments come first , and only happen for defined cases where the status cannot be clearly represented in an "if (...)"

Two print options -
1) always print AFTER any user comments
2) print only if NO user comment for that line.

Actually I quite like 2. You can override any auto comment with your own.
I guess I could add auto comments everywhere, but don't want to make it overly fussy...

Subroutine - Sorry but I'm confused by what you wrote. Not sure what you are after....

Currently, SAD adds an extra blank line after any code which 'ends' that block.
An 'end' is an opcode which stops the flow at that point, i.e. a RET or a JUMP, but not a conditional jump.
That isn't 'tuneable' at the moment.

Comments are added at the end of each line by address in the _cmt file.

You can add extra blank lines/comments anywhere you like - it is also legal to use an address that is actually an operand, SAD just checks the
address attached to the comment is less than the current line being printed, and if so appends it to that line of code, and reads next comment entry.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sat Jun 02, 2018 7:53 pm

tvrfan wrote:
Thu May 31, 2018 3:21 pm

At the moment, auto comments come first , and only happen for defined cases where the status cannot be clearly represented in an "if (...)"

Two print options -
1) always print AFTER any user comments
2) print only if NO user comment for that line.

Actually I quite like 2. You can override any auto comment with your own.
I guess I could add auto comments everywhere, but don't want to make it overly fussy...
For end of line comments, I like No. 1. I don't want to add auto-comment back manually.
Subroutine - Sorry but I'm confused by what you wrote. Not sure what you are after....

Currently, SAD adds an extra blank line after any code which 'ends' that block.
An 'end' is an opcode which stops the flow at that point, i.e. a RET or a JUMP, but not a conditional jump.
That isn't 'tuneable' at the moment.
How it looks now...

Code: Select all

28c4: f0                  ret                    return;
                                                                                      <<<User gap with 28C4 | in cmt
#######################################
# Some genius user insight
# LOL
                                                                                      <<<SAD applied gap
                                                                                      <<<SAD applied gap
  Sub28C5_name:
28c5: af,f8,0f,1a         ldzbw R1a,[Rf8+f]      WR1a = S.name;

How I would prefer it to look

Code: Select all

28c4: f0                  ret                    return;
                                                                                      <<<SAD applied gap
                                                                                      <<<SAD applied gap
#######################################
#
#  If user requires gap, then user adds 28C4 | in cmt
  Sub28C5_name:
28c5: af,f8,0f,1a         ldzbw R1a,[Rf8+f]      WR1a = S.name;
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Sun Jun 03, 2018 3:04 pm

Thanks again jsa.
Comments - hmmm... As we differ on this, I'll consider a way to make the behaviour configurable !

I see that I must double check when SAD puts newlines in - I honestly didn't realise I had coded newlines in with/before symbol names....
I'll do a print layout check. I agree you should be able to 'tag' comments close to the subroutine start.

[after quick check] Ah... I see what I've done there - the use of addresses for comments at the 'end' of a block means it's inconsistent with the newlines generated.

I'm currently testing the different bins for 3.07 - I see BWAK3N2 (a full 4 bank bin) has a lot of undecoded stuff , and I need to find out why....
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Tue Jun 05, 2018 8:37 pm

I have another sneaky one.
Somewhat of a tutorial in flag setting for operations with R0.

Code: Select all

3bf9: 77,f6,03,00         ad2b  R0,[Rf6+3]       R0 += S.Hardware_Present_Switch;            # 0X00 Not present
3bfd: df,27               je    3c26             if (R0 = 0) goto 3c26;   <<<It is really R0=S.Hardware_Present_Switch
3bff: b3,f6,0f,34         ldb   R34,[Rf6+f]
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Wed Jun 06, 2018 6:58 pm

jsa -

This from 3.07 testing (CARD) in which I was supposed to have fixed R0 stuff.... logic is better, but still not right....
no sym names in my testing...

Code: Select all

3bee: 91,04,38            orb   R38,4            R38 |= 4;
3bf1: c7,74,9f,38         stb   R38,[R74+9f]     [R74-61] = R38;
3bf5: c7,74,dd,00         stb   R0,[R74+dd]      [R74-23] = 0; } }
3bf9: 77,f6,03,00         ad2b  R0,[Rf6+3]       R0 += [cf37];
3bfd: df,27               je    3c26             if (R0 = [cf37]) goto 3c26;
3bff: b3,f6,0f,34         ldb   R34,[Rf6+f]      R34 = [cf43];
3c03: 99,03,34            cmpb  R34,3            
3c06: d3,1e               jnc   3c26             if ((uns) R34 < 3) goto 3c26;  
3c08: b3,74,a1,34         ldb   R34,[R74+a1]     R34 = [R74-5f];
3c0c: 3b,34,17            jb    B3,R34,3c26      if (B3_R34 = 1) goto 3c26;
Hmmm.... what to do about this whole R0 mess......

Thanks though - It's great that you keep finding this stuff to keep me honest !!
No, seriously, I do appreciate it.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Wed Jun 06, 2018 8:39 pm

Thanks. 3.07 is an improvement.

I presume no rbase assigned to R74.

Yeah, no shortage or R0 permutations.
Add some fuzzy logic if, what, maybe :lol:

Do you have a big lookup, opcode vs flags>jump possibilities?
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Thu Jun 07, 2018 2:35 pm

No lookups as such.

What I coded is that when opcode is a conditional jump, it looks backwards for the nearest opcode which changes the PSW, up to 16.
if it finds a CMP, then it has the operands to do "if (a = b)" style, if not it uses the "R30 = 0" style (from the last written to register with PSW set)
and finally it checks for some special cases, R0 = x; being one of them. Some things (like a 'goto' or a 'ret') will to stop the backwards search.

It all works nicely apart from the R0 quirks. Well, so far that is............

if R74 is an rbase, I need to check why it's not picked up for CARD - Code works in A9L (my favourite test binary, as it has some horrid shortcuts and multi level subr argument getters ).
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Thu Jun 07, 2018 4:12 pm

Code: Select all

8ac4: a1,80,01,6a         ldw   R6a,180          R6a = 180;
8ac8: a1,80,02,6c         ldw   R6c,280          R6c = 280;
8acc: a1,80,03,6e         ldw   R6e,380          R6e = 380;
8ad0: a1,80,04,70         ldw   R70,480          R70 = 480;
8ad4: a1,80,05,72         ldw   R72,580          R72 = 580;
8ad8: a1,40,07,40         ldw   R40,740          R40 = 740;
8adc: 65,80,00,40         ad2w  R40,80           R40 += 80;
8ae0: a0,40,74            ldw   R74,R40          R74 = R40;
8ae3: a1,30,11,48         ldw   R48,1130         R48 = 1130;
CARD is more like CDAN than GUFB.

With regard to temporary registers is it possible to assign a name, other options or rbase value for address ranges?
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

motorhead1991
Regular
Posts: 86
Joined: Tue Nov 21, 2017 2:32 am

Re: Why auto disassembly is tough

Post by motorhead1991 » Thu Jun 07, 2018 4:14 pm

jsa wrote:
Thu Jun 07, 2018 4:12 pm

Code: Select all

8ac4: a1,80,01,6a         ldw   R6a,180          R6a = 180;
8ac8: a1,80,02,6c         ldw   R6c,280          R6c = 280;
8acc: a1,80,03,6e         ldw   R6e,380          R6e = 380;
8ad0: a1,80,04,70         ldw   R70,480          R70 = 480;
8ad4: a1,80,05,72         ldw   R72,580          R72 = 580;
8ad8: a1,40,07,40         ldw   R40,740          R40 = 740;
8adc: 65,80,00,40         ad2w  R40,80           R40 += 80;
8ae0: a0,40,74            ldw   R74,R40          R74 = R40;
8ae3: a1,30,11,48         ldw   R48,1130         R48 = 1130;
CARD is more like CDAN than GUFB.

With regard to temporary registers is it possible to assign a name, other options or rbase value for address ranges?
M0m2 has something a lot like that, actually.
1990 Ford Ranger FLH2 conversion. Ford forged/dished pistons, Total Seal file-fit rings, Clevite rod and main bearings, Clevite cam bearings, IHI turbo, Siemens Deka 60lb/hr injectors, Ford slot MAF in custom 3" housing. Moates Quarterhorse with Binary Editor, using the PAAD6 database.

OpenEEC Telegram Chat:
Telegram

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Thu Jun 07, 2018 11:45 pm

You can assign sym names to a register (say R6a) and an address (say 180),
but at the moment I haven't included the idea of an address range for each rbase.
Can add this option in the user command, but haven't thought of a way to do this automatically (yet)

I can add address ranges (and relevant checks) in for 3.07 if you like.

BWAK3N2 doesn't seem to work very well - after a bit of looking at it, I found THIS ....

Code: Select all

  
82471: a1,66,03,20        ldw   R20,366          STACK = 366;
82475: 2c,d9              scall 82150            Sub102();
82477: a1,8a,af,22        ldw   R22,af8a         ALTSTACK = af8a;
8247b: f4                 bnk0                   
8247c: b1,11,11           ldb   R11,11           BANK_SEL = 11;
8247f: b1,ff,9c           ldb   R9c,ff           R9c = ff;
82482: c9,7b,24           push  247b             push(247b);
82485: fe,f1              retia                  return;
Is that what I think it is ? Using the second stack pointer as the background task list pointer ??
so the subroutine vector list will go DOWN from 1af8a ???
No wonder SAD doesn't see THAT - it's completely new to me...but it has a certain elegance....

How do I find out how big the list is ???
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Fri Jun 08, 2018 1:56 am

tvrfan wrote:
Thu Jun 07, 2018 11:45 pm
You can assign sym names to a register (say R6a) and an address (say 180),
but at the moment I haven't included the idea of an address range for each rbase.
Can add this option in the user command, but haven't thought of a way to do this automatically (yet)

I can add address ranges (and relevant checks) in for 3.07 if you like.
Yes please.

In the case of an Rbase I might want
rbase for R14 with a value of x24 from address x4084 to address x418c
then some where else say;
rbase 14 26 :R 2345 23FF

An associated SYM might look like
SYM 123 "temp_name" :R 4084 418C
or
SYM 2C "some_flag" :T +1 :R 4084 418C
then some where else say
SYM 2C "another_flag" :T +1 :R 2345 23FF
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Fri Jun 08, 2018 3:04 pm

I had not considered the restricted address range idea for symbols as well, but I don't see why not....
I'll have a think about best command syntax....I guess this can be done to specify separate read and write symbols as well.....

I have made a BIG internal change to do with the way jumps are organized with the code which picks up jumps to subroutines (which was sparked by the signed/unsigned detection) and quite a few other changes/fixes made so far, I might go for a 3.07 release first.

Other -
That BWAK code again makes me wonder if the 'static' analysis method is not up to the job, and I should go for a 'controlled emulation' approach instead...
This idea keeps nagging away at me, as it may also solve some of the variable argument issues.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Sat Jun 09, 2018 10:14 pm

tvrfan wrote:
Fri Jun 08, 2018 3:04 pm
I have made a BIG internal change to do with the way jumps are organized with the code which picks up jumps to subroutines (which was sparked by the signed/unsigned detection) and quite a few other changes/fixes made so far, I might go for a 3.07 release first.
Ok, no worries either way here.

Expanding on the restricted address idea, I have a seed of an idea for subr call arguments. It appears certain arguments form the base for a fixed offset.

After sending the ferrets in........................
A Subr call with arg 3C looks like 3C+17C
Another time with arg 3F looks like 3F+17C
The goal is to have that argument named as the result 3C+17F etc.
So I think some way to inform SAD to apply an offset then name the arg.

At this point It could be 17C+3C or 17C+3F, but I have not seen that .........yet.......
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Mon Jun 11, 2018 2:34 pm

Um.. I haven't tested that in a while, but SAD does have a D option, where D <add> will add a fixed offset to a subroutine argument for printout.
In a way it's similar to an E: but that's an address encoded to form an 'rbase+offset'.

So try out a D option in the argument list ,
e.g.

SUB 1234 : W D 456: W

should add an offset of 0x456 to first word argument.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Mon Jun 11, 2018 2:35 pm

Just a note, I'll be away from home for a little while, so may not reply quickly .....
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

jsa
Tuning Addict
Posts: 493
Joined: Sat Nov 23, 2013 7:28 pm
Location: 'straya

Re: Why auto disassembly is tough

Post by jsa » Mon Jun 11, 2018 4:10 pm

Ok, thanks I will give D another hit.

Enjoy your trip.
Cheers

John

95 Escort RS Cosworth - GHAJ0 / ANTI on a COSY box code
Moates QH & BE
ForDiag

motorhead1991
Regular
Posts: 86
Joined: Tue Nov 21, 2017 2:32 am

Re: Why auto disassembly is tough

Post by motorhead1991 » Wed Jun 13, 2018 12:55 am

So, interesting conundrum;

I'm working on disassembling a version of m0m2 that I patched for datalogging (compatibility with decipha's universal adx), but SAD won't display the payload table like I want it to unless I use manual mode. Perhaps a selective manual mode could be worked in? It's kind of a fringe command for custom code, but would be helpful.
1990 Ford Ranger FLH2 conversion. Ford forged/dished pistons, Total Seal file-fit rings, Clevite rod and main bearings, Clevite cam bearings, IHI turbo, Siemens Deka 60lb/hr injectors, Ford slot MAF in custom 3" housing. Moates Quarterhorse with Binary Editor, using the PAAD6 database.

OpenEEC Telegram Chat:
Telegram

tvrfan
Tuning Addict
Posts: 348
Joined: Sat May 14, 2011 11:41 pm
Location: New Zealand

Re: Why auto disassembly is tough

Post by tvrfan » Wed Jun 13, 2018 3:03 pm

You should be able to override any part you want with a command in a <name>_dir.txt file ( so "m0m2_dir.txt")
if it's a regular 2D table, then use a TABLE command, or if not use a STRUCT command and specify each element of the row. SAD knows how many rows by the start and end address (it calculates an entry/row size from the command).
Examples are in the SAD doc for the A9L injection structure, which I hope is enough to understand how to do it.

This kind of command does not affect the auto scanning of anything else, it just 'locks' that data as per your command.
SAD should not crash even if command is wrong, so you should be able to try a command and then fix it if necessary...

At the moment I haven't got code to analyse a mixed data structure type automatically.
TVR, Triumph (cars), kit cars, classics. Ex IT geek, development and databases.

https://github.com/tvrfan/EEC-IV-disassembler

Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests