frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Iceland declares ocean-current instability a national security risk

https://www.dagens.com/news/iceland-declares-ocean-current-instability-a-national-security-risk
208•donohoe•3h ago•92 comments

It's Always the Process, Stupid

https://its.promp.td/its-always-the-process-stupid/
203•DocIsInDaHouse•4h ago•74 comments

Hardening the C++ Standard Library at scale

https://queue.acm.org/detail.cfm?id=3773097
38•ndesaulniers•6d ago•4 comments

An Update on the Farphone's Battery

https://far.computer/battery-update/
11•birdculture•39m ago•8 comments

DNS LOC Record (2014)

https://blog.cloudflare.com/the-weird-and-wonderful-world-of-dns-loc-records/
96•mikejeays•4h ago•27 comments

Hachi: An Image Search Engine

https://eagledot.xyz/hachi.md.html
81•warangal•5h ago•11 comments

Show HN: Network Monitor – a GUI to spot anomalous connections on your Linux

11•grigio•5d ago•4 comments

Bronze Age mega-settlement in Kazakhstan has advanced urban planning, metallurgy

https://archaeologymag.com/2025/11/bronze-age-mega-settlement-in-kazakhstan/
67•CGMthrowaway•1w ago•9 comments

Zero Knowlege Proof of Compositeness

https://www.johndcook.com/blog/2025/11/29/zkp-composite/
9•ColinWright•1h ago•1 comments

AccessOwl (YC S22) Is Hiring a Technical Account Manager (IAM)

https://www.ycombinator.com/companies/accessowl/jobs/dGC3pcO-technical-account-manager-identity-a...
1•philipeller•1h ago

We're learning more about what Vitamin D does to our bodies

https://www.technologyreview.com/2025/11/21/1128206/vitamin-d-bodies-bone-health-immune/
65•Brajeshwar•1h ago•29 comments

The CRDT Dictionary: A Field Guide to Conflict-Free Replicated Data Types

https://www.iankduncan.com/engineering/2025-11-27-crdt-dictionary/
71•birdculture•6h ago•3 comments

System 7 natively boots on the Mac mini G4

https://macos9lives.com/smforum/index.php?topic=7711.0
291•ibobev•15h ago•84 comments

Building road signs at home using a Cricut Machine

https://annanay.dev/build-a-signboard/
21•annanay•3d ago•7 comments

WinApps: Run Windows apps as if they were a part of the native Linux OS

https://github.com/winapps-org/winapps
275•klaussilveira•4d ago•131 comments

WebR – R in the Browser

https://webr.sh/
74•creata•5d ago•26 comments

Airbus A320 – intense solar radiation may corrupt data critical for flight

https://www.airbus.com/en/newsroom/press-releases/2025-11-airbus-update-on-a320-family-precaution...
451•pyrophoenix•21h ago•143 comments

Major AI conference flooded with peer reviews written by AI

https://www.nature.com/articles/d41586-025-03506-6
115•_____k•3h ago•75 comments

Garfield's Proof of the Pythagorean Theorem

https://en.wikipedia.org/wiki/Garfield%27s_proof_of_the_Pythagorean_theorem
137•benbreen•12h ago•68 comments

Show HN: Explore what the browser exposes about you

https://neberej.github.io/exposedbydefault/
167•coffeecoders•5d ago•59 comments

Every mathematician has only a few tricks (2020)

https://mathoverflow.net/questions/363119/every-mathematician-has-only-a-few-tricks
210•nill0•17h ago•55 comments

Imgur geo-blocked the UK, so I geo-unblocked my network

https://blog.tymscar.com/posts/imgurukproxy/
464•tymscar•1d ago•155 comments

Confessions of a Software Developer: No More Self-Censorship

https://kerrick.blog/articles/2025/confessions-of-a-software-developer-no-more-self-censorship/
324•Kerrick•20h ago•281 comments

Running a Business Means Contact with Reality

https://fredkozlowski.com/2025/11/02/running-a-business-means-contact-with-reality/
68•fkozlowski•3d ago•35 comments

Anthony Bourdain's Lost Li.st's

https://bourdain.greg.technology/
140•gregsadetsky•3d ago•38 comments

Build Your Own Router with URLPattern()

https://jschof.dev/posts/2025/11/build-your-own-router/
49•tobr•4d ago•23 comments

So you wanna build a local RAG?

https://blog.yakkomajuri.com/blog/local-rag
364•pedriquepacheco•1d ago•95 comments

Chainalysis Successful Deanonymization Attack on Monero

https://darkwebinformer.com/chainalysis-successful-deanonymization-attack-on-monero-2/
43•Anon84•6h ago•21 comments

Molly: An Improved Signal App

https://molly.im/
398•dtj1123•1d ago•236 comments

The risk of round numbers and sharp thresholds in clinical practice

https://www.nature.com/articles/s41746-025-02079-y
61•asplake•1w ago•27 comments
Open in hackernews

Writing a Self-Mutating x86_64 C Program (2013)

https://ephemeral.cx/2013/12/writing-a-self-mutating-x86_64-c-program/
118•kepler471•6mo ago

Comments

belter•6mo ago
I guess in OpenBSD because of W ^ X this would not work?
akdas•6mo ago
I was thinking the same thing. Usually, you'd want to write the new code to a page that you mark as read and write, then switch that page to read and execute. This becomes tricky if the code that's doing the modifying is in the same page as the code being modified.
timewizard•6mo ago
The way it's coded it wouldn't; however, you can map the same shared memory twice. Once with R|W and a second time with R|X. Then you can write into one region and execute out of it's mirrored mapping.
rkeene2•6mo ago
In Linux it also needs mprotect() to change the permissions on the page so it can write it. The OpenBSD man page[0] indicate that it supports this as well, though notes that not all implementations are guaranteed to allow it, but my guess is it would generally work.

[0] https://man.openbsd.org/mprotect.2

Retr0id•6mo ago
It's not required on linux, if the ELF headers are set up such that the page is mapped rwx to begin with. (but rwx mappings are generally frowned upon from a security perspective)
mananaysiempre•6mo ago
Not as is, but I think OpenBSD permits you to map the same memory twice, once as W and once as X (which would be a reasonable hoop to jump through for JITs etc., except there’s no portable way to do it). ARM64 MacOS doesn’t even permit that, and you need to use OS-specific incantations[1] that essentially prohibit two JITs coexisting in the same process.

[1] https://developer.apple.com/documentation/apple-silicon/port...

saagarjha•6mo ago
No, the protection is per-thread. You can run the JITs in different threads
alcover•6mo ago
I often think this could maybe allow fantastic runtime optimisations. I realise this would be hardly debuggable but still..
Retr0id•6mo ago
It already does, in the form of JIT compilation.
alcover•6mo ago
OK but I meant in already native code, like in a C program - no bytecode.
Retr0id•6mo ago
I mean that, too.
connicpu•6mo ago
LuaJIT has a wonderful dynamic code generation system in the form of the DynASM[1] library. You can use it separately from LuaJIT for dynamic runtime code generation to create machine code optimized for a particular problem.

[1]: https://luajit.org/dynasm.html

lmm•6mo ago
If you are generating or modifying code at runtime then how is that different from bytecode? Standardised bytecodes and JITs are just an organised way of doing the same thing.
vbezhenar•6mo ago
I used GNU lightning library once for such optimisation. I think it was ICFPC 2006 task. I had to write an interpreter for virtual machine. Naive approach worked but was slow, so I decided to speed it up a bit using JIT. It wasn't a 100% JIT, I think I just implemented it for loops but it was enough to tremendously speed it up.
userbinator•6mo ago
Programs from the 80s-90s are likely to have such tricks. I have done something similar to "hardcode" semi-constants like frame sizes and quantisers in critical loops related to audio and video decompression, and the performance gain is indeed measurable.
alcover•6mo ago
> "hardcode" semi-constants

You mean you somehow avoided a load. But what if the constant was already placed in a register ? Also how could you pinpoint the reference to your constant in the machine code ? I'm quite profane about all this.

ronsor•6mo ago
> Also how could you pinpoint the reference to your constant in the machine code?

Not OP, but often one uses an easily identifiable dummy pattern like 0xC0DECA57 or 0xDEADBEEF which can be substituted without also messing up the machine code.

mananaysiempre•6mo ago
If you’re willing to parse object files (a much easier proposition for ELF than for just about anything else), another option is to have the source code mention the constants as addresses of external symbols, then parse the relocations in the compiled object. Unfortunately, I’ve been unable to figure out a reliable recipe to get a C compiler to emit absolute relocations in position-independent code, even after restricting myself to GCC and Clang for x86 Linux; in some configurations it works and in others you (rather pointlessly) get a PC-relative one followed by an add.
userbinator•6mo ago
All the registers were already taken.

You use a label.

econ•6mo ago
The 80's:

Say you set a value for some reason. Later you have to check IF it is set. If the condition needs to be checked many times you replace it with the code (rather than set a value to check some place). If you need to check if something is still true repeatedly you replace the condition check with no-ops when it isn't true.

Also funny are insanely large loop unrolls with hard coded valued. You could make a kind of rainbow table of those.

barchar•6mo ago
It sometimes can, but you then have to balance the time spent optimizing against the time spent actually doing whatever you were optimizing.

Also on modern chips you must wait quite a number of cycles before executing modified code or endure a catastrophic performance hit. This is ok for loops and stuff, but makes a lot of the really clever stuff pointless.

The debuggers software breakpoints _are_ self-modifying code :)

112233•6mo ago
Linux kernel had the same idea, and now they have "static keys". It's both impressive and terrifying.
oxcabe•6mo ago
It's impressive how well laid out the content in this article is. The spacing, tables, and code segments all look pristine to me, which is especially helpful given how dense and technical the content is.
AStonesThrow•6mo ago
It was designed by Elves on Christmas Island where Dwarves run the servers and Hobbits operate the power plant
f1shy•6mo ago
I have the suspicion that there is a high correlation between how organized the content is, and how organized and clear the mind of the writer is.
ivanjermakov•6mo ago
I had a great experience writing self modified programs is a single instruction programming game SIC-1: https://store.steampowered.com/app/2124440/SIC1/
ycombinatrix•6mo ago
Cool recommendation, will give it a try.
Someone•6mo ago
Fun article, but the resulting code is extremely brittle:

- assumes x86_64

- makes the invalid assumption that functions get compiled into a contiguous range of bytes (I’m not aware of any compiler that violates that, but especially with profile-guided optimization or compilers that try to minimize program size, that may not be true, and there is nothing in the standard that guarantees it)

- assumes (as the article acknowledges) that “to determine the length of foo(), we added an empty function, bar(), that immediately follows foo(). By subtracting the address of bar() from foo() we can determine the length in bytes of foo().”. Even simple “all functions align at cache lines” slightly violates that, and I can see a compiler or a linker move the otherwise unused bar away from foo for various reasons.

- makes assumptions about the OS it is running on.

- makes assumptions about the instructions that its source code gets compiled into. For example, in the original example, a sufficiently smart compiler could compile

  void foo(void) {
    int i=0;
    i++;
    printf("i: %d\n", i);
  }
as

  void foo(void) {
    printf("1\n");
  }
or maybe even

  void foo(void) {
    puts("1");
  }
Changing compiler flags can already break this program.

Also, why does this example work without flushing the instruction cache after modifying the code?

nekitamo•6mo ago
For the mainstream OSes (Windows, OSX, Linux Android) You don't need to flush the instruction cache on most x86 CPUs after modifying the code segment dynamically, but you do on ARM and MIPS.

This has burned me before while writing a binary packer for Android.

saagarjha•6mo ago
They check all those assumptions by disassembling the code.
Cloudef•6mo ago
> self-modifying code > brittle

I mean that is to be very much expected, unless someone comes up with a programming language that fully embraces the concept.

znpy•6mo ago
The author clearly explained that the whole article is more a demonstration for illustrative purposes than anything else.

> Changing compiler flags can already break this program.

That's not the point of the article.

xixixao•6mo ago
I’ve been thinking a lot about this topic lately, even studying how executables look on arm macOS. My motivation was exploring truly fast incremental compilation for native code.

The only way to do this now on macOS is remapping whole pages as JIT. This makes it quite a challenge but still it might work…

Cloudef•6mo ago
Kaze Emanuar's "Optimizing with Bad Code" video also goes briefly go through self-modifying code https://www.youtube.com/watch?v=4LiP39gJuqE
pfdietz•6mo ago
A program that can generate, compile, and execute new code is nothing special in the Common Lisp world. One can build lambda expressions, invoke the compile function on them, and call the resulting compiled functions. One can even assign these functions to the symbol-function slot of symbols, allowing them to be called from pre-existing code that had been making calls to that function named by that symbol.
BenjiWiebe•6mo ago
I know that no other language can match Lisp, but many languages can generate and execute new code, if they're interpreted. Compile, too, if they're JITted. They all require quite a bit of runtime support though.
DrZhvago•6mo ago
Someone correct me if I am wrong, but self-mutating code is not as uncommon as the author portrays it. I thought the whole idea of hotspot optimization in a compiler is essentially self-mutating code.

Also, I spent a moderately successful internship at Microsoft working on dynamic assemblies. I never got deep enough into that to fully understand when and how customers where actually using it.

https://learn.microsoft.com/en-us/dotnet/fundamentals/reflec...

iamcreasy•5mo ago
Is it possible to mutate the text segment by another process? For example, injecting something malicious instead of exec-ing a shell?