Archive for March 4, 2021

Thursday, March 4, 2021

Reverse-Engineering Rosetta 2

Koh M. Nakagawa (via Hacker News):

I mentioned earlier that a proprietary ABI is used in AOT files. Specifically, the System V AMD64 ABI is used, with the x86_64 registers converted to arm64 registers according to the following table.


The Rosetta 2 runtime is the binary that initializes the emulation process, maps the AOT file onto the memory, and performs JIT translation. When an x86_64 emulation process starts, runtime is mapped onto the memory, and the program counter is set to the entry point of runtime.

One interesting point is that runtime is not a dynamic link library. This is in contrast to the x86 emulation engine xtajit.dll in Windows 10 on Arm.


The logic for JIT translation is also needed is to support the execution of x86_64 applications that generate x86_64 code at runtime (e.g., JavaScript engine uses a JIT compiler).

Multimodal Neurons in Artificial Neural Networks

OpenAI (via Hacker News, paper):

We’ve discovered neurons in CLIP that respond to the same concept whether presented literally, symbolically, or conceptually. This may explain CLIP’s accuracy in classifying surprising visual renditions of concepts, and is also an important step toward understanding the associations and biases that CLIP and similar models learn.


Through a series of carefully-constructed experiments, we demonstrate that we can exploit this reductive behavior to fool the model into making absurd classifications. We have observed that the excitations of the neurons in CLIP are often controllable by its response to images of text, providing a simple vector of attacking the model.

The finance neuron, for example, responds to images of piggy banks, but also responds to the string “$$$”. By forcing the finance neuron to fire, we can fool our model into classifying a dog as a piggy bank.


We refer to these attacks as typographic attacks. We believe attacks such as those described above are far from simply an academic concern. By exploiting the model’s ability to read text robustly, we find that even photographs of hand-written text can often fool the model. Like the Adversarial Patch, this attack works in the wild; but unlike such attacks, it requires no more technology than pen and paper.


When we put a label saying “iPod” on this Granny Smith apple, the model erroneously classifies it as an iPod in the zero-shot setting.

Accidentally Quadratic Parsing With sscanf

T0ST (via Hacker News):

GTA Online. Infamous for its slow loading times. Having picked up the game again to finish some of the newer heists I was shocked (/s) to discover that it still loads just as slow as the day it was released 7 years ago.


Enter stack sampling: for closed source applications there’s only one option. Dump the running process’ stack and current instruction pointer’s location to build a calling tree in set intervals. Then add them up to get statistics on what’s going on.


Disassembling the now-less-obfuscated dump reveals that one of the addresses has a label pulled out of somewhere! It’s strlen? Going down the call stack the next one is labeled vscan_fn and after that the labels end, tho I’m fairly confident it’s sscanf.

It’s parsing something. Parsing what? Untangling the disassembly would take forever so I decided to dump some samples from the running process using x64dbg. Some debug-stepping later it turns out it’s… JSON!


To be fair I had no idea most sscanf implementations called strlen so I can’t blame the developer who wrote this. I would assume it just scanned byte by byte and could stop on a NULL.

And then there’s another quadratic array membership test.

Michael Brown:

The performance problem with sscanf O(N2) in glibc has been known since at least 2014 (see bug 17577). Ironically, if they’d used fscanf (reading from a file instead of loading it into memory first) the problem wouldn’t exist.

Matt Keeter:

This sparked a great deal of discussion: Was this C’s fault? Perhaps “web shit”? Capitalism and incentives?

Still, folks in the comments section generally agreed: they wouldn’t write anything that silly.


Yes, I had made the exact same mistake as the programmers working on GTA Online: I had an accidentally quadratic parser!


As someone that has been programming for many years, this was a perfectly-timed reminder that there are always pitfalls out there. The documentation for sscanf does not include a time complexity, so this is particularly tricky footgun, and I’m sure it’s not the only one lurking in the darkness.

Git (via Hacker News):

This header lists functions that have been banned from our code base, because they’re too easy to misuse (and even if used correctly, complicate audits).


Apple Account Locked Due to Failed Trade-in

Dustin Curtis (tweet, Hacker News, 9to5Mac, David Heinemeier Hansson, John Gruber, Nick Heer):

I went to update a few apps in the App Store on my Mac, I was met with a curious error.

The internet is filled with stories from people whose Google accounts were locked for unexplained reasons, causing them to lose all of their data, including years of email, so I was somewhat concerned. But I’d never heard of similar cases involving Apple’s services, and I wouldn’t expect such behavior from a customer-focused company like Apple, so I figured it was a glitch and made a mental note to try again later.

The next day, stopped working.

Fortunately, iMessage and Photos continued to work.

When I received an email in mid-February asking about the trade-in, I responded (as it had invited me to do) explaining that I never received the kit and asked for another one. I didn’t get a response.

Very soon after, it seems that Apple simply added the amount of the credit I received when I purchased the M1 MacBook Pro to my Apple Card balance. Normally, this wouldn’t be a problem. Imagine if I had used any other credit card – it would have just been an ordinary charge. But because it was the Apple Store and Apple Card, apparently, things escalated very quickly.

Benjamin Mayo (also: MacRumors, John Gruber, Ezekiel Elin):

The company says that Apple Card and Apple ID are not linked in the way that the blog post alleged, and the company does not disable Apple ID services because of missed Apple Card payments.

The situation arose because the trade-in process was left unresolved, and Apple was following its standard procedures in matters of money owed; this is not anything specific to the Apple Card. When an account is marked as in bad standing, use of Apple ID services is restricted; things like Apple Music or App Store purchases. iCloud is wholly separate and is not disabled at all.


If the issue persists, Apple disables all paid services for that Apple ID until the money is recovered — as the account is essentially in debt.

This doesn’t make much sense to me. The apps and music had already been purchased; they are not a debt. I can see preventing additional purchases and maybe partially disabling the computer that was only partially paid for, but repoing unrelated purchases is unnecessarily harsh for what could be as simple as a lost UPS shipment that was not the fault of the customer. And what if you need access to your financial or password app in order to get your credit card in order?

People are saying that it’s good news that missing an Apple Card payment doesn’t endanger your Apple ID, but is the takeaway actually worse, that any type of credit card is susceptible to this problem?


This is entirely unrelated to Apple Card.

As far as I can tell, it really is an Apple Card-specific issue. With a regular credit card, you can imagine that Apple would have pre-authorized a charge for the trade-in in case it didn’t arrive. And if the bank account linked to the card changed, that would not be Apple’s concern. Apple would add the additional charge, which would go on the card account, the issuer would pay Apple, and then from Apple’s point of view there would be no debt.

But with Apple Card you can pay for Apple products monthly with 0% financing, and Apple has apparently made an optimization so that such purchases are paid directly to Apple via ACH from your bank account, rather than via the card issuer. So it very much matters to Apple that the bank details have changed. The ACH will fail. (At that point, you would think Apple could simply add the amount as a regular card charge, subject to interchange fees. That would be more customer friendly. But it’s clear that not only has this not been designed as a coherent system, but the different parts of Apple aren’t even aware of how it works.)

Dave Mark:

No matter, this should be a wake-up call. Do you have a backup plan if your Apple ID suddenly stopped doing its cloud thing?


I think I am less concerned that Apple disabled Dustin’s account as I am that it took so long to address the issue. If the call to Apple customer support had made the issue clear immediately, a couple of clicks would have resolved this. As is, and if true, looks like the left hand didn’t know what the right hand was doing.

Yes, if this is “standard procedure,” why did it take Apple multiple days to tell him what the problem was? Why are the general Apple support people not able to confer with the Apple ID department? Why did they tell him that it was an Apple Card issue but tell the press that it wasn’t? Why did the e-mail say that he could reply to the e-mail (which erroneously referred to an iPhone purhcase) to get his account back when the card issue was resolved, but actually the Goldman Sachs representative had to e-mail a department at Apple and wait a few days? (And that is more evidence that it is related to Apple Card.)


There’s a UX defect with Messages right now where if you delete some conversations in succession, randomly will a modal popup and ask you if you want to report the contact as spam. Some Apple articles will tell you not to worry if you’ve accidentally reported someone as spam, but it actually does something. It’s not a pedestrian crosswalk button.

I found this out the hard way when my wife could no longer send or receive messages nor sign into Messages and we had to contact Apple support. I’ve accidentally reported tons of people as spam because of this stupid Messages experience, and I can only guess that I’ve reported my own wife so many times from clearing all of my Messages conversations that they disabled her Messages account.