ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/cebix/BasiliskII/src/rom_patches.cpp
Revision: 1.28
Committed: 2010-02-21T12:00:01Z (14 years, 2 months ago) by cebix
Branch: MAIN
CVS Tags: HEAD
Changes since 1.27: +3 -3 lines
Log Message: 
fixed const-correctness

File Contents

# Content
1 /*
2 * rom_patches.cpp - ROM patches
3 *
4 * Basilisk II (C) Christian Bauer
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20
21 #include <string.h>
22
23 #include "sysdeps.h"
24 #include "cpu_emulation.h"
25 #include "main.h"
26 #include "emul_op.h"
27 #include "macos_util.h"
28 #include "slot_rom.h"
29 #include "sony.h"
30 #include "disk.h"
31 #include "cdrom.h"
32 #include "video.h"
33 #include "extfs.h"
34 #include "prefs.h"
35 #include "rom_patches.h"
36
37 #define DEBUG 0
38 #include "debug.h"
39
40
41 // Global variables
42 uint32 UniversalInfo; // ROM offset of UniversalInfo
43 uint32 PutScrapPatch = 0; // Mac address of PutScrap() patch
44 uint32 GetScrapPatch = 0; // Mac address of GetScrap() patch
45 uint32 ROMBreakpoint = 0; // ROM offset of breakpoint (0 = disabled, 0x2310 = CritError)
46 bool PrintROMInfo = false; // Flag: print ROM information in PatchROM()
47 bool PatchHWBases = true; // Flag: patch hardware base addresses
48
49 static uint32 sony_offset; // ROM offset of .Sony driver
50 static uint32 serd_offset; // ROM offset of SERD resource (serial drivers)
51 static uint32 microseconds_offset; // ROM offset of Microseconds() replacement routine
52 static uint32 debugutil_offset; // ROM offset of DebugUtil() replacement routine
53
54 // Prototypes
55 uint16 ROMVersion;
56
57 /*
58 * Macros used to extract one of the 16-bit words from a 32-bit word value
59 */
60
61 #define HiWord(X) (((X) >> 16) & 0xffff)
62 #define LoWord(X) ((X) & 0xffff)
63
64
65 /*
66 * Search ROM for byte string, return ROM offset (or 0)
67 */
68
69 static uint32 find_rom_data(uint32 start, uint32 end, const uint8 *data, uint32 data_len)
70 {
71 uint32 ofs = start;
72 while (ofs < end) {
73 if (!memcmp((void *)(ROMBaseHost + ofs), data, data_len))
74 return ofs;
75 ofs++;
76 }
77 return 0;
78 }
79
80
81 /*
82 * Search ROM resource by type/ID, return ROM offset of resource data
83 */
84
85 static uint32 rsrc_ptr = 0;
86
87 static uint32 find_rom_resource(uint32 s_type, int16 s_id, bool cont = false)
88 {
89 uint32 lp = ROMBaseMac + ReadMacInt32(ROMBaseMac + 0x1a);
90 uint32 x = ReadMacInt32(lp);
91
92 if (!cont)
93 rsrc_ptr = x;
94 else
95 rsrc_ptr = ReadMacInt32(ROMBaseMac + rsrc_ptr + 8);
96
97 for (;;) {
98 lp = ROMBaseMac + rsrc_ptr;
99 uint32 data = ReadMacInt32(lp + 12);
100 uint32 type = ReadMacInt32(lp + 16);
101 int16 id = ReadMacInt16(lp + 20);
102
103 if (type == s_type && id == s_id)
104 return data;
105
106 rsrc_ptr = ReadMacInt32(lp + 8);
107 if (!rsrc_ptr)
108 break;
109 }
110 return 0;
111 }
112
113
114 /*
115 * Search offset of A-Trap routine in ROM
116 */
117
118 static uint32 find_rom_trap(uint16 trap)
119 {
120 uint8 *bp = (uint8 *)(ROMBaseHost + ReadMacInt32(ROMBaseMac + 0x22));
121 uint16 rom_trap = 0xa800;
122 uint32 ofs = 0;
123
124 again:
125 for (int i=0; i<0x400; i++) {
126 bool unimplemented = false;
127 uint8 b = *bp++;
128 if (b == 0x80) // Unimplemented trap
129 unimplemented = true;
130 else if (b == 0xff) { // Absolute address
131 ofs = (bp[0] << 24) | (bp[1] << 16) | (bp[2] << 8) | bp[3];
132 bp += 4;
133 } else if (b & 0x80) { // 1 byte offset
134 int16 add = (b & 0x7f) << 1;
135 if (!add)
136 return 0;
137 ofs += add;
138 } else { // 2 byte offset
139 int16 add = ((b << 8) | *bp++) << 1;
140 if (!add)
141 return 0;
142 ofs += add;
143 }
144 if (rom_trap == trap)
145 return unimplemented ? 0 : ofs;
146 rom_trap++;
147 }
148 rom_trap = 0xa000;
149 goto again;
150 }
151
152
153 /*
154 * Print ROM information to stream,
155 */
156
157 static void list_rom_resources(void)
158 {
159 printf("ROM Resources:\n");
160 printf("Offset\t Type\tID\tSize\tName\n");
161 printf("------------------------------------------------\n");
162
163 uint32 lp = ROMBaseMac + ReadMacInt32(ROMBaseMac + 0x1a);
164 uint32 rsrc_ptr = ReadMacInt32(lp);
165
166 for (;;) {
167 lp = ROMBaseMac + rsrc_ptr;
168 uint32 data = ReadMacInt32(lp + 12);
169
170 char name[32];
171 int name_len = ReadMacInt8(lp + 23), i;
172 for (i=0; i<name_len; i++)
173 name[i] = ReadMacInt8(lp + 24 + i);
174 name[i] = 0;
175
176 printf("%08x %c%c%c%c\t%d\t%d\t%s\n", data, ReadMacInt8(lp + 16), ReadMacInt8(lp + 17), ReadMacInt8(lp + 18), ReadMacInt8(lp + 19), ReadMacInt16(lp + 20), ReadMacInt32(ROMBaseMac + data - 8), name);
177
178 rsrc_ptr = ReadMacInt32(lp + 8);
179 if (!rsrc_ptr)
180 break;
181 }
182 printf("\n");
183 }
184
185 // Mapping of Model IDs to Model names
186 struct mac_desc {
187 const char *name;
188 int32 id;
189 };
190
191 static mac_desc MacDesc[] = {
192 {"Classic" , 1},
193 {"Mac XL" , 2},
194 {"Mac 512KE" , 3},
195 {"Mac Plus" , 4},
196 {"Mac SE" , 5},
197 {"Mac II" , 6},
198 {"Mac IIx" , 7},
199 {"Mac IIcx" , 8},
200 {"Mac SE/030" , 9},
201 {"Mac Portable" , 10},
202 {"Mac IIci" , 11},
203 {"Mac IIfx" , 13},
204 {"Mac Classic" , 17},
205 {"Mac IIsi" , 18},
206 {"Mac LC" , 19},
207 {"Quadra 900" , 20},
208 {"PowerBook 170" , 21},
209 {"Quadra 700" , 22},
210 {"Classic II" , 23},
211 {"PowerBook 100" , 24},
212 {"PowerBook 140" , 25},
213 {"Quadra 950" , 26},
214 {"Mac LCIII/Performa 450", 27},
215 {"PowerBook Duo 210" , 29},
216 {"Centris 650" , 30},
217 {"PowerBook Duo 230" , 32},
218 {"PowerBook 180" , 33},
219 {"PowerBook 160" , 34},
220 {"Quadra 800" , 35},
221 {"Quadra 650" , 36},
222 {"Mac LCII" , 37},
223 {"PowerBook Duo 250" , 38},
224 {"Mac IIvi" , 44},
225 {"Mac IIvm/Performa 600", 45},
226 {"Mac IIvx" , 48},
227 {"Color Classic/Performa 250", 49},
228 {"PowerBook 165c" , 50},
229 {"Centris 610" , 52},
230 {"Quadra 610" , 53},
231 {"PowerBook 145" , 54},
232 {"Mac LC520" , 56},
233 {"Quadra/Centris 660AV" , 60},
234 {"Performa 46x" , 62},
235 {"PowerBook 180c" , 71},
236 {"PowerBook 520/520c/540/540c", 72},
237 {"PowerBook Duo 270c" , 77},
238 {"Quadra 840AV" , 78},
239 {"Performa 550" , 80},
240 {"PowerBook 165" , 84},
241 {"PowerBook 190" , 85},
242 {"Mac TV" , 88},
243 {"Mac LC475/Performa 47x", 89},
244 {"Mac LC575" , 92},
245 {"Quadra 605" , 94},
246 {"Quadra 630" , 98},
247 {"Mac LC580" , 99},
248 {"PowerBook Duo 280" , 102},
249 {"PowerBook Duo 280c" , 103},
250 {"PowerBook 150" , 115},
251 {"unknown", -1}
252 };
253
254 static void print_universal_info(uint32 info)
255 {
256 uint8 id = ReadMacInt8(info + 18);
257 uint16 hwcfg = ReadMacInt16(info + 16);
258 uint16 rom85 = ReadMacInt16(info + 20);
259
260 // Find model name
261 const char *name = "unknown";
262 for (int i=0; MacDesc[i].id >= 0; i++)
263 if (MacDesc[i].id == id + 6) {
264 name = MacDesc[i].name;
265 break;
266 }
267
268 printf("%08x %02x\t%04x\t%04x\t%s\n", info - ROMBaseMac, id, hwcfg, rom85, name);
269 }
270
271 static void list_universal_infos(void)
272 {
273 uint32 ofs = 0x3000;
274 for (int i=0; i<0x2000; i+=2, ofs+=2)
275 if (ReadMacInt32(ROMBaseMac + ofs) == 0xdc000505) {
276 ofs -= 16;
277 uint32 q;
278 for (q=ofs; q > 0 && ReadMacInt32(ROMBaseMac + q) != ofs - q; q-=4) ;
279 if (q > 0) {
280 printf("Universal Table at %08x:\n", q);
281 printf("Offset\t ID\tHWCfg\tROM85\tModel\n");
282 printf("------------------------------------------------\n");
283 while ((ofs = ReadMacInt32(ROMBaseMac + q))) {
284 print_universal_info(ROMBaseMac + ofs + q);
285 q += 4;
286 }
287 }
288 break;
289 }
290 printf("\n");
291 }
292
293 static void print_rom_info(void)
294 {
295 printf("\nROM Info:\n");
296 printf("Checksum : %08x\n", ReadMacInt32(ROMBaseMac));
297 printf("Version : %04x\n", ROMVersion);
298 printf("Sub Version : %04x\n", ReadMacInt16(ROMBaseMac + 18));
299 printf("Resource Map: %08x\n", ReadMacInt32(ROMBaseMac + 26));
300 printf("Trap Tables : %08x\n\n", ReadMacInt32(ROMBaseMac + 34));
301 if (ROMVersion == ROM_VERSION_32) {
302 list_rom_resources();
303 list_universal_infos();
304 }
305 }
306
307
308 /*
309 * Driver stubs
310 */
311
312 static const uint8 sony_driver[] = { // Replacement for .Sony driver
313 // Driver header
314 SonyDriverFlags >> 8, SonyDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
315 0x00, 0x18, // Open() offset
316 0x00, 0x1c, // Prime() offset
317 0x00, 0x20, // Control() offset
318 0x00, 0x2c, // Status() offset
319 0x00, 0x52, // Close() offset
320 0x05, 0x2e, 0x53, 0x6f, 0x6e, 0x79, // ".Sony"
321
322 // Open()
323 M68K_EMUL_OP_SONY_OPEN >> 8, M68K_EMUL_OP_SONY_OPEN & 0xff,
324 0x4e, 0x75, // rts
325
326 // Prime()
327 M68K_EMUL_OP_SONY_PRIME >> 8, M68K_EMUL_OP_SONY_PRIME & 0xff,
328 0x60, 0x0e, // bra IOReturn
329
330 // Control()
331 M68K_EMUL_OP_SONY_CONTROL >> 8, M68K_EMUL_OP_SONY_CONTROL & 0xff,
332 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
333 0x66, 0x04, // bne IOReturn
334 0x4e, 0x75, // rts
335
336 // Status()
337 M68K_EMUL_OP_SONY_STATUS >> 8, M68K_EMUL_OP_SONY_STATUS & 0xff,
338
339 // IOReturn
340 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
341 0x08, 0x01, 0x00, 0x09, // btst #9,d1
342 0x67, 0x0c, // beq 1
343 0x4a, 0x40, // tst.w d0
344 0x6f, 0x02, // ble 2
345 0x42, 0x40, // clr.w d0
346 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
347 0x4e, 0x75, // rts
348 0x4a, 0x40, //1 tst.w d0
349 0x6f, 0x04, // ble 3
350 0x42, 0x40, // clr.w d0
351 0x4e, 0x75, // rts
352 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
353 0x4e, 0x75, // rts
354
355 // Close()
356 0x70, 0xe8, // moveq #-24,d0
357 0x4e, 0x75 // rts
358 };
359
360 static const uint8 disk_driver[] = { // Generic disk driver
361 // Driver header
362 DiskDriverFlags >> 8, DiskDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
363 0x00, 0x18, // Open() offset
364 0x00, 0x1c, // Prime() offset
365 0x00, 0x20, // Control() offset
366 0x00, 0x2c, // Status() offset
367 0x00, 0x52, // Close() offset
368 0x05, 0x2e, 0x44, 0x69, 0x73, 0x6b, // ".Disk"
369
370 // Open()
371 M68K_EMUL_OP_DISK_OPEN >> 8, M68K_EMUL_OP_DISK_OPEN & 0xff,
372 0x4e, 0x75, // rts
373
374 // Prime()
375 M68K_EMUL_OP_DISK_PRIME >> 8, M68K_EMUL_OP_DISK_PRIME & 0xff,
376 0x60, 0x0e, // bra IOReturn
377
378 // Control()
379 M68K_EMUL_OP_DISK_CONTROL >> 8, M68K_EMUL_OP_DISK_CONTROL & 0xff,
380 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
381 0x66, 0x04, // bne IOReturn
382 0x4e, 0x75, // rts
383
384 // Status()
385 M68K_EMUL_OP_DISK_STATUS >> 8, M68K_EMUL_OP_DISK_STATUS & 0xff,
386
387 // IOReturn
388 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
389 0x08, 0x01, 0x00, 0x09, // btst #9,d1
390 0x67, 0x0c, // beq 1
391 0x4a, 0x40, // tst.w d0
392 0x6f, 0x02, // ble 2
393 0x42, 0x40, // clr.w d0
394 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
395 0x4e, 0x75, // rts
396 0x4a, 0x40, //1 tst.w d0
397 0x6f, 0x04, // ble 3
398 0x42, 0x40, // clr.w d0
399 0x4e, 0x75, // rts
400 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
401 0x4e, 0x75, // rts
402
403 // Close()
404 0x70, 0xe8, // moveq #-24,d0
405 0x4e, 0x75 // rts
406 };
407
408 static const uint8 cdrom_driver[] = { // CD-ROM driver
409 // Driver header
410 CDROMDriverFlags >> 8, CDROMDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
411 0x00, 0x1c, // Open() offset
412 0x00, 0x20, // Prime() offset
413 0x00, 0x24, // Control() offset
414 0x00, 0x30, // Status() offset
415 0x00, 0x56, // Close() offset
416 0x08, 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x43, 0x44, 0x00, // ".AppleCD"
417
418 // Open()
419 M68K_EMUL_OP_CDROM_OPEN >> 8, M68K_EMUL_OP_CDROM_OPEN & 0xff,
420 0x4e, 0x75, // rts
421
422 // Prime()
423 M68K_EMUL_OP_CDROM_PRIME >> 8, M68K_EMUL_OP_CDROM_PRIME & 0xff,
424 0x60, 0x0e, // bra IOReturn
425
426 // Control()
427 M68K_EMUL_OP_CDROM_CONTROL >> 8, M68K_EMUL_OP_CDROM_CONTROL & 0xff,
428 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
429 0x66, 0x04, // bne IOReturn
430 0x4e, 0x75, // rts
431
432 // Status()
433 M68K_EMUL_OP_CDROM_STATUS >> 8, M68K_EMUL_OP_CDROM_STATUS & 0xff,
434
435 // IOReturn
436 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
437 0x08, 0x01, 0x00, 0x09, // btst #9,d1
438 0x67, 0x0c, // beq 1
439 0x4a, 0x40, // tst.w d0
440 0x6f, 0x02, // ble 2
441 0x42, 0x40, // clr.w d0
442 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
443 0x4e, 0x75, // rts
444 0x4a, 0x40, //1 tst.w d0
445 0x6f, 0x04, // ble 3
446 0x42, 0x40, // clr.w d0
447 0x4e, 0x75, // rts
448 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
449 0x4e, 0x75, // rts
450
451 // Close()
452 0x70, 0xe8, // moveq #-24,d0
453 0x4e, 0x75 // rts
454 };
455
456 static const uint8 ain_driver[] = { // .AIn driver header
457 // Driver header
458 0x4d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
459 0x00, 0x18, // Open() offset
460 0x00, 0x1e, // Prime() offset
461 0x00, 0x24, // Control() offset
462 0x00, 0x32, // Status() offset
463 0x00, 0x38, // Close() offset
464 0x04, 0x2e, 0x41, 0x49, 0x6e, 0x09, // ".AIn",9
465
466 // Open()
467 0x70, 0x00, // moveq #0,d0
468 M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
469 0x4e, 0x75, // rts
470
471 // Prime()
472 0x70, 0x00, // moveq #0,d0
473 M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
474 0x60, 0x1a, // bra IOReturn
475
476 // Control()
477 0x70, 0x00, // moveq #0,d0
478 M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
479 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
480 0x66, 0x0e, // bne IOReturn
481 0x4e, 0x75, // rts
482
483 // Status()
484 0x70, 0x00, // moveq #0,d0
485 M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
486 0x60, 0x06, // bra IOReturn
487
488 // Close()
489 0x70, 0x00, // moveq #0,d0
490 M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
491 0x4e, 0x75, // rts
492
493 // IOReturn
494 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
495 0x08, 0x01, 0x00, 0x09, // btst #9,d1
496 0x67, 0x0c, // beq 1
497 0x4a, 0x40, // tst.w d0
498 0x6f, 0x02, // ble 2
499 0x42, 0x40, // clr.w d0
500 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
501 0x4e, 0x75, // rts
502 0x4a, 0x40, //1 tst.w d0
503 0x6f, 0x04, // ble 3
504 0x42, 0x40, // clr.w d0
505 0x4e, 0x75, // rts
506 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
507 0x4e, 0x75, // rts
508 };
509
510 static const uint8 aout_driver[] = { // .AOut driver header
511 // Driver header
512 0x4e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
513 0x00, 0x1a, // Open() offset
514 0x00, 0x20, // Prime() offset
515 0x00, 0x26, // Control() offset
516 0x00, 0x34, // Status() offset
517 0x00, 0x3a, // Close() offset
518 0x05, 0x2e, 0x41, 0x4f, 0x75, 0x74, 0x09, 0x00, // ".AOut",9
519
520 // Open()
521 0x70, 0x01, // moveq #1,d0
522 M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
523 0x4e, 0x75, // rts
524
525 // Prime()
526 0x70, 0x01, // moveq #1,d0
527 M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
528 0x60, 0x1a, // bra IOReturn
529
530 // Control()
531 0x70, 0x01, // moveq #1,d0
532 M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
533 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
534 0x66, 0x0e, // bne IOReturn
535 0x4e, 0x75, // rts
536
537 // Status()
538 0x70, 0x01, // moveq #1,d0
539 M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
540 0x60, 0x06, // bra IOReturn
541
542 // Close()
543 0x70, 0x01, // moveq #1,d0
544 M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
545 0x4e, 0x75, // rts
546
547 // IOReturn
548 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
549 0x08, 0x01, 0x00, 0x09, // btst #9,d1
550 0x67, 0x0c, // beq 1
551 0x4a, 0x40, // tst.w d0
552 0x6f, 0x02, // ble 2
553 0x42, 0x40, // clr.w d0
554 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
555 0x4e, 0x75, // rts
556 0x4a, 0x40, //1 tst.w d0
557 0x6f, 0x04, // ble 3
558 0x42, 0x40, // clr.w d0
559 0x4e, 0x75, // rts
560 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
561 0x4e, 0x75, // rts
562 };
563
564 static const uint8 bin_driver[] = { // .BIn driver header
565 // Driver header
566 0x4d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
567 0x00, 0x18, // Open() offset
568 0x00, 0x1e, // Prime() offset
569 0x00, 0x24, // Control() offset
570 0x00, 0x32, // Status() offset
571 0x00, 0x38, // Close() offset
572 0x04, 0x2e, 0x42, 0x49, 0x6e, 0x09, // ".BIn",9
573
574 // Open()
575 0x70, 0x02, // moveq #2,d0
576 M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
577 0x4e, 0x75, // rts
578
579 // Prime()
580 0x70, 0x02, // moveq #2,d0
581 M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
582 0x60, 0x1a, // bra IOReturn
583
584 // Control()
585 0x70, 0x02, // moveq #2,d0
586 M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
587 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
588 0x66, 0x0e, // bne IOReturn
589 0x4e, 0x75, // rts
590
591 // Status()
592 0x70, 0x02, // moveq #2,d0
593 M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
594 0x60, 0x06, // bra IOReturn
595
596 // Close()
597 0x70, 0x02, // moveq #2,d0
598 M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
599 0x4e, 0x75, // rts
600
601 // IOReturn
602 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
603 0x08, 0x01, 0x00, 0x09, // btst #9,d1
604 0x67, 0x0c, // beq 1
605 0x4a, 0x40, // tst.w d0
606 0x6f, 0x02, // ble 2
607 0x42, 0x40, // clr.w d0
608 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
609 0x4e, 0x75, // rts
610 0x4a, 0x40, //1 tst.w d0
611 0x6f, 0x04, // ble 3
612 0x42, 0x40, // clr.w d0
613 0x4e, 0x75, // rts
614 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
615 0x4e, 0x75, // rts
616 };
617
618 static const uint8 bout_driver[] = { // .BOut driver header
619 // Driver header
620 0x4e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
621 0x00, 0x1a, // Open() offset
622 0x00, 0x20, // Prime() offset
623 0x00, 0x26, // Control() offset
624 0x00, 0x34, // Status() offset
625 0x00, 0x3a, // Close() offset
626 0x05, 0x2e, 0x42, 0x4f, 0x75, 0x74, 0x09, 0x00, // ".BOut",9
627
628 // Open()
629 0x70, 0x03, // moveq #3,d0
630 M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
631 0x4e, 0x75, // rts
632
633 // Prime()
634 0x70, 0x03, // moveq #3,d0
635 M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
636 0x60, 0x1a, // bra IOReturn
637
638 // Control()
639 0x70, 0x03, // moveq #3,d0
640 M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
641 0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
642 0x66, 0x0e, // bne IOReturn
643 0x4e, 0x75, // rts
644
645 // Status()
646 0x70, 0x03, // moveq #3,d0
647 M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
648 0x60, 0x06, // bra IOReturn
649
650 // Close()
651 0x70, 0x03, // moveq #3,d0
652 M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
653 0x4e, 0x75, // rts
654
655 // IOReturn
656 0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
657 0x08, 0x01, 0x00, 0x09, // btst #9,d1
658 0x67, 0x0c, // beq 1
659 0x4a, 0x40, // tst.w d0
660 0x6f, 0x02, // ble 2
661 0x42, 0x40, // clr.w d0
662 0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
663 0x4e, 0x75, // rts
664 0x4a, 0x40, //1 tst.w d0
665 0x6f, 0x04, // ble 3
666 0x42, 0x40, // clr.w d0
667 0x4e, 0x75, // rts
668 0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
669 0x4e, 0x75, // rts
670 };
671
672
673 /*
674 * ADBOp() patch
675 */
676
677 static const uint8 adbop_patch[] = { // Call ADBOp() completion procedure
678 // The completion procedure may call ADBOp() again!
679 0x40, 0xe7, // move sr,-(sp)
680 0x00, 0x7c, 0x07, 0x00, // ori #$0700,sr
681 M68K_EMUL_OP_ADBOP >> 8, M68K_EMUL_OP_ADBOP & 0xff,
682 0x48, 0xe7, 0x70, 0xf0, // movem.l d1-d3/a0-a3,-(sp)
683 0x26, 0x48, // move.l a0,a3
684 0x4a, 0xab, 0x00, 0x04, // tst.l 4(a3)
685 0x67, 0x00, 0x00, 0x18, // beq 1
686 0x20, 0x53, // move.l (a3),a0
687 0x22, 0x6b, 0x00, 0x04, // move.l 4(a3),a1
688 0x24, 0x6b, 0x00, 0x08, // move.l 8(a3),a2
689 0x26, 0x78, 0x0c, 0xf8, // move.l $cf8,a3
690 0x4e, 0x91, // jsr (a1)
691 0x70, 0x00, // moveq #0,d0
692 0x60, 0x00, 0x00, 0x04, // bra 2
693 0x70, 0xff, //1 moveq #-1,d0
694 0x4c, 0xdf, 0x0f, 0x0e, //2 movem.l (sp)+,d1-d3/a0-a3
695 0x46, 0xdf, // move (sp)+,sr
696 0x4e, 0x75 // rts
697 };
698
699
700 /*
701 * Install .Sony, disk and CD-ROM drivers
702 */
703
704 void InstallDrivers(uint32 pb)
705 {
706 D(bug("InstallDrivers, pb %08x\n", pb));
707 M68kRegisters r;
708
709 // Install Microseconds() replacement routine
710 r.a[0] = ROMBaseMac + microseconds_offset;
711 r.d[0] = 0xa093;
712 Execute68kTrap(0xa247, &r); // SetOSTrapAddress()
713
714 // Install DebugUtil() replacement routine
715 r.a[0] = ROMBaseMac + debugutil_offset;
716 r.d[0] = 0xa08d;
717 Execute68kTrap(0xa247, &r); // SetOSTrapAddress()
718
719 // Install disk driver
720 r.a[0] = ROMBaseMac + sony_offset + 0x100;
721 r.d[0] = (uint32)DiskRefNum;
722 Execute68kTrap(0xa43d, &r); // DrvrInstallRsrvMem()
723 r.a[0] = ReadMacInt32(ReadMacInt32(0x11c) + ~DiskRefNum * 4); // Get driver handle from Unit Table
724 Execute68kTrap(0xa029, &r); // HLock()
725 uint32 dce = ReadMacInt32(r.a[0]);
726 WriteMacInt32(dce + dCtlDriver, ROMBaseMac + sony_offset + 0x100);
727 WriteMacInt16(dce + dCtlFlags, DiskDriverFlags);
728
729 // Open disk driver
730 WriteMacInt32(pb + ioNamePtr, ROMBaseMac + sony_offset + 0x112);
731 r.a[0] = pb;
732 Execute68kTrap(0xa000, &r); // Open()
733
734 // Install CD-ROM driver unless nocdrom option given
735 if (!PrefsFindBool("nocdrom")) {
736
737 // Install CD-ROM driver
738 r.a[0] = ROMBaseMac + sony_offset + 0x200;
739 r.d[0] = (uint32)CDROMRefNum;
740 Execute68kTrap(0xa43d, &r); // DrvrInstallRsrvMem()
741 r.a[0] = ReadMacInt32(ReadMacInt32(0x11c) + ~CDROMRefNum * 4); // Get driver handle from Unit Table
742 Execute68kTrap(0xa029, &r); // HLock()
743 dce = ReadMacInt32(r.a[0]);
744 WriteMacInt32(dce + dCtlDriver, ROMBaseMac + sony_offset + 0x200);
745 WriteMacInt16(dce + dCtlFlags, CDROMDriverFlags);
746
747 // Open CD-ROM driver
748 WriteMacInt32(pb + ioNamePtr, ROMBaseMac + sony_offset + 0x212);
749 r.a[0] = pb;
750 Execute68kTrap(0xa000, &r); // Open()
751 }
752 }
753
754
755 /*
756 * Install serial drivers
757 */
758
759 void InstallSERD(void)
760 {
761 D(bug("InstallSERD\n"));
762
763 // All drivers are inside the SERD resource
764 M68kRegisters r;
765
766 // Install .AIn driver
767 r.d[0] = (uint32)-6;
768 r.a[0] = ROMBaseMac + serd_offset + 0x100;
769 Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
770 Execute68kTrap(0xa029, &r); // HLock()
771 uint32 drvr_ptr = ReadMacInt32(r.a[0]);
772 WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x100); // Pointer to driver header
773 WriteMacInt16(drvr_ptr + dCtlFlags, (ain_driver[0] << 8) + ain_driver[1]); // Driver flags
774 WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
775
776 // Install .AOut driver
777 r.d[0] = (uint32)-7;
778 r.a[0] = ROMBaseMac + serd_offset + 0x200;
779 Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
780 Execute68kTrap(0xa029, &r); // HLock()
781 drvr_ptr = ReadMacInt32(r.a[0]);
782 WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x200); // Pointer to driver header
783 WriteMacInt16(drvr_ptr + dCtlFlags, (aout_driver[0] << 8) + aout_driver[1]); // Driver flags
784 WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
785
786 // Install .BIn driver
787 r.d[0] = (uint32)-8;
788 r.a[0] = ROMBaseMac + serd_offset + 0x300;
789 Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
790 Execute68kTrap(0xa029, &r); // HLock()
791 drvr_ptr = ReadMacInt32(r.a[0]);
792 WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x300); // Pointer to driver header
793 WriteMacInt16(drvr_ptr + dCtlFlags, (bin_driver[0] << 8) + bin_driver[1]); // Driver flags
794 WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
795
796 // Install .BOut driver
797 r.d[0] = (uint32)-9;
798 r.a[0] = ROMBaseMac + serd_offset + 0x400;
799 Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
800 Execute68kTrap(0xa029, &r); // HLock()
801 drvr_ptr = ReadMacInt32(r.a[0]);
802 WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x400); // Pointer to driver header
803 WriteMacInt16(drvr_ptr + dCtlFlags, (bout_driver[0] << 8) + bout_driver[1]); // Driver flags
804 WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
805 }
806
807
808 /*
809 * Install patches after MacOS startup
810 */
811
812 void PatchAfterStartup(void)
813 {
814 #if SUPPORTS_EXTFS
815 // Install external file system
816 InstallExtFS();
817 #endif
818 }
819
820
821 /*
822 * Check ROM version, returns false if ROM version is not supported
823 */
824
825 bool CheckROM(void)
826 {
827 // Read version
828 ROMVersion = ntohs(*(uint16 *)(ROMBaseHost + 8));
829
830 #if REAL_ADDRESSING || DIRECT_ADDRESSING
831 // Real and direct addressing modes require a 32-bit clean ROM
832 return ROMVersion == ROM_VERSION_32;
833 #else
834 // Virtual addressing mode works with 32-bit clean Mac II ROMs and Classic ROMs
835 return (ROMVersion == ROM_VERSION_CLASSIC) || (ROMVersion == ROM_VERSION_32);
836 #endif
837 }
838
839
840 /*
841 * Install ROM patches, returns false if ROM version is not supported
842 */
843
844 // ROM patches for Mac Classic/SE ROMs (version $0276)
845 static bool patch_rom_classic(void)
846 {
847 uint16 *wp;
848 uint32 base;
849
850 // Don't jump into debugger (VIA line)
851 wp = (uint16 *)(ROMBaseHost + 0x1c40);
852 *wp = htons(0x601e);
853
854 // Don't complain about incorrect ROM checksum
855 wp = (uint16 *)(ROMBaseHost + 0x1c6c);
856 *wp = htons(0x7c00);
857
858 // Don't initialize IWM
859 wp = (uint16 *)(ROMBaseHost + 0x50);
860 *wp++ = htons(M68K_NOP);
861 *wp = htons(M68K_NOP);
862
863 // Skip startup sound
864 wp = (uint16 *)(ROMBaseHost + 0x6a);
865 *wp++ = htons(M68K_NOP);
866 *wp = htons(M68K_NOP);
867
868 // Don't loop in ADB init
869 wp = (uint16 *)(ROMBaseHost + 0x3364);
870 *wp = htons(M68K_NOP);
871
872 // Patch ClkNoMem
873 wp = (uint16 *)(ROMBaseHost + 0xa2c0);
874 *wp++ = htons(M68K_EMUL_OP_CLKNOMEM);
875 *wp = htons(0x4ed5); // jmp (a5)
876
877 // Skip main memory test (not that it wouldn't pass, but it's faster that way)
878 wp = (uint16 *)(ROMBaseHost + 0x11e);
879 *wp++ = htons(M68K_NOP);
880 *wp = htons(M68K_NOP);
881
882 // Install our own drivers
883 wp = (uint16 *)(ROMBaseHost + 0x3f82a);
884 *wp++ = htons(M68K_EMUL_OP_INSTALL_DRIVERS);
885 *wp++ = htons(M68K_NOP);
886 *wp++ = htons(M68K_NOP);
887 *wp = htons(M68K_NOP);
888
889 #if 1
890 // Don't look for SCSI devices
891 wp = (uint16 *)(ROMBaseHost + 0xd5a);
892 *wp = htons(0x601e);
893 #endif
894
895 // Replace .Sony driver
896 sony_offset = 0x34680;
897 D(bug("sony %08lx\n", sony_offset));
898 memcpy(ROMBaseHost + sony_offset, sony_driver, sizeof(sony_driver));
899
900 // Install .Disk and .AppleCD drivers
901 memcpy(ROMBaseHost + sony_offset + 0x100, disk_driver, sizeof(disk_driver));
902 memcpy(ROMBaseHost + sony_offset + 0x200, cdrom_driver, sizeof(cdrom_driver));
903
904 // Copy icons to ROM
905 SonyDiskIconAddr = ROMBaseMac + sony_offset + 0x400;
906 memcpy(ROMBaseHost + sony_offset + 0x400, SonyDiskIcon, sizeof(SonyDiskIcon));
907 SonyDriveIconAddr = ROMBaseMac + sony_offset + 0x600;
908 memcpy(ROMBaseHost + sony_offset + 0x600, SonyDriveIcon, sizeof(SonyDriveIcon));
909 DiskIconAddr = ROMBaseMac + sony_offset + 0x800;
910 memcpy(ROMBaseHost + sony_offset + 0x800, DiskIcon, sizeof(DiskIcon));
911 CDROMIconAddr = ROMBaseMac + sony_offset + 0xa00;
912 memcpy(ROMBaseHost + sony_offset + 0xa00, CDROMIcon, sizeof(CDROMIcon));
913
914 // Install SERD patch and serial drivers
915 serd_offset = 0x31bae;
916 D(bug("serd %08lx\n", serd_offset));
917 wp = (uint16 *)(ROMBaseHost + serd_offset + 12);
918 *wp++ = htons(M68K_EMUL_OP_SERD);
919 *wp = htons(M68K_RTS);
920 memcpy(ROMBaseHost + serd_offset + 0x100, ain_driver, sizeof(ain_driver));
921 memcpy(ROMBaseHost + serd_offset + 0x200, aout_driver, sizeof(aout_driver));
922 memcpy(ROMBaseHost + serd_offset + 0x300, bin_driver, sizeof(bin_driver));
923 memcpy(ROMBaseHost + serd_offset + 0x400, bout_driver, sizeof(bout_driver));
924
925 // Replace ADBOp()
926 memcpy(ROMBaseHost + 0x3880, adbop_patch, sizeof(adbop_patch));
927
928 // Replace Time Manager
929 wp = (uint16 *)(ROMBaseHost + 0x1a95c);
930 *wp++ = htons(M68K_EMUL_OP_INSTIME);
931 *wp = htons(M68K_RTS);
932 wp = (uint16 *)(ROMBaseHost + 0x1a96a);
933 *wp++ = htons(0x40e7); // move sr,-(sp)
934 *wp++ = htons(0x007c); // ori #$0700,sr
935 *wp++ = htons(0x0700);
936 *wp++ = htons(M68K_EMUL_OP_RMVTIME);
937 *wp++ = htons(0x46df); // move (sp)+,sr
938 *wp = htons(M68K_RTS);
939 wp = (uint16 *)(ROMBaseHost + 0x1a984);
940 *wp++ = htons(0x40e7); // move sr,-(sp)
941 *wp++ = htons(0x007c); // ori #$0700,sr
942 *wp++ = htons(0x0700);
943 *wp++ = htons(M68K_EMUL_OP_PRIMETIME);
944 *wp++ = htons(0x46df); // move (sp)+,sr
945 *wp++ = htons(M68K_RTS);
946 microseconds_offset = (uint8 *)wp - ROMBaseHost;
947 *wp++ = htons(M68K_EMUL_OP_MICROSECONDS);
948 *wp++ = htons(M68K_RTS);
949
950 // Replace DebugUtil
951 debugutil_offset = (uint8 *)wp - ROMBaseHost;
952 *wp++ = htons(M68K_EMUL_OP_DEBUGUTIL);
953 *wp = htons(M68K_RTS);
954
955 // Replace SCSIDispatch()
956 wp = (uint16 *)(ROMBaseHost + 0x1a206);
957 *wp++ = htons(M68K_EMUL_OP_SCSI_DISPATCH);
958 *wp++ = htons(0x2e49); // move.l a1,a7
959 *wp = htons(M68K_JMP_A0);
960
961 // Modify vCheckLoad() so we can patch resources
962 wp = (uint16 *)(ROMBaseHost + 0xe740);
963 *wp++ = htons(M68K_JMP);
964 *wp++ = htons((ROMBaseMac + sony_offset + 0x300) >> 16);
965 *wp = htons((ROMBaseMac + sony_offset + 0x300) & 0xffff);
966 wp = (uint16 *)(ROMBaseHost + sony_offset + 0x300);
967 *wp++ = htons(0x2f03); // move.l d3,-(sp) (save type)
968 *wp++ = htons(0x2078); // move.l $07f0,a0
969 *wp++ = htons(0x07f0);
970 *wp++ = htons(M68K_JSR_A0);
971 *wp++ = htons(0x221f); // move.l (sp)+,d1 (restore type)
972 *wp++ = htons(M68K_EMUL_OP_CHECKLOAD);
973 *wp = htons(M68K_RTS);
974
975 // Install PutScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
976 PutScrapPatch = ROMBaseMac + sony_offset + 0xc00;
977 base = ROMBaseMac + 0x12794;
978 wp = (uint16 *)(ROMBaseHost + sony_offset + 0xc00);
979 *wp++ = htons(M68K_EMUL_OP_PUT_SCRAP);
980 *wp++ = htons(M68K_JMP);
981 *wp++ = htons(base >> 16);
982 *wp = htons(base & 0xffff);
983
984 #if 0
985 // Boot from internal EDisk
986 wp = (uint16 *)(ROMBaseHost + 0x3f83c);
987 *wp = htons(M68K_NOP);
988 #endif
989
990 // Patch VIA interrupt handler
991 wp = (uint16 *)(ROMBaseHost + 0x2b3a); // Level 1 handler
992 *wp++ = htons(0x5888); // addq.l #4,a0
993 *wp++ = htons(0x5888); // addq.l #4,a0
994 *wp++ = htons(M68K_NOP);
995 *wp++ = htons(M68K_NOP);
996 *wp++ = htons(M68K_NOP);
997 *wp++ = htons(M68K_NOP);
998 *wp++ = htons(M68K_NOP);
999 *wp++ = htons(M68K_NOP);
1000 *wp = htons(M68K_NOP);
1001
1002 wp = (uint16 *)(ROMBaseHost + 0x2be4); // 60Hz handler (handles everything)
1003 *wp++ = htons(M68K_NOP);
1004 *wp++ = htons(M68K_NOP);
1005 *wp++ = htons(M68K_EMUL_OP_IRQ);
1006 *wp++ = htons(0x4a80); // tst.l d0
1007 *wp = htons(0x67f4); // beq 0x402be2
1008 return true;
1009 }
1010
1011 // ROM patches for 32-bit clean Mac-II ROMs (version $067c)
1012 static bool patch_rom_32(void)
1013 {
1014 uint32 *lp;
1015 uint16 *wp;
1016 uint8 *bp;
1017 uint32 base;
1018
1019 // Find UniversalInfo
1020 static const uint8 universal_dat[] = {0xdc, 0x00, 0x05, 0x05, 0x3f, 0xff, 0x01, 0x00};
1021 if ((base = find_rom_data(0x3400, 0x3c00, universal_dat, sizeof(universal_dat))) == 0) return false;
1022 UniversalInfo = base - 0x10;
1023 D(bug("universal %08lx\n", UniversalInfo));
1024
1025 // Patch UniversalInfo (disable NuBus slots)
1026 bp = ROMBaseHost + UniversalInfo + ReadMacInt32(ROMBaseMac + UniversalInfo + 12); // nuBusInfoPtr
1027 bp[0] = 0x03;
1028 for (int i=1; i<16; i++)
1029 bp[i] = 0x08;
1030
1031 // Set model ID from preferences
1032 bp = ROMBaseHost + UniversalInfo + 18; // productKind
1033 *bp = PrefsFindInt32("modelid");
1034
1035 #if !ROM_IS_WRITE_PROTECTED
1036 #if defined(USE_SCRATCHMEM_SUBTERFUGE)
1037 // Set hardware base addresses to scratch memory area
1038 if (PatchHWBases) {
1039 extern uint8 *ScratchMem;
1040 const uint32 ScratchMemBase = Host2MacAddr(ScratchMem);
1041
1042 D(bug("LMGlob\tOfs/4\tBase\n"));
1043 base = ROMBaseMac + UniversalInfo + ReadMacInt32(ROMBaseMac + UniversalInfo); // decoderInfoPtr
1044 wp = (uint16 *)(ROMBaseHost + 0x94a);
1045 while (*wp != 0xffff) {
1046 int16 ofs = ntohs(*wp++); // offset in decoderInfo (/4)
1047 int16 lmg = ntohs(*wp++); // address of LowMem global
1048 D(bug("0x%04x\t%d\t0x%08x\n", lmg, ofs, ReadMacInt32(base + ofs*4)));
1049
1050 // Fake address only if this is not the ASC base
1051 if (lmg != 0xcc0)
1052 WriteMacInt32(base + ofs*4, ScratchMemBase);
1053 }
1054 }
1055 #else
1056 #error System specific handling for writable ROM is required here
1057 #endif
1058 #endif
1059
1060 // Make FPU optional
1061 if (FPUType == 0) {
1062 bp = ROMBaseHost + UniversalInfo + 22; // defaultRSRCs
1063 *bp = 4; // FPU optional
1064 }
1065
1066 // Install special reset opcode and jump (skip hardware detection and tests)
1067 wp = (uint16 *)(ROMBaseHost + 0x8c);
1068 *wp++ = htons(M68K_EMUL_OP_RESET);
1069 *wp++ = htons(M68K_JMP);
1070 *wp++ = htons((ROMBaseMac + 0xba) >> 16);
1071 *wp = htons((ROMBaseMac + 0xba) & 0xffff);
1072
1073 // Don't GetHardwareInfo
1074 wp = (uint16 *)(ROMBaseHost + 0xc2);
1075 *wp++ = htons(M68K_NOP);
1076 *wp = htons(M68K_NOP);
1077
1078 // Don't init VIAs
1079 wp = (uint16 *)(ROMBaseHost + 0xc6);
1080 *wp++ = htons(M68K_NOP);
1081 *wp++ = htons(M68K_NOP);
1082 *wp++ = htons(M68K_NOP);
1083 *wp++ = htons(M68K_NOP);
1084 *wp++ = htons(M68K_NOP);
1085 *wp++ = htons(M68K_NOP);
1086 *wp++ = htons(M68K_NOP);
1087 *wp++ = htons(M68K_NOP);
1088 *wp++ = htons(M68K_NOP);
1089 *wp++ = htons(M68K_NOP);
1090 *wp++ = htons(M68K_NOP);
1091 *wp++ = htons(M68K_NOP);
1092 *wp++ = htons(M68K_NOP);
1093 *wp++ = htons(M68K_NOP);
1094 *wp = htons(M68K_NOP);
1095
1096 // Fake CPU type test
1097 wp = (uint16 *)(ROMBaseHost + 0x7c0);
1098 *wp++ = htons(0x7e00 + CPUType);
1099 *wp = htons(M68K_RTS);
1100
1101 // Don't clear end of BootGlobs upto end of RAM (address xxxx0000)
1102 static const uint8 clear_globs_dat[] = {0x42, 0x9a, 0x36, 0x0a, 0x66, 0xfa};
1103 base = find_rom_data(0xa00, 0xb00, clear_globs_dat, sizeof(clear_globs_dat));
1104 D(bug("clear_globs %08lx\n", base));
1105 if (base) { // ROM15/20/22/23/26/27/32
1106 wp = (uint16 *)(ROMBaseHost + base + 2);
1107 *wp++ = htons(M68K_NOP);
1108 *wp = htons(M68K_NOP);
1109 }
1110
1111 // Patch InitMMU (no MMU present, don't choke on unknown CPU types)
1112 if (ROMSize <= 0x80000) {
1113 static const uint8 init_mmu_dat[] = {0x0c, 0x47, 0x00, 0x03, 0x62, 0x00, 0xfe};
1114 if ((base = find_rom_data(0x4000, 0x50000, init_mmu_dat, sizeof(init_mmu_dat))) == 0) return false;
1115 } else {
1116 static const uint8 init_mmu_dat[] = {0x0c, 0x47, 0x00, 0x04, 0x62, 0x00, 0xfd};
1117 if ((base = find_rom_data(0x80000, 0x90000, init_mmu_dat, sizeof(init_mmu_dat))) == 0) return false;
1118 }
1119 D(bug("init_mmu %08lx\n", base));
1120 wp = (uint16 *)(ROMBaseHost + base);
1121 *wp++ = htons(M68K_NOP);
1122 *wp++ = htons(M68K_NOP);
1123 *wp++ = htons(M68K_NOP);
1124 *wp++ = htons(M68K_NOP);
1125 wp++;
1126 *wp++ = htons(0x7000); // moveq #0,d0
1127 *wp = htons(M68K_NOP);
1128
1129 // Patch InitMMU (no RBV present)
1130 static const uint8 init_mmu2_dat[] = {0x08, 0x06, 0x00, 0x0d, 0x67};
1131 if (ROMSize <= 0x80000) {
1132 base = find_rom_data(0x4000, 0x50000, init_mmu2_dat, sizeof(init_mmu2_dat));
1133 } else {
1134 base = find_rom_data(0x80000, 0x90000, init_mmu2_dat, sizeof(init_mmu2_dat));
1135 }
1136 D(bug("init_mmu2 %08lx\n", base));
1137 if (base) { // ROM11/10/13/26
1138 bp = (uint8 *)(ROMBaseHost + base + 4);
1139 *bp = 0x60; // bra
1140 }
1141
1142 // Patch InitMMU (don't init MMU)
1143 static const uint8 init_mmu3_dat[] = {0x0c, 0x2e, 0x00, 0x01, 0xff, 0xe6, 0x66, 0x0c, 0x4c, 0xed, 0x03, 0x87, 0xff, 0xe8};
1144 if (ROMSize <= 0x80000) {
1145 if ((base = find_rom_data(0x4000, 0x50000, init_mmu3_dat, sizeof(init_mmu3_dat))) == 0) return false;
1146 } else {
1147 if ((base = find_rom_data(0x80000, 0x90000, init_mmu3_dat, sizeof(init_mmu3_dat))) == 0) return false;
1148 }
1149 D(bug("init_mmu3 %08lx\n", base));
1150 wp = (uint16 *)(ROMBaseHost + base + 6);
1151 *wp = htons(M68K_NOP);
1152
1153 // Replace XPRAM routines
1154 static const uint8 read_xpram_dat[] = {0x26, 0x4e, 0x41, 0xf9, 0x50, 0xf0, 0x00, 0x00, 0x08, 0x90, 0x00, 0x02};
1155 base = find_rom_data(0x40000, 0x50000, read_xpram_dat, sizeof(read_xpram_dat));
1156 D(bug("read_xpram %08lx\n", base));
1157 if (base) { // ROM10
1158 wp = (uint16 *)(ROMBaseHost + base);
1159 *wp++ = htons(M68K_EMUL_OP_READ_XPRAM);
1160 *wp = htons(0x4ed6); // jmp (a6)
1161 }
1162 static const uint8 read_xpram2_dat[] = {0x26, 0x4e, 0x08, 0x92, 0x00, 0x02, 0xea, 0x59, 0x02, 0x01, 0x00, 0x07, 0x00, 0x01, 0x00, 0xb8};
1163 base = find_rom_data(0x40000, 0x50000, read_xpram2_dat, sizeof(read_xpram2_dat));
1164 D(bug("read_xpram2 %08lx\n", base));
1165 if (base) { // ROM11
1166 wp = (uint16 *)(ROMBaseHost + base);
1167 *wp++ = htons(M68K_EMUL_OP_READ_XPRAM);
1168 *wp = htons(0x4ed6); // jmp (a6)
1169 }
1170 if (ROMSize > 0x80000) {
1171 static const uint8 read_xpram3_dat[] = {0x48, 0xe7, 0xe0, 0x60, 0x02, 0x01, 0x00, 0x70, 0x0c, 0x01, 0x00, 0x20};
1172 base = find_rom_data(0x80000, 0x90000, read_xpram3_dat, sizeof(read_xpram3_dat));
1173 D(bug("read_xpram3 %08lx\n", base));
1174 if (base) { // ROM15
1175 wp = (uint16 *)(ROMBaseHost + base);
1176 *wp++ = htons(M68K_EMUL_OP_READ_XPRAM2);
1177 *wp = htons(M68K_RTS);
1178 }
1179 }
1180
1181 // Patch ClkNoMem
1182 base = find_rom_trap(0xa053);
1183 wp = (uint16 *)(ROMBaseHost + base);
1184 if (ntohs(*wp) == 0x4ed5) { // ROM23/26/27/32
1185 static const uint8 clk_no_mem_dat[] = {0x40, 0xc2, 0x00, 0x7c, 0x07, 0x00, 0x48, 0x42};
1186 if ((base = find_rom_data(0xb0000, 0xb8000, clk_no_mem_dat, sizeof(clk_no_mem_dat))) == 0) return false;
1187 }
1188 D(bug("clk_no_mem %08lx\n", base));
1189 wp = (uint16 *)(ROMBaseHost + base);
1190 *wp++ = htons(M68K_EMUL_OP_CLKNOMEM);
1191 *wp = htons(0x4ed5); // jmp (a5)
1192
1193 // Patch BootGlobs
1194 wp = (uint16 *)(ROMBaseHost + 0x10e);
1195 *wp++ = htons(M68K_EMUL_OP_PATCH_BOOT_GLOBS);
1196 *wp = htons(M68K_NOP);
1197
1198 // Don't init SCC
1199 static const uint8 init_scc_dat[] = {0x08, 0x38, 0x00, 0x01, 0x0d, 0xd1, 0x67, 0x04};
1200 if ((base = find_rom_data(0xa00, 0xa80, init_scc_dat, sizeof(init_scc_dat))) == 0) return false;
1201 D(bug("init_scc %08lx\n", base));
1202 wp = (uint16 *)(ROMBaseHost + base);
1203 *wp = htons(M68K_RTS);
1204
1205 // Don't access 0x50f1a101
1206 wp = (uint16 *)(ROMBaseHost + 0x4232);
1207 if (ntohs(wp[1]) == 0x50f1 && ntohs(wp[2]) == 0xa101) { // ROM32
1208 *wp++ = htons(M68K_NOP);
1209 *wp++ = htons(M68K_NOP);
1210 *wp++ = htons(M68K_NOP);
1211 *wp++ = htons(M68K_NOP);
1212 *wp = htons(M68K_NOP);
1213 }
1214
1215 // Don't init IWM
1216 wp = (uint16 *)(ROMBaseHost + 0x9c0);
1217 *wp = htons(M68K_RTS);
1218
1219 // Don't init SCSI
1220 wp = (uint16 *)(ROMBaseHost + 0x9a0);
1221 *wp = htons(M68K_RTS);
1222
1223 // Don't init ASC
1224 static const uint8 init_asc_dat[] = {0x26, 0x68, 0x00, 0x30, 0x12, 0x00, 0xeb, 0x01};
1225 base = find_rom_data(0x4000, 0x5000, init_asc_dat, sizeof(init_asc_dat));
1226 D(bug("init_asc %08lx\n", base));
1227 if (base) { // ROM15/22/23/26/27/32
1228 wp = (uint16 *)(ROMBaseHost + base);
1229 *wp = htons(0x4ed6); // jmp (a6)
1230 }
1231
1232 // Don't EnableExtCache
1233 wp = (uint16 *)(ROMBaseHost + 0x190);
1234 *wp++ = htons(M68K_NOP);
1235 *wp = htons(M68K_NOP);
1236
1237 // Don't DisableIntSources
1238 wp = (uint16 *)(ROMBaseHost + 0x9f4c);
1239 *wp = htons(M68K_RTS);
1240
1241 // Fake CPU speed test (SetupTimeK)
1242 // *** increased jl : MacsBug uses TimeDBRA for kbd repeat timing
1243 wp = (uint16 *)(ROMBaseHost + 0x800);
1244 *wp++ = htons(0x31fc); // move.w #xxx,TimeDBRA
1245 *wp++ = htons(10000);
1246 *wp++ = htons(0x0d00);
1247 *wp++ = htons(0x31fc); // move.w #xxx,TimeSCCDBRA
1248 *wp++ = htons(10000);
1249 *wp++ = htons(0x0d02);
1250 *wp++ = htons(0x31fc); // move.w #xxx,TimeSCSIDBRA
1251 *wp++ = htons(10000);
1252 *wp++ = htons(0x0b24);
1253 *wp++ = htons(0x31fc); // move.w #xxx,TimeRAMDBRA
1254 *wp++ = htons(10000);
1255 *wp++ = htons(0x0cea);
1256 *wp = htons(M68K_RTS);
1257
1258 #if REAL_ADDRESSING
1259 // Move system zone to start of Mac RAM
1260 wp = (uint16 *)(ROMBaseHost + 0x50a);
1261 *wp++ = htons(HiWord(RAMBaseMac + 0x2000));
1262 *wp++ = htons(LoWord(RAMBaseMac + 0x2000));
1263 *wp++ = htons(HiWord(RAMBaseMac + 0x3800));
1264 *wp = htons(LoWord(RAMBaseMac + 0x3800));
1265 #endif
1266
1267 #if !ROM_IS_WRITE_PROTECTED
1268 #if defined(USE_SCRATCHMEM_SUBTERFUGE)
1269 // Set fake handle at 0x0000 to scratch memory area (so broken Mac programs won't write into Mac ROM)
1270 extern uint8 *ScratchMem;
1271 const uint32 ScratchMemBase = Host2MacAddr(ScratchMem);
1272 wp = (uint16 *)(ROMBaseHost + 0xccaa);
1273 *wp++ = htons(0x203c); // move.l #ScratchMem,d0
1274 *wp++ = htons(ScratchMemBase >> 16);
1275 *wp = htons(ScratchMemBase);
1276 #else
1277 #error System specific handling for writable ROM is required here
1278 #endif
1279 #endif
1280
1281 #if REAL_ADDRESSING && defined(AMIGA)
1282 // Don't overwrite SysBase under AmigaOS
1283 wp = (uint16 *)(ROMBaseHost + 0xccb4);
1284 *wp++ = htons(M68K_NOP);
1285 *wp = htons(M68K_NOP);
1286 #endif
1287
1288 #if REAL_ADDRESSING && !defined(AMIGA)
1289 // gb-- Temporary hack to get rid of crashes in Speedometer
1290 wp = (uint16 *)(ROMBaseHost + 0xdba2);
1291 if (ntohs(*wp) == 0x662c) // bne.b #$2c
1292 *wp = htons(0x602c); // bra.b #$2c
1293 #endif
1294
1295 // Don't write to VIA in InitTimeMgr
1296 wp = (uint16 *)(ROMBaseHost + 0xb0e2);
1297 *wp++ = htons(0x4cdf); // movem.l (sp)+,d0-d5/a0-a4
1298 *wp++ = htons(0x1f3f);
1299 *wp = htons(M68K_RTS);
1300
1301 // Don't read ModelID from 0x5ffffffc
1302 static const uint8 model_id_dat[] = {0x20, 0x7c, 0x5f, 0xff, 0xff, 0xfc, 0x72, 0x07, 0xc2, 0x90};
1303 base = find_rom_data(0x40000, 0x50000, model_id_dat, sizeof(model_id_dat));
1304 D(bug("model_id %08lx\n", base));
1305 if (base) { // ROM20
1306 wp = (uint16 *)(ROMBaseHost + base + 8);
1307 *wp++ = htons(M68K_NOP);
1308 *wp++ = htons(M68K_NOP);
1309 *wp++ = htons(M68K_NOP);
1310 *wp = htons(M68K_NOP);
1311 }
1312
1313 // Don't read ModelID from 0x5ffffffc
1314 static const uint8 model_id2_dat[] = {0x45, 0xf9, 0x5f, 0xff, 0xff, 0xfc, 0x20, 0x12};
1315 base = find_rom_data(0x4000, 0x5000, model_id2_dat, sizeof(model_id2_dat));
1316 D(bug("model_id2 %08lx\n", base));
1317 if (base) { // ROM27/32
1318 wp = (uint16 *)(ROMBaseHost + base + 6);
1319 *wp++ = htons(0x7000); // moveq #0,d0
1320 *wp++ = htons(0xb040); // cmp.w d0,d0
1321 *wp = htons(0x4ed6); // jmp (a6)
1322 }
1323
1324 // Install slot ROM
1325 if (!InstallSlotROM())
1326 return false;
1327
1328 // Don't probe NuBus slots
1329 static const uint8 nubus_dat[] = {0x45, 0xfa, 0x00, 0x0a, 0x42, 0xa7, 0x10, 0x11};
1330 base = find_rom_data(0x5000, 0x6000, nubus_dat, sizeof(nubus_dat));
1331 D(bug("nubus %08lx\n", base));
1332 if (base) { // ROM10/11
1333 wp = (uint16 *)(ROMBaseHost + base + 6);
1334 *wp++ = htons(M68K_NOP);
1335 *wp++ = htons(M68K_NOP);
1336 *wp = htons(M68K_NOP);
1337 }
1338
1339 // Don't EnableOneSecInts
1340 static const uint8 lea_dat[] = {0x41, 0xf9};
1341 if ((base = find_rom_data(0x226, 0x22a, lea_dat, sizeof(lea_dat))) == 0) return false;
1342 D(bug("enable_one_sec_ints %08lx\n", base));
1343 wp = (uint16 *)(ROMBaseHost + base);
1344 *wp++ = htons(M68K_NOP);
1345 *wp++ = htons(M68K_NOP);
1346 *wp++ = htons(M68K_NOP);
1347 *wp++ = htons(M68K_NOP);
1348 *wp = htons(M68K_NOP);
1349
1350 // Don't EnableParityPatch/Enable60HzInts
1351 if ((base = find_rom_data(0x230, 0x234, lea_dat, sizeof(lea_dat))) == 0) {
1352 wp = (uint16 *)(ROMBaseHost + 0x230);
1353 if (ntohs(*wp) == 0x6100) // ROM11
1354 base = 0x230;
1355 else
1356 return false;
1357 }
1358 D(bug("enable_60hz_ints %08lx\n", base));
1359 wp = (uint16 *)(ROMBaseHost + base);
1360 *wp++ = htons(M68K_NOP);
1361 *wp++ = htons(M68K_NOP);
1362 *wp++ = htons(M68K_NOP);
1363 *wp++ = htons(M68K_NOP);
1364 *wp = htons(M68K_NOP);
1365
1366 // Compute boot stack pointer and fix logical/physical RAM size (CompBootStack) (must be done after InitMemMgr!)
1367 wp = (uint16 *)(ROMBaseHost + 0x490);
1368 *wp++ = htons(0x2038); // move.l $10c,d0
1369 *wp++ = htons(0x010c);
1370 *wp++ = htons(0xd0b8); // add.l $2a6,d0
1371 *wp++ = htons(0x02a6);
1372 *wp++ = htons(0xe288); // lsr.l #1,d0
1373 *wp++ = htons(0x0880); // bclr #0,d0
1374 *wp++ = htons(0x0000);
1375 *wp++ = htons(0x0440); // subi.w #$400,d0
1376 *wp++ = htons(0x0400);
1377 *wp++ = htons(0x2040); // move.l d0,a0
1378 *wp++ = htons(M68K_EMUL_OP_FIX_MEMSIZE);
1379 *wp++ = htons(M68K_RTS);
1380
1381 static const uint8 fix_memsize2_dat[] = {0x22, 0x30, 0x81, 0xe2, 0x0d, 0xdc, 0xff, 0xba, 0xd2, 0xb0, 0x81, 0xe2, 0x0d, 0xdc, 0xff, 0xec, 0x21, 0xc1, 0x1e, 0xf8};
1382 base = find_rom_data(0x4c000, 0x4c080, fix_memsize2_dat, sizeof(fix_memsize2_dat));
1383 D(bug("fix_memsize2 %08lx\n", base));
1384 if (base) { // ROM15/22/23/26/27/32
1385 wp = (uint16 *)(ROMBaseHost + base + 16);
1386 *wp++ = htons(M68K_NOP);
1387 *wp = htons(M68K_NOP);
1388 }
1389
1390 // Don't open .Sound driver but install our own drivers
1391 wp = (uint16 *)(ROMBaseHost + 0x1142);
1392 *wp = htons(M68K_EMUL_OP_INSTALL_DRIVERS);
1393
1394 // Don't access SonyVars
1395 wp = (uint16 *)(ROMBaseHost + 0x1144);
1396 *wp++ = htons(M68K_NOP);
1397 *wp++ = htons(M68K_NOP);
1398 *wp++ = htons(M68K_NOP);
1399 *wp++ = htons(M68K_NOP);
1400 wp += 2;
1401 *wp = htons(M68K_NOP);
1402
1403 // Don't write to VIA in InitADB
1404 wp = (uint16 *)(ROMBaseHost + 0xa8a8);
1405 if (*wp == 0) { // ROM22/23/26/27/32
1406 wp = (uint16 *)(ROMBaseHost + 0xb2c6a);
1407 *wp++ = htons(M68K_NOP);
1408 *wp++ = htons(M68K_NOP);
1409 *wp = htons(M68K_NOP);
1410 wp = (uint16 *)(ROMBaseHost + 0xb2d2e);
1411 *wp++ = htons(M68K_NOP);
1412 *wp++ = htons(M68K_NOP);
1413 *wp++ = htons(M68K_NOP);
1414 *wp++ = htons(M68K_NOP);
1415 *wp++ = htons(M68K_NOP);
1416 *wp++ = htons(M68K_NOP);
1417 *wp++ = htons(M68K_NOP);
1418 *wp++ = htons(M68K_NOP);
1419 *wp++ = htons(M68K_NOP);
1420 *wp++ = htons(M68K_NOP);
1421 *wp++ = htons(M68K_NOP);
1422 *wp++ = htons(M68K_NOP);
1423 wp += 2;
1424 *wp++ = htons(M68K_NOP);
1425 *wp = htons(M68K_NOP);
1426 } else {
1427 *wp++ = htons(M68K_NOP);
1428 *wp++ = htons(M68K_NOP);
1429 *wp = htons(M68K_NOP);
1430 wp = (uint16 *)(ROMBaseHost + 0xa662);
1431 *wp++ = htons(M68K_NOP);
1432 *wp++ = htons(M68K_NOP);
1433 *wp++ = htons(M68K_NOP);
1434 *wp++ = htons(M68K_NOP);
1435 *wp++ = htons(M68K_NOP);
1436 wp += 2;
1437 *wp++ = htons(M68K_NOP);
1438 *wp = htons(M68K_NOP);
1439 }
1440
1441 // Don't EnableSlotInts
1442 if ((base = find_rom_data(0x2ee, 0x2f2, lea_dat, sizeof(lea_dat))) == 0) return false;
1443 D(bug("enable_slot_ints %08lx\n", base));
1444 wp = (uint16 *)(ROMBaseHost + base);
1445 *wp++ = htons(M68K_NOP);
1446 *wp++ = htons(M68K_NOP);
1447 *wp++ = htons(M68K_NOP);
1448 *wp++ = htons(M68K_NOP);
1449 *wp = htons(M68K_NOP);
1450
1451 // Don't mangle frame buffer base (GetDevBase)
1452 wp = (uint16 *)(ROMBaseHost + 0x5b78);
1453 *wp++ = htons(M68K_NOP);
1454 *wp++ = htons(M68K_NOP);
1455 *wp++ = htons(0x2401); // move.l d1,d2
1456 *wp = htons(0x605e); // bra 0x40805bde
1457
1458 // Really don't mangle frame buffer base
1459 if (ROMSize > 0x80000) {
1460 static const uint8 frame_base_dat[] = {0x22, 0x78, 0x0d, 0xd8, 0xd3, 0xe9, 0x00, 0x08};
1461 base = find_rom_data(0x8c000, 0x8d000, frame_base_dat, sizeof(frame_base_dat));
1462 D(bug("frame_base %08lx\n", base));
1463 if (base) { // ROM22/23/26/27/32
1464 wp = (uint16 *)(ROMBaseHost + base);
1465 *wp++ = htons(0x2401); // move.l d1,d2
1466 *wp = htons(M68K_RTS);
1467 }
1468 }
1469
1470 // Don't write to VIA2
1471 static const uint8 via2_dat[] = {0x20, 0x78, 0x0c, 0xec, 0x11, 0x7c, 0x00, 0x90};
1472 if ((base = find_rom_data(0xa000, 0xa400, via2_dat, sizeof(via2_dat))) == 0) return false;
1473 D(bug("via2 %08lx\n", base));
1474 wp = (uint16 *)(ROMBaseHost + base + 4);
1475 *wp = htons(M68K_RTS);
1476
1477 // Don't write to VIA2, even on ROM20
1478 static const uint8 via2b_dat[] = {0x20, 0x78, 0x0c, 0xec, 0x11, 0x7c, 0x00, 0x90, 0x00, 0x13, 0x4e, 0x75};
1479 base = find_rom_data(0x40000, 0x44000, via2b_dat, sizeof(via2b_dat));
1480 D(bug("via2b %08lx\n", base));
1481 if (base) { // ROM19/20
1482 wp = (uint16 *)(ROMBaseHost + base + 4);
1483 *wp = htons(M68K_RTS);
1484 }
1485
1486 // Don't use PTEST instruction on 68040/060
1487 if (ROMSize > 0x80000) {
1488
1489 // BlockMove()
1490 static const uint8 bmove_dat[] = {0x20, 0x5f, 0x22, 0x5f, 0x0c, 0x38, 0x00, 0x04, 0x01, 0x2f};
1491 base = find_rom_data(0x87000, 0x87800, bmove_dat, sizeof(bmove_dat));
1492 D(bug("block_move %08lx\n", base));
1493 if (base) { // ROM15/22/23/26/27/32
1494 wp = (uint16 *)(ROMBaseHost + base + 4);
1495 *wp++ = htons(M68K_EMUL_OP_BLOCK_MOVE);
1496 *wp++ = htons(0x7000);
1497 *wp = htons(M68K_RTS);
1498 }
1499
1500 // SANE
1501 static const uint8 ptest2_dat[] = {0x0c, 0x38, 0x00, 0x04, 0x01, 0x2f, 0x6d, 0x54, 0x48, 0xe7, 0xf8, 0x60};
1502 base = find_rom_data(0, ROMSize, ptest2_dat, sizeof(ptest2_dat));
1503 D(bug("ptest2 %08lx\n", base));
1504 if (base) { // ROM15/20/22/23/26/27/32
1505 wp = (uint16 *)(ROMBaseHost + base + 8);
1506 *wp++ = htons(M68K_NOP);
1507 *wp++ = htons(0xf4f8); // cpusha dc/ic
1508 *wp++ = htons(M68K_NOP);
1509 *wp++ = htons(0x7000); // moveq #0,d0
1510 *wp = htons(M68K_RTS);
1511 }
1512 }
1513
1514 // Don't set MemoryDispatch() to unimplemented trap
1515 static const uint8 memdisp_dat[] = {0x30, 0x3c, 0xa8, 0x9f, 0xa7, 0x46, 0x30, 0x3c, 0xa0, 0x5c, 0xa2, 0x47};
1516 base = find_rom_data(0x4f100, 0x4f180, memdisp_dat, sizeof(memdisp_dat));
1517 D(bug("memdisp %08lx\n", base));
1518 if (base) { // ROM15/22/23/26/27/32
1519 wp = (uint16 *)(ROMBaseHost + base + 10);
1520 *wp = htons(M68K_NOP);
1521 }
1522
1523 // Patch .EDisk driver (don't scan for EDisks in the area ROMBase..0xe00000)
1524 uint32 edisk_offset = find_rom_resource(FOURCC('D','R','V','R'), 51);
1525 if (edisk_offset) {
1526 static const uint8 edisk_dat[] = {0xd5, 0xfc, 0x00, 0x01, 0x00, 0x00, 0xb5, 0xfc, 0x00, 0xe0, 0x00, 0x00};
1527 base = find_rom_data(edisk_offset, edisk_offset + 0x10000, edisk_dat, sizeof(edisk_dat));
1528 D(bug("edisk %08lx\n", base));
1529 if (base) {
1530 wp = (uint16 *)(ROMBaseHost + base + 8);
1531 *wp++ = 0;
1532 *wp = 0;
1533 }
1534 }
1535
1536 // Replace .Sony driver
1537 sony_offset = find_rom_resource(FOURCC('D','R','V','R'), 4);
1538 D(bug("sony %08lx\n", sony_offset));
1539 memcpy(ROMBaseHost + sony_offset, sony_driver, sizeof(sony_driver));
1540
1541 // Install .Disk and .AppleCD drivers
1542 memcpy(ROMBaseHost + sony_offset + 0x100, disk_driver, sizeof(disk_driver));
1543 memcpy(ROMBaseHost + sony_offset + 0x200, cdrom_driver, sizeof(cdrom_driver));
1544
1545 // Copy icons to ROM
1546 SonyDiskIconAddr = ROMBaseMac + sony_offset + 0x400;
1547 memcpy(ROMBaseHost + sony_offset + 0x400, SonyDiskIcon, sizeof(SonyDiskIcon));
1548 SonyDriveIconAddr = ROMBaseMac + sony_offset + 0x600;
1549 memcpy(ROMBaseHost + sony_offset + 0x600, SonyDriveIcon, sizeof(SonyDriveIcon));
1550 DiskIconAddr = ROMBaseMac + sony_offset + 0x800;
1551 memcpy(ROMBaseHost + sony_offset + 0x800, DiskIcon, sizeof(DiskIcon));
1552 CDROMIconAddr = ROMBaseMac + sony_offset + 0xa00;
1553 memcpy(ROMBaseHost + sony_offset + 0xa00, CDROMIcon, sizeof(CDROMIcon));
1554
1555 // Install SERD patch and serial drivers
1556 serd_offset = find_rom_resource(FOURCC('S','E','R','D'), 0);
1557 D(bug("serd %08lx\n", serd_offset));
1558 wp = (uint16 *)(ROMBaseHost + serd_offset + 12);
1559 *wp++ = htons(M68K_EMUL_OP_SERD);
1560 *wp = htons(M68K_RTS);
1561 memcpy(ROMBaseHost + serd_offset + 0x100, ain_driver, sizeof(ain_driver));
1562 memcpy(ROMBaseHost + serd_offset + 0x200, aout_driver, sizeof(aout_driver));
1563 memcpy(ROMBaseHost + serd_offset + 0x300, bin_driver, sizeof(bin_driver));
1564 memcpy(ROMBaseHost + serd_offset + 0x400, bout_driver, sizeof(bout_driver));
1565
1566 // Replace ADBOp()
1567 memcpy(ROMBaseHost + find_rom_trap(0xa07c), adbop_patch, sizeof(adbop_patch));
1568
1569 // Replace Time Manager (the Microseconds patch is activated in InstallDrivers())
1570 wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa058));
1571 *wp++ = htons(M68K_EMUL_OP_INSTIME);
1572 *wp = htons(M68K_RTS);
1573 wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa059));
1574 *wp++ = htons(0x40e7); // move sr,-(sp)
1575 *wp++ = htons(0x007c); // ori #$0700,sr
1576 *wp++ = htons(0x0700);
1577 *wp++ = htons(M68K_EMUL_OP_RMVTIME);
1578 *wp++ = htons(0x46df); // move (sp)+,sr
1579 *wp = htons(M68K_RTS);
1580 wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa05a));
1581 *wp++ = htons(0x40e7); // move sr,-(sp)
1582 *wp++ = htons(0x007c); // ori #$0700,sr
1583 *wp++ = htons(0x0700);
1584 *wp++ = htons(M68K_EMUL_OP_PRIMETIME);
1585 *wp++ = htons(0x46df); // move (sp)+,sr
1586 *wp++ = htons(M68K_RTS);
1587 microseconds_offset = (uint8 *)wp - ROMBaseHost;
1588 *wp++ = htons(M68K_EMUL_OP_MICROSECONDS);
1589 *wp++ = htons(M68K_RTS);
1590
1591 // Replace DebugUtil
1592 debugutil_offset = (uint8 *)wp - ROMBaseHost;
1593 *wp++ = htons(M68K_EMUL_OP_DEBUGUTIL);
1594 *wp = htons(M68K_RTS);
1595
1596 // Replace SCSIDispatch()
1597 wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa815));
1598 *wp++ = htons(M68K_EMUL_OP_SCSI_DISPATCH);
1599 *wp++ = htons(0x2e49); // move.l a1,a7
1600 *wp = htons(M68K_JMP_A0);
1601
1602 // Modify vCheckLoad() so we can patch resources
1603 wp = (uint16 *)(ROMBaseHost + 0x1b8f4);
1604 *wp++ = htons(M68K_JMP);
1605 *wp++ = htons((ROMBaseMac + sony_offset + 0x300) >> 16);
1606 *wp = htons((ROMBaseMac + sony_offset + 0x300) & 0xffff);
1607 wp = (uint16 *)(ROMBaseHost + sony_offset + 0x300);
1608 *wp++ = htons(0x2f03); // move.l d3,-(sp) (save type)
1609 *wp++ = htons(0x2078); // move.l $07f0,a0
1610 *wp++ = htons(0x07f0);
1611 *wp++ = htons(M68K_JSR_A0);
1612 *wp++ = htons(0x221f); // move.l (sp)+,d1 (restore type)
1613 *wp++ = htons(M68K_EMUL_OP_CHECKLOAD);
1614 *wp = htons(M68K_RTS);
1615
1616 // Patch PowerOff()
1617 wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa05b)); // PowerOff()
1618 *wp = htons(M68K_EMUL_OP_SHUTDOWN);
1619
1620 // Install PutScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
1621 PutScrapPatch = ROMBaseMac + sony_offset + 0xc00;
1622 base = ROMBaseMac + find_rom_trap(0xa9fe);
1623 wp = (uint16 *)(ROMBaseHost + sony_offset + 0xc00);
1624 *wp++ = htons(M68K_EMUL_OP_PUT_SCRAP);
1625 *wp++ = htons(M68K_JMP);
1626 *wp++ = htons(base >> 16);
1627 *wp = htons(base & 0xffff);
1628
1629 // Install GetScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
1630 GetScrapPatch = ROMBaseMac + sony_offset + 0xd00;
1631 base = ROMBaseMac + find_rom_trap(0xa9fd);
1632 wp = (uint16 *)(ROMBaseHost + sony_offset + 0xd00);
1633 *wp++ = htons(M68K_EMUL_OP_GET_SCRAP);
1634 *wp++ = htons(M68K_JMP);
1635 *wp++ = htons(base >> 16);
1636 *wp = htons(base & 0xffff);
1637
1638 // Look for double PACK 4 resources
1639 if ((base = find_rom_resource(FOURCC('P','A','C','K'), 4)) == 0) return false;
1640 if ((base = find_rom_resource(FOURCC('P','A','C','K'), 4, true)) == 0 && FPUType == 0)
1641 printf("WARNING: This ROM seems to require an FPU\n");
1642
1643 // Patch VIA interrupt handler
1644 wp = (uint16 *)(ROMBaseHost + 0x9bc4); // Level 1 handler
1645 *wp++ = htons(0x7002); // moveq #2,d0 (always 60Hz interrupt)
1646 *wp++ = htons(M68K_NOP);
1647 *wp++ = htons(M68K_NOP);
1648 *wp++ = htons(M68K_NOP);
1649 *wp = htons(M68K_NOP);
1650
1651 wp = (uint16 *)(ROMBaseHost + 0xa296); // 60Hz handler (handles everything)
1652 *wp++ = htons(M68K_NOP);
1653 *wp++ = htons(M68K_NOP);
1654 *wp++ = htons(M68K_EMUL_OP_IRQ);
1655 *wp++ = htons(0x4a80); // tst.l d0
1656 *wp = htons(0x67f4); // beq 0x4080a294
1657 return true;
1658 }
1659
1660 bool PatchROM(void)
1661 {
1662 // Print some information about the ROM
1663 if (PrintROMInfo)
1664 print_rom_info();
1665
1666 // Patch ROM depending on version
1667 switch (ROMVersion) {
1668 case ROM_VERSION_CLASSIC:
1669 if (!patch_rom_classic())
1670 return false;
1671 break;
1672 case ROM_VERSION_32:
1673 if (!patch_rom_32())
1674 return false;
1675 break;
1676 default:
1677 return false;
1678 }
1679
1680 // Install breakpoint
1681 if (ROMBreakpoint) {
1682 uint16 *wp = (uint16 *)(ROMBaseHost + ROMBreakpoint);
1683 *wp = htons(M68K_EMUL_BREAK);
1684 }
1685
1686 // Clear caches as we loaded and patched code
1687 FlushCodeCache(ROMBaseHost, ROMSize);
1688 return true;
1689 }