Page 1 of 1

how to disassemble Macintosh ROM for BII

Posted: Tue Aug 22, 2017 11:04 am
by rickyzhang
I got stuck in reading ROM patch code in BII. I want to disassemble PERFORMA ROM it uses.

So I wonder if there is any software can do that. I have tried:

1. use IDA to disassemble ROM file directly. But It didn't work.
2. use fdiasm from mini vMac to disassemble ROM file inside. But it didn't work.

Re: how to disassemble Macintosh ROM for BII

Posted: Tue Aug 22, 2017 3:12 pm
by rickyzhang
I found tool called radare2. M68k disassemble works for ROM.

Re: how to disassemble Macintosh ROM for BII

Posted: Tue Aug 22, 2017 5:50 pm
by adespoton
There's also a disasm package for MPW that should be able to do it... but first you have to set up your MPW environment.

Since that was one of the original goals behind Mini vMac, it should work there.

That said, radare2 is probably the easier route to go.

I seem to recall something coming with CodeWarrior that I used for ROM disassembly back in the 90's, but it's too far in the past for me to remember anything worthwhile and useful.

Re: how to disassemble Macintosh ROM for BII

Posted: Tue Aug 22, 2017 9:03 pm
by rickyzhang
In fact, cxmon from macemu git repo can disassemble 68K as well.

Re: how to disassemble Macintosh ROM for BII

Posted: Thu Aug 24, 2017 2:12 pm
by rickyzhang
Because code and data are mixed in the ROM, neither cxmon nor radare2 does a great job to disassemble the ROM correctly.

I'm curious if there is any heuristic disassembler out there without human specify code segment manually.

Re: how to disassemble Macintosh ROM for BII

Posted: Thu Aug 24, 2017 3:58 pm
by adespoton
Have you tried using Resorcerer? It's limited in some ways, but it used to do a decent job of splitting out the data and code for me.

[edit] there are also a few more suggestions on https://68kmla.org/forums/index.php?/to ... r-for-mac/

Re: how to disassemble Macintosh ROM for BII

Posted: Fri Aug 25, 2017 10:33 am
by rickyzhang
Resorcerer is not free app.

I'm using MacsBug. But I have trouble to entering into MacsBug. Because it requires a PowerKey+Command to trigger debug trap.

I have tried it on my iMac. It didn't work. BII adb.cpp source code did show it handles power key mapping:

Code: Select all

	while (key_read_ptr != key_write_ptr) {

		// Read keyboard event
		uint8 mac_code = key_buffer[key_read_ptr];
		key_read_ptr = (key_read_ptr + 1) % KEY_BUFFER_SIZE;

		// Call keyboard ADB handler
		WriteMacInt8(tmp_data, 2);
		WriteMacInt8(tmp_data + 1, mac_code);
		WriteMacInt8(tmp_data + 2, mac_code == 0x7f ? 0x7f : 0xff);	// Power key is special
It seems that I have keycode mapping issues or I may misread adb source code.

In any case, do you know how to enter into Macsbug?

Re: how to disassemble Macintosh ROM for BII

Posted: Fri Aug 25, 2017 4:21 pm
by adespoton
http://www.mackido.com/EasterEggs/EX-MacsBug.html could be of help... holding down control during boot will enter you into MacsBug.

I also remember having an INIT back in the day that allowed you to assign any key combo to trigger NMI. This was useful when I didn't have the programmer's switch nor an extended keyboard.

Another option is to write something that intentionally crashes, dumping you into macsbug.

If you don't have an old registered copy of Resorcerer kicking around, Super ResEdit also contained rudimentary separation of code and data, and might work for you.

Re: how to disassemble Macintosh ROM for BII

Posted: Fri Aug 25, 2017 4:56 pm
by rickyzhang
I looked the issue deeper.

Somehow holding down CTRL key doesn't work in BII.

So I tried to look for power key. In fact, There is no power key in default keycode mapping file. I replace F12 keycode with 127 Mac Power key. Now I can use F12 + Command to trigger MacsBug.

Re: how to disassemble Macintosh ROM for BII

Posted: Fri Aug 25, 2017 10:45 pm
by adespoton
Nice!

At some point, I need to make myself a USB dongle that contains two beige buttons... one that sends the interrupt signal, and one that sends the power signal -- classic Mac style :D

Does the mapping file contain the eject key?

Re: how to disassemble Macintosh ROM for BII

Posted: Sat Aug 26, 2017 12:07 am
by rickyzhang
To find a X11 key code, I can run an app called xev in Linux. However, it is not easy to find Mac key code. I need to do a massive Internet search.

TBH, I don't know how ADB emulation works. The comment said that Power key is so special that it writes twice. Rest of key code just follow with 0xff.

Although I can trigger MacsBug by key press combo Power+Command, all MacsBug 6.2 and 6.5 crashed in emulation. I'm not quite happy about cxmon that comes with BII. I'm thinking about adding some features like invoking cxmon in guest OS at any time and add break point at specific guest OS address. This will make BII crash debug far more easier.

PS: eject key is meaningless in emulation. I know you must be joking. :lol: