x65 patching technical discussion - GSM-Forum

Acidmrp · 04-15-2005, 09:06

Ok, I do the beginning. Please Post only technical articles here.

@Mod please make this sticky

File Handling

fopen

Code:

typedef int (*g_fopen)(const char * cFileName, unsigned int iFileFlags, unsigned int iFileMode, unsigned int *ErrorNumber);
g_fopen fopen = (g_fopen)(0xA1230050); // S65 FW47
// Pattern: FE402DE90270A0E10160A0E10350A0E10040A0E1????????0030E0E304308DE500508DE52CC090E5

fclose

Code:

typedef void (*g_fclose)(int FileHandler, unsigned int *ErrorNumber);
g_fclose fclose = (g_fclose)(0xA122FFA4); // S65 FW47
// Pattern: 38402DE90150A0E10040A0E1????????00C090E5

fflush

Code:

typedef void (*g_fflush)(int FileHandler, unsigned int *ErrorNumber);
g_fflush fflush = (g_fflush)(0xA122FFD4); // S65 FW47
// Pattern: 38402DE90150A0E10040A0E1????????08C090E5

lseek

Code:

typedef unsigned int (*g_lseek)(int FileHandler, unsigned int offset, unsigned int origin, unsigned int *ErrorNumber);
// g_lseek lseek = (g_lseek)(0xA1230004); // S65 FW47
// Pattern: FF412DE928509DE50280A0E10170A0E10360A0E10040A0E1

fread

Code:

typedef void (*g_fread)(int FileHandler, char *cBuffer, int iByteCount, unsigned int *ErrorNumber);
g_fread fread = (g_fread)(0xA1230090); // S65 FW47
// Pattern: FE402DE90270A0E10160A0E10350A0E10040A0E1????????0030E0E304308DE500508DE530C090E5

fwrite

Code:

typedef void (*g_fwrite)(int FileHandler, const char * cBuffer, int iByteCount, unsigned int *ErrorNumber);
g_fwrite fwrite = (g_fwrite)(0xA1230178); // S65 FW47
// Pattern: FE402DE90270A0E10160A0E10350A0E10040A0E1????????0030E0E304308DE500508DE55CC090E5

SetFileSize

Code:

typedef void (*g_SetFileSize)(int FileHandler, unsigned int iNewFileSize, unsigned int *ErrorNumber);
g_SetFileSize SetFileSize = (g_SetFileSize)(0xA12300D0); // S65 FW47
// Pattern: 7C402DE90160A0E10250A0E10040A0E1????????0030E0E300308DE544C090E5

Constants

Seek

Code:

#define S_SET 0
#define S_CUR 1
#define S_END 2

Permissions

Code:

#define P_WRITE 0x100
#define P_READ 0x80

Access

Code:

#define A_ReadOnly 0
#define A_WriteOnly 1
#define A_ReadWrite 2 
#define A_NoShare 4     
#define A_Append 8
#define A_Exclusive 0x10
#define A_MMCStream 0x20
#define A_Create 0x100
#define A_Truncate 0x200
#define A_FailCreateOnExist 0x400
#define A_FailOnReopen 0x800

#define A_TXT 0x4000
#define A_BIN  0x8000

Sample - File Read

Code:

	int iFileHandler
        unsigned int iError;
        unsigned int iFileSize;
        unsigned int iFilePos;
        char *cFileOutput = (char*)0xA8100000;

	// file read example:
	iFileHandler = fopen("0:\\test.bin\0", A_ReadOnly, P_READ, &iError);	

	if (iFileHandler != -1) {
		// get the file size:
		iFileSize = lseek(iFileHandler, 0, S_END, &iError);
		
		if (iFileSize > 0) {
		
			// seek the beginning of the file:
		    iFilePos = lseek(iFileHandler, 0, S_SET, &iError);

	            // read complete file:
		   fread(iFileHandler, cFileOutput, iFileSize, &iError);
		}
		
		// close the file
		fclose(iFileHandler, &iError);
	} else {
		// File not found
	}

Sample - File Write

Code:

	int iFileHandler
        unsigned int iError;
        unsigned int iFileSize;
        unsigned int iFilePos;
        char *cFileOutput = (char*)0xA8100000;

	// create file if it does not exist:
	iFileHandler = fopen("0:\\outfile.txt\0", A_Create, P_WRITE, &iError);	
	fclose(iFileHandler, &iError);
	
	iFileHandler = fopen("0:\\outfile.txt\0", A_WriteOnly, P_WRITE, &iError);	
	if (iFileHandler != -1) {
		// search the end of the file
		iFileSize = lseek(iFileHandler, 0, S_END, &iError);
		// add an line
  		fwrite(iFileHandler, "new line\x0D\x0A", 10, &iError);		

		// close the file
		fclose(iFileHandler, &iError);
	}

arsh0r · 04-18-2005, 14:45

i also collected some functiones in my databse here: http://d23.2chaos.de/index.php?page=...&lang=en&mid=2
i added acid's functions. they are so cool, thx acid

arsh0r · 04-20-2005, 15:17

@acid: i want to read a unicode text file. to make sure it is only loaded to ram once i want to check the first 2 bytes of the file (if it is unicode: first word in file is 0xFFFE). i did it like this:
...
if (iFileHandler != -1 && cFileOutput[0] != 0xFE && cFileOutput[1] != 0xFF) {
// get the file size:
...
compiles with no problems, but when i test it on the phone it crashes. if i remove "&& cFileOutput[1] != 0xFF" it works. it doesn't seem to like "cFileOutput[1]". i also can't declare another pointer to ram in the function, even if i don't use the pointer the phone crashes. what did i do wrong? sexit code says Data_Abort! at address 0xA128D51C...
thx in advance

BennieZ · 04-21-2005, 06:49

Test it as follows:
....
if (iFileHandler != -1 && *(unsigned short*)cFileOutput != 0xFFFE) {
....

if memory need bound allign to WORD, it possibly crashes!

avkiev · 04-21-2005, 07:55

Quote:

Originally Posted by BennieZ

*(unsigned short*)cFileOutput != 0xFFFE)

Or something like that:
(*(unsigned long*)cFileOutput >> 16) != 0xFFFE

BennieZ · 04-21-2005, 08:56

Quote:

Originally Posted by avkiev

Or something like that:
(*(unsigned long*)cFileOutput >> 16) != 0xFFFE

why to right shift this DWORD? X65 is little-endian. so it Should be

(*(unsigned long*)cFileOutput & 0xFFFF) != 0xFFFE

arsh0r · 04-21-2005, 09:10

thanks guys! "&& *(unsigned short*)cFileOutput != 0xFFFE" works, but i can't increment the cFileOutput pointer, f.ex. "cFileOutput += 2;" or "cFileOutput[2]". should i use a const char* instead? i need to access the data that are copied to ram. compiles correctly, but phone crashes with Data_abort. maybe the compiler messes something up...
another way: does any of these functions return a pointer to the beginning of the file in FFS? single said it won't be fragmented for small files. then i won't have to copy it into ram...

avkiev · 04-21-2005, 09:26

Quote:

Originally Posted by BennieZ

why to right shift this DWORD? X65 is little-endian. so it Should be
(*(unsigned long*)cFileOutput & 0xFFFF) != 0xFFFE

Oh, of course .

BennieZ · 04-21-2005, 09:52

Quote:

Originally Posted by arsh0r

thanks guys! "&& *(unsigned short*)cFileOutput != 0xFFFE" works, but i can't increment the cFileOutput pointer, f.ex. "cFileOutput += 2;" or "cFileOutput[2]". should i use a const char* instead? i need to access the data that are copied to ram. compiles correctly, but phone crashes with Data_abort. maybe the compiler messes something up...

You can read it into stack if It is a small file.
e.x

Code:

.....
char buf[1024];
......
fread(iFileHandler, buf, iFileSize, &iError);
.....

because i don't known something about X65 memory map, like some can access at 1-byte allign, another must be at 2-byte or 4-byte allign.

Quote:

Originally Posted by arsh0r

another way: does any of these functions return a pointer to the beginning of the file in FFS? single said it won't be fragmented for small files. then i won't have to copy it into ram...

you should not access file skip system file process!

Acidmrp · 04-21-2005, 14:12

yes, it's possible to access the files directly from file system, but it's no good
idea to do this. Because you can't write this file without implement an flasher.
And you don't know if the file is already opened.

Better use only 4 Bytes aligned Access if you want to be shure. Or even better, do
some tests what addesses can be accesses in what way.

arsh0r · 04-24-2005, 10:45

i didn't succed in reading files correctly, but i made an addition to at+cgsn:

Code:

void Binary(const char* str) {
	char buf[128];
	int iFileHandler;
        unsigned int iError;
        unsigned int iFileSize;
	dword addr = strtoul(&str,8);
	char* paddr = (char *)addr;
	word blocks = strtoul(&str,4);
	
	sprintf(buf, "0:\\%08X.bin\0", addr);
	// create file if it does not exist:
	iFileHandler = fopen(buf, A_Create, P_WRITE, &iError);	
	fclose(iFileHandler, &iError);
	
	iFileHandler = fopen(buf, A_WriteOnly, P_WRITE, &iError);	
	if (iFileHandler != -1) {
		while (blocks != 0) {		
			// search the end of the file
			iFileSize = lseek(iFileHandler, 0, S_END, &iError);
			// add an line
			fwrite(iFileHandler, paddr, 0x400, &iError);		
			paddr += 0x400;
			blocks--;
		}
	}
	// close the file
	fclose(iFileHandler, &iError);
	
	sprintf(buf, "%08X.bin saved\r\n", addr);
	SendATAnswerStr(buf);
	return;
}

it can dump n x 0x400 bytes from ram. when i dump 0x400 * 0x400 bytes = 1MB, phone freezes for about 10 seconds. the maximum size that can be written by one fkb.write is 0xF00 = 60 any idea to make this faster and not freezing the phone? by the way how large is the RAM?

Acidmrp · 04-25-2005, 05:28

I think it's hard to make the phone not freezing. Because you would have to write
an routine running in background and calling itself by an timer for example, if routine
is finished don't setup the timer at it's end.

The big problem: You want to do this in an AT Command. I don't know what the
phone will do if we just call SendATAnswerStr() while other AT Actions already
finished. Can we call this from any routine? Or do we need some Init?
Maybe use an AT Progress? (Sending some dots)

Do anyone know how to access the Display?

EDIT:

@arsh0r
do we really need this:
iFileSize = lseek(iFileHandler, 0, S_END, &iError);

in every loop? I think the file pointer is increasing with the write routine.
Maybe this will make it little faster.

And the other thing: Why do you search the end of the file? It would be
better to search the start.

- create file if it don't exists
- open
- search start
- LOOP WRITE

because you are appending the data to an file if it already exists so we
don't have an exact memory map, because we don't know the old file size.

arsh0r · 04-25-2005, 22:31

it works, at+cgsn:bA8000000 dumps 1 MB of RAM to binary file in less than 10secs. does anyone know how to write files to mmc, it'll be slower, but we can dump full 8MB ram to file on mmc? because my FFS is mostly occupied *g*.

but sadly SendATAnswerStr, can't send anything during this operation (output is 0A...)

@acid: you're right lseeking everytime is nonsense

Acidmrp · 04-28-2005, 10:18

@arsh0r try to send status with this routine:

SendCommChar

Code:

typedef void (*g_SendCommChar)(unsigned char cChar);
g_SendCommChar SendCommChar = (g_SendCommChar)(0xA119E176 + 1); // S65 FW47
// Pattern: 01B568460121????????08BD10B5

I only have tested this routine with ATCGSN Debug but it should work in C too

Acidmrp · 04-28-2005, 10:32

SendCommString

Code:

typedef void (*g_SendCommString)(unsigned char *cString);
g_SendCommString SendCommString = 
(g_SendCommString)(0xA119DFA6 + 1); // S65 FW47

// Pattern: 10B5041C????????0106090E201C

04-25-2005, 05:28	#12 (permalink)
Acidmrp No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44 Posts: 578 Member: 15315 Status: Offline Thanks Meter: 1	I think it's hard to make the phone not freezing. Because you would have to write an routine running in background and calling itself by an timer for example, if routine is finished don't setup the timer at it's end. The big problem: You want to do this in an AT Command. I don't know what the phone will do if we just call SendATAnswerStr() while other AT Actions already finished. Can we call this from any routine? Or do we need some Init? Maybe use an AT Progress? (Sending some dots) Do anyone know how to access the Display? EDIT: @arsh0r do we really need this: iFileSize = lseek(iFileHandler, 0, S_END, &iError); in every loop? I think the file pointer is increasing with the write routine. Maybe this will make it little faster. And the other thing: Why do you search the end of the file? It would be better to search the start. - create file if it don't exists - open - search start - LOOP WRITE because you are appending the data to an file if it already exists so we don't have an exact memory map, because we don't know the old file size. Last edited by Acidmrp; 04-25-2005 at 05:39.

04-28-2005, 10:18	#14 (permalink)
Acidmrp No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44 Posts: 578 Member: 15315 Status: Offline Thanks Meter: 1	@arsh0r try to send status with this routine: SendCommChar Code: typedef void (*g_SendCommChar)(unsigned char cChar); g_SendCommChar SendCommChar = (g_SendCommChar)(0xA119E176 + 1); // S65 FW47 // Pattern: 01B568460121????????08BD10B5 I only have tested this routine with ATCGSN Debug but it should work in C too

04-28-2005, 10:32	#15 (permalink)
Acidmrp No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44 Posts: 578 Member: 15315 Status: Offline Thanks Meter: 1	SendCommString Code: typedef void (g_SendCommString)(unsigned char cString); g_SendCommString SendCommString = (g_SendCommString)(0xA119DFA6 + 1); // S65 FW47 // Pattern: 10B5041C????????0106090E201C

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
BB5 - Technical Discussion	adihack	Nokia Base Band 5 ( BB-5 )	220	10-14-2011 05:31
Iphone 3G Technical Discussion and SP Unlocking theory	GraveSlayer	iPhone 2 / iPhone 3G / iPhone 3GS	8	11-15-2008 06:04
Technical discussion sharp705sh	celluniversal	Sharp	0	05-17-2007 17:26
Technical discussion BB5 unlocking	twisterfan	Nokia Base Band 5 ( BB-5 )	0	05-16-2007 19:36
Patching: Technical Discussion ...	rizapn	x4x, x5x Flashpatching	282	10-03-2006 19:23

04-18-2005, 14:45	#2 (permalink)
arsh0r Insane Poster Join Date: May 2002 Age: 39 Posts: 76 Member: 12407 Status: Offline Thanks Meter: 0	i also collected some functiones in my databse here: http://d23.2chaos.de/index.php?page=...&lang=en&mid=2 i added acid's functions. they are so cool, thx acid

04-20-2005, 15:17	#3 (permalink)
arsh0r Insane Poster Join Date: May 2002 Age: 39 Posts: 76 Member: 12407 Status: Offline Thanks Meter: 0	@acid: i want to read a unicode text file. to make sure it is only loaded to ram once i want to check the first 2 bytes of the file (if it is unicode: first word in file is 0xFFFE). i did it like this: ... if (iFileHandler != -1 && cFileOutput[0] != 0xFE && cFileOutput[1] != 0xFF) { // get the file size: ... compiles with no problems, but when i test it on the phone it crashes. if i remove "&& cFileOutput[1] != 0xFF" it works. it doesn't seem to like "cFileOutput[1]". i also can't declare another pointer to ram in the function, even if i don't use the pointer the phone crashes. what did i do wrong? sexit code says Data_Abort! at address 0xA128D51C... thx in advance

04-21-2005, 06:49	#4 (permalink)
BennieZ Junior Member Join Date: Jan 2005 Age: 45 Posts: 31 Member: 104514 Status: Offline Thanks Meter: 1	Test it as follows: .... if (iFileHandler != -1 && (unsigned short)cFileOutput != 0xFFFE) { .... if memory need bound allign to WORD, it possibly crashes!

04-21-2005, 09:10	#7 (permalink)
arsh0r Insane Poster Join Date: May 2002 Age: 39 Posts: 76 Member: 12407 Status: Offline Thanks Meter: 0	thanks guys! "&& (unsigned short)cFileOutput != 0xFFFE" works, but i can't increment the cFileOutput pointer, f.ex. "cFileOutput += 2;" or "cFileOutput[2]". should i use a const char* instead? i need to access the data that are copied to ram. compiles correctly, but phone crashes with Data_abort. maybe the compiler messes something up... another way: does any of these functions return a pointer to the beginning of the file in FFS? single said it won't be fragmented for small files. then i won't have to copy it into ram...

04-21-2005, 14:12	#10 (permalink)
Acidmrp No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44 Posts: 578 Member: 15315 Status: Offline Thanks Meter: 1	yes, it's possible to access the files directly from file system, but it's no good idea to do this. Because you can't write this file without implement an flasher. And you don't know if the file is already opened. Better use only 4 Bytes aligned Access if you want to be shure. Or even better, do some tests what addesses can be accesses in what way.