qemu-t8030
qemu-t8030 copied to clipboard
TrungNguyen1909
Springboard support?
Hey, does Springboard support started to began?
I would love to have a complete iOS experience (obviously not in the following months, I am myself a programmer and can understand the nightmares of creating an emulator, especially when it comes to Apple devices...) like with the MacOS emulation on Qemu on GitHub too.
Thanks!
Hi,
we are making some progress on that, but I cant really make any estimation on when it will be usable.
Ahhh cool! Someday we will be able to run iOS 15 apps on PC using this project :smile:
Have you tried with gpu=0 boot argument? (source: Corellium) Basically this forces SpringBoard to do software rendering. I tested this argument on a physical device: UI lags as expected, Safari no longer exposes WebGL, so I guess you may find some luck here.
@khanhduytran0 ahh, I tried adding that, but SpringBoard is still crashing in CoreImage (-[CIContext init])
Can I have a look into ObjC error(?) and backtrace?
Also, maybe you could try these CoreImage-related environment variables: CI_ENABLE_METAL_GPU=0 CI_FORCE_SOFTWARE_GL=1 CI_USE_SW=1 (all of these are undocumented so I’m unsure what could change)
@khanhduytran0 Ahh, certainly!!
I'm working on the iPhone 6S model so...
SpringBoard-2022-12-27-053229.ips.txt
Symbolicated:
Process: SpringBoard [56]
Hardware Model: iPhone8,1
OS Version: 14.0
BuildID: 18A373
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype:
KERN_INVALID_ADDRESS at 0x0000000000000000
VM Region Info: 0 is not in any region. Bytes before following region: 4372103168
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
UNUSED SPACE AT START
--->
__TEXT 104990000-104994000 [ 16K] r-x/r-x SM=COW ...p/SpringBoard
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [56]
Triggered by Thread: 35
Thread 35 name: Dispatch queue: com.apple.UserNotificationsUI.BulletinNotificationSource
Thread 35 Crashed:
1: CoreImage (slide=0xd308000) 0x1954cd400 __ZN2CI9GLContextC2ENS0_16ShareContextInfoEP12CGColorSpaceS3_NS_11PixelFormatEbmbb + 416
2: CoreImage (slide=0xd308000) 0x1954cd43c __ZN2CI9GLContextC1ENS0_16ShareContextInfoEP12CGColorSpaceS3_NS_11PixelFormatEbmbb + 24
3: CoreImage (slide=0xd308000) 0x195351ffc +[CIContext(Internal) internalContextWithEAGLContext:options:] + 768
4: CoreImage (slide=0xd308000) 0x19534f360 -[CIContext initWithOptions:] + 608
5: MobileIcons (slide=0xd308000) 0x1b23805c4 ___67+[CIContext(IconServicesAdditions) _MI_sharedIconCompositorContext]_block_invoke + 204
6: libdispatch.dylib (slide=0xd308000) 0x18d3ad280 __dispatch_client_callout + 16
7: libdispatch.dylib (slide=0xd308000) 0x18d37ed5c __dispatch_once_callout + 28
8: MobileIcons (slide=0xd308000) 0x1b23804f4 +[CIContext(IconServicesAdditions) _MI_sharedIconCompositorContext] + 68
9: MobileIcons (slide=0xd308000) 0x1b2380bdc __LICGImageCreateCoreImageLanczosScaled + 480
10: MobileIcons (slide=0xd308000) 0x1b2380908 __LICGImageCreateScaled + 240
11: MobileIcons (slide=0xd308000) 0x1b237eed8 ____createApplicationIconFromImage_block_invoke + 1044
12: MobileIcons (slide=0xd308000) 0x1b237df10 __createIcon + 216
13: MobileIcons (slide=0xd308000) 0x1b237cfe8 __createApplicationIconFromImage + 88
14: MobileIcons (slide=0xd308000) 0x1b237a730 _LICreateIconForImages + 284
15: MobileIcons (slide=0xd308000) 0x1b237a5d8 _LICreateIconForImage + 80
16: UIKitCore (slide=0xd308000) 0x18fbb48bc -[UIImage(UIApplicationIconPrivate) _applicationIconImageForFormat:precomposed:idiom:scale:] + 212
17: UIKitCore (slide=0xd308000) 0x18fbb47bc -[UIImage(UIApplicationIconPrivate) _applicationIconImageForFormat:precomposed:scale:] + 112
18: UIKitCore (slide=0xd308000) 0x18fbb4724 -[UIImage(UIApplicationIconPrivate) _applicationIconImageForFormat:precomposed:] + 96
19: UserNotificationsUIKit (slide=0xd308000) 0x1add94310 -[BBSectionIcon(UserNotificationsUIKit) nc_imageForFormat:scale:] + 328
20: UserNotificationsUIKit (slide=0xd308000) 0x1add871f4 +[NCNotificationSectionSettings(Bulletin) notificationSectionSettingsForBBSectionInfo:] + 1400
21: UserNotificationsUIKit (slide=0xd308000) 0x1adddd620 -[NCBulletinNotificationSource observer:updateSectionInfo:] + 196
22: BulletinBoard (slide=0xd308000) 0x1a658c7bc ___32-[BBObserver updateSectionInfo:]_block_invoke + 96
23: libdispatch.dylib (slide=0xd308000) 0x18d3ac298 __dispatch_call_block_and_release + 24
24: libdispatch.dylib (slide=0xd308000) 0x18d3ad280 __dispatch_client_callout + 16
25: libdispatch.dylib (slide=0xd308000) 0x18d3894fc __dispatch_lane_serial_drain$VARIANT$armv81 + 568
26: libdispatch.dylib (slide=0xd308000) 0x18d38a01c __dispatch_lane_invoke$VARIANT$armv81 + 456
27: libdispatch.dylib (slide=0xd308000) 0x18d393808 __dispatch_workloop_worker_thread + 692
28: libsystem_pthread.dylib (slide=0xd308000) 0x1d301c5a4 __pthread_wqthread + 272
29: libsystem_pthread.dylib (slide=0xd308000) 0x1d301f874 _start_wqthread + 8
Thread 35 State:
x0: 0x0000000000000000 x1: 0x0000000000000b71 x2: 0x00000000000120a8 x3: 0x000000010527f007
x4: 0x000000016c8199c0 x5: 0x0000000000000010 x6: 0x000000000000000a x7: 0x0000000000000023
x8: 0x0000000000000000 x9: 0xb596878ef6d10028 x10: 0x00000001e25ce8c8 x11: 0x0000000000000002
x12: 0x00000000fffffffd x13: 0x0000010000000000 x14: 0x0000000000000000 x15: 0x0000000000000000
x16: 0x0000000000000000 x17: 0x0000000000000001 x18: 0x0000000000000000 x19: 0x0000000104bd1060
x20: 0x0000000104bd1204 x21: 0x0000000000000000 x22: 0x0000000000000000 x23: 0x0000000000000001
x24: 0x0000000000000000 x25: 0x0000000000000000 x26: 0x0000000000000000 x27: 0x0000000000000001
x28: 0x0000000000000000 fp: 0x000000016c819c40 lr: 0x00000001954cd0cc
sp: 0x000000016c819950 pc: 0x0000000000000000 cpsr: 0x60000800
esr: 0x82000006
Hm, seems like it is forcing to use OpenGL anyway, even with +[CIContext contextWithCGContext:options:] and kCIContextUseSoftwareRenderer being set :thinking:
My test was done on iOS 12. I tried on iOS 14.3 but it turned out to ignore gpu=0. It appears that Apple took away CoreImage software rendering since iOS 13 (Corellium added GPU support at the same time)
I think it can be worked around by just hooking +[CIContext internalContextWithEAGLContext:options:] to return nil, hopefully making any calls to the context no-op.
@TrungNguyen1909 hi again, is IOMFB support pushed? I couldn't get it to work
*** Assertion failure in FBSDisplayConfiguration *__sb__mainDisplayConfiguration()_block_invoke(), _SBSPrefixHelper.m:52
*** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'we expect a mainDisplayConfiguration - CADisplayClass: CADisplay, mainDisplay: (null)'
@ChefKissInc @khanhduytran0,
The problem is, I've a backlog of stuff that should be committed together with IOMFB, so I can't commit that part right now.
On the other hand, we just got Springboard running properly~~
I'm working on Multitouch stuff rn.
@TrungNguyen1909 Can you commit it to another branch? It's been several months.
It's been so long, me and @NyanCatTW1 have already single-handedly gotten hackintoshes with AMD integrated GPUs working on macOS Big Sur & published it already, in comparison.
Really? Where??
Idk if I'm allowed to send that here, and uh, there's a lot of work to do so I haven't published it yet. Kidding, check my profile's pinned repositories. Do note it's still experimental, but it's relatively stable
Does this boot the Springboard, or is it just one of many drivers needed to get it working? Either way, nice work!
Did you read my comment? It says AMD iGPUs on macOS, meaning macOS hackintoshes. Don't know what Springboard has to do with it I know this is unrelated to the thread itself, but I placed it as a comparison point for how slow this has been worked on. Our project had more RE than code involved as well. Rephrased the original comment, I apologise for the confusion