RomRaider

Looking to help make definitions on logging side and editor side. Where is a good place to start reading on this subject?

Only huge hex editing I have is converting maps to be flashed on a chip... (not subarus)

Point me in the correct direction?

What is it you are trying to do exactly?
The defs are pretty easy to write once you know what parameters to put in them.
If you are looking for def formats then just bust one open a look at them. Also look at the DTD file.

If you are trying to figure out were to get the parameters to put in a def then you need to read up on ROM disassembly and get the hardware and software manuals for the processor of interest.

This is more or less what im looking to do... for instance some of the new lgt's don't have defs yet and I would like to help with that... Or posters on here requesting the definitions.

I dont know how different the location of everything will be from year to year but they have to be discovered and then written into the def correct?
Goes the same way with ECU flash i would think...
The location of each piece of the rom in the memory then mapped in the def...
IS it more of a guess and check situation with newer Roms? IE take a 2012 sti... We have the Rom but no defs... Im guessing a great deal of the locations are going to be the same as say a 2011 but there will be differences im sure. So lets make a definition for that and post it up for everyone...
First start by comparing a 2011 to a 2012 and see whats correct or not... If we find things missing or pulling data from the wrong spot int he memory ( IE i go to pull total timing advance but turns out to be the map sensor etc) then we need to find the proper location for that param to map in the definition correct? Whats the best method for doing so? Or worst case one does not even have a previous definition that could be considered similar. Starting from scratch... whats the best path to take here?

I originally started using a Hex Editor, with a known ROM and the new unknown ROM. I then made an exact copy of the existing known definition and went through table by table to find the locations, which were normally in a similiar section of the ROM. A lot of trial and error but once you work out what you are looking for, it was quite easy. I then had RomRaider point to the new unknown ROM definition and would 'refresh' the ROM every few tables to check it all looked good. The 3D tables were easier than 2D tables but the 1D tables are a nightmare this way. I am purchasing IDA to make things easier, with the intention of finding all the 3D and 2D tables via HEX/Scoobyrom and then using IDA to cross-reference 1D tables.

As for logger definitions, I cant comment until I get IDA but it should work fine.

IDA as is hex-rays? Im not familiar with scoobyrom....

What if you dont have an existing rom? Or wanted to start from scratch? I guess it would all be guess and check? kind of a pita...

I guess the process in making these defs is the same for ecu flash as well...
I ask about ecu flash since in most cases if the def does not work with romraider chances are there is not a def for ecu flash... ANd with that being said I have never tried to flash a car with ecu flash and not have the definitions... Is that even possible? or does one have to make all three? Make the def for logging and the editing (although this could be done in ecu flash but prefer romradier) and then one to flash the car using ecu flash... correct?

edit> i guess i should have posted this in ecu analysis... reading > me

From one MY to the next the maps may be the same or similar but the logic can change and the location of the map data can change quite a bit. Once you have the addresses, writing them to an EcuFlash or RR def is easy. I actually define everything in IDA first, dump the address, from that address list I create a RR Editor def & Logger def. From the RR Editor def I can create the Ecuflash def, all within a few minutes via some scripts I wrote.

If you start here and skip the bits about loading a ROM in IDA, the rest gives a good overview of how the tables and references to the tables are laid out in the ROM.
ScoobyROM can instantly allow you to visualize the tables in the ROM. But you need IDA to follow the logic to determine if/how a table is used. Most ROMs have both AT & MT tables defined so many will appear to be duplicated. It's all trial and error to figure out which are the correct tables without disassembling the ROM. 1D values, forget it, you won't find them without IDA.
If you don't have IDA there's a basic SH2 dis-assembler here.

I really havent even looked through the definitions to see how similar they are... Maybe I should start there... Compare ecu flash to editor etc etc... I would like the editor and the logger are almost identical? Im only guess that ecu flash def would be the one that's very different...