Monday, September 28, 2009

Sorry Ollie Kett but...

can I sell this scriptlet for $0.99?

javascript:var s=document.documentElement.outerHTML.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/\n/g,"<br/>");;document.write(s);document.close();

Disclaimer: This is not how Source Explore works. I did not even buy, try, pirate, or do anything with this app.

Saturday, September 26, 2009

Compiling iPhoneOS (3.1) apps with Xcode 3.2 without Provisioning Profile

Note: I don't know if this method still works, and I don't care. (And do not use the dd method mentioned in the article. It is extremely fragile to patch a binary file.)

Note 2: Please also check

I want to compile.

This is easiest to solve. To compile you still need a certificate that can code-sign, but think this as a lip-service. Here is the procedure to create a self-signed code-signing certificate using Keychain Access. Make sure you create the certificate in the "login" (default) keychain, not the "System" keychain. After the certificate is created, perform these steps:
  1. Open /Developer/Platforms/iPhoneOS.platform/Info.plist. (Backup if you want to be safe.)
  2. Go to line 46. Replace the XCiPhoneOSCodeSignContext with XCCodeSignContext
  3. Go to line 79. Replace the XCiPhoneOSCodeSignContext with XCCodeSignContext
  4. Save the file.
  5. Restart Xcode.
  6. Compile!

After doing this, you can't use entitlements with Xcode anymore. But you have ldid -Sxyz.xml that does the same job.

Friday, September 25, 2009

GreenTea devices — You can still use Maps.

I have forcefully enabled GreenTea on my device (with MobileSubstrate) but almost everything behaves normally (iTunes is still accessible, YouTube is not hidden, Maps shows everywhere, etc.). The only difference I've noticed is:
  • There is no Hybrid mode in Maps when GreenTea is on.

Oh well.

Thursday, September 24, 2009

China, no Google Maps for you (maybe)

Today I was making the API for GraphicsServices, and found something... interesting.

Since 3.0 it was "well known" that there is a mysterious capability called as "Green Tea". Nothing was known except for this funny name. Things start to get clear in the 3.1 firmware. The GraphicsServices of 3.1 has a new set of API for querying some properties of Maps and MapKit. Strangely, in the disassembly of these functions, the mysterious "Green Tea" capability was refered, e.g.
Boolean GSMapKitUserShifting() {
static CFStringRef gtDefault = CFSTR("MapKitUserShiftingGreenTea");
static CFStringRef ngtDefault = CFSTR("MapKitUserShiftingNonGreenTea");
if (GSSystemHasCapability(CFSTR("green-tea")))
return GetMapsDefault(gtDefault);
return GetMapsDefault(ngtDefault);

It means the "Green Tea" capability is related to Maps, and takes different default values. No big deal right?

Sunday, September 20, 2009

class-dump-z 0.2-0 released.

(The version jump is mainly because every other project is moving to 0.2 era.)


Note: Mac OS X 10.6 is required in this version.

What's changed:
  • Universal binary is supported. You can choose different architectures with the -u switch. (Not -arch or --arch because I didn't use getopt_long.)
  • Completely recognizes the new __LINKEDIT format. XXUnknownSuperclass shall no longer appears for 3.1 binaries.
  • __attribute__((visibility("hidden"))) will be included as well when the class is not exported (e.g. UIKeyboardLayoutStar).
  • Options to hide categories and protocols.
  • Sort class alphabetically, but keep class methods and -init methods on top (suggested by ashikase)
  • Option to choose between +(void)foo; and + (void)foo;. (suggested by ashikase)
  • Fixes a minor bug where timeOut:(int)out was written instead of timeOut:(int)anOut.

About the LC_DYLD_INFO[_ONLY] command.

With the introduction of the new __LINKEDIT format in iPhoneOS 3.1, many tools in the open toolchain are broken. This is all due to the unknown new commands LC_DYLD_INFO[_ONLY]. Although it's known to exist by many now, I found no useful documentation about this new format. Therefore, I'll outline what it is. Alternatively, you can study the source code of dyldinfo which contains every information here.

Friday, September 18, 2009

QuickScroll 2.2a should be available on Cydia soon.

QuickScroll 2.2 2.2a is released, and this marks the completion (so far) of the QuickScroll project. Thanks to the gdb for 3.1 I've finally squashed the "HiCalc" bug. I have already submitted it to BigBoss and should be available in a day. If you can't wait, you can still download from here.

Change log from 2.1a:
  • The scrolling indicator is no longer visible when scrollbar is used.
  • You should be able to use the scroller in HiCalc and other apps that canCancelContentTouches.

Change log from 2.2:
  • Fixed an obscure bug that causes crashing when the scroll view disappears. Thanks Optimo for discovering.

Porting the SDK's gdb for 3.1

The gdb on Cydia currently doesn't work on 3.1 because of the new Mach-O format. We could compile gdb from source (which I've failed to do so), wait for someone else to compile from source (which I'm still waiting), or just use the gdb in the SDK.

Update: saurik has updated the gdb package that works in 3.1, which will be available tomorrow. You can download it now from

The SDK's gdb is in /Developer/Platforms/iPhoneOS.platform/Developer/usr/libexec/gdb/gdb-arm-apple-darwin. While you can run it directly on your Mac, it is in fact a fat binary with 3 architectures:

file gdb-arm-apple-darwin

gdb-arm-apple-darwin: Mach-O universal binary with 3 architectures
gdb-arm-apple-darwin (for architecture ppc): Mach-O executable ppc
gdb-arm-apple-darwin (for architecture i386): Mach-O executable i386
gdb-arm-apple-darwin (for architecture armv5): Mach-O executable arm

The ARMv5 portion is what we want. But this gdb is useless to run on the iPhoneOS because it lacks all the essential entitlements. While entitlements can be inserted using ldid, there is a limitation needs to be worked-around: ldid doesn't support the armv5 architecture. We have to modify the source code of ldid to allow it:
@@ -557,6 +557,7 @@
case 12: switch (framework->cpusubtype) {
case 0: arch = "arm"; break;
case 6: arch = "armv6"; break;
+ case 7: arch = "armv5"; break;
default: arch = NULL; break;
} break;

(I have also lipo -thin-ed the gdb before ldid-ing to make everything smooth.) After applying this patch, the ldid should recognize armv5 correctly. Now, save this portion of text as an XML file (e.g. gdb.xml):
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

and then run:
ldid -Sgdb.xml gdb

, and the gdb should now be completely usable on the iPhoneOS.

Thursday, September 17, 2009

iKeyEx 0.1-99j released, now works in 3.1


This version is an emergency release to make it work in 3.1 (r497, r498). Along with it there are also these changes:
  1. Fixed a crash when uninstalling the Chinese Phrase Tables package (r491)
  2. Fixed a crash when phrases longer than 2 characters are processed (r499)
  3. Fixed a bug in characters sorting, that the sorted array is incorrect (r499).

Wednesday, September 16, 2009

QuickScroll 2.1a.


New features:
  • QuickScroll can be disabled for each particular app, including SpringBoard.
  • Activate by scrolling. (This is off by default since you can't have smooth scrolling with QuickScroll. Oh you have 3GS? Forget I what say then...)
  • New icon design by Sagitt.
  • Localizations.

After this release all features will be frozen. That is, no new features will be accepted, no matter how ingenious it is. (Ya know, this thing gotta be pushed out some day). Only bug fix and new localizations will be allowed for 2.2 (the public version).

Tuesday, September 15, 2009

QuickScroll 2.1.


  • The scrollers should now be easier to grab and move around.
  • Duration now really defaults to 2 seconds on first install. Thanks fusen for noticing.
  • Scrollbars can be chosen to jump on spot instead of next page. Thanks Sagitt for suggestion.

(If there're no other bugs I'll submit this version to BigBoss.)

Monday, September 14, 2009

QuickScroll 2 released

With a 333% size increase*, QuickScroll 2 is released to improve the scrolling experience.

  • QuickScroll 2 now introduces scrollbars, which is the default.

  • Besides PDF files, scroll views that explicitly allowed for paging can also be targeted.

  • The old scroller is still accessible, but you can now move it around (and occupies much less space).

  • (To jump to a page, tap the 123 icon at the lower right corner in scroll bar mode, or tap the ← arrow button in scroller dialog mode.)

  • These configuration can be set in Settings.

  • As you can see, there are 2 more gestures you can choose. The two-finger tap should allow you activate QuickScroll in a table view easier.

  • I've eliminated the close button. The scrollers will disappear in 2 seconds of inactivity.

  • QuickScroll's scrollers are now actually a subview of the scrolling view, while in the 1st version it is an alert box. This change allows QuickScroll to be used in very high-level windows like those in SBSettings and GriP.

  • I don't know how to localize PreferenceLoader entries yet. So no localizations in this version, sorry.

*: 24 KiB → 104 KiB on disk.

Friday, September 11, 2009

Get UIView hierarchy, take 3.

The previous post about dumping UIView hierarchy is actually over-complicated. Actually all you need is one command (in gdb):

po [[[UIApplication sharedApplication] keyWindow] scriptingInfoWithChildren]

The result will be very verbose, make sure your terminal has enough scrollback.

Thursday, September 10, 2009

iKeyEx 0.1-99i released.

Download = here.

  • Fixed issue 313. In an alt (numbers) plane, pressing the space key will go back to the main (alphabets) plane.
  • Typing the apostrophe (') in the main plane no longer auto-switch to the alt plane.
  • Fixed issue 312, and many other auto-shift related quirks.
  • .cin IME:
    • Number of candidates is limited to avoid near-infinite loop. 64.0 candidates should be enough for everyone.
    • Multi-radical continuation works again.
    • Fixed cases where blank candidates appear.
    • Candidate searching now operates in serial for reliability. You may experience some degrade in performance.
    • A progress indicator is added when the Patricia tree dump for the IME was first generated. This is essential for some huge IME like 輕鬆輸入法, which takes nearly 2 minutes for the first launch.

(Chinese Users: 倉頡輸入法及額外字頻表及詞庫亦更新至 0.2-1 版,這與 0.2-0 版內容上其實沒分別,只是製作 deb 時改用了 gnutar,從而避免因含非 ASCII 檔名而導致安裝失敗。若果你正在使用這些軟件,則不用更新。)

By the way, if you find any bugs, please report at Issues in the project page. If you leave a comment here or the wiki I can't guarantee I can dig and fix that.

Preemptive Warning: Comments not related to this content will be ignored.

Monday, September 7, 2009

Introducing Subjective-C, an objc_msgSend[_[st|fp]ret]? logger.

Time ago I logged calls to objc_msgSend to understand how to construct UIKBKeyboards. But that logger is known to cause problems due to asserting the arguments use less than 1024 bytes. I needed to log calls again for issue 312, but the old buggy behavior leads me to rewriting it more reliably.

The result is the dynamic library called Subjective-C. It has the following new features:
  • Stack-safe. No arguments will be lost due to this logger.
  • Call tree construction.
  • Filtering.

along with the old features:
  • Print and format all arguments, and the return value.

  • Due to licensing, only the ARM version is released, although the x86 version works perfectly.
  • If your product depends on Subjective-C (why?), please note that it is GPLv3.
  • (No, it won't help even if I BSD everything.)

Sample output

+[UIScroller _registerForNotifications]
+[NSString alloc] {
+[NSString allocWithZone:] (0x0)
+[NSBundle mainBundle] {
-[NSRecursiveLock lock] <0x1007540>
-[NSRecursiveLock unlock] <0x1007540>
} = <NSBundle 0x100db50>
-[NSBundle bundleIdentifier] <0x100db50> {
-[NSBundle infoDictionary] <0x100db50> {
-[NSBundle _cfBundle] <0x100db50> = 0x1009d60
} = <NSCFDictionary 0x100af10>
-[NSCFDictionary objectForKey:] <0x100af10> (@"CFBundleIdentifier") = @"com.yourcompany.Untitled4"
} = @"com.yourcompany.Untitled4"
-[NSPlaceholderString initWithFormat:] <0x100cf70> (@"%@.UIKit.migserver") {
-[NSPlaceholderString initWithFormat:locale:arguments:] <0x100cf70> (@"%@.UIKit.migserver", nil, "∞≠") {
-[NSCFString respondsToSelector:] <0x100adb0> (@selector(descriptionWithLocale:)) {
-[NSCFString class] <0x100adb0> = NSCFString
+[NSCFString resolveInstanceMethod:] (@selector(descriptionWithLocale:)) = NO
} = NO
-[NSCFString description] <0x100adb0> = /*self*/ @"com.yourcompany.Untitled4"
} = @"com.yourcompany.Untitled4.UIKit.migserver"
} = @"com.yourcompany.Untitled4.UIKit.migserver"

Wednesday, September 2, 2009


static int rx_reserve[8];


__asm__(" mov r1, #1\n"
" mov r2, #2\n"
" mov r3, #3\n"
" ldr r0, (reserve)\n"
" mov r4, r0\n"
" ????? r0!, {r1-r3}\n"
" str r0, [r4, #16]\n"
" b after_data\n"
" .long _rx_reserve+12\n"

printf("%d %d %d [%d] %d %d %d;\ndelta = %d\n",
rx_reserve[0], rx_reserve[1], rx_reserve[2], rx_reserve[3], rx_reserve[4], rx_reserve[5], rx_reserve[6],
rx_reserve[7]-(int)(rx_reserve+3) );

stmia0 0 0 [1] 2 3 0;
delta = 12
stmib0 0 0 [0] 1 2 3;
delta = 12
stmda0 1 2 [3] 0 0 0;
delta = -12
stmdb1 2 3 [0] 0 0 0;
delta = -12

Tuesday, September 1, 2009

iKeyEx & 5-Row QWERTY 0.1-99h are released

Downloads can be found in here as usual.

Changes from "g" are:

  • You can now long-press control keys (left, right, etc) to repeat actions.
  • ANSI and X11 apps for control keys are now correctly detected.
  • The config file is moved to ~/Library/Keyboard/iKeyEx::config.plist. This allows the config to be preserved even after firmware upgrade. (Permission problems will also be fixed during installation.)
  • PSBundle for layouts and IMEs. Normal users can find them in Settings → iKeyEx → Customize.
  • In the delete cache page, the total file size of the cache entry will be reported.
  • Candidate calculation in .cin IMEs now actually runs in background.
  • Associated phrases (aka Completion) can be disabled.
  • iKeyEx-KBMan now registers input modes correctly without causing crashes. Also it now purges layout cache correctly.

The "h" version of iKeyEx is considered a release candidate. I'll try to get it to BigBoss's beta repo if no major bug is found.

Many of the changes in "g" and "h" are to prepare for the 5 Row QWERTY layout. Of course, the major change for 5 Row QWERTY is it works on 3.0, but even compared with 0.1-9b, there are a few points to need to notice:
  1. You'll find that the Tab, Esc, Page Up keys etc become words instead of symbols. This is because, with the system fonts all the previous symbols cannot be rendered. For consistency I just change them all into words.
  2. The "Autocorrection" part of the old pref bundle is now handled by Mix & Match.
  3. Sometimes your customization won't take effect. Try to Delete cache if that happens.

There are no modifications other than these.