Reverse-Engineering Rosetta 2

Koh M. Nakagawa (via Hacker News):

I mentioned earlier that a proprietary ABI is used in AOT files. Specifically, the System V AMD64 ABI is used, with the x86_64 registers converted to arm64 registers according to the following table.

[…]

The Rosetta 2 runtime is the binary that initializes the emulation process, maps the AOT file onto the memory, and performs JIT translation. When an x86_64 emulation process starts, runtime is mapped onto the memory, and the program counter is set to the entry point of runtime.

One interesting point is that runtime is not a dynamic link library. This is in contrast to the x86 emulation engine xtajit.dll in Windows 10 on Arm.

[…]

The logic for JIT translation is also needed is to support the execution of x86_64 applications that generate x86_64 code at runtime (e.g., JavaScript engine uses a JIT compiler).

Apple M1 Assembly Language dyld Just-In-Time Compilation (JIT) Mac macOS 11.0 Big Sur Programming Rosetta

Comments RSS · Twitter

Leave a Comment