DolphinDOS 2: Fixing a 35-Year-Old Bug That Never Was

DolphinDOS 2 is a replacement ROM for the Commodore 64 and its 1541 floppy disk drive that dramatically speeds up disk access by using a parallel cable between the two machines. Instead of the glacial CBM serial bus, data transfers happen byte-at-a-time over an 8-bit parallel port, making loads roughly 25x faster. I’ve been maintaining a custom version for myself. It changes the keys used to list the contents of disks and load programmes to match the Action Replay that I’m more familiar with.

A Commodore 64 boot up screen saying "COMMODORE 64 BASIC V2 DOLPHINDOS 2.0 38911 BASIC BYTES FREE READY.

It also works in Vice, Ultimate64 and Commodore 64 Ultimate!

While I blogged about buying a real Commodore 64 in 2019, I didn’t post about buying an Ultimate 64 a few months later. The version I have is the non-Elite version but it’s quite a wonderful device. Unfortunately, life got in the way and the machine lay mostly unused for years. I must make a post about that little beauty one of these days. Anyway …

I just released version 1.2 of my DolphinDOS 2 project, and there’s a bug fix for a seemingly rare problem: a bug in the original DolphinDOS 2 ROM from the late 1980s that almost certainly never manifested on real hardware. It seems so rare I’ve never read of anyone complaining about it on any C64-related Facebook group until this bug report surfaced. The parallel port would randomly be switched off when a C64 Ultimate was switched on!

It was never my intention to go diving into the assembly of this project. I just wanted to change some keys around, but I had Claude Code look at it, with the relevant sections of the C64 Programmer’s Guide at hand for reference. I honestly don’t have time to fix a rare bug like this, but Claude did. Here’s what it said about the bug. I would be interested in hearing what C64 developers who have looked at the RAM in a real 1541 have to say.

The 1541 drive ROM uses four flag bytes at $6000–$6003 in drive RAM to control DolphinDOS features: R (read), F (fast format), V (verify), and P (parallel port). A value of $12 means disabled; anything else means enabled. The original ROM never initialises these flags at boot. It relies on whatever happens to be in RAM when the drive powers on.

On a real 1541 with SRAM, that RAM almost always powers up as zeroes — so $6003 is never $12, and the parallel port is always enabled. It just works accidentally.

On the C64 Ultimate, the emulated 1541 RAM isn’t zeroed so predictably. Sometimes $6003 powers up containing $12, and the parallel port silently disables itself. A user reported that their C64 Ultimate was randomly booting with the parallel port off. That’s something that would never happen on the original hardware.

The fix was simple enough, set the important memory locations to zero, although it took a couple of tries before it worked.

The fix adds a small init routine at the end of the 1541 ROM’s free space that zeroes $6000–$6003 and sets the track interleave at $6023 during the drive’s boot sequence. The tricky part was that the 1541 ROM has a checksum that the drive verifies on startup. If it doesn’t match, the drive refuses to boot. The new jump target was chosen so its address bytes sum to the same value as the original, keeping the checksum valid without needing a separate compensation byte.

Claude Code did the analysis and wrote the patch. I pointed it at the disassembly and the bug report, and it identified the uninitialised RAM as the root cause, found free space in the ROM, worked out the checksum constraint, and produced a working fix. The reporter tested it on their C64 Ultimate and confirmed it resolved the issue. I tested it in Vice and on my Ultimate64.

Other changes in 1.2:

  • Tapping F1 now auto-runs after loading: previously F1 loaded the first program from disk but left you at the READY prompt. Now it executes RUN automatically.
  • Cursor colour changed from cyan to white matching the look of the Action Replay I’m used to.
  • kernal.asm is now compilable. I converted it to ACME assembler format, so you can modify and rebuild the C64 kernal ROM from source.
  • Install instructions updated for the latest Ultimate64 firmware (which seems to match the C64 Ultimate instructions I found online).

The release is on GitHub. If you’re running DolphinDOS 2 on an Ultimate64 or C64 Ultimate, it’s worth updating.

You can also find the original kernal files here, along with different versions of them. My 1541.rom is based on the c1541-20-6.rom found there. My kernal.rom is based on kernal-20-2.rom. There is a third revision of that kernal rom too. I asked Claude to tell me what was different between them:

kernal-20-2 vs kernal-20-3: What’s different

The code is functionally almost identical. The 911 byte differences break down into a few categories:

  1. The version byte at $FF80
    v2: $03
    v3: $00
    Confusingly, the “revision 2” ROM has version byte $03 and “revision 3” has $00. The filenames may not reflect the actual revision order — kernal-20-3 might actually be an earlier or alternate build.
  2. Code insertion at $EF5C: STOP key check (+5 bytes)
    The biggest functional difference. At the start of the parallel LOAD path, v3 inserts:
    EF5C JSR $FFE1 ; STOP - check RUN/STOP key
    EF5F BNE $EF5C ; loop if not pressed
    EF61 BEQ $EF2E ; if pressed, abort
    v2 has no STOP key check here — it jumps straight into the transfer. This 3-instruction insertion (5 bytes) shifts all the code that follows by 5 bytes, which accounts for the majority of the single-byte differences (they’re all branch targets and jump addresses adjusted by +5 or +6 to compensate for the shift).
  3. Parallel handshake: SEI added at $F841 (+1 byte)
    v3 adds SEI (disable interrupts) at the entry to the parallel handshake routine. v2 doesn’t disable interrupts. This shifts the code in that block by 1 byte and cascades into further address adjustments.
  4. Parallel transfer timeout: timer-based vs loop-based ($F910–$F968)
    This is the most interesting technical difference. Both ROMs have a timeout when waiting for the drive to respond during parallel detection, but they implement it differently:
    v2 (loop-based):
    F92E LDX #$13 ; outer counter
    F932 LDA $DD0D ; check CIA2 interrupt flags
    F935 AND #$10 ; FLAG pin set?
    F937 BNE $F948 ; yes → drive responded
    F939 DEX ; no → count down
    F93A BNE $F932
    F93C DEC $A5 ; nested loop
    F93E BNE $F932
    Uses a nested DEX/DEC loop (~5000 iterations) as a timeout.

    v3 (CIA timer-based):
    F931 LDA #$FF
    F933 STA $DC07 ; Timer B high byte = $FF
    F936 LDA #$19
    F938 STA $DC0F ; Start timer B, one-shot
    F93B LDA $DD0D ; check FLAG pin
    F93E AND #$10
    F940 BNE $F950 ; drive responded
    F942 LDA $DC06 ; read timer low byte
    F945 CMP $DC06 ; compare with itself (has it changed?)
    F948 BNE $F93B ; timer still running → keep waiting
    Uses CIA1 Timer B for a hardware-timed timeout. More precise and CPU-independent.
  5. Parallel fallback path: error handling ($F88B)
    v2: JSR $EE85 → falls into standard IEC byte receive
    v3: LDA #$00; JMP $EE16 → explicitly loads zero and jumps to a different IEC entry point
  6. Serial LOAD: error recovery ($EFF1)
    v2: JMP $EFCF — unconditional jump to byte receive
    v3: BCS $EFD4 — conditional branch on carry, only retries if carry set
  7. Data table pointer at $F0F1
    v2: BIT $DD0D (2C 0D DD)
    v3: STX $DC0C (8E 0C DC)
    Different CIA register access — v3 writes to the serial port register rather than reading the interrupt flags. This changes how the timer/shift register state is managed after a transfer.
  8. Jump table entries ($F8B1–$F8C9)
    Several address entries in what appears to be a function pointer table are shifted by +6 bytes, consistent with the cumulative code insertion offsets.

Summary

Changev2 (your base) v3
STOP key during parallel LOADNo checkPolls STOP key
Interrupt disable on handshakeNo SEI SEI at entry
Parallel detect timeoutSoftware loopCIA Timer B
Error recovery on serial fallbackUnconditional retryConditional on carry
Version byte $FF80$03$00

v3 appears to be a more defensive build — it adds interrupt protection, hardware-timed timeouts, and a STOP key escape during parallel transfers. These are the kinds of changes you’d make after encountering real-world reliability issues on certain hardware configurations.

Whether v3 is “better” depends on context. The CIA timer approach is more robust, but the STOP key polling loop at $EF5C is a tight busy-wait that could introduce latency. For the Ultimate64’s emulated parallel port, which is inherently reliable, v2’s simpler approach is probably fine.

Looks like version 2 of the 1541 kernal rom is fine for our use case.

I’m using Claude Code in my work at Automattic all the time. It’s been a huge help in getting through bug fixes and adding new features to the various projects I’m working on. I’ll be posting more about WordPress related goodness soon. Stay tuned.

The Venice of the North Rises Again

AI-manipulated photo of St. Patrick Street in Cork city with the road replaced by a canal filled with boats including motorboats and a small rowing boat, with pedestrians walking along the quayside past shops including Barter, with trees and street furniture lining the waterway.

AI-manipulated photo of Washington Street in Cork city with the road replaced by a canal carrying boats including a blue narrowboat named "ORIEL", a white rowing boat, and a blue motor launch with passengers in life jackets, with shops including Kida Hair and Razors Barber visible on either side, a green construction crane in the background, and a South Main Street sign on the right.

Well, I have to hand it to Cork City Council. After years of roadworks, diversions, temporary traffic lights, and that perpetual stretch of Patrick Street that looked like a minor archaeological dig, they’ve finally revealed the masterplan and it’s magnificent. They’ve ripped out the tarmac entirely and restored the old channels of the River Lee that ran beneath the city centre for the past 240 years. St. Patrick Street is now navigable by motorboat, and Washington Street has a functioning canal service complete with what appears to be a narrowboat called the Oriel running a shuttle to the courthouse.

Parking signs have been replaced by mooring cleats. The 220 bus route now terminates at a floating pontoon outside Penneys. I’m told that Eason’s is doing a roaring trade in waterproof editions, and a new Dublin Bikes-style scheme called “Cork Canoes” launches next week, but knowing the council, the docking stations won’t be ready for another while yet.

In fairness, they’ve finally earned the title. Cork: the Venice of the North. Truly, the real capital at last.

Happy April Fools’ Day. These images were obviously generated using AI. Cork City Council has not, to my knowledge, flooded the city, but after some winters, nature has a good go at it herself.

Stopping Web Server Abuse with Fail2Ban

At 4am yesterday morning I was awake. Luckily so, as I checked my email and saw a warning that my VPS had been running at 199% CPU for two hours. I went into my office and checked the logs. Someone had been hammering this site with HEAD requests since just after midnight with nearly 30,000 requests across different URLs in four hours.

If they’d hit the same page repeatedly, cached responses would have handled it. But by requesting thousands of distinct URLs, each request generated a fresh cache file, forcing PHP and the database to do real work every time. My small server was coping, but the load average was high.

I blocked the offending IP in .htaccess immediately. That stopped requests from reaching PHP, but I wanted a proper defence, something that would catch this kind of abuse automatically next time.

I already had Fail2Ban installed. I’d just never configured it for web server attacks. Time to do that.

Fail2Ban works by watching log files for patterns, then banning IPs that match too often. I needed two files: a filter to match Apache access log lines, and a jail to define the thresholds.

First, the filter at /etc/fail2ban/filter.d/apache-ratelimit.conf:

[Definition]

# Matches any request line in Apache access log (combined/common format)
failregex = ^<HOST> -."(GET|HEAD|POST|PUT|DELETE|OPTIONS) .

ignoreregex =

This matches every request in the log.

The jail decides what volume of requests counts as abuse. It lives at /etc/fail2ban/jail.d/apache-ratelimit.conf:

[apache-ratelimit]
enabled = true
filter = apache-ratelimit
logpath = /var/www/logs/access.log

# Triggers a ban after too many requests in a short window
maxretry = 500
findtime = 30

# Ban for 24 hours
bantime = 86400

# Use iptables to drop packets from banned IPs
banaction = iptables-multiport
port = http,https
protocol = tcp

# Allowlist trusted networks
ignoreip = 127.0.0.1

The logic: if a single IP makes more than 500 requests in 30 seconds then ban it for 24 hours. Adjust maxretry and findtime to suit your traffic patterns. Legitimate crawlers and real users won’t come close to these numbers, but an attacker blasting thousands
of requests will trip the threshold fast. These are not the numbers I’m using.

The ignoreip directive keeps trusted networks (monitoring services, your own IPs) from getting caught.

The changes to Fail2Ban are activated with the following command (as root):

systemctl restart fail2ban

And I verified it was running by checking the status:

fail2ban-client status apache-ratelimit

Within a couple of minutes, the offending IP appeared in the banned list. I checked the access log, and there was nothing more from that IP. The requests weren’t just being rejected by Apache; iptables was dropping the packets before they reached the web server at all.
That’s the key advantage over an .htaccess block: banned traffic never touches Apache.

A VPS with limited resources can’t absorb a flood of uncached requests. Caching helps with repeat visits to the same page, but an attacker who rotates URLs defeats that entirely. Fail2Ban shifts the defence from the application layer down to the network
layer, where it’s cheap to enforce.

If you run a small site on a VPS, configure fail2ban for your web server. It takes ten minutes and it works.

Anyway, I presume whoever did that attack is reading this post since they seem to like my blog so much. Why did you do it?

I’m Deleting Google Photos

popup dialog saying "Moving 3290 to bin..." with a progress meter

If you look at r/googlephotos on Reddit you’ll come across several posts from people who have had their accounts banned because of photos they have in their accounts. Most of the time it’s because of family photos of children. I have also seen posts from people who unwisely backed up their WhatsApp images folder, or backed up a drive without looking at what was on it first. Remember that researcher who lost their Google account because they had WWII Nazi documents in their Google Drive?

I have photos there going back to the year 2000, but I never regarded Google Photos as a backup service. It was a fabulous photo-sharing site, but I have barely used it since 2024 and now have my own self-hosted Immich server instead.

Last week I did a Google Takeout of everything, just in case, as it will also download any photos I saved from shared albums.

Today I went to the large photos and videos page and deleted almost every item off that page.

Unfortunately, there isn’t a “delete everything from Google Photos” button. You’ll have to visit photos.google.com and select an image and then scroll down, and down and down… and then with shift pressed, click on the last image to delete. It then may take some time for Google to mark the images as deleted.

Honestly, I expect that the automatic CSAM detection they’re using has already scanned every single photo I’ve uploaded so I’m not worried about that. I’m not uploading anything else there either, but I’ve been meaning to move off Google Photos entirely for a long time.

It is really difficult to do. In my head I know that I have a Takeout backup of everything. I know that all the original photos are on my computer at home, and they’re on Immich now, but selecting photos of familiar smiling faces, of birthday parties, of holidays and festivals, and then clicking DELETE is hard.

They’re my photos. It was nice knowing you Google Photos.

If you want an alternative, self-host Immich or use Pixel Union, a hosted version of Immich where you get 16GB free before you have to pay for more storage. It’s also hosted in the EU, which is even better! I have an account there. I uploaded a few recent photos in this album for you to see what it looks like.

The Enshittificator

He comes from a family with a proud tradition of enshittification, making the world worse.

Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die.

I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a “two sided market,” where a platform sits between buyers and sellers, holding each hostage to the other, raking off an ever-larger share of the value that passes between them.

Cory Doctorow, 2023.

You can also find it on YouTube.

TIL there are people who can’t burp

It never occurred to me that a person couldn’t burp, but it’s a rare condition that was only diagnosed in the last ten years. The host of Vox podcast Unexplainable, Sally Helms suffers from this condition and shared how it affected her life, and how a simple Botox injection to the upper esophageal sphincter in the throat, right behind the larynx, can cure it!

Another sufferer is a sky diver, which caused serious problems for him when he flew into the sky and couldn’t burp.

The show has a transcript, which is worth looking at, if only for the adorable and wholesome times when Sally discovered her burps. 🙂

SALLY: Okay, so also often during this time, I would like get into this really weird position. Like I would, I would do the basically like backing out in the car thing, but I would put my arm on the wall and then I would like, turn my head around and like, dip my chin and crank my head. Um, my family was very supportive, but they were also confused. Like, I burped while I was hanging out with my sister and my dad.

SALLY:  Are you proud of me?

ELIZA: That was a real burp! 

SALLY: I just did a little sputter burp, and you heard, do you, are you proud? 

ELIZA: Oh my God. Yeah. But why did you have to do it in that weird contortion? 

SALLY: I have to to make it come out.

ELIZA: Wow.

<<burp>>

<<laughter>>

MARK HELM (SALLY’S DAD): Good going, Sal!

ELIZA: That was such a weird one!

MARK: Did it come out? 

SALLY: Yeah. Well…

BTW, if you suffer from this condition, join the r/noburp Reddit.

From Screen to Tmux to Zellij

I used GNU screen for years. I don’t think alternatives existed when I started using. It worked everywhere, and I only needed a few features.

The insides of an old PC thrown on the ground outside. Weathered.

Eventually, curiosity pushed me to try tmux a few years ago but I didn’t see what advantage it had over the older software I knew already, so I went back to screen.

So it went for several years, until in the last few days I decided to try tmux again, and I even configured it to use the same CTRL-a shortcut as screen and it worked well! I configured it to switch between tabs like in screen using the 1-0 keys. I could scroll back, just like in screen. It even had a session manager that let me choose which tab to use, although I’m annoyed I had to tap right arrow to expand the list first.

I announced on Slack that I was moving to tmux, and shortly after, someone casually asked, “if you are doing the switch now, have you tried zellij?”

Life with screen

My screen usage was almost aggressively simple:

  • Ctrl-a c to create a new window
  • Ctrl-a 1–0 to jump between windows
  • Ctrl-a a to toggle to the last window
  • ESC and page up to view the scroll back.

That was it, but I used it all the time. The first thing I did on connecting to a server was screen -D -r to connect to screen.

I wasn’t using splits. I wasn’t scripting layouts. Screen was effectively a tab manager for shells, and it did that job reliably for decades. It’s still running like that on my servers, for the moment.

Moving to tmux

The first pleasant surprise was that tmux doesn’t force you to relearn anything.

With a small config change, tmux can behave almost exactly like screen:

  • Ctrl-a prefix
  • number-based window switching
  • last-window toggle
  • better copy/paste
  • better session handling

At that point, tmux felt like screen, but actively maintained. Tmux felt like the natural evolution of screen. I only used it for a day or so, but then I tried Zellij.

Discovering Zellij

Zellij describes itself as a “Terminal Workspace with Batteries Included”. Zellij doesn’t feel like a screen or tmux replacement. It is quite different. Instead of a simple bar at the end of the screen showing the tabs, there’s a menu with keys. Tapping the key combination updates the menu, showing new options. At the top of the screen are the tabs you’ll use. Unlike screen and tmux, there’s no one single shortcut like CTRL-a or CTRL-b, there are multiple. There’s one for each mode: panes, tabs, search and session (plus a few more).

The biggest conceptual shift is this: tmux is tab-first. Zellij is pane-first.

In tmux, I naturally created lots of windows, like I did with screen. I split one or two, but Zellij takes that to the next level.

In Zellij, the expectation is:

  • One tab = one context
  • Panes = the work inside that context

This sounds subtle, but it changes everything. You’re encouraged to create new panes in each tab before you make new tabs.

Discoverability over memorization

Zellij uses modes (pane mode, tab mode, scroll mode), and it shows you available keys on screen.

You don’t need a cheat sheet taped to your monitor. You look down, and the UI tells you what’s possible.

This is something tmux simply doesn’t try to do.

Pane-centric workflows

Zellij really shines when you stop creating tabs constantly and instead:

  • edit code in one pane
  • run or build in another
  • tail logs in a third
  • fullscreen a pane temporarily when you need focus

It feels closer to an IDE or a tiling window manager than a tabbed terminal.

Modern assumptions

Zellij assumes:

  • a modern terminal
  • Unicode support
  • decent fonts
  • OSC 52 clipboard support

That’s great locally. I’ll be interested to see how well it works on my VPS.

The Terminal

I use iTerm2 on a Mac and there were a few things to set up before I could use Zellij fully.

  • In Preferences → Profiles → (your profile) → Terminal make sure that “Mouse Reporting” is checked. That lets you click panes to select them, scroll up a pane, and select text to copy it.
  • Zellij uses the ALT key, but if you use CMD on a Mac the operating system will intercept that. Instead use the Option key. In Preferences → Profiles → Keys set “Left option key” to “Esc+”. That may interfere with copying and pasting though. Now type Option-n to open a new pane!
  • I was seeing odd characters in the UI. Little “?” characters in boxes. I needed a new font: brew install --cask font-jetbrains-mono-nerd-font
    Then in Preferences → Profiles → Text set the font to “JetBrainsMono Nerd Font Mono” or whichever one you prefer. You may have to restart Zellij to see the change.

This is barely touching the surface of what Zellij can do. If you use screen or tmux give it a go.

Walking the Coumloughra Horseshoe hike

I’m not much of a hill walker but John Finn is and filmed a walk there, up Carrauntoohil, the tallest mountain in Ireland and onwards.

It’s a spectacular walk with breathtaking scenery.

John’s video was voted best video of the year by the Mountain Views website (page 58 of the newsletter).

Start something new

I like this. Buy a red chair. Go on adventures.

I found this video on Facebook, on a page that shares highly compressed videos that have been “borrowed” without credit, so I was curious about where it came from. The video was cropped top and bottom with the text “life is short” added in the top border. The video ends in a rather unsatisfying way and I hoped there would be more to it.

A search on YouTube didn’t return any good results, but searching for a screenshot of the “final” frame did. I found a couple of websites talking about it, here and here. Unfortunately the videos embedded in both sites were not working but knowing it was an Ikea video helped me find it on Vimeo, which I have embedded above. It’s been sitting there since 2013. Hopefully it’ll last another few years.

The original video stops a few seconds before the end, leaving the viewer wondering what happened to our adventurer. I can see now he was going on more adventures!

Close

Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Here are a few options.

  • uBlock Origin is a free, open source, ad blocker for your browser.
  • Use pi-hole if you have a spare Raspberry Pi on your network.
  • Set the private DNS settings on your phone to dns.adguard.com to block adverts and trackers.