[HN Gopher] Show HN: Redbean - Single-file distributable web server
___________________________________________________________________
Show HN: Redbean - Single-file distributable web server
Author : jart
Score : 1388 points
Date : 2021-02-26 03:33 UTC (19 hours ago)
(HTM) web link (justine.lol)
(TXT) w3m dump (justine.lol)
| unwiredben wrote:
| Alas, I wanted to try this out, but the format shenanigans
| triggered the Sophos "machine-learning"-based threat detection on
| my Windows laptop in mid-download.
| raphaelj wrote:
| The amount of work that went to this is insane. She made a (full
| ?) implementation of libc:
| https://github.com/jart/cosmopolitan/tree/master/libc
| phkahler wrote:
| Can it be extended in a way similar to CGI back in the day? I
| would just want to compile it with the CGI program rather than
| expect it to dynamically load.
| hprx wrote:
| I just spent 30 minutes reading about this. I'm so shocked that
| I'm logging in to comment after 5 years of lurking.
|
| Justine has built a c library that allows you compile a binary
| once and have it run it on any os or baremetal. The SAME binary.
| Quite frankly, that sentence doesn't even make sense to me.
|
| Check out
| https://storage.googleapis.com/justine/cosmopolitan/index.ht...
|
| As far as I'm concerned, this is literal magic. Look at the magic
| numbers:
| https://github.com/jart/cosmopolitan/blob/37a4c70c3634862d8d...
|
| I could go on, but there's no binary portability comparison with
| any other language. And she has made some pretty neat
| optimizations.
|
| Back in the day, I saw some pretty neat stuff with the ELF
| format, but this takes the cake.
|
| Wow.
|
| Edit: I'm editing because this is just so bloody absurd.
|
| https://storage.googleapis.com/justine/printimage.html
|
| $ ./printimage.com someimage.jpg
|
| Like wow. And also video.
|
| https://storage.googleapis.com/justine/printvideo.html
|
| I'm struggling to put my shock into words. I've been around.
|
| There's engineering. There's academia.
|
| But this falls into straight-up wizardry.
| ghoomketu wrote:
| I really don't understand internals ibut I've often downloaded
| cygwin exe file for commands like grep, tail, etc.. Are you
| telling me that is no longer required?
| hprx wrote:
| On linux, I downloaded the printvideo binary and played a
| friggin crab video on my terminal after just a chmod. I don't
| have any other OS to confirm, but it sure looks like it if
| someone compiles/links coreutils against this.
| [deleted]
| matheusmoreira wrote:
| Wow, that cosmopolitan C library is absolutely awesome. The ABI
| specialization is extremely interesting. Never seen anything
| like that before. I thought compilers did that. I don't
| understand why they couldn't properly optimize memcpy.
|
| I wonder how it handles system calls. Let me check the
| source...
|
| https://github.com/jart/cosmopolitan/blob/master/tool/build/...
|
| https://github.com/jart/cosmopolitan/blob/master/tool/build/...
|
| > void OpSyscall(struct Machine *, uint32_t);
|
| Pretty interesting... Need some time to figure out how it
| works.
|
| The system call entry points:
|
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/s...
|
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/s...
|
| It uses a jump slot technique which is interesting:
|
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/m...
|
| System call numbers:
|
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/c...
|
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/s...
|
| Looks like it packs the system call numbers of all operating
| systems into a single constant.
|
| For some reason there are some dedicated implementations of
| Linux system calls using inline assembly rather than the entry
| point:
|
| https://github.com/jart/cosmopolitan/tree/master/libc/linux
|
| More related files:
|
| https://github.com/jart/cosmopolitan/blob/master/libc/calls/...
|
| https://github.com/jart/cosmopolitan/blob/master/libc/calls/...
|
| Also funny how it calls Linux "GNU/Systemd"!
| TeMPOraL wrote:
| Agreed. This single sentence at the end of actually pdrtable
| executable page:
|
| > _I believe the best chance we have of doing that [writing
| software that stands the test of time with minimal toil], is by
| gluing together the binary interfaces that 've already achieved
| a decades-long consensus, and ignoring the APIs._
|
| ...it's a kind of thought I don't think I could ever come up
| with. Mind blown.
| JesseMeyer wrote:
| You go to war with the army you have.
| malux85 wrote:
| I agree, I got to the page on actually portable executable, and
| had to read it a few times to make sure I was grokking it
| properly. This is just sheer cleverness, THIS is the stuff that
| should be on hacker news!
| hprx wrote:
| For real.
|
| It's hard to grok cause there are no words to describe it.
|
| When people say that something is cross-platform, they
| usually mean a) that the software will build on multiple
| platforms b) there is some sort of vm which runs the
| executable (jvm, beam, wasm)
|
| This is the SAME binary. Running everywhere. Could be super-
| useful as an archival format for mission critical code.
| sqlite comes to mind.
|
| Maybe it's late at night, but I'm struggling to find a
| suitable word for the project that is better than portable or
| cross-platform.
|
| Literally, I can't find a better word than the project name -
| " _actually portable_ executable. "
|
| @author - if you're reading this please set up something for
| a few bucks a month on your github sponsors. I don't think I
| have any use for the library, but this is so outrageous it
| deserves something more than imaginary internet points.
| jart wrote:
| Author here. Thanks! I've added a new sponsor tier per your
| request. https://github.com/sponsors/jart
| ActorNightly wrote:
| Do you have a direct paypall? Im not a fan of
| subscription services but Id like to support this.
| jart wrote:
| I do indeed have PayPal: jtunney@gmail.com Thank you for
| your support!
| akalsz wrote:
| > THIS is the stuff that should be on hacker news!
|
| If interested, see previous discussions of APE:
|
| https://news.ycombinator.com/item?id=24256883
|
| https://news.ycombinator.com/item?id=25556286
| alisonatwork wrote:
| Thanks for the links. The discussion on the first one is
| interesting, it wasn't clear to me from the original doc
| that the UNIX version needs to overwrite itself to get to
| the ELF header. That's a bit unfortunate, because it means
| you can't share the program again after you ran it the
| first time on BSD or Linux. Still very clever, though. I
| imagine there could be a "repackage for distribution"
| switch added to put the MZ header back again.
| jart wrote:
| I did the research and what we've accomplished here,
| while imperfect, is the best of all worlds solution. I
| like to think of it as an installer that takes a few
| microseconds, because it only needs to change 64 bytes.
| I've been considering adding a CLI flag where you can say
| ./foo.com --restore and it'll put the original 64 byte
| header back in place. Perhaps one day we can change the
| Linux, BSD, and XNU kernels so they can recognize the APE
| executable format. But until that happens we've got a
| great shell script hack that's now required by POSIX
| which is exceedingly fast and works on pretty much all
| systems stretching back decades.
| lambda_obrien wrote:
| Strong agree; someone needs to give her like a million dollars
| a year salary and unlimited resources to explore whatever she
| wants for life, just to see what she comes up with.
| skrebbel wrote:
| Everything she does has this level of jaw-dropping amazingness.
| Between her and Fabrice Bellard i don't know many people who
| consistently get my chin to hit the table.
|
| I hope that Cosmopolitan becomes mainstream, so much more
| software could have that It Just Works quality.
| ksec wrote:
| Mike Pall for LuaJIT
| sneak wrote:
| "Jaw-dropping" is definitely a term I'd use to describe some
| of her more infamous tweets and blog posts, too.
| dang wrote:
| Please don't do this here. Resisting extrinsic provocation
| is key to thread quality.
| Proven wrote:
| That malware for OS X that does nothing (so far) from the news
| earlier this week also has one multi-arch binary for all modern
| Apple notebook architectures (AMD64 and ARM64)
| alisonatwork wrote:
| Agreed, this is the best programming-related thing I've seen on
| the internet in a long time. It reminds me of when I was a
| teenager, excited to become a computer programmer. Then I grew
| up and joined the real world workforce and it was all far less
| exciting than I imagined.
|
| The coolest thing about this Actually Portable Executable is
| that once there's a compiler and linker built with it, I can
| play around with writing C on Windows without having to faff
| about with WSL or MinGW or learning what makes MSVC different
| from the C I learned in university and coded in my first job
| before I became a Java/JavaScript/Python/etc programmer. When I
| discovered Go I thought I had discovered the better C that just
| worked everywhere, but the idea of having plain old C that also
| just works everywhere is very appealing.
| Abishek_Muthian wrote:
| I like Go for the same reason, but I have an irrational fear
| that someday I might be in a life or death situation and
| should program my way out using a bare bones computer without
| Internet; So I keep tabs on C occasionally.
|
| actually pdrtable executable has now piqued my interest, So I
| might actually indulge in C programming for fun _again_ after
| all. Thanks Justine.
| lenkite wrote:
| Will this work if your code uses the C++ standard library ? Or
| is this just for pure C ?
| ZiiS wrote:
| The are a few options but all require some effort
| https://github.com/jart/cosmopolitan/issues/27
| [deleted]
| Hasz wrote:
| This is bonkers amazing!
|
| I love the reference to the Swedish Rhapsody numbers station at
| the end of consts.sh
| safeaim wrote:
| Am I the only one having issues trying to get this working? The
| webserver starts just fine, but once I add the index.html with
| zip as in the example, it stops working. This is on Mac 10.15,
| CentOS 8 and Ubuntu 18.04 LTS.
|
| Centos: [centos@test ~]$ ./redbean.com -vv error:
| Uncaught SIGSEGV on test.novalocal ./redbean.com
| EINVAL/err=22/errno:2/GetLastError:0 Linux test.novalocal
| 4.18.0-240.10.1.el8_3.x86_64 #1 SMP Mon Jan 18 17:05:51
| UTC 2021
|
| On the mac: ~ my-Maccie$./redbean.com -vv Killed: 9
|
| On Ubuntu: ubuntu@localhost:~$ ./redbean.com -vv
| error: Uncaught SIGSEGV on localhost ./redbean.com
| EINVAL/err=22/errno:2/GetLastError:0 Linux localhost
| 4.15.0-136-generic #140-Ubuntu SMP Thu Jan 28 05:20:47 UTC
| 2021
| zimpenfish wrote:
| IIRC, from vague memories of things flying past, Big Sur won't
| let a modified binary run once it's been checked by Gatekeeper.
| Which means the first run gets checked and notarised but when
| you add the `index.html`, the on-disk binary has changed and
| Gatekeeper won't allow it to run - I guess it's to prevent
| malicious code modifications, etc.
| anderspitman wrote:
| Thank goodness AAPL is here to protect us from doing cool
| stuff.
| oscargrouch wrote:
| Its good from a security perspective, but also its a
| nightmare to know that the mothership knows everything you
| run on your machine.
|
| This will also prevent distribution from outside of their
| appstore giving it will prevent updates.
|
| So as anything Apple, the world security here is being used
| as code for personal machines remotely controlled by the
| mothership.
|
| You trade privacy and freedoms for a little convenience.
| safeaim wrote:
| Yeah, but this isn't Big Sur, it's Catalina. But maybe it's
| the same protection there as well?
|
| The binary didn't work on Ubuntu 18.04 nor CentOS8 either,
| but I'll report a issue later on today.
| jart wrote:
| Oh wow that's good to know. Maybe you have to do something
| like `cat foo.com >foo2.com` after you've modified it with
| the zip tool.
| r0b05 wrote:
| After adding a new file with WinRAR, I get:
|
| EINVAL/err=87/errno:2/GetLastError:203 The parameter is
| incorrect.
|
| Probably the ZIP needs to be saved in a certain format.
| jart wrote:
| Author here. The zip shouldn't need to be saved in any
| special format. If WinRAR is posing problems then please file
| an issue because I'd like to fix that. That error doesn't
| seem like something that would indicate executable
| corruption. I want to learn more.
| adontz wrote:
| IDK if this is enough
|
| https://pastebin.com/8RyPWQFf
| r0b05 wrote:
| Sure thing, will provide as much info as possible.
| xPaw wrote:
| I tried to add a file using Windows file explorer, but it
| just complains "The Compressed (zipped) Folder is invalid
| or corrupted."
|
| This is on Windows 10 19042 build.
|
| 7-Zip doesn't even see the folders for that matter.
| user-the-name wrote:
| Have to say though, using zip so you can reuse the
| compression is quite a masterstroke.
| jart wrote:
| Author here. It works fine on RHEL5 / CentOs5 for me. I can
| also confirm RHEL7. Please file an issue. What will help in
| particular is if you can give me the faulting RIP address. That
| should be in the crash report or in your dmesg log.
| TeddyDD wrote:
| No, I have the same issue on Linux Mint 20.1
| lemniscare wrote:
| Yeah another killed: 9 on Mac BigSur. Could you export the tool
| in a way that we don't have to zip new files into it? Instead
| we would have to gcc the whole thing once and be done with it.
| tromp wrote:
| Same here on MacOS Catalina 10.15.7. The original invocation
| runs fine $ bash -c './redbean.com -vv'
| W2021-02-26T01:50:12.665277:tool/net/redbean.c:1144:redbean:330
| 2] setsockopt(server, IPPROTO_TCP, TCP_FASTOPEN, &yes,
| sizeof(yes)) - EINVAL/err=22/errno:22/GetLastError:0 W
| --------------------
| 000015:tool/net/redbean.c:1145:redbean:3302] setsockopt(server,
| IPPROTO_TCP, TCP_QUICKACK, &yes, sizeof(yes)) -
| ENOPROTOOPT/err=42/errno:42/GetLastError:0 V
| --------------------
| 000022:tool/net/redbean.c:1166:redbean:3302] 0.0.0.0:8080
| listen
|
| Visiting http://127.0.0.1:8080/ in my web browser shows a nice
| redbean page with lobster graphic at
| http://127.0.0.1:8080/tool/net/redbean.html but then following
| usage instructions in another shell: $ echo
| '<b>hello</b>' >index.html $ zip redbean.com index.html
| adding: index.html (stored 0%) $ ./redbean.com -vv
| Killed: 9
|
| I blame my zip $ zip -v Copyright (c)
| 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
| This is Zip 3.0 (July 5th 2008), by Info-ZIP. Currently
| maintained by E. Gordon.
|
| Addition of index.html shrinks(!) redbean.com from size 204800
| to size 204348, with changes starting from char 172938. That
| clearly corrupts the portable executable format.
| awestroke wrote:
| Disable Gatekeeper: sudo spctl --master-disable
| oneeyedpigeon wrote:
| Yup, I get "Killed: 9" on macOS (Big Sur) too. I actually had
| some kind of problem (I think) with the original invocation:
| $ bash -c './redbean.com -vv' W2021-02-26T02:06:29.1629
| 53:tool/net/redbean.c:1144:redbean:83621] setsockopt(server,
| IPPROTO_TCP, TCP_FASTOPEN, &yes, sizeof(yes)) -
| EINVAL/err=22/errno:22/GetLastError:0 W
| --------------------
| 000026:tool/net/redbean.c:1145:redbean:83621]
| setsockopt(server, IPPROTO_TCP, TCP_QUICKACK, &yes,
| sizeof(yes)) - ENOPROTOOPT/err=42/errno:42/GetLastError:0
| error:./redbean.com: check failed: 0xffffffffffffffff !=
| 0xffffffffffffffff (48) 6fffffffff70 0000004034cf
| UNKNOWN 6fffffffff80 000000403225 UNKNOWN
| 6fffffffffc0 0000004027f3 UNKNOWN 6fffffffffe0
| 000000402a21 UNKNOWN 7ffeefbff870 00000040227b UNKNOWN
| brabel wrote:
| On Mac Big Sur it doesn't seem to work either:
| > zsh -c './redbean.com -vv' W2021-02-26T12:12:24.0193
| 87:tool/net/redbean.c:1144:redbean:56779] setsockopt(server,
| IPPROTO_TCP, TCP_FASTOPEN, &yes, sizeof(yes)) -
| EINVAL/err=22/errno:22/GetLastError:0
|
| W--------------------
| 000028:tool/net/redbean.c:1145:redbean:56779]
| setsockopt(server, IPPROTO_TCP, TCP_QUICKACK, &yes,
| sizeof(yes)) - ENOPROTOOPT/err=42/errno:42/GetLastError:0 V
| --------------------
| 000023:tool/net/redbean.c:1166:redbean:56779] 0.0.0.0:8080
| listen ^CV2021-02-26T12:12:27.012972:tool/net/redbean.c:1183:re
| dbean:56779] 0.0.0.0:8080 terminated
|
| EDIT: I am an idiot: it's working just fine... the messages
| looked like an error to me, but visiting
| https://localhost:8080/ does show a nice HTML page!
| johnx123-up wrote:
| Someone already reported the same
| https://github.com/jart/cosmopolitan/issues/56
| gekkonier wrote:
| this is outstanding! speechless.
| mixmastamyk wrote:
| Is it a "fat" binary?
| mekkkkkk wrote:
| AFAIK a fat binary is just a binary with all dependencies
| included. It would still be compiled for a specific platform.
| The magic part about this is that it's a single file compiled
| once that can be run on most platforms. And it also adheres to
| the format of a zip file, so you can add, modify and remove
| assets as you please inside the actual file, post compilation.
| fctorial wrote:
| So it's a tiny virtual machine. Intriguing, but not really
| shocking.
| mikewarot wrote:
| >So it's a tiny virtual machine. Intriguing, but not really
| shocking.
|
| Nope... it's native code, that runs on multiple platforms, all
| in one small executable.
|
| How? Lots of very clever hacking, and trimming all the
| accumulated dreck out of the normal C runtime, while making it
| work across all the supported platforms. (Polyfill is the term
| she uses)
|
| This is the most amazing thing I've seen in a decade or so. It
| is right up there with GIT in terms of the possibility space it
| opens up.
| vanderZwan wrote:
| What is your definition of a virtual machine and what do you
| think is happening here?
| joh6nn wrote:
| "no wireless. less space than a nomad"
| comeonseriously wrote:
| This is brilliant.
| [deleted]
| pxx wrote:
| If you're getting `check failed: 0xffffffffffffffff !=
| 0xffffffffffffffff (98)` make sure you're able to bind the
| default port (8080). You can run the symbolized version to see
| where the check occurs.
| TickleSteve wrote:
| TLDR: This is a packed file format that can look to the OS as
| being executable (for Windows/Linux/OSX). The code is x86 and so
| offers native performance on those processors. On other
| platforms, an x86 emulator is built in so can't offer native
| execution speeds.
|
| While neat, its not the "best of all worlds" due to the lack of
| native code on anything other than x86/x64. Also, claiming "bare
| metal" is supported is a stretch as you are limited to having no
| I/O of any form (as there is no platform code).
| OOPMan wrote:
| No I/O eh?
|
| I'm sure the FP zealots will love it :-)
| jart wrote:
| I'm just one woman. What Cosmopolitan does so far, it does
| really well. It was only as recently as a few days ago that I
| got mmap() and malloc() polyfilled on bare metal. It has serial
| uart i/o. It's going to have e1000/virtio sockets soon. You can
| help me will that future into existence. I need people who know
| o/s dev and can help me write code that does things like
| correctly set up pic controller.
| TickleSteve wrote:
| Sorry, wasn't meant as a criticism, just as an explanation
| because people were assuming magic...
|
| Taking on bare-metal is a significant job much greater than
| your original task and you may be better targeting something
| like buildroot instead, after all what is the Linux kernel
| but a hardware abstraction layer.
| jart wrote:
| How hard could stdio/sockets on metal possibly be? So far
| bare metal has been a walk in the park. I love the fact
| that PML4T lets me do things like move memory without
| copying it. I want to be able to have that power without
| schlepping in the entire Linux world. I believe it should
| be possible for programs to be able to boot on metal as
| _just_ programs which are tiny and auditable. Especially
| considering everything runs on hypervisors these days,
| which are in some respects the true operating system. Ring
| 0 is the new Ring 3. Who among you is willing to accept
| being pushed to the outer bounds of computing? If MINIX
| gets to run in Ring -3 then it should at least be easy for
| our programs to run in Ring0.
| TickleSteve wrote:
| Its not the difficulty, but the scale.
|
| Working on one bare metal system is relatively easy as
| long as you're willing to dive into drivers. Getting 1001
| I2C drivers or maybe writing a drivers for tens of
| different types of flash devices is a different matter.
|
| Your project will quickly become overrun with drivers for
| literally tens of thousands of devices... then comes
| maintenance.
|
| Look at the Linux source tree... Good drivers are not
| trivial either. Simple ones are of course.
|
| Basically, its a time-sink and it doesn't become useful
| for claiming "portability" until you're approaching the
| scale of something like Linux.
| jart wrote:
| You're confusing portability with requirements. I'm aware
| that a long tail exists. Linux is a big tent for that
| sort of thing. I think that's great. I also want the
| freedom to live outside that tent during the times when
| all I need are the other 85% of use cases, which as I've
| shown, can be easily achieved by just one person. I don't
| believe that just because I ship actually portable
| executables that are able to do e1000/virtio that every
| hardware manufacturer is going to be kicking down my door
| eager to get support for their silicon merged. Linux is
| already doing a great job at that and I think
| Cosmopolitan is complementary.
| brabel wrote:
| As someone who knows programming in higher level
| languages well but has no experience with low level, bare
| metal, how can I get started with this stuff you're
| working with?
|
| > So far bare metal has been a walk in the park. I love
| the fact that PML4T lets me do things like move memory
| without copying it.
|
| > I believe it should be possible for programs to be able
| to boot on metal as just programs which are tiny and
| auditable.
|
| I would love to be able to learn more about this. Maybe
| even contribute to your project :) perhaps a good way to
| start would be to address some small tasks you might have
| laying around?!
| jart wrote:
| And I would love to encourage you to do so! If you're
| working for Cosmopolitan then I'll be working hard to
| support you. There's a long history of depth to metal.
| Many people start off learning it by having fun with the
| old skool ibm pc boot process. Here's a gentle
| introduction:
| https://justine.lol/blinkenlights/realmode.html and
| https://github.com/jart/sectorlisp and
| http://reddit.com/r/osdev
|
| Those concepts are implemented in the Cosmopolitan
| codebase here: https://github.com/jart/cosmopolitan/blob/
| master/ape/ape.S
|
| That file runs a few hundred lines of old school assembly
| in order to bring us into the modern era. Towards the end
| of the file you'll notice it starts calling functions
| that are written in C which configure memory: https://git
| hub.com/jart/cosmopolitan/blob/master/libc/runtim...
|
| After it configures memory, the ape.S file is able to
| call _start(). It also sets a bit in __hostos so that
| functions like write() know to use the serial port
| instead of issuing system calls: https://github.com/jart/
| cosmopolitan/blob/master/libc/calls/... That's the
| simplest possible example of a driver with spin locks
| which uses the x86 IN/OUT instructions.
|
| If you want to take a dive off the deep end right now
| with Cosmopolitan on metal -- simulated -- then try the
| following build commands on your Linux terminal:
| git clone https://github.com/jart/cosmopolitan cd
| cosmopolitan make -j8 o//examples/hello2.com
| qemu-system-x86_64 -m 16 -nographic -fda
| o//examples/hello2.com sed -i -e
| 's/USE_SYMBOL_HACK 0/USE_SYMBOL_HACK 1/' ape/ape.S
| make -j8 o//examples/hello2.com
| o//tool/build/blinkenlights.com
| o//tool/build/blinkenlights.com -rt
| o//examples/hello2.com
| smusamashah wrote:
| Windows 10 (10.0.18363 Build 18363). Just downloaded and
| executed. No zip modification at all. W2021-02-26
| T05:00:59.959364:tool/net/redbean.c:1141:redbean-2021-02-25:49336
| ] setsockopt(server, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes))
| - ENOPROTOOPT/err=10042/errno:10042/GetLastError:0 W
| --------------------
| 000674:tool/net/redbean.c:1145:redbean-2021-02-25:49336]
| setsockopt(server, IPPROTO_TCP, TCP_QUICKACK, &yes, sizeof(yes))
| - ENOPROTOOPT/err=10042/errno:10042/GetLastError:0
|
| Its amazing if works though, i can put my static site in an exe.
| That is so cool.
|
| EDIT: Runs on without modifying even with this message.
|
| EDIT: Cannot modify zip on windows. "File not found or no read
| permission" using explorer. With 7-zip "Operation is not
| supported."
|
| EDIT: Used WSL to update zip which then results in SIGSEGV
| mbgerring wrote:
| I am floored. Not only is this just breathtaking sorcery, I also
| needed this exact thing for a project. I don't understand
| probably 70% of the description of this software, but I
| understand what it does, and I'm more excited to carefully study
| and use this than I have been about anything in years.
| Hayvok wrote:
| Zero/near-zero dependencies, minimal configuration, portable, and
| trivial to run. Awesome.
|
| Even if Redbean here doesn't end up taking over the world, I hope
| that more ecosystems and toolchains sit up and take notice. We
| need more tools that look like this.
| franga2000 wrote:
| I was literally thinking about how cool this would be if it
| existed like a few days ago!!! Down to the freaky portable
| executable!
|
| Congrats on reading my mind and making what was supposed to be
| impossible?
| nwienert wrote:
| Can someone marry this with QuickJS and make a micro node
| competitor with a web server, 0 deps and no install?
|
| Wonder how far something like that could go, could be really
| interesting for replacing bash for me with something easier to
| write like JS.
| tgbugs wrote:
| I looked into building SBCL using chibicc last weekend in the
| hope that one could build a truly portable lisp runtime using the
| ape toolchain (Yes, yes, I know you couldn't possibly pick two
| more different approaches to software portability). Turns out the
| GNUC extensions for __asm__ are the primary stumbling block
| (though I'm sure there are others). tcc supports the GNUC
| extensions needed, and chibicc supports the thread local storage
| needed for dynamic variables. Looking forward to future
| developments!
| jart wrote:
| You need __asm__ in chibicc for sbcl? I have good news for you.
| I did exactly that in cosmopolitan's vendored fork of chibicc
| here:
| https://github.com/jart/cosmopolitan/blob/master/third_party...
| I went on a coding rampage back in December, adding to chibicc
| pretty much every GNU extension under the moon:
| https://github.com/jart/cosmopolitan/blob/master/third_party...
| It should be a perfect fit for use cases needed by Cosmopolitan
| and SBCL. Right now it's unlikely to get merged back upstream
| because Rui is still focusing on using Chibicc for his book,
| and that requires being more conservative about feature
| inclusion right now.
|
| I would highly recommend using chibicc. Bellard's work on tcc
| was fantastic when it came out. However it didn't age well. Its
| GNU extension support is roughly equivalent to GCC 2.x. The
| x86_64 support that got bolted on later isn't very good. It was
| much more elegant back when it was only doing i386. Hackability
| was also laid low by merging a lot of external contributions.
| The TCC design, while amazingly fast, also carries the tradeoff
| of making things like inline assembly hacks really hard because
| it generates the x86 binary content directly, rather than going
| through the intermediate step of generating an assembly file
| and running it through a proper assembler -- which chibicc now
| has!
| yters wrote:
| Hmm, somehow I knew Justine is a 'transwoman' by this feat. Lucky
| guess I suppose...
|
| Question: if all the high achieving women in tech end up being
| 'transwomen', is that a step forward or backward for women in
| tech? Will 'transwomen' be able to take advantage of hiring
| privileges given to normal women? If so, won't this effectively
| shut normal women out of tech even more?
|
| I think trans/self identifying people should be in a separate
| category so they don't exploit allowances made for under
| represented minorities.
| tobz wrote:
| Sincerely: what the fuck is wrong with you?
| yters wrote:
| Isn't it a legitimate question? We have special protection
| for under represented groups. So when the dominant group
| starts taking the identity of underrepresented groups and
| coopting their protections, they are no longer protected. The
| two things are at odds with each other.
| throwaway161437 wrote:
| I'll engage. I think your comments are clearly bigoted, and
| I'll tell you why. What you do with that is up to you.
|
| > Hmm, somehow I knew Justine is a 'transwoman' by this
| feat. Lucky guess I suppose...
|
| You use scare quotes around "transwoman". Why is that? Is
| that a concept you believe is not real somehow?
|
| You are guessing that something technically impressive was
| achieved by a trans woman. Why is that? Are women not
| capable of technical feats?
|
| > Lucky guess I suppose...
|
| This implies that women being technically inferior is
| something obvious, something we all know but can't say.
|
| > If all the high achieving women in tech end up being
| [yet-again-scare-quotes (and for some reason one word)]
| "transwomen", ...
|
| This isn't a playful hypothetical question. You are
| reinforcing your claim that women in tech are not high
| achieving.
|
| > I think trans/self identifying people should be in a
| separate category so they don't exploit allowances made for
| under represented minorities.
|
| > So when the dominant group starts taking the identity of
| underrepresented groups and coopting their protections
|
| From these two statements it is clear you think that trans
| women are the dominant group (men?) that are exploiting
| special allowances meant for women. Because in your eyes
| trans women do not count as women. And they don't deserve
| protection.
|
| You are getting downvoted because the community recognizes
| the bigotry against cis and trans women that is the
| backbone of your two comments.
| mikewarot wrote:
| I really like your view of the world, that programs should be
| portable, tiny, and just work. The slamming of so much
| functionality into a zip file is inspiring.
|
| Would it be possible to do something similar with Free Pascal,
| allowing the recreation of something like Turbo Pascal, except
| really, _really_ portable .com output?
| [deleted]
| jart wrote:
| Author here. Absolutely. I used to love Turbo Pascal and Delphi
| when I was younger. If Free Pascal uses GNU LD.BFD or LLVM LLD
| when it links programs, then all you'd need to do is is
| configure it to use cosmopolitan.a when linking system call
| functions like read(), write(), etc. See
| https://github.com/jart/cosmopolitan Another option is if Free
| Pascal wants to write all the system call support from scratch,
| then doing that now is going to be a whole lot easier since the
| Cosmopolitan codebase does a really good job documenting all
| the magic numbers you'll need. See files like
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/s...
| and
| https://github.com/jart/cosmopolitan/blob/master/libc/sysv/c...
| I've been working on a tiny C11 compiler called chibicc which
| has most GNU extensions and I managed to get it working as an
| actually portable executable with an integrated assembler:
| https://github.com/jart/cosmopolitan/blob/master/third_party...
| I also got Antirez's KILO text editor working as an APE binary.
| https://github.com/jart/cosmopolitan/blob/master/examples/ki...
| If we can build a linker too then we can get a freestanding
| single file toolchain + ide that's able to be a modern version
| of Turbo C.
| akavel wrote:
| I think the Zig community/BDFL might appreciate adding an APE
| target "os" to their buildchain (LLVM-based); that could be a
| match made in heaven!
| jart wrote:
| Author here. I've been chatting with the Zig BDFL on
| Twitter recently about contributing APE support and he's
| been super supportive so far. It's going to be a nontrivial
| undertaking but would certainly be rewarding for everyone
| if we can make it happen.
| phabora wrote:
| You can also use proper nouns, you dorks.
| akavel wrote:
| Oh wow!!!!!!!
| anthk wrote:
| Now you can port Slashem to more platforms than Nethack 3.4.3
| itself :D
| ronyeh wrote:
| Since I can't upvote your Show HN twice, I'll upvote this
| comment. I learned something interesting tonight from your
| websites. Thanks!
|
| chibicc is a really fun idea! If I was in college, I would
| take a compiler course from you.
|
| Taken from your README:
|
| "chibicc is developed as the reference implementation for a
| book I'm currently writing about the C compiler and the low-
| level programming. The book covers the vast topic with an
| incremental approach; in the first chapter, readers will
| implement a "compiler" that accepts just a single number as a
| "language", which will then gain one feature at a time in
| each section of the book until the language that the compiler
| accepts matches what the C11 spec specifies. I took this
| incremental approach from the paper by Abdulaziz Ghuloum."
| mhd wrote:
| Speaking of other languages, given that the APE is a zip
| container, it shouldn't be too hard to have a "starkit" like
| setup where the binary part is basically node/python/perl/tcl
| and the main script and all required libraries are in the
| executable.
| whizzter wrote:
| I love what you've produced here. I noticed that pthreads
| seems to be fail-stubbed for the time being, i guess it's a
| todo with tricky semantics?
|
| As for holding off on UI for the time being is probably the
| right thing to do, keeping with the minimal style planning on
| going for raw-x11,etc.
|
| However, as much as I personally love plain framebuffers
| (late 90s democoder myself), it'd be totally non-accessible
| for "plain" applications and totally lacking performance
| compared to anything accelerated when it comes to rendering.
| Graphics cards are just so many times faster that it's not
| really even the same kind of usage (only sad part is Apple
| punting on OpenGL driver updates even if Intel on the low end
| has become so much better).
|
| That said, having looked for a minimal UI framework and sadly
| they seem to be far inbetween these days (libUI is fairly
| compact on win/osX but required GTK on *nix but they've lost
| a bit of steam since 2018)
|
| Best of luck on it all (hopefully I can snatch out some time
| to contribute)
| jart wrote:
| So far the only platform where I've managed to get threads
| to work has been Windows. I came pretty close to getting
| clone() on Linux working a few days ago. Threads are so
| hard because no API was ever defined for them in original
| UNIX and BSD, so therefore each modern system today does
| them in a completely different way. Another blocker is that
| not all operating systems let us modify segment registers
| which is something that the Linux compiler assumes is
| available for TLS. So it'd be a miracle if it ended up
| being possible to make threads work portably. fork() on the
| other hand was easy to get working on all platforms. I love
| fork() and vfork().
|
| As for GUIs I'm still open to merging raw x11 support. One
| tricky issue is that we'd need to define a new API that
| veneers framebuffers, and so far Cosmopolitan has mostly
| refrained from defining novel interfaces, since the focus
| has been twiddling with low level magic numbers in order to
| make the textbook interfaces we already have work
| everywhere!
| whizzter wrote:
| Ah segregs is gonna be a pita indeed if it's all hard-
| wired to the compiler.
|
| Considered making some way to add "portable" modules
| yet(generic APE code with plat-specific impls) to avoid
| adding stuff to the core? I know the default calling-conv
| is slightly different but maybe by smth like defining
| virtual ports? (ie "send" structs since alignment rules
| should be mostly the same?)
| fwsgonzo wrote:
| Threads are a PITA everywhere. On Linux the SYSCALL stuff
| complicates things because of all the register moves, the
| FUTEX stuff, and potential races with how threads are
| exited.
| bjarneh wrote:
| > exes still end up being roughly 100x smaller than Go Hello
| World
|
| > Is the Cosmopolitan Runtime lean and mean like Go's 2mb Hello
| World executables?
|
| :-)
| rkalla wrote:
| "I figured out how to microwave water, to make gold."
|
| Good lord this is cool
| 867-5309 wrote:
| >the sources that went into creating it are nontrivial and only
| recommended reading if you really love printing lemurs in
| terminals.
|
| this is delightful
| whalesalad wrote:
| I'm not an expert at C code but it's really nice to read
| redbean.c - lots of relatively small functions with great names.
| Good example to follow.
| th0ma5 wrote:
| Presumably X86_64 only?
| ZiiS wrote:
| Not sure the is a working example. But they talk of embeding
| qemu to create cross archetecture executables. But the Window's
| and actual compiled code would still be x86-64.
| sscarduzio wrote:
| She says somewhere in her website that arm/apple silicon
| support is really easy to add, with no significant size or
| performance penalty, the same way she added qemu support.
| ngcc_hk wrote:
| Does it work with this level of bare metal
|
| https://news.ycombinator.com/item?id=26271356
| r0b05 wrote:
| Everybody is hyped up here but can someone explain to me what are
| the implications for the future of programming?
|
| Will I be able to write apps in a single language and have then
| run truly native on any OS or what else will we be able to do?
| alisonatwork wrote:
| This is something like a "fat binary" with some magic in the
| header that allows it to run out of the box on Windows and
| several different UNIXes, a bit like those sneaky shell scripts
| that run on several platforms[0]. It still needs to include
| some native code for each of the platforms inside the compiled
| binary, so it's perhaps better to see it as a slick
| packaging/distribution solution for C programmers than a total
| game changer for developers everywhere.
|
| The more interesting thing I think is the mapping of C library
| functionality between Linux, BSD and Windows. There have been
| other attempts to do this, but they never seem to get much
| traction. I think it's because C programmers tend to get wedded
| to their OS of choice and then invest time in improving that
| platform's C libraries. The problem with trying to remain
| portable with everything is that you tend to be stuck working
| with the lowest common denominator functionality, which can be
| frustrating when doing OS-specific stuff would open up so many
| more options.
|
| All that said, the cleverness of this project is inspirational
| in a way that might encourage other programmers to also focus
| more on building against simple functionality that is truly
| portable. It shows that you don't need all the bells and
| whistles to build cool stuff. That feels aligned with early
| UNIX philosophy and (more broadly) the hacker ethic, which is
| why it's neat to see, even if never gets adopted as a
| mainstream thing.
|
| [0] https://github.com/llamasoft/polyshell
| r0b05 wrote:
| Appreciate the response. So it's a bigger win for C devs
| specifically. I am a C# dev so I am trying to understand what
| opportunities this project unlocks.
| goldenkey wrote:
| Why you have pigeonholed yourself? "X Dev" is so cliche.
| You can compile C# to x86 machine code - this project has
| less to do with C and more to do with PE format and syscall
| tables. It means that it's language agnostic but not
| standard library agnostic.
| kidsil wrote:
| Odd, I'm getting $ ./printimage.com image.jpg
|
| run-detectors: unable to find an interpreter for ./printimage.com
| jart wrote:
| Author here. That error happens if you have binfmt_misc
| enabled. The solution is simple: sudo sh -c
| "echo ':APE:M::MZqFpD::/bin/sh:'
| >/proc/sys/fs/binfmt_misc/register"
|
| I intend to upstream a patch with the Linux kernel so it can do
| this automatically. If any kernel devs are reading, please
| email me!
| est wrote:
| Does it work on cheap Xen vps? Because
| "/proc/sys/fs/binfmt_misc/register" looks absent from mine.
| jart wrote:
| That's strange. I'd recommend filing an issue. Any details
| on how I can reproduce the error will be helpful, even if I
| have to temporarily rent one of those things. I'm on a
| mission to make binaries portable.
| na-- wrote:
| FWIW, it works on QubesOS, which is Xen based. Though it
| works only in my Fedora and Debian VMs, but not on my
| Archlinux-based one.
|
| I think that's because I have WINE installed in the
| Archlinux VMs, since that's what gets started when I run
| ./redbean.com. But even after I remove WINE, it still
| doesn't work, I probably have to restart (i.e. remove
| WINE from the TemplateVM, not the AppVM) for it to work.
|
| In any case, incredible work, I am in awe!
| FeepingCreature wrote:
| Instead of sudo sh -c to sudo the redirects, consider echo
| 'abcde' |sudo tee /proc/bla. Less nesting :)
| npongratz wrote:
| Do you mean less syntactical nesting? The pipe to sudo tee
| creates a new child shell, just as sudo sh -c does.
| FeepingCreature wrote:
| Yes.
| IggleSniggle wrote:
| I feel like I've learned more from your website and your source
| code in a few hours than I otherwise would have from years of
| study.
|
| You have a real talent for distilling the complex into something
| simple. It's apparent in the purpose of your programs, in your
| writing, and in your source code. Thank you so much!
|
| Basics of computing architecture that I didn't especially think
| were too complex for me to learn, but we're too abstracted for me
| to become interested in, are laid bare in each one of these
| programs and their source. This is all incredibly exciting.
| shaggy8871 wrote:
| Nice job, Justine. This level of excitement reminds me of the
| early days of Linux. I think it has the potential to go far.
| jart wrote:
| Author here. Thanks! I was deeply inspired when I read the
| source code to early versions of Linux and UNIX. The dream of
| that simple elegant power is something I'm hoping to restore
| for a new generation. All I'm doing to achieve that is simply
| standing on the shoulders of the giants who came before me.
| AtlasBarfed wrote:
| I can't believe I'm ASKING for a blog post.
|
| Can you blog a bit of the career/cognitive/skill evolutionary
| history behind this? Did the cosmo stuff come out of this or
| something else?
|
| Learned this in X level school, found out about Y, read about
| Y, learned this, got this job doing this, learned this from
| Z, got experience of AA... etc.
|
| Of course, assuming this exists, and you exist. And blogs
| "exist".
| jart wrote:
| Author here. When I first discovered the idea for Actually
| Portable Executable I thought I was going mad like Terry
| Davis. I couldn't even believe that it was possible until I
| actually did it. It cost me my job but I couldn't be
| happier with the result. This project is going to make
| problems disappear for so many developers. It's the sort of
| tool people can get excited about. I'm so happy that my
| prior career success and top-notch training have granted me
| the privilege of bringing something this cool to the world.
| Enjoy!
| fwsgonzo wrote:
| Have you considered trying to make system calls inline to
| avoid the call overhead? Or already thought about it?
|
| I've been banging my head against the wall of trying to make
| a micro KVM guest and the glibc startup code uses inline
| SYSCALL everywhere, I assume to make things faster. It does
| seem to call CPUID a lot too, but I guess it's not as
| expensive as having to make full-blown system calls.
| jart wrote:
| Cosmopolitan defines linkable symbols for all the
| __NR_syscall constants so you can absolutely use inlining
| if you like to live dangerously. For example: https://githu
| b.com/jart/cosmopolitan/blob/91f4167a45f811fde6... There
| really isn't any performance advantage to doing this,
| because the SYSCALL instruction itself has something like a
| 2000+ cycle cost due to all the copying that needs to
| happen on the kernel side along with things like spectre
| mitigations which have made is slower. So the 8 cycle cost
| of having a normal read() function wrapper is the wrong
| thing to be focusing on. Cosmopolitan aims to address the
| performance cost of SYSCALL by making it possible to run
| your binary on bare metal, where your program becomes a
| kernel, and therefore needn't pay any context switching
| costs at all.
| fwsgonzo wrote:
| And it's even more overhead when exiting a VM, then?
| shaded-enmity wrote:
| If you want to learn more how these things work I'd highly
| suggest going through the PoC||GTFO archive
| (https://github.com/angea/pocorgtfo/blob/master/README.md) and
| check out entries by Ange Albertini or entries named like "This
| ZIP is also a PDF".
| donaldihunter wrote:
| I came here for this. E.g.
| https://www.alchemistowl.org/pocorgtfo/pocorgtfo19.pdf
|
| "This file, pocorgtfo19.pdf, is valid as a PDF document, a ZIP
| archive, and a HTML page. It is also available as a Windows PE
| executable, a PNG image and an MP4 video, all of which have the
| same MD5 as this PDF."
| soheil wrote:
| Ok well this doesn't work on Mac, so much for not needing to
| cross-compile on every architecture. It's because of the OSX
| Gatekeeper but if majority of people need to self-sign or
| otherwise compile this binary I'm not sure if it is that portable
| be it if it's only a Mac thing. This dumps the zip content
| directly on the wire skipping an extra kernel write. There have
| been attempts before to run the same binary on multiple
| architectures by inserting magic headers without having to
| recompile. There are shell/batch versions of the same thing [0].
| The issue is such projects usually never get much traction since
| every programmer is wedded to their choice of OS and typically
| relies on APIs specific to each system. There are also "fat
| binaries" which accomplish the same thing if one truly wanted a
| cross platform single executable. There isn't a huge need for
| them currently and not just because they're "fat" (something this
| approach seems to tackle primarily) so I expect for the same
| reasons there won't be many needs for this approach either.
|
| I see a lot of people making the comparison between this and the
| OG Linux tools. I absolutely don't think this qualifies as one,
| most old Linux tools are irreplaceable or at least were when they
| first came out and there were no alternatives. Serving a bundled
| zip file on a web server across many different platforms is not
| something people are dying to do. You can run a web server like
| nginx or Apache to index your files or if you really hate those
| why not a single line command which is supported on almost any
| platform: python -m http.server 8080
|
| [0] https://github.com/llamasoft/polyshell
| francislavoie wrote:
| Caddy is a single file web server as well :)
| https://caddyserver.com/
|
| Admittedly they solve different usecases, where Redbean seems to
| want to serve a whole static site as a single file, which isn't
| currently possible with Caddy, (but you can run `caddy file-
| server` to serve the current directory as a static site), but it
| may become possible in the future with Golang's new embed package
| https://golang.org/pkg/embed/
| mholt wrote:
| That's actually a pretty interesting idea. I wonder if we could
| make a lite version of Caddy bundled with your website
| embedded...no need to mess with file systems or permissions or
| devices and folders to run a static site. Might need some
| massaging to become a truly pleasant workflow though.
| francislavoie wrote:
| Yeah - I could see it being part of xcaddy tooling to package
| up the static assets in the binary :)
| IceWreck wrote:
| The go std library offers the embed package. You can just
| embed your files and use the std lib's webserver and generate
| a single file binary. No need for Caddy.
|
| All this would be roughly 15 lines of code.
| mholt wrote:
| People use Caddy for automatic HTTPS, which the std lib
| does not give you.
| anderspitman wrote:
| Obviously you don't need to know this but others might
| not be aware that certmagic is a great middle ground
| between Caddy and rolling your own ACME.
| kapitalx wrote:
| Caddy is cool! Redbean is magic :p
|
| Thanks for sharing.
| goldenkey wrote:
| Is that smile at the end of your first sentence meant to be
| condescending?
|
| You are affiliated with Caddy and ought to mention that when
| you promote your own software.
| https://news.ycombinator.com/item?id=16687686
|
| This is not a competition. Caddy is not even in the same realm
| as Redbean.
|
| Redbean is a multi-platform binary that doubles as a ZIP. It's
| roughly 1500 times smaller than Caddy too.
|
| > different usecases
|
| Right. :)
| francislavoie wrote:
| > Is that smile at the end of your first sentence meant to be
| condescending?
|
| What? Of course not! You're reading way too much into that.
| It's simply enthusiasm. I read about Redbean and it being a
| single file webserver and the first thing to come to mind is
| Caddy, as "prior art".
|
| Like I said, different usecases; Caddy is a general purpose
| webserver which has automatic certificate management, H2/H3
| support, reverse proxy, file server, a strong plugin system,
| the list goes on. Of course it'll be bigger in size. Redbean
| is super cool and does have the advantage in file size and
| portability, clearly, but it is essentially a single-purpose
| tool. And there's nothing wrong with that.
| jart wrote:
| Caddy is cool but it has a separate 33mb executable for each
| operating system. Redbean is a 128kb executable that runs on
| all platforms so it has fewer moving parts and is 1584x tinier.
| All the convenience of being able to "just add your assets to
| the zip executable" wouldn't have been feasible if we needed to
| repeat that process n times for each operating system.
| francislavoie wrote:
| Yes of course - like I said, they solve different usecases.
| Caddy has way, way more features overall to make up for the
| bigger binary.
| mrmonkeyman wrote:
| Caddy is Go. It has 5mb hello worlds. (Which is fine)
| brainless wrote:
| OK I see we are going crazy, me too. Thanks @jart.
|
| I have been thinking about portable web apps with embedded SQLite
| for some time. I do not have the technical chops at C level to
| pull this off. I am really inspired by this project. I hope
| Redbean leads a way to distribute self-hosted apps in today's era
| of the cloud.
| BugWatch wrote:
| I still use the classic version of Tiddlywiki that is a single
| self-contained self-editing html file, and I "app-ify" it on
| Windows by changing the extension to *.hta.
|
| But having the similar solution with the SQLite, would be a
| perfect combination.
| mhd wrote:
| It's a neat coincidence that this is on at the same time as an
| article about CP/M, because I think there could be some overlap
| in the programs that would be a good fit for cosmopolitan.
|
| Sure, there's server appliances like this, and I hope someone
| makes a neat services wrapper to abstract at least some
| platform's intricacies so you can do a "cosmo-service up redbean"
| on BSD/Linux/Windows.
|
| But coming back to CP/M, there you had a lowest common
| denominator of terminal applications, too, but spread across
| different architectures. And you could still produce some quite
| intersting, if a bit business-like applications. These days you
| probably can even rely on more ANSI colors and maybe even unicode
| fonts (hopefull as an option, not mandatory).
|
| The ZIP characteristics of the APE format make it even easier to
| distribute a whole application in a rather simple way. Yes, sure,
| you can do regular Unix-style servers and pipe-it-together CLI
| tools, but I wouldn't mind more self-contained "business"
| applications with a lo-fi aesthetic regarding interface and API
| usage. The PICO-8 of TUIs...
| jart wrote:
| Author here. We're living in the most exciting time for
| developing terminal applications. When Microsoft unexpectedly
| added support for VT100 and XTERM codes to CMD.EXE it totally
| changed the equation and ANSI became universal for the first
| time. Blinkenlights is an example of a TUI application I
| created using Cosmopolitan and it literally works everywhere.
| https://justine.lol/blinkenlights/index.html You don't need
| curses. All that's needed is an ioctl() call which flips a bit
| in termios. Cosmopolitan polyfills that across operating
| systems. Another cool example of a demo app is this conway's
| game of life tui gui: https://justine.lol/apelife/index.html
| rexreed wrote:
| Does that remove full binary compatibility for those running
| on older OS from Microsoft with an older cmd.exe?
| jart wrote:
| Cosmopolitan supports Windows 7. The WinMain() polyfill is
| programmed to gracefully fall back if ANSI isn't available.
| So the binary still loads fine. You just need to run it in
| something like MinTTY instead if your TUI program is run on
| an old version of Windows.
| bni wrote:
| Why does the magic numbers list have a XENIX column?
| jart wrote:
| Author here. The name was chosen mostly out of playfulness to
| describe Windows since I seem to recall XENIX being the
| earliest example of Microsoft dipping their toes in the water
| with UNIX support.
| robaato wrote:
| Back in the day ('80s) worked at Logica with colleagues who
| did Xenix support!
| bni wrote:
| Would GUI programs be possible with this? I don't mean some cross
| platform framework monstrosity.
|
| But if some least common denominator was found to be able to
| create window, add some input fields and buttons using the native
| UI elements of the OS?
|
| Does the Win32 and Cocoa APIs for example, also have "magic
| numbers" that are kept stable?
| hnarn wrote:
| > Would GUI programs be possible with this?
|
| This is a cross platform web server, not a cross platform web
| browser.
| bni wrote:
| Sorry, I forgot that this post was about the web server and
| not about actually pdrtable executable
| alfiedotwtf wrote:
| This is the coolest thing I've seen on HN in a long time. Nice
| work
| haolez wrote:
| This is so powerful that it can be used as a "weapon": it's the
| perfect lib for making malware. I think this is a compliment!
| cirowrc wrote:
| scary scary scary
| nabla9 wrote:
| She started her career with a very successful spam tool. She
| was 14 at the time.
| syncbehind wrote:
| I definitely was not coding when I was 14. Dang.
| aembleton wrote:
| Just make sure you don't have another server running on :8080.
|
| I had syncthing running and kept getting some error whenever I
| tried to run redbean. The error didn't make much sense, but
| eventually I realised that this was the casue of the error.
|
| I'm really impressed how portable this is. The only improvement I
| can see is if it auto-opened your browser to :8080. That way it
| would be easy to distribute the binary and have people run your
| application and just interact with it through their browser. No
| need to ship electron then!
| r0b05 wrote:
| Let's say we are able to do this. Would we have any security
| concerns to be addressed?
| anaganisk wrote:
| How different would it be from opening a random site in your
| web browser?
| t0astbread wrote:
| There is the possibility of other programs making HTTP
| requests so you shouldn't assume trust on any request
| automatically. What you can do is give the browser a cookie
| once when your app starts which you then check on every
| request.
|
| Oh and listen on 127.0.0.1, not 0.0.0.0. That way your app is
| not needlessly exposed to the network.
| sva_ wrote:
| I think you could trivially issue a _system()_ call, you 'd
| just have to use the corresponding command to open the default
| browser for each particular system. (Linux: _xdg-open_ , MacOs:
| _open_ , Windows: _start_ )
| aero- wrote:
| Can someone explain this to me like I'm an 8 year old?
| anderspitman wrote:
| Can someone explain this to me like I'm a 31 year old?
| mikewarot wrote:
| I've been programming since before you were born... and this
| is the most impressive hacking feat I've ever seen.
|
| A single executable, that doubles as a valid ZIP file, that
| you can put a complete website into, also doubles as a valid
| executable on Windows, Mac, Linux.
|
| The build infrastructure is a complete reworking of C to make
| it far more portable than even K&R thought possible.
|
| I probably wouldn't have believed it possible, but here it
| is!
| anderspitman wrote:
| Thanks!
| mikewarot wrote:
| On most computer systems these days can select a set of files
| and folders and tell the computer to "Send to compressed file",
| the files that come out of that process usually end in ".zip",
| and are thus known as "zip files"
|
| This is a zip file, like any other... you can add and remove
| things from it. However, this ZIP file has a superpower, it can
| display the contents on the web... it has a web server built
| into it.
|
| You can take this file, run it on a Windows, Linux, Macintosh,
| and it will work. You don't need separate versions for each
| different system... this _just works_ on all three systems,
| unlike almost every program ever written.
|
| This is one of the most impressive feats of programming things
| I've seen in my 40+ years of programming. The web serving is
| clever, but the superpower that it can run on anything really
| took a huge amount of work, which the author built into a tool
| called "ape", and has shared with the world, so other people
| can use it, and help her make it better.
| quickthrower2 wrote:
| Cute idea. Sounds like magic.
| edoceo wrote:
| Built with actual magic:
| https://storage.googleapis.com/justine/ape.html
|
| From the same person I think
| indigodaddy wrote:
| Author mentions that the APE's can be booted from the BIOS.
| Would this imply you could perhaps implement a lambda-like
| cloud service that could spawn/start the APE on demand? Edit,
| I'd guess you'd want to/have to, also have a tcp/ip stack in
| the APE as well (but perhaps just going for containerization
| of the APE is the better play and not have to worry about any
| of that..)
| neilv wrote:
| The trademark collision is going to test the joke of Red Bean
| Software:
|
| > _We 're software producers of a different kind. Rather than
| market software the usual way, we openly deny its existence, and
| challenge our customers to do the same._
|
| https://red-bean.com/
| txdv wrote:
| > That performance is thanks to zip and gzip using the same
| compression format, which enables kernelspace copies
|
| Can someone elaborate on the relationship between gzip and kernel
| space copies?
| jart wrote:
| Normally when a browser asks for Content-Encoding: gzip, the
| http server needs to schlep the file into memory, compress it,
| and only then is it able to send the output to the client.
| Since redbean reads files from a zip archive, that file is
| already compressed. So what it does is it uses mmap() to load
| the zip executable in memory. Therefore instead of
| read()+write() it can just call writev() on the mapped memory
| area. That enables us to skip the extra copy. The kernel can
| just copy the gzipped file contents directly to the network
| wire without having to pay any userspace context switching
| penalties.
| ptato wrote:
| I can't get it to run on Ubuntu. "run-detectors: unable to find
| an interpreter for ./redbean.com"
| ToJans wrote:
| The short description is a bit too short; this is mind blowing!
|
| Redbean is a portable, single file executable webserver which
| also acts as a zip-file for the static content it hosts, and runs
| on Linux + Mac + Windows + FreeBSD + OpenBSD + NetBSD + BIOS
| without any recompilation...
|
| You can manage the static content using standard pkzip tooling!
| Now that's what I call thinking out of the box!
|
| Edited: some rewording and breathing space
| tutfbhuf wrote:
| Is it that this binary does some tricks to run on Linux, Mac,
| Windows, FreeBSD, OpenBSD, NetBSD, BIOS or does it really work
| on all operating systems including something like Plan 9 or
| even TempleOS?
|
| And does it run on different architectures like ARMv6?
| twic wrote:
| Native execution on x86_64 only. "Linux + Mac + Windows +
| FreeBSD + OpenBSD + NetBSD + BIOS", where "BIOS" means that
| it will boot a machine and run on bare metal. On non x86_64
| systems, the driver script will try to run the binary using
| QEMU (which has to be installed and on the path):
|
| https://github.com/jart/cosmopolitan/blob/40291c9db386d8a952.
| ..
|
| If i have understood how the portability works, it would be
| pretty straightforward to add support for another OS which
| uses the same ABI as the unices and has a compatible system
| call table - just a matter of adding a column to consts.sh
| (system call numbers in the nr section, constants from system
| headers in their appropriate sections) and adding any OS-
| specific system call rituals to systemfive.S.
|
| Note that all system calls will go through the syscall
| interface. If your OS has some other way to make system
| calls, like Linux's vDSO or io_uring, that won't be used.
|
| If your OS had a different system call table, like Windows,
| then you would need to write more bespoke code for it, like
| all the Windows wrappers:
|
| https://github.com/jart/cosmopolitan/tree/0e85b136ae1beb0d2b.
| ..
|
| You would then need to go through the Cosmopolitan libc and
| add implementations of its functions on top of your wrappers.
| mhd wrote:
| I think it qemu's itself if run on another platform.
| ddtaylor wrote:
| One small complaint I have is that there is already a popular
| project called RedBean: https://www.redbeanphp.com/
| gildas wrote:
| Awesome! You could even use a zip file as a container for the
| assets you want to serve! see https://gildas-lormeau.github.io/
| (the page is a self-extracted zip file). And here's a demo
| showing how to update an image:
| https://www.youtube.com/watch?v=RJWhDmYhnX4
| codezero wrote:
| The magic numbers file ends with a comment linking to a youtube
| video of numbers station playing very disconcerting and dissonant
| music, so we can add art/comedy to the list of features (which
| was already obvious!)
| modeless wrote:
| .apk files and .ipa files are secretly zip files too. With the
| addition of a few manifest files and other crufty things embedded
| in the zip, I bet you could add Android and iOS to the list of
| supported platforms too.
| akavel wrote:
| I've recently succeeded in building working .apk files byte-by-
| byte completely from scratch so I could maybe help some. Open
| an issue on https://github.com/akavel/hellomello if interested
| in some talking/advice and/or watch my talk on NimConf 2020 for
| an overview (I don't have a link handy as I'm on mobile).
| nonameiguess wrote:
| Jars, rpms, whls, Microsoft Office, probably a bunch of other
| stuff I don't even know about are actually zip files.
| citruscomputing wrote:
| .epubs too!
| chriszhang wrote:
| Someone please be kind and explain to me how this works? Don't
| different executable formats need different headers?
|
| Don't ELF need "0x7F ELF" header? Don't Windows executable need
| "MZ" header? How is it fulfilling both requirements
| simultaneously?
| Gys wrote:
| The OP explains https://justine.lol/ape.html
| WrtCdEvrydy wrote:
| This is awesome, I've wanted a way to package a webapp for
| distribution locally and I think this + sqlite would be a perfect
| combination.
| thecodrr wrote:
| As amazing as this is unfortunately it doesn't work for me and I
| am on Linux.
|
| I get bash: ./redbean.com: No such file or directory
|
| after chmod-ing.
|
| Maybe I am dumb but yeah.
| anderspitman wrote:
| Is your system 32 bit by chance?
| hnarn wrote:
| Out of curiosity, are there any general benchmarks available as
| to how this stacks up to something like nginx when it comes to
| static page serving?
| r0b05 wrote:
| The APE shit is really cool.
|
| The webserver is novel but I am just wondering, how would it
| compare to something like Apache/ISS in terms on
| security/config/etc, or is this mostly just to move small sites
| around?
| chacocr wrote:
| Hi
| Lorin wrote:
| No relation to http://redbeanphp.com/ I guess :D
| rebelpixel wrote:
| I think that's still worth mentioning considering they're
| roughly in the same sphere of interest, to avoid the confusion.
___________________________________________________________________
(page generated 2021-02-26 23:00 UTC)