【2128Flash修改】AT+CGSN 调试补丁

coollang 发表于 2005-8-10 00:00:00

;2128v21 - N - 04.02.24 - coollang - AT+CGSN调试

;*** AT+CGSN ***
;适用版本：2128V21
;移植：coollang
;版本：V1（未经测试，请SOLO测一下）
;日期：2004-02-24
;说明：用AT+CGSN进行调试，具体使用可参照AT+CGSN debug工具。

0x3EE20C: 3677BD00 9604F800
0x780400: FFFFFFFFFFFFFFFF E004BB029DFECB00
0x780408: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DC49992827F230008D0C47F20A008D06
0x780418: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 67F2DF00292747F20F00ED035C447182
0x780428: FFFFFFFFFFFF CB001F88CB00
0x78042E: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 885088E088F088C0E00C88C088D0F182
0x78043E: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 7C44F19266F40F0F47F90A008D010997
0x78044E: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 47F80A008D01098706F430308840F0C0
0x78045E: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 66FCFF3FF2FD02FEDABF800D080698C0
0x78046E: FFFFFFFFFFFFFFFF 98F098E09850CB00
0x780476: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F01E7C81E00DBBD8F01EE6FD2000BBD4
0x780486: FFFF CB00
0x780488: FFFFFFFF 998C7C44
0x78048C: FFFFFFFFFFFFFFFFFFFF E004BBBC8D01BBBACB00
0x780496: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DABE60BCF084F095DC49993827F32A00
0x7804A6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 9D02FABD3677BBA9F0F4BBA7F0E44930
0x7804B6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 2D1729342D2127F312002D18E6FD0D0A
0x7804C6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF BBB3E17BE1FAE6FD2000DC4F992EBBAC
0x7804D6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E6FD0D0A29A12DF99DF629B19DF30D25
0x7804E6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF BBD28D23DC4FB98E08E10DFADAF83405
0x7804F6: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF BBBFF0EFBBBD0D1926F04000F020BBC3
0x780506: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 8D03B98208210DFB2020A758A7A708E1
0x780516: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 2D0AF010F0DEF0C2DC4F998D498D3DF5
0x780526: FFFFFFFFFFFFFFFFFFFFFFFFFFFF 28C13DFABBA506F04000FABED8B4
0x780534: FFFFFFFFFFFF ECFFECFEDB00

源文件（取自AT+CGSN debug工具，只修改了相应的地址）：
$Segmented
$Mod167

SendStrZR13R12 EQU 0xBF0D80 ;将R13：R12指向的字串存储用于发送
AfterATCommand EQU 0xBEB4D8 ;发送先前存储的字串
OriginalATHandle EQU 0xBD7736 ;原始的AT+CGSN响应函数，返回IMEI
GetAtCMDLine EQU 0xBEBC60 ;取得AT命令（字串，存于R5：R4）

Table_Address EQU 0xBEE20C ;(3EE20C)AT命令响应函数表中AT+CGSN对应的地址
Patch_Address EQU 0xF80400 ;(780400)Free Space in FullFlash

Table       Section Data Byte At Table_Address ; First we Change AT Handlers table entry
funcoff       dw sof(NewATHandle2)
funcseg       dw seg(NewATHandle2)
Table       EndS

Patch       Section Code Word At Patch_address ; And this is Patch itself

; --------------- S U B R O U T I N E ---------------------------------------
GetNextNumber proc near          ;Gets next argument of AT command and returns it in R4
            mov r4, #0

cmdloop:
            callr GetNextDigitR4
            jmpr cc_NC, cmdloop
            ret

GetNextNumber endp

; --------------- S U B R O U T I N E ---------------------------------------
GetNextDigitR4proc near          ;Gets HEX digit from args and adds it to R4
            extp R9, #1
            movb rl1,
            subb rl1, #30h ; '0'
            jmpr cc_C, locNotDigit
            cmpb rl1, #10
            jmpr cc_C, locDigit
            andb rl1, #0DFh
            subb rl1, #7
            cmpb rl1, #0Fh
            jmpr cc_UGT, locNotDigit

locDigit:
            shl r4, #4
            orb rl4, rl1
            ret
locNotDigit:
            bset C
            ret
GetNextDigitR4endp

; --------------- S U B R O U T I N E ---------------------------------------
DumpByteRL1ThenR13    proc near ; Adds HEX value of RL1 and char RL13 to AT responce

            mov [-r0], r5
            mov [-r0], r14
            mov [-r0], r15
            mov [-r0], r12
            mov r12,#0       ; added:
            mov [-r0], r12    ; added: Pushing Zero to stack
            mov [-r0], r13    ; Pushing delimiter to stack
            movb rl4, rl1    ; RL1- current byte
            shr r4, #4
            movb rh4, rl1
            and r4, #0F0Fh
            cmpb rh4, #0Ah
            jmpr cc_C, locDigit2
            addb rh4, #7

locDigit2:
            cmpb rl4, #0Ah
            jmpr cc_C, loc_C7D79C
            addb rl4, #7

loc_C7D79C:
            add r4, #3030h
            mov [-r0], r4
            mov r12, r0
            and r12, #3FFFh
            mov r13, DPP1
            calls seg(SendStrZR13R12),sof(SendStrZR13R12)
            add r0, #6
            mov r12,
            mov r15,
            mov r14,
            mov r5,
            ret
DumpByteRL1ThenR13    endp

; --------------- S U B R O U T I N E ---------------------------------------
DumpWordR14 proc near          ; Adds HEX value of R14 and then ' ' to AT responce
            mov r1, r14
            shr r1, #8
            mov r13, #0
            callr DumpByteRL1ThenR13
            mov r1, r14
            mov r13, #20h ; ' '
            callr DumpByteRL1ThenR13
            ret
DumpWordR14 endp

; ---------------------------------------------------------------------------
notaproc    proc near                ; Just garbage, I think... But so it was in SLIK Patch.
            movb rl4,
            shr r4, #4
notaproc    endp

; --------------- S U B R O U T I N E ---------------------------------------
GetHexByteR4 proc near             ;Gets 2 HEX digits from args and returns it in R4
            mov r4, #0
            callr GetNextDigitR4
            jmpr cc_C, locret
            callr GetNextDigitR4

locret:
            ret
GetHexByteR4 endp
; --------------- S U B R O U T I N E ---------------------------------------
NewATHandle2 proc far                      ; PATCH ENTRY ADDRESS

calls seg(GetAtCMDLine),sof(GetAtCMDLine)
            mov R8, R4
            mov R9, R5
            extp R9, #1
            movb rh1,
                                                   ; movb rh1,          ; RH1 = Command Letter;
            subb rh1, #42
            jmpr cc_NC, HandleNew
            jmps seg(OriginalATHandle), sof(OriginalATHandle)

; ---------------------------------------------------------------------------

HandleNew:
            callr GetNextNumber ; r15 = First Arg
            mov r15, r4
            callr GetNextNumber ; r14 = Second Arg
            mov r14, r4
            cmpb rh1, #0       ;2A "*"
            jmpr cc_Z, HandleAsterisk ; write data
            subb rh1, #4       ;2A+4 "."
            jmpr cc_Z, HandleDot ; Search data page,offset,hexdata
            subb rh1, #18    ;2A+18 =40 "@"
            jmpr cc_Z, HandleAtSign ; Run Proc
            mov r13, #0A0Dh    ; changed CR->CR/LF: mov r13, #0Dh
                                       ; Here it should be ":" - dumping Memory
            callr DumpByteRL1ThenR13 ; Dump something. What is it???
            movb rh5, #07h    ; We will Dump 8 lines ...

loc_C7D800:
            movb rl5, #0Fh    ; ... of 16 bytes each

loc_C7D802:
            mov r13, #20h ; ' ' ; bytes delimiter

aLoopRL5:
            extp r15, #1
            movb rl1,
            callr DumpByteRL1ThenR13
            mov r13, #0A0Dh    ; changed CR->CR/LF: mov r13, #0Dh
            subb rl5, #1
            jmpr cc_Z, aLoopRL5
            jmpr cc_NC, loc_C7D802
            subb rh5, #1
            jmpr cc_NC, loc_C7D800
            jmpr EndOfThirdArg       ;changed: jmpr cc_UC, EndOfThirdArg

; ---------------------------------------------------------------------------
HandleAsterisk:                      ; Write Bytes
            call GetHexByteR4 ; Get Byte to write
            jmpr cc_C, EndOfThirdArg
            extp r15, #1
            movb , rl4 ; Write byte
            add r14, #1
            jmpr cc_UC, HandleAsterisk
; ---------------------------------------------------------------------------

HandleAtSign:                         ; Run procedure
            calls seg(IndirectCallR14R15),sof(IndirectCallR14R15)
            callr DumpWordR14
            mov r14, r15
            callr DumpWordR14
            jmpr cc_UC, EndOfThirdArg
; ---------------------------------------------------------------------------

HandleDot:                            ; search hex data
            sub r0, #40h    ; search max 40h bytes
            mov r2, r0       ; search data placed on stack

aLoopR2:
            callr GetHexByteR4
            jmpr cc_C, aanoMoreData
            movb , rl4
            add r2, #1       ;Pushing search string to stack
            jmpr cc_UC, aLoopR2
; ---------------------------------------------------------------------------

aanoMoreData:
            sub r2, r0       ; R2 = length of data

aDataNotFound:
            srvwdt
            add r14, #1
            jmpr cc_Z, FreeStackNExit ; What? if we are in the next segment???
            mov r1, r0       ; r1 - data to search
            mov r13, r14    ; r13 - offset
            mov r12, r2       ; r12 - length

aLoopR12:                            ; CODE XREF: NewATHandle2+8Cj
            extp r15, #1
            movb rl4,
            cmpb rl4,
            jmpr cc_NZ, aDataNotFound
            sub r12, #1
            jmpr cc_NZ, aLoopR12
            call DumpWordR14

FreeStackNExit:
            add r0, #40h

EndOfThirdArg:

            jmps seg(AfterATCommand), sof(AfterATCommand)
NewATHandle2 endp

; --------------- S U B R O U T I N E ---------------------------------------
IndirectCallR14R15    proc far
            push r15
            push r14
            rets
IndirectCallR14R15    endp

Patch       EndS

END
;============================================================

[此贴子已经被作者于2004-2-25 8:53:04编辑过]

tozyzxh 发表于 2005-8-10 00:01:00

顶

fciq 发表于 2005-8-10 00:02:00

这个补丁有什么作用。。？

sOLO 发表于 2005-8-10 00:03:00

感激涕零啊~~感谢已经不能说明俺的心情了~~周末回家就测试~~

coollang 发表于 2005-8-10 00:04:00

如果你不作Patch的话，是没什么用的。不过对Patcher的帮助很大。
他可以通过AT+CGSN命令来查看内存中的内容，修改Ram中的内容，执行特定地址的函数，搜索特定的Byte。

zshuser2 发表于 2005-8-10 00:05:00

希望用它结合一下，扩大2128的内存容量！

sOLO 发表于 2005-8-10 00:06:00

报~~~非常好用，谢谢狼大~~

小鱼的快乐 发表于 2005-8-10 00:07:00

有福了~~~有福了~~~：）
谢谢酷狼，谢谢sOLO~~~辛苦了~~~：）

小屁东 发表于 2005-8-10 00:08:00

我也来一下，虽然我不懂但是我想学！

huangjiang 发表于 2005-8-10 00:09:00

看一懂

页: [1]

爱技术's Archiver

【2128Flash修改】AT+CGSN 调试补丁