PDA

View Full Version : Running 5E0 ID command...


Zandis
08-02-2004, 04:43 PM
This is the result when I patched my flash file:
-----------------------------------------
locating functions for the 5E0 table
-----------------------------------------
5e0_prt_action_1:
located at: 0x000D851C
- func_start: 000D851C
- func_end: 000D852C
----------------------------------
5e0_prt_action_2:
located at: 0x000D884E
- func_start: 000D884E
- func_end: 000D885E
----------------------------------
5e0_disp_val:
located at: 0x000D8860
- func_start: 000D8860
- func_end: 000D886E
----------------------------------
5e0_call_func:
located at: 0x000D852E
- func_start: 000D852E
- func_end: 000D884C
----------------------------------
ldr at: 000D851E
ldr at: 000D8522
ldr at: 000D8850
ldr at: 000D8548
ldr at: 000D8556
ldr at: 000D855A
ldr at: 000D8862


-----------------------------------------
-> The 5E0 Table has 1336 bytes, and 0xa6 entries in it

-----------------------------------------
# PPM is located (via MCU info) at offset 00130000
checking for space in PPM...
# - No CODE chunk found...


--------> 5e0 Table is at 00315DBC

----------------------------------
locating all the needed functions
----------------------------------

show_main_menu:
located at: 0x0007EADC
----------------------------------
memset:
located at: 0x000E4CA8
----------------------------------
clear_rect:
located at: 0x00077BAC
[searching back to entry point]
- func_start: 00077B84
- func_end: 00077FEA
----------------------------------
update_screen:
located at: 0x0005B6E0
- func_start: 0005B6E0
- func_end: 0005CECC
----------------------------------
to_screen:
located at: 0x0007826E
[searching back to entry point]
- func_start: 00078204
- func_end: 000782CA
----------------------------------
setpixel:
located at: 0x00077FF0
- func_start: 00077FF0
- func_end: 00078078
----------------------------------
draw_bitmap:
located at: 0x0007807A
- func_start: 0007807A
- func_end: 00078202
----------------------------------
clear_lcd_ram:
located at: 0x00078E32
- func_start: 00078E32
- func_end: 00078E58
----------------------------------
disable_irq:
located at: 0x000D81B2
----------------------------------
enable_irq:
located at: 0x000D81CC
----------------------------------
seccode_routine:
located at: 0x0007FADC
[searching back to entry point]
- func_start: 0007FACA
- func_end: 0007FB36
----------------------------------
setfaid_routine:
located at: 0x0008010E
- func_start: 0008010E
- func_end: 00080188
----------------------------------
send_message:
located at: 0x000DCB32
----------------------------------
draw_line:
located at: 0x00078734
- func_start: 00078734
- func_end: 00078996
----------------------------------
set_lights:
located at: 0x00078EA6
----------------------------------
blink_call:
located at: 0x0008A4AA
----------------------------------
play_tone:
located at: 0x000BE56E
----------------------------------
tonetask:
located at: 0x000BE928
[searching back to entry point]
- func_start: 000BE8E0
- func_end: 000BECEA
----------------------------------
startphone:
located at: 0x0008AFBE
----------------------------------

----------------------------------
searching for the menu select things
----------------------------------

----------------------------------
searching for the light toggle routine
----------------------------------
set_lights_1: 000D7320
set_lights_2: 000D735E

----------------------------------
searching for the tone task things
----------------------------------
tonetask: 000BE916

----------------------------------
searching for the malloc/eeprom routines
----------------------------------
n_malloc: 0008CA74
read_eeprom: 000E3268
write_eeprom: 000E3238
calc_eeprom_chk: 0007FC72

----------------------------------
looking for free space...
----------------------------------
# PPM is located (via MCU info) at offset 00130000
checking for space in PPM...
# - No CODE chunk found...

----------------------------------
settling our nice graphix...
----------------------------------
found 0504 bytes for function pic2_1 at 0x00121310
found 0504 bytes for function pic2_2 at 0x00121508
found 0504 bytes for function pic2_3 at 0x00121700
found 0504 bytes for function pic2_4 at 0x001218F8
found 0012 bytes for function logo_pic1_info at 0x00121AF0
found 0012 bytes for function logo_pic2_info at 0x00121AFC
found 0012 bytes for function logo_pic3_info at 0x00121B08
found 0012 bytes for function logo_pic4_info at 0x00121B14
found 0052 bytes for function own_slideshow_table at 0x00121B20
found 0013 bytes for function own_cmd_table at 0x00121B54

----------------------------------
hammering in our functions
----------------------------------
found 0048 bytes for function own_get_ram at 0x00121B64
- bl: 00121B72 -> 0008CA74: F7 6A FF 7F
- bl: 00121B7E -> 000E4CA8: F7 C3 F8 93
found 0048 bytes for function own_set_ram at 0x00121B94
- bl: 00121BA2 -> 0008CA74: F7 6A FF 67
- bl: 00121BAE -> 000E4CA8: F7 C3 F8 7B
found 0020 bytes for function own_update_screen at 0x00121BC4
- bl: 00121BCE -> 00078204: F7 56 FB 19
found 0024 bytes for function own_show_bitmap at 0x00121BD8
- bl: 00121BE0 -> 0007807A: F7 56 FA 4B
- bl: 00121BE4 -> 00121BC4: F7 FF FF EE
found 0032 bytes for function own_get_keypress at 0x00121BF0
found 0060 bytes for function own_get_led at 0x00121C10
found 0132 bytes for function own_set_led at 0x00121C4C
- bl: 00121C58 -> 000D81B2: F7 B6 FA AB
- bl: 00121C68 -> 000D81CC: F7 B6 FA B0
- bl: 00121C78 -> 000D81B2: F7 B6 FA 9B
- bl: 00121C8C -> 000D81CC: F7 B6 FA 9E
- bl: 00121C9C -> 000D81B2: F7 B6 FA 89
- bl: 00121CB0 -> 000D81CC: F7 B6 FA 8C
found 0010 bytes for function own_led_on at 0x00121CD0
- bl: 00121CD4 -> 00121C4C: F7 FF FF BA
found 0022 bytes for function own_toggle_led at 0x00121CDC
- bl: 00121CDE -> 00121C10: F7 FF FF 97
- bl: 00121CEC -> 00121C4C: F7 FF FF AE
found 0044 bytes for function own_get_config_nibble at 0x00121CF4
- bl: 00121D0A -> 000E3268: F7 C1 FA AD
found 0074 bytes for function own_set_config_nibble at 0x00121D20
- bl: 00121D3A -> 000E3268: F7 C1 FA 95
- bl: 00121D5E -> 000E3238: F7 C1 FA 6B
- bl: 00121D62 -> 0007FC72: F7 5D FF 86
found 0036 bytes for function own_menu_table at 0x00121D6C
found 0040 bytes for function own_menu_hook at 0x00121D90
- bl: 00121D94 -> 00121CF4: F7 FF FF AE
5E0 ID# A7 | Set Menu #0
found 0012 bytes for function own_set_cx_x at 0x00121DB8
- bl: 00121DBE -> 00121D20: F7 FF FF AF
5E0 ID# A8 | Set Menu #1
found 0012 bytes for function own_set_cx_x at 0x00121DC4
- bl: 00121DCA -> 00121D20: F7 FF FF A9
5E0 ID# A9 | Set Menu #2
found 0012 bytes for function own_set_cx_x at 0x00121DD0
- bl: 00121DD6 -> 00121D20: F7 FF FF A3
5E0 ID# AA | Set Menu #3
found 0012 bytes for function own_set_cx_x at 0x00121DDC
- bl: 00121DE2 -> 00121D20: F7 FF FF 9D
5E0 ID# AB | Set Menu #4
found 0012 bytes for function own_set_cx_x at 0x00121DE8
- bl: 00121DEE -> 00121D20: F7 FF FF 97
5E0 ID# AC | Set Menu #5
found 0012 bytes for function own_set_cx_x at 0x00121DF4
- bl: 00121DFA -> 00121D20: F7 FF FF 91
found 0084 bytes for function own_fade_led at 0x00121E00
- bl: 00121E04 -> 00121CDC: F7 FF FF 6A
- bl: 00121E08 -> 00121BF0: F7 FF FE F2
- bl: 00121E1C -> 00121BF0: F7 FF FE E8
- bl: 00121E2C -> 00121BF0: F7 FF FE E0
- bl: 00121E3C -> 00121CDC: F7 FF FF 4E
- bl: 00121E48 -> 00121CDC: F7 FF FF 48
found 0092 bytes for function own_blink_led at 0x00121E54
- bl: 00121E64 -> 000D81B2: F7 B6 F9 A5
- bl: 00121E74 -> 000D81CC: F7 B6 F9 AA
- bl: 00121E84 -> 000D81B2: F7 B6 F9 95
- bl: 00121E98 -> 000D81CC: F7 B6 F9 98
found 0040 bytes for function own_blink_hook at 0x00121EB0
- bl: 00121EB4 -> 00121CF4: F7 FF FF 1E
- bl: 00121EBE -> 00121C10: F7 FF FE A7
- bl: 00121EC6 -> 00121E54: F7 FF FF C5
found 0044 bytes for function own_enable_hook at 0x00121ED8
- bl: 00121EDC -> 00121CF4: F7 FF FF 0A
- bl: 00121EE6 -> 00121C10: F7 FF FE 93
- bl: 00121EF0 -> 00121C4C: F7 FF FE AC
5E0 ID# AD | Rhythmic 0
found 0012 bytes for function own_set_cx_x at 0x00121F04
- bl: 00121F0A -> 00121D20: F7 FF FF 09
5E0 ID# AE | Rhythmic 1
found 0012 bytes for function own_set_cx_x at 0x00121F10
- bl: 00121F16 -> 00121D20: F7 FF FF 03
found 0060 bytes for function own_delay_table at 0x00121F1C
found 0052 bytes for function own_fade_hook_out at 0x00121F58
- bl: 00121F5E -> 00121CF4: F7 FF FE C9
- bl: 00121F64 -> 00121C10: F7 FF FE 54
- bl: 00121F74 -> 00121E00: F7 FF FF 44
- bl: 00121F7A -> 00121C4C: F7 FF FE 67
found 0052 bytes for function own_fade_hook_in at 0x00121F8C
- bl: 00121F92 -> 00121CF4: F7 FF FE AF
- bl: 00121F98 -> 00121C10: F7 FF FE 3A
- bl: 00121FA8 -> 00121E00: F7 FF FF 2A
- bl: 00121FAE -> 00121C4C: F7 FF FE 4D
5E0 ID# AF | Fade in val 0
found 0012 bytes for function own_set_cx_x at 0x00121FC0
- bl: 00121FC6 -> 00121D20: F7 FF FE AB
5E0 ID# B0 | Fade in val 1
found 0012 bytes for function own_set_cx_x at 0x00121FCC
- bl: 00121FD2 -> 00121D20: F7 FF FE A5
5E0 ID# B1 | Fade in val 2
found 0012 bytes for function own_set_cx_x at 0x00121FD8
- bl: 00121FDE -> 00121D20: F7 FF FE 9F
5E0 ID# B2 | Fade in val 3
found 0012 bytes for function own_set_cx_x at 0x00121FE4
- bl: 00121FEA -> 00121D20: F7 FF FE 99
5E0 ID# B3 | Fade in val 4
found 0012 bytes for function own_set_cx_x at 0x00121FF0
- bl: 00121FF6 -> 00121D20: F7 FF FE 93
5E0 ID# B4 | Fade in val 5
found 0012 bytes for function own_set_cx_x at 0x00121FFC
- bl: 00122002 -> 00121D20: F7 FF FE 8D
5E0 ID# B5 | Fade in val 6
found 0012 bytes for function own_set_cx_x at 0x00122008
- bl: 0012200E -> 00121D20: F7 FF FE 87
5E0 ID# B6 | Fade in val 7
found 0012 bytes for function own_set_cx_x at 0x00122014
- bl: 0012201A -> 00121D20: F7 FF FE 81
5E0 ID# B7 | Fade in val 8
found 0012 bytes for function own_set_cx_x at 0x00122020
- bl: 00122026 -> 00121D20: F7 FF FE 7B
5E0 ID# B8 | Fade in val 9
found 0012 bytes for function own_set_cx_x at 0x0012202C
- bl: 00122032 -> 00121D20: F7 FF FE 75
5E0 ID# B9 | Fade out val 0
found 0012 bytes for function own_set_cx_x at 0x00122038
- bl: 0012203E -> 00121D20: F7 FF FE 6F
5E0 ID# BA | Fade out val 1
found 0012 bytes for function own_set_cx_x at 0x00122044
- bl: 0012204A -> 00121D20: F7 FF FE 69
5E0 ID# BB | Fade out val 2
found 0012 bytes for function own_set_cx_x at 0x00122050
- bl: 00122056 -> 00121D20: F7 FF FE 63
5E0 ID# BC | Fade out val 3
found 0012 bytes for function own_set_cx_x at 0x0012205C
- bl: 00122062 -> 00121D20: F7 FF FE 5D
5E0 ID# BD | Fade out val 4
found 0012 bytes for function own_set_cx_x at 0x00122068
- bl: 0012206E -> 00121D20: F7 FF FE 57
5E0 ID# BE | Fade out val 5
found 0012 bytes for function own_set_cx_x at 0x00122074
- bl: 0012207A -> 00121D20: F7 FF FE 51
5E0 ID# BF | Fade out val 6
found 0012 bytes for function own_set_cx_x at 0x00122080
- bl: 00122086 -> 00121D20: F7 FF FE 4B
5E0 ID# C0 | Fade out val 7
found 0012 bytes for function own_set_cx_x at 0x0012208C
- bl: 00122092 -> 00121D20: F7 FF FE 45
5E0 ID# C1 | Fade out val 8
found 0012 bytes for function own_set_cx_x at 0x00122098
- bl: 0012209E -> 00121D20: F7 FF FE 3F
5E0 ID# C2 | Fade out val 9
found 0012 bytes for function own_set_cx_x at 0x001220A4
- bl: 001220AA -> 00121D20: F7 FF FE 39
found 0010 bytes for function sms_to_send at 0x001220B0
found 0030 bytes for function sms_success at 0x001220BC
found 0024 bytes for function sms_progress at 0x001220DC
found 0020 bytes for function sms_info at 0x001220F4
found 0012 bytes for function sms_cmd at 0x00122108
found 0024 bytes for function own_send_hack at 0x00122114
- bl: 0012211E -> 000DCB32: F7 BA FD 08
5E0 ID# C3 | Viruz
found 0016 bytes for function own_delay at 0x0012212C
found 0032 bytes for function own_show_bitmap_data at 0x0012213C
- bl: 00122154 -> 00121BD8: F7 FF FD 40
found 0032 bytes for function own_scroll_in_bitmap at 0x0012215C
- bl: 00122164 -> 00121BF0: F7 FF FD 44
- bl: 0012216E -> 0012213C: F7 FF FF E5
found 0034 bytes for function own_scroll_in_bitmap_diag at 0x0012217C
- bl: 00122184 -> 00121BF0: F7 FF FD 34
- bl: 0012218E -> 0012213C: F7 FF FF D5
found 0070 bytes for function own_blink_bitmap at 0x001221A0
- bl: 001221AC -> 00121BF0: F7 FF FD 20
- bl: 001221C0 -> 0012213C: F7 FF FF BC
- bl: 001221D2 -> 0012213C: F7 FF FF B3
found 0206 bytes for function own_graph_cmd at 0x001221E8
- bl: 0012222C -> 0012215C: F7 FF FF 96
- bl: 00122236 -> 0012217C: F7 FF FF A1
- bl: 00122242 -> 001221A0: F7 FF FF AD
- bl: 0012224C -> 0012212C: F7 FF FF 6E
- bl: 00122266 -> 00077B84: F7 55 FC 8D
- bl: 0012227C -> 00078734: F7 56 FA 5A
- bl: 00122280 -> 00121BC4: F7 FF FC A0
- bl: 00122296 -> 00121E00: F7 FF FD B3
- bl: 0012229E -> 00121CDC: F7 FF FD 1D
- bl: 001222AA -> 0012213C: F7 FF FF 47
found 0056 bytes for function own_run_commands at 0x001222B8
- bl: 001222C8 -> 00121BF0: F7 FF FC 92
- bl: 001222DC -> 00121BF0: F7 FF FC 88
- bl: 001222E6 -> 001221E8: F7 FF FF 7F
found 0020 bytes for function own_draw_slideshow at 0x001222F0
- bl: 001222F6 -> 001222B8: F7 FF FF DF
5E0 ID# C4 | Run Slideshow
found 0032 bytes for function own_do_intro at 0x00122304
- bl: 00122308 -> 00121CF4: F7 FF FC F4
- bl: 00122314 -> 001222B8: F7 FF FF D0
found 0016 bytes for function own_hook_temp at 0x00122324
- bl: 00122326 -> 00122304: F7 FF FF ED
5E0 ID# C5 | Enable Intro 0
found 0012 bytes for function own_set_cx_x at 0x00122334
- bl: 0012233A -> 00121D20: F7 FF FC F1
5E0 ID# C6 | Enable Intro 1
found 0012 bytes for function own_set_cx_x at 0x00122340
- bl: 00122346 -> 00121D20: F7 FF FC EB
found 0064 bytes for function own_set_vibra at 0x0012234C
- bl: 0012235A -> 000D81B2: F7 B5 FF 2A
- bl: 00122370 -> 000D81B2: F7 B5 FF 1F
- bl: 0012237E -> 000D81CC: F7 B5 FF 25
5E0 ID# C7 | Vibra Level 0/14
found 0010 bytes for function own_5e0_vib_level at 0x0012238C
- bl: 00122390 -> 0012234C: F7 FF FF DC
5E0 ID# C8 | Vibra Level 2/14
found 0010 bytes for function own_5e0_vib_level at 0x00122398
- bl: 0012239C -> 0012234C: F7 FF FF D6
5E0 ID# C9 | Vibra Level 4/14
found 0010 bytes for function own_5e0_vib_level at 0x001223A4
- bl: 001223A8 -> 0012234C: F7 FF FF D0
5E0 ID# CA | Vibra Level 6/14
found 0010 bytes for function own_5e0_vib_level at 0x001223B0
- bl: 001223B4 -> 0012234C: F7 FF FF CA
5E0 ID# CB | Vibra Level 8/14
found 0010 bytes for function own_5e0_vib_level at 0x001223BC
- bl: 001223C0 -> 0012234C: F7 FF FF C4
5E0 ID# CC | Vibra Level 10/14
found 0010 bytes for function own_5e0_vib_level at 0x001223C8
- bl: 001223CC -> 0012234C: F7 FF FF BE
5E0 ID# CD | Vibra Level 12/14
found 0010 bytes for function own_5e0_vib_level at 0x001223D4
- bl: 001223D8 -> 0012234C: F7 FF FF B8
5E0 ID# CE | Vibra Level 14/14
found 0010 bytes for function own_5e0_vib_level at 0x001223E0
- bl: 001223E4 -> 0012234C: F7 FF FF B2
5E0 ID# CF | Vibra Level 16/14
found 0010 bytes for function own_5e0_vib_level at 0x001223EC
- bl: 001223F0 -> 0012234C: F7 FF FF AC
5E0 ID# D0 | Vibra Level 18/14
found 0010 bytes for function own_5e0_vib_level at 0x001223F8
- bl: 001223FC -> 0012234C: F7 FF FF A6

----------------------------------
doing the fade stuff...
----------------------------------

------ set_lights_1 ------
Trying to find suitable code at 0x000D7320
oh, cool.. a BL! => relocateable!
offset: 0x000D7320
Relocatable code found at 0x000D7320
- bl: 00121F80 -> 000D81B2: F7 B6 F9 17
- bl: 000D7320 -> 00121F58: F0 4A FE 1A
this tricky thing was done =)

------ set_lights_2 -------
Trying to find suitable code at 0x000D735E
oh, cool.. a BL! => relocateable!
offset: 0x000D735E
Relocatable code found at 0x000D735E
- bl: 00121FB4 -> 000D81B2: F7 B6 F8 FD
- bl: 000D735E -> 00121F8C: F0 4A FE 15
this tricky thing was done =)
- bl: 0008A4C2 -> 00121CD0: F0 97 FC 05

----------------------------------
doing the rhythmic stuff...
----------------------------------

------ play_tone -------
Trying to find suitable code at 0x000BE576
oh, cool.. a BL! => relocateable!
offset: 0x000BE576
Relocatable code found at 0x000BE576
- bl: 00121ECC -> 000E3598: F7 C1 FB 64
- bl: 000BE576 -> 00121EB0: F0 63 FC 9B
this tricky thing was done =)

------ tonetask -------
Trying to find suitable code at 0x000BE916
found an LDRB ... goood =)
found an CMP R,# ... goood =)
now we have all...
offset: 0x000BE916
Relocatable code found at 0x000BE916
- bl: 000BE916 -> 00121ED8: F0 63 FA DF
this tricky thing was done =)

----------------------------------
doing the menu hack...
----------------------------------
Trying to find suitable code at 0x0007EAEC
oh, cool.. a BL! => relocateable!
offset: 0x0007EAEC
Relocatable code found at 0x0007EAEC
- bl: 00121DA8 -> 0007E90C: F7 5C FD B0
- bl: 0007EAEC -> 00121D90: F0 A3 F9 50
this tricky thing was done =)

----------------------------------
doing the intro hack...
----------------------------------
Trying to find suitable code at 0x0008AFBE
oh, cool.. a BL! => relocateable!
offset: 0x0008AFBE
Relocatable code found at 0x0008AFBE
- bl: 0012232A -> 00078ED4: F7 56 FD D3
- bl: 0008AFBE -> 00122324: F0 97 F9 B1
this tricky thing was done =)

----------------------------------
4301 bytes injected... got that trick ;)
4301 bytes estimated at start


-------------------------
------ SUMMARY ------
-------------------------
Offset for slide frame #1: hex: 00121310 dec: 1184528
Offset for slide frame #2: hex: 00121508 dec: 1185032
Offset for slide frame #3: hex: 00121700 dec: 1185536
Offset for slide frame #4: hex: 001218F8 dec: 1186040


If you want to change the graphics, use the above offsets in poodriver
use for the bars width 6 and height 30

-------------------------

If I want Phonebook replace with Slide show Execute menu.
The phonebook line [0x0030DA77] [0x00000000] [0x00000000] (0x0046) (0x02C9) (0x0000) (0x003E) (0x0000) (0x0013) Phone book i have replaced with [0x0030DA77] [0x00000000] [0x000000C4] (0x0046) (0x02C9) (0x0000) (0x003E) (0x0000) (0x0013) Phone book, but none happens.
Can anybody tell me what is wrong?
Thanx
spaceimpact33
08-02-2004, 05:09 PM
hi,
the problem is, is your doing to many patches at once just do them one by one

Spaceimpact33 ;)
hcip
08-02-2004, 06:49 PM
@ Zandis

Replace (0x02c9) with (0x05e0)

Like this

[0x0030DA77] [0x00000000] [0x000000C4] (0x0046) (0x05E0) (0x0000) (0x003E) (0x0000) (0x0013) Phone book
Zandis
09-02-2004, 02:21 PM
Thanx a lot.