iOS emulators

From Emulation General Wiki
Revision as of 05:48, 9 November 2023 by 172.70.207.91 (talk) (Emulators)
Jump to navigation Jump to search

iOS
IOS.png
Developer Apple Inc.
Release date 2007
Emulated ~
This page is about software that emulates iOS on other hardware, like desktops.
For emulators that run on IOS, see Emulators on iOS.

iOS and iPadOS are operating systems created by Apple.

iOS devices started the smartphone craze, which would go on to replace conventional mobile phones in both Japan (which had its own subset of cell phones) and the rest of the world, with more advanced touch-controlled devices.

Formerly, iOS was used for both Apple's phones and tablets. Then, the iOS brand was split into two parts in 2019, with iOS now being the OS exclusively used in the iPhone and the now-defunct iPod Touch. The second half, named iPadOS, is a fork of iOS for iPads that makes use of their larger screens, hence its name. Most iOS apps and games work on iPadOS.

Unlike its direct competitor, Android, there are practically no usable emulators, as the official iOS SDK (macOS-only) only allows for running your own projects, i.e., they run code generated for an x86 target rather than ARM code as used by iOS. Some simulators (e.g., BlackThunder) make use of the simulator in the iOS SDK to run a few chosen iOS apps that are recompiled for x86. Unlike previous emulation trails, BlackThunder first loads a highly trimmed Hackintosh image via VirtualBox, which loads Xcode and an iOS simulator into it, then runs decompiled iOS apps recompiled for the x86 architecture. Appetize.io and other tools that claim to emulate iOS on a web browser are in reality just the iOS simulator in XCode wrapped around a cloud stream to the web browser, and like the iOS XCode simulator, need the source code to run. More recently, touchHLE managed to get a few older iPhone OS apps running by recreating some of iOS’s standard libraries and emulating just the iPhone’s CPU, and nearly the same time, QEMU-iOS got released and can successfully emulate iPhone OS 1.0 on an iPod Touch 1st generation, albeit with bugs.

ROMs

TODO: Merge this with ROM & ISO sites
https://archive.org/details/ipaarchive is the best source for classic ROMs. Just search your app or find collections with your app in it. https://decrypt.day/ is the best source for modern app ROMs that are all free.

Emulators

Name Platform(s) Latest version FLOSS Active Recommended
PC / x86
macOS 11 (Big Sur) and up macOS [N 1] 14.1 (Sonoma)
Corellium Web Web-based
touchHLE Windows macOS 0.2.1 ~
QEMU-iOS macOS Linux git ~
BlackThunder Windows macOS ??? ?
aah macOS ???
ipasim Windows PatchV1.0.1
unidbg Windows macOS Linux 0.9.7 ~
TruEmu Windows Linux macOS ???
xnu-qemu-arm64 Windows Linux macOS ???
iEmu Windows Linux macOS ???
MAME Windows Linux macOS FreeBSD 0.263
Unnamed iOS emulator Windows Unreleased due to touchHLE TBD
Mobile / ARM
touchHLE Android 1.0 ~
Cycada Android Unreleased TBD
  1. Requires Mac computers with Apple Silicon (M series) processors.
macOS 11 and up
Since macOS 11 Big Sur, the 17th major operating system of the macOS line, the operating system for Mac computers has support for iOS and iPadOS applications for Apple Silicon-based Macs. However, some apps cannot be installed directly due to Apple DRM. This can be bypassed using an IPA file and PlayCover/Sideloady.
touchHLE (compatibility)
A promising new endeavor that aims to run older iOS apps by reimplementing standard libraries instead of internal components. Because of this very high-level approach, no dump of the operating system is required. Its initial target is iPhone OS 2.x, with plans to support other 32-bit iOS versions, mainly 3.x and 4.x, as well as the iPad. Development started in December 2022, and its initial 0.1.0 release came out in February 2023. The only officially supported applications are Super Monkey Ball – the dev’s inspiration for the project – which is fully playable and runs at full speed, even on mid-range laptops, as well as Crash Bandicoot Nitro Kart 3D. touchHLE supports running IPA files directly. Super Monkey Ball Lite and Touch & Go Lite, the only supported free games, are the third and fourth ones supported. A game controller is required to control the accelerometer.
Unfortunately, touchHLE is in some sort of a “fork hell” right now. Forks adding support for different apps by ciciplusplus (which are in their GitHub fork of touchHLE, with all but one of them being a real pull request), among a few other pull requests adding more support for iOS apps by other people (in the open pull requests tab) are balkanized with no version providing one complete version of all the touchHLE branches in one. There is no central “canary” branch that adds the functionality of all the forks in one package right now, unfortunately.
QEMU-iOS
Previously unnamed and referred to as “devos50’s qemu fork”, Based on earlier work emulating the S5L8900 and the iPhone 11 in QEMU. It can emulate an iPod Touch 1G running iOS 1.0, including iBoot, the kernel, and the Springboard, although it requires a modified NOR and NAND image. Some features, such as audio and Wi-Fi, are not emulated, and there are multiple crashes.
Corellium
A service made by the Israeli company of the same name that runs any modern iOS devices, some Android devices, or bring-your-own IoT devices on either the cloud or a self-hosted server. Emulation is basically perfect, and they have hardware iOS 10.3 to the latest iOS version, with debugging features and security tools, as well as IPA installing. They also have iPhone 7 to the latest iPhone in terms of hardware. The devices run on an ARM hypervisor. For individuals, it costs 99 USD for two cores, which only has iPhone 7, and 295 USD for six cores, to use modern iPhones. The site also prohibits users under 18 from using their service. The service is also made for cybersecurity, not gaming.
MAME
Very basic iPhone 2G support available here. Unlikely to ever be completed.
BlackThunder
The official iOS SDK (macOS-only) only allows for running your own projects, i.e. they run code generated for an x86 target rather than ARM code as used by iOS. However, some simulators, e.g. BlackThunder, make use of the simulator in the iOS SDK to run a few chosen iOS apps that are recompiled for x86. BlackThunder is a closed-source, commercial iOS simulator that can run a few commercial iOS apps. Unlike previous emulation trails, BlackThunder first loads a highly trimmed Hackintosh image via VirtualBox, which loads Xcode and an iOS simulator into it, then runs iOS apps that are decompiled and recompiled for the x86 architecture.
Cycada
Cycada (2014), formally known as Cider and Chameleon before that is an unreleased research project made by a few folks at Columbia that ran iOS 5.1.1 and experimentally iOS 6 apps at a high, but not perfect quality and compatibility (see paper for list). It is based on pirated iOS libraries. It is seriously not recommended to initiate contact with the developers of the project, as they never planned on releasing it and want people to use their paper to reproduce it with "significant effort". All attempts to release it by contacting them have resulted in them saying they are not interested. You may try to recreate Cycada on your own, provided that you know the internals of Android, iOS, XNU, and Linux. Out of 69 tested apps, 19 apps fully work, 10 work with minor bugs that do not affect functionality, 15 have major errors that affect functionality, and 27 crash. Only one recreation is known to exist, which is also unreleased, and it was made by the creator of DarlingHQ along with two other unknown individuals. It took about a year to develop, and one component of it was released. The one exception where some original code was published was here, to be reused in Darling later on. Jeremy Andrus was accused of being a sellout for leaving the project to work as a kernel programmer (Now a Cloud Computing Efficiency worker) for Apple. The project booted many 32-bit iOS apps successfully, albeit slowly. The last update to this project was in 2017. (NOTE: If you search "Cider APK", you will get iPhone 12 launcher adware) To see the paper, its specifications, its compatible apps, and possibly recreate it, see here
TruEmu
QEMU-t8030 (2022), also known as TruEmu, is an iPhone 11 emulated in QEMU, however, it does not have a display and seems abandoned. TruEmu is a software that offers support for iOS 14 up to the latest iOS 16 and is built to work on iPhone 6S SecureROM hardware. It also provides out-of-box kernel debugging support and USB support (with Firmware Restore) and utilizes Apple's custom CPU features such as SPRR/GXF and custom PAC. Additionally, TruEmu is open-source software.
iEmu
QEMU-s5l89xx-port (also known without the -port) (2012), also known as iEmu, is another failed attempt to get an iPhone running in QEMU, this time the 1st generation. The last commits were made in 2013. Any Android app going by the name iEmu is a *scam* and should be avoided. Nowadays, a malicious APK file going by the iEmu moniker is also being circulated on blogs run by script kiddies claiming to offer a way to run iOS apps on Android. More often than not, they're uploaded with the intention of generating revenue from impressionable users (through pay-per-click URL shorteners) who fall easily for those types of scams. The project started in 2011 but got mysteriously abandoned two years later before anything usable surfaced. All pages related to the project were removed. It's speculated Apple had a hand in this. The name is based on the part number of the original iPhone, and also is known to be called iVM, however, this is unconfirmed.
unidbg
unidbg (2020) is a developer library that allows emulating Android binaries, however, "experimental" iOS support was added sometime in 2021. It is unknown if any apps are supported.
aah
aah (arm64 architecture handler) uses unicorn and libffi to run iOS arm64 binaries on x86_64 macOS, with varying degrees of success. Most things will fail to launch because they need frameworks/symbols that aren't available on macOS. aah relies on the Mac Catalyst frameworks that are present on macOS 10.15. Additionally aah requires the source code of the app to run it, like the iOS simulator/emulator in XCode. https://twitter.com/maczydeco/status/1155588054486310912 https://github.com/zydeco/aah
ipasim
ipasim (2017) is a high-level emulator written in C++ that uses Microsoft's winObjC to recompile 64-bit iOS apps into apps in live. It doesn't support much apps except for really basic ones. It was more focused on apps than games.
xnu-qemu-arm64
A security research emulator created by Aleph. Much like TruEmu, it can partially run iOS, with launch services working correctly.
Unnamed iOS Emulator

This is a Low-Level Emulator made by user “K-8-L-Y-N” discussed on the Darling Discord Server, which can run Springboard and the Calculator.

Darling
Although no iOS support exists at the moment, Darling wants to add support for iOS apps in the “long term”. Although not stated, they might add support for other platforms based on iOS, such as tvOS or watchOS in the future.

Scams

Many of the currently available "simulators" only try recreating popular iOS apps (like browsers) in a PC application with no real emulation involved. Some notable scams in such fashion are called iPadian or variations on the name, and are often malware. iPadian itself is not a real emulator and cannot actually emulate any iOS, iPadOS, or watchOS code and just use recreations that are limited in functionality and are not ports. “AIR iPhone” is also a simulator in Adobe Flash. Malware on Android also goes by the name “iEmu”, “Cider” and “Cycada”, based on the unfinished and unrelated projects of the same name, and is sometimes iOS launcher software that is possibly infected by malware.

  • TikTok videos by the user “iPod Emulator Hype” appear to show QEMU-iOS running on an Android device and a web browser, however, the Android version is confirmed to be a VNC client and faked, with the HTML5 version likely fake as well.
  • Blog sites suggest “iOSEmus” as an iOS emulator for Android devices. In reality, it is an alternate App Store for iOS to install jailbreak tools including console emulators and other tools on iOS 11.

Your best bet, until touchHLE supports your 32-bit app, ARM macOS is able to be virtualized without an ARM Mac (for 64-bit), or a new emulation effort is ever started, is to hope that whatever iOS app you're interested in gets an Android port. This is very rare, especially for Japanese ones, as Android is perceived to be more open to piracy. That appears to be gradually changing lately and isn't of as much concern for non-gaming apps. However, in the U.S., the trend goes to iOS exclusively, including the Faves, Bloom, and the official ChatGPT apps getting iOS versions first.

Apple Inc.
Apple Computer (1998).jpg
Desktop: Apple IApple II Line (Apple IIGS) • Apple III lineLisaMacintosh lineMacOS
Mobile: iPodiOS
Consoles: Pippin