PDA

View Full Version : How to get netgraph working



nokiaguru
02-05-2004, 08:03 PM
I have patched netgraph with following results:
Sometime it show 5e0 id, usually no.
on 5.47 3310 fw it works nut now on 6.33 not working.
Is there anyway to get it working?

----------------------------------
locating all the needed functions
----------------------------------

disp_msg:
located at: 0x000DEB04
[searching back to entry point]
- func_start: 000DEAF0
- func_end: 000DEBB6
----------------------------------
divide:
located at: 0x000F02B4
----------------------------------
task0:
located at: 0x000E1A0C
- func_start: 000E1A0C
- func_end: 000E1B3A
----------------------------------
memset:
located at: 0x000F1A44
----------------------------------
clear_rect:
located at: 0x00083D18
[searching back to entry point]
- func_start: 00083CF0
- func_end: 00084152
----------------------------------
update_screen:
located at: 0x0005AFD4
- func_start: 0005AFD4
- func_end: 0005CB58
----------------------------------
to_screen:
located at: 0x000843DA
[searching back to entry point]
- func_start: 00084370
- func_end: 00084436
----------------------------------
setpixel:
located at: 0x0008415C
- func_start: 0008415C
- func_end: 000841E4
----------------------------------
draw_bitmap:
located at: 0x000841E6
- func_start: 000841E6
- func_end: 0008436E
----------------------------------
clear_lcd_ram:
located at: 0x00084FCA
- func_start: 00084FCA
- func_end: 00084FF0
----------------------------------
calc_net_strength:
located at: 0x000E12AA
[searching back to entry point]
- func_start: 000E1290
- func_end: 000E12FC
----------------------------------
disable_irq:
located at: 0x000E4D1E
----------------------------------
enable_irq:
located at: 0x000E4D38
----------------------------------
seccode_routine:
located at: 0x00087F6C
[searching back to entry point]
- func_start: 00087F5A
- func_end: 00087FC6
----------------------------------
setfaid_routine:
located at: 0x0008859E
- func_start: 0008859E
- func_end: 00088618
----------------------------------
draw_line:
located at: 0x000848C4
- func_start: 000848C4
- func_end: 00084B26
----------------------------------

----------------------------------
searching for the malloc/eeprom routines
----------------------------------
n_malloc: 0009A5D0
read_eeprom: 000F0100
write_eeprom: 000F00D0
calc_eeprom_chk: 00088102

----------------------------------
looking for a nice place in task #0
----------------------------------
Task #0 patch at 000E1A3A

----------------------------------
looking for free space...
----------------------------------
# PPM is located (via MCU info) at offset 00140000
checking for space in PPM...
# => Found reserved space in PPM!
# PPM is located (via MCU info) at offset 00140000
checking for space in PPM...

----------------------------------
hammering in our functions
----------------------------------
found 0048 bytes for function own_get_ram at 0x0016D678
- bl: 0016D686 -> 0009A5D0: F7 2C FF A3
- bl: 0016D692 -> 000F1A44: F7 84 F9 D7
found 0048 bytes for function own_set_ram at 0x0016D6A8
- bl: 0016D6B6 -> 0009A5D0: F7 2C FF 8B
- bl: 0016D6C2 -> 000F1A44: F7 84 F9 BF
found 0032 bytes for function own_get_keypress at 0x0016D6D8
found 0060 bytes for function own_get_led at 0x0016D6F8
found 0132 bytes for function own_set_led at 0x0016D734
- bl: 0016D740 -> 000E4D1E: F7 77 FA ED
- bl: 0016D750 -> 000E4D38: F7 77 FA F2
- bl: 0016D760 -> 000E4D1E: F7 77 FA DD
- bl: 0016D774 -> 000E4D38: F7 77 FA E0
- bl: 0016D784 -> 000E4D1E: F7 77 FA CB
- bl: 0016D798 -> 000E4D38: F7 77 FA CE
found 0010 bytes for function own_led_on at 0x0016D7B8
- bl: 0016D7BC -> 0016D734: F7 FF FF BA
found 0022 bytes for function own_toggle_led at 0x0016D7C4
- bl: 0016D7C6 -> 0016D6F8: F7 FF FF 97
- bl: 0016D7D4 -> 0016D734: F7 FF FF AE
found 0018 bytes for function own_mul at 0x0016D7DC
found 0060 bytes for function own_graph_yrel at 0x0016D7F0
- bl: 0016D7F6 -> 0016D678: F7 FF FF 3F
- bl: 0016D80A -> 0016D7DC: F7 FF FF E7
- bl: 0016D812 -> 000F02B4: F7 82 FD 4F
found 0057 bytes for function own_graph_credits at 0x0016D82C
found 0268 bytes for function own_draw_coord at 0x0016D868
- bl: 0016D86A -> 00084FCA: F7 17 FB AE
- bl: 0016D876 -> 0008415C: F7 16 FC 71
- bl: 0016D88C -> 0008415C: F7 16 FC 66
- bl: 0016D8A6 -> 0008415C: F7 16 FC 59
- bl: 0016D8B0 -> 0008415C: F7 16 FC 54
- bl: 0016D8BA -> 0008415C: F7 16 FC 4F
- bl: 0016D8C4 -> 0008415C: F7 16 FC 4A
- bl: 0016D8CE -> 0008415C: F7 16 FC 45
- bl: 0016D8D8 -> 0008415C: F7 16 FC 40
- bl: 0016D8E2 -> 0008415C: F7 16 FC 3B
- bl: 0016D8EC -> 0008415C: F7 16 FC 36
- bl: 0016D8F8 -> 0008415C: F7 16 FC 30
- bl: 0016D90E -> 0008415C: F7 16 FC 25
- bl: 0016D928 -> 0008415C: F7 16 FC 18
- bl: 0016D932 -> 0008415C: F7 16 FC 13
- bl: 0016D93C -> 0008415C: F7 16 FC 0E
- bl: 0016D946 -> 0008415C: F7 16 FC 09
- bl: 0016D950 -> 0008415C: F7 16 FC 04
- bl: 0016D95A -> 0008415C: F7 16 FB FF
- bl: 0016D964 -> 0008415C: F7 16 FB FA
- bl: 0016D96E -> 0008415C: F7 16 FB F5
found 0024 bytes for function own_draw_hor_line at 0x0016D974
- bl: 0016D97E -> 0008415C: F7 16 FB ED
found 0200 bytes for function own_bar_show_strength at 0x0016D98C
- bl: 0016D990 -> 0016D678: F7 FF FE 72
- bl: 0016D9B8 -> 0016D868: F7 FF FF 56
- bl: 0016D9BE -> 0016D7F0: F7 FF FF 17
- bl: 0016D9C2 -> 0016D974: F7 FF FF D7
- bl: 0016D9C8 -> 0016D7F0: F7 FF FF 12
- bl: 0016D9CC -> 0016D974: F7 FF FF D2
- bl: 0016D9D2 -> 0016D7F0: F7 FF FF 0D
- bl: 0016D9D6 -> 0016D974: F7 FF FF CD
- bl: 0016D9DA -> 0016D7B8: F7 FF FE ED
- bl: 0016D9F2 -> 0016D7F0: F7 FF FE FD
- bl: 0016DA2A -> 000848C4: F7 16 FF 4B
- bl: 0016DA4A -> 00084370: F7 16 FC 91
found 0028 bytes for function own_enable_values_task1 at 0x0016DA54
- bl: 0016DA56 -> 0016D6D8: F7 FF FE 3F
- bl: 0016DA60 -> 0016D678: F7 FF FE 0A
found 0028 bytes for function own_enable_values_task2 at 0x0016DA70
- bl: 0016DA72 -> 0016D6D8: F7 FF FE 31
- bl: 0016DA7C -> 0016D678: F7 FF FD FC
found 0032 bytes for function own_show_values_task at 0x0016DA8C
- bl: 0016DA90 -> 0016D678: F7 FF FD F2
- bl: 0016DAA2 -> 0016D98C: F7 FF FF 73
found 0188 bytes for function own_bar_store_strength at 0x0016DAAC
- bl: 0016DAB2 -> 0016D678: F7 FF FD E1
- bl: 0016DAC2 -> 0009A5D0: F7 2C FD 85
- bl: 0016DACE -> 000F1A44: F7 83 FF B9
- bl: 0016DAD8 -> 0016D6A8: F7 FF FD E6
- bl: 0016DB26 -> 000F02B4: F7 82 FB C5
- bl: 0016DB48 -> 000F02B4: F7 82 FB B4
found 0060 bytes for function own_idle_keycheck at 0x0016DB68
- bl: 0016DB6C -> 0016D678: F7 FF FD 84
- bl: 0016DB7C -> 0016D6D8: F7 FF FD AC
- bl: 0016DB88 -> 0016D6D8: F7 FF FD A6
- bl: 0016DB90 -> 00084FCA: F7 17 FA 1B
- bl: 0016DB98 -> 000DEAF0: F7 70 FF AA
found 0016 bytes for function own_hook_temp at 0x0016DBA4
- bl: 0016DBA6 -> 0016DB68: F7 FF FF DF
found 0004 bytes for function own_nop at 0x0016DBB4
found 0080 bytes for function own_set_strength at 0x0016DBB8
- bl: 0016DBC2 -> 0016DAAC: F7 FF FF 73
- bl: 0016DBC8 -> 0016DA8C: F7 FF FF 60
- bl: 0016DBF8 -> 0016DBB4: F7 FF FF DC
found 0016 bytes for function own_hook_temp at 0x0016DC08
- bl: 0016DC0A -> 0016DBB8: F7 FF FF D5

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Trying to find suitable code at 0x000E1A3A
oh, cool.. a BL! => relocateable!
offset: 0x000E1A3A
Relocatable code found at 0x000E1A3A
- bl: 0016DBAA -> 0016D604: F7 FF FD 2B
- bl: 000E1A3A -> 0016DBA4: F0 8C F8 B3
this tricky thing was done =)

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------------------------
hacking our strength code into nokia's functions...
----------------------------------
Trying to find suitable code at 0x000E1290
PUSH, wont touch this
oh, cool.. a BL! => relocateable!
offset: 0x000E1292
Relocatable code found at 0x000E1292
- bl: 0016DC0E -> 0016D668: F7 FF FD 2B
- bl: 000E1292 -> 0016DC08: F0 8C FC B9
this tricky thing was done =)

----------------------------------
1431 bytes injected... got that trick ;)
1431 bytes estimated at start