Difference between revisions of "Reverse Engineering Information"
Jump to navigation
Jump to search
(Created page with "= Purpose of this section = =Quick Reference= ==Memory address lookup== Registers a0, a1, a8, and a9 are used as offsets when the code needs to reference different memory...") |
|||
Line 1: | Line 1: | ||
= Purpose of this section = | = Purpose of this section = | ||
− | + | =Helpful links= | |
+ | https://www.infineon.com/dgdl/Infineon-SAK-TC1796-256F150E%20BE-DS-v01_00-EN.pdf?fileId=5546d46249a28d750149a34e1f28045d | ||
+ | https://www.infineon.com/dgdl/TriCore_EABI_v2_3.pdf?fileId=db3a304412b407950112b40f8d7a142b | ||
Revision as of 17:03, 23 November 2020
Purpose of this section
Helpful links
https://www.infineon.com/dgdl/Infineon-SAK-TC1796-256F150E%20BE-DS-v01_00-EN.pdf?fileId=5546d46249a28d750149a34e1f28045d https://www.infineon.com/dgdl/TriCore_EABI_v2_3.pdf?fileId=db3a304412b407950112b40f8d7a142b
Quick Reference
Memory address lookup
Registers a0, a1, a8, and a9 are used as offsets when the code needs to reference different memory locations. There's a table in the ECU that sets up those offsets at boot:
0000:808835CC movh.a a0, #0xD002 0000:808835D0 lea a0, [a0]-0x8000 0000:808835D4 movh.a a1, #0xA081 0000:808835D8 lea a1, [a1]-0x8000 0000:808835DC movh.a a8, #0x8005 0000:808835E0 lea a8, [a8]-0x7800 0000:808835E4 movh.a a9, #0xD001 0000:808835E8 lea a9, [a9]-0x4000
What that means, is that at any point in the code, these registers always have the following values:
a0: 0xD0018000 a1: 0xA0808000 a8: 0x80048800 a9: 0xD000C000
A quick example of how this is implemented in code:
8019044a c9 00 de c9 ld.h d0,[a0]-0x60e2
This takes the value of a0 (0xD0018000), subtracts 0x60e2 (=0xD0011F1E), and pulls the value of that memory address into d0. In the case of one common software version, that's:
/begin MEASUREMENT tia_cha_up "Air Temperature upstream the Charger" SWORD _CNV_A_R_CHRG_LINEA_171_CM 1 100. -48. 335.994140625 DISPLAY_IDENTIFIER TIA_CHA_UP ECU_ADDRESS 0xd0011f1e FORMAT "%7.3" /begin IF_DATA ETK KP_BLOB 0xd0011f1e INTERN 2 RASTER 30 /end IF_DATA /end MEASUREMENT