ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/cebix/BasiliskII/src/rom_patches.cpp
Revision: 1.26
Committed: 2006-04-30T17:27:55Z (18 years, 6 months ago) by gbeauche
Branch: MAIN
CVS Tags: nigel-build-19
Changes since 1.25: +1 -1 lines
Log Message:
Fix PutScrap() patch with Mac Classic ROMs. Untested but it should work
again provided you build with --enable-addressing=banks

File Contents

# User Rev Content
1 cebix 1.1 /*
2     * rom_patches.cpp - ROM patches
3     *
4 gbeauche 1.25 * Basilisk II (C) 1997-2005 Christian Bauer
5 cebix 1.1 *
6     * This program is free software; you can redistribute it and/or modify
7     * it under the terms of the GNU General Public License as published by
8     * the Free Software Foundation; either version 2 of the License, or
9     * (at your option) any later version.
10     *
11     * This program is distributed in the hope that it will be useful,
12     * but WITHOUT ANY WARRANTY; without even the implied warranty of
13     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14     * GNU General Public License for more details.
15     *
16     * You should have received a copy of the GNU General Public License
17     * along with this program; if not, write to the Free Software
18     * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19     */
20    
21     #include <string.h>
22    
23     #include "sysdeps.h"
24     #include "cpu_emulation.h"
25     #include "main.h"
26     #include "emul_op.h"
27     #include "macos_util.h"
28     #include "slot_rom.h"
29     #include "sony.h"
30     #include "disk.h"
31     #include "cdrom.h"
32     #include "video.h"
33 cebix 1.5 #include "extfs.h"
34 cebix 1.1 #include "prefs.h"
35     #include "rom_patches.h"
36    
37 cebix 1.9 #define DEBUG 0
38 cebix 1.1 #include "debug.h"
39    
40    
41     // Global variables
42 cebix 1.11 uint32 UniversalInfo; // ROM offset of UniversalInfo
43 gbeauche 1.26 uint32 PutScrapPatch = 0; // Mac address of PutScrap() patch
44 gbeauche 1.24 uint32 GetScrapPatch = 0; // Mac address of GetScrap() patch
45 cebix 1.11 uint32 ROMBreakpoint = 0; // ROM offset of breakpoint (0 = disabled, 0x2310 = CritError)
46     bool PrintROMInfo = false; // Flag: print ROM information in PatchROM()
47 gbeauche 1.20 bool PatchHWBases = true; // Flag: patch hardware base addresses
48 cebix 1.1
49 jlachmann 1.16 static uint32 sony_offset; // ROM offset of .Sony driver
50     static uint32 serd_offset; // ROM offset of SERD resource (serial drivers)
51     static uint32 microseconds_offset; // ROM offset of Microseconds() replacement routine
52     static uint32 debugutil_offset; // ROM offset of DebugUtil() replacement routine
53 cebix 1.1
54     // Prototypes
55     uint16 ROMVersion;
56    
57     /*
58 gbeauche 1.20 * Macros used to extract one of the 16-bit words from a 32-bit word value
59 gbeauche 1.17 */
60    
61     #define HiWord(X) (((X) >> 16) & 0xffff)
62     #define LoWord(X) ((X) & 0xffff)
63    
64    
65     /*
66 cebix 1.1 * Search ROM for byte string, return ROM offset (or 0)
67     */
68    
69     static uint32 find_rom_data(uint32 start, uint32 end, const uint8 *data, uint32 data_len)
70     {
71     uint32 ofs = start;
72     while (ofs < end) {
73     if (!memcmp((void *)(ROMBaseHost + ofs), data, data_len))
74     return ofs;
75     ofs++;
76     }
77     return 0;
78     }
79    
80    
81     /*
82     * Search ROM resource by type/ID, return ROM offset of resource data
83     */
84    
85     static uint32 rsrc_ptr = 0;
86    
87     static uint32 find_rom_resource(uint32 s_type, int16 s_id, bool cont = false)
88     {
89     uint32 lp = ROMBaseMac + ReadMacInt32(ROMBaseMac + 0x1a);
90     uint32 x = ReadMacInt32(lp);
91    
92     if (!cont)
93     rsrc_ptr = x;
94 cebix 1.12 else
95     rsrc_ptr = ReadMacInt32(ROMBaseMac + rsrc_ptr + 8);
96 cebix 1.1
97     for (;;) {
98     lp = ROMBaseMac + rsrc_ptr;
99     uint32 data = ReadMacInt32(lp + 12);
100     uint32 type = ReadMacInt32(lp + 16);
101     int16 id = ReadMacInt16(lp + 20);
102    
103     if (type == s_type && id == s_id)
104     return data;
105    
106     rsrc_ptr = ReadMacInt32(lp + 8);
107     if (!rsrc_ptr)
108     break;
109     }
110     return 0;
111     }
112    
113    
114     /*
115     * Search offset of A-Trap routine in ROM
116     */
117    
118     static uint32 find_rom_trap(uint16 trap)
119     {
120     uint8 *bp = (uint8 *)(ROMBaseHost + ReadMacInt32(ROMBaseMac + 0x22));
121     uint16 rom_trap = 0xa800;
122     uint32 ofs = 0;
123    
124     again:
125     for (int i=0; i<0x400; i++) {
126     bool unimplemented = false;
127     uint8 b = *bp++;
128     if (b == 0x80) // Unimplemented trap
129     unimplemented = true;
130     else if (b == 0xff) { // Absolute address
131     ofs = (bp[0] << 24) | (bp[1] << 16) | (bp[2] << 8) | bp[3];
132     bp += 4;
133     } else if (b & 0x80) { // 1 byte offset
134     int16 add = (b & 0x7f) << 1;
135     if (!add)
136     return 0;
137     ofs += add;
138     } else { // 2 byte offset
139     int16 add = ((b << 8) | *bp++) << 1;
140     if (!add)
141     return 0;
142     ofs += add;
143     }
144     if (rom_trap == trap)
145     return unimplemented ? 0 : ofs;
146     rom_trap++;
147     }
148     rom_trap = 0xa000;
149     goto again;
150     }
151    
152    
153     /*
154 cebix 1.11 * Print ROM information to stream,
155     */
156    
157     static void list_rom_resources(void)
158     {
159     printf("ROM Resources:\n");
160     printf("Offset\t Type\tID\tSize\tName\n");
161     printf("------------------------------------------------\n");
162    
163     uint32 lp = ROMBaseMac + ReadMacInt32(ROMBaseMac + 0x1a);
164     uint32 rsrc_ptr = ReadMacInt32(lp);
165    
166     for (;;) {
167     lp = ROMBaseMac + rsrc_ptr;
168     uint32 data = ReadMacInt32(lp + 12);
169    
170     char name[32];
171     int name_len = ReadMacInt8(lp + 23), i;
172     for (i=0; i<name_len; i++)
173     name[i] = ReadMacInt8(lp + 24 + i);
174     name[i] = 0;
175    
176     printf("%08x %c%c%c%c\t%d\t%d\t%s\n", data, ReadMacInt8(lp + 16), ReadMacInt8(lp + 17), ReadMacInt8(lp + 18), ReadMacInt8(lp + 19), ReadMacInt16(lp + 20), ReadMacInt32(ROMBaseMac + data - 8), name);
177    
178     rsrc_ptr = ReadMacInt32(lp + 8);
179     if (!rsrc_ptr)
180     break;
181     }
182     printf("\n");
183     }
184    
185     // Mapping of Model IDs to Model names
186     struct mac_desc {
187     char *name;
188     int32 id;
189     };
190    
191     static mac_desc MacDesc[] = {
192     {"Classic" , 1},
193     {"Mac XL" , 2},
194     {"Mac 512KE" , 3},
195     {"Mac Plus" , 4},
196     {"Mac SE" , 5},
197     {"Mac II" , 6},
198     {"Mac IIx" , 7},
199     {"Mac IIcx" , 8},
200     {"Mac SE/030" , 9},
201     {"Mac Portable" , 10},
202     {"Mac IIci" , 11},
203     {"Mac IIfx" , 13},
204     {"Mac Classic" , 17},
205     {"Mac IIsi" , 18},
206     {"Mac LC" , 19},
207     {"Quadra 900" , 20},
208     {"PowerBook 170" , 21},
209     {"Quadra 700" , 22},
210     {"Classic II" , 23},
211     {"PowerBook 100" , 24},
212     {"PowerBook 140" , 25},
213     {"Quadra 950" , 26},
214     {"Mac LCIII/Performa 450", 27},
215     {"PowerBook Duo 210" , 29},
216     {"Centris 650" , 30},
217     {"PowerBook Duo 230" , 32},
218     {"PowerBook 180" , 33},
219     {"PowerBook 160" , 34},
220     {"Quadra 800" , 35},
221     {"Quadra 650" , 36},
222     {"Mac LCII" , 37},
223     {"PowerBook Duo 250" , 38},
224     {"Mac IIvi" , 44},
225     {"Mac IIvm/Performa 600", 45},
226     {"Mac IIvx" , 48},
227     {"Color Classic/Performa 250", 49},
228     {"PowerBook 165c" , 50},
229     {"Centris 610" , 52},
230     {"Quadra 610" , 53},
231     {"PowerBook 145" , 54},
232     {"Mac LC520" , 56},
233     {"Quadra/Centris 660AV" , 60},
234     {"Performa 46x" , 62},
235     {"PowerBook 180c" , 71},
236     {"PowerBook 520/520c/540/540c", 72},
237     {"PowerBook Duo 270c" , 77},
238     {"Quadra 840AV" , 78},
239     {"Performa 550" , 80},
240     {"PowerBook 165" , 84},
241     {"PowerBook 190" , 85},
242     {"Mac TV" , 88},
243     {"Mac LC475/Performa 47x", 89},
244     {"Mac LC575" , 92},
245     {"Quadra 605" , 94},
246     {"Quadra 630" , 98},
247     {"Mac LC580" , 99},
248     {"PowerBook Duo 280" , 102},
249     {"PowerBook Duo 280c" , 103},
250     {"PowerBook 150" , 115},
251     {"unknown", -1}
252     };
253    
254     static void print_universal_info(uint32 info)
255     {
256     uint8 id = ReadMacInt8(info + 18);
257     uint16 hwcfg = ReadMacInt16(info + 16);
258     uint16 rom85 = ReadMacInt16(info + 20);
259    
260     // Find model name
261     char *name = "unknown";
262     for (int i=0; MacDesc[i].id >= 0; i++)
263     if (MacDesc[i].id == id + 6) {
264     name = MacDesc[i].name;
265     break;
266     }
267    
268     printf("%08x %02x\t%04x\t%04x\t%s\n", info - ROMBaseMac, id, hwcfg, rom85, name);
269     }
270    
271     static void list_universal_infos(void)
272     {
273     uint32 ofs = 0x3000;
274     for (int i=0; i<0x2000; i+=2, ofs+=2)
275     if (ReadMacInt32(ROMBaseMac + ofs) == 0xdc000505) {
276     ofs -= 16;
277     uint32 q;
278     for (q=ofs; q > 0 && ReadMacInt32(ROMBaseMac + q) != ofs - q; q-=4) ;
279     if (q > 0) {
280     printf("Universal Table at %08x:\n", q);
281     printf("Offset\t ID\tHWCfg\tROM85\tModel\n");
282     printf("------------------------------------------------\n");
283 cebix 1.15 while ((ofs = ReadMacInt32(ROMBaseMac + q))) {
284 cebix 1.11 print_universal_info(ROMBaseMac + ofs + q);
285     q += 4;
286     }
287     }
288     break;
289     }
290     printf("\n");
291     }
292    
293     static void print_rom_info(void)
294     {
295     printf("\nROM Info:\n");
296     printf("Checksum : %08x\n", ReadMacInt32(ROMBaseMac));
297     printf("Version : %04x\n", ROMVersion);
298     printf("Sub Version : %04x\n", ReadMacInt16(ROMBaseMac + 18));
299     printf("Resource Map: %08x\n", ReadMacInt32(ROMBaseMac + 26));
300     printf("Trap Tables : %08x\n\n", ReadMacInt32(ROMBaseMac + 34));
301     if (ROMVersion == ROM_VERSION_32) {
302     list_rom_resources();
303     list_universal_infos();
304     }
305     }
306    
307    
308     /*
309 cebix 1.1 * Driver stubs
310     */
311    
312     static const uint8 sony_driver[] = { // Replacement for .Sony driver
313     // Driver header
314 cebix 1.4 SonyDriverFlags >> 8, SonyDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
315 cebix 1.1 0x00, 0x18, // Open() offset
316     0x00, 0x1c, // Prime() offset
317     0x00, 0x20, // Control() offset
318     0x00, 0x2c, // Status() offset
319     0x00, 0x52, // Close() offset
320     0x05, 0x2e, 0x53, 0x6f, 0x6e, 0x79, // ".Sony"
321    
322     // Open()
323     M68K_EMUL_OP_SONY_OPEN >> 8, M68K_EMUL_OP_SONY_OPEN & 0xff,
324     0x4e, 0x75, // rts
325    
326     // Prime()
327     M68K_EMUL_OP_SONY_PRIME >> 8, M68K_EMUL_OP_SONY_PRIME & 0xff,
328     0x60, 0x0e, // bra IOReturn
329    
330     // Control()
331     M68K_EMUL_OP_SONY_CONTROL >> 8, M68K_EMUL_OP_SONY_CONTROL & 0xff,
332     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
333     0x66, 0x04, // bne IOReturn
334     0x4e, 0x75, // rts
335    
336     // Status()
337     M68K_EMUL_OP_SONY_STATUS >> 8, M68K_EMUL_OP_SONY_STATUS & 0xff,
338    
339     // IOReturn
340     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
341     0x08, 0x01, 0x00, 0x09, // btst #9,d1
342     0x67, 0x0c, // beq 1
343     0x4a, 0x40, // tst.w d0
344     0x6f, 0x02, // ble 2
345     0x42, 0x40, // clr.w d0
346     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
347     0x4e, 0x75, // rts
348     0x4a, 0x40, //1 tst.w d0
349     0x6f, 0x04, // ble 3
350     0x42, 0x40, // clr.w d0
351     0x4e, 0x75, // rts
352     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
353     0x4e, 0x75, // rts
354    
355     // Close()
356     0x70, 0xe8, // moveq #-24,d0
357     0x4e, 0x75 // rts
358     };
359    
360     static const uint8 disk_driver[] = { // Generic disk driver
361     // Driver header
362 cebix 1.4 DiskDriverFlags >> 8, DiskDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
363 cebix 1.1 0x00, 0x18, // Open() offset
364     0x00, 0x1c, // Prime() offset
365     0x00, 0x20, // Control() offset
366     0x00, 0x2c, // Status() offset
367     0x00, 0x52, // Close() offset
368     0x05, 0x2e, 0x44, 0x69, 0x73, 0x6b, // ".Disk"
369    
370     // Open()
371     M68K_EMUL_OP_DISK_OPEN >> 8, M68K_EMUL_OP_DISK_OPEN & 0xff,
372     0x4e, 0x75, // rts
373    
374     // Prime()
375     M68K_EMUL_OP_DISK_PRIME >> 8, M68K_EMUL_OP_DISK_PRIME & 0xff,
376     0x60, 0x0e, // bra IOReturn
377    
378     // Control()
379     M68K_EMUL_OP_DISK_CONTROL >> 8, M68K_EMUL_OP_DISK_CONTROL & 0xff,
380     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
381     0x66, 0x04, // bne IOReturn
382     0x4e, 0x75, // rts
383    
384     // Status()
385     M68K_EMUL_OP_DISK_STATUS >> 8, M68K_EMUL_OP_DISK_STATUS & 0xff,
386    
387     // IOReturn
388     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
389     0x08, 0x01, 0x00, 0x09, // btst #9,d1
390     0x67, 0x0c, // beq 1
391     0x4a, 0x40, // tst.w d0
392     0x6f, 0x02, // ble 2
393     0x42, 0x40, // clr.w d0
394     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
395     0x4e, 0x75, // rts
396     0x4a, 0x40, //1 tst.w d0
397     0x6f, 0x04, // ble 3
398     0x42, 0x40, // clr.w d0
399     0x4e, 0x75, // rts
400     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
401     0x4e, 0x75, // rts
402    
403     // Close()
404     0x70, 0xe8, // moveq #-24,d0
405     0x4e, 0x75 // rts
406     };
407    
408     static const uint8 cdrom_driver[] = { // CD-ROM driver
409     // Driver header
410 cebix 1.4 CDROMDriverFlags >> 8, CDROMDriverFlags & 0xff, 0, 0, 0, 0, 0, 0,
411 cebix 1.1 0x00, 0x1c, // Open() offset
412     0x00, 0x20, // Prime() offset
413     0x00, 0x24, // Control() offset
414     0x00, 0x30, // Status() offset
415     0x00, 0x56, // Close() offset
416     0x08, 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x43, 0x44, 0x00, // ".AppleCD"
417    
418     // Open()
419     M68K_EMUL_OP_CDROM_OPEN >> 8, M68K_EMUL_OP_CDROM_OPEN & 0xff,
420     0x4e, 0x75, // rts
421    
422     // Prime()
423     M68K_EMUL_OP_CDROM_PRIME >> 8, M68K_EMUL_OP_CDROM_PRIME & 0xff,
424     0x60, 0x0e, // bra IOReturn
425    
426     // Control()
427     M68K_EMUL_OP_CDROM_CONTROL >> 8, M68K_EMUL_OP_CDROM_CONTROL & 0xff,
428     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
429     0x66, 0x04, // bne IOReturn
430     0x4e, 0x75, // rts
431    
432     // Status()
433     M68K_EMUL_OP_CDROM_STATUS >> 8, M68K_EMUL_OP_CDROM_STATUS & 0xff,
434    
435     // IOReturn
436     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
437     0x08, 0x01, 0x00, 0x09, // btst #9,d1
438     0x67, 0x0c, // beq 1
439     0x4a, 0x40, // tst.w d0
440     0x6f, 0x02, // ble 2
441     0x42, 0x40, // clr.w d0
442     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
443     0x4e, 0x75, // rts
444     0x4a, 0x40, //1 tst.w d0
445     0x6f, 0x04, // ble 3
446     0x42, 0x40, // clr.w d0
447     0x4e, 0x75, // rts
448     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(sp)
449     0x4e, 0x75, // rts
450    
451     // Close()
452     0x70, 0xe8, // moveq #-24,d0
453     0x4e, 0x75 // rts
454     };
455    
456     static const uint8 ain_driver[] = { // .AIn driver header
457     // Driver header
458     0x4d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
459     0x00, 0x18, // Open() offset
460     0x00, 0x1e, // Prime() offset
461     0x00, 0x24, // Control() offset
462     0x00, 0x32, // Status() offset
463     0x00, 0x38, // Close() offset
464     0x04, 0x2e, 0x41, 0x49, 0x6e, 0x09, // ".AIn",9
465    
466     // Open()
467     0x70, 0x00, // moveq #0,d0
468     M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
469     0x4e, 0x75, // rts
470    
471     // Prime()
472     0x70, 0x00, // moveq #0,d0
473     M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
474     0x60, 0x1a, // bra IOReturn
475    
476     // Control()
477     0x70, 0x00, // moveq #0,d0
478     M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
479     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
480     0x66, 0x0e, // bne IOReturn
481     0x4e, 0x75, // rts
482    
483     // Status()
484     0x70, 0x00, // moveq #0,d0
485     M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
486     0x60, 0x06, // bra IOReturn
487    
488     // Close()
489     0x70, 0x00, // moveq #0,d0
490     M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
491     0x4e, 0x75, // rts
492    
493     // IOReturn
494     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
495     0x08, 0x01, 0x00, 0x09, // btst #9,d1
496     0x67, 0x0c, // beq 1
497     0x4a, 0x40, // tst.w d0
498     0x6f, 0x02, // ble 2
499     0x42, 0x40, // clr.w d0
500     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
501     0x4e, 0x75, // rts
502     0x4a, 0x40, //1 tst.w d0
503     0x6f, 0x04, // ble 3
504     0x42, 0x40, // clr.w d0
505     0x4e, 0x75, // rts
506     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
507     0x4e, 0x75, // rts
508     };
509    
510     static const uint8 aout_driver[] = { // .AOut driver header
511     // Driver header
512     0x4e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
513     0x00, 0x1a, // Open() offset
514     0x00, 0x20, // Prime() offset
515     0x00, 0x26, // Control() offset
516     0x00, 0x34, // Status() offset
517     0x00, 0x3a, // Close() offset
518     0x05, 0x2e, 0x41, 0x4f, 0x75, 0x74, 0x09, 0x00, // ".AOut",9
519    
520     // Open()
521     0x70, 0x01, // moveq #1,d0
522     M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
523     0x4e, 0x75, // rts
524    
525     // Prime()
526     0x70, 0x01, // moveq #1,d0
527     M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
528     0x60, 0x1a, // bra IOReturn
529    
530     // Control()
531     0x70, 0x01, // moveq #1,d0
532     M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
533     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
534     0x66, 0x0e, // bne IOReturn
535     0x4e, 0x75, // rts
536    
537     // Status()
538     0x70, 0x01, // moveq #1,d0
539     M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
540     0x60, 0x06, // bra IOReturn
541    
542     // Close()
543     0x70, 0x01, // moveq #1,d0
544     M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
545     0x4e, 0x75, // rts
546    
547     // IOReturn
548     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
549     0x08, 0x01, 0x00, 0x09, // btst #9,d1
550     0x67, 0x0c, // beq 1
551     0x4a, 0x40, // tst.w d0
552     0x6f, 0x02, // ble 2
553     0x42, 0x40, // clr.w d0
554     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
555     0x4e, 0x75, // rts
556     0x4a, 0x40, //1 tst.w d0
557     0x6f, 0x04, // ble 3
558     0x42, 0x40, // clr.w d0
559     0x4e, 0x75, // rts
560     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
561     0x4e, 0x75, // rts
562     };
563    
564     static const uint8 bin_driver[] = { // .BIn driver header
565     // Driver header
566     0x4d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
567     0x00, 0x18, // Open() offset
568     0x00, 0x1e, // Prime() offset
569     0x00, 0x24, // Control() offset
570     0x00, 0x32, // Status() offset
571     0x00, 0x38, // Close() offset
572     0x04, 0x2e, 0x42, 0x49, 0x6e, 0x09, // ".BIn",9
573    
574     // Open()
575     0x70, 0x02, // moveq #2,d0
576     M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
577     0x4e, 0x75, // rts
578    
579     // Prime()
580     0x70, 0x02, // moveq #2,d0
581     M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
582     0x60, 0x1a, // bra IOReturn
583    
584     // Control()
585     0x70, 0x02, // moveq #2,d0
586     M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
587     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
588     0x66, 0x0e, // bne IOReturn
589     0x4e, 0x75, // rts
590    
591     // Status()
592     0x70, 0x02, // moveq #2,d0
593     M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
594     0x60, 0x06, // bra IOReturn
595    
596     // Close()
597     0x70, 0x02, // moveq #2,d0
598     M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
599     0x4e, 0x75, // rts
600    
601     // IOReturn
602     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
603     0x08, 0x01, 0x00, 0x09, // btst #9,d1
604     0x67, 0x0c, // beq 1
605     0x4a, 0x40, // tst.w d0
606     0x6f, 0x02, // ble 2
607     0x42, 0x40, // clr.w d0
608     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
609     0x4e, 0x75, // rts
610     0x4a, 0x40, //1 tst.w d0
611     0x6f, 0x04, // ble 3
612     0x42, 0x40, // clr.w d0
613     0x4e, 0x75, // rts
614     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
615     0x4e, 0x75, // rts
616     };
617    
618     static const uint8 bout_driver[] = { // .BOut driver header
619     // Driver header
620     0x4e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
621     0x00, 0x1a, // Open() offset
622     0x00, 0x20, // Prime() offset
623     0x00, 0x26, // Control() offset
624     0x00, 0x34, // Status() offset
625     0x00, 0x3a, // Close() offset
626     0x05, 0x2e, 0x42, 0x4f, 0x75, 0x74, 0x09, 0x00, // ".BOut",9
627    
628     // Open()
629     0x70, 0x03, // moveq #3,d0
630     M68K_EMUL_OP_SERIAL_OPEN >> 8, M68K_EMUL_OP_SERIAL_OPEN & 0xff,
631     0x4e, 0x75, // rts
632    
633     // Prime()
634     0x70, 0x03, // moveq #3,d0
635     M68K_EMUL_OP_SERIAL_PRIME >> 8, M68K_EMUL_OP_SERIAL_PRIME & 0xff,
636     0x60, 0x1a, // bra IOReturn
637    
638     // Control()
639     0x70, 0x03, // moveq #3,d0
640     M68K_EMUL_OP_SERIAL_CONTROL >> 8, M68K_EMUL_OP_SERIAL_CONTROL & 0xff,
641     0x0c, 0x68, 0x00, 0x01, 0x00, 0x1a, // cmp.w #1,$1a(a0)
642     0x66, 0x0e, // bne IOReturn
643     0x4e, 0x75, // rts
644    
645     // Status()
646     0x70, 0x03, // moveq #3,d0
647     M68K_EMUL_OP_SERIAL_STATUS >> 8, M68K_EMUL_OP_SERIAL_STATUS & 0xff,
648     0x60, 0x06, // bra IOReturn
649    
650     // Close()
651     0x70, 0x03, // moveq #3,d0
652     M68K_EMUL_OP_SERIAL_CLOSE >> 8, M68K_EMUL_OP_SERIAL_CLOSE & 0xff,
653     0x4e, 0x75, // rts
654    
655     // IOReturn
656     0x32, 0x28, 0x00, 0x06, // move.w 6(a0),d1
657     0x08, 0x01, 0x00, 0x09, // btst #9,d1
658     0x67, 0x0c, // beq 1
659     0x4a, 0x40, // tst.w d0
660     0x6f, 0x02, // ble 2
661     0x42, 0x40, // clr.w d0
662     0x31, 0x40, 0x00, 0x10, //2 move.w d0,$10(a0)
663     0x4e, 0x75, // rts
664     0x4a, 0x40, //1 tst.w d0
665     0x6f, 0x04, // ble 3
666     0x42, 0x40, // clr.w d0
667     0x4e, 0x75, // rts
668     0x2f, 0x38, 0x08, 0xfc, //3 move.l $8fc,-(a7)
669     0x4e, 0x75, // rts
670     };
671    
672    
673     /*
674     * ADBOp() patch
675     */
676    
677     static const uint8 adbop_patch[] = { // Call ADBOp() completion procedure
678     // The completion procedure may call ADBOp() again!
679     0x40, 0xe7, // move sr,-(sp)
680     0x00, 0x7c, 0x07, 0x00, // ori #$0700,sr
681     M68K_EMUL_OP_ADBOP >> 8, M68K_EMUL_OP_ADBOP & 0xff,
682     0x48, 0xe7, 0x70, 0xf0, // movem.l d1-d3/a0-a3,-(sp)
683     0x26, 0x48, // move.l a0,a3
684     0x4a, 0xab, 0x00, 0x04, // tst.l 4(a3)
685     0x67, 0x00, 0x00, 0x18, // beq 1
686     0x20, 0x53, // move.l (a3),a0
687     0x22, 0x6b, 0x00, 0x04, // move.l 4(a3),a1
688     0x24, 0x6b, 0x00, 0x08, // move.l 8(a3),a2
689     0x26, 0x78, 0x0c, 0xf8, // move.l $cf8,a3
690     0x4e, 0x91, // jsr (a1)
691     0x70, 0x00, // moveq #0,d0
692     0x60, 0x00, 0x00, 0x04, // bra 2
693     0x70, 0xff, //1 moveq #-1,d0
694     0x4c, 0xdf, 0x0f, 0x0e, //2 movem.l (sp)+,d1-d3/a0-a3
695     0x46, 0xdf, // move (sp)+,sr
696     0x4e, 0x75 // rts
697     };
698    
699    
700     /*
701     * Install .Sony, disk and CD-ROM drivers
702     */
703    
704     void InstallDrivers(uint32 pb)
705     {
706 cebix 1.14 D(bug("InstallDrivers, pb %08x\n", pb));
707 cebix 1.1 M68kRegisters r;
708    
709     // Install Microseconds() replacement routine
710     r.a[0] = ROMBaseMac + microseconds_offset;
711     r.d[0] = 0xa093;
712     Execute68kTrap(0xa247, &r); // SetOSTrapAddress()
713    
714 jlachmann 1.16 // Install DebugUtil() replacement routine
715     r.a[0] = ROMBaseMac + debugutil_offset;
716     r.d[0] = 0xa08d;
717     Execute68kTrap(0xa247, &r); // SetOSTrapAddress()
718    
719 cebix 1.1 // Install disk driver
720     r.a[0] = ROMBaseMac + sony_offset + 0x100;
721     r.d[0] = (uint32)DiskRefNum;
722     Execute68kTrap(0xa43d, &r); // DrvrInstallRsrvMem()
723     r.a[0] = ReadMacInt32(ReadMacInt32(0x11c) + ~DiskRefNum * 4); // Get driver handle from Unit Table
724     Execute68kTrap(0xa029, &r); // HLock()
725     uint32 dce = ReadMacInt32(r.a[0]);
726     WriteMacInt32(dce + dCtlDriver, ROMBaseMac + sony_offset + 0x100);
727     WriteMacInt16(dce + dCtlFlags, DiskDriverFlags);
728    
729     // Open disk driver
730     WriteMacInt32(pb + ioNamePtr, ROMBaseMac + sony_offset + 0x112);
731     r.a[0] = pb;
732     Execute68kTrap(0xa000, &r); // Open()
733    
734     // Install CD-ROM driver unless nocdrom option given
735     if (!PrefsFindBool("nocdrom")) {
736    
737     // Install CD-ROM driver
738     r.a[0] = ROMBaseMac + sony_offset + 0x200;
739     r.d[0] = (uint32)CDROMRefNum;
740     Execute68kTrap(0xa43d, &r); // DrvrInstallRsrvMem()
741     r.a[0] = ReadMacInt32(ReadMacInt32(0x11c) + ~CDROMRefNum * 4); // Get driver handle from Unit Table
742     Execute68kTrap(0xa029, &r); // HLock()
743     dce = ReadMacInt32(r.a[0]);
744     WriteMacInt32(dce + dCtlDriver, ROMBaseMac + sony_offset + 0x200);
745     WriteMacInt16(dce + dCtlFlags, CDROMDriverFlags);
746    
747     // Open CD-ROM driver
748     WriteMacInt32(pb + ioNamePtr, ROMBaseMac + sony_offset + 0x212);
749     r.a[0] = pb;
750     Execute68kTrap(0xa000, &r); // Open()
751     }
752     }
753    
754    
755     /*
756     * Install serial drivers
757     */
758    
759     void InstallSERD(void)
760     {
761     D(bug("InstallSERD\n"));
762    
763     // All drivers are inside the SERD resource
764     M68kRegisters r;
765    
766     // Install .AIn driver
767     r.d[0] = (uint32)-6;
768     r.a[0] = ROMBaseMac + serd_offset + 0x100;
769     Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
770     Execute68kTrap(0xa029, &r); // HLock()
771     uint32 drvr_ptr = ReadMacInt32(r.a[0]);
772     WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x100); // Pointer to driver header
773     WriteMacInt16(drvr_ptr + dCtlFlags, (ain_driver[0] << 8) + ain_driver[1]); // Driver flags
774     WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
775    
776     // Install .AOut driver
777     r.d[0] = (uint32)-7;
778     r.a[0] = ROMBaseMac + serd_offset + 0x200;
779     Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
780     Execute68kTrap(0xa029, &r); // HLock()
781     drvr_ptr = ReadMacInt32(r.a[0]);
782     WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x200); // Pointer to driver header
783     WriteMacInt16(drvr_ptr + dCtlFlags, (aout_driver[0] << 8) + aout_driver[1]); // Driver flags
784     WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
785    
786     // Install .BIn driver
787     r.d[0] = (uint32)-8;
788     r.a[0] = ROMBaseMac + serd_offset + 0x300;
789     Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
790     Execute68kTrap(0xa029, &r); // HLock()
791     drvr_ptr = ReadMacInt32(r.a[0]);
792     WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x300); // Pointer to driver header
793     WriteMacInt16(drvr_ptr + dCtlFlags, (bin_driver[0] << 8) + bin_driver[1]); // Driver flags
794     WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
795    
796     // Install .BOut driver
797     r.d[0] = (uint32)-9;
798     r.a[0] = ROMBaseMac + serd_offset + 0x400;
799     Execute68kTrap(0xa53d, &r); // DrvrInstallRsrvMem()
800     Execute68kTrap(0xa029, &r); // HLock()
801     drvr_ptr = ReadMacInt32(r.a[0]);
802     WriteMacInt32(drvr_ptr + dCtlDriver, ROMBaseMac + serd_offset + 0x400); // Pointer to driver header
803     WriteMacInt16(drvr_ptr + dCtlFlags, (bout_driver[0] << 8) + bout_driver[1]); // Driver flags
804     WriteMacInt16(drvr_ptr + dCtlQHdr + qFlags, 9); // Version number
805     }
806    
807    
808     /*
809     * Install patches after MacOS startup
810     */
811    
812     void PatchAfterStartup(void)
813     {
814 cebix 1.6 #if SUPPORTS_EXTFS
815 cebix 1.5 // Install external file system
816     InstallExtFS();
817 cebix 1.6 #endif
818 cebix 1.1 }
819    
820    
821     /*
822     * Check ROM version, returns false if ROM version is not supported
823     */
824    
825     bool CheckROM(void)
826     {
827     // Read version
828     ROMVersion = ntohs(*(uint16 *)(ROMBaseHost + 8));
829    
830 gbeauche 1.17 #if REAL_ADDRESSING || DIRECT_ADDRESSING
831     // Real and direct addressing modes require a 32-bit clean ROM
832 cebix 1.1 return ROMVersion == ROM_VERSION_32;
833     #else
834 cebix 1.6 // Virtual addressing mode works with 32-bit clean Mac II ROMs and Classic ROMs
835 cebix 1.1 return (ROMVersion == ROM_VERSION_CLASSIC) || (ROMVersion == ROM_VERSION_32);
836     #endif
837     }
838    
839    
840     /*
841     * Install ROM patches, returns false if ROM version is not supported
842     */
843    
844     // ROM patches for Mac Classic/SE ROMs (version $0276)
845     static bool patch_rom_classic(void)
846     {
847     uint16 *wp;
848     uint32 base;
849    
850     // Don't jump into debugger (VIA line)
851     wp = (uint16 *)(ROMBaseHost + 0x1c40);
852     *wp = htons(0x601e);
853    
854     // Don't complain about incorrect ROM checksum
855     wp = (uint16 *)(ROMBaseHost + 0x1c6c);
856     *wp = htons(0x7c00);
857    
858     // Don't initialize IWM
859     wp = (uint16 *)(ROMBaseHost + 0x50);
860     *wp++ = htons(M68K_NOP);
861     *wp = htons(M68K_NOP);
862    
863     // Skip startup sound
864     wp = (uint16 *)(ROMBaseHost + 0x6a);
865     *wp++ = htons(M68K_NOP);
866     *wp = htons(M68K_NOP);
867    
868     // Don't loop in ADB init
869     wp = (uint16 *)(ROMBaseHost + 0x3364);
870     *wp = htons(M68K_NOP);
871    
872     // Patch ClkNoMem
873     wp = (uint16 *)(ROMBaseHost + 0xa2c0);
874     *wp++ = htons(M68K_EMUL_OP_CLKNOMEM);
875     *wp = htons(0x4ed5); // jmp (a5)
876    
877     // Skip main memory test (not that it wouldn't pass, but it's faster that way)
878     wp = (uint16 *)(ROMBaseHost + 0x11e);
879     *wp++ = htons(M68K_NOP);
880     *wp = htons(M68K_NOP);
881    
882     // Install our own drivers
883     wp = (uint16 *)(ROMBaseHost + 0x3f82a);
884     *wp++ = htons(M68K_EMUL_OP_INSTALL_DRIVERS);
885     *wp++ = htons(M68K_NOP);
886     *wp++ = htons(M68K_NOP);
887     *wp = htons(M68K_NOP);
888    
889     #if 1
890     // Don't look for SCSI devices
891     wp = (uint16 *)(ROMBaseHost + 0xd5a);
892     *wp = htons(0x601e);
893     #endif
894    
895     // Replace .Sony driver
896     sony_offset = 0x34680;
897     D(bug("sony %08lx\n", sony_offset));
898     memcpy(ROMBaseHost + sony_offset, sony_driver, sizeof(sony_driver));
899    
900     // Install .Disk and .AppleCD drivers
901     memcpy(ROMBaseHost + sony_offset + 0x100, disk_driver, sizeof(disk_driver));
902     memcpy(ROMBaseHost + sony_offset + 0x200, cdrom_driver, sizeof(cdrom_driver));
903    
904     // Copy icons to ROM
905     SonyDiskIconAddr = ROMBaseMac + sony_offset + 0x400;
906     memcpy(ROMBaseHost + sony_offset + 0x400, SonyDiskIcon, sizeof(SonyDiskIcon));
907     SonyDriveIconAddr = ROMBaseMac + sony_offset + 0x600;
908     memcpy(ROMBaseHost + sony_offset + 0x600, SonyDriveIcon, sizeof(SonyDriveIcon));
909     DiskIconAddr = ROMBaseMac + sony_offset + 0x800;
910     memcpy(ROMBaseHost + sony_offset + 0x800, DiskIcon, sizeof(DiskIcon));
911     CDROMIconAddr = ROMBaseMac + sony_offset + 0xa00;
912     memcpy(ROMBaseHost + sony_offset + 0xa00, CDROMIcon, sizeof(CDROMIcon));
913    
914     // Install SERD patch and serial drivers
915     serd_offset = 0x31bae;
916     D(bug("serd %08lx\n", serd_offset));
917     wp = (uint16 *)(ROMBaseHost + serd_offset + 12);
918     *wp++ = htons(M68K_EMUL_OP_SERD);
919     *wp = htons(M68K_RTS);
920     memcpy(ROMBaseHost + serd_offset + 0x100, ain_driver, sizeof(ain_driver));
921     memcpy(ROMBaseHost + serd_offset + 0x200, aout_driver, sizeof(aout_driver));
922     memcpy(ROMBaseHost + serd_offset + 0x300, bin_driver, sizeof(bin_driver));
923     memcpy(ROMBaseHost + serd_offset + 0x400, bout_driver, sizeof(bout_driver));
924    
925     // Replace ADBOp()
926     memcpy(ROMBaseHost + 0x3880, adbop_patch, sizeof(adbop_patch));
927    
928     // Replace Time Manager
929     wp = (uint16 *)(ROMBaseHost + 0x1a95c);
930     *wp++ = htons(M68K_EMUL_OP_INSTIME);
931     *wp = htons(M68K_RTS);
932     wp = (uint16 *)(ROMBaseHost + 0x1a96a);
933     *wp++ = htons(0x40e7); // move sr,-(sp)
934     *wp++ = htons(0x007c); // ori #$0700,sr
935     *wp++ = htons(0x0700);
936     *wp++ = htons(M68K_EMUL_OP_RMVTIME);
937     *wp++ = htons(0x46df); // move (sp)+,sr
938     *wp = htons(M68K_RTS);
939     wp = (uint16 *)(ROMBaseHost + 0x1a984);
940     *wp++ = htons(0x40e7); // move sr,-(sp)
941     *wp++ = htons(0x007c); // ori #$0700,sr
942     *wp++ = htons(0x0700);
943     *wp++ = htons(M68K_EMUL_OP_PRIMETIME);
944     *wp++ = htons(0x46df); // move (sp)+,sr
945     *wp++ = htons(M68K_RTS);
946     microseconds_offset = (uint8 *)wp - ROMBaseHost;
947     *wp++ = htons(M68K_EMUL_OP_MICROSECONDS);
948 jlachmann 1.16 *wp++ = htons(M68K_RTS);
949    
950     // Replace DebugUtil
951     debugutil_offset = (uint8 *)wp - ROMBaseHost;
952     *wp++ = htons(M68K_EMUL_OP_DEBUGUTIL);
953 cebix 1.1 *wp = htons(M68K_RTS);
954    
955     // Replace SCSIDispatch()
956     wp = (uint16 *)(ROMBaseHost + 0x1a206);
957     *wp++ = htons(M68K_EMUL_OP_SCSI_DISPATCH);
958     *wp++ = htons(0x2e49); // move.l a1,a7
959     *wp = htons(M68K_JMP_A0);
960    
961     // Modify vCheckLoad() so we can patch resources
962     wp = (uint16 *)(ROMBaseHost + 0xe740);
963     *wp++ = htons(M68K_JMP);
964     *wp++ = htons((ROMBaseMac + sony_offset + 0x300) >> 16);
965     *wp = htons((ROMBaseMac + sony_offset + 0x300) & 0xffff);
966     wp = (uint16 *)(ROMBaseHost + sony_offset + 0x300);
967     *wp++ = htons(0x2f03); // move.l d3,-(sp) (save type)
968     *wp++ = htons(0x2078); // move.l $07f0,a0
969     *wp++ = htons(0x07f0);
970     *wp++ = htons(M68K_JSR_A0);
971     *wp++ = htons(0x221f); // move.l (sp)+,d1 (restore type)
972     *wp++ = htons(M68K_EMUL_OP_CHECKLOAD);
973     *wp = htons(M68K_RTS);
974    
975     // Install PutScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
976     PutScrapPatch = ROMBaseMac + sony_offset + 0xc00;
977     base = ROMBaseMac + 0x12794;
978     wp = (uint16 *)(ROMBaseHost + sony_offset + 0xc00);
979     *wp++ = htons(M68K_EMUL_OP_PUT_SCRAP);
980     *wp++ = htons(M68K_JMP);
981     *wp++ = htons(base >> 16);
982     *wp = htons(base & 0xffff);
983    
984     #if 0
985     // Boot from internal EDisk
986     wp = (uint16 *)(ROMBaseHost + 0x3f83c);
987     *wp = htons(M68K_NOP);
988     #endif
989    
990     // Patch VIA interrupt handler
991     wp = (uint16 *)(ROMBaseHost + 0x2b3a); // Level 1 handler
992     *wp++ = htons(0x5888); // addq.l #4,a0
993     *wp++ = htons(0x5888); // addq.l #4,a0
994     *wp++ = htons(M68K_NOP);
995     *wp++ = htons(M68K_NOP);
996     *wp++ = htons(M68K_NOP);
997     *wp++ = htons(M68K_NOP);
998     *wp++ = htons(M68K_NOP);
999     *wp++ = htons(M68K_NOP);
1000     *wp = htons(M68K_NOP);
1001    
1002 cebix 1.22 wp = (uint16 *)(ROMBaseHost + 0x2be4); // 60Hz handler (handles everything)
1003     *wp++ = htons(M68K_NOP);
1004     *wp++ = htons(M68K_NOP);
1005 cebix 1.1 *wp++ = htons(M68K_EMUL_OP_IRQ);
1006     *wp++ = htons(0x4a80); // tst.l d0
1007     *wp = htons(0x67f4); // beq 0x402be2
1008     return true;
1009     }
1010    
1011     // ROM patches for 32-bit clean Mac-II ROMs (version $067c)
1012     static bool patch_rom_32(void)
1013     {
1014 cebix 1.3 uint32 *lp;
1015 cebix 1.1 uint16 *wp;
1016     uint8 *bp;
1017     uint32 base;
1018    
1019     // Find UniversalInfo
1020     static const uint8 universal_dat[] = {0xdc, 0x00, 0x05, 0x05, 0x3f, 0xff, 0x01, 0x00};
1021     if ((base = find_rom_data(0x3400, 0x3c00, universal_dat, sizeof(universal_dat))) == 0) return false;
1022     UniversalInfo = base - 0x10;
1023     D(bug("universal %08lx\n", UniversalInfo));
1024    
1025     // Patch UniversalInfo (disable NuBus slots)
1026     bp = ROMBaseHost + UniversalInfo + ReadMacInt32(ROMBaseMac + UniversalInfo + 12); // nuBusInfoPtr
1027     bp[0] = 0x03;
1028     for (int i=1; i<16; i++)
1029     bp[i] = 0x08;
1030    
1031     // Set model ID from preferences
1032     bp = ROMBaseHost + UniversalInfo + 18; // productKind
1033     *bp = PrefsFindInt32("modelid");
1034 gbeauche 1.20
1035     #if !ROM_IS_WRITE_PROTECTED
1036     #if defined(USE_SCRATCHMEM_SUBTERFUGE)
1037     // Set hardware base addresses to scratch memory area
1038     if (PatchHWBases) {
1039     extern uint8 *ScratchMem;
1040     const uint32 ScratchMemBase = Host2MacAddr(ScratchMem);
1041    
1042     D(bug("LMGlob\tOfs/4\tBase\n"));
1043     base = ROMBaseMac + UniversalInfo + ReadMacInt32(ROMBaseMac + UniversalInfo); // decoderInfoPtr
1044     wp = (uint16 *)(ROMBaseHost + 0x94a);
1045     while (*wp != 0xffff) {
1046     int16 ofs = ntohs(*wp++); // offset in decoderInfo (/4)
1047     int16 lmg = ntohs(*wp++); // address of LowMem global
1048     D(bug("0x%04x\t%d\t0x%08x\n", lmg, ofs, ReadMacInt32(base + ofs*4)));
1049    
1050     // Fake address only if this is not the ASC base
1051     if (lmg != 0xcc0)
1052     WriteMacInt32(base + ofs*4, ScratchMemBase);
1053     }
1054     }
1055     #else
1056     #error System specific handling for writable ROM is required here
1057     #endif
1058     #endif
1059 cebix 1.1
1060     // Make FPU optional
1061     if (FPUType == 0) {
1062     bp = ROMBaseHost + UniversalInfo + 22; // defaultRSRCs
1063     *bp = 4; // FPU optional
1064     }
1065    
1066     // Install special reset opcode and jump (skip hardware detection and tests)
1067     wp = (uint16 *)(ROMBaseHost + 0x8c);
1068     *wp++ = htons(M68K_EMUL_OP_RESET);
1069     *wp++ = htons(M68K_JMP);
1070     *wp++ = htons((ROMBaseMac + 0xba) >> 16);
1071     *wp = htons((ROMBaseMac + 0xba) & 0xffff);
1072    
1073     // Don't GetHardwareInfo
1074     wp = (uint16 *)(ROMBaseHost + 0xc2);
1075     *wp++ = htons(M68K_NOP);
1076     *wp = htons(M68K_NOP);
1077    
1078     // Don't init VIAs
1079     wp = (uint16 *)(ROMBaseHost + 0xc6);
1080     *wp++ = htons(M68K_NOP);
1081     *wp++ = htons(M68K_NOP);
1082     *wp++ = htons(M68K_NOP);
1083     *wp++ = htons(M68K_NOP);
1084     *wp++ = htons(M68K_NOP);
1085     *wp++ = htons(M68K_NOP);
1086     *wp++ = htons(M68K_NOP);
1087     *wp++ = htons(M68K_NOP);
1088     *wp++ = htons(M68K_NOP);
1089     *wp++ = htons(M68K_NOP);
1090     *wp++ = htons(M68K_NOP);
1091     *wp++ = htons(M68K_NOP);
1092     *wp++ = htons(M68K_NOP);
1093     *wp++ = htons(M68K_NOP);
1094     *wp = htons(M68K_NOP);
1095    
1096     // Fake CPU type test
1097     wp = (uint16 *)(ROMBaseHost + 0x7c0);
1098     *wp++ = htons(0x7e00 + CPUType);
1099     *wp = htons(M68K_RTS);
1100    
1101     // Don't clear end of BootGlobs upto end of RAM (address xxxx0000)
1102     static const uint8 clear_globs_dat[] = {0x42, 0x9a, 0x36, 0x0a, 0x66, 0xfa};
1103     base = find_rom_data(0xa00, 0xb00, clear_globs_dat, sizeof(clear_globs_dat));
1104     D(bug("clear_globs %08lx\n", base));
1105     if (base) { // ROM15/20/22/23/26/27/32
1106     wp = (uint16 *)(ROMBaseHost + base + 2);
1107     *wp++ = htons(M68K_NOP);
1108     *wp = htons(M68K_NOP);
1109     }
1110    
1111     // Patch InitMMU (no MMU present, don't choke on unknown CPU types)
1112     if (ROMSize <= 0x80000) {
1113     static const uint8 init_mmu_dat[] = {0x0c, 0x47, 0x00, 0x03, 0x62, 0x00, 0xfe};
1114     if ((base = find_rom_data(0x4000, 0x50000, init_mmu_dat, sizeof(init_mmu_dat))) == 0) return false;
1115     } else {
1116     static const uint8 init_mmu_dat[] = {0x0c, 0x47, 0x00, 0x04, 0x62, 0x00, 0xfd};
1117     if ((base = find_rom_data(0x80000, 0x90000, init_mmu_dat, sizeof(init_mmu_dat))) == 0) return false;
1118     }
1119     D(bug("init_mmu %08lx\n", base));
1120     wp = (uint16 *)(ROMBaseHost + base);
1121     *wp++ = htons(M68K_NOP);
1122     *wp++ = htons(M68K_NOP);
1123     *wp++ = htons(M68K_NOP);
1124     *wp++ = htons(M68K_NOP);
1125     wp++;
1126     *wp++ = htons(0x7000); // moveq #0,d0
1127     *wp = htons(M68K_NOP);
1128    
1129     // Patch InitMMU (no RBV present)
1130     static const uint8 init_mmu2_dat[] = {0x08, 0x06, 0x00, 0x0d, 0x67};
1131     if (ROMSize <= 0x80000) {
1132     base = find_rom_data(0x4000, 0x50000, init_mmu2_dat, sizeof(init_mmu2_dat));
1133     } else {
1134     base = find_rom_data(0x80000, 0x90000, init_mmu2_dat, sizeof(init_mmu2_dat));
1135     }
1136     D(bug("init_mmu2 %08lx\n", base));
1137     if (base) { // ROM11/10/13/26
1138     bp = (uint8 *)(ROMBaseHost + base + 4);
1139     *bp = 0x60; // bra
1140     }
1141    
1142     // Patch InitMMU (don't init MMU)
1143     static const uint8 init_mmu3_dat[] = {0x0c, 0x2e, 0x00, 0x01, 0xff, 0xe6, 0x66, 0x0c, 0x4c, 0xed, 0x03, 0x87, 0xff, 0xe8};
1144     if (ROMSize <= 0x80000) {
1145     if ((base = find_rom_data(0x4000, 0x50000, init_mmu3_dat, sizeof(init_mmu3_dat))) == 0) return false;
1146     } else {
1147     if ((base = find_rom_data(0x80000, 0x90000, init_mmu3_dat, sizeof(init_mmu3_dat))) == 0) return false;
1148     }
1149     D(bug("init_mmu3 %08lx\n", base));
1150     wp = (uint16 *)(ROMBaseHost + base + 6);
1151     *wp = htons(M68K_NOP);
1152    
1153     // Replace XPRAM routines
1154     static const uint8 read_xpram_dat[] = {0x26, 0x4e, 0x41, 0xf9, 0x50, 0xf0, 0x00, 0x00, 0x08, 0x90, 0x00, 0x02};
1155     base = find_rom_data(0x40000, 0x50000, read_xpram_dat, sizeof(read_xpram_dat));
1156     D(bug("read_xpram %08lx\n", base));
1157     if (base) { // ROM10
1158     wp = (uint16 *)(ROMBaseHost + base);
1159     *wp++ = htons(M68K_EMUL_OP_READ_XPRAM);
1160     *wp = htons(0x4ed6); // jmp (a6)
1161     }
1162     static const uint8 read_xpram2_dat[] = {0x26, 0x4e, 0x08, 0x92, 0x00, 0x02, 0xea, 0x59, 0x02, 0x01, 0x00, 0x07, 0x00, 0x01, 0x00, 0xb8};
1163     base = find_rom_data(0x40000, 0x50000, read_xpram2_dat, sizeof(read_xpram2_dat));
1164     D(bug("read_xpram2 %08lx\n", base));
1165     if (base) { // ROM11
1166     wp = (uint16 *)(ROMBaseHost + base);
1167     *wp++ = htons(M68K_EMUL_OP_READ_XPRAM);
1168     *wp = htons(0x4ed6); // jmp (a6)
1169     }
1170     if (ROMSize > 0x80000) {
1171     static const uint8 read_xpram3_dat[] = {0x48, 0xe7, 0xe0, 0x60, 0x02, 0x01, 0x00, 0x70, 0x0c, 0x01, 0x00, 0x20};
1172     base = find_rom_data(0x80000, 0x90000, read_xpram3_dat, sizeof(read_xpram3_dat));
1173     D(bug("read_xpram3 %08lx\n", base));
1174     if (base) { // ROM15
1175     wp = (uint16 *)(ROMBaseHost + base);
1176     *wp++ = htons(M68K_EMUL_OP_READ_XPRAM2);
1177     *wp = htons(M68K_RTS);
1178     }
1179     }
1180    
1181     // Patch ClkNoMem
1182     base = find_rom_trap(0xa053);
1183     wp = (uint16 *)(ROMBaseHost + base);
1184     if (ntohs(*wp) == 0x4ed5) { // ROM23/26/27/32
1185     static const uint8 clk_no_mem_dat[] = {0x40, 0xc2, 0x00, 0x7c, 0x07, 0x00, 0x48, 0x42};
1186     if ((base = find_rom_data(0xb0000, 0xb8000, clk_no_mem_dat, sizeof(clk_no_mem_dat))) == 0) return false;
1187     }
1188     D(bug("clk_no_mem %08lx\n", base));
1189     wp = (uint16 *)(ROMBaseHost + base);
1190     *wp++ = htons(M68K_EMUL_OP_CLKNOMEM);
1191     *wp = htons(0x4ed5); // jmp (a5)
1192    
1193     // Patch BootGlobs
1194     wp = (uint16 *)(ROMBaseHost + 0x10e);
1195     *wp++ = htons(M68K_EMUL_OP_PATCH_BOOT_GLOBS);
1196     *wp = htons(M68K_NOP);
1197    
1198     // Don't init SCC
1199     static const uint8 init_scc_dat[] = {0x08, 0x38, 0x00, 0x01, 0x0d, 0xd1, 0x67, 0x04};
1200     if ((base = find_rom_data(0xa00, 0xa80, init_scc_dat, sizeof(init_scc_dat))) == 0) return false;
1201     D(bug("init_scc %08lx\n", base));
1202     wp = (uint16 *)(ROMBaseHost + base);
1203     *wp = htons(M68K_RTS);
1204    
1205     // Don't access 0x50f1a101
1206     wp = (uint16 *)(ROMBaseHost + 0x4232);
1207     if (ntohs(wp[1]) == 0x50f1 && ntohs(wp[2]) == 0xa101) { // ROM32
1208     *wp++ = htons(M68K_NOP);
1209     *wp++ = htons(M68K_NOP);
1210     *wp++ = htons(M68K_NOP);
1211     *wp++ = htons(M68K_NOP);
1212     *wp = htons(M68K_NOP);
1213     }
1214    
1215     // Don't init IWM
1216     wp = (uint16 *)(ROMBaseHost + 0x9c0);
1217     *wp = htons(M68K_RTS);
1218    
1219     // Don't init SCSI
1220     wp = (uint16 *)(ROMBaseHost + 0x9a0);
1221     *wp = htons(M68K_RTS);
1222    
1223     // Don't init ASC
1224     static const uint8 init_asc_dat[] = {0x26, 0x68, 0x00, 0x30, 0x12, 0x00, 0xeb, 0x01};
1225     base = find_rom_data(0x4000, 0x5000, init_asc_dat, sizeof(init_asc_dat));
1226     D(bug("init_asc %08lx\n", base));
1227     if (base) { // ROM15/22/23/26/27/32
1228     wp = (uint16 *)(ROMBaseHost + base);
1229     *wp = htons(0x4ed6); // jmp (a6)
1230     }
1231    
1232     // Don't EnableExtCache
1233     wp = (uint16 *)(ROMBaseHost + 0x190);
1234     *wp++ = htons(M68K_NOP);
1235     *wp = htons(M68K_NOP);
1236    
1237     // Don't DisableIntSources
1238     wp = (uint16 *)(ROMBaseHost + 0x9f4c);
1239     *wp = htons(M68K_RTS);
1240    
1241     // Fake CPU speed test (SetupTimeK)
1242 jlachmann 1.16 // *** increased jl : MacsBug uses TimeDBRA for kbd repeat timing
1243 cebix 1.1 wp = (uint16 *)(ROMBaseHost + 0x800);
1244     *wp++ = htons(0x31fc); // move.w #xxx,TimeDBRA
1245 jlachmann 1.16 *wp++ = htons(10000);
1246 cebix 1.1 *wp++ = htons(0x0d00);
1247     *wp++ = htons(0x31fc); // move.w #xxx,TimeSCCDBRA
1248 jlachmann 1.16 *wp++ = htons(10000);
1249 cebix 1.1 *wp++ = htons(0x0d02);
1250     *wp++ = htons(0x31fc); // move.w #xxx,TimeSCSIDBRA
1251 jlachmann 1.16 *wp++ = htons(10000);
1252 cebix 1.1 *wp++ = htons(0x0b24);
1253     *wp++ = htons(0x31fc); // move.w #xxx,TimeRAMDBRA
1254 jlachmann 1.16 *wp++ = htons(10000);
1255 cebix 1.1 *wp++ = htons(0x0cea);
1256     *wp = htons(M68K_RTS);
1257    
1258     #if REAL_ADDRESSING
1259     // Move system zone to start of Mac RAM
1260 gbeauche 1.17 wp = (uint16 *)(ROMBaseHost + 0x50a);
1261     *wp++ = htons(HiWord(RAMBaseMac + 0x2000));
1262     *wp++ = htons(LoWord(RAMBaseMac + 0x2000));
1263     *wp++ = htons(HiWord(RAMBaseMac + 0x3800));
1264     *wp = htons(LoWord(RAMBaseMac + 0x3800));
1265 cebix 1.1 #endif
1266    
1267     #if !ROM_IS_WRITE_PROTECTED
1268 cebix 1.18 #if defined(USE_SCRATCHMEM_SUBTERFUGE)
1269 cebix 1.1 // Set fake handle at 0x0000 to scratch memory area (so broken Mac programs won't write into Mac ROM)
1270 gbeauche 1.17 extern uint8 *ScratchMem;
1271     const uint32 ScratchMemBase = Host2MacAddr(ScratchMem);
1272 cebix 1.1 wp = (uint16 *)(ROMBaseHost + 0xccaa);
1273     *wp++ = htons(0x203c); // move.l #ScratchMem,d0
1274 gbeauche 1.17 *wp++ = htons(ScratchMemBase >> 16);
1275     *wp = htons(ScratchMemBase);
1276 cebix 1.1 #else
1277     #error System specific handling for writable ROM is required here
1278     #endif
1279     #endif
1280    
1281     #if REAL_ADDRESSING && defined(AMIGA)
1282     // Don't overwrite SysBase under AmigaOS
1283     wp = (uint16 *)(ROMBaseHost + 0xccb4);
1284     *wp++ = htons(M68K_NOP);
1285     *wp = htons(M68K_NOP);
1286     #endif
1287 gbeauche 1.17
1288     #if REAL_ADDRESSING && !defined(AMIGA)
1289     // gb-- Temporary hack to get rid of crashes in Speedometer
1290     wp = (uint16 *)(ROMBaseHost + 0xdba2);
1291     if (ntohs(*wp) == 0x662c) // bne.b #$2c
1292     *wp = htons(0x602c); // bra.b #$2c
1293     #endif
1294    
1295 cebix 1.1 // Don't write to VIA in InitTimeMgr
1296     wp = (uint16 *)(ROMBaseHost + 0xb0e2);
1297     *wp++ = htons(0x4cdf); // movem.l (sp)+,d0-d5/a0-a4
1298     *wp++ = htons(0x1f3f);
1299     *wp = htons(M68K_RTS);
1300    
1301     // Don't read ModelID from 0x5ffffffc
1302     static const uint8 model_id_dat[] = {0x20, 0x7c, 0x5f, 0xff, 0xff, 0xfc, 0x72, 0x07, 0xc2, 0x90};
1303     base = find_rom_data(0x40000, 0x50000, model_id_dat, sizeof(model_id_dat));
1304     D(bug("model_id %08lx\n", base));
1305     if (base) { // ROM20
1306     wp = (uint16 *)(ROMBaseHost + base + 8);
1307     *wp++ = htons(M68K_NOP);
1308     *wp++ = htons(M68K_NOP);
1309     *wp++ = htons(M68K_NOP);
1310     *wp = htons(M68K_NOP);
1311     }
1312    
1313     // Don't read ModelID from 0x5ffffffc
1314     static const uint8 model_id2_dat[] = {0x45, 0xf9, 0x5f, 0xff, 0xff, 0xfc, 0x20, 0x12};
1315     base = find_rom_data(0x4000, 0x5000, model_id2_dat, sizeof(model_id2_dat));
1316     D(bug("model_id2 %08lx\n", base));
1317     if (base) { // ROM27/32
1318     wp = (uint16 *)(ROMBaseHost + base + 6);
1319     *wp++ = htons(0x7000); // moveq #0,d0
1320     *wp++ = htons(0xb040); // cmp.w d0,d0
1321     *wp = htons(0x4ed6); // jmp (a6)
1322     }
1323    
1324     // Install slot ROM
1325     if (!InstallSlotROM())
1326     return false;
1327    
1328     // Don't probe NuBus slots
1329     static const uint8 nubus_dat[] = {0x45, 0xfa, 0x00, 0x0a, 0x42, 0xa7, 0x10, 0x11};
1330     base = find_rom_data(0x5000, 0x6000, nubus_dat, sizeof(nubus_dat));
1331     D(bug("nubus %08lx\n", base));
1332     if (base) { // ROM10/11
1333     wp = (uint16 *)(ROMBaseHost + base + 6);
1334     *wp++ = htons(M68K_NOP);
1335     *wp++ = htons(M68K_NOP);
1336     *wp = htons(M68K_NOP);
1337     }
1338    
1339     // Don't EnableOneSecInts
1340     static const uint8 lea_dat[] = {0x41, 0xf9};
1341     if ((base = find_rom_data(0x226, 0x22a, lea_dat, sizeof(lea_dat))) == 0) return false;
1342     D(bug("enable_one_sec_ints %08lx\n", base));
1343     wp = (uint16 *)(ROMBaseHost + base);
1344     *wp++ = htons(M68K_NOP);
1345     *wp++ = htons(M68K_NOP);
1346     *wp++ = htons(M68K_NOP);
1347     *wp++ = htons(M68K_NOP);
1348     *wp = htons(M68K_NOP);
1349    
1350     // Don't EnableParityPatch/Enable60HzInts
1351     if ((base = find_rom_data(0x230, 0x234, lea_dat, sizeof(lea_dat))) == 0) {
1352     wp = (uint16 *)(ROMBaseHost + 0x230);
1353     if (ntohs(*wp) == 0x6100) // ROM11
1354     base = 0x230;
1355     else
1356     return false;
1357     }
1358     D(bug("enable_60hz_ints %08lx\n", base));
1359     wp = (uint16 *)(ROMBaseHost + base);
1360     *wp++ = htons(M68K_NOP);
1361     *wp++ = htons(M68K_NOP);
1362     *wp++ = htons(M68K_NOP);
1363     *wp++ = htons(M68K_NOP);
1364     *wp = htons(M68K_NOP);
1365    
1366 cebix 1.8 // Compute boot stack pointer and fix logical/physical RAM size (CompBootStack) (must be done after InitMemMgr!)
1367     wp = (uint16 *)(ROMBaseHost + 0x490);
1368     *wp++ = htons(0x2038); // move.l $10c,d0
1369     *wp++ = htons(0x010c);
1370     *wp++ = htons(0xd0b8); // add.l $2a6,d0
1371     *wp++ = htons(0x02a6);
1372     *wp++ = htons(0xe288); // lsr.l #1,d0
1373     *wp++ = htons(0x0880); // bclr #0,d0
1374     *wp++ = htons(0x0000);
1375     *wp++ = htons(0x0440); // subi.w #$400,d0
1376     *wp++ = htons(0x0400);
1377     *wp++ = htons(0x2040); // move.l d0,a0
1378 cebix 1.1 *wp++ = htons(M68K_EMUL_OP_FIX_MEMSIZE);
1379 cebix 1.8 *wp++ = htons(M68K_RTS);
1380 cebix 1.1
1381     static const uint8 fix_memsize2_dat[] = {0x22, 0x30, 0x81, 0xe2, 0x0d, 0xdc, 0xff, 0xba, 0xd2, 0xb0, 0x81, 0xe2, 0x0d, 0xdc, 0xff, 0xec, 0x21, 0xc1, 0x1e, 0xf8};
1382     base = find_rom_data(0x4c000, 0x4c080, fix_memsize2_dat, sizeof(fix_memsize2_dat));
1383     D(bug("fix_memsize2 %08lx\n", base));
1384     if (base) { // ROM15/22/23/26/27/32
1385     wp = (uint16 *)(ROMBaseHost + base + 16);
1386     *wp++ = htons(M68K_NOP);
1387     *wp = htons(M68K_NOP);
1388     }
1389    
1390     // Don't open .Sound driver but install our own drivers
1391     wp = (uint16 *)(ROMBaseHost + 0x1142);
1392     *wp = htons(M68K_EMUL_OP_INSTALL_DRIVERS);
1393    
1394     // Don't access SonyVars
1395     wp = (uint16 *)(ROMBaseHost + 0x1144);
1396     *wp++ = htons(M68K_NOP);
1397     *wp++ = htons(M68K_NOP);
1398     *wp++ = htons(M68K_NOP);
1399     *wp++ = htons(M68K_NOP);
1400     wp += 2;
1401     *wp = htons(M68K_NOP);
1402    
1403     // Don't write to VIA in InitADB
1404     wp = (uint16 *)(ROMBaseHost + 0xa8a8);
1405     if (*wp == 0) { // ROM22/23/26/27/32
1406     wp = (uint16 *)(ROMBaseHost + 0xb2c6a);
1407     *wp++ = htons(M68K_NOP);
1408     *wp++ = htons(M68K_NOP);
1409     *wp = htons(M68K_NOP);
1410     wp = (uint16 *)(ROMBaseHost + 0xb2d2e);
1411     *wp++ = htons(M68K_NOP);
1412     *wp++ = htons(M68K_NOP);
1413     *wp++ = htons(M68K_NOP);
1414     *wp++ = htons(M68K_NOP);
1415     *wp++ = htons(M68K_NOP);
1416     *wp++ = htons(M68K_NOP);
1417     *wp++ = htons(M68K_NOP);
1418     *wp++ = htons(M68K_NOP);
1419     *wp++ = htons(M68K_NOP);
1420     *wp++ = htons(M68K_NOP);
1421     *wp++ = htons(M68K_NOP);
1422     *wp++ = htons(M68K_NOP);
1423     wp += 2;
1424     *wp++ = htons(M68K_NOP);
1425     *wp = htons(M68K_NOP);
1426     } else {
1427     *wp++ = htons(M68K_NOP);
1428     *wp++ = htons(M68K_NOP);
1429     *wp = htons(M68K_NOP);
1430     wp = (uint16 *)(ROMBaseHost + 0xa662);
1431     *wp++ = htons(M68K_NOP);
1432     *wp++ = htons(M68K_NOP);
1433     *wp++ = htons(M68K_NOP);
1434     *wp++ = htons(M68K_NOP);
1435     *wp++ = htons(M68K_NOP);
1436     wp += 2;
1437     *wp++ = htons(M68K_NOP);
1438     *wp = htons(M68K_NOP);
1439     }
1440    
1441     // Don't EnableSlotInts
1442     if ((base = find_rom_data(0x2ee, 0x2f2, lea_dat, sizeof(lea_dat))) == 0) return false;
1443     D(bug("enable_slot_ints %08lx\n", base));
1444     wp = (uint16 *)(ROMBaseHost + base);
1445     *wp++ = htons(M68K_NOP);
1446     *wp++ = htons(M68K_NOP);
1447     *wp++ = htons(M68K_NOP);
1448     *wp++ = htons(M68K_NOP);
1449     *wp = htons(M68K_NOP);
1450    
1451     // Don't mangle frame buffer base (GetDevBase)
1452     wp = (uint16 *)(ROMBaseHost + 0x5b78);
1453     *wp++ = htons(M68K_NOP);
1454     *wp++ = htons(M68K_NOP);
1455     *wp++ = htons(0x2401); // move.l d1,d2
1456     *wp = htons(0x605e); // bra 0x40805bde
1457    
1458     // Really don't mangle frame buffer base
1459     if (ROMSize > 0x80000) {
1460     static const uint8 frame_base_dat[] = {0x22, 0x78, 0x0d, 0xd8, 0xd3, 0xe9, 0x00, 0x08};
1461     base = find_rom_data(0x8c000, 0x8d000, frame_base_dat, sizeof(frame_base_dat));
1462     D(bug("frame_base %08lx\n", base));
1463     if (base) { // ROM22/23/26/27/32
1464     wp = (uint16 *)(ROMBaseHost + base);
1465     *wp++ = htons(0x2401); // move.l d1,d2
1466     *wp = htons(M68K_RTS);
1467     }
1468     }
1469    
1470     // Don't write to VIA2
1471     static const uint8 via2_dat[] = {0x20, 0x78, 0x0c, 0xec, 0x11, 0x7c, 0x00, 0x90};
1472     if ((base = find_rom_data(0xa000, 0xa400, via2_dat, sizeof(via2_dat))) == 0) return false;
1473     D(bug("via2 %08lx\n", base));
1474     wp = (uint16 *)(ROMBaseHost + base + 4);
1475     *wp = htons(M68K_RTS);
1476    
1477     // Don't write to VIA2, even on ROM20
1478     static const uint8 via2b_dat[] = {0x20, 0x78, 0x0c, 0xec, 0x11, 0x7c, 0x00, 0x90, 0x00, 0x13, 0x4e, 0x75};
1479     base = find_rom_data(0x40000, 0x44000, via2b_dat, sizeof(via2b_dat));
1480     D(bug("via2b %08lx\n", base));
1481     if (base) { // ROM19/20
1482     wp = (uint16 *)(ROMBaseHost + base + 4);
1483     *wp = htons(M68K_RTS);
1484     }
1485    
1486     // Don't use PTEST instruction on 68040/060
1487     if (ROMSize > 0x80000) {
1488    
1489     // BlockMove()
1490 cebix 1.18 static const uint8 bmove_dat[] = {0x20, 0x5f, 0x22, 0x5f, 0x0c, 0x38, 0x00, 0x04, 0x01, 0x2f};
1491     base = find_rom_data(0x87000, 0x87800, bmove_dat, sizeof(bmove_dat));
1492     D(bug("block_move %08lx\n", base));
1493 cebix 1.1 if (base) { // ROM15/22/23/26/27/32
1494 cebix 1.18 wp = (uint16 *)(ROMBaseHost + base + 4);
1495     *wp++ = htons(M68K_EMUL_OP_BLOCK_MOVE);
1496     *wp++ = htons(0x7000);
1497     *wp = htons(M68K_RTS);
1498 cebix 1.1 }
1499    
1500     // SANE
1501     static const uint8 ptest2_dat[] = {0x0c, 0x38, 0x00, 0x04, 0x01, 0x2f, 0x6d, 0x54, 0x48, 0xe7, 0xf8, 0x60};
1502     base = find_rom_data(0, ROMSize, ptest2_dat, sizeof(ptest2_dat));
1503     D(bug("ptest2 %08lx\n", base));
1504     if (base) { // ROM15/20/22/23/26/27/32
1505     wp = (uint16 *)(ROMBaseHost + base + 8);
1506     *wp++ = htons(M68K_NOP);
1507     *wp++ = htons(0xf4f8); // cpusha dc/ic
1508     *wp++ = htons(M68K_NOP);
1509     *wp++ = htons(0x7000); // moveq #0,d0
1510     *wp = htons(M68K_RTS);
1511     }
1512     }
1513    
1514 cebix 1.10 // Don't set MemoryDispatch() to unimplemented trap
1515     static const uint8 memdisp_dat[] = {0x30, 0x3c, 0xa8, 0x9f, 0xa7, 0x46, 0x30, 0x3c, 0xa0, 0x5c, 0xa2, 0x47};
1516     base = find_rom_data(0x4f100, 0x4f180, memdisp_dat, sizeof(memdisp_dat));
1517     D(bug("memdisp %08lx\n", base));
1518 cebix 1.12 if (base) { // ROM15/22/23/26/27/32
1519 cebix 1.10 wp = (uint16 *)(ROMBaseHost + base + 10);
1520     *wp = htons(M68K_NOP);
1521     }
1522    
1523 cebix 1.1 // Patch .EDisk driver (don't scan for EDisks in the area ROMBase..0xe00000)
1524 cebix 1.15 uint32 edisk_offset = find_rom_resource(FOURCC('D','R','V','R'), 51);
1525 cebix 1.1 if (edisk_offset) {
1526     static const uint8 edisk_dat[] = {0xd5, 0xfc, 0x00, 0x01, 0x00, 0x00, 0xb5, 0xfc, 0x00, 0xe0, 0x00, 0x00};
1527     base = find_rom_data(edisk_offset, edisk_offset + 0x10000, edisk_dat, sizeof(edisk_dat));
1528     D(bug("edisk %08lx\n", base));
1529     if (base) {
1530     wp = (uint16 *)(ROMBaseHost + base + 8);
1531     *wp++ = 0;
1532     *wp = 0;
1533     }
1534     }
1535    
1536     // Replace .Sony driver
1537 cebix 1.15 sony_offset = find_rom_resource(FOURCC('D','R','V','R'), 4);
1538 cebix 1.1 D(bug("sony %08lx\n", sony_offset));
1539     memcpy(ROMBaseHost + sony_offset, sony_driver, sizeof(sony_driver));
1540    
1541     // Install .Disk and .AppleCD drivers
1542     memcpy(ROMBaseHost + sony_offset + 0x100, disk_driver, sizeof(disk_driver));
1543     memcpy(ROMBaseHost + sony_offset + 0x200, cdrom_driver, sizeof(cdrom_driver));
1544    
1545     // Copy icons to ROM
1546     SonyDiskIconAddr = ROMBaseMac + sony_offset + 0x400;
1547     memcpy(ROMBaseHost + sony_offset + 0x400, SonyDiskIcon, sizeof(SonyDiskIcon));
1548     SonyDriveIconAddr = ROMBaseMac + sony_offset + 0x600;
1549     memcpy(ROMBaseHost + sony_offset + 0x600, SonyDriveIcon, sizeof(SonyDriveIcon));
1550     DiskIconAddr = ROMBaseMac + sony_offset + 0x800;
1551     memcpy(ROMBaseHost + sony_offset + 0x800, DiskIcon, sizeof(DiskIcon));
1552     CDROMIconAddr = ROMBaseMac + sony_offset + 0xa00;
1553     memcpy(ROMBaseHost + sony_offset + 0xa00, CDROMIcon, sizeof(CDROMIcon));
1554    
1555     // Install SERD patch and serial drivers
1556 cebix 1.15 serd_offset = find_rom_resource(FOURCC('S','E','R','D'), 0);
1557 cebix 1.1 D(bug("serd %08lx\n", serd_offset));
1558     wp = (uint16 *)(ROMBaseHost + serd_offset + 12);
1559     *wp++ = htons(M68K_EMUL_OP_SERD);
1560     *wp = htons(M68K_RTS);
1561     memcpy(ROMBaseHost + serd_offset + 0x100, ain_driver, sizeof(ain_driver));
1562     memcpy(ROMBaseHost + serd_offset + 0x200, aout_driver, sizeof(aout_driver));
1563     memcpy(ROMBaseHost + serd_offset + 0x300, bin_driver, sizeof(bin_driver));
1564     memcpy(ROMBaseHost + serd_offset + 0x400, bout_driver, sizeof(bout_driver));
1565    
1566     // Replace ADBOp()
1567     memcpy(ROMBaseHost + find_rom_trap(0xa07c), adbop_patch, sizeof(adbop_patch));
1568    
1569     // Replace Time Manager (the Microseconds patch is activated in InstallDrivers())
1570     wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa058));
1571     *wp++ = htons(M68K_EMUL_OP_INSTIME);
1572     *wp = htons(M68K_RTS);
1573     wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa059));
1574     *wp++ = htons(0x40e7); // move sr,-(sp)
1575     *wp++ = htons(0x007c); // ori #$0700,sr
1576     *wp++ = htons(0x0700);
1577     *wp++ = htons(M68K_EMUL_OP_RMVTIME);
1578     *wp++ = htons(0x46df); // move (sp)+,sr
1579     *wp = htons(M68K_RTS);
1580     wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa05a));
1581     *wp++ = htons(0x40e7); // move sr,-(sp)
1582     *wp++ = htons(0x007c); // ori #$0700,sr
1583     *wp++ = htons(0x0700);
1584     *wp++ = htons(M68K_EMUL_OP_PRIMETIME);
1585     *wp++ = htons(0x46df); // move (sp)+,sr
1586     *wp++ = htons(M68K_RTS);
1587     microseconds_offset = (uint8 *)wp - ROMBaseHost;
1588     *wp++ = htons(M68K_EMUL_OP_MICROSECONDS);
1589 jlachmann 1.16 *wp++ = htons(M68K_RTS);
1590    
1591     // Replace DebugUtil
1592     debugutil_offset = (uint8 *)wp - ROMBaseHost;
1593     *wp++ = htons(M68K_EMUL_OP_DEBUGUTIL);
1594 cebix 1.1 *wp = htons(M68K_RTS);
1595    
1596     // Replace SCSIDispatch()
1597     wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa815));
1598     *wp++ = htons(M68K_EMUL_OP_SCSI_DISPATCH);
1599     *wp++ = htons(0x2e49); // move.l a1,a7
1600     *wp = htons(M68K_JMP_A0);
1601    
1602     // Modify vCheckLoad() so we can patch resources
1603     wp = (uint16 *)(ROMBaseHost + 0x1b8f4);
1604     *wp++ = htons(M68K_JMP);
1605     *wp++ = htons((ROMBaseMac + sony_offset + 0x300) >> 16);
1606     *wp = htons((ROMBaseMac + sony_offset + 0x300) & 0xffff);
1607     wp = (uint16 *)(ROMBaseHost + sony_offset + 0x300);
1608     *wp++ = htons(0x2f03); // move.l d3,-(sp) (save type)
1609     *wp++ = htons(0x2078); // move.l $07f0,a0
1610     *wp++ = htons(0x07f0);
1611     *wp++ = htons(M68K_JSR_A0);
1612     *wp++ = htons(0x221f); // move.l (sp)+,d1 (restore type)
1613     *wp++ = htons(M68K_EMUL_OP_CHECKLOAD);
1614     *wp = htons(M68K_RTS);
1615    
1616     // Patch PowerOff()
1617     wp = (uint16 *)(ROMBaseHost + find_rom_trap(0xa05b)); // PowerOff()
1618     *wp = htons(M68K_EMUL_OP_SHUTDOWN);
1619    
1620     // Install PutScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
1621     PutScrapPatch = ROMBaseMac + sony_offset + 0xc00;
1622     base = ROMBaseMac + find_rom_trap(0xa9fe);
1623     wp = (uint16 *)(ROMBaseHost + sony_offset + 0xc00);
1624     *wp++ = htons(M68K_EMUL_OP_PUT_SCRAP);
1625     *wp++ = htons(M68K_JMP);
1626     *wp++ = htons(base >> 16);
1627     *wp = htons(base & 0xffff);
1628 cebix 1.12
1629 gbeauche 1.24 // Install GetScrap() patch for clipboard data exchange (the patch is activated by EMUL_OP_INSTALL_DRIVERS)
1630     GetScrapPatch = ROMBaseMac + sony_offset + 0xd00;
1631     base = ROMBaseMac + find_rom_trap(0xa9fd);
1632     wp = (uint16 *)(ROMBaseHost + sony_offset + 0xd00);
1633     *wp++ = htons(M68K_EMUL_OP_GET_SCRAP);
1634     *wp++ = htons(M68K_JMP);
1635     *wp++ = htons(base >> 16);
1636     *wp = htons(base & 0xffff);
1637    
1638 cebix 1.12 // Look for double PACK 4 resources
1639 cebix 1.15 if ((base = find_rom_resource(FOURCC('P','A','C','K'), 4)) == 0) return false;
1640     if ((base = find_rom_resource(FOURCC('P','A','C','K'), 4, true)) == 0 && FPUType == 0)
1641 cebix 1.12 printf("WARNING: This ROM seems to require an FPU\n");
1642 cebix 1.7
1643 cebix 1.1 // Patch VIA interrupt handler
1644     wp = (uint16 *)(ROMBaseHost + 0x9bc4); // Level 1 handler
1645     *wp++ = htons(0x7002); // moveq #2,d0 (always 60Hz interrupt)
1646     *wp++ = htons(M68K_NOP);
1647     *wp++ = htons(M68K_NOP);
1648     *wp++ = htons(M68K_NOP);
1649     *wp = htons(M68K_NOP);
1650    
1651 cebix 1.22 wp = (uint16 *)(ROMBaseHost + 0xa296); // 60Hz handler (handles everything)
1652     *wp++ = htons(M68K_NOP);
1653     *wp++ = htons(M68K_NOP);
1654 cebix 1.1 *wp++ = htons(M68K_EMUL_OP_IRQ);
1655     *wp++ = htons(0x4a80); // tst.l d0
1656     *wp = htons(0x67f4); // beq 0x4080a294
1657     return true;
1658     }
1659    
1660     bool PatchROM(void)
1661     {
1662 cebix 1.11 // Print some information about the ROM
1663     if (PrintROMInfo)
1664     print_rom_info();
1665 cebix 1.1
1666     // Patch ROM depending on version
1667     switch (ROMVersion) {
1668     case ROM_VERSION_CLASSIC:
1669     if (!patch_rom_classic())
1670     return false;
1671     break;
1672     case ROM_VERSION_32:
1673     if (!patch_rom_32())
1674     return false;
1675     break;
1676     default:
1677     return false;
1678     }
1679    
1680     // Install breakpoint
1681 cebix 1.10 if (ROMBreakpoint) {
1682     uint16 *wp = (uint16 *)(ROMBaseHost + ROMBreakpoint);
1683     *wp = htons(M68K_EMUL_BREAK);
1684     }
1685 cebix 1.1
1686     // Clear caches as we loaded and patched code
1687     FlushCodeCache(ROMBaseHost, ROMSize);
1688     return true;
1689     }