LisaList2

General Category => LisaList2 => Topic started by: rayarachelian on February 02, 2020, 11:14:28 am

Title: Magic Lisa Serial # zero found!
Post by: rayarachelian on February 02, 2020, 11:14:28 am

Quite by accident, I found a serial number string that bypasses the serialization process, this might be a useful find, or perhaps it won't actually be viable, not sure.

Code: [Select]

ff000000000000ff0000000000000000
When you first copy a tool from the floppy to the profile, such as LisaList (tee hee!) it will still warn you that it will need to serialize it. However it will write the magic serial number of zero, which means it's unserialized! Best yet, neither LOS, nor the boot ROM see this as an error condition! And I was able to initiate a print!

This doesn't matter very much for LisaEm for obvious reasons, but I wonder what would happen if someone were to burn a VSROM with serial # zero, and tried it on a real Lisa. Anyone have the ability to do that? I've no idea what effect this will have on AppleNet, but then again, I don't think that matters much. I'd imagine that perhaps the Lisa devs had such a serial #ed Lisa when they built the tools so they could create the initial copies of the tools disks, or perhaps they didn't, and used LPW instead, but anyway...
I was able to start a print from a document created from a LisaList stationary, however, I have more bugs to fix in LisaEm as GTK crashed after the print dialog came up and I selected output to PDF file, (and worse yet, it looks like I still have memory issues to fix.)
(Printing doesn't work if you have a mismatched serial number between your installed tools and the Lisa VSROM.)

Code: [Select]

src/host/wxui/lisaem_wx.cpp:OnMouseMove:5375:Mouse actual xh,yh: (255,303)  translated x,y: (110,127) display:(145,128)+(720,500)| 10:51:12.4 671191316
src/host/wxui/lisaem_wx.cpp:iw_check_finish_job:7871:No activity on printer #5 - flushing page| 10:51:15.5 791314010
src/host/wxui/lisaem_wx.cpp:iw_check_finish_job:7871:No activity on printer #5 - flushing page| 10:51:15.5 791314010
cpu68k.c:get_ipct:799:There are no free ipcts, but ipcts_free is non zero! 1| 10:51:36.9 835665452
cpu68k.c:get_ipct:799:There are no free ipcts, but ipcts_free is non zero! 1| 10:51:36.9 835665452

(lisaem:12134): Gtk-CRITICAL **: 10:51:42.763: gtk_print_context_create_pango_context: assertion 'GTK_IS_PRINT_CONTEXT (context)' failed

(lisaem:12134): Gtk-CRITICAL **: 10:51:42.764: gtk_print_context_create_pango_layout: assertion 'GTK_IS_PRINT_CONTEXT (context)' failed

(lisaem:12134): Gtk-CRITICAL **: 10:51:42.764: gtk_print_context_get_cairo_context: assertion 'GTK_IS_PRINT_CONTEXT (context)' failed

(lisaem:12134): Gtk-CRITICAL **: 10:51:42.764: gtk_print_context_get_page_setup: assertion 'GTK_IS_PRINT_CONTEXT (context)' failed
Segmentation fault (core dumped)
 The blue screenshot attached to this post is from vbindiff, a visual text mode diff, the white hightlight is where the serial number will get written to by LOS according to David T. Craig's Lisa tool deserialization papers. See the two hex dumps in here: http://www.applerepairmanuals.com/lisa/deserial/pg05.html
As you can see LOS write zeros for the serial number, which means the tools are NOT serialized. There are changes made to the disk image, but those are date time stamps, which are normal behavior.
Obviously this is kinda useless as LisaEm itself deserializes tools internally, and you could use lisafsh-tool to do so yourself, and certainly deserialized images already exist on archive.org lisa tosec, and other places. But it's still fun to think about.
If it turns out that this works, perhaps we could burn a bunch of VSROMs with this magic serial number and never have to bother with deserialization again on actual Lisas!

Title: Re: Magic Lisa Serial # zero found!
Post by: jamesdenton on February 04, 2020, 09:26:22 am

Nice find, Ray!

I took a look at three different ROMs - the VintageMicros Master ROM that ships with the X/ProFile and the ROM in my machine. I also found a random 341-0229-A ROM online.

You can see in these screenshots that the changed bytes are not consistent between the three ROMs. So, it may be hard(er) to pinpoint what needs to be modified. Curious to see where this goes!

Title: Re: Magic Lisa Serial # zero found!
Post by: jamesdenton on February 04, 2020, 09:26:53 am

Followup with the second diff.

Title: Re: Magic Lisa Serial # zero found!
Post by: rayarachelian on February 05, 2020, 07:51:35 am

Take a look at https://lisaem.sunder.net/LisaSchem/CPU5.gif - the VSROM is U6C (371-0072) second chip from the upper left - the serial number bit is on D7, so it's decimal value is 128, so it's the MSB in that ROM. You can keep all the other bits the same. There is a specific format to the serial number and it includes a checksum that you can see in the boot ROM source code, but there's a direct correlation between what's written to every other byte of 0240-0280 where the boot ROM saves the SN and AppleNetID to, and bit 7 of that VSROM.