Please login or register.

Login with username, password and session length
Advanced search  

News:

Main Page
Pages: [1]   Go Down

Author Topic: Qemu-PPC booting Apple's Open Firmware.  (Read 4602 times)

darthnVader

  • 512 MB
  • *****
  • Posts: 683
  • New Member
Qemu-PPC booting Apple's Open Firmware.
« on: February 04, 2021, 09:10:18 PM »
Thanks to some fine works by a few Mac emulator fanatics, we can now boot v3 of the Beige G3 ROM in Qemu.


If someone wants to get started on this, I captured the state of the code in a tar.gz, and it should build just fine in most modern versions of the macOS.

Trouble is we don't have a PPC GDB to work with in the macOS anymore and I'm having trouble building one, however, you can switch the Endian of GDB to big and set breakpoints to manipulate data.

1. Download Xcode and install homebrew with all the needed things to build qemu on the macOS.
2. Download the pre-patched screamer branch and extract it: https://drive.google.com/file/d/1iHKcFRHjy9aAWCm0hx1n-pVz_-iaIuK7/view?usp=sharing
3. cd screamer/qemu && mkdir build && cd build
4. ../configure --target-list=ppc-softmmu
5. make -j16

Now you can just run ./qemu-system-ppc from the build dir if you don't want to install a branch on your system that may break other things;-)

Here is my command:

Code: [Select]
./qemu-system-ppc -S -s -bios /Users/jam/Downloads/MacROMan-master/TestImages/4MB\ ROMs/1997-11\ -\ 78F57389\ -\ Power\ Mac\ G3\ \(v3\).ROM -vga none -device ati-vga,addr=0x12,romfile=/Users/jam/Downloads/ati_oem_rage128pro_110_agp_full/ati_oem_rage128pro_110_agp_full.rom   -serial mon:stdio -singlestep  -trace enable="pci*" -trace enable="i2c*" -trace enable="cuda*" -trace enable="ati*" -trace enable="heathrow*"
You'll need v3 of the Beige G3 ROM, and v110 of the ATI Rage128 ROM:

https://www.macintoshrepository.org/703 ... s-68k-ppc-

http://campahunta.free.fr/Downloads/ROM ... p_full.zip

Also you need to install gdb, something like brew install gdb;-)

https://dev.to/jasonelwood/setup-gdb-on ... -2020-489k

The -S -s pauses qemu and waits for the debugger, so in a new terminal tab:

Code: [Select]
target remote :1234
set endian big
break *0xff8186a8
cNext, when you get to the breakpoint in GDB:

Code: [Select]
set $r20=1
d
y
c
Enjoy Open Firmware 2.4, you can switch to the serial connection with:

Code: [Select]
ttya io
That way most of the keys, like the shift key will work for you.

Enjoy! and happy hacking.

https://drive.google.com/file/d/13bEHnzdPWtAYqpSnMQB-JRKs3l1ILIG9/view?usp=sharing
Logged
Pages: [1]   Go Up

Recent Topics

[Mac OS 9, Hacks & Upgrades] more than 8 partitions on a hard drive. by IIO Today at 08:43:28 AM
[Community Marketplace] CD Rom Rodin by MigMac Today at 08:21:48 AM
[New Member Welcome] Vorstellung by Bolkonskij Today at 07:55:56 AM
[Audio & MIDI Hardware] Mac Mini G4 List of Tested MIDI / Audio Interfaces (Firewire & USB) in Mac OS 9 by aBc Today at 06:59:56 AM
[CPU] The 1.6ghz Sonnet Encore MDX overclocking project by indibil Today at 03:50:31 AM
[Software] Ceremony of Innocence CD Rom by MigMac Yesterday at 10:55:15 PM
[Software] The ASIO Music Player thread by kjellcomputer Yesterday at 10:27:40 AM
[PowerPC OSX-based DAW Applications] Harrison Mixbus by P.O. February 25, 2025, 04:04:30 PM