frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Removing the modem and GPS from my 2024 RAV4 hybrid

https://arkadiyt.com/2026/05/13/removing-the-modem-and-gps-from-my-rav4/
849•arkadiyt•16h ago•438 comments

Show HN: GlycemicGPT – Open-source AI-powered diabetes management

https://github.com/GlycemicGPT/GlycemicGPT
13•jlengelbrecht•4h ago•2 comments

Solar-based sleep patterns compared to modern norms

https://dylan.gr/1775146616
59•James72689•5h ago•43 comments

Building ML framework with Rust and Category Theory

https://hghalebi.github.io/category_theory_transformer_rs/
15•adamnemecek•16h ago•2 comments

A few words on DS4

https://antirez.com/news/165
303•caust1c•10h ago•112 comments

Details of the Daring Airdrop at Tristan Da Cunha

https://www.tristandc.com/government/news-2026-05-11-airdrop.php
123•kspacewalk2•5h ago•28 comments

UK government replaces Palantir software with internally-built refugee system

https://www.bbc.com/news/articles/c2l2j1lxdk5o
167•cdrnsf•10h ago•57 comments

RTX 5090 and M4 MacBook Air: Can It Game?

https://scottjg.com/posts/2026-05-05-egpu-mac-gaming/
592•allenleee•17h ago•144 comments

First public macOS kernel memory corruption exploit on Apple M5

https://blog.calif.io/p/first-public-kernel-memory-corruption
360•quadrige•14h ago•81 comments

Gyroflow: Video stabilization using gyroscope data

https://github.com/gyroflow/gyroflow
82•nateb2022•2d ago•14 comments

New Nginx Exploit

https://github.com/DepthFirstDisclosures/Nginx-Rift
373•hetsaraiya•16h ago•82 comments

Mullvad exit IPs are surprisingly identifying

https://tmctmt.com/posts/mullvad-exit-ips-as-a-fingerprinting-vector/
370•RGBCube•6h ago•211 comments

reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops

https://discuss.grapheneos.org/d/35428-recaptcha-mobile-verification-is-bringing-the-play-integri...
67•Cider9986•6h ago•38 comments

Codex is now in the ChatGPT mobile app

https://openai.com/index/work-with-codex-from-anywhere/
324•mikeevans•13h ago•165 comments

Access to frontier AI will soon be limited by economic and security constraints

https://writing.antonleicht.me/p/cut-off
148•thoughtpeddler•8h ago•129 comments

Tesla Wall Connector bootloader bypasses the firmware downgrade ratchet

https://www.synacktiv.com/en/publications/exploiting-the-tesla-wall-connector-from-its-charge-por...
96•p_stuart82•12h ago•41 comments

Coldkey – Post-quantum age key generation and paper backup tool

https://github.com/pike00/coldkey
17•pike00•5h ago•6 comments

Rewrite Bun in Rust has been merged

https://github.com/oven-sh/bun/pull/30412
641•Chaoses•1d ago•700 comments

Porting 3D Movie Maker to Linux

https://benstoneonline.com/posts/porting-3d-movie-maker-to-linux/
122•speckx•3d ago•23 comments

Claude for Legal

https://github.com/anthropics/claude-for-legal
90•Einenlum•12h ago•82 comments

HDD Firmware Hacking

https://icode4.coffee/?p=1465
187•jsploit•17h ago•25 comments

RISC-V Router

https://router.start9.com/
121•janandonly•13h ago•62 comments

What's in a GGUF, besides the weights – and what's still missing?

https://nobodywho.ooo/posts/whats-in-a-gguf/
146•bashbjorn•15h ago•45 comments

OVMS: Open source electric vehicle remote monitoring, diagnosis and control

https://www.openvehicles.com/home
76•BHSPitMonkey•11h ago•12 comments

LLM Policy for Rust Compiler

https://github.com/rust-lang/rust-forge/pull/1040
78•liyanage•9h ago•41 comments

How Claude Code works in large codebases

https://claude.com/blog/how-claude-code-works-in-large-codebases-best-practices-and-where-to-start
160•shenli3514•5h ago•117 comments

New arXiv policy: 1-year ban for hallucinated references

https://twitter.com/tdietterich/status/2055000956144935055
489•gjuggler•12h ago•158 comments

More than sixty percent of the United States is experiencing drought conditions

https://news.vt.edu/articles/2026/05/drought-united-states-la-nina-expert.html
195•littlexsparkee•10h ago•75 comments

Infracost (YC W21) Is Hiring Sr Dev Advocate to make agents cloud cost-aware

https://www.ycombinator.com/companies/infracost/jobs/NzwUQ7c-senior-developer-advocate
1•akh•12h ago

Ask HN: How to be SOC2 Type 2 compliant as a solo-entreprenuer?

24•sochix•2h ago•28 comments
Open in hackernews

Writing a Self-Mutating x86_64 C Program (2013)

https://ephemeral.cx/2013/12/writing-a-self-mutating-x86_64-c-program/
118•kepler471•11mo ago

Comments

belter•11mo ago
I guess in OpenBSD because of W ^ X this would not work?
akdas•11mo ago
I was thinking the same thing. Usually, you'd want to write the new code to a page that you mark as read and write, then switch that page to read and execute. This becomes tricky if the code that's doing the modifying is in the same page as the code being modified.
timewizard•11mo ago
The way it's coded it wouldn't; however, you can map the same shared memory twice. Once with R|W and a second time with R|X. Then you can write into one region and execute out of it's mirrored mapping.
rkeene2•11mo ago
In Linux it also needs mprotect() to change the permissions on the page so it can write it. The OpenBSD man page[0] indicate that it supports this as well, though notes that not all implementations are guaranteed to allow it, but my guess is it would generally work.

[0] https://man.openbsd.org/mprotect.2

Retr0id•11mo ago
It's not required on linux, if the ELF headers are set up such that the page is mapped rwx to begin with. (but rwx mappings are generally frowned upon from a security perspective)
mananaysiempre•11mo ago
Not as is, but I think OpenBSD permits you to map the same memory twice, once as W and once as X (which would be a reasonable hoop to jump through for JITs etc., except there’s no portable way to do it). ARM64 MacOS doesn’t even permit that, and you need to use OS-specific incantations[1] that essentially prohibit two JITs coexisting in the same process.

[1] https://developer.apple.com/documentation/apple-silicon/port...

saagarjha•11mo ago
No, the protection is per-thread. You can run the JITs in different threads
alcover•11mo ago
I often think this could maybe allow fantastic runtime optimisations. I realise this would be hardly debuggable but still..
Retr0id•11mo ago
It already does, in the form of JIT compilation.
alcover•11mo ago
OK but I meant in already native code, like in a C program - no bytecode.
Retr0id•11mo ago
I mean that, too.
connicpu•11mo ago
LuaJIT has a wonderful dynamic code generation system in the form of the DynASM[1] library. You can use it separately from LuaJIT for dynamic runtime code generation to create machine code optimized for a particular problem.

[1]: https://luajit.org/dynasm.html

lmm•11mo ago
If you are generating or modifying code at runtime then how is that different from bytecode? Standardised bytecodes and JITs are just an organised way of doing the same thing.
vbezhenar•11mo ago
I used GNU lightning library once for such optimisation. I think it was ICFPC 2006 task. I had to write an interpreter for virtual machine. Naive approach worked but was slow, so I decided to speed it up a bit using JIT. It wasn't a 100% JIT, I think I just implemented it for loops but it was enough to tremendously speed it up.
userbinator•11mo ago
Programs from the 80s-90s are likely to have such tricks. I have done something similar to "hardcode" semi-constants like frame sizes and quantisers in critical loops related to audio and video decompression, and the performance gain is indeed measurable.
alcover•11mo ago
> "hardcode" semi-constants

You mean you somehow avoided a load. But what if the constant was already placed in a register ? Also how could you pinpoint the reference to your constant in the machine code ? I'm quite profane about all this.

ronsor•11mo ago
> Also how could you pinpoint the reference to your constant in the machine code?

Not OP, but often one uses an easily identifiable dummy pattern like 0xC0DECA57 or 0xDEADBEEF which can be substituted without also messing up the machine code.

mananaysiempre•11mo ago
If you’re willing to parse object files (a much easier proposition for ELF than for just about anything else), another option is to have the source code mention the constants as addresses of external symbols, then parse the relocations in the compiled object. Unfortunately, I’ve been unable to figure out a reliable recipe to get a C compiler to emit absolute relocations in position-independent code, even after restricting myself to GCC and Clang for x86 Linux; in some configurations it works and in others you (rather pointlessly) get a PC-relative one followed by an add.
userbinator•11mo ago
All the registers were already taken.

You use a label.

econ•11mo ago
The 80's:

Say you set a value for some reason. Later you have to check IF it is set. If the condition needs to be checked many times you replace it with the code (rather than set a value to check some place). If you need to check if something is still true repeatedly you replace the condition check with no-ops when it isn't true.

Also funny are insanely large loop unrolls with hard coded valued. You could make a kind of rainbow table of those.

barchar•11mo ago
It sometimes can, but you then have to balance the time spent optimizing against the time spent actually doing whatever you were optimizing.

Also on modern chips you must wait quite a number of cycles before executing modified code or endure a catastrophic performance hit. This is ok for loops and stuff, but makes a lot of the really clever stuff pointless.

The debuggers software breakpoints _are_ self-modifying code :)

112233•11mo ago
Linux kernel had the same idea, and now they have "static keys". It's both impressive and terrifying.
oxcabe•11mo ago
It's impressive how well laid out the content in this article is. The spacing, tables, and code segments all look pristine to me, which is especially helpful given how dense and technical the content is.
AStonesThrow•11mo ago
It was designed by Elves on Christmas Island where Dwarves run the servers and Hobbits operate the power plant
f1shy•11mo ago
I have the suspicion that there is a high correlation between how organized the content is, and how organized and clear the mind of the writer is.
ivanjermakov•11mo ago
I had a great experience writing self modified programs is a single instruction programming game SIC-1: https://store.steampowered.com/app/2124440/SIC1/
ycombinatrix•11mo ago
Cool recommendation, will give it a try.
Someone•11mo ago
Fun article, but the resulting code is extremely brittle:

- assumes x86_64

- makes the invalid assumption that functions get compiled into a contiguous range of bytes (I’m not aware of any compiler that violates that, but especially with profile-guided optimization or compilers that try to minimize program size, that may not be true, and there is nothing in the standard that guarantees it)

- assumes (as the article acknowledges) that “to determine the length of foo(), we added an empty function, bar(), that immediately follows foo(). By subtracting the address of bar() from foo() we can determine the length in bytes of foo().”. Even simple “all functions align at cache lines” slightly violates that, and I can see a compiler or a linker move the otherwise unused bar away from foo for various reasons.

- makes assumptions about the OS it is running on.

- makes assumptions about the instructions that its source code gets compiled into. For example, in the original example, a sufficiently smart compiler could compile

  void foo(void) {
    int i=0;
    i++;
    printf("i: %d\n", i);
  }
as

  void foo(void) {
    printf("1\n");
  }
or maybe even

  void foo(void) {
    puts("1");
  }
Changing compiler flags can already break this program.

Also, why does this example work without flushing the instruction cache after modifying the code?

nekitamo•11mo ago
For the mainstream OSes (Windows, OSX, Linux Android) You don't need to flush the instruction cache on most x86 CPUs after modifying the code segment dynamically, but you do on ARM and MIPS.

This has burned me before while writing a binary packer for Android.

saagarjha•11mo ago
They check all those assumptions by disassembling the code.
Cloudef•11mo ago
> self-modifying code > brittle

I mean that is to be very much expected, unless someone comes up with a programming language that fully embraces the concept.

znpy•11mo ago
The author clearly explained that the whole article is more a demonstration for illustrative purposes than anything else.

> Changing compiler flags can already break this program.

That's not the point of the article.

xixixao•11mo ago
I’ve been thinking a lot about this topic lately, even studying how executables look on arm macOS. My motivation was exploring truly fast incremental compilation for native code.

The only way to do this now on macOS is remapping whole pages as JIT. This makes it quite a challenge but still it might work…

Cloudef•11mo ago
Kaze Emanuar's "Optimizing with Bad Code" video also goes briefly go through self-modifying code https://www.youtube.com/watch?v=4LiP39gJuqE
pfdietz•11mo ago
A program that can generate, compile, and execute new code is nothing special in the Common Lisp world. One can build lambda expressions, invoke the compile function on them, and call the resulting compiled functions. One can even assign these functions to the symbol-function slot of symbols, allowing them to be called from pre-existing code that had been making calls to that function named by that symbol.
BenjiWiebe•11mo ago
I know that no other language can match Lisp, but many languages can generate and execute new code, if they're interpreted. Compile, too, if they're JITted. They all require quite a bit of runtime support though.
DrZhvago•11mo ago
Someone correct me if I am wrong, but self-mutating code is not as uncommon as the author portrays it. I thought the whole idea of hotspot optimization in a compiler is essentially self-mutating code.

Also, I spent a moderately successful internship at Microsoft working on dynamic assemblies. I never got deep enough into that to fully understand when and how customers where actually using it.

https://learn.microsoft.com/en-us/dotnet/fundamentals/reflec...

iamcreasy•11mo ago
Is it possible to mutate the text segment by another process? For example, injecting something malicious instead of exec-ing a shell?