Anyone skilled in disassembling/hex editing?

Jul 29, 2012
OsX Mountain Lion 10.8.2
Intel Core I5 3570K 3.4 GHZ
Intel HD 4000 Integrated Graphics
Classic Mac
Mobile Phone
We're working to add Quartz Extreme/Core Image support to an Intel integrated graphics card closely related to the GMA950 family. The card in question is the GMA3150. For this task, we choose to work with the 10.7.x GMA950 kext, only because it's the one with we're getting better results until now, and Lion is the last iteration of OSX that supports GMA950. But Mountain Lion is a mid-term goal, and adding full GMA950 support under 10.8.x could be a good side effect of this effort we're making (possibly using the 64-bit GMA950 10.6.2 kext, which is already being used with partial success).

Here's what we already achieved:

- The GMA950 kext load and recognizes the 3150 card. QE/CI is enabled, but the drivers are unusably slow (the boot time can exceed 30 min. or more just to get to the desktop);
- Other side effect was a cursor corruption that meklort was able to correct;
- When we add the correct same subsystem vendor and device IDs to the kext, the slowness is corrected and we get OpenGL support, but no QE/CI;
- In Mountain Lion, loading the patched kexts results in slowness and no QE/CI, but it's probably related to the fact it's unsupported in ML;
- By analizing the Linux drivers and other data for both GMA950 and GMA3150, we managed to isolate the parameters we should look for to correct the above issues. The problem is that, since we don't have access to the source of the GMA950 kexts, we have to work with the binaries, which means that hex editing/disassembling are crucial to the complete success we're so close to achieve. Unfortunately, neither arches (who's made the better part of the work, patching and research) nor me are skilled enough in these fields to effectively do something. So we're asking for your help.

Here's the webpage where we're posting our results:

Thank you!


Dec 3, 2010
Gigabyte GA-H55M-S2V
Intel i3-530
HIS HD 6570
Classic Mac
Mobile Phone
general disassembly uses `otool` from Terminal (installed w/ Xcode), there are a few good uses, among others:
Loaded Libraries said:
otool -XL <binary>
Own Library said:
otool -XD <dylib>
All load commands said:
otool -Xl <binary>
Just OSX Versions said:
otool -Xl <binary> | grep -A 3 MAC
Obj-c Disassembly said:
otool -qXVo <binary>
General Disassembly said:
otool -qXVt <binary>
Disassemble with filter said:
otool -qXVt <binary> | c++filt
Symbol Table said:
nm <binary>
Note that "q" above uses the llvm (low-level virtual machine, the Clang compiler toolchain, replaces GCC) which generally produces better assembly. If you see functions like __ZN, use c++filt to unmangle the function names. "X" strips any headers or addresses from the output.

i forgot to mention that using `otool` to read the mach/fat-binary header is usually more trouble than just using `file <binary>`. File will tell you the type (dynamic, archive, executable, etc) and architecture(s). Rarely the "k" flag is necessary (keep-going). Of course `man otool` and `man file` will provide more comprehensive info.