frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

How ZGC allocates memory for the Java heap

https://joelsiks.com/posts/zgc-heap-memory-allocation/
86•lichtenberger•1y ago

Comments

gopalv•1y ago
The 32x virtual memory to physical memory ratio plays into relocation and colored pointers (i.e pointers where some bits serve as flag bits).

Putting the actual data layouts in 44 bits out of 64 is a neat trick which relies on the allocator being aware of the mappings between physical and virtual addresses.

twoodfin•1y ago
When your comment and the article refer to “physical” addresses, those are physical in the context of the JVM, right? To the OS they’re virtual addresses in the JVM process space?
acchow•1y ago
Correct. ZGC has no way to escape from the virtualization by the kernel (assuming your hardware and kernel uses an MMU)
MBCook•1y ago
Thank you for the answer, I was wondering that as well.
hinkley•1y ago
In the beginning of the 32 bit revolution, when the future was here but unevenly distributed, there was a lot of talk about how 32 bit pointers would fundamentally change how people wrote code. Among other things it got rid of a bunch of odd bookkeeping, and if you don’t have to do the bookkeeping you don’t have to write the code in a way that supports it, so you can do other things.

Not too long after someone asked what sort of interesting changes 64 bit will bring. And I’ve been keeping that question in the back of my mind ever since.

Aliasing memory multiple times in order to do read or write barriers and make GC much cheaper is a pretty good one. But another one I know of is that one of the secrets of the L4 microkernel is that its IPC speed comes substantially from reducing the amount of TLB work that needs to be done to switch to another process running in a different address space. They use the same address space and only swap out the access rights which cuts the call overhead in half. It’s pretty easy to put a bunch of processes into a 64 bit address space and just throw each one a randomly located 4GB slice of RAM.

twoodfin•1y ago
Yeah, would love to see the CPU vendors invent some primitives to let user code pull those kinds of privilege isolation tricks within a single process and address space.

Something like: “From now on, code on these pages can only access data on these pages, and only return to/call into other code through these gates…”

hinkley•1y ago
Thread based seems like it at least should be possible.
ahartmetz•1y ago
I've had some ideas about avoiding format validation in IPC receivers if the data is encoded by trusted code, which is also the only code that has rights to send the IPC data / to connect to the receiver. I can't really think of an important problem that it would solve, though. DBus always validates received data, but it's not really meant or very suitable for large amounts of data anyway.
pron•1y ago
For relevant upcoming changes see Automatic Heap Sizing for ZGC: https://openjdk.org/jeps/8329758
twoodfin•1y ago
What I’m looking for is a way for a process to de/re-escalate its privileges to access memory, without an expensive context switch being required at the transition. The CPU would simply enforce different rules based on (say) the high-order bits of the instruction pointer.

Imagine a server process that wants to run some elaborate third-party content parser. It’d be great to be sure that no matter how buggy or malicious that code, it can’t leak the TLS keys.

Today, high-security architectures must use process isolation to achieve this kind of architectural guarantee, but even finely tuned IPC like L4’s is an order of magnitude slower than a predictable jump.

gpderetta•1y ago
For a brief moment Intel supported MPX which did something similar.

You can also play tricks with the virtualization hardware, bit it need kernel support.

Eventually we will get segments back again.

MarkSweep•1y ago
That would be pretty cool. Something like the Win32 function GetWriteWatch, but implemented in hardware instead of the page fault handler (I assume).

https://learn.microsoft.com/en-us/windows/win32/api/memoryap...

Or some sort of special write barrier store op-code, idk.

mike_hearn•1y ago
It exists, that's called MPKs.
twoodfin•1y ago
I don’t think MPK’s will fit the need I have. Simply: Run some arbitrary, untrusted, non-sandboxed code in the same thread with assurance it can’t read page X. When that code completes and I’m back in code I trust, X is readable again.

Is that something MPK makes possible? The doc I’ve read suggests either your process can flip permission bits or it can’t. Great for avoiding out-of-sandbox reads. But if there’s arbitrary execution happening, why can’t that code flip the access to secrets back on?

mike_hearn•1y ago
Oracle Labs has tech that does that:

https://youtu.be/T05FI93MBI8?si=EieFgujaGiW2gbO8&t=958

The trick is to do a cascading disassembly of all untrusted code you'll execute to prove it can't change the MPK register.

twoodfin•1y ago
Wow. Neat trick and exactly the kind of thing I was looking for.

Thanks!

EDIT: Looks like this is the relevant paper from the Graal team: https://www.graalvm.org/resources/articles/binsweep.pdf

jdougan•1y ago
Is that something like the memory protection scheme on the Newton OS?
nyanpasu64•1y ago
Isn't not swapping page tables during a call precisely what the KPTI mitigations had to turn off for Meltdown mitigations?

Many Let's Encrypt renewals had errors today

https://letsencrypt.status.io/#2026
112•widdakay•1h ago•62 comments

Ice Water Drowning Survival After 147-Minute Submersion and Hypothermic Arrest

https://www.jacc.org/doi/10.1016/j.jaccas.2025.104885
83•js2•2h ago•22 comments

To study how chips work, MIT researchers built their own operating system

https://news.mit.edu/2026/to-study-how-chips-really-work-mit-researchers-built-their-own-operatin...
122•speckx•3d ago•10 comments

DuckDB Internals: Why Is DuckDB Fast? (Part 1)

https://www.greybeam.ai/blog/duckdb-internals-part-1
65•marklit•2d ago•35 comments

Gribouille 0.3.0: A Grammar of Graphics for Typst

https://mickael.canouil.fr/posts/2026-06-15-gribouille-0-3/
29•mcanouil•3d ago•1 comments

Zero-Touch OAuth for MCP

https://blog.modelcontextprotocol.io/posts/enterprise-managed-auth/
165•niyikiza•8h ago•60 comments

I found 10k GitHub repositories distributing Trojan malware

https://orchidfiles.com/github-repositories-distributing-malware/
740•theorchid•18h ago•179 comments

Building a robotics research setup that lives next to my desk

https://dfdxlabs.com/research/2026/robotics-setup/
52•mplappert•15h ago•16 comments

Datasette Apps: Host custom HTML applications inside Datasette

https://simonwillison.net/2026/Jun/18/datasette-apps/
58•lumpa•5h ago•18 comments

Ubiquiti: Enterprise NAS, Built on ZFS

https://blog.ui.com/article/introducing-enterprise-nas
312•ksec•15h ago•269 comments

Cell-based architecture for resilient payment systems

https://americanexpress.io/cell-based-architecture-for-resilient-payment-systems/
115•birdculture•3d ago•45 comments

How Japan's railways stayed one while splitting apart

https://arun.is/blog/jr-logo/
78•ddrmaxgt37•1d ago•61 comments

CS 6120: Advanced Compilers: The Self-Guided Online Course (2020)

https://www.cs.cornell.edu/courses/cs6120/2025fa/self-guided/
348•ibobev•19h ago•49 comments

Show HN: Talos – Open-source WASM interpreter for Lean

https://github.com/cajal-technologies/talos
33•mfornet•16h ago•3 comments

Flexport (YC W14) Is Hiring in Indonesia, India, and Thailand

https://www.flexport.com/company/careers/
1•thedogeye•5h ago

Horizons JPL Solar System Data Demo and NASA DSN Updates: Datastar, Common Lisp

https://horizons.lambda-combine.net/
44•adityaathalye•4d ago•1 comments

Hospitals and universities repurposing drugs at lower cost

https://www.kcl.ac.uk/news/hospitals-and-universities-repurposing-drugs-at-90-lower-cost
302•giuliomagnifico•19h ago•130 comments

.gitignore Isn't the only way to ignore files in Git

https://nelson.cloud/.gitignore-isnt-the-only-way-to-ignore-files-in-git/
360•FergusArgyll•19h ago•117 comments

Show HN: Are You in the Weights?

https://www.intheweights.com/
294•turtlesoup•9h ago•157 comments

I told them forced consent was unlawful. 5 years later it cost Elkjop €1.8M

https://www.thatprivacyguy.com/blog/elkjop-forced-consent-fine/
309•speckx•11h ago•152 comments

If your product is Great, it doesn't need to be Good (2010)

http://paulbuchheit.blogspot.com/2010/02/if-your-product-is-great-it-doesnt-need.html
55•skogstokig•3d ago•35 comments

Zork name origin got an update on Wikipedia

https://www.dpolakovic.space/blogs/zork-part2#update
77•dpola•9h ago•12 comments

Launch HN: TesterArmy (YC P26) – Agents that test web and mobile apps

https://tester.army
112•okwasniewski•15h ago•49 comments

W Social, public institutions and the theater of European digital sovereignty

https://blog.elenarossini.com/w-social-public-institutions-and-the-theater-of-european-digital-so...
194•nemoniac•17h ago•127 comments

Modos Color Monitor Pushes E-Paper Displays Further

https://spectrum.ieee.org/modos-e-paper-monitor
255•Vinnl•18h ago•67 comments

Noam Shazeer Joins OpenAI

https://twitter.com/NoamShazeer/status/2067400851438932297
318•lukasgross•1d ago•310 comments

Swiss parliament lifts ban on new nuclear power plants

https://www.bluewin.ch/en/news/switzerland/parliament-lifts-ban-on-new-nuclear-power-plants-32575...
740•leonidasrup•15h ago•648 comments

How Alberta Eradicated Rats

https://worksinprogress.co/issue/albertas-war-on-rats/
161•tzury•17h ago•114 comments

Show HN: Gerrymandle - Daily puzzle game where you redraw electoral districts

https://gerrymandle.cc/
163•realmofthemad•15h ago•68 comments

The Token Compression Illusion: Why I'm Skeptical of RTK

https://mroczek.dev/articles/the-token-compression-illusion-why-im-skeptical-of-rtk/
95•lackoftactics•12h ago•99 comments