frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

AI-powered reverse-engineering of Rosetta 2 (for Linux VM)

https://github.com/Inokinoki/attesor
32•inoki•1h ago

Comments

mindwok•1h ago
What exactly is this? It says it's for Linux, but what makes it "for Linux"? I'm curious which parts of Rosetta are Apple silicone specific and which aren't.
inoki•1h ago
Just clarified in the README (by AI as well): https://github.com/Inokinoki/attesor?tab=readme-ov-file#comp...
Retr0id•1h ago
Does it produce runnable binaries?

The repo does not make it clear, but Apple ships Linux builds of Rosetta 2 that can be used inside Linux VMs on apple silicon hardware [0]. With some patches (or so I'm told) it can be made to run on non-apple-silicon arm64 hardware.

Even if it's not fully decompiled yet, it should be possible to relink the decompiled subsections into an original binary.

[0]: https://developer.apple.com/documentation/virtualization/run...

inoki•1h ago
WIP ;) The final target might be to get Intel's Houdini-like binary (but for Intel instructions)
Retr0id•1h ago
re: patches, looks like they've reversed some of the relevant bits: https://github.com/Inokinoki/attesor/commit/233cb459b9db8345... (I was concerned this might be slop but that detail is promising!)
duskwuff•1h ago
That looks more like the AI inventing code to explain observed behavior (cf. "For Linux virtualization environments, we simulate this...").
inoki•1h ago
Yeah, I guess it's losing some contexts. Still need human work if want to make it really work on Linux...
Retr0id•1h ago
Looking closer it does look pretty nonsensical, ugh.
duskwuff•1h ago
> Does it produce runnable binaries?

No. Even the decompiled version is incomplete - there's comments all over it which signal missing code like "could not recover jumptable ... too many branches". The "refactored" version is wildly speculative - it looks more like a very clumsy attempt to write a new translator than to reverse-engineer an existing one.

> With some patches (or so I'm told) it can be made to run on non-apple-silicon arm64 hardware.

With the huge caveat that the generated code will expect TSO to be enabled, and may malfunction on non-TSO ARM systems, particularly when running multithreaded code. (Most ARM systems are non-TSO; Apple Silicon has a MSR to enable TSO.)

selridge•1h ago
This is the way. Gl; hf.