Software Hacks

876 Articles

Custom Microcode Compiler, Made In Google Sheets

July 7, 2024 by 12 Comments

When homebrewing a CPU, one has to deal with microcode. Microcode is the low-level nuts and bolts of how, precisely, a CPU executes instructions (like opcodes) and performs functions such as updating the cycle counter or handling interrupt requests. To make this task easier, [Bob Alexander] created a microcode compiler built in Google Sheets to help with his own homebrew work, but it’s flexible and configurable enough to be useful to others, as well.

A CPU’s microcode usually lives in read-only memory, and writing the microcode is only one step in the journey. [Bob]’s tool compiles his microcode into files that can be burned into memory (multiple EEPROM chips, in [Bob]’s case) or used as a Verilog program in the case of implementing the CPU in an FPGA. It’s configurable enough to be adapted for other homebrew CPU projects, though one would of course have to re-write the microcode portion.

A read-only version of the spreadsheet makes for some fun browsing, and if it piques your interest enough to get a copy of your own complete with the compiler script, you can do that here. It uses Google Sheets, and writes the output files into one’s Google Drive.

This kind of low-level project really highlights the finer points of just how the hard work of digital computing gets done. A good example is the Gigatron which implemented a RISC CPU using only microcode, memory, and logic gates in the late 70s. We’ve even seen custom microcode used to aid complex debugging.

A Second OctoPrint Plugin Has Been Falsifying Stats

July 4, 2024 by 34 Comments

The ongoing story of bogus analytical data being submitted to the public OctoPrint usage statistics has taken a surprising turn with the news that a second plugin was being artificially pushed up the charts. At least this time, the developer of the plugin has admitted to doing the deed personally.

Just to recap, last week OctoPrint creator [Gina Häußge] found that somebody had been generating fictitious OctoPrint usage stats since 2022 in an effort to make the OctoEverywhere plugin appear to be more popular than it actually was. It was a clever attempt, and if it wasn’t for the fact that the fake data was reporting itself to be from a significantly out of date build of OctoPrint, there’s no telling how long it would have continued. When the developers of the plugin were confronted, they claimed it was an overzealous user operating under their own initiative, and denied any knowledge that the stats were being manipulated in their favor.

Presumably it was around this time that Obico creator [Kenneth Jiang] started sweating bullets. It turns out he’d been doing the same thing, for just about as long. When [Gina] contacted him about the suspicious data she was seeing regarding his plugin, he owned up to falsifying the data and published what strikes us as a fairly contrite apology on the Obico blog. While this doesn’t absolve him of making a very poor decision, we respect that he didn’t try to shift the blame elsewhere.

That said, there’s at least one part of his version of events that doesn’t quite pass the sniff test for us. According to [Kenneth], he first wrote the script that generated the fake data back in 2022 because he suspected (correctly, it turns out) that the developers of OctoEverywhere were doing something similar. But after that, he says he didn’t realize the script was still running until [Gina] confronted him about it.

Now admittedly, we’re not professional programmers here at Hackaday. But we’ve written enough code to be suspicious when somebody claims a script they whipped up on a lark was able to run unattended for two years and never once crashed or otherwise bailed out. We won’t even begin to speculate where said script could have been running since 2022 without anyone noticing…

But we won’t dwell on the minutiae here. [Gina] has once again purged the garbage data from the OctoPrint stats, and hopefully things are finally starting to reflect reality. We know she was already angry about the earlier attempts to manipulate the stats, so she’s got to be seething right about now. But as we said before, these unfortunate incidents are ultimately just bumps in the road. We don’t need any stat tracker to know that the community as a whole greatly appreciates the incredible work she’s put into OctoPrint.

Fork! Ladybird Browser And SerenityOS To Go Separate Ways

July 2, 2024 by 10 Comments

In the monthly Ladybird Browser update video which we’ve placed below, SerenityOS founder [Andreas Kling] announced an interesting development. The browser has been forked from the OS that has been its progenitor, and both projects will now proceed separately. This frees the browser from the SerenityOS insistence on avoiding external libraries, and allows it to take advantage of stable, fast, and mature open source alternatives. This is already paying dividends in compatibility and speed, and is likely to lead further towards a usable everyday browser as time goes by.

As the world of fully-featured web browser engines has contracted from a number of different projects to little more than Google’s Blink and Mozilla’s Gecko, Ladybird has found itself in an unexpected position. It is vital that the browser market retains some competition and does not become a Google monoculture, so while it might not seem so at first glance, the news of Ladybird going alone has the potential to be one of the most far-reaching open source stories of the year.

If you’d like to try Ladybird you’ll have to get your hands slightly dirty and build it yourself, but we’d expect ready-built versions to appear in due course. We took a look at an earlier version of Ladybird last year, as well as SerenityOS itself.

Continue reading “Fork! Ladybird Browser And SerenityOS To Go Separate Ways”

Modeling Home Heating Systems With Circuit Simulation Software

July 1, 2024 by 6 Comments

Electricity flow is generally invisible, silent, and not something that most humans want to touch, so understanding how charge moves around can be fairly unintuitive at first. There are plenty of analogies to help understand its behavior, such as imagining a circuit as a pipe of water, with pressure standing in for voltage and flow standing in for current. But you can flip this idea in reverse and use electric circuits to model other complex phenomena instead. [Oxx], for example, is using circuit theory to model his home’s heating systems.

To build his model, he’s using LTSpice, a free circuit simulation program. Using voltage to model temperature and current to model heat flow, he’s set up a model for his home to compare the behavior of a heat pump and a propane furnace. A switch model already in LTSpice with built-in hysteresis takes the place of the thermostat. Using temperature data for a single day in January [Oxx] can see how each of his two heating systems might behave, and the model for the heat pump is incredibly close to how the heat pump behaved in real life.

The model includes all kinds of data about the system, including the coefficient of performance of the heat pump and its backup electric resistive heater, and the model is fairly accurate at predicting behavior. Of course, it takes a good bit of work to set up the parameters for all of the components since our homes and heating systems won’t be included in LTSpice by default, but it does show how powerful an electric circuit analog can be when building models of other systems. If you’ve never used this program before, we’ve featured a few guides to getting started that you can take a look at.

Thanks to [Jarvis] for the tip!

Continue reading “Modeling Home Heating Systems With Circuit Simulation Software”

3D Printing With A Twist

June 30, 2024 by 16 Comments

When we think about sending an STL off on the Internet for processing, we usually want someone to print it for us or we want mesh repair. But [Chuck] found an interesting project on GitHub from [Andrew Sink] that will let you add a variable amount of twist to any STL and then return it to you for printing or whatever else you use STLs for. If you don’t get what we mean, check out the video below.

The site that does the work initially loads a little gnome figure if you are too lazy to upload your own model. That’s perfect, though, because the little guy is a good example of why you might want to twist a model. With just a little work, you can make the gnome look in one direction or even look behind him.

[Chuck] shows how to use the tool for artistic effect by twisting his standard cube logo. The result is something that looks like it would be difficult to create, but could hardly be easier. The tool lets you rotate the object, too, so you can get the twist effect in the right orientation for what you want to accomplish. A great little tool for making more artistic 3D prints without learning new software. If you want some fun, you can try the version that uses sound from your microphone to control the twist.

If you’d rather twist in CAD, we can help. If you really want artsy 3D printing, you probably need to learn Blender.

Continue reading “3D Printing With A Twist”

Bats Can No Longer Haunt Apple VR Headsets Via Web Exploit

June 26, 2024 by 33 Comments

Bug reporting doesn’t usually have a lot of visuals. Not so with the visionOS bug [Ryan Pickren] found, which fills a user’s area with screeching bats after visiting a malicious website. Even better, closing the browser doesn’t get rid of them! Better still? Doesn’t need to be bats, it could be spiders. Fun!

The bug has been fixed, but here’s how it worked: the Safari browser build for visionOS allowed a malicious website to fill the user’s 3D space with animated objects without interaction or permission. The code to trigger this is remarkably succinct, and is actually a new twist on an old feature: Apple AR Quick Look, an HTML-based feature for rendering 3D augmented reality content in Safari.

How about spiders, instead?

Leveraging this old feature is what lets an untrusted website launch an arbitrary number of animated 3D objects — complete with sound — into a user’s virtual space without any interaction from the user whatsoever. The icing on the cake is that Quick Look is a separate process, so closing Safari doesn’t get rid of the pests.

Providing immersive 3D via a web browser is a valuable way to deliver interactive content on both desktops and VR headsets; a good example is the fantastic virtual BBC Micro which uses WebXR. But on the Apple Vision Pro the user is always involved and there are privacy boundaries that corral such content. Things being launched into a user’s space in an interaction-free way is certainly not intended behavior.

The final interesting bit about this bug (or loophole) was that in a way, it defied easy classification and highlights a new sort of issue. While it seems obvious from a user experience and interface perspective that a random website spawning screeching crawlies into one’s personal space is not ideal, is this a denial-of-service issue? A privilege escalation that technically isn’t? It’s certainly unexpected behavior, but that doesn’t really capture the potential psychological impact such bugs can have. Perhaps the invasion of personal space and user boundaries will become a quantifiable aspect of bugs in these new platforms. What fun.

Kernel Hack Brings Windows XP To The 486

June 23, 2024 by 20 Comments

The venerable Intel 486 was released in 1989 as the successor to the extremely popular Intel 386. It was the minimum recommended processor for Windows 98.  (Surprisingly, the Windows 95 minimum was a 386!)  But by the time XP rolled around, you needed at least a 233 MHz Pentium to install. Or at least that was the case until recently when an extremely dedicated user on MSFN named [Dietmar] showed how he hacked the XP kernel so it could run on the classic chip!

The biggest issue preventing XP from working on earlier processors is an instruction introduced on the Pentium: CMPXCHG8B. This instruction compares two 8-byte values and takes different actions depending on an equality test. It either copies the 8 bytes to a destination address or loads it into a 64-bit register. Essentially, it does what it says on the tin: it CoMPares and eXCHanGes some values. If you want to dig into the nitty-gritty details, you can check out this info on the instruction taken from the x86 datasheet.

Without getting too technical, know that this instruction is vital for performance when working with large data structures. This is because one instruction moves 8 bytes at a time, unlike the older CMPXCHG instruction, which only moves a single byte. Essentially, [Dietmar] had to find every usage of CMPXCHG8B and replace it with an equivalent series of CMPXCHG instructions.

On a side note, the once well-known and devastating Pentium F00F bug was caused by a faulty encoding of the CMPXCHG8B instruction. This allowed any user, even unprivileged users, to completely lock up a system, requiring a full reset cycle!

So [Dietmar] was successful, and now you can run the German version of Windows XP on either a real 486 or an emulated one. The installer is available on the Internet Archive and there’s a detailed video below demonstrating installing it on the 86Box virtual machine host.

Continue reading “Kernel Hack Brings Windows XP To The 486”