March 14, 2026

Come for the code, stay for the chaos

Article URL →HN comments →

Refinement Modeling and Verification of RISC-V Assembly Using Knuckledragger

Caveman-Named Tool Promises Bug-Free Assembly—Commenters Brawl Over AI-Coded Chips

TLDR: Knuckledragger checks low-level RISC-V assembly against a simple model to catch bugs and curb risky AI-written code. The crowd split between excitement for safer chips and claims the demo’s too tiny, with caveman memes, Python-speed gripes, and “just use Rust” bickering stealing the show.

"Knuckledragger" is a new open-source tool promising to tame RISC‑V assembly—the low‑level language chips speak—by checking that each tiny step does exactly what a simple, high‑level “storyboard” says it should. The dev shows a small demo, plus a walkthrough video and code. Fans say this can catch sneaky bugs, sniff out compiler mistakes, and maybe even keep AI‑generated assembly from shipping with landmines. In short: fewer off‑by‑one disasters, more sleep.

Comments exploded. Security folks called it a “seatbelt for assembly.” Old‑school coders shot back that the example is too tiny—“try an interrupt handler, then talk.” AI‑skeptics begged, “don’t let chatbots near bootloaders,” while formal‑methods nerds cheered the automatic matching between low‑level steps and the clean model. Some side drama: RISC‑V stans declared, “this is how open chips win,” while others grumbled about Python speed and asked why not just use Rust. The tool’s caveman name inspired memes of stone tablets labeled “bisimulation,” and one top joke: “Finally, a knuckledragger who reads proofs.” The vibe: excited but spicy—part promise of safer code, part fear that real‑world complexity will snap the tool in half. Moderates urged, “prove small pieces, then stack them,” calling it a bridge between messy code and clear specs.

Key Points

  • The author presents a Python-based binary verification workflow using Knuckledragger with pypcode (Ghidra semantics).
  • A previous iteration struggled with unwieldy symbolic execution outputs, prompting a redesign toward a high-level model plus mapping from low-level state.
  • A bounded model checking example verifies a simple assembled function property (RAX increments by one) within a small instruction bound.
  • The new feature defines a high-level step function and a high_low mapping; Z3 checks that low-level traces correspond to high-level transitions (bisimulation-like).
  • Code and a video walkthrough are provided to demonstrate the approach and implementation details.

Hottest takes

"Please don’t let ChatGPT near my bootloader" — segfault_sam
"If your proof can’t handle a real ISR, it’s cosplay" — baremetal_bruiser
"This is how RISC‑V wins: boring, verifiable blocks" — opensilicon_optimist

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.