Doing a binary comparison on BMCB and the BMCB-based chip in my car at the moment, there's a few differences unaccounted for in the XDF I'm using.

Values below are in hex.

Address / Stock BMCB / Mine
0006 / FF / 89
0007 / C9 / 1D
06FB / 50 / 00
06FE / 50 / 00
33BC / 14 / 15
3EDC / 4E / 00
3EDD / 04 / 00
3EDE / 0F / 00
3EDF / BD / 00

After a little research, it appears 0006-0007 are a 2-byte checksum. These bytes are different in each variation of a BMCB file I open or make changes to.

There's a lot of stuff stored in the 06A0-0700 range overall, so it seems likely 06FB and 06FE have some kind of 1-byte purpose as they're buried in between other values.

Some of their neighbors are....

06DA: Speed Threshold To Disable + Reset CARS
06DB: Vehicle Speed Threshold To Enable CARS
06DC: Vehicle Speed Threshold To Disable CARS
06DD: RPM Threshold To Enable CARS
06DE: % TPS Threshold To Disable CARS
06FB: ???
06FC: Cool. Temp Port Throt. Disable Threshold
06FD: Cool. Temp Port Throt. Enable Threshold
06FE: ???
06FF: Oil Temp Port Throt. Disable Threshold
0700: Oil Temp Port Throt. Enable Threshold
0705: Minimum Counts for Valet Switch Open
0706: Minimum Counts for Valet Switch Closed


The last four being in a row makes me think it's some kind of table.

I assume one of these unknowns enables FULL mode by default, since my car does go into FULL mode at ignition key on.

:cheers:

Remember, those raw addresses all start a 0x8000h.

86FB 86FB KPTCOOL PORT THROTTLE ENABLE MIN COOL TEMP
86FC 86FC KPTHCOLD PORT THROTTLE DISABLE MAX COOL TEMP
86FD 86FD KPTHCOLR PORT THROTTLE RE-ENABLE COOL TEMP
86FE 86FE KPTLOTE PORT THROTTLE ENABLE MIN OIL TEMP
86FF 86FF KPTHOTD PORT THROTTLE DISABLE MAX OIL TEMP
8700 8700 KPTHOTR PORT THROTTLE RE-ENABLE OIL TEMP
8701 8701 KPTVOLT PORT THROTTLE ENABLE MIN VOLTAGE
8702 8702 KPTVOLTH PORT THROTTLE VOLTAGE HYSTERESIS



B3BC: This is the byte change that causes the program to startup in full power mode

BEDC and BEDD: This is part of the EST (spark timing) minor loop. Changing 0x4E to 0x00 is totally odd. It's a BCLR command (the bit to clear is EST enable), in the event that the stall saver logic is active. I would not recommend that change. In effect, whoever made that change is keeping EST spark control active while the engine is in stall saver mode.


BEDE: Same routine as above. The 0x0F is an instruction to set a program interrupt, which is supposed to happen at that point. I would not make that change.

BEDF: the 0x45 is an instruction (JSR=Jump to Subroutine) which is supposed to happen next. That subroutine sends a command to another chipset on the board. WTH were they trying to accomplish by changing that to 0x00? Not a good idea, IMO.

I can only suspect they were changing these bytes to sort of leave a "marker" to identify their calibration somehow. Without understanding what was there.

There's a lot of stuff stored in the 06A0-0700 range overall, so it seems likely 06FB and 06FE have some kind of 1-byte purpose as they're buried in between other values.


Yes, there are lots of things in that range:

CCP - canister purge variables
Fan variables
A/C
IAC
AIR Pump
Secondary fuel pump
and CARS as you already pointed out

BEDC and BEDD: This is part of the EST (spark timing) minor loop. Changing 0x4E to 0x00 is totally odd. It's a BCLR command (the bit to clear is EST enable), in the event that the stall saver logic is active. I would not recommend that change. In effect, whoever made that change is keeping EST spark control active while the engine is in stall saver mode.


BEDE: Same routine as above. The 0x0F is an instruction to set a program interrupt, which is supposed to happen at that point. I would not make that change.

BEDF: the 0x45 is an instruction (JSR=Jump to Subroutine) which is supposed to happen next. That subroutine sends a command to another chipset on the board. WTH were they trying to accomplish by changing that to 0x00? Not a good idea, IMO.


Todd, thank you so much for that insight. I may put these back to stock and see how the car reacts. I have two anomalies I haven't had time to chase yet.


1) When cold it loves to stall when coming to a stop and sometimes is hard to restart. I've been attributing (excusing it...) to being a modified LT5, but maybe there's more to this than meets the eye.


2) In a high gear situation (e.g., puttering along at 70MPH in 6th) subtle increases to the throttle to pass someone gradually or when going up a hill sometimes causes the car to feel like it "shuts off" for lack of better terms. Power is immediately gone as if someone snapped the throttle shut or killed the injectors. If I drop a gear and get it to a lower load it immediately goes back to normal. I've been meaning to datalog while in these conditions to see if it's a certain combination that triggers whatever it is.


Thanks again, I appreciate sharing your knowledge on the addresses.

-Brian