HC16 module for IDA Pro 4.7.0.830

Links to development tools which have been useful to this project

Moderator: Freon

Postby LGT-3-6 » Sun May 28, 2006 6:24 am

JonnyM wrote:
LGT-3-6 wrote:I don't believe this is completely correct. This doesn't appear to work the the 05 LGT roms I'm trying.. They point to AAC, and there lies garbage. Also I'm not sure what you're doing with PK, it makes perfect sense for it the be the LSN, it's the first 4 bits of a 20bit address, PC is the lower 16 bits.. No? I just started thumbing through the architecture :/


Well, this thread is for Motorola HC16 - a cpu which the 05 LGT doesn't have..
I think you'd better read the forum a bit more before starting to work on the roms 8)
SOB... I guess this explains why they have such horrible engine managment problems.. UGH..
LGT-3-6
 
Posts: 50
Joined: Fri Jun 03, 2005 1:12 pm

Postby cboles » Sun May 28, 2006 9:26 am

FYI, an 05 LGT uses a SH7058 processor (SH2 family). IDA Pro Advanced 5.0 supports this quite well.

Colby
cboles
Site Admin
 
Posts: 1233
Joined: Wed Dec 29, 2004 5:45 pm
Location: Seattle, WA

Postby Alex_VI » Mon Jun 11, 2007 4:25 am

cboles wrote:FYI, an 05 LGT uses a SH7058 processor (SH2 family). IDA Pro Advanced 5.0 supports this quite well.

Colby


I install IDA Pro Advanced 5.0, but I don`t see supports of the SH2 family.., only SH3 and SH4.
Alex_VI
 
Posts: 4
Joined: Fri Jun 08, 2007 9:00 am
Location: Russia

Postby Freon » Mon Jun 11, 2007 2:26 pm

Use SH4B. It's just an extension.
Freon
 
Posts: 700
Joined: Thu Nov 17, 2005 5:50 pm
Location: Indianapolis, IN

Postby Alex_VI » Tue Jun 12, 2007 3:19 am

Freon wrote:Use SH4B. It's just an extension.


Thank you

Can you tell me, what values I have to enter in IDA, when the ROM file (Evo 8 ) is opening?

Processor type - Hitachi SH4B
Loading segment - 0x00000000
Loading offset - 0x00000000

ROM
ROM start address-?
ROM size-?

Input file
Loading address-?
File offset-?
Loading siza-?

If I leave all by default, IDA says:
can`t identify the entry point automatically as there is no standard of binaries.
Alex_VI
 
Posts: 4
Joined: Fri Jun 08, 2007 9:00 am
Location: Russia

Postby Freon » Wed Jun 13, 2007 3:03 pm

A good start might be to download the hardware and software manuals from Renesas's website.

It may not make any sense if you don't have any education or experience in computer science.
Freon
 
Posts: 700
Joined: Thu Nov 17, 2005 5:50 pm
Location: Indianapolis, IN

Re: HC16 module for IDA Pro 4.7.0.830

Postby elevenpoint7five » Tue Nov 17, 2009 12:06 pm

I realize that this is an old post, but I'm really hoping there is someone that can lend a hand here.

First, I was wondering if the issue in IDA has been fixed in newer versions?

cboles wrote:* there is an intentional non-standard ordering of operands for the BRCLR and BRSET opcodes. this is becaise IDA doesn't seem to follow branches if the code addresses are in an operand position greater than 3 (which happens when you use indirect addressing with X, Y, and Z). as a fix, i turned what should be:

BRCLR yOffset, Y, #bitmask, branchaddress

and changed it to

BRCLR yOffset, Y, branchaddress, #bitmask


Secondly, I'm having an issue getting the addressing down. It seems that sometimes the program is storing the contents of an accumulator to a memory location that seems to be part of a subroutine, specifically, an opcode, rather than storing it to a memory location that seems to be just that, a memory location. Is this a way of changing the logic that has been programmed, or am I reading it wrong?

Another issue I am having with the addressing is the offsets. For instance, I've been trying to figure the NPS out which according to the logger defs for RR is a switch at byte 0x000062 bit 7. So I created a custom def to log memory location 0x000062 as opposed to each individual bit. The number changed accordingly, depending on what I did. So that is obviously the correct location, however in IDA it seems to be stored elsewhere. The same location(0x000062) is set to what seems to be a pre-determined number using this code:
Code: Select all
lde #36h
ste 62h, Y

Can anyone explain how this index addressing works? Also, why it is being set in the program when I've logged it and found that it is changed by sensor input(even though I haven't been able to find any logic to support his idea, I know it to be true from logging)?

Thanks in advance to anyone that can lend a hand here, this has been kicking my ass all week and I am determined to learn this.

Andy
elevenpoint7five
 
Posts: 20
Joined: Mon Aug 18, 2008 3:17 pm
Location: Chicago

Re: HC16 module for IDA Pro 4.7.0.830

Postby hackish » Fri Nov 20, 2009 4:35 pm

I've found the IDA support group is excellent for this sort of stuff. I pointed out a few small bugs in one of their processor modules and they had a fix emailed to me by the next morning. Definitely good customer support from them.

-Michael
hackish
 
Posts: 17
Joined: Thu Oct 19, 2006 2:25 pm

Re: HC16 module for IDA Pro 4.7.0.830

Postby letsteyr » Thu May 13, 2010 12:25 am

You will get the correct address if you add a user defined offset of 20000h (Ctrl-R) to all nn,Z operands.
It's not very difficult to write a .idc scripts that does it automagically..
The nn,Y has to be done manually since Y is not static.


Anyone has an idea to solve this problem? Cause i solved the problem "manually" using CTRL-R but it's a huge stuff.
It would be good to find a faster solution
letsteyr
 
Posts: 43
Joined: Wed Jan 31, 2007 4:32 am

Re: HC16 module for IDA Pro 4.7.0.830

Postby boost junkie » Wed Nov 16, 2011 7:28 am

IDA now has a free download version but its based on v5.0. Can someone recompile the HC16 module for v5? I have the SDK here but am having trouble getting it to compile. Any help would be appreciated as I'm trying to disassemble a different HC16 rom (neon) that hasn't been done before AFAIK.

Here is the SDK. Click on "download original".
boost junkie
 
Posts: 2
Joined: Wed Jan 23, 2008 11:47 am

Re: HC16 module for IDA Pro 4.7.0.830

Postby boost junkie » Fri Nov 18, 2011 3:19 pm

Well, I found visual studio and recompiled the module for v5 but the free version won't load it. It's DLL file is missing a bunch of stuff. Bummer!
boost junkie
 
Posts: 2
Joined: Wed Jan 23, 2008 11:47 am

Previous

Return to Development Tools

Who is online

Users browsing this forum: No registered users and 5 guests