Announcement

Collapse
No announcement yet.

CSL '0401' Program Binary Disassembly Notes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Originally posted by bmwfnatic View Post

    Makes sense, which binary do we use for this?
    Off the back of Heinz's suggestion I'm setting up a GitHub repo with the basics to enable multiple people to contribute to this. I'll share here as soon as it's good enough to share as a start. This will include the binary, etc (I'm using Terra's modified 0401 binary)


    Sent from my iPhone using Tapatalk
    2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
    Build Thread:
    https://nam3forum.com/forums/forum/m...e46-m3-journal

    Comment


      #17
      Originally posted by karter16 View Post

      Off the back of Heinz's suggestion I'm setting up a GitHub repo with the basics to enable multiple people to contribute to this. I'll share here as soon as it's good enough to share as a start. This will include the binary, etc (I'm using Terra's modified 0401 binary)


      Sent from my iPhone using Tapatalk
      Sounds good, but I meant more which binary belongs to the A2L.
      I understand we intend to reverse the CSL bin.
      E46 ///M3 • 12/2002 • phönix-gelb • 6MT
      E39 ///M5 • 12/1998 • avus-blau • 6MT
      E60 ///M5 • 11/2006 • saphir-schwarz • 6MT

      Comment


        #18
        Originally posted by bmwfnatic View Post

        Sounds good, but I meant more which binary belongs to the A2L.
        I understand we intend to reverse the CSL bin.
        Ah I'm with you apologies - afaik there was never a correct A2L leaked for the CSL binary - others have pieced it together from the A2L that was leaked. It is incomplete and there are a range of parameters/curves and tables that seem specific to the CSL that are not identified by the A2L. This is part of the fun and as I'm going through I'm discovering where the XDF/A2L is incorrect.


        Sent from my iPhone using Tapatalk
        2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
        Build Thread:
        https://nam3forum.com/forums/forum/m...e46-m3-journal

        Comment


          #19
          Originally posted by karter16 View Post

          Ah I'm with you apologies - afaik there was never a correct A2L leaked for the CSL binary - others have pieced it together from the A2L that was leaked. It is incomplete and there are a range of parameters/curves and tables that seem specific to the CSL that are not identified by the A2L. This is part of the fun and as I'm going through I'm discovering where the XDF/A2L is incorrect.


          Sent from my iPhone using Tapatalk
          I know there isn’t one for the CSL binary, I am still trying to figure out which binary it does belong to 😂
          E46 ///M3 • 12/2002 • phönix-gelb • 6MT
          E39 ///M5 • 12/1998 • avus-blau • 6MT
          E60 ///M5 • 11/2006 • saphir-schwarz • 6MT

          Comment


            #20
            Originally posted by bmwfnatic View Post

            I know there isn't one for the CSL binary, I am still trying to figure out which binary it does belong to 😂
            This is why I shouldn't reply to comments at work. Sorry. Yes interesting question - I haven't seen that information anywhere. I guess a way to do it would be to load each binary against it and see how much of it aligns, but that would be a huge amount of effort. Also I guess it's entirely possible the A2L is from during development and doesn't align exactly to any production binary.


            Sent from my iPhone using Tapatalk
            2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
            Build Thread:
            https://nam3forum.com/forums/forum/m...e46-m3-journal

            Comment


              #21
              Original post is now updated with link to the GitHub repo and some basic information on getting started. For anyone who is interested please have a look and let me know where you might need more info/guidance on getting up and running.

              Click image for larger version

Name:	Screenshot 2024-12-16 at 6.30.47 PM.png
Views:	133
Size:	238.1 KB
ID:	287211
              2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
              Build Thread:
              https://nam3forum.com/forums/forum/m...e46-m3-journal

              Comment


                #22
                It appears that the memory space at 0x00ff8000 through 0x00ff87ff (which is managed by CS5 in the SIM module) is somehow a shared memory space between Master and Slave for global variables which need to be accessed by both functions that reside on the master and on the slave. I'm yet to confirm for sure or figure out exactly how it works, or whether there's some other mechanism at play.
                2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
                Build Thread:
                https://nam3forum.com/forums/forum/m...e46-m3-journal

                Comment


                  #23
                  Nice work, the next consequent step would be to advance or reroute the SMG-CAN-functionality (or PT-CAN) to deal with the E92 and/or F8x DCT.

                  Comment


                    #24
                    Here's the function that calculates the variable speed lights based on oil temp. Useful to find this as these parameters are incorrectly mapped in the XDF.

                    Click image for larger version

Name:	Screenshot 2024-12-19 at 6.25.02 PM.png
Views:	97
Size:	112.6 KB
ID:	287567
                    2005 ///M3 SMG Coupe Silbergrau Metallic/CSL bucket seats
                    Build Thread:
                    https://nam3forum.com/forums/forum/m...e46-m3-journal

                    Comment


                      #25
                      Originally posted by karter16 View Post
                      Here's the function that calculates the variable speed lights based on oil temp. Useful to find this as these parameters are incorrectly mapped in the XDF.
                      Seems it's just a bit shifted, 0 starts earlier and there are 6.
                      At the bottom of function 0x1ddfc there seems to be some logic where the old amount of activated lights is compared against a new hypothetical value, and once this new value has been consistent for at least K_DWF_T_HYS (0xac7b) amount of times, the new value is adpoted.
                      This is to prevent the lights from going back on and off if the temperature is on the edge I think.
                      E46 ///M3 • 12/2002 • phönix-gelb • 6MT
                      E39 ///M5 • 12/1998 • avus-blau • 6MT
                      E60 ///M5 • 11/2006 • saphir-schwarz • 6MT

                      Comment


                        #26
                        Originally posted by karter16 View Post
                        It appears that the memory space at 0x00ff8000 through 0x00ff87ff (which is managed by CS5 in the SIM module) is somehow a shared memory space between Master and Slave for global variables which need to be accessed by both functions that reside on the master and on the slave. I'm yet to confirm for sure or figure out exactly how it works, or whether there's some other mechanism at play.
                        This could be a reason, why I never really got a emulator to work in one of the eeproms. The emulator doesn't support writing from ecu side to it.
                        …under construction.

                        Comment

                        Working...
                        X