jix.one

muncho

Tagged compression, demoscene

Muncho was my attempt of writing an OS X executable packer targeted at 4k intros. Essentially a Mac equivalent of the popular Windows 4k packer Crinkler.

This type of packer works by implementing a custom linker for object files. Instead of generating a normal executable file that uses library symbols that will be resolved by the system’s dynamic linker, it generates an executable that contains a tiny decompressor-stub for a custom compression format (using context mixing) with a payload that it decompresses and then jumps to.

The decompressed-payload then contains a table of used library symbols in a custom format. To avoid storing long symbol names, that table only contains a hash of the used symbol. Also included is a stub that resolves the addresses of the symbols via their hashes by walking tables created by the system’s dynamic linker.

The final part contained in the decompressed payload is the code linked from the input object files, linked in such a way that any external symbols refer to the addresses resolved in the previous step.

A muncho powered 4k intro

Together with the release of muncho, I released a 4k intro “kx” at Evoke 2008. The easiest way to watch it these days is probably via the YouTube recording but it’s mostly compression artifacts. Since I only got muncho working shortly before the Party, the whole intro, including the softsynth, was coded at the party.

Bitrot

To save as many bytes as possible, the outer executable contains the bare minimum that was required for the kernel and dynamic linker to load the binary, setup some data structures and jump to my code. This included partially overlapping different mach-o structures, filling data required by the mach-o spec but not actually used by the dynamic linker with part of the code or data used for decompressing and other tricks like that.

Not long after writing muncho, I switched from OS X to Linux and stopped maintaining muncho. Unsurprisingly it turned out not all of the tricks I used to minimize the overhead required for the outer executable headers were robust across OS X versions, and it quickly stopped working.

In the following years I had a few people asking for muncho’s source code for porting it to newer OS X versions, but as far as I know, no one who I gave the source to did end up getting it to work on newer versions. I also barely knew what I was doing when I started writing muncho and maintaining it would likely have required essentially rewriting large parts of it.