#!/bin/bash
# 本地复现脚本 — 解包 qemu-build.tar.gz 并起浮标
set -euo pipefail

if [[ ! -f buoy_firmware.bin ]]; then
    echo "缺 buoy_firmware.bin"; exit 1
fi
if [[ ! -d qemu-build ]]; then
    echo "解 qemu-build.tar.gz ..."
    tar -xzf qemu-build.tar.gz
fi

# 假 EEPROM (本地版 flag = R1kkosec{LOCAL_DUMMY_FLAG_NOT_REAL})
mkdir -p .local
LOCAL_FLAG="R1kkosec{LOCAL_DUMMY_FLAG_NOT_REAL}"
printf "%s\0" "$LOCAL_FLAG" > .local/eeprom.bin
truncate -s 4096 .local/eeprom.bin

# 编译 patched QEMU（首次很慢）
if [[ ! -x qemu-build/build/qemu-system-arm ]]; then
    echo "编译 patched QEMU（约 10 分钟）..."
    cd qemu-build
    if compgen -G "patches/*.patch" > /dev/null; then
        for p in patches/*.patch; do patch -p1 < "$p"; done
    fi
    mkdir -p build && cd build
    ../configure --target-list=arm-softmmu
    make -j"$(nproc)"
    cd ../..
fi

echo "起 QEMU（Ctrl-A x 退出）..."
./qemu-build/build/qemu-system-arm \
    -M lm3s6965evb \
    -kernel buoy_firmware.bin \
    -device "loader,addr=0x400AF000,file=.local/eeprom.bin" \
    -nographic -monitor none -serial stdio