My twitter archive, semi-curated

New profile: @vegard@mastodon.social

This archive contains most of my tweets, categorized by topic. I have removed some tweets that were either irrelevant or meaningless without more context.

The views expressed on this website are my own.

Filters (OR): All Blog Technology Git Assembly C CPP Python Rust Linux Programming LinuxKernel Fuzzing Security Ksplice SAT Cryptography Games GameDev Art Music Audio Graphics Personal Politics Media French Humour

2014-02-24 16:30 🔗 — In reponse to: @SoosMate

@SoosMate Still figuring out how this thing works :-P

2014-05-23 19:27 🔗

I got the OpenGL 4.0 Shading Language Cookbook. Seems pretty good, but why on earth are all the pictures greyscale? http://www.packtpub.com/opengl-4-0-shading-language-cookbook/book

2014-07-03 18:22 🔗

"I know that voice 2013" -- really inspiring documentary https://www.youtube.com/watch?v=bRwUjYwXE3Y

2014-07-23 21:42 🔗

I'm literally late to the game, but it needs to be said: #Fez is the best game I've ever played. Runs on Linux too! http://fezgame.com/

2014-11-23 18:19 🔗

What a shameless and embarrassing question to ask just after a loss. If he was planning to quit, he would have said so #AnandCarlsen2014

2014-12-09 11:22 🔗

My contribution to the Christmas mood... simple, but I like it :-) https://soundcloud.com/vegard_no/silent-night?utm_source=soundcloud&utm_campaign=share&utm_medium=twitter

2015-01-05 19:19 🔗

Really disappointed with mandatory full body scans at Amsterdam airport Schiphol. Security guy also got rude when I started asking about it.

2015-01-05 22:46 🔗 — In reponse to: @vegard_no

@mfkne How? The security guy basically told me to go through the machine or miss the flight. It took me by surprise, I'll insist next time.

2015-02-10 22:20 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow 7pm PST? Why do you hate Europeans so much? :-(

2015-02-19 15:28 🔗

@PHIL_FISH @renaudbedard Polytron Corp fan art. RIP Polytron

2015-03-29 22:13 🔗 — In reponse to: @InnuendoStudios

@InnuendoStudios Would be cool to have 40 minutes, if only to see what it looks like...

2015-07-09 10:41 🔗

Playing the Pippi Långstrump theme on piano https://soundcloud.com/vegard_no/pippi?utm_source=soundcloud&utm_campaign=share&utm_medium=twitter

2015-07-17 23:47 🔗 — In reponse to: @Calvinn_Hobbes

@Calvinn_Hobbes @SoosMate @psuedofolio This comes to mind... http://psuedofolio.tumblr.com/tagged/Calvin-and-Hobbes

2015-11-26 16:26 🔗

@grahamsellers Ping? https://www.khronos.org/bugzilla/show_bug.cgi?id=1377

2015-12-04 12:41 🔗

@BrettDomino 5y ago I made my very own 2D stylophone out of a wacom tablet (sorry for poor quality) https://www.youtube.com/watch?v=tfJ5ePmA-iA you should try

2015-12-31 12:28 🔗

Not sure what happened here...

2015-12-31 13:57 🔗 — In reponse to: @penberg

@penberg Oh, I see. Thanks! :-)

2016-01-01 22:28 🔗

satmenuconfig: SAT-solving Linux kernel configs on the fly; EXT4_FS=y is inferred because EXT4_DEBUG=y was requested

2016-01-03 18:48 🔗

2016-03-17 16:17 🔗

@johansaettem Artikkelen din om rekordlav rente inneholder ikke et eneste tall.

2016-03-27 14:07 🔗 — In reponse to: @Hamm_Tips

@Hamm_Tips @FreeGlass http://jamesclear.com/ira-glass-failure

2016-04-06 21:31 🔗

I'm doing a talk with @4c1d3 on Linux filesystem fuzzing using @lcamtuf's AFL at Vault 2016: http://sched.co/68kL http://events.linuxfoundation.org/sites/events/files/slides/AFL%20filesystem%20fuzzing%2C%20Vault%202016.pdf

2016-04-12 21:24 🔗

. @nelhage Saw your blog and remembered an old post on accidentally exponential C++ (and Python3) comparisons :-/ http://vegardno.blogspot.fr/2012/07/comparing-objects-in-c.html

2016-04-15 09:28 🔗 — In reponse to: @_alanSummers

@_alanSummers @4c1d3 Sorry about that :-/ We had a couple of other people say the same thing. I suggest ploughing on with your own project

2016-04-15 09:29 🔗 — In reponse to: @vegard_no

@_alanSummers @4c1d3 Let us know when you're done and maybe we can collaborate, it's an ongoing project & there is plenty of work to be done

2016-05-06 11:01 🔗 — In reponse to: @HovikYerevan

@HovikYerevan @4c1d3 Looks like a fun initiative; unfortunately we're both in France and it's a bit far away, we'll keep it in mind though!

2016-05-18 20:28 🔗

So apparently Ctrl-Z in Windows deletes your files. http://answers.microsoft.com/en-us/windows/forum/windows8_1-update/how-to-recover-files-lost-by-ctrlz/74e7e588-e27d-4e04-8eda-5876ced6adaf?auth=1

2016-05-26 21:27 🔗

Writing a reverb filter from first principles http://vegardno.blogspot.com/2016/05/writing-reverb-filter-from-first.html

2016-06-22 22:57 🔗

I wrote a #blender3d script that imports #LittleBigAdventure models and animations: https://github.com/vegard/blender-lba #LBA #Twinsen

2016-06-26 22:12 🔗

. @johnregehr Upcoming gcc 7.0.0 apparently miscompiles the #kernel due to aggressive array/pointer optimisations: https://lkml.org/lkml/2016/6/26/73

2016-06-26 22:46 🔗 — In reponse to: @johnregehr

@johnregehr http://pastebin.com/4Qc6pUAA In the kernel, __start and __end would be defined by the linker script as ptrs to start/end of an array

2016-06-26 22:55 🔗 — In reponse to: @vegard_no

@johnregehr I suppose gcc is really within its rights to do this, it's just inconvenient and surprising.

2016-06-27 10:13 🔗 — In reponse to: @ch3root

@ch3root @johnregehr Their fix is eerily similar, thanks for the link! Op in this case was also !=. That's a much older gcc though, how odd.

2016-06-27 13:09 🔗 — In reponse to: @stephenrkell

@stephenrkell udis86 is pretty good, completely standalone, and BSD: https://github.com/vmt/udis86 check out the forks, they have some extra fixes

2016-07-05 15:26 🔗 — In reponse to: @johnregehr

@johnregehr I ran into this gcc 6.1.0+ ICE just yesterday: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71756

2016-07-15 00:06 🔗

Ramping up the ext4 fuzzing @lcamtuf http://marc.info/?l=linux-ext4&m=146853062803624&w=2 should keep me busy for a while...

2016-07-15 00:16 🔗 — In reponse to: @vegard_no

@thomasmey Just for validating the crashes and getting the reports -- I believe UML doesn't support KASAN out of the box, for example

2016-07-15 08:55 🔗 — In reponse to: @titanous

@titanous Yeah, we have a bunch of scripts and we're hoping to release them soon. Will post on AFL and kernel lists when it's ready

2016-07-18 00:40 🔗

Wrote a kernel driver to mount qcow2 images without qemu-nbd. No write support yet, but not bad for a day's work :-)

2016-08-11 19:15 🔗 — In reponse to: @managore

@Managore doesn't seem to work with my gamepad (which is fine in other games) on Windows. ideas?

2016-08-12 16:28 🔗 — In reponse to: @managore

@Managore generic USB HID gamepad, device ID 146b:5500

2016-08-14 23:39 🔗

Visualise ifdef nesting for particularly nasty preprocessor spaghetti https://gist.github.com/anonymous/06bdc38eddc89476b30bb14270c94334

2016-08-22 17:16 🔗 — In reponse to: @managore

@Managore That took longer than I expected, 1000 people is quite a crowd. Also, I'm starring in a video game! :-D

2016-08-31 23:12 🔗

FWIW, I wrote down a walkthrough of a kernel NULL ptr deref debugging session (sync()/close() race) http://vegardno.blogspot.fr/2016/08/sync-debug.html

2016-09-27 22:16 🔗

I'm going to be at @KernelRecipes in Paris tomorrow + the rest of the week, feel free to ping me if you want to meet up :-) #kr2016

2016-10-03 22:57 🔗 — In reponse to: @kees_cook

@kees_cook Just to get the ball rolling... please don't judge me

2016-10-11 18:19 🔗

Machine learning gone wrong?

2016-10-12 09:35 🔗 — In reponse to: @gparker

@gparker Nothing I've seen has so far beat the Super Mario 64 character state/animation transition graph: http://i.imgur.com/tyb34Kc.jpg

2016-10-12 20:36 🔗 — In reponse to: @NicolasWeis

@NicolasWeis Hey, just found this, I love your art and your style! Was this inspired by Franquin..?

2016-10-18 16:14 🔗 — In reponse to: @dazrin_

@dazrin_ Happy birthday! Wish you lots of success with SM64 and your studies!

2016-10-20 19:44 🔗 — In reponse to: @stephenrkell

@stephenrkell I once added libcxxrt and libunwind to the Linux kernel, 22kloc later exceptions worked

2016-10-20 19:44 🔗 — In reponse to: @vegard_no

@stephenrkell but I was so disgusted with what I had learned about C++ exception handling

2016-10-21 20:37 🔗

@PatrickRMetzger your list of millennial whoops didn't have anything between 91 and 03, I think this from 96 is one? https://www.youtube.com/watch?v=WjxU3ovRI8A&feature=youtu.be&list=PL7AE26D0DA8B81041&t=136

2016-10-21 20:47 🔗 — In reponse to: @PatrickRMetzger

@PatrickRMetzger @YouTube This is the album: https://www.rockipedia.no/utgivelser/smurfehits_1-24977/ The song is a cover of https://www.youtube.com/watch?v=QFeR33I0HPs but I heardn't the whoop

2016-11-04 18:58 🔗 — In reponse to: @linkin8834

@linkin8834 Oh, wow, this is really old stuff. I will have to do some digging to find that.

2016-11-04 18:59 🔗 — In reponse to: @linkin8834

@linkin8834 Maybe this works for you? http://www.multiprecision.org/index.php?prog=mpc

2016-11-04 19:28 🔗 — In reponse to: @rep_stosq_void

@spun_off Fun fact: French trivial pursuit wedges are officially called camemberts.

2016-11-08 23:37 🔗 — In reponse to: @sn0tcat

@EwaldOthmar @jampants That's a cheesy pun

2016-11-10 20:34 🔗 — In reponse to: @brellom

@Brellom that's anchovies

2016-11-13 23:47 🔗 — In reponse to: @johnregehr

@johnregehr I've known a Dell to do the same thing, although it was more readily felt by another person touching the one holding the laptop.

2016-11-21 15:51 🔗 — In reponse to: @GunwildPrime

@GunwildPrime Cthulhu..?

2016-11-29 19:29 🔗

Somebody requested https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7910 , but I think it's not exploitable since it relies on a small kmalloc failure (thanks @jamiediles)

2016-11-30 00:18 🔗

New revision syntax in git 2.11.0: "git log rev^-" where rev is a merge commit gives you all the commits from the branch that was merged in https://twitter.com/lwnnet/status/803723025178771460

2016-12-01 11:03 🔗 — In reponse to: @rantonse

@rantonse @ProcessingOrg was curious about variable curvature... https://gist.github.com/vegard/929a74bbfe862c7a1e0f61e4d2bbceb0

2016-12-01 11:32 🔗 — In reponse to: @vegard_no

@rantonse @ProcessingOrg

2016-12-01 11:57 🔗 — In reponse to: @vegard_no

@rantonse @ProcessingOrg This is still just triangles rotating in place. So fascinating!

2016-12-04 15:59 🔗 — In reponse to: @KoulmaLaMinette

@KoulmaLaMinette I saw this guy today in avenue Gabriel Fauré, but I think the white stripe on the forehead looks too short

2016-12-06 17:25 🔗

The Ubuntu Xenial installer has so far forced me to reboot 3 times due to hangs and crashes during partitioning... WHAT YEAR IS IT

2016-12-09 20:29 🔗 — In reponse to: @dekisu

@dekisu @spun_off it's called "intel" for a reason

2016-12-13 16:25 🔗

@johnregehr What can I expect from running C-reduce on ~30kloc with ~30 seconds per interestingness test (includes booting a VM...)?

2016-12-13 16:31 🔗 — In reponse to: @vegard_no

@johnregehr to be clear, I'm not looking for compiler bugs, I just have a program that crashes the kernel and it's way too big as a testcase

2016-12-13 16:36 🔗 — In reponse to: @johnregehr

@johnregehr Not shabby, sounds worth trying out then. Thanks!

2016-12-13 20:01 🔗 — In reponse to: @johnregehr

@johnregehr Getting the test program to build/run is hard, kvm (run by the interestingness script) keeps getting SIGTTOU and stopping. Bleh

2016-12-15 16:44 🔗

I didn't really realise how much I wanted this. https://gist.github.com/vegard/5accafa5016786596438457b6559b106

2016-12-18 21:43 🔗 — In reponse to: @r3l0z

@r3l0z had 60k once but didn't screenshot it, so I guess it doesn't count

2016-12-27 01:28 🔗

Saw the terminal Christmas greeting earlier, here's my New Year one. Posting early so you can run it in time 🙂 https://gist.github.com/vegard/3262956d4b183f676a8968e64ca38dba

2017-01-02 21:40 🔗

Wonder how much this will really cost me. Also, this bug is a few months old by now. @orange

2017-01-04 21:21 🔗

SQLAlchemy relationships 😢 MongoDB (non-)atomicity 😢 Can we add databases to the list of things that are hard in computer science?

2017-01-05 19:30 🔗

Making French tongue twisters (with @4c1d3's help): "Mes chiens méchants m'échangent mais chantent"

2017-01-05 19:31 🔗 — In reponse to: @vegard_no

"Cette saison ce sont cent saucissons sans sensation à Cesson"

2017-01-06 09:52 🔗 — In reponse to: @r3l0z

@r3l0z @mkerrisk funny how many people bashed the random(4) man page instead of just sending patches to correct it (although others did)

2017-01-06 20:06 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow complaining on twitter is equally ethically dubious, think of all the people who are still going to run into the same error

2017-01-08 17:40 🔗

I only just realised that the range of frequencies you capture with an FFT doesn't depend on the FFT size at all, only your sample frequency

2017-01-08 17:41 🔗 — In reponse to: @vegard_no

@vegard_no and the bigger FFT size just gives you better accuracy

2017-01-11 09:09 🔗

R.I.P. Aaron Swartz https://twitter.com/binitamshah/status/818168282817658880

2017-01-11 23:02 🔗 — In reponse to: @gparker

@gparker Maybe something like this? https://gist.github.com/vegard/00e8469855afeae77717e1a1a8e78aa9 I made some last-minute changes to an ancient script I had, so it may have bugs.

2017-01-12 20:32 🔗 — In reponse to: @johnregehr

@johnregehr it's showing include/lvm/IR/ -- did you want http://llvm.org/reports/coverage/lib/IR/index.html ?

2017-01-12 20:54 🔗 — In reponse to: @johnregehr

@johnregehr I don't know, sorry

2017-01-13 17:20 🔗 — In reponse to: @rep_stosq_void

@spun_off they must both be NUL-terminated but the NUL doesn't have to be within the first size characters.

2017-01-13 17:21 🔗 — In reponse to: @vegard_no

@spun_off https://lkml.org/lkml/2014/3/7/712

2017-01-14 23:53 🔗

@staminapl Hey... whenever I save+reopen a depthy as PNG, it's flat (same with sharing; it creates a flat animation). As JPEG it seems fine.

2017-01-16 11:13 🔗 — In reponse to: @binitamshah

@binitamshah antimicrobial properties?

2017-01-19 23:26 🔗 — In reponse to: @benmmurphy

@benmmurphy Don't you need root to use dtrace in the first place? It's not very clear from the article.

2017-01-23 14:28 🔗

As I unplugged my laptop from the wall this morning both prongs accidentally touched my hand after it was completely out and I got a shock.

2017-01-30 11:55 🔗 — In reponse to: @motherboard

@motherboard Great article, however just clicking that link loads a dozen trackers, including Facebook's. And that is part of the problem.

2017-02-03 09:58 🔗

the broken window fallacy fallacy: when the only alternative is breaking something far more valuable

2017-02-10 12:26 🔗 — In reponse to: @cstross

@cstross @guardian I'm no Trump fan but that opinion piece is trash. "His supporters don't know how to read"? Please, this achieves nothing.

2017-02-11 15:54 🔗

What's the right way to compile a C++14 program using exceptions against LLVM when llvm-config outputs -std=c++0x and -fno-exceptions?

2017-02-11 16:00 🔗 — In reponse to: @vegard_no

@vegard_no "g++ -std=c++14 -I$(llvm-config --includedir) main.cc $(llvm-config --ldflags --system-libs --libs core)" could work

2017-02-18 15:51 🔗

C++ project is 1.9KLOC and takes 1.5s to compile with 1 g++ call. Preprocessed source is 105KLOC; 52% from /u/inc/c++, 33% from /u/inc/gcc 😢

2017-02-18 22:26 🔗 — In reponse to: @ClipperChip

@ClipperChip @matthew_d_green Flamanville explosion http://www.independent.co.uk/news/world/europe/french-nuclear-power-plant-explosion-latest-injured-flamanville-la-manche-normandy-accident-fire-a7570876.html comes to mind

2017-02-19 07:30 🔗

@hoorn_tweet Dude, don't retweet me. I'm an immigrant and I have Muslim, Jewish, Christian, and atheist family, friends, and coworkers

2017-02-20 09:31 🔗 — In reponse to: @punchyninja

@punchyninja So sorry, punchy. Even the little guys seem to have a personality, don't they? Just remember the good times and the good life

2017-02-20 14:01 🔗

@dotsMarc @Managore When are we making this happen? https://gfycat.com/PhonyAcidicBoubou

2017-02-23 14:35 🔗

OMG, they used my SHA-1 SAT instance generator !!! https://twitter.com/binitamshah/status/834756984859553792

2017-02-24 08:31 🔗 — In reponse to: @wiretapped

@wiretapped To be fair, he's specifically addressing the "bad luck" part -- a chance collision is still exceedingly unlikely.

2017-02-24 08:33 🔗 — In reponse to: @wiretapped

@wiretapped And the rest of the email talks about intentional 2nd-preimage attacks, not collisions, which still haven't happened.

2017-02-24 18:45 🔗

I repurposed some old visualisation code for the SHA-1 collision to show the actual bit patterns involved: https://vegard.github.io/sha1/

2017-02-27 15:29 🔗 — In reponse to: @matthew_d_green

@matthew_d_green That is an amazingly arrogant statement. Congratulations.

2017-02-27 18:30 🔗 — In reponse to: @jhripley

@jhripley The attack can be repeated for git, but you still need to sink $100k+ into it AND trick somebody into pulling your colliding input

2017-02-27 18:30 🔗 — In reponse to: @jhripley

@jhripley which doesn't seem very likely to happen very soon -- and in the meantime, the problem is being worked on. What more can you ask?

2017-02-27 18:46 🔗 — In reponse to: @jhripley

@jhripley True, although in that case it would seem you're already trusting whoever is pushing, no? The outrage is overblown.

2017-03-03 19:25 🔗 — In reponse to: @brellom

@brellom no spoilers

2017-03-03 19:26 🔗 — In reponse to: @brellom

@brellom could still be a spoiler...

2017-03-06 20:31 🔗 — In reponse to: @mvandevander

@mvandevander Dibs!

2017-03-12 09:36 🔗

Does anybody know why Turkish minister Kaye was refused entry to the Netherlands? I feel like we're not getting the full story here.

2017-03-14 08:46 🔗

Happy Pi Day! https://archive.org/details/DayOfThePidiot

2017-03-15 14:10 🔗

This is an absurd generalisation that unfortunately antagonises a lot of people who genuinely want greater diversity in their workplace. https://twitter.com/_raincl0ud/status/841493084118646785

2017-03-15 22:29 🔗 — In reponse to: @damienmiller

@damienmiller You should consider still keeping "UsePrivilegeSeparation no", it's really useful for fuzzing to be able to turn it off.

2017-03-17 13:35 🔗

I wrote a guide to fuzzing OpenSSH using AFL: http://vegardno.blogspot.fr/2017/03/fuzzing-openssh-daemon-using-afl.html @lcamtuf @damienmiller @msfriedl

2017-03-17 16:11 🔗 — In reponse to: @lcamtuf

@lcamtuf @robertswiecki Yeah, it seems to stay mostly around ~1900, but ranges from ~30 only during trim (for some reason) up to ~2500

2017-03-17 16:24 🔗 — In reponse to: @damienmiller

@damienmiller @lcamtuf @msfriedl Nice, thanks, that would probably give another speed boost!

2017-03-17 20:58 🔗 — In reponse to: @robertswiecki

@robertswiecki Yeah, do I have __AFL_INIT() in there after parsing config and loading keys, I guess it's not very clear from the diff!

2017-03-18 17:52 🔗 — In reponse to: @RoninDey

@DEYCrypt Thanks! The only Breton I know is "Straed Entraven", which is where I used to live in Rennes :-) Hirmat!

2017-04-05 12:11 🔗 — In reponse to: @chaignc

@chaign_c @APT1337 @XeR_0x2A I can't beat that :-) What program/library, some sort of CPU emulator/instruction interpreter maybe?

2017-04-13 17:17 🔗 — In reponse to: @oaklandishdude

@oaklandishdude @danluu @johnregehr Apparently it's been fixed in gcc by now :-)

2017-04-14 18:40 🔗

🎵 There must be... fifty ways

to crash your kernel 🎵

#syzkaller

2017-04-14 23:07 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow I think Ubuntu is a pretty good choice; up-to-date packages, things mostly work. Go with installer defaults for disk partitioning though.

2017-04-21 08:18 🔗 — In reponse to: @jamiediles

@jamiediles @mentor_graphics Can you compile GNU software (bash++) with that too? I suppose segmentation + memory footprint makes it difficult, though.

2017-04-24 13:59 🔗

Accidental optical illusion. Try staring at the center while moving the screen around. Disclaimer: Look at your own risk.

2017-04-25 14:29 🔗 — In reponse to: @brellom

@brellom https://www.youtube.com/watch?v=ZXsQAXx_ao0

2017-04-28 14:04 🔗

Cryptographers 😂

2017-05-12 16:01 🔗

I have a patch ready to kill kmemcheck the moment this gets merged... just saying https://twitter.com/Glider/status/862719291749265408

2017-05-12 23:12 🔗 — In reponse to: @PolygonCherub

@PolygonCherub Try H1Z1: KOTK, you can skip the 20 minutes and go straight to dying.

2017-05-15 00:23 🔗 — In reponse to: @Noizeeh

@NoizeehRuns keep yourself safe

2017-05-15 10:32 🔗 — In reponse to: @vegard_no

@octobyte @troyhunt deep down?

2017-05-17 08:19 🔗 — In reponse to: @floatvoid

@floatvoid @dom2d Microsoft Puzzle Collection for GBC from 2000 is also great, here's just 1 of many: https://www.youtube.com/watch?v=WfUoJzDvemw

2017-05-17 14:04 🔗

Just gonna leave this here...

2017-05-23 13:16 🔗 — In reponse to: @quarktheawesome

@quarktheawesome I don't think RO sects in a .so is strange, but maybe try listing the relocations of all the input files to see where they're coming from?

2017-05-31 13:23 🔗

Open position in the Ksplice team: https://oracle.taleo.net/careersection/2/jobdetail.ftl?job=17000L3U Actual work ranges from Python tooling to kernel+userspace vulnerability analysis

2017-05-31 13:26 🔗 — In reponse to: @vegard_no

all qualified applicants will receive consideration without regard to race, religion, sexual orientation, gender identity, disability, etc.

2017-06-02 14:16 🔗 — In reponse to: @stephenrkell

@stephenrkell Wrap a pointer to your polymorphic-iterator base class object in a (non-polymorphic) iterator class?

2017-06-07 07:59 🔗 — In reponse to: @johnregehr

@johnregehr First reaction: That's incredibly dangerous (for everybody, perhaps especially the cameraman). Do not try at home.

2017-06-19 20:24 🔗 — In reponse to: @Flamehopper

@Flamehopper http://imgur.com/a/bPeUF

2017-06-22 12:53 🔗 — In reponse to: @oe1cxw

@oe1cxw Of course computational poetry is a thing...

2017-06-22 13:55 🔗 — In reponse to: @RoninDey

@ronindey I didn't have a job at the time (still in university). Not trying to brag, but I think it's worth showing people you can take a stand.

2017-06-22 13:56 🔗 — In reponse to: @vegard_no

@ronindey ...aaaand the irony of posting a gmail screenshot 😂

2017-06-26 10:57 🔗 — In reponse to: @TEAM_P_TE

@TEAM_P_TE @ronindey For others confused about the use of "Kevin": http://www.bbc.com/news/magazine-39278092

2017-06-28 10:04 🔗 — In reponse to: @brellom

@brellom https://www.archive.org/

2017-06-28 10:09 🔗 — In reponse to: @brellom

@brellom Nothing truly disappears from the Internet :-(

2017-07-04 18:42 🔗

@IACRePrint Lots of duplicates in the past 2 days, is everything good with your scraper?

2017-07-05 16:53 🔗 — In reponse to: @aurynn

@aurynn But is it true? IMHO "tech culture" (programming, F/OSS, Linux, etc.) has some of the best documentation, tutorials, blogs, etc. out there.

2017-07-06 11:10 🔗 — In reponse to: @brellom

@brellom Why is my twitter feed full of cheeseburgers?

2017-07-06 13:26 🔗 — In reponse to: @johnregehr

@johnregehr The Norwegian equivalent of being in your element (or just having a good time) is literally translated as "feeling like the yolk in the egg"

2017-07-17 22:24 🔗

This is the kind of stuff that can make me lose faith in a language 😢

2017-07-18 13:49 🔗 — In reponse to: @amyengineer

@amyengineer That joke has potential.

2017-07-20 11:05 🔗 — In reponse to: @dbaOnTap

@dbaOnTap @JezWilkinson @direlog @apsalar Or the extra ;

if (foo);

bar();

2017-07-26 22:04 🔗

Fun with #pix2pix

2017-07-26 22:26 🔗 — In reponse to: @beamsofstrange

@andreamsbruer Alle de "ordentlige" kattene mine bare tull, dette var den eneste som faktisk fikk et slags gjenkjennelig ansikt. Men enig ;-)

2017-07-26 22:27 🔗 — In reponse to: @vegard_no

@andreamsbruer *ble bare tull

2017-08-01 08:21 🔗 — In reponse to: @rygorous

@rygorous @11rcombs How about this solution? https://web.archive.org/web/20160107032111/http://www.trevorpounds.com/blog/?p=103

2017-08-01 08:26 🔗 — In reponse to: @rygorous

@rygorous @11rcombs Yes, that's the tweet I replied to. Looks easy enough to me, I guess I don't understand what the drawbacks are (if any)?

2017-08-01 08:45 🔗 — In reponse to: @rygorous

@rygorous @11rcombs I see; guess glibc headers should let you #define something that automatically picks all the symvers + structs you need (still icky, though)

2017-08-02 16:47 🔗 — In reponse to: @oe1cxw

@oe1cxw I'd say it depends. "SAT solving" is not by itself a specific algorithm, and modern SAT solvers are definitely not using brute force algos.

2017-08-02 16:48 🔗 — In reponse to: @vegard_no

@oe1cxw On the other hand, you could obviously implement a SAT solver using brute force (enumerate and test valuations). Not that it's a good idea.

2017-08-02 19:20 🔗 — In reponse to: @oe1cxw

@oe1cxw Right; I agree with you. The article is just using a more loose sense of the term "brute force" in the context of regular/manual math proofs

2017-08-09 09:37 🔗 — In reponse to: @RealSexyCyborg

@RealSexyCyborg @aurelsec Why shame the invitees, though? It's not their fault, is it?

2017-08-12 23:40 🔗

In hotels, my wife always takes the rightmost towel/hanger because, I quote, "the girl is always right".

2017-08-12 23:41 🔗 — In reponse to: @vegard_no

Incidentally it also makes for quite a good rule when bringing things like identical cups back to the kitchen for a refill.

2017-08-14 15:57 🔗

Throwback: Still somewhat surprised and thankful that my parents let me build and keep a small distcc cluster in the basement when I was 19.

2017-08-14 16:00 🔗 — In reponse to: @vegard_no

Of course it sounded like a jet engine and was barely faster than a single laptop by the time it got decommissioned.

2017-08-14 16:01 🔗 — In reponse to: @vegard_no

I suppose this is hardly impressive with all the bitcoin mining rigs people set up a few years later. Still had fun though :-)

2017-08-14 17:01 🔗 — In reponse to: @vegard_no

Actually I had 24 boxes in total but I ran close to the amps on the circuit + got sick of crimping Ethernet cables.

2017-08-16 14:42 🔗

Au revoir, #ThorignéFouillard !

2017-08-25 08:47 🔗 — In reponse to: @danielselman

@danielselman @ID_AA_Carmack You can reuse the "clay" (your SCM should have a copy of it anyway), but the resource you don't get back if you start over is time.

2017-08-30 22:25 🔗

TIL: #rustlang moves are not always/necessarily zero-cost https://stackoverflow.com/questions/28948716/ownership-and-conditionally-executed-code

2017-09-03 12:44 🔗

Is there a name for the #include style where each header assumes that its dependencies have already been included? vs. including them itself

2017-09-03 15:46 🔗 — In reponse to: @r3dey3

@r3dey3 For C/C++, yes, but I was thinking it could have some merit in terms of substituting dependencies at the top level for mocking/unit testing

2017-09-14 10:17 🔗 — In reponse to: @alandipert

@alandipert @andy_kelley If you care about assembly size and you do a lot of string formatting, it's much more efficient to interpret the format string at run time

2017-09-14 10:18 🔗 — In reponse to: @vegard_no

@alandipert @andy_kelley That said, you should ideally have an option to do both (check at compile-time; format at run-time, behind a single call instruction).

2017-09-15 17:23 🔗 — In reponse to: @vegard_no

We meet again, #CondatSurVienne !

2017-09-28 00:34 🔗

My @SFR home connection has a serious problem of #bufferbloat; no packet is ever dropped so TCP goes at full gush. Meanwhile, ping is 4s+

2017-09-28 00:37 🔗 — In reponse to: @vegard_no

@SFR Speeds are fine (as fine as ADSL can get), the line has been tested and found to have no problems. Modem/router is an NB6VAC. Any ideas? 😢

2017-09-28 00:40 🔗 — In reponse to: @RoninDey

@ronindey @SFR It's absolutely impossible to use SSH (or anything interactive, really) if any other device is downloading something, I'm at my wit's end.

2017-09-28 11:57 🔗

"This is a nice party trick: if somebody left a root window open... *maniacal laughter*" - @srostedt, #kr2017

2017-09-29 16:19 🔗 — In reponse to: @tehcaster

@tehcaster @SFR That is definitely an idea. It's a bit sad, though, adding a second router just for that.

2017-10-10 09:54 🔗 — In reponse to: @rep_stosq_void

@spun_off If kept cool and not washed, eggs can easily last much longer. One Norwegian test found 0 bacteria after 7 months.

2017-10-10 12:10 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow I should buy a paperclip factory.

2017-10-11 10:48 🔗 — In reponse to: @psuedofolio

@psuedofolio You have impostor syndrome, my friend. Anybody who compares themselves with the whole rest of the world is bound to come out short

2017-10-15 08:49 🔗 — In reponse to: @iximeow

@iximeow AWAVAUATUSH AVAUA AVAUATUSH

2017-10-15 10:26 🔗 — In reponse to: @eeide

@eeide @johnregehr Pfff, that's nothing.

2017-10-15 13:19 🔗 — In reponse to: @borzou

@borzou I seem to remember from the Prose Edda that the Norse Gods came/travelled from Istanbul.

2017-10-15 13:22 🔗 — In reponse to: @vegard_no

@borzou Or maybe it was one of the Greek islands.

2017-10-17 11:24 🔗 — In reponse to: @alicegoldfuss

@alicegoldfuss @hakusaro I think context is key. Here in France you are expected to kiss women in social settings and they may feel slighted if you don't.

2017-10-18 09:42 🔗 — In reponse to: @cjbprime

@cjbprime @nelhage @mjg59 What is error handling..?

2017-10-18 09:57 🔗 — In reponse to: @tehjh

@tehjh @nelhage @mjg59 Some quick grepping: tomoyo_gc_thread, xfrm_state_gc_task, connlimit_mt (netfilter), fq_gc, misc sockets/TCP, fscache_operation_gc, +more

2017-10-18 10:00 🔗 — In reponse to: @vegard_no

@tehjh @nelhage @mjg59 (Those are probably not all mark & sweep, though.)

2017-10-18 19:26 🔗 — In reponse to: @devlead

@devlead @julielerman Yep; you're not supposed to answer the security questions truthfully! It's just a second password...

2017-10-24 08:32 🔗 — In reponse to: @arw

@arw Even if you don't set up fingerprint unlock you still use the button, right? In which case the answer is to not use a "mobile device" at all

2017-10-27 20:21 🔗 — In reponse to: @CastoroGamer

@CastoroGamer Running man has a race condition...? How do you come up with this stuff 😂

2017-10-30 08:47 🔗 — In reponse to: @jhripley

@jhripley Yes, but what's your point? That I am bad at spotting gays? Should I care more about detecting and knowing people's sexualities?

2017-11-01 19:49 🔗 — In reponse to: @Dinosn

@Dinosn Correct me if I'm wrong, but this looks like rubbish to me. The nonces were not selected at random, so there is a selection bias...

2017-11-04 09:28 🔗 — In reponse to: @evacide

@evacide

2017-11-04 19:01 🔗 — In reponse to: @grumpygamer

@grumpygamer That bridge looks like it comes from the Time Fantasy tile set.

2017-11-05 10:08 🔗 — In reponse to: @grumpygamer

@grumpygamer So did I, high five!

2017-11-05 20:57 🔗 — In reponse to: @mycoliza

@mycoliza Seems like a good way to burn down the house. Hope you have smoke detectors and a fire extinguisher.

2017-11-08 16:26 🔗 — In reponse to: @mkolsek

@mkolsek The idea is far from new, here's a recent example: https://betanews.com/2017/09/16/pirate-bay-secret-bitcoin-miner/

There's also been tons of discussion around embedding miners in various software, see e.g. https://np.reddit.com/r/gamedev/comments/72lbql/should_we_support_or_stop_video_games_from_mining/

2017-11-09 16:39 🔗

I thought verification just meant that you are who you say you are. (As opposed to somebody pretending to be somebody else.) Doesn't have anything to do with moral or political convictions... https://twitter.com/thejournalista/status/928424776212844546

2017-11-09 17:19 🔗 — In reponse to: @rep_stosq_void

@volatile_void The article says the exact reason for the removal is not known, so it could simply have been a TOS violation otherwise unrelated to "being an asshole"?

2017-11-09 17:41 🔗 — In reponse to: @rep_stosq_void

@volatile_void Nice.

It is my belief that outright bans would not do anything to address the root of the problem while compromising on principles of free speech (yes, I'm aware of the subtleties and no, I do not believe in absolute freedom of speech).

2017-11-12 17:45 🔗 — In reponse to: @Iocesploc

@Iocesploc Earth => planet, but the converse (planet => Earth) is not true. Same for Nepture => planet.

2017-11-12 17:50 🔗

If I mmap() something as executable and jump to it, how can I register exception handlers for that? Assuming gcc and libstdc++ on Linux

2017-11-12 18:04 🔗 — In reponse to: @vegard_no

__register_frame() in libgcc, I think...

2017-11-12 18:23 🔗 — In reponse to: @vegard_no

Classic: "I'd like to link to some documentation on __register_frame, but Google doesn't immediately find anything, so I assume that there isn't any" https://www.corsix.org/content/libunwind-dynamic-code-x86-64

2017-11-12 18:29 🔗 — In reponse to: @vegard_no

Eh? "On 32 bit architectures, this is a 4 byte value that... On 64 bit architectures, this is a 8 byte value that... This field is only present if the Augmentation String contains the string "eh"." http://refspecs.linuxfoundation.org/LSB_3.0.0/LSB-Core-generic/LSB-Core-generic/ehframechpt.html

2017-11-14 16:26 🔗 — In reponse to: @stephenrkell

@stephenrkell "optimisation" literally means the absolute best/fastest, whereas this quote is often used to fight *any* change that would make the code relatively better/faster. There's always a trade-off is my POV, sometimes it's on the side of (say) readability, sometimes performance

2017-11-16 15:43 🔗 — In reponse to: @stephenrkell

@stephenrkell Maybe something like #define return(...) do { if (always_true) return __VA_ARGS__; } while (0) and then have always_true() be an extern variable? There's a small overhead, of course...

2017-11-16 15:44 🔗 — In reponse to: @vegard_no

@stephenrkell Wait, return isn't always used with ()... so maybe just "#define return if (always_true) return"? Could have some unintended consequences when used inside existing if, not sure...

2017-11-19 07:02 🔗 — In reponse to: @andy_kelley

@andy_kelley Did this happen? I don't see any vods.

2017-11-19 18:53 🔗 — In reponse to: @andy_kelley

@andy_kelley Ah, damn :-/ I'll try to catch you live next time!

2017-11-20 10:27 🔗 — In reponse to: @marcan42

@marcan42 @mcclure111 printf debugging FTW

2017-11-20 21:39 🔗

@matrixholt Snakk om blemme, du

2017-11-20 23:53 🔗 — In reponse to: @RoninDey

@ronindey Speed is not everything. Not in Paris, but my SFR-supplied router has a _horrible_ case of bufferbloat and therefore cannot be recommended at all :-/ ~4s ping when any device in the house is downloading updates or doing whatever

2017-11-21 13:32 🔗 — In reponse to: @damienmiller

@damienmiller The new checks don't only expose bugs in existing code, they also turn what used to be non-bugs into potentially fatal crashes. That's what Linus is referring to as "random arbitrary rules" and "new magical rules".

2017-11-29 09:47 🔗 — In reponse to: @estet

@estet Hey :-) Simply because I knew AFL and how it works, I've never used libfuzzer. It would be cool to see a comparison though!

2017-11-29 20:52 🔗 — In reponse to: @veorq

@veorq Were you by any chance celebrating an ATH...

2017-12-01 10:10 🔗 — In reponse to: @pasiphae_goals

@pasiphae_goals You didn't give a source for that screencap, but Google seems to tell me it's https://github.com/BSVino/JaiPrimer/blob/master/JaiPrimer.md That document has a disclaimer on top where it says the author of the document has no association with the author of Jai ( @Jonathan_Blow) whatsoever. I think that's relevant.

2017-12-01 10:48 🔗 — In reponse to: @vegard_no

@pasiphae_goals @Jonathan_Blow That's mature.

2017-12-02 22:12 🔗 — In reponse to: @damian0815

@damian0815 I'd be curious to hear why you think that would warrant a blocking.

2017-12-02 22:43 🔗 — In reponse to: @zumpiez

@zumpiez @damian0815 Thanks for the explanation -- not that it makes any sense. Maybe don't tweet stuff you don't want to be seen, then.

2017-12-02 23:49 🔗 — In reponse to: @damian0815

@damian0815 @zumpiez So that really sucks, no doubt about it. I still cannot take responsibility for what those people are doing and I think a more reasonable course of action is to block and report those people instead.

2017-12-02 23:58 🔗 — In reponse to: @damian0815

@damian0815 @zumpiez It doesn't really make sense to stop tagging people; by doing "all we can", we should then also stop retweeting, liking, hell maybe stop tweeting at all.

2017-12-06 09:19 🔗 — In reponse to: @Foone

@Foone I used this on a 286! Came with a shareware floppy from a magazine.

2017-12-06 09:23 🔗 — In reponse to: @Foone

@Foone Yeah, but if I remember correctly it still wasn't more than a couple of seconds. I was a kid so just watching the drawing "animation" was fun too :-D

2017-12-06 14:14 🔗 — In reponse to: @jessicasunja

@jessicasunja @AltGr_Q @dillspitzen @HernanBruno1975 @I_amGermany We got a "what kind of people are you!?" in Darmstadt on a quiet Sunday morning with not a single car in sight.

2017-12-07 21:10 🔗

As far as I can tell, there is a non-negligible probability that the French tax system is, in fact, Turing complete.

2017-12-08 14:40 🔗

For future etymologists: "shaaaa" is a greeting that evolved from "what's up?" through "wassup", "sup", and then "suh".

2017-12-08 16:58 🔗 — In reponse to: @SoosMate

@SoosMate We're a bit too old, but I saw it today in a Twitch chat.

PogChamp

2017-12-13 10:32 🔗 — In reponse to: @Foone

@Foone You mean a rat king! https://en.wikipedia.org/wiki/Rat_king (NSFW)

2017-12-14 11:59 🔗 — In reponse to: @hillelogram

@Hillelogram @argumatronic Why should anybody have to prove either their masculinity or their femininity? Let's just try to be more tolerant of each other regardless of sex, gender, and orientation.

2017-12-15 16:39 🔗

@CrunchingKoalas Hey, MouseCraft hangs after finishing level 51, background animations still run, but you can't do anything, there is no cursor and no key does anything. How do I proceed with this?

2017-12-15 16:42 🔗 — In reponse to: @CrunchingKoalas

@CrunchingKoalas No, from the Windows store (it says Xbox Live, but it's on a laptop).

2017-12-17 14:32 🔗

Why does @github make it so difficult to find the actual commits in a pull request? There should be a fetch URL + a..b range at the top. Surely I'm not the only one who prefers to use a terminal? Reviewing often requires grepping, jumping around, compilation, & execution

2017-12-17 16:40 🔗 — In reponse to: @titanous

@titanous @github This is exactly what I needed, thanks! Seems weird not to show it on the page.

2017-12-20 12:05 🔗 — In reponse to: @FreisinnigeZtg

@FreisinnigeZtg @SethAbramson Nice article. Two ideas I didn't see discussed: 1. collateral (the usual way in which the lender has leverage), and 2. if there is anything illegal going on (like laundering), the lender may have leverage simply under the threat of revealing the deal.

2017-12-22 21:42 🔗

Had some fun turning this gif into a runnable #GameBoy (Color) ROM! #gbdev

ROM file:

http://139.162.151.198/beach/beach.gbc

Runs in the browser with this emulator:

http://taisel.github.io/GameBoy-Online/

Source code:

https://github.com/vegard/beach-gbc

NOTE: not tested on real hardware!! https://twitter.com/AlcopopStar/status/942877112133869568

2017-12-26 10:14 🔗 — In reponse to: @lorenschmidt

@lorenschmidt Did you see Tantalum by @tunabrain? https://benedikt-bitterli.me/tantalum/tantalum.html

2017-12-26 11:16 🔗 — In reponse to: @Foone

@Foone Out of curiosity, what's wrong with that? Seems like a good way to make the end user aware of the program's license. The GPL itself does encourage interactive programs to print a notice every time you start it.

2017-12-26 11:30 🔗 — In reponse to: @muppling

@muppling @Foone I see. According to the GPL, the distributor must show the recipient the terms of distribution, though, so it seems reasonable to me to display it and have the user click on something. Maybe the button should read "got it" or "I understand" instead though.

2017-12-26 23:40 🔗 — In reponse to: @ewindisch

@ewindisch Bad alternator? https://auto.howstuffworks.com/under-the-hood/diagnosing-car-problems/mechanical/5-signs-alternator-problems4.htm

2018-01-03 12:18 🔗 — In reponse to: @rep_stosq_void

@volatile_void Python is also not useless, though it admittedly has fewer decimal digits.

BTW are you by any chance counting the storage requirements for the permutation of a deck of cards? :-P

2018-01-03 19:50 🔗 — In reponse to: @stephenrkell

@stephenrkell uint64_t addb(uint64_t x, uint8_t y)

{

asm ("addb %1, %b0" : "+r" (x) : "r" (y));

return x;

}

?

2018-01-03 20:00 🔗 — In reponse to: @vegard_no

@stephenrkell I guess uint64_t is technically not a "word", depending on what definition you use, but it works the same for any one of uint16_t, uint32_t, and uint64_t in my tests.

2018-01-04 11:59 🔗 — In reponse to: @mxmauro

@mxmauro @aionescu You should check out the Linux kernel! Not everything is very well documented, but the source code is free and there is a *ton* of potential for learning how things work internally.

2018-01-04 13:23 🔗 — In reponse to: @stephenrkell

@stephenrkell Perfect! For the record, this is the documentation: https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html#x86Operandmodifiers

2018-01-04 16:02 🔗 — In reponse to: @ssylvan

@ssylvan As a first step: Formulate a security model, publish the draft, request comments from the public (including academics and security researchers). Maybe?

2018-01-04 16:04 🔗 — In reponse to: @ssylvan

@ssylvan This still gets into trouble for user/user separation (like browser tabs), which leads you naturally to security domains (every user/app/website/whatever has its own "key", hardware resources like cache are keyed). But it's still ugly and increasingly complex.

2018-01-05 11:33 🔗 — In reponse to: @mvandevander

@mvandevander I see what you did there.

2018-01-05 15:27 🔗 — In reponse to: @elwoz

@elwoz @b0rk Ordinarily it should be 'struct user_regs_struct', but it depends on whether the target process is 32- or 64-bit (on x86) and unfortunately the Linux header only gives you one of them.

2018-01-05 17:56 🔗 — In reponse to: @eevee

@eevee @dada78641 Maybe something like loading %edi with 0x9c5a203a? ;-) http://www.techeye.net/security/hackable-debug-mode-found-in-amd-cpus

2018-01-07 15:02 🔗 — In reponse to: @vegard_no

@lee4hmz @Laughing_Mantis Modern x86 is full of AUATUSH, AVAUATUSH, AWAVAUATUSH, etc. :-)

2018-01-10 12:19 🔗

The mainline kernel already has a policy of no regressions, so presumably the only thing keeping distros from always following latest mainline is that they have extra patches which need constant rebasing (= maintenance effort). Seems like a good case for upstreaming everything. https://twitter.com/hanno/status/950870068656771073

2018-01-10 13:35 🔗 — In reponse to: @hanno

@hanno Regressions will obviously always happen, but assuming regressions are reported, the policy is to revert commits causing problems if fixes are not found. I'd prefer a temporarily broken driver over security issues due to broken backports.

2018-01-11 21:42 🔗 — In reponse to: @tunabrain

@tunabrain Alternative solution? rm -rf -- *

2018-01-12 13:11 🔗 — In reponse to: @stephentyrone

@stephentyrone @johnregehr My sushi experience in the US: the food was excellent (as generally was all the food there!), but the guy at the next table was drumming on the edge of the table using his chopsticks and then balanced said chopsticks on his nose.

2018-01-20 21:43 🔗

Windows programming in a nutshell: Visual Studio has NO WAY to redirect a console program's stdout/stderr output to the IDE's output window. Workaround: Run project with Ctrl-F5 which at least keeps the console window around after exit() until you press a key 😓

2018-01-23 13:13 🔗

If you curl | sh directly then you have no idea what you're running. Release tarballs and git checkouts have (at least in theory) some form of anchor (in the form of hashes/signatures) that allows you to figure it out after the fact. https://twitter.com/jcs/status/955566565168156672

2018-01-23 13:23 🔗 — In reponse to: @vegard_no

As in if you cloned a repo and note the hash somewhere then you have pretty good chances of being able to audit the source at will. Your curl download is not reproducible at all. The server could be giving out a one-time malicious payload and then never again.

2018-01-27 11:55 🔗 — In reponse to: @punchyninja

@punchyninja Did this last year, but only one finger on the right hand. He'd found a young magpie in the bushes. I had annoying thick scar-like tissue right in the bend of my middle finger for a few months, but it eventually went back to normal!

2018-02-04 14:54 🔗

Programming language design is a bit like axiomatisation in formal logic; finding the basic rules that will combine to allow (only) programs satisfying certain criteria (usually some kind of safety) to be expressed without running into contradictions.

2018-02-05 00:43 🔗 — In reponse to: @zackfox

@zackfox @enchantedloom You can tell this was made by the same person

2018-02-06 10:19 🔗 — In reponse to: @dvyukov

@dvyukov @kees_cook @andreyknvl It seems to me that one of the most effective mitigations you can do against exploitation is to limit your .config to reduce the attack surface. It doesn't mean we should stop looking for bugs _or_ stop implementing other general mitigations though.

2018-02-06 12:20 🔗 — In reponse to: @LeeshaHannigan

@LeeshaHannigan @Shattered_Earth I like this interview with Ira Glass where he also makes the great point about your ability to evaluate (your "taste") develops a long time before you are able to produce something that is satisfactory to you https://www.youtube.com/watch?v=X2wLP0izeJE

2018-02-07 20:24 🔗 — In reponse to: @glaebhoerl

@glaebhoerl @ArmyOfBruce That seems to sum it up pretty well. I would add that it looks like he's enjoying the attention a bit too much.

2018-02-08 10:36 🔗 — In reponse to: @rtoal

@rtoal I thought it was just a joke on how somebody was devout enough to record the Pope's funeral, only to later overwrite the recording with Harry Potter, which is heavily disputed in Catholicism as possibly anti-religious ( https://en.wikipedia.org/wiki/Religious_debates_over_the_Harry_Potter_series#Catholicism )

2018-02-09 19:15 🔗 — In reponse to: @Polytron

@Polytron @Arkotypeco Fan art https://gfycat.com/JovialIdolizedHalcyon

2018-02-11 10:08 🔗 — In reponse to: @Foone

@Foone Get out of here with your label binarism.

2018-02-11 17:21 🔗 — In reponse to: @dakami

@dakami Some people, when confronted with a problem, think "I know, I'll use ptrace." Now they have two problems.

2018-02-12 08:36 🔗

Some people, when confronted with a problem, think "I know, I'll use docker." Now they have two problems. https://twitter.com/vegard_no/status/962723369090211842

2018-02-12 17:23 🔗

Some people, when confronted with a problem, think "I know, I'll use templates." Now they have two problems. https://twitter.com/TartanLlama/status/963012311962275840

2018-02-15 14:07 🔗

Trolling French colleagues

2018-02-17 12:55 🔗

Is there anything out there a little bit more ergonomic for command-line argument parsing in C++ than boost::program_options?

2018-02-22 10:40 🔗 — In reponse to: @TychoTithonus

@TychoTithonus As an aside, is it plausible that people started picking "password1" because "password" was blacklisted (say, in code)? Can a blacklist cause people to simply expand their non-blacklisted passwords by extending it in an "obvious" way (adding 1), thus not really improving things?

2018-02-23 14:55 🔗

Pilot waves in my tea...?

2018-02-24 09:24 🔗 — In reponse to: @NicTVG

@NicTVG When we had to optimize a video encoder using SSE for some university course (some ~8 years ago) I found that randomly scattering nops in the assembly code would inexplicably but truly make it faster.

2018-02-24 12:42 🔗 — In reponse to: @tehjh

@tehjh Sadly this trick doesn't always work for C++, apparently because members with constructors are not allowed in anonymous structs..? https://godbolt.org/g/bN8LLB (thanks for the MWE, C-Reduce @johnregehr)

2018-02-26 00:06 🔗 — In reponse to: @dyatlovassincdt

@k_morrissey @sundhaug92 @MrTurkey But a correct guess solves the equation.

2018-02-26 13:15 🔗

Can you see how sad this Linux kernel macro is?

2018-02-26 17:08 🔗

How did I never notice that -1 // 100 == -1 in Python?

2018-02-26 22:01 🔗 — In reponse to: @r3dey3

@r3dey3 / also does for ints in Python < 3. I guess int(x / 100.) it is from now on. It's very counterintuitive coming from C/C++ (and others? I'm doubting everything now).

2018-02-27 22:10 🔗 — In reponse to: @Foone

@Foone And God said: glLightf(GL_LIGHT0, GL_SPOT_EXPONENT, 1.0f)

2018-02-28 11:41 🔗

Achievement unlocked?

2018-03-02 19:51 🔗 — In reponse to: @vegard_no

I may or may not have gone a bit overboard...

2018-03-07 08:05 🔗

So I found this bit of code that crashes BOTH gcc and clang... 👍

https://godbolt.org/g/nsoopK

2018-03-07 09:20 🔗 — In reponse to: @Foone

@Foone Is that a flat panel display?

2018-03-08 10:31 🔗 — In reponse to: @erincandescent

@erincandescent I see you haven't gotten to "evaluation order" and "implicit casts" yet.

2018-03-10 16:57 🔗 — In reponse to: @vegard_no

And in fact the English word comes from French to start with.

2018-03-10 16:57 🔗

I was going to make a quip about the French always centering on food because they call (password) hashing "hacher", which is the same word they use for stuff like minced meat and chopped steaks. But the joke's on me because that's exactly what hashing means in English too. TIL

2018-03-10 17:11 🔗 — In reponse to: @MUTTScomics

@MUTTScomics The shelter called him "Lucifer", but he's so sweet we felt it didn't quite fit. And that's how we ended up with "a boy named Luci" (pronounced Lucy).

2018-03-11 19:43 🔗 — In reponse to: @johnregehr

@johnregehr You clearly forgot to list it in the syllabus for your course.

2018-03-11 21:23 🔗

@Foone http://www.imdb.com/title/tt2757554/ at the start there's a guy taking floppies out of a time capsule

2018-03-13 12:02 🔗

In-kernel TLS implementation: What could go wrong?

https://nvd.nist.gov/vuln/detail/CVE-2018-5703

2018-03-16 21:40 🔗 — In reponse to: @leonard_ritter

@paniq The literal "1" (like all literals) is a syntactic element and not a value. It therefore does not have a type by and of itself. Only an interpretation can map it to a value (and thus a type). /2c

2018-03-17 11:13 🔗

You have to wonder how many porn stars Hillary has slept with.

2018-03-19 09:41 🔗 — In reponse to: @lorenschmidt

@lorenschmidt Somehow reminds me of the underground tunnels in Beneath a Steel Sky that had veins and tentacles.

2018-03-19 13:40 🔗 — In reponse to: @SoosMate

@SoosMate I'm guessing this is a GNU libc problem (where they choose to only support newer kernels which have a certain feature) as opposed to a kernel issue. So your fix may be to build against an older glibc (or a different libc altogether, like musl, uClibc, diet-libc?)

2018-03-19 13:48 🔗 — In reponse to: @SoosMate

@SoosMate Where are the undefined references coming from? You're kinda telling it you don't want the libs with -nodefaultlibs, but then something is obviously still using them. Can you simply drop -nodefaultlibs?

2018-03-19 14:06 🔗 — In reponse to: @SoosMate

@SoosMate Is that because it's trying to link with both your system glibc and the one you've compiled with support for older kernels?

2018-03-19 14:17 🔗 — In reponse to: @SoosMate

@SoosMate This might (or might not!) help: https://stackoverflow.com/questions/10763394/how-to-build-a-c-program-using-a-custom-version-of-glibc-and-static-linking

You might also be able to get away by building in a Docker container with an old Debian or something, though there might be glibc bug+security fixes you don't get if you build an old release.

But yeah, it's really messy!

2018-03-19 16:36 🔗 — In reponse to: @yonatanzunger

@yonatanzunger Your perspective seems US-centric, where privacy laws are incredibly poor. In Norway, programming ethics and privacy laws are part of the very first semester of university-level CS, and "everybody" knows that it's not a free-for-all to do as you want with people's data.

2018-03-21 18:25 🔗

Amazing work by the syzkaller people. This is why you disable as much stuff in your kernel config as you possibly can. The attack surface of the kernel is huge and it shows. There's a lot to be said about C, unit testing, regression testing, and code reviews for the Linux kernel https://twitter.com/dvyukov/status/976462807381303297

2018-03-22 07:30 🔗 — In reponse to: @vegard_no

Got another one: https://godbolt.org/g/orjvVX 😂😂😂

2018-03-22 11:22 🔗 — In reponse to: @SoosMate

@SoosMate It's basically AFL instrumentation + a custom fuzzer (<500 LOC C++) https://github.com/vegard/prog-fuzz

It only finds crash bugs (which are admittedly less interesting than wrong-code generation bugs), but I have some ideas on how to extend it. There will be a blog post at some point 🙂

2018-03-22 11:31 🔗 — In reponse to: @SoosMate

@SoosMate With the new fuzzer I'm at 91 gcc bugs reported (not counting dups) in the past month (+ the 2 bugs above in clang, but I haven't actually started fuzzing clang yet...).

I give kudos to the gcc developers who are gracefully and meticulously handling each and every one of them!

2018-03-24 09:49 🔗

So... I'm not a native speaker of English, and I have no idea what this means. There is also no explanation anywhere in sight. But it looks racist. #StackOverflow @StackOverflow

2018-03-28 10:07 🔗 — In reponse to: @mattgodbolt

@mattgodbolt Can confirm.

2018-03-28 23:46 🔗 — In reponse to: @mycoliza

@mycoliza @LachlanSneff Some people, when confronted with closing a file, think "I know, I'll open a file in procfs". Now they have two file descriptors.

2018-03-29 12:41 🔗 — In reponse to: @mycoliza

@mycoliza https://en.wikipedia.org/wiki/One_instruction_set_computer

2018-03-29 22:24 🔗

We have a new open position in the Ksplice team! #Remote #DevOps #Python #puppet

All qualified applicants will receive consideration without regard to race, religion, sexual orientation, gender identity, disability, etc.

My DMs are open!

2018-04-02 06:54 🔗

Now this is just sad.

2018-04-02 10:40 🔗 — In reponse to: @dvyukov

@dvyukov Ah, now I'm a bit sad I didn't try the same thing. I did a C++ thing for the kernel (that included RTTI and exceptions using libcxxrt and libunwind!) back in 2015: https://github.com/vegard/linux-2.6/tree/cxx

It was admittedly pretty hacky. Should I send a pull request? :-)

2018-04-02 10:41 🔗 — In reponse to: @vegard_no

@dvyukov Code sample (working!): https://github.com/vegard/linux-2.6/blob/cxx/kernel/cpp.cpp

2018-04-04 09:23 🔗 — In reponse to: @SoosMate

@SoosMate Why not pass -fsanitize=undefined and let clang take care of specifying the ubsan library paths and libraries?

2018-04-04 12:33 🔗 — In reponse to: @SoosMate

@SoosMate Hah! I'm glad it worked, if that was the only thing missing :-) Linking problems can be frustrating and unintuitive, I've had so many issues where I just gave up.

2018-04-10 18:38 🔗 — In reponse to: @tehcaster

@tehcaster I don't need a translation to know what this is about... Have you tried Dymista? It works wonders for me.

2018-04-15 13:43 🔗

Dad thoughts: In French, the Dutch are born Irish.

2018-04-16 09:28 🔗 — In reponse to: @Fuzzyness

@Fuzzyness Oh no, I'm so sorry to hear this :-( RIP.

2018-04-25 12:07 🔗

My Google "download your data" archives keep failing to be created, this one after about 2 weeks (!) of being prepared. What gives? Anybody have the same problem?

2018-04-25 12:14 🔗 — In reponse to: @RoninDey

@ronindey The worst part is you're probably right 😢

2018-04-25 12:20 🔗 — In reponse to: @vegard_no

Ah, here we go... They didn't show this for the first one that failed. I've never used Google Pay Send, though, so wonder what that's about. I'll exclude it and retry, I guess.

2018-04-30 14:35 🔗 — In reponse to: @worrydream

@worrydream Different people have different internal representations of numbers -- for some it is visual, for others it is auditory. Check this out: http://generallythinking.com/richard-feynman-on-thinking-processes-did-he-know-nothing-about-psychology-v/ Apparently when people count quietly by "saying" numbers in their head they are using "the phonological loop".

2018-05-03 14:58 🔗 — In reponse to: @pati_gallardo

@pati_gallardo @meetingcpp @ghlyffe @arBmind It always felt awkward to me to derive from something just so that you can obtain a pointer that you arguably should already have. (But the underlying problem is of course that the shared_ptr reference count lives outside the reference counted object to start with.)

2018-05-03 15:01 🔗 — In reponse to: @vegard_no

@pati_gallardo @meetingcpp @ghlyffe @arBmind I sometimes prefer to just make member functions take a shared_ptr "this" argument (e.g. this_ptr). It does mean you have to call these functions with x_ptr->fn(x_ptr, ...) instead of just x_ptr->fn(...).

2018-05-08 14:57 🔗

@Foone Remember these? https://www.youtube.com/channel/UCayUDVbjHFdiP09vz3PEwrg Track 8 is my favourite, followed closely by track 5.

2018-05-08 21:24 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Are you arguing in favour of an obvious removal of the "abortion joke"? It ridicules conservative America for its anti-women's rights stance on abortion. If the FOSS community cares about women at all, I think we should keep it...

2018-05-08 21:36 🔗 — In reponse to: @pati_gallardo

@pati_gallardo The characterisation of "joke" in the original email is a bit unfair. I don't think it was ever supposed to be funny; rather, it is an ironic political statement made purely to ridicule the position of those who want to restrict women's autonomy. At least that's what I understood

2018-05-08 21:39 🔗 — In reponse to: @vegard_no

@pati_gallardo (It is true that RMS himself uses the word "joke" in a follow-up email.)

2018-05-08 22:27 🔗 — In reponse to: @jfbastien

@jfbastien @pati_gallardo I don't think so; I got the impression (but correct me if I'm wrong) that she did not appreciate the "joke", whereas I do. What we seem to agree on is that it's not _funny_.

2018-05-08 23:14 🔗 — In reponse to: @pati_gallardo

@pati_gallardo @jfbastien Alright, well, I hope we can at least agree that the conservative view of refusing abortions at any cost is disgusting?

2018-05-09 14:19 🔗

@Foone Columbo S10E2 has some floppy action in the beginning https://www.imdb.com/title/tt0101556/

2018-05-10 01:35 🔗 — In reponse to: @rtoal

@rtoal @CodepointsNet Could be a ISO8859-1 ACUTE ACCENT (180)? It's \xc2\xb4 in UTF-8, the à is something you typically get when interpreting those bytes as ISO8859-1 and the ¬ is something you typically get when interpreting them as Mac... not sure how to combine them though

2018-05-13 21:23 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Timo Sirainen (of dovecot and irssi) has a unique style of writing C code that just looks so neat and clean compared to the "mess" of other C code bases I've seen.

2018-05-14 13:58 🔗 — In reponse to: @GossiTheDog

@GossiTheDog @mricon I hate bug branding and overhyping as much as the next guy, but I don't think shaming the researchers who arguably put the work in is the right way to go. A one day warning to disable PGP in mail clients without divulging the details of the attacks is more than reasonable to me.

2018-05-14 16:42 🔗 — In reponse to: @daddyislala

@daddyislala @GossiTheDog @mricon I don't think it is personally, but I don't claim to have the one true answer to what a good disclosure timeline looks like either. I was just saying that for the people who want all the details RIGHT NOW the 1 day shouldn't make much of a difference.

2018-05-15 16:07 🔗 — In reponse to: @glaebhoerl

@glaebhoerl On x86 you could maybe even jump to the middle of the atomic inc/dec (add/sub) instruction to skip the lock prefix and save i-cache :-) (I don't *think* it should trip the CPU up, but dynamic recompilers might see a slowdown.) The main problem is prob when to set the shared bit.

2018-05-15 17:40 🔗 — In reponse to: @glaebhoerl

@glaebhoerl Yep! Something like this (using bit 0 as your "shared" bit)? Seems to compile...

testl $1, (%rdi)

jz unlocked

locked:

lock

unlocked:

addl $2, (%rdi)

2018-05-16 11:43 🔗 — In reponse to: @glaebhoerl

@glaebhoerl @whyevernotso There's also the fact that the branch only affects your local core, whereas the atomic potentially causes bus/memory/cache contention for all cores (i.e. the former seems more scalable). But that's just speculation from my side, I don't really know...

2018-05-25 14:01 🔗

The G in GDPR stands for "glorious", right?

2018-05-27 11:28 🔗 — In reponse to: @rygorous

@rygorous Feel your pain. I have a dual boot Win/Linux that goes into Linux by default and it's just rebooted 5 times to install 1 set of updates (10 if you count my manual reboots to go back from Linux -> Windows to continue the install!) 😥

2018-05-30 21:18 🔗 — In reponse to: @rep_stosq_void

@volatile_void You taking a Chat-Malo with that?

2018-06-06 07:28 🔗 — In reponse to: @Foone

@Foone @bastetfurry @intel @nvidia @soundblaster You might be interested in this: https://www.jamieiles.com/80186/ (from @jamiediles)

2018-06-08 09:04 🔗 — In reponse to: @finalbossblues

@finalbossblues @vmenezio @beast_pixels @moonscript Being hard to define doesn't make something less real, though. I think there is a spectrum ranging from "mildly offensive to some people" to "very obviously hate speech" and there is a danger in going too extreme in either direction (censoring everything vs censoring nothing)

2018-06-08 17:03 🔗 — In reponse to: @RoninDey

@ronindey The way I see it, having code out there that anybody can look at is undoubtedly an advantage in the application process (similar to having completed a degree, having prior experience, etc.). Employers equating GitHub activity with "top talent" is a bit confused, though...

2018-06-09 20:21 🔗 — In reponse to: @matthew_d_green

@matthew_d_green Wait, something is not right here. Why does a cryptographer own an Alexa in the first place..?

2018-06-11 07:41 🔗 — In reponse to: @dakami

@dakami @TCMBC I'm guessing moving a whole atom (sound) is slower than moving a single electron (electricity) because the whole atom is much heavier? Also, I thought with electricity you had negative pressure on one end and positive on the other, but maybe that doesn't affect the speed.

2018-06-11 08:00 🔗 — In reponse to: @dakami

@dakami @TCMBC I have no clue, really, but it seems to me that the metal lattice is bound together by a different force than electricity, thus an incoming pressure wave would compress the molecular bonds between the atoms and not affect the free electrons much.

2018-06-13 19:17 🔗 — In reponse to: @beamsofstrange

@beamsofstrange ikke glem de som etterpå kikker i sprekken for å finne ut om det *virkelig* er opptatt

2018-06-13 20:20 🔗

When you forget to sandbox the fuzzer

$ ls | wc --lines

1828769

$ rm *eeee*

bash: /bin/rm: Argument list too long

😔

2018-06-13 20:25 🔗 — In reponse to: @TychoTithonus

@TychoTithonus Yeah ;-) Only these filenames are full of newlines so needs -print0 and -0 too... I'm down to about 80k!

2018-06-14 18:05 🔗

@SoosMate I wanted to do something like this for conflict analysis where you basically construct a big inference rule for (input clauses => learnt clause) and then scan the full instance for additional occurrences with a different set of literals. Computationally too expensive :( https://twitter.com/johnregehr/status/1007285592718282753

2018-06-14 19:41 🔗 — In reponse to: @SoosMate

@SoosMate Yes, definitely. The idea was that for some instances which are highly symmetric (e.g. like many crypto ones that have repeated rounds) you might be able to simplify it as part of the encoding process assuming there is a learnt clause that subsumes an original clause

2018-06-15 13:05 🔗

"The library does not install any signal handler. It is recommended to add at least a handler for SIGSEGV when decompressing; the library checks the consistency of the input data whenever possible but may go nuts for some forms of corrupted input." 😅

2018-06-17 00:11 🔗

@MUTTScomics As it turns out, mutts LOVE cheese...

2018-06-22 20:36 🔗 — In reponse to: @defconphilly

@defconphilly @defcongroups @dntlookbehindu @_ctfjawn @WorkAtTheYard @defcon I won't be able to attend, sorry.

2018-06-22 22:39 🔗 — In reponse to: @vegard_no

@mricon @tehjh Doesn't that work even without mushing everything into one file?

2018-06-24 19:23 🔗 — In reponse to: @SoosMate

@SoosMate @lcamtuf Hey, thanks 😊

2018-06-25 14:40 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu Yeah, I've been vaguely aware of Zhendong Su's work (mostly from stumbling on gcc bugs they'd already reported!), and I wish I'd read up on more of it before setting off on my own. They have an amazing track record and deserve more recognition for their work!

2018-06-25 14:47 🔗 — In reponse to: @fenceposterror

@fenceposterror @johnregehr My impression is that the HTTP protocol does not have significant barriers to being fuzzed using the regular strategies. For example: no CRCs, no nested expressions, no named backreferences, etc. So I would expect vanilla AFL to perform well on it. But you should give it a try :)

2018-06-26 12:11 🔗 — In reponse to: @ArvidGerstmann

@ArvidGerstmann @mattgodbolt Wait, how does GDPR fit in here? Surely Compiler Explorer doesn't collect or process any personal data.

2018-07-01 15:02 🔗 — In reponse to: @aaandmoore

@aaandmoore Are there other neurons around (just not pictured) or is this one isolated/suspended in some other kind of substance?

2018-07-03 00:10 🔗 — In reponse to: @leonard_ritter

@paniq I always liked this example in particular: https://doc.rust-lang.org/book/second-edition/ch10-03-lifetime-syntax.html#generic-lifetimes-in-functions longest() takes two string references and returns one of them; what happens to the other? It's the same thing you're talking about here AFAICT.

2018-07-03 00:16 🔗 — In reponse to: @leonard_ritter

@paniq In rust it "kinda" has something to do with the type system, since you can pass something with a longer lifetime to something that expects a shorter lifetime, in other words it works like regular subtyping.

2018-07-03 00:17 🔗 — In reponse to: @vegard_no

@paniq ( https://doc.rust-lang.org/nomicon/subtyping.html I guess). But maybe it's better to just think of a variable as having both a lifetime and a type, and they happen to work somewhat similarly.

2018-07-03 00:24 🔗 — In reponse to: @leonard_ritter

@paniq Yeah, fully agree. I'm also an aspiring language dev and so far it looks like we're going through almost the exact same chain of thoughts :-)

2018-07-03 11:03 🔗 — In reponse to: @rep_stosq_void

@volatile_void I don't have the standard handy, but I suppose technically a valid (if inefficient) implementation of strtol() could plausibly do a strlen() on the first argument?

2018-07-03 23:34 🔗

@MDKOfficial Just wanted to let you know that I wanted to support you on @Patreon, but https://www.patreon.com/MDKOfficial just redirects to something saying you're not supporting anybody at the moment and https://www.patreon.com/posts/free-download-of-11576178 (top hit on Google for "patreon MDK") also doesn't let me join

2018-07-05 23:05 🔗 — In reponse to: @halvarflake

@halvarflake You could pass CC=yourscript and have yourscript remove the -O2 before invoking the real compiler... *ducks*

2018-07-08 16:13 🔗 — In reponse to: @matthew_d_green

@matthew_d_green Check out distance bounding protocols

2018-07-08 16:30 🔗 — In reponse to: @matthew_d_green

@matthew_d_green There are protocols that are very light on the "fob" (prover) and can even run on RFID cards, so I think reliability should be fine?

2018-07-10 00:50 🔗

Oh, WOW! Just rebooted from Windows to Linux and during X startup I saw bits of the Windows "shutting down" screen for a few seconds...

I did not expect that.

2018-07-10 09:44 🔗 — In reponse to: @SoosMate

@SoosMate Yeah, definitely seems problematic from a security point of view. This was with stock NVIDIA drivers for both Windows and Linux. Then again, similar (and worse) stuff seems to have been a problem for a while: https://www.contextis.com/blog/webgl-more-webgl-security-flaws

2018-07-10 22:45 🔗 — In reponse to: @RoninDey

@ronindey My quiet countryside village has been transformed into an inferno of shouting, singing (if you can call it that), and incessant honking. Congrats, though! ;-)

2018-07-14 14:40 🔗 — In reponse to: @sortiecat

@sortiecat Obviously you didn't remember whether the fp argument goes first or last, and who can blame you for it? It ought to be first, so why isn't it!?? 😡

2018-07-15 19:44 🔗 — In reponse to: @mattgodbolt

@mattgodbolt I minimised it: https://godbolt.org/g/XmRFAv

Weird thing is, if you remove the first line it works 🤔

2018-07-22 15:51 🔗 — In reponse to: @Jilyac

@Jilyac @johnregehr @michael_w_hicks I have a background in SAT solving and there are so many parallels between that and fuzzing. Restarts are one of them (absolutely necessary for SAT for the reason you stated), but there are also others: do you go depth or breadth first, when/how often do you change tactics, etc.

2018-07-23 00:38 🔗 — In reponse to: @Jilyac

@Jilyac @johnregehr @michael_w_hicks Yes, all modern solvers have restarts built in to the core algorithm. A restart doesn't typically reset all the state, it just backtracks the search itself all the way to the start and then starts picking new variables/values.

2018-07-23 00:42 🔗 — In reponse to: @vegard_no

@Jilyac @johnregehr @michael_w_hicks Stats that are typically kept are things like clause/variable activities, which means that if your previous search got stuck in a deep branch on a smallish set of variables, the solver might now start off picking those variables early on and enter a new part of the search space..

2018-07-24 13:49 🔗

ICYMI: disable filesystem automounting and never mount untrusted filesystems on Linux. CVE-2018-10876 through -10883 (+ probably more) from @0xtarafans, found by fuzzing. This is still just the very top of the iceberg.

2018-07-25 20:23 🔗 — In reponse to: @dvyukov

@dvyukov Just to be clear, I completely agree! My advice to disable auto-mounting and being careful with foreign filesystems is a pragmatic one; this is not the way things are supposed to be! I think the first step is to make people (including developers) aware of the problem.

2018-08-03 13:00 🔗 — In reponse to: @SimpleFlips

@SimpleFlips @Uber Maybe to prevent money laundering where the driver and passenger collaborate to extract money from stolen credit cards?

2018-08-15 12:11 🔗 — In reponse to: @maishsk

@maishsk Actually, Oracle Linux has a Ksplice update that doesn't require rebooting to mitigate #L1TF :-) https://blogs.oracle.com/oraclesecurity/intel-l1tf

2018-08-15 12:24 🔗

Oracle Linux has a Ksplice update to mitigate against #L1TF without rebooting: https://blogs.oracle.com/oraclesecurity/intel-l1tf

2018-08-27 08:35 🔗 — In reponse to: @Spug

@Spug Imponerende og morsomt! Er alle levelene garantert løsbare?

2018-08-28 16:40 🔗 — In reponse to: @whitequark

@whitequark There's also '

______H5z5555555555_____H5z55555555555555555555555' ( https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84668 )

2018-09-05 09:53 🔗 — In reponse to: @rygorous

@rygorous Isn't the sentiment more that when trivial examples fail spectacularly we cannot have much more faith in the harder operations?

2018-09-17 13:20 🔗 — In reponse to: @leonard_ritter

@paniq It's kind of the same in English, no? The word "mean", I mean.

2018-09-17 18:03 🔗

Well, that's ironic... how is this not verbal abuse? https://twitter.com/sarahmei/status/1041697574070054912

2018-09-17 22:43 🔗 — In reponse to: @sarahmei

@sarahmei You're further proving my point. Nice intimidation technique you've got, though.

2018-09-21 09:53 🔗 — In reponse to: @pickover

@pickover I did my own version of this, source code at https://gist.github.com/vegard/ed66c215223fee77d8ffc0181093525e

2018-09-21 16:13 🔗

@stephenrkell Looks like the "Some were meant for C" link ( https://www.cs.kent.ac.uk/people/staff/srk21//research/papers/kell17some-preprint.pdf ) died. Google, HN, https://www.cs.kent.ac.uk/people/staff/srk21/#onward17 etc. all link to it. Any chance of it coming back?

2018-09-21 19:28 🔗 — In reponse to: @stephenrkell

@stephenrkell Great, thanks! 👍

2018-09-29 23:09 🔗 — In reponse to: @graydon_pub

@graydon_pub I think the borrow checker may help indirectly in the sense that its mere presence can alter your design choices, e.g. it increases your confidence in the correctness of a scheme where you pass temporary references around so you do that instead of (say) manual reference counts.

2018-10-06 05:54 🔗 — In reponse to: @Foone

@Foone FWIW this is a good reference to the actual hardware capabilities: https://problemkaputt.de/gbatek.htm#gbalcdvideocontroller In particular, there's a bunch of display modes, options to pull data not just from static locations but from different blocks of VRAM, 4bpp vs. 8bpp etc.

2018-10-22 23:00 🔗

Here we go, a personal Pledge of Conduct: https://github.com/vegard/pledge-of-conduct

2018-10-24 07:25 🔗 — In reponse to: @SoosMate

@SoosMate Thanks; there is an obvious problem in the "enforcement" section, but I figured it was better than leaving it out completely.

2018-10-28 19:43 🔗 — In reponse to: @rep_stosq_void

@volatile_void https://en.wikipedia.org/wiki/Proof_by_cases ?

2018-11-12 08:06 🔗 — In reponse to: @johnregehr

@johnregehr Have you tried running it on an iPhone?

2018-11-17 02:52 🔗 — In reponse to: @quarktheawesome

@quarktheawesome I'm fairly sure Rob Pike gave a talk many years ago where he detailed a similar-in-spirit technique: install distcc inside a VM and make it outsource to the host which runs a native cross-compiler. Everything is preprocessed before going to the host and linking happens in the VM.

2018-11-22 09:31 🔗

@CastoroGamer found your bag

2018-12-17 12:18 🔗 — In reponse to: @robinhouston

@robinhouston Are there any known (non-negative integer) assignments of these 26 variables such that the value of the polynomial is a prime? Just to get an idea of the magnitudes involved. I assume it shouldn't be too difficult to find...

2018-12-17 18:32 🔗 — In reponse to: @rep_stosq_void

@volatile_void I think I see it. They were supposed to use g_if instead of if, right?

2018-12-21 10:41 🔗 — In reponse to: @_Maral

@_Maral There is http://picarto.tv for artists (digital painting, drawing, animation, etc.) and in my experience it's much more focused on communities over money/advertisement. YMMV

2018-12-21 10:56 🔗 — In reponse to: @dvyukov

@dvyukov @lazytyped @grsecurity Not a direct answer to your question, but git diff/log/grep/show with -W will show you the whole function as context, I find it completely indispensable for reviews (along with repo-wide git grep to be able to quickly look at users, callsites, struct definitions, etc.).

2019-01-03 10:04 🔗 — In reponse to: @iximeow

@iximeow Are you by any chance trying to do a valgrind-type thing using page faults? I did that for the Linux kernel (heap allocations only) and it turned out to be pretty slow, see https://lwn.net/Articles/260068/ It worked in a manner of speaking, but asan/msan is much better if you can use it.

2019-01-16 13:56 🔗 — In reponse to: @glaebhoerl

@glaebhoerl Hope everything goes well!

2019-01-24 09:58 🔗 — In reponse to: @leonard_ritter

@paniq @RockLeeSmile @managore Angry eyebrows?

2019-01-26 09:57 🔗 — In reponse to: @leonard_ritter

@paniq @TechSparx I also did something like this, but in Python: https://gist.github.com/vegard/ed66c215223fee77d8ffc0181093525e :-)

2019-01-27 09:29 🔗 — In reponse to: @FogleBird

@FogleBird Now try it with a hexagonal grid!

2019-02-10 08:12 🔗 — In reponse to: @beamsofstrange

@beamsofstrange Kjerringa med stavmiksern...

2019-02-19 21:56 🔗 — In reponse to: @andy_kelley

@andy_kelley @stephenrkell I guess "undefined" has the connotation of UB in C/C++ (and others), so some people might think the compiler is allowed do whatever it wants here.

2019-02-20 07:51 🔗 — In reponse to: @johnregehr

@johnregehr My old washing machine used to call for Joey:

Joey...

Joey...

Joey...

2019-02-23 19:38 🔗 — In reponse to: @JamesWidman

@JamesWidman Tangentially related: I did a quick test for the Linux kernel the other day; 21M LoC worth of .c code for a defconfig build, but the compiler actually sees 118M after preprocessing. So that's 97M LoC from headers, reparsed and reprocessed again and again, to what end...? Bananas.

2019-02-23 20:22 🔗 — In reponse to: @JamesWidman

@JamesWidman The use of GCC plugins is quickly gaining traction, see e.g. https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1896289.html from last month, so there is definitely a need and a want in that space. Plugins won't fix headers and linking, though...

2019-02-25 09:51 🔗 — In reponse to: @JamesWidman

@JamesWidman How about dropping into an interactive debugging shell that allows you to issue stack traces for the compiler itself, inspect the state of your program (e.g. list variables and types in the current scope), a bit like what latex does when you have an error in your document?

2019-02-26 20:15 🔗

Tried to make a water shader, ended up with fire https://www.shadertoy.com/view/3ssSD8 #shadertoy #shader #glsl

2019-02-27 14:00 🔗 — In reponse to: @stephenrkell

@stephenrkell Expand on internal vs. external fragmentation? Of code? Users? Tools? Libraries? Styles? I think small compiler, big standard library (where everything is opt-in) might be a sweet spot. That obviously means granting libraries a lot of power with regards to code generation.

2019-03-07 10:08 🔗

Not enough people seem to know about multi-line bash prompts. So here's mine:

export PS1='\[\033[0;32m\][\[\033[0;31m\]\u @\h \[\033[0;34m\]\w \[\033[0;33m\]$?\[\033[0;32m\]]\n\[\033[0m\]\$\[\033[0m\] '

Nice thing is you always start typing on the left even when the CWD is long.

2019-03-07 10:10 🔗 — In reponse to: @vegard_no

(It also includes $?, the exit code of the last command you ran.)

2019-03-19 12:07 🔗

Is this supposed to be allowed at the top level or is it just clang being generous? @volatile_void @johnregehr

int x = (int[3]){1,2,3}[1];

https://godbolt.org/z/JW6rES

(FWIW, it works inside a function!)

2019-03-22 13:22 🔗 — In reponse to: @TilingBot

@TilingBot Why do I have a sudden craving for cucumber

2019-03-30 00:42 🔗 — In reponse to: @psuedofolio

@psuedofolio I think it's very nice that there is something in the old art that's still essentially and recognisably your style at its core

2019-03-30 21:21 🔗

Tried my hand at some #shadertoy #pixelart inspired by @managore's Planetarium https://www.shadertoy.com/view/WdSSWD

2019-04-03 09:58 🔗 — In reponse to: @vegard_no

@tek256 Start the water boiler *before* you go looking for cups and tea, that's just basic critical path analysis... I guess most people do it subconsciously?

2019-04-04 07:57 🔗 — In reponse to: @psuedofolio

@psuedofolio A balanced, well-reasoned tweet is making you lose followers? Sounds like their loss.

2019-04-09 20:44 🔗 — In reponse to: @SebAaltonen

@SebAaltonen Do you happen to have a C++ source example showing the missed optimisation (in terms of the generated code)?

2019-04-09 21:16 🔗 — In reponse to: @SebAaltonen

@SebAaltonen Heh, I see. Thanks! The verbosity is honestly surprising and baffling.

2019-04-24 08:08 🔗 — In reponse to: @0x21376B00

@0x21376B00 @SebAaltonen @paniq Since you were talking about this the other day, if I may ask another question @SebAaltonen -- how does unsafe interact with the Rust compiler's no-aliasing assumptions? Can you write an otherwise safe program (but using unsafe) where aliasing causes subtly broken codegen?

2019-04-24 09:13 🔗 — In reponse to: @SebAaltonen

@SebAaltonen @0x21376B00 @paniq https://doc.rust-lang.org/book/ch19-01-unsafe-rust.html says "raw pointers: Are allowed to ignore the borrowing rules by having both immutable and mutable pointers or multiple mutable pointers to the same location" Is this a contradiction of what you wrote? (Thanks for the answers, btw! Very much appreciated.)

2019-05-02 10:39 🔗 — In reponse to: @abyrd89

@abyrd89 Sounds like a bug to me, both g++ and clang++ preserve the constructor call in my quick test. Even with -O3/-flto. What compiler/linker?

2019-05-02 19:23 🔗 — In reponse to: @abyrd89

@abyrd89 Ah, you're right, I can confirm I see the same when linking with a static lib. It seems the solution is to put -Wl,--whole-archive before your static library (on the gcc command line) and -Wl,--no-whole-archive after it. I'll agree it's kind of a kludge, though...

2019-05-06 22:07 🔗 — In reponse to: @rep_stosq_void

@volatile_void @stephentyrone @LunarLambda to make room for the NULL sentinel, duh :-P

2019-05-10 16:16 🔗 — In reponse to: @ArvidGerstmann

@ArvidGerstmann @andy_kelley Seems avoidable by exposing the flush as a separate operation. The flush can fail. Then close can always get rid of the file descriptor without having to care about the state of the underlying resource.

2019-05-10 16:21 🔗 — In reponse to: @andy_kelley

@andy_kelley Those things may have to return something to indicate API misuse (e.g. munmap() on unaligned address, close() on nonexistant file descriptor), but a correct program should in theory never see those. You may treat it like division by zero or invalid memory access OR warn+continue.

2019-05-10 16:26 🔗 — In reponse to: @ArvidGerstmann

@ArvidGerstmann @andy_kelley close() currently does not give you any guarantees about your data even when it returns success, so isn't it already undefined in that sense?

2019-05-14 10:28 🔗 — In reponse to: @DRMacIver

@DRMacIver I think this is called "(knowledge) internalisation"

2019-05-16 10:36 🔗 — In reponse to: @JamesWidman

@JamesWidman Lots of programs ought to use this model (exe = thin wrapper around a library). For me it was git that was problematic, fortunately we now have libgit2 but that's a reimplementation AFAIU.

2019-05-23 19:06 🔗 — In reponse to: @leonard_ritter

@paniq I want to see this one with decaying tracers.

2019-05-30 09:36 🔗 — In reponse to: @PolygonCherub

@PolygonCherub Selecting/interpolating between prerendered points of view..?

2019-05-30 15:25 🔗 — In reponse to: @johnregehr

@johnregehr Seems I have the unpopular opinion here, but I actually think this is nice. Just like any other kind of security hardening effort, it requires adversarial thinking and this is it. Would you rather we didn't research methods of exploitation? That doesn't make sense to me.

2019-06-09 11:37 🔗 — In reponse to: @TilingBot

@TilingBot giraffe

2019-06-14 07:56 🔗 — In reponse to: @andy_kelley

@andy_kelley You could try to add your own mmap flag to the Linux kernel/glibc (which I suppose is your biggest POSIX-like target) that guarantees no merging will take place with that VMA. @mkerrisk @tehcaster waddya think?

2019-06-14 20:54 🔗 — In reponse to: @vegard_no

@andy_kelley This patch works in a simple test:

https://gist.github.com/vegard/f3da484f42ac8ad5544356796c7ab9d7

Note that I wasn't actually able to reproduce the results of the linked stackoverflow program -- the OOM killer would just kill my program instead of failing mmap() (despite doing all I could to disable the OOM killer)

2019-06-15 09:39 🔗 — In reponse to: @dakami

@dakami @astarasikov libtoolize strikes back

2019-06-15 09:50 🔗 — In reponse to: @andy_kelley

@andy_kelley I didn't send it -- mostly because I'm not convinced this is the only reason it can fail with ENOMEM. It would be bad to advertise an advantage that does not exist, so I would wait until we/somebody can prove that there is no other ENOMEM path in munmap(). Also needs more testing

2019-06-15 09:57 🔗 — In reponse to: @vegard_no

@andy_kelley but in theory I completely agree with your assessment: munmap() should not fail legitimate requests. Same for close() -- you could always try to add a new syscall that always destroys the file descriptor regardless of whether flushing succeeded.

2019-06-15 10:22 🔗 — In reponse to: @SoosMate

@SoosMate Something that could be really interesting to know -- solve the same instance 100 times and see how much of the proof remains the same (i.e. for any given learnt clause, how many proofs does it appear in? this gives a ratio n/100). Now graph the distribution of these ratios...

2019-06-15 12:37 🔗 — In reponse to: @SoosMate

@SoosMate Maybe distance to the final unsat clause (in "number of resolutions") could be a good metric for choosing which clauses to learn from? Or maybe this is 1:1 with clause length... sorry for the handwaving ;-) SAT is really counterintuitive sometimes.

2019-06-15 12:39 🔗 — In reponse to: @vegard_no

@SoosMate Like my thesis advisor said (paraphrased): when branching, do you want to choose the variable polarity that is most likely to be part of a SAT solution, or do you want to choose the polarity that is most likely part of UNSAT so that you close the branch as soon as possible?

2019-06-15 20:01 🔗 — In reponse to: @leonard_ritter

@paniq in tetfaces(), did you try/consider something like

uint k = uint(dot(vec4(greaterThan(d, vec4(0))), vec4(2u, 4u, 8u, 16u)));

?

2019-06-16 16:32 🔗

@thewitnessirl hmmmmmm

2019-06-23 07:21 🔗 — In reponse to: @andy_kelley

@andy_kelley Say what you will about the language and the compiler, I find the hype and drumming up of support really fascinating!

2019-06-26 07:13 🔗 — In reponse to: @TimSweeneyEpic

@TimSweeneyEpic Is that just people learning from their mistakes?

2019-06-26 07:37 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow Linux system call clone() uses flags to control what to share and what to copy:

http://man7.org/linux/man-pages/man2/clone.2.html

https://github.com/torvalds/linux/blob/master/kernel/fork.c#L1755

Of course, that's a bit less about taking too much time, but still about controlling deep copying.

2019-06-28 10:15 🔗 — In reponse to: @oe1cxw

@oe1cxw @der_ak -FLT_MIN is undefined? (only guessing, I think -INT_MIN was in any case..?)

2019-06-28 12:38 🔗 — In reponse to: @johnregehr

@johnregehr This question reminds me of when I was working on Jato (open source Java VM) and found that a single System.out.println() caused a cascade of 650,550 method calls (!!!)

2019-07-02 08:16 🔗 — In reponse to: @phillip_trudeau

@pmttavara @FlohOfWoe To fuzz a library you'll probably want to write a little wrapper executable around it. For APIs, you need a way to turn raw binary data into API calls. Maybe invent your own bytecode format, but making sure you adhere to the publicly stated API rules.

2019-07-02 08:20 🔗 — In reponse to: @vegard_no

@pmttavara @FlohOfWoe To fuzz anything using e.g. SDL on Linux you can run a Xvfb server (X virtual framebuffer) and make sure your fuzzed executable connects to it (by setting $DISPLAY). It's probably going to be quite slow but will at least prevent windows from popping up/down on your real screen.

2019-07-02 08:46 🔗 — In reponse to: @pvdrz

@christian_poved @johnregehr @Gankro Yes, the POPL'18 paper is what you're looking for. "For any library that employs unsafe code internally, verify that its implementation satisfies [...] its interface, thus establishing that the unsafe code has indeed been safely “encapsulated” by the library’s API."

2019-07-02 08:49 🔗 — In reponse to: @vegard_no

@christian_poved @johnregehr @Gankro I don't grok all the mathy parts and Coq stuff in the paper, but it also has very nice human-readable descriptions and explanations of how Rust's rules make its safety guarantees work in practice. It's worth a read just for that.

2019-07-02 10:55 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @pmttavara Yes, that would probably help depending on exactly how complicated the API is. You'll definitely want to store things like resources/handles and pass them back in subsequent calls. Maybe have a look at what syzkaller does: https://github.com/google/syzkaller/blob/master/docs/syscall_descriptions.md ("system calls as an API")

2019-07-02 20:04 🔗 — In reponse to: @johnregehr

@johnregehr Nice :-) I would worry about blowing the cache if you're going to specialise everything for everybody. I also suspect that kernel/userspace entry/exit code dominates for anything that spends significant amount of CPU on system calls.

2019-07-02 20:09 🔗 — In reponse to: @vegard_no

@johnregehr Very often you end up doing things like readdir+stat in a loop (git status, rsync, find, etc.), maybe if you could compile a tiny little program doing that combination of syscalls to bytecode and then run the bytecode in the kernel that might be a significant win (fewer u->k->u)

2019-07-02 22:24 🔗 — In reponse to: @vegard_no

@snaums @johnregehr Thanks for the pointers, I did not realise this had a name and was actively researched :-) My feeling is that Linux will provide this in the near future. I'm not crazy about EBPF personally, but we'll see...

2019-07-08 20:33 🔗 — In reponse to: @leonard_ritter

@paniq @rygorous You're talking about overtones in the source, but because of how the ear works even a pure sine pressure wave (with no overtones in the signal) will be perceived at multiple frequencies in the ear (a hair cell at x Hz will pick something up, but so will the one at 2x Hz)

2019-07-16 05:40 🔗 — In reponse to: @TilingBot

@TilingBot Warning: ionizing radiation hazard!

2019-07-18 14:29 🔗 — In reponse to: @mgeb

@mgeb @dvyukov Correct; we demoed kernel crashing by auto-mounting corrupted filesystem images on USB flash drives in 2016: https://lwn.net/Articles/685182/ . Our goal was not exploitation/execution, but as far as I can tell that should be very easy to achieve.

2019-07-18 15:36 🔗 — In reponse to: @dvyukov

@dvyukov @mgeb We saw pretty much everything (BUG, #PF, OOB, UAF, etc.). It's the sheer amount of bugs that leads me to believe something must be exploitable. Auto-mounting typically includes mount() + actual fs activity like readdir()/stat() so you have several opportunities to hook in.

2019-07-18 15:43 🔗 — In reponse to: @vegard_no

@dvyukov @mgeb I am not an expert in exploitation by far, but I would expect there to be many opportunities to have the fs driver load payloads directly from the filesystem and maybe by poisoning/corrupting metadata/memory structures or (type confusion/OOB) you can overwrite a funcptr somewhere

2019-07-18 15:48 🔗 — In reponse to: @vegard_no

@dvyukov @mgeb Whenever I read exploit writeups they seem to do far crazier stuff than this :-) I think the only way to prove it positively is to write an actual exploit, so this is all a hunch (and I'm not trying to hide that!); I could be totally wrong.

2019-07-19 10:41 🔗 — In reponse to: @steaIth

@steaIth 👍 I'm a bit sad that people feel a compulsion to hate on something that has been hugely useful/successful/influential. PGP is what we had and it's served its purpose well. Now it's time for something new, that doesn't mean that what came before was a work of the devil.

2019-07-25 09:27 🔗

Epic "steps to reproduce" in Linux kernel bug report: https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2055117.html

Includes gems like "3 windows full of tabs on my

monitor 118 tabs in each window" and "I use the infinite scroll on sites Facebook, VK, Pinterest, Tumblr and open many tabs in Firefox as I could" 😂

2019-07-25 10:09 🔗 — In reponse to: @SoosMate

@SoosMate Yeah, it's a real bug for sure, they even have a fix for it (and the reporter said it was 100% reproducible).

2019-07-25 10:36 🔗 — In reponse to: @vegard_no

Just a clarification, since this could have come across wrongly: I am not making fun of the poster. In fact, I love that people are so dedicated and spend time writing detailed bug reports. Their setup is obviously a great stress test and found a bug which no developer found

2019-07-27 13:30 🔗 — In reponse to: @johnregehr

@johnregehr Maybe too obvious: Modularity means you can fuzz modules/units/functions independently, interfaces (incl. input data!) are more obvious, you can reach deeper "levels" of the program. Possibility of mocking/stubbing out things like filesystem/network activity.

2019-07-28 20:07 🔗 — In reponse to: @Namatnieks

@Namatnieks I like stories that are discovered, like in Fez. You are not told the story, you experience it.

2019-07-30 06:29 🔗 — In reponse to: @JamesWidman

@JamesWidman C++ has been out for how many years now, Jai has not even been released. It's easy to say "break it" when there's nothing to break.

I would argue that backwards compatibility has enabled the success of x86, Windows, *and* Linux, so it clearly has some upsides.

2019-07-30 06:36 🔗 — In reponse to: @vegard_no

@JamesWidman That said, I agree with you: back-comp does prevent us from making design choices that would be better for the language. I don't know what the solution is. Python 2 -> 3 transition is still going on, despite planned deprecation from 2020. Honestly, I still use Python 2 myself.

2019-07-31 09:55 🔗 — In reponse to: @rygorous

@rygorous @hillelogram there's "here: jmp here"

2019-07-31 23:00 🔗 — In reponse to: @andy_kelley

@andy_kelley @ManishEarth @myrrlyn It seems like it should be possible for a language with destructors (like C++) to mandate that they should be called explicitly? If you only look at the readability aspect, I mean. Might need new syntax for temporaries/exceptions/etc. and I admit that could get really ugly...

2019-08-09 14:03 🔗

It seems neither gcc nor clang, nor any of their sanitizers, even with -D_FORTIFY_SOURCE=2, nor valgrind, is able to catch anything wrong when dereferencing std::vector beyond its size (e.g. push, pop, access one element beyond size) OR popping it when already empty.

2019-08-09 14:10 🔗 — In reponse to: @vegard_no

Looks like -D_GLIBCXX_DEBUG is what I want. I wonder if fuzzers should set this, or if they do already? Doesn't look like AFL does. Maybe it's likely enough that something else will crash later to not make it worth it..?

2019-08-09 16:07 🔗 — In reponse to: @dvyukov

@dvyukov Very nice, thanks! Looks like clang++ -fsanitize=address should have caught it, but it didn't on my system because it is using libstdc++; adding -stdlib=libc++ does indeed warn about it!

2019-08-10 19:06 🔗 — In reponse to: @dakami

@dakami As long as it applies... ¯\_(ツ)_/¯

Seriously, though, if the patch doesn't say (and isn't posted on a specific mailing list), I think it's fair to assume it's for mainline.

2019-08-12 10:11 🔗 — In reponse to: @vegard_no

@fuzzitdev @dvyukov What is fuzzit, a private company? Who is behind it? What is the business model? (especially for the OSS offerings)

2019-08-12 12:23 🔗 — In reponse to: @vegard_no

@fuzzitdev @dvyukov @yevgenypats Thank you for the response.

2019-08-18 16:23 🔗

How do you munmap() a MAP_STACK mapping that was actually used as a stack and possibly auto-grown by the kernel without parsing /proc/$pid/maps to find its size?

2019-08-18 16:24 🔗 — In reponse to: @vegard_no

(s/MAP_STACK/MAP_GROWSDOWN/ possibly)

2019-08-18 16:29 🔗 — In reponse to: @vegard_no

I guess mmap() a much bigger (fixed size) PROT_NONE mapping and then just remap the top page with MAP_GROWSDOWN? That would also take care of potential collisions during growing (assuming the kernel actually knows how to grow into the bigger PROT_NONE mapping)

2019-08-21 15:14 🔗 — In reponse to: @bnjbvr

@bnjbvr I deliberately try to phrase review comments as suggestions rather than comments ("If you do X you could get benefit Y" or "I would maybe do X, because Y") and it helps to acknowledge that many of these small comments are not, in fact, blockers: "Feel free to go ahead and merge"

2019-08-21 15:26 🔗 — In reponse to: @vegard_no

@bnjbvr This may look formulaic (and it is, to some degree), but both author and reviewer should always know that the review is about producing the best possible code and is not some kind of personal attack/competition. Keeping the tone friendly helps us remember that.

2019-08-22 07:55 🔗 — In reponse to: @zitterbewegung

@zitterbewegung @geomblog @johnregehr I've played a bit with GPT2 and calling it "bias" is a little bit too weak, I think. It very often does exactly that -- use the name "Harry" in your text once and it starts talking about Ron and Hermione; any prompt turns into something about Trump if you let it run long enough.

2019-09-01 07:29 🔗 — In reponse to: @psuedofolio

@psuedofolio People who are there to support you will hopefully support you regardless of whether other people can get the same benefits for free.

Not telling you what to do, but a friendly note/reminder might help some do the right thing when it comes to dipping in for free.

2019-09-01 11:53 🔗 — In reponse to: @mcclure111

@mcclure111 @pgwipeout To be fair, there's been a _ton_ of kernel bugs due to gotos, usually happens when people patch something without looking at the whole function (i.e. jumping to the wrong label, not setting return codes correctly, forgetting to add cleanup, etc.)

2019-09-01 11:57 🔗 — In reponse to: @vegard_no

@mcclure111 @pgwipeout Just a very quick search gives me:

CVE-2010-0623 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5ecb01cfdf96c5f465192bdb2a4fd4a61a24c6cc

CVE-2017-6074 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4

CVE-2019-8980 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f612acfae86af7ecad754ae6a46019be9da05b8e

And there are many more that don't have CVEs.

2019-09-05 14:13 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @_Felipe In the x86-64 ELF ABI (dunno about others) if you return a "big" object then the caller supplies a pointer to the actual return value as a hidden first argument. The actual copying would necessarily have to be done in the callee and compiler may not be able to optimize that out.

2019-09-05 14:49 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @_Felipe Yep. And maybe inlining will be the default for stuff like std::stack anyway since it's all there in the headers.

I think having both top()+pop() and a pop_return() (or whatever you want to call it) could also work -- and you just don't pay for whichever ones you don't use.

2019-09-08 23:38 🔗 — In reponse to: @RichFelker

@RichFelker @wattsamata @pcwalton Would not surprise me, but probably depends on what the underlying file object is. From a quick glance, fs/pipe.c:pipe_write() has an alloc_page() call that results in ENOMEM if it fails -- and it looks to me like it gets propagated out of write(). Could be wrong, though.

2019-09-08 23:39 🔗 — In reponse to: @vegard_no

@RichFelker @wattsamata @pcwalton ( https://github.com/torvalds/linux/blob/master/fs/pipe.c#L444 for reference)

2019-09-09 10:24 🔗 — In reponse to: @SoosMate

@SoosMate Don't know, I'd just define the helper myself, maybe just use something like https://stackoverflow.com/a/1983525/1697183 or https://stackoverflow.com/a/2392292/1697183

2019-09-10 06:43 🔗 — In reponse to: @sortiecat

@sortiecat When you say "no other accesses", do you include the allocator itself as well? If not, the allocator could be using the freed memory to store metadata (e.g. linked list of free objects), in which case a double free could corrupt that metadata and cause other badness down the road

2019-09-10 09:59 🔗 — In reponse to: @PirateHearts

@PirateHearts @poe__ You probably know more about this than me, but Wikipedia has an algorithm to convert from hue/chroma/perceived luma to sRGB: https://en.wikipedia.org/wiki/HSL_and_HSV#Luma/chroma/hue_to_RGB

It's not really clear to me whether chroma and saturation are equivalent in this case, but it could be worth a try?

2019-09-11 05:25 🔗 — In reponse to: @sortiecat

@sortiecat I prefer syscall() != 0 if success is always indicated by 0 (e.g. close()) and x = syscall(); ... x == -1 if the return value is meaningful beyond success/error (e.g. open()). So it depends on the syscall.

(This is usually as specific as you can be and leaves less ambiguity.)

2019-09-17 07:58 🔗 — In reponse to: @sweis

@sweis You're kicking somebody who is already down.

2019-09-20 15:01 🔗

Come join us, we have a fantastic team and lots of interesting challenges. In 2018 we shipped updates for a whopping 1,102 vulnerabilities, including some really tough ones like Spectre, Meltdown, and L1TF, all while keeping the kernel running. https://twitter.com/jamiediles/status/1173931318062780416

2019-09-20 15:01 🔗 — In reponse to: @vegard_no

Those updates were across some 5-6 distros, covering kernels going back as far as 2.6.18! Of course, nobody can be familiar with all the kernel subsystems across so many versions (and vulnerabilities can show up anywhere) so source code comprehension is an essential skill.

2019-09-20 15:01 🔗 — In reponse to: @vegard_no

We look at a *ton* of Linux kernel patches and sometimes have to think outside the box in order to turn them into a Ksplice update. For L1TF we literally had to fix up any and all non-present PTEs on the system. For Meltdown we had to create brand new kernel mappings. On the fly.

2019-09-20 15:01 🔗 — In reponse to: @vegard_no

Safety is paramount to us, and we practice code review and testing to avoid accidentally crashing the kernel when applying updates. Sometimes our custom tests and fuzzers find completely unrelated vulnerabilities, like CVE-2018-10901, which can be exploited to get ring 0.

2019-09-20 15:01 🔗 — In reponse to: @vegard_no

We also provide updates for important userspace libraries like glibc and OpenSSL. We patch those without requiring a restart of the processes using them, and without requiring any special support in the applications themselves.

2019-09-22 17:37 🔗 — In reponse to: @glaebhoerl

@glaebhoerl There is a clear connection between PL design and theories in mathematical logic, isn't there? As a designer, you're trying to find suitable minimum set of language rules (axioms) that together will imply the possibility of certain use cases (theorems) down the line

2019-09-22 17:42 🔗 — In reponse to: @vegard_no

@glaebhoerl I guess this is also what theoretical physicists do, in a sense.

2019-09-24 10:03 🔗 — In reponse to: @moyix

@moyix @kayseesee How about fuzzing for coverage feedback first, then (when it plateaus) switching to value feedback, maybe using a heuristic to prioritise test cases (e.g. test cases which contain rarely hit branches first)?

2019-09-26 16:41 🔗 — In reponse to: @vegard_no

As usual: all qualified applicants will receive consideration without regard to race, religion, sexual orientation, gender identity, disability, etc.

2019-09-26 16:50 🔗

In today's weird/useless C++ corner, using assignment as a template argument fails with clang but works with gcc:

https://godbolt.org/z/HtbREO

Wonder who's right here...? @volatile_void

2019-09-26 20:44 🔗 — In reponse to: @rep_stosq_void

@volatile_void Nice! Thanks! I can file bugs. Does the local C++ expert want to be credited for the modified example?

2019-09-27 09:55 🔗 — In reponse to: @rep_stosq_void

@volatile_void As I'm filing the bug, I'm thinking x=x is in fact a constant expression here, regardless of whether x is, since x is not actually used in operator= at all; as far as I can tell, calling a function marked constexpr may or may not be a constant expression ( https://stackoverflow.com/a/5462526/1697183 )

2019-09-27 10:06 🔗 — In reponse to: @rygorous

@rygorous Can you isolate it by bisection? By code changes, by video size, by any other parameter you can think of...

2019-09-28 12:15 🔗

A C++ tragedy in 13 lines https://godbolt.org/z/bMfJ8Q

2019-09-30 07:59 🔗 — In reponse to: @dakami

@dakami >850MiB/sec reads? Smells like uring to me.

2019-10-04 22:23 🔗

I once added support for C++ exceptions to the Linux kernel using libcxxrt and libunwind. It was pretty bad, but it taught me a good lesson on exactly how expensive and horrible exceptions are. https://lkml.org/lkml/2018/4/2/110

2019-10-08 07:21 🔗 — In reponse to: @andy_kelley

@andy_kelley Beautiful :-)

2019-10-22 23:41 🔗

It's been a year since I announced my Pledge of Conduct, based on @coralineada's Contributor Covenant. Honestly, I had hoped it would catch on. I think the Pledge is a strictly stronger statement than various project Codes of Conduct for the simple reason that it is personal. https://twitter.com/vegard_no/status/1054477604076601345

2019-10-24 13:41 🔗

Self-printing URLs in C/C++: https://godbolt.org/z/88DAgJ

2019-10-25 09:01 🔗 — In reponse to: @johnregehr

@johnregehr on the off-chance: https://arxiv.org/pdf/1306.5726

2019-10-28 22:08 🔗 — In reponse to: @domenuk

@domenuk Laptop: "This is fine."

2019-10-29 07:42 🔗 — In reponse to: @TilingBot

@TilingBot medieval coat of arms

2019-10-29 07:50 🔗

Does anybody know of either a malware or an antivirus on Linux that hooks execve()/execveat() using ftrace/tracepoints?

2019-10-30 07:54 🔗 — In reponse to: @rygorous

@rygorous Sounds like it might end in an organ donation

2019-11-06 11:40 🔗 — In reponse to: @dvyukov

@dvyukov http://talktotransformer.com agrees with you:

2019-11-09 09:04 🔗 — In reponse to: @andy_kelley

@andy_kelley @RichFelker I thought of using sigprocmask()/pthread_sigmask() in your library around the write(), but that only delays it until you unblock the signal so it doesn't really help... poll(POLLERR) before write() looks like it might be racy, and anything to do with sockets won't work for pipes.

2019-11-09 13:16 🔗 — In reponse to: @hanno

@hanno The attack that worries me is where the server has been hijacked and a malicious script inserted. This is not quite the same as inserting malicious code into a release tarball, which could be easily be signed or (at least in theory) inspected before (or after!) being run.

2019-11-09 13:24 🔗 — In reponse to: @hanno

@hanno The point is that the code you run with curl never touches a persistent medium (unless you use a caching proxy that also intercepts https, I guess). There is no trace, the server could give out a malicious code only once and nobody would know where it came from.

2019-11-12 07:55 🔗 — In reponse to: @rep_stosq_void

@capitalist_void sysfs_kf_write() checks !count

2019-11-12 09:16 🔗 — In reponse to: @vegard_no

@capitalist_void the call chain is:

sys_write()

vfs_write()

__vfs_write()

kernfs_fop_write()

sysfs_kf_write()

dev_attr_store()

2019-11-12 12:41 🔗 — In reponse to: @cigix22

@cigix22 @capitalist_void The kernel has no stable internal ABI or API, so yeah, better double check whatever version you are compiling against. This is one reason why it is recommended to merge drivers into the mainline tree, since whoever makes the API change then also has to fix your driver.

2019-11-15 22:20 🔗

Why does C have the -> operator at all? Turns out there's a historical reason... https://stackoverflow.com/questions/13366083/why-does-the-arrow-operator-in-c-exist/13366168#13366168

2019-11-16 08:40 🔗 — In reponse to: @jchification

@jchification Yup, and in fact the Linux kernel itself still has traces of this. Eg. struct vm_area_struct with its ->vm_start, ->vm_end, ->vm_rb, ->vm_mm, ->vm_flags, etc. and 'struct file' with its ->f_path, ->f_inode, ->f_flags, ->f_mode, ->f_pos, etc.

2019-11-16 08:47 🔗 — In reponse to: @jchification

@jchification Yeah, true!

2019-11-20 23:01 🔗

incbin() (AKA std::embed()) for reading files in C/C++ at compile time using preprocessor and assembler directives: https://godbolt.org/z/XB2pX_

2019-11-21 10:53 🔗 — In reponse to: @lazytyped

@lazytyped @tehjh @jchification I'm in two minds. Yeah, in practice, something like ->flags is horrible to grep for in the kernel and having ->f_flags and ->vm_flags has helped me in the past. OTOH it doesn't feel like a scalable practice or something you can apply universally

2019-11-21 10:54 🔗 — In reponse to: @vegard_no

@lazytyped @tehjh @jchification You have no guarantee there won't be prefix collisions; f_ is very short and there are 2k+ structs in the kernel starting with "f". Do apply it only to the most common structs? What's the max viable prefix length before it gets annoying to type?

2019-11-24 18:02 🔗 — In reponse to: @matthew_d_green

@matthew_d_green And attempted proofs have also revealed actual bugs in designs/protocols (i.e. false claims).

2019-11-26 10:24 🔗 — In reponse to: @andy_kelley

@andy_kelley @ziglang I tried some stuff: https://godbolt.org/z/tNsEbm

I suppose the "else" gets optimised out and therefore doesn't execute the comptime code, do you think this could surprise people since the non-optimised if/else executes the comptime code from both branches?

2019-11-26 10:24 🔗 — In reponse to: @vegard_no

@andy_kelley @ziglang Also, the Zig compiler on godbolt is very slow, on the order of 5-6 seconds for these tiny programs. Known problem?

2019-12-02 19:57 🔗 — In reponse to: @johnregehr

@johnregehr @ciphernyx do your students prefer positive or negative feedback?

2019-12-04 09:59 🔗

I love this whole thread (read from the top). Three new up-and-coming programming languages (scopes, Zig, Odin) by three individuals. Some of them are playing with safety à la Rust. I'm optimistic for the future of programming (languages)! https://twitter.com/TheGingerBill/status/1201976441522536449

2019-12-05 22:37 🔗 — In reponse to: @thepetitioner

@thepetitioner @cbrownLmath @ashleyeducator @LouiseHStaples I would say all math is abstract at its core. Sometimes you can apply it to the real world, but trying to relate all of mathematics to everyday examples would be a mistake. Just like you can't hold a negative amount of donuts in your hands. Recommend this: https://press.princeton.edu/books/hardcover/9780691123097/negative-math

2019-12-06 15:37 🔗

PSA: never use LD_LIBRARY_PATH="/foo/bar:$LD_LIBRARY_PATH"

If LD_LIBRARY_PATH was unset, this ends up adding the current directory for any command to the search path, allowing a DLL search order hijacking attack.

Instead use this: https://stackoverflow.com/a/9631350/1697183

2019-12-07 18:44 🔗 — In reponse to: @dvyukov

@dvyukov To be fair, it probably *is* extensively reviewed, if you count person-hours spent reviewing it (I know how much I've personally spent on it).

I would say it's HARD to review (e.g. lots of undocumented assumptions), which makes review fundamentally inefficient.

2019-12-10 13:53 🔗 — In reponse to: @dvyukov

@dvyukov Try PERL_HASH_SEED=0 :-)

2019-12-10 16:16 🔗 — In reponse to: @leonard_ritter

@paniq AFAIK the accelerating expansion of the universe will at some point cause expansion to happen faster than the speed of light, which means galaxies will become completely isolated from each other. This seems like a good read: http://curious.astro.cornell.edu/about-us/104-the-universe/cosmology-and-the-big-bang/expansion-of-the-universe/616-is-the-universe-expanding-faster-than-the-speed-of-light-intermediate

2019-12-14 22:01 🔗 — In reponse to: @axboe

@axboe Does this mean we can finally do 500 stat() calls with a single syscall (or at least not more than a handful)!? I could see this possibly speeding up 'git status' in large repos...

2019-12-14 23:52 🔗 — In reponse to: @axboe

@axboe A recent kernel checkout has ~65k files, can you do a test for that (cached)? 🤓 Git does already do its stat()s in parallel, btw: https://git.kernel.org/pub/scm/git/git.git/tree/preload-index.c

2019-12-15 07:04 🔗 — In reponse to: @axboe

@axboe Nice!! Thanks, looks like this could be _really_ useful.

2019-12-15 16:53 🔗

Performance numbers for regular stat() vs. io_uring. This looks very promising for speeding up git operations in big repos. https://twitter.com/axboe/status/1205991776474955777

2019-12-17 11:13 🔗 — In reponse to: @rep_stosq_void

@capitalist_void https://twitter.com/vegard_no/status/968097221521625089

2019-12-17 14:43 🔗 — In reponse to: @colinianking

@colinianking It's a good thing the kernel has such a large and easy-to-run test suite to boost your confidence in the backport. I don't know what we'd do without it.

2019-12-20 11:09 🔗

I'm increasingly feeling that perhaps where C/C++ standardisation went wrong was in trying to specify the behaviour of programs rather than the behaviour of compilers.

2019-12-20 16:30 🔗 — In reponse to: @dvyukov

@dvyukov The kernel's vsnprintf() returns the number of bytes that would have been printed regardless of how large the target buffer is. It does this using a pointer to the buffer which is incremented when a character is output, and then subtracts the initial value to return the length.

2019-12-20 16:31 🔗 — In reponse to: @vegard_no

@dvyukov This is technically UB because you are not actually allowed to construct pointers that point outside the underlying array regardless of whether you actually dereference it or not.

2019-12-20 16:31 🔗 — In reponse to: @vegard_no

@dvyukov This feels odd to me, but the rationale for keeping something undefined is (AFAIU) usually because you cannot make any guarantees whatsoever as to what the behaviour _should_ be.

2019-12-20 16:31 🔗 — In reponse to: @vegard_no

@dvyukov If we had instead specified that p++ should generate code to increment the pointer and *p should generate code to dereference it, then you have circumvented the whole problem of runtime behaviour, since it is not actually specified at all.

2019-12-20 16:32 🔗 — In reponse to: @vegard_no

@dvyukov Anyway, I'm not an expert on this, maybe it's just shifting the problem somewhere else. Maybe I misunderstood something fundamental. I just have this feeling that focus on runtime behaviour is complicating the language specification unnecessarily.

2019-12-20 16:53 🔗 — In reponse to: @travisgoodspeed

@travisgoodspeed lsof -p $(pidof qemu-system-x86_64) | grep kvm

should have at least /dev/kvm in there, probably also kvm-vm, kvm-vcpu:*

2019-12-21 17:35 🔗 — In reponse to: @dvyukov

@dvyukov Maybe, but is that relevant? Presumably the machine can still both do arbitrary arithmetic and also convert between pointers and numbers, so as long as you don't dereference it there should be no problem on the machine side of things.

2019-12-22 10:52 🔗 — In reponse to: @vzverovich

@vzverovich Tried to find a source, but both of these point to a now defunct G+ post:

https://stackoverflow.com/a/10119699/1697183

https://news.ycombinator.com/item?id=3830609

2019-12-22 11:06 🔗 — In reponse to: @vzverovich

@vzverovich Here it is in the Linux kernel:

https://github.com/torvalds/linux/blob/master/include/linux/kconfig.h#L34

Again credited to user "comex":

https://github.com/torvalds/linux/commit/69349c2dc01c489eccaa4c472542c08e370c6d7e

2019-12-23 14:47 🔗 — In reponse to: @onemanmmo

@onemanmmo @vassvik This is probably way too simple for what you need, but you can achieve something half decent by just layering moving textures and applying a suitable gradient: https://www.shadertoy.com/view/wdVXWR (there isn't much by way of explanation, but the code is short/simple...)

2020-01-13 17:00 🔗 — In reponse to: @leonard_ritter

@paniq There is a famous Barks story about this: https://scrooge-mcduck.fandom.com/wiki/Secret_of_Atlantis

"After sinking almost every 1916 quarter ever minted into the sea so as to make the one quarter that he keeps the most valuable coin in the world [...]"

2020-01-14 20:52 🔗 — In reponse to: @eeide

@eeide @johnregehr There is also the "alternatives" mechanism where it patches in/out different instructions depending on CPU features discovered at runtime. Probably mentioned in the paper, but I don't have access, so...

2020-01-14 20:52 🔗 — In reponse to: @vegard_no

@eeide @johnregehr Oh, the password is right there. Hang on.

2020-01-16 09:42 🔗 — In reponse to: @DRMacIver

@DRMacIver Reminds me of this that I saw the other day: https://twitter.com/cxlt/status/1214837749062127616

2020-01-16 15:12 🔗 — In reponse to: @mkolsek

@mkolsek @ericlaw FWIW, I proposed this for the Linux kernel in 2013: https://lwn.net/Articles/577432/

Certain responses put me off the whole thing for a long time, but last year we started using it for Ksplice updates: https://blogs.oracle.com/linux/using-ksplice-to-detect-exploit-attempts

2020-01-27 12:08 🔗 — In reponse to: @oliora

@oliora @horenmar_ctu I wonder if it would have been better or worse if they had something like #define _STD_V2, that would easily allow the user to choose between ABI (backwards) compatibility or new features.

2020-01-27 12:08 🔗 — In reponse to: @vegard_no

@oliora @horenmar_ctu I guess modern C++ is too allergic to macros.

2020-01-27 17:51 🔗

Reducing contention by local batching is one of the most effective things you can do. You typically don't actually need to put just 1 message on a bus, if you can queue up 1k messages on your local CPU and then put them all on the bus with a single shared update that's a HUGE win https://twitter.com/Jonathan_Blow/status/1214670405778100224

2020-01-31 14:18 🔗 — In reponse to: @dvyukov

@dvyukov I actually really like it when code is top to bottom. You build upon earlier definitions. In mathematics, you start with definitions and axioms, then you prove your lemmas, then you prove your theorems. In fiction you also start with the backstory and build up to the climax.

2020-02-01 08:56 🔗 — In reponse to: @tblodt

@tblodt @Jonathan_Blow This is the correct solution!

2020-02-05 11:37 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow musl comes with gcc and clang wrappers, so you should be able to just run musl-gcc -static foo.c or musl-clang -static foo.c. If you build musl from source (recommended), use ./configure --enable-wrapper=clang to enable the clang wrapper.

2020-02-05 12:32 🔗 — In reponse to: @fleming_matt

@fleming_matt As long as they have nested expressions, at least. I'm sure you can parse e.g. assembly code using regular expressions.

2020-02-20 07:49 🔗 — In reponse to: @UINT_MIN

@UINT_MIN Maybe something like NPOSL-3.0 ( https://opensource.org/licenses/NPOSL-3.0 ) which has a non-profit clause (note: it also has an Affero-like network clause) for hobbyists and dual license to commercial clients under a non-OSS license?

2020-02-20 21:55 🔗

AFL++ is doing Google Summer of Code 2020! This could be an amazing opportunity for students interested in fuzzing. Proposals will be accepted starting from March 16: https://groups.google.com/d/msg/afl-users/AveqWCQ_HoM/f5wuiOE0AwAJ

2020-02-21 08:09 🔗 — In reponse to: @johnregehr

@johnregehr @wattsamata @RichFelker This is arena allocation, filesystem style.

2020-02-21 08:13 🔗 — In reponse to: @vegard_no

@johnregehr @wattsamata @RichFelker Also, separate build dir allows you to mount a tmpfs there: https://twitter.com/trav_downs/status/1230261645072576513

2020-02-23 09:07 🔗 — In reponse to: @maxheiber

@maxheiber @croloris @antirez If the Vec reallocates then you invalidate all pointers into it. So you may be forced to use indices instead of direct pointers in other parts of your program. You can use a Vec of pointers instead, but then you lose the benefits listed in the quote anyway.

2020-02-27 09:38 🔗 — In reponse to: @_Felipe

@_Felipe Not exactly the same, but one trick I found uses (inlined) lambdas to do this kind of forced handling of special cases (here for pointers vs. errors): https://vegard.wiki/w/Error_types

2020-03-01 13:52 🔗

Who decided to call it type traits instead of stereotypes?

2020-03-07 11:06 🔗 — In reponse to: @Simon_Gregg

@Simon_Gregg Leftmost has only one connected black component..?

2020-03-08 13:54 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu Didn't check your example very thoroughly, but can you not just put a sizeof() around your expression? That doesn't evaluate it, but does give (some) warnings at least in a toy example: https://godbolt.org/z/mJyzag

2020-03-08 13:54 🔗 — In reponse to: @vegard_no

@horenmar_ctu Sorry, the link was with typeof(), here's with sizeof(): https://godbolt.org/z/9PtsDn

2020-03-08 14:30 🔗 — In reponse to: @AndrewM_Webb

@AndrewM_Webb @vassvik Here's a shadertoy version: https://www.shadertoy.com/view/3lySW3 (most of the action is in the "Buffer A" tab; not optimized!)

2020-03-09 13:34 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu Maybe something like this? https://godbolt.org/z/JnadU9

2020-03-09 13:36 🔗 — In reponse to: @vegard_no

@horenmar_ctu Looks like this might be enough! https://godbolt.org/z/vbqmJx

2020-03-13 11:23 🔗 — In reponse to: @dannas_

@dannas_ @pkhuong This one is my favourite variant so far (chmod +x):

#if 0

gcc -Wall $0 && exec ./a.out; exit

#endif

Some more at https://coderwall.com/p/e1htcg/self-compiling-source-code

2020-03-13 21:12 🔗 — In reponse to: @rep_stosq_void

@capitalist_void Relevant? https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1252672.html

2020-03-16 14:41 🔗

My wife is currently giving a university lecture from home by discord for the first time... suggested by the students, of course.

2020-03-16 16:15 🔗 — In reponse to: @klettier

@klettier So far text only and apparently it's not that great :-P Probably with audio or video tomorrow.

2020-03-19 12:13 🔗

We have the most beautiful summer weather (today and yesterday), and there's nobody in the streets. Surreal.

2020-03-19 13:33 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu This is only a problem on MSVC, right?

2020-03-21 08:53 🔗

TIL about C math library functions nextafter*() which can give you the next smaller/larger representable value of a float. E.g. nextafterf(1, -INFINITY) is 0.999999940395355224609375.

2020-03-22 21:56 🔗

Has Trump yet accused anybody of creating/releasing the virus specifically to hurt the economy during his term of office? If not, I'm calling it now...

2020-03-25 22:34 🔗 — In reponse to: @AlexKontorovich

@AlexKontorovich Wouldn't a bankruptcy most likely end in somebody (perhaps another company) buying the airline and continue operating it? It's not like all the planes and everything are just sent to the junkyard, in any case.

2020-03-26 08:04 🔗 — In reponse to: @andy_kelley

@andy_kelley @b0rk Is this surprising? It is documented by signal(7) AFAICT and doesn't have anything to do with strace

2020-03-27 07:05 🔗 — In reponse to: @stevecheckoway

@stevecheckoway @johnregehr In C/C++ you can also make them self-printing: https://twitter.com/vegard_no/status/1187333214416916481

2020-04-03 13:31 🔗 — In reponse to: @larkmjc

@michael90187356 One cool memory-saving trick is allocating memory with MAP_32BIT, allowing you to get 32-bit pointers on x86-64 with zero overhead (i.e. it's not an index and you can use it exactly like a normal pointer). The only downside is that it's obviously limited to 4 GiB.

2020-04-05 09:28 🔗 — In reponse to: @justinschuh

@justinschuh @lcamtuf Asking people to delete their tweets is bullying, plain and simple.

2020-04-05 10:40 🔗 — In reponse to: @Simon_Fe1

@Simon_Fe1 @rygorous @JustJakeSimpson @andrewwillmott For convenience: https://godbolt.org/z/9zz9r-

2020-04-05 23:49 🔗

Verifying myself: I am vegardno on http://Keybase.io . lY7LygX3laM-ukJfTYFGwqDmrBf_07UpjW18 / https://keybase.io/vegardno/sigs/lY7LygX3laM-ukJfTYFGwqDmrBf_07UpjW18

2020-04-06 21:06 🔗 — In reponse to: @stephenrkell

@stephenrkell git log --follow <path>

?

git blame -M <path>

?

2020-04-08 10:44 🔗 — In reponse to: @ViGreyTech

@ViGreyTech pollen season

2020-04-09 19:35 🔗 — In reponse to: @rep_stosq_void

@capitalist_void The memcpy() seems to assume \0-termination with its + 1, but len <= sizeof(str->static_data) seems to allow you to use up the very last byte of the static buffer? So I would say that <= should be changed to <, maybe?

2020-04-09 23:52 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe Was thinking about this. I guess idiomatic code emerges as a kind of best practice in the early stages, but then as time goes on we lose sight of the reasons for *why* it was considered good? And then we worship "idiomaticity" rather than actually good code? Dunno.

2020-04-13 13:17 🔗 — In reponse to: @colinianking

@colinianking I've been playing around with this a lot, and actually I find the opposite effect. If I play music at half speed, my brain slows down (to the point where it puts me to sleep); if I play music at 2x speed, my brain seems to work faster.

2020-04-13 13:19 🔗 — In reponse to: @vegard_no

@colinianking Also, mplayer -af scaletempo -speed 2:1 (or 3:2, etc.) FTW 😃

2020-04-15 14:03 🔗 — In reponse to: @rygorous

@rygorous @tom_forsyth @Reedbeta @Atrix256 @StanloGraphics I tried making a comparison chart between various formulas I found online. Correctness is not guaranteed, although it looks sane to me at a glance. Source at https://gist.github.com/vegard/35c5b34eb6d6c5d0c2d51cd5ee2fc7ee (patches welcome)

2020-04-16 08:53 🔗 — In reponse to: @pervognsen

@pervognsen /O2 should be able to do it. Maybe I didn't get the example right? https://godbolt.org/z/P3awLT

2020-04-18 08:53 🔗 — In reponse to: @pervognsen

@pervognsen You could movzbq %cl, %rcx if you absolutely don't want to zero it before doing the cmp.

2020-04-19 10:38 🔗 — In reponse to: @iquilezles

@iquilezles mesa has machine-readable info about everything: https://github.com/mesa3d/mesa/tree/master/src/mapi/glapi (specifically registry/gl.xml)

There are also some python scripts to process (some of?) that under gen/

2020-04-20 06:09 🔗 — In reponse to: @pervognsen

@pervognsen I suspect that how you want to handle integer divide by 0 is a "local" decision (i.e. a library want might to handle it differently from the main application, or it might want to handle it differently in different places). Maybe you want two division operators separately defined?

2020-04-20 10:18 🔗 — In reponse to: @pervognsen

@pervognsen @rygorous That's why I suggested separate operators with different semantics. That way the programmer can always be explicit about what semantics they want. And you can make both of them always defined. It can even be the same symbol, but chosen syntactically

2020-04-22 14:20 🔗 — In reponse to: @pervognsen

@pervognsen This counts prefixes of letters + underscore 16 bytes at a time: https://godbolt.org/z/jc3Fi5

This makes the assumption that numbers are rare in identifiers. Also x86 only, obviously...

Not benchmarked (or if it was, I don't have the numbers anymore).

2020-04-22 14:40 🔗 — In reponse to: @vegard_no

@pervognsen off-by-one erratum: ch_AZ should not have the + 1 (otherwise "[" is counted as a letter)

2020-04-23 09:09 🔗 — In reponse to: @pervognsen

@pervognsen I'm thinking a single 32-byte constant array with 16x 0x00 followed by 16x 0xff and loading that (offset by the character count) into a _m128i.

2020-04-23 09:16 🔗 — In reponse to: @vegard_no

@pervognsen Like this generates horrible code, but mostly because I'm printing out the byte mask inside the loop :-) https://godbolt.org/z/27VNU9

2020-04-23 09:33 🔗 — In reponse to: @vegard_no

@pervognsen You probably want to tweak this, the results are quite poor (adding an "o" only changes a handful of bytes of the result), but it's a start? https://godbolt.org/z/fZv8Em The codegen looks pretty good!

2020-04-23 10:22 🔗 — In reponse to: @vegard_no

@pervognsen I really don't know how to best use the AES instructions, but this doesn't look too bad: https://godbolt.org/z/pAtZUP

2020-04-23 10:40 🔗 — In reponse to: @pervognsen

@pervognsen Did not see, as I did not get any notifications :-) Ah well, you have some options then!

2020-04-23 10:47 🔗 — In reponse to: @pervognsen

@pervognsen I don't think the prefix calculation in the one you linked is correct. Try hashscan("foo") vs. hashscan("foo x"). They should be the same, but aren't (unless I goofed up)

2020-04-23 11:39 🔗 — In reponse to: @pervognsen

@pervognsen @zwegner zach's also suffers from the wrong prefix calculation. I did some microbenchmarks and I think my version is marginally faster than both of yours (~3% and ~33% respectively) 😛

2020-04-24 03:46 🔗 — In reponse to: @stormoid

@stormoid I made a "continuous" variant based on your code:

https://www.shadertoy.com/view/WdlfzH

I think it looks nice in full screen, one could probably do the mixing in of the source image in a much better way though.

2020-04-25 11:38 🔗 — In reponse to: @pervognsen

@pervognsen @zwegner There are some indications that clflush is pretty costly even when it doesn't have to do anything, see e.g.: https://stackoverflow.com/a/35968787

2020-04-25 12:02 🔗 — In reponse to: @pervognsen

@pervognsen Everything I can find about the MOVNT* instructions says they're only useful on WC memory and there's no way to make normal userspace memory WC on either Linux or Windows. Looks like prefetchnta might be an option, although you have to make sure the address is paged in

2020-04-26 14:24 🔗 — In reponse to: @kenpex

@kenpex In my experience it's easier to know what C code does at a low level, but it's harder to see the big picture. There are other things that require global knowledge, one example that comes to mind is lock ordering, which isn't necessarily documented anywhere explicitly.

2020-04-26 14:30 🔗 — In reponse to: @vegard_no

@kenpex Other examples: which locks protect what data, which functions you may call in a given context, what data you may access in a given context, which memory barriers are paired up with each other, etc.

2020-04-26 15:54 🔗 — In reponse to: @slembcke

@slembcke I like the ones with no salutation, no preamble, no closing, no signature, just "X doesn't work" (and don't bother including the actual error message either, you know, the one thing that might actually pinpoint the problem), and, after my thoughtful response, no thanks either

2020-04-27 14:44 🔗 — In reponse to: @ChrisBaldie

@ChrisBaldie Bigger pot, support sticks maybe? Did the same, they grew to 150cm incredibly fast.

2020-04-27 22:12 🔗 — In reponse to: @colinianking

@colinianking Definitely impolite to drop SoBs. SubmittingPatches has a relevant paragraph. So I would say fold (bisectability is important), but keep SoBs from all authors and make a note about who did what before adding your own SoB.

2020-04-28 09:23 🔗

theory vs. practice 😔

2020-04-28 10:11 🔗 — In reponse to: @pervognsen

@pervognsen Right; as if memory accesses were not considered constant time because a Turing Machine would need N steps to reach a given location on the tape. Funnily enough, I don't recall anybody explaining this in my complexity theory classes in university. Seems fundamental in hindsight

2020-04-28 13:19 🔗 — In reponse to: @shachaf

@shachaf @pervognsen Is that linked BTree.cpp of yours public domain? Or what is the license? Can I use it? This one: https://gist.github.com/pervognsen/2d48ef9757ee3fd579179239febc817e

2020-04-28 19:50 🔗

Does anybody know the right incantation for cross-compiling LLVM+Clang for Windows *on Linux* using x86_64-w64-mingw32-gcc-posix? No matter what I pass to cmake it seems to think I'm building for Linux (e.g. LLVM_ON_UNIX gets set) and all kinds of things fail.

2020-04-28 20:08 🔗 — In reponse to: @andy_kelley

@andy_kelley 🙏🙏🙏

2020-04-28 23:45 🔗 — In reponse to: @andy_kelley

@andy_kelley soooooo... it makes a lot of progress, but now fails in NATIVE/[...]tblgen due to the same thing (!). I suspect that's why you do the build in 2 steps in your script. So does the LLVM+Clang build system really not support cross-compiling with a single cmake+make run?

2020-04-29 15:22 🔗 — In reponse to: @leonard_ritter

@paniq ?

2020-04-29 15:42 🔗 — In reponse to: @leonard_ritter

@paniq

2020-04-29 20:58 🔗 — In reponse to: @lzsthw

@lzsthw git rm -rf submodule/

git commit -m "Removed submodule"

WFM

2020-04-30 10:54 🔗 — In reponse to: @dvyukov

@dvyukov Also see: https://twitter.com/Jonathan_Blow/status/1255555353275592705

2020-04-30 19:59 🔗 — In reponse to: @rep_stosq_void

@capitalist_void What kind of a font is that for programming, you monster.

2020-04-30 22:00 🔗

Late April fool's?

"Each user home directory will be linked as LUKS-encrypted containers"

"With homed, all information will be placed in a cryptographically signed JSON record"

https://www.techrepublic.com/article/linux-home-directory-management-is-about-to-undergo-major-change/

2020-05-01 09:50 🔗 — In reponse to: @ID_AA_Carmack

@ID_AA_Carmack On Linux you can check /proc/pid/smaps, it has statistics for each VMA ("segment") of a task, including how many pages in that segment have been accessed (as reported by the MMU) under "Referenced". See screenshot for libc code segment of my currently running Firefox process

2020-05-01 09:52 🔗 — In reponse to: @vegard_no

@ID_AA_Carmack In this specific case, there's about 504 kB (= 1792 - 1288) worth of ~unused code...

2020-05-01 10:50 🔗 — In reponse to: @pkhuong

@pkhuong Maybe a long shot, but what happens if you prepend "unbuffer" to your perf command? Like: unbuffer perf record ... | python ...

2020-05-02 06:34 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe Also been using Linux laptops almost exclusively for 10+ years here. There have been some hw-related issues, mostly sound-related. I'm curious about the physical design if you need palm rejection for a touchpad though? 🤔

2020-05-02 06:37 🔗 — In reponse to: @vegard_no

@FlohOfWoe (Not at all saying your issue isn't valid, just that you may be in a minority for needing palm rejection in the first place, and that this is the reason why it's badly supported. In general widely used hw is better supported. Intel seems generally good at providing drivers)

2020-05-02 07:05 🔗 — In reponse to: @pervognsen

@pervognsen @OwenResistor As a by-the-by, have you seen the likely()/unlikely() macros used in the Linux kernel? They use the gcc extension __builtin_expect() to mark which branches are hot/cold paths to place cold paths out-of-line (usually at the end of the function). https://lwn.net/Articles/420019/

2020-05-02 07:06 🔗 — In reponse to: @vegard_no

@pervognsen @OwenResistor Their use is pretty heavily discouraged because it rarely provides any benefit (and the branches take up CPU prediction slots anyway), but I could see some rare cases where it might might sense.

2020-05-02 09:30 🔗 — In reponse to: @Reedbeta

@Reedbeta That instrumentation reminds me a lot of this https://www.youtube.com/watch?v=PLhsKUg5SKg&t=41

I think it would be really cool to play the whole thing in a similar style. Anyway, sounds good 👍

2020-05-02 09:48 🔗 — In reponse to: @shachaf

@shachaf @andy_kelley find probably calls stat on everything, possibly keeping track of filesystem boundaries, symlinks, etc.

2020-05-02 10:28 🔗 — In reponse to: @shachaf

@shachaf @pskocik @andy_kelley If you really want to crank it up a notch, try io_uring? https://twitter.com/axboe/status/1205991776474955777

2020-05-03 21:53 🔗 — In reponse to: @SoosMate

@SoosMate @ciphernyx Uh, any idea who this was and how they got the idea? I sent you a minisat patch for this in 2016...

2020-05-03 22:47 🔗 — In reponse to: @SoosMate

@SoosMate @ciphernyx Interesting, thanks. It's not very detailed. If I remember correctly my implementation used a large, fixed size bitmap (=bad caching behaviour), but I didn't really play around with it much, so maybe I missed something.

2020-05-04 08:35 🔗 — In reponse to: @pervognsen

@pervognsen ASAN reserves something ridiculous like 16T of virtual memory for shadow memory on x86_64 https://github.com/google/sanitizers/wiki/AddressSanitizerAlgorithm

2020-05-04 09:00 🔗 — In reponse to: @pervognsen

@pervognsen Nice trick! I was sure I had seen something similar in the Linux kernel for mapping addresses -> allocator slabs, but nah, they just have a big array for all physical pages on the system. The array element is 64 bytes...

2020-05-04 13:00 🔗 — In reponse to: @NiceMemeApollo

@NiceMemeApollo @OskSta These screenshots need a hashtag so it's easy to see them all as they pop up.

2020-05-05 13:21 🔗 — In reponse to: @RoninDey

@RoninDey @panther_modern https://twitter.com/TychoTithonus/status/1241468902216888320

2020-05-05 14:28 🔗 — In reponse to: @leonard_ritter

@paniq The worst thing about this story is that it frames the wolf as the bad guy. We humans are the ones who ACTUALLY raise and eat pigs for pleasure.

2020-05-06 22:36 🔗 — In reponse to: @andy_kelley

@andy_kelley @awesomekling Even the Linux kernel itself doesn't let its own allocations with kmalloc() fail, it prefers to sleep until memory is available! 😂😐😭 https://lwn.net/Articles/636017/

2020-05-08 09:07 🔗 — In reponse to: @pervognsen

@pervognsen I have 0 windows programming experience, but does windows not map zero pages if you pass dwNumberOfBytesToMap = file_size + 16 to MapViewOfFileEx() and this spills over into a neighbouring page?

2020-05-08 09:40 🔗 — In reponse to: @pervognsen

@pervognsen What if you use FILE_MAP_READ + PAGE_READONLY? Although there are some hints that this data wouldn't be zeroed anyway (perhaps it would read junk from the file system?)

2020-05-08 22:09 🔗

Reading the replies to this makes me realise that the Americans who don't want single payer health care are afraid of accidentally giving something away that would benefit somebody other than themselves. https://twitter.com/BernieSanders/status/1258841099407372289

2020-05-09 20:53 🔗 — In reponse to: @andy_kelley

@andy_kelley @awesomekling @elisee @waddlesplash Historically it was a lot cheaper for network server code where you'd have a main process doing a bunch of setup, then fork and independently accept new connections. Any data which isn't modified transparently shares the backing physical memory, thus saving time+memory.

2020-05-09 20:56 🔗 — In reponse to: @andy_kelley

@andy_kelley @awesomekling @elisee @waddlesplash Strictly speaking threads execute in the same address space, fork() creates a new address space where memory is not shared by default. There is no point asking the OS to call a function in the new process if you can just call it yourself directly.

2020-05-09 21:27 🔗 — In reponse to: @andy_kelley

@andy_kelley @awesomekling @elisee @waddlesplash For the network server case I mentioned, you may want the isolation you get from having separate processes, including dropping privileges, changing paths, etc., basically all the performance upsides of fork() and none of the security disadvantages of a shared context.

2020-05-11 12:12 🔗

Fun fact: you can't single-step over gettimeofday() on Linux x86_64 in gdb without getting stuck in an infinite loop. There's a sequence counter intended to insure that you don't read stale/partial data, and that updates every scheduling tick, so you will never catch up to it.

2020-05-11 12:14 🔗 — In reponse to: @vegard_no

*ensure

2020-05-11 21:48 🔗 — In reponse to: @smattrr

@smattrr @m_r_e_c_k_t This is the loop: https://github.com/torvalds/linux/blob/2ef96a5bb12be62ef75b5828c0aab838ebb29cb8/lib/vdso/gettimeofday.c#L58 that's inside #ifdef CONFIG_TIME_NS, which depends on GENERIC_VDSO_TIME_NS, which only x86 has. No idea about WSL

2020-05-12 08:25 🔗 — In reponse to: @pervognsen

@pervognsen @dotstdy This is discord running in Firefox on Ubuntu. No clue whose fault it is...

2020-05-12 10:53 🔗

It's the year 2020 and Slack and Discord still insist on putting each emoji in a separate file. The network, storage, and memory overheads are just baffling. Why not just use a sprite sheet!? Game devs figured this out DECADES ago...

2020-05-12 10:53 🔗 — In reponse to: @vegard_no

Twitter actually got it right: https://abs.twimg.com/responsive-web/web/twemoji_sprite.35868054.png

2020-05-12 11:13 🔗 — In reponse to: @dotstdy

@dotstdy 😔

2020-05-13 11:48 🔗 — In reponse to: @pervognsen

@pervognsen I thought about your use case some more, and while maybe annoying on some level, it probably wouldn't be that costly to check that the pointer you're reading is within 16 bytes of the end of the buffer, right?

2020-05-14 20:16 🔗 — In reponse to: @damageboy

@damageboy Probably not a good example of what you're looking for, but the SLUB allocator in the Linux kernel uses it to avoid taking a lock (look for cmpxchg_double): https://github.com/torvalds/linux/blob/2ef96a5bb12be62ef75b5828c0aab838ebb29cb8/mm/slub.c#L53

2020-05-15 08:30 🔗 — In reponse to: @cjdb_ns

@cjdb_ns Everybody knows that "cpp" stands for "C preprocessor"

2020-05-15 08:34 🔗 — In reponse to: @cjdb_ns

@cjdb_ns I would like to know who the other two are who voted for "cxx" so we can be friends 😅

2020-05-15 11:07 🔗 — In reponse to: @fayfiftynine

@fayfiftynine As long as you remember that snprintf() returns the number of bytes that _would have been printed_ had the buffer been big enough and NOT the number of bytes that were _actually_ printed...

2020-05-17 22:58 🔗 — In reponse to: @glaebhoerl

@glaebhoerl Assuming I understood the question correctly... for jump tables you can't easily add arbitrary new cases at run-time; the base class/interface would need to know about all its implementations. For vtables you don't need to know every possible target in advance.

2020-05-19 15:10 🔗

How to survive in post-truth society https://twitter.com/halvarflake/status/1262300286942658561

2020-05-19 23:20 🔗 — In reponse to: @johnregehr

@johnregehr You got bitten by a radioactive bug, didn't you... bug-man

2020-05-24 14:46 🔗 — In reponse to: @danvet

@danvet @tehjh The last time I tried to fix a locking issue in the tty subsystem it introduced a regression that was strictly worse than the original issue. There are some seriously nasty, deeply-seated architectural issues in the kernel. "Fix them" is "then draw the rest of the fucking owl"

2020-05-27 10:53 🔗

Protip: If you accidentally delete untracked files with "git reset" (e.g. by adding files to the index and running reset instead of unstaging them 🤦), git still has a copy of them...! git fsck --unreachable or --lost-found

2020-05-27 10:54 🔗 — In reponse to: @vegard_no

@qcasasno saved my life.

2020-05-27 20:31 🔗 — In reponse to: @MGDev91

@MGDev91 Also check this out: https://stackoverflow.com/questions/28948716/ownership-and-conditionally-executed-code Basically you may need a bit somewhere to say what variables/values have been dropped. These answers are fairly old so it could be interesting to see what has changed!

2020-05-28 11:32 🔗 — In reponse to: @bgolus

@bgolus You can also do it in a shader without atan: https://www.shadertoy.com/view/WsSBDG (based on an SDF by @iquilezles) not sure if it's faster/better.

2020-05-28 22:42 🔗 — In reponse to: @bgolus

@bgolus @iquilezles Yeah, it isn't an exact SDF. Is it visible to you in the black/white version? The inexactness should only be visible in the antialiasing and I thought that would only be a couple of pixels at most (right on the corner).

2020-05-29 14:02 🔗 — In reponse to: @gamozolabs

@gamozolabs @is_eqv Wouldn't scanning page tables for dirty bits (and saving/restoring full pages) probably be more expensive than tracking (+ rewinding) specific writes using some kind of binary rewriting (or compiler instrumentation, like @is_eqv suggested)..?

2020-05-29 22:32 🔗 — In reponse to: @gamozolabs

@gamozolabs @is_eqv I was actually thinking of just keeping a list of (addr, old value) pairs in my tweet (way up) instead of doing it on a per-page basis, then rolling back by iterating backwards and restoring the old values. I'm sure it's a stupid idea, would still be curious to know why :-)

2020-05-31 13:03 🔗

Just watch this. https://twitter.com/proustmalone/status/1266921378848165905

2020-06-03 08:26 🔗 — In reponse to: @pervognsen

@pervognsen @TWHofstee @zwegner @trav_downs tokenize() and tokenize_simd() are returning completely different results in a quick test of mine. They also both return different results from an actual "wc -w" on the same data. I think it would help to have a test file + the canonical result you're expecting to see

2020-06-03 08:35 🔗 — In reponse to: @TWHofstee

@TWHofstee @pervognsen @zwegner @trav_downs Oh, strtok() modifies the first argument 🤦I knew I had a good reason never to use this thing. Sorry, my bad.

2020-06-04 13:31 🔗 — In reponse to: @Simon_Gregg

@Simon_Gregg If you imagine it's in a 3D space then you could "move" 3 by swinging it around the symmetry line.

2020-06-05 09:47 🔗 — In reponse to: @Jonathan_Blow

@Jonathan_Blow @tom_forsyth @richard_a_sim @kenpex Any kind of alpha blending necessarily scales (multiplies) the source RGB by the alpha. Premultiplied alpha just moves this multiplication so it happens before texture sampling instead of after, hence "premultiplied".

Does "precalculated transparency" sound any better?

2020-06-08 13:40 🔗 — In reponse to: @stephenrkell

@stephenrkell @ShriramKMurthi @mpweiher @sorawee_p @jonathoda I don't know anything about OCaml, but a fundamental part of Rust safety is "aliasable XOR mutable". This is exactly what you are referencing here, right?

2020-06-10 08:24 🔗 — In reponse to: @trav_downs

@trav_downs @pervognsen You can always add -c to the command line arguments, or am I misunderstanding what you mean here..?

2020-06-10 10:02 🔗

@colinianking Good use of stress-ng 😀 https://twitter.com/blitzclone/status/1270624785911779329

2020-06-11 17:37 🔗 — In reponse to: @shachaf

@shachaf @pervognsen @dotstdy @tom_forsyth Perl has it. Not that it's really a recent language...

2020-06-14 12:01 🔗 — In reponse to: @richinseattle

@richinseattle Looks to me like it's rather the firecracker/rocket thrown at the start of the video. But I could be wrong. The one from out of frame doesn't look to me like it goes inside

2020-06-15 23:39 🔗 — In reponse to: @trav_downs

@trav_downs @pkhuong @AndresFreundTec You can figure out the running CPU on Linux x86 using the sgdt instruction, something like this: https://godbolt.org/z/_vYGzS

No idea how expensive it is, doesn't look like a serializing thing from a quick look though.

2020-06-16 08:31 🔗 — In reponse to: @AndresFreundTec

@AndresFreundTec @trav_downs @pkhuong No, you're right, I don't think so.

2020-06-16 08:46 🔗 — In reponse to: @trav_downs

@trav_downs @pkhuong @AndresFreundTec Cool, I didn't even know about the lsl instruction :-) For reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/include/asm/segment.h?id=81ff2c37f9e5d77593928df0536d86443195fd64#n254

I didn't find the LKML threads, though. Is it the rseq ones from Mathieu Desnoyers? I should probably read all of those anyway.

2020-06-19 21:17 🔗 — In reponse to: @tehjh

@tehjh Then again, if your talk is prerecorded, you could also just write the whole thing down word for word (and take as long as you want to make up the words) and go eye->mouth... zero-copy IO FTW

2020-06-22 18:44 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @Simon_Fe1 @Laxer3A @sheredom You might find this recent LWN article + comments interesting (somebody even used your "Führer" example as well): https://lwn.net/SubscriberLink/823224/6fe9ae1e7b0b1114/

2020-06-23 03:13 🔗 — In reponse to: @shachaf

@shachaf @trav_downs @geofflangdale AFAIK modern SAT solvers are extremely memory bound, you basically cannot throw enough memory bandwidth at them. Cache is pretty much useless for instances beyond a certain size, you will be jumping around in memory like crazy. Memory is still a bottleneck if you add cores

2020-06-23 03:29 🔗 — In reponse to: @vegard_no

@shachaf @trav_downs @geofflangdale The only thing I can think of for FPGA is maybe where you do a hyperthreading-like thing where you can do useful work while waiting for your memory access to come back in order to hide the memory latency (this is not real parallelism though)

2020-06-23 10:07 🔗 — In reponse to: @shachaf

@shachaf @trav_downs @geofflangdale Yeah, lots of time is spent in unit propagation (e.g. https://github.com/niklasso/minisat/blob/master/minisat/core/Solver.cc#L497 ) At least that was true ~8 years ago. That's why schemes like caching a blocked literal in the watch list (and thus avoiding chasing the clause pointer; line 518) can be so effective.

2020-06-23 10:16 🔗 — In reponse to: @vegard_no

@shachaf @trav_downs @geofflangdale And also kind of why it's important to keep the learnt clause database small, as the more clauses you have, the more work you will need to do during unit propagation. (This also kind of harks back to the relationship between time and memory complexity in complexity theory.)

2020-06-26 08:19 🔗 — In reponse to: @pervognsen

@pervognsen @bonzajplc It's pretty common (at least on Linux) to write out a new file, fsync(), then rename() it over the old filename, see e.g. https://lwn.net/Articles/789600/

That said, Thunderbird has managed to lose all my email tags a few times in the exact same way 🙄

2020-06-26 08:58 🔗 — In reponse to: @andy_kelley

@andy_kelley @pervognsen @bonzajplc Good point, I'm not quite sure now. In my mind, it was to make sure the data was all there before making it available under the new name. close(2) says: "A successful close does not guarantee that the data has been successfully saved to disk", so you really ought to always do it

2020-06-26 09:00 🔗 — In reponse to: @vegard_no

@andy_kelley @pervognsen @bonzajplc fsync(2) says: "Calling fsync() does not necessarily ensure that the entry in the directory containing the file has also reached disk." so there is some kind of disconnect between file contents and directory contents (at least I took this to mean that reordering could happen)

2020-06-28 02:48 🔗

New shadertoy, hexagonal truchet tiles https://www.shadertoy.com/view/wtXyDf

2020-06-28 17:04 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe You could also make _SAPP_XMACRO a parameter/argument to _SAPP_GL_FUNCS, then you don't have need to redefine/#undef it each time. See also https://philliptrudeau.com/blog/x-macro (Cc @phillip_trudeau)

2020-07-02 14:46 🔗 — In reponse to: @d0c_s4vage

@d0c_s4vage @is_eqv Looks great. Is there a "minimum time" that the code needs to run for perf counters to give stable/viable/usable numbers? (Or put differently: do you quantize the raw perf numbers?)

2020-07-07 09:13 🔗 — In reponse to: @andy_kelley

@andy_kelley I see it's the same everywhere :-) To cancel SFR in France I had to first call customer support, who gave me a second number to call. There I waited 20 minutes in line for a guy to give me instructions which were actually bogus. Finally you need to send a registered letter... 😔

2020-07-08 10:25 🔗 — In reponse to: @Reedbeta

@Reedbeta @bgolus Are the systems otherwise identical too? Couldn't motherboard/system RAM/bus speeds and other peripherals affect performance as well (because of contention somewhere)?

2020-07-09 07:57 🔗 — In reponse to: @QuinnyPig

@QuinnyPig @Oracle FWIW updates are still free for desktop users of Ubuntu and Fedora: https://ksplice.oracle.com/try/desktop

(I work for Oracle on Ksplice, but speak for myself.)

2020-07-11 22:11 🔗 — In reponse to: @dvyukov

@dvyukov @domenuk @openlabbott @gregkh Maybe the solution is to stop adding more features for a while. Preventing code from entering in the first place. Maybe even take some existing features out? Simplify some things.

2020-07-12 20:48 🔗 — In reponse to: @leonard_ritter

@paniq Not a physicist, but I thought molecules were held together by forces which propagate at the speed of light. Surely that must affect the speed of sound (and chemistry as well) in such fast-moving matter..?

2020-07-12 21:13 🔗 — In reponse to: @vegard_no

@paniq I forgot about the speed of light being constant regardless of the velocity of the observer, so scratch that.

2020-07-14 10:42 🔗

@grantimahara You were a big inspiration to me. Rest in peace

2020-07-16 16:08 🔗 — In reponse to: @pervognsen

@pervognsen Fixed, thanks 😔

https://en.wikipedia.org/w/index.php?title=Binary_search_algorithm&type=revision&diff=967979983&oldid=966125603

2020-07-16 21:42 🔗 — In reponse to: @linuxplumbers

@linuxplumbers @brau_ner audio start at 5:45, there are a few slides before that to look at though.

2020-07-17 07:31 🔗 — In reponse to: @mattgodbolt

@mattgodbolt The CircleMUD documentation was SO GOOD for people who wanted to learn. Look at this! https://www.circlemud.org/cdp/hacker/hacker.ps

2020-07-19 07:48 🔗 — In reponse to: @bgolus

@bgolus Great post :-) Since you didn't mention geometry shaders in the post, I would be curious to hear if you considered that approach. A quick search found this: http://pietervantorre.com/wp-content/uploads/2013/08/GeometryShader.pdf there are obvious problems with creases/corners, but it seems like it should be solvable

2020-07-19 07:49 🔗 — In reponse to: @vegard_no

@bgolus (e.g. by outputting quads at the line endpoints, which you can then fill/antialias using a disc SDF)

2020-07-19 22:44 🔗

New #shadertoy: Impact crater https://www.shadertoy.com/view/wljcRd

2020-07-20 11:38 🔗 — In reponse to: @kenpex

@kenpex I would have loved to see the exact operations/inputs that produce different results, like a standalone test-case. I'm guessing you can see the problem with just a handful of lines of code

2020-07-20 14:13 🔗

Finally figured out why my new 2Mbit/s fiber kept stalling for 30 seconds at a time every few minutes. Turns out the AP exposed two BSSIDs and my laptop was silently switching between them every 2 minutes... 🤦

Seems to be this exact issue from 2017: https://bugzilla.redhat.com/show_bug.cgi?id=1471126

2020-07-21 20:41 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe https://clips.twitch.tv/SuperManlyDaikonHassaanChop

2020-07-24 08:02 🔗 — In reponse to: @glaebhoerl

@glaebhoerl Three arrays: 1) stack of variables, 2) stack of scopes (indices into array 1); 3) hashtable mapping name to indices into array 1. Each variable has a "next" pointer/index so that if you hash and look up a name in the hashtable you'll find the most recent definition of that name

2020-07-24 08:05 🔗 — In reponse to: @vegard_no

@glaebhoerl ...Follow the "next" pointer and you'll get the next most recent definition, etc. The stack of scopes means you can just pop one element from it and you'll get the number of variables you need to pop from the stack of variables.

2020-07-24 08:08 🔗 — In reponse to: @vegard_no

@glaebhoerl (The top element of the stack of scopes would generally give you a list of all the variables in the current scope.)

Array 1 would contain all your stuff like full variable name, source location, memory location/type, etc.

Twitter is probably not the best place to explain this.

2020-07-24 10:41 🔗

This is extremely impressive. "Jumble burst" has about 260 hits on Google, but none of them look relevant, so it seems this might really be 100% original. It also makes sense, I will definitely incorporate this phrase in my vocabulary. https://twitter.com/jonathanfly/status/1286565074564534272

2020-07-24 13:56 🔗 — In reponse to: @glaebhoerl

@glaebhoerl Yes, you need to remove the entries. If you use a doubly linked list you can do it in O(1), although it should typically (always?) be the first element in its hash bucket.

Host stack is a good idea...

Shadowed variable lookup could maybe be useful for diagnostics or debugging.

2020-07-24 13:58 🔗 — In reponse to: @vegard_no

@glaebhoerl (My comment about shadowed variables/next most recent definition was more to show that there is an order to the elements in a given hash bucket. Obviously you'd also have to check that the name matches before using anything you find in there.)

2020-07-27 07:51 🔗 — In reponse to: @Alphonse86

@Alphonse86 @AlanZucconi The author of "Creatures" is working on a modern remake in 3D. It's been in the works for 9 years, I've played a demo build of it, and the last devlog update was May 29.

http://grandroids.net + https://www.kickstarter.com/projects/1508284443/grandroids-real-artificial-life-on-your-pc/description

2020-07-28 08:47 🔗 — In reponse to: @colinianking

@colinianking Makes sense to fix before it's merged in mainline (or before too much work takes place on top in any case), but it's a real pity to lose the attribution. Did you take it up with Al directly?

2020-07-28 08:48 🔗 — In reponse to: @vegard_no

@colinianking One possible (general) argument would be: Losing attribution turns contributors off from fixing things before they hit mainline, which is a net loss for everybody else.

2020-07-28 10:17 🔗 — In reponse to: @AlanZucconi

@AlanZucconi Oh, that's hard to say in a tweet :-) The world is large and amazing for sure, there is a LOT to discover there. I'll add a few screenshots from my playthrough.

2020-07-28 10:21 🔗 — In reponse to: @vegard_no

@AlanZucconi As for the animals themselves, on the one hand it was a bit unclear what they needed or how we could communicate, but I expect it would take a lot more than half an hour to figure that out and I'm sure a beginner's guide would go a long way for using the tools you see here

2020-07-28 10:29 🔗 — In reponse to: @vegard_no

@AlanZucconi The animals walk around on their own and do a lot of things like sitting down, eat/drink, sleep, and make inscrutable sounds. One really fun thing that I noticed is that other people on the forum seem to have completely different experiences with their animals, so they really

2020-07-28 10:30 🔗 — In reponse to: @vegard_no

@AlanZucconi ...have different personalities and do different things depending on how you interact with them. You can also pick them up and move them around, you can see the world from their perspective, and I'm fairly sure there is a brain scanner tool (although I didn't find it).

2020-07-28 10:33 🔗 — In reponse to: @vegard_no

@AlanZucconi I know that Steve has put a lot of thought and work into making the behaviours "bottom up", so when you see them walk it's not just a preloaded animation, they actually "think" (in a manner of speaking) to keep their balance. That's one of the really promising things here

2020-07-29 11:24 🔗 — In reponse to: @andy_kelley

@andy_kelley apparently gcc does it https://godbolt.org/z/ffxKGY

2020-07-29 11:29 🔗 — In reponse to: @andy_kelley

@andy_kelley Ah, is it just because it doesn't want to destroy %rdi or something? https://godbolt.org/z/8fasja (also note the order of the comparisons!)

2020-07-30 12:14 🔗 — In reponse to: @dvyukov

@dvyukov @colinianking @gregkh Have you considered allowing people to comment (or vote) on bugs directly on the appspot page without going through a mailing list? That might make it easier to coordinate efforts to analyze/fix.

2020-07-30 15:40 🔗 — In reponse to: @smdiehl

@smdiehl Are you missing a word here? "And again in the 80s with the rise of boiler rooms that would massive volumes of penny stocks"

2020-07-31 08:13 🔗 — In reponse to: @gamozolabs

@gamozolabs @halvarflake Not saying this is your answer, but my observation is that AFL fully explores all mutations of a single testcase before moving on to the next (due to the queue), which makes it slower than it has to when new code paths are easy to discover. Testcase size is also a big factor

2020-07-31 08:24 🔗 — In reponse to: @gamozolabs

@gamozolabs @halvarflake No, is that what you're using here? When I was using AFL I often used to start out with half an hour of quick-and-dirty just to seed the corpus and get up and running faster.

2020-08-01 13:18 🔗 — In reponse to: @ladyaeva

@ladyaeva @FioraAeterna Tourtel Twist "is a non-alcoholic beer-based drink", not sure to what degree it counts as alcohol-free beer, though. I like it a lot, perfect for a hot summer. Not sure if it exists outside France...

2020-08-03 15:10 🔗 — In reponse to: @dvyukov

@dvyukov @colinianking @gregkh IMHO email is not nice for browsing syzkaller reported issues because emails don't update so you have to dig to find replies/fixes/current status. And if you wanted to add a comment, you would have to either search for the email or download it before you can reply. It's tedious

2020-08-03 15:58 🔗 — In reponse to: @dvyukov

@dvyukov @colinianking @gregkh It's not syzkaller-specific, and also it's not a syzbot problem, but an email problem. I love the appspot interface for being easy to use/browse/sort/search/whatever (not to mention that it updates dynamically); email is not.

2020-08-07 22:44 🔗 — In reponse to: @bigevilboss

@bigevilboss Almost same thing happened to me the other day. Took a new battery out of the pack, inserted it in a toy (and yes, double checked polarity), noticed it getting really hot, so I took it out and ran outside with it. It kept hot for at least 10 minutes. Still not sure what happened.

2020-08-09 13:15 🔗 — In reponse to: @TheGingerBill

@TheGingerBill @paniq Latin is _much_ easier to understand for native speakers of romance languages (Italian, French, Spanish, Romanian, Portuguese).

2020-08-12 07:39 🔗 — In reponse to: @TychoTithonus

@TychoTithonus @lakiw You mean... playpentester

2020-08-12 07:44 🔗 — In reponse to: @TychoTithonus

@TychoTithonus @lakiw True, my bad.

2020-08-16 08:14 🔗 — In reponse to: @shachaf

@shachaf @JeffDean There was an old paper (2001) that tried to infer passwords typed over SSH using inter-keystroke timing information:

https://people.eecs.berkeley.edu/~daw/papers/ssh-use01.pdf

(this obviously does not take audio into account, but you _can_ extract the timing info from an audio recording)

2020-08-16 08:39 🔗 — In reponse to: @andy_kelley

@andy_kelley I liked your post, just wanted to note that when you say they were "duped" it sounds a bit like an excuse, like you're not holding them responsible. I think both are true: the environment is largely to blame, but these people are still responsible for their own actions.

2020-08-16 12:20 🔗

Is it weird to worry about whether this was blended in linear RGB or sRGB? https://twitter.com/simongerman600/status/1294574813390962690

2020-08-18 19:08 🔗 — In reponse to: @stephenrkell

@stephenrkell There is https://github.com/pervognsen/bitwise by @pervognsen although the project is on hold for now

2020-08-21 19:08 🔗 — In reponse to: @LucasVB

@LucasVB @paniq Codist

2020-08-21 23:04 🔗 — In reponse to: @ekuber

@ekuber I watched your talk with my 2-year-old and the "wed cwab!!" slide was definitely a highlight 👍

2020-08-23 12:17 🔗 — In reponse to: @axboe

@axboe It's bizarre that he chooses this hill to die on where there are so many worse things going in all the time and nobody bats an eye. Complicated patches with no changelog, no explanation, no discussion, no reviews. Imagine the same energy directed towards improving all that

2020-08-23 21:29 🔗 — In reponse to: @TychoTithonus

@TychoTithonus How about "PREEsentation"

2020-08-24 07:52 🔗 — In reponse to: @mattgodbolt

@mattgodbolt Have you looked at the difference in generated assembly code, by any chance? 🤓

2020-08-25 17:47 🔗

Part 1 of my blog series about #fuzzing the #Linux x86 entry code is out! This is not a syscall fuzzer, but targets the bits of assembly code that handle #kernel/userspace transitions.

https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2c-part-1-of-3

2020-08-25 17:51 🔗 — In reponse to: @vegard_no

I've tried to make it accessible for people who don't necessarily know a lot of the details of x86, syscalls, kernel ABI, etc. The full code (~800 LOC) will be made available and is hackable if people are interested in trying stuff out.

2020-08-26 10:27 🔗 — In reponse to: @leonard_ritter

@paniq Personally I'm missing the exploding pyrotechnics in the background when she says "is yet... to come !"

2020-08-26 17:31 🔗 — In reponse to: @vegard_no

Here's part 2, where we dig into changing more flags, the stack pointer, segment registers, debug registers, and look at various ways to enter the kernel: https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2C-part-2-of-3

2020-08-27 12:26 🔗 — In reponse to: @pervognsen

@pervognsen You can also fairly easily use "point sampled antialiased textures" AKA "pixel art filtering" (NOT nearest neighbour or linear interpolation):

https://www.shadertoy.com/view/ldlSzS by @mmalex

https://www.shadertoy.com/view/ltBfRD by @bgolus

(Thanks @tom_forsyth for digging these links up originally.)

2020-08-27 19:09 🔗 — In reponse to: @vegard_no

Part 3; a few odds and ends. I try to cover some quality-of-life improvements to the fuzzer, maximising the probability of hitting bugs, tips on how to run it, and the possibility of using code coverage feedback: https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2c-part-3-of-3

2020-08-27 21:54 🔗

"Kernel documentation" by Jon Corbet at #LinuxPlumbers #LPC2020

https://youtu.be/Km6yiF32L4I?t=3662

2020-08-29 13:17 🔗 — In reponse to: @mmalex

@mmalex emergent complexity (not German though)

2020-08-29 14:38 🔗 — In reponse to: @dgregor79

@dgregor79 Is it a bigger barrier than learning internal APIs and coding conventions, configuring and building the kernel, installing it, booting your build in a test environment? Setting up a debugger? I honestly find it strange that email gets singled out here.

2020-08-30 14:27 🔗

In school we learn this poem, written in 1937, warning of the dangers of the rise of Hitler and Nazi Germany. It's oddly prescient when you consider everything that was only uncovered after the war. Here's a translation: https://gist.github.com/vegard/96918be888ef0a583ebd45fbd5cf5e97 https://twitter.com/ainmosni/status/1299953987509252097

2020-08-30 14:28 🔗 — In reponse to: @vegard_no

Seeing what's going on in the US right now, and reading this poem, sends chills down my spine.

2020-08-30 14:32 🔗 — In reponse to: @vegard_no

(There is an older translation of this poem that is arguably better, as it preserves the rhythm and rhymes of the original. I went for a more direct translation in order to convey the message as clearly as possible.)

2020-08-30 21:36 🔗 — In reponse to: @david_m_stone

@david_m_stone @dgregor79 It feels arbitrary. Is having a github account not a barrier to contributing to projects that are run on github? Why is this so different? What is it about email that makes people so angry? The process is well documented. By your metric, anything can be a barrier if you want it

2020-08-31 08:07 🔗 — In reponse to: @david_m_stone

@david_m_stone @dgregor79 So I agree that if you already know how to use GitHub, then GitHub may be easier to use. But this is kind of self-evident. What I don't like is when people start calling others "gatekeepers" simply for having a preference that is different from their own.

2020-08-31 12:21 🔗

If you want to get into #Linux #kernel development but don't know where or how to start, send me a DM or email (vegard.nossum @gmail.com), I will answer everybody.

2020-08-31 13:28 🔗 — In reponse to: @dadideo

@dadideo @hervenicol Not really, but I would say it definitely helps to be a Linux user (any distro) and also to know Linux userspace C programming!

2020-08-31 13:39 🔗 — In reponse to: @dadideo

@dadideo @hervenicol K&R is a classic, but I'm not sure I would necessarily recommend it (at least my edition is a bit out of date). I would probably look for a tutorial online and try to build stuff. You can learn a lot by experimentation/doing, and then reading "on demand" or to fill in the gaps.

2020-08-31 13:47 🔗 — In reponse to: @DevAbdellatif

@DevAbdellatif @LlnuxBot What you say is true if you are building your own kernel from scratch. For the Linux kernel I actually recommend sticking with C and using kvm for testing, it's much easier and faster than installing/booting on real hardware. (For device driver devel you need real hw though.)

2020-08-31 14:16 🔗 — In reponse to: @penberg

@penberg @dadideo @hervenicol @rlove This book is from 2010, how relevant would you say that is today? (I don't have it myself, so I have no idea! I just imagine a lot would have changed since then.)

2020-08-31 22:21 🔗 — In reponse to: @david_m_stone

@david_m_stone @dgregor79 Yeah, that is a shitty sentiment. But has anybody in the kernel community actually said that? Or is it just online trolls playing people up against each other?

2020-08-31 23:47 🔗 — In reponse to: @BreeNewsome

@BreeNewsome Yes, check out this Norwegian poem published in 1937 about the threat from Nazi Germany: https://twitter.com/vegard_no/status/1300047539987714049 The signs are too similar to ignore, it gives me chills.

2020-09-01 07:50 🔗 — In reponse to: @0xmpe

@0xmpe @kernellogger @olofj @DaveAirlie @_msw_ @khilmatic My pipe dream is having a self-contained project that provided all the compilers and a bunch of preconfigured qemu machines and the option to run the kernel's self tests, LTP, stress-ng, syzkaller, etc. across a fleet of machines and it would respond to git pushes.

2020-09-01 07:52 🔗 — In reponse to: @vegard_no

@0xmpe @kernellogger @olofj @DaveAirlie @_msw_ @khilmatic Companies could set up their own individual CI systems which would just be running instances of this project, which would take the pressure off any one individual/company to provide CI for everybody.

2020-09-01 07:56 🔗 — In reponse to: @olofj

@olofj @0xmpe @kernellogger @DaveAirlie @_msw_ @khilmatic Nice! Yeah, setup needs to be easy. Is there no way to provide a "binary release" (AKA "docker image", I suppose) of your project so that it's just download + run?

2020-09-01 08:00 🔗 — In reponse to: @vegard_no

@olofj @0xmpe @kernellogger @DaveAirlie @_msw_ @khilmatic I agree this would not be for one-off contributors. How difficult would it be to convince one of the large companies (Intel, Google, ...) to run a public instance of this thing? (I mean, 0day and syzkaller kinda already do/did already, but doing every LKML patch doesn't scale.)

2020-09-01 13:01 🔗

I did a little writeup that should cover most of the points that people who contacted me so far had questions about: https://gist.github.com/vegard/22200a9f91af138a99ae22a9b814a9a4

Just want to also add that this is just my point of view, I'm not an authority by far! https://twitter.com/vegard_no/status/1300378149113466883

2020-09-01 14:09 🔗 — In reponse to: @brau_ner

@brau_ner @0xmpe A lot of kernel dev these days is done on behalf of companies. I'm not surprised that companies prioritise their own changes/features over reviewing changes made by competitors. There is just no immediate incentive...

2020-09-01 14:15 🔗 — In reponse to: @vegard_no

@brau_ner @0xmpe It's really messed up that those who actually probably do the most code/patch reviews are the people who build and sell exploits; THEY have an incentive to do reviews. Even worse, it's in their interest to keep the defects they find from being discovered by others.

2020-09-03 12:00 🔗 — In reponse to: @vegard_no

@roddux Thanks, should be fixed now!

2020-09-04 16:12 🔗 — In reponse to: @geofflangdale

@geofflangdale @tekknolagi GCC seems to call them "quarter register mode (QImode) of a register" (alternatively, "high" and "low" registers):

https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html#x86-Operand-Modifiers

https://gcc.gnu.org/onlinedocs/gccint/Machine-Modes.html

2020-09-07 12:05 🔗 — In reponse to: @SebAaltonen

@SebAaltonen Is this not it..? https://www.shadertoy.com/view/4sS3zz by @iquilezles

2020-09-10 07:56 🔗 — In reponse to: @AbnerCoimbre

@AbnerCoimbre @rygorous @handmade_seattl Bailing out a failing corporation is the equivalent of allocating more buffer space for a queue that is full 🤔

2020-09-11 16:08 🔗 — In reponse to: @damienmiller

@damienmiller @SchmiegSophie damienmüller, perhaps.

2020-09-11 20:50 🔗 — In reponse to: @pati_gallardo

@pati_gallardo This is an incredibly long, but very important article that I believe explains some of what we're seeing right now: https://www.theatlantic.com/magazine/archive/2020/03/the-2020-disinformation-war/605530/

Basically: targeted disinformation campaigns.

2020-09-11 20:54 🔗 — In reponse to: @vegard_no

@pati_gallardo Also check out this whole thread: https://twitter.com/TychoTithonus/status/1241005318546419712

2020-09-13 11:14 🔗 — In reponse to: @johnregehr

@johnregehr @samth @mgrnbrg @JAldrichCMU @xexd @jeffbigham @ShriramKMurthi @HilaCodes @bernpton @rfindler @sigchi I used tikz + pdflatex + pdftocairo + rsvg-convert to get svg figures in my latest HTML blog post 🤪

2020-09-13 14:54 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @hogesonline @guzdial Even worse (at least at my uni), we were taught that the "waterfall method" (i.e. "plan, then execute") is obsolete and universally leads to failure; no, agile is the only answer, where you just start doing something (anything, really!) and ask your user/customer for feedback.

2020-09-13 15:01 🔗 — In reponse to: @vegard_no

@ShriramKMurthi @hogesonline @guzdial (Just to be clear, my problem with this is not that the waterfall method for developing large software systems is discouraged, but that it makes it sound like planning and design is always bad, at any scale.)

2020-09-13 15:33 🔗 — In reponse to: @Franrekk

@Franrekk I know this is not quite what you were trying to show, but I was nevertheless inspired to do an interactive "rounded corner analytic antialiasing demo": https://www.shadertoy.com/view/wlSfW3

Click and drag to change the corner radius. Shows pixel/vector versions side by side.

2020-09-14 07:43 🔗 — In reponse to: @andy_kelley

@andy_kelley Hmmmm, I'm confused. Can you link your exact email message you sent (using http://lore.kernel.org )? The last email I see from you is from Feb 2018, somehow that feels like a bit more than "a few months back".

2020-09-14 07:47 🔗 — In reponse to: @vegard_no

@andy_kelley Typically you would not send a message only to LKML (since basically nobody reads it anymore); you have to Cc all the people who were involved in the previous discussions (Omar, Miklos, Linus, Randy) and probably Al Viro (VFS maintainer) as well.

2020-09-14 09:41 🔗 — In reponse to: @andy_kelley

@andy_kelley Looks like there were no objections to v2 per se (like Omar also pointed out in the last reply to you) and Al needs a ping + second look.

2020-09-14 15:21 🔗 — In reponse to: @seanbax

@seanbax See also: strfry()

🤪

2020-09-16 08:05 🔗 — In reponse to: @srostedt

@srostedt https://twitter.com/vegard_no/status/1265566810683957249

2020-09-16 15:57 🔗 — In reponse to: @srostedt

@srostedt I swear I got filenames back when I did it, but there are lots of posts saying you can't. Seems to maybe depend on exactly what 'git reset' command you ran 😔

2020-09-18 13:32 🔗 — In reponse to: @paxteam

@paxteam Probably not what you're referring to, but it's a bit funny that the stated goal is to move code out of assembly, yet the new code is also written in assembly.

2020-09-18 15:28 🔗 — In reponse to: @pervognsen

@pervognsen Aren't most captchas there to prevent brute forcing or mass account creation? Shouldn't you have another mechanism to detect and/or stop those anyway? To me it seems like captchas are just papering over another existing security deficiency...

2020-09-22 12:18 🔗 — In reponse to: @mkolsek

@mkolsek @mikko @VessOnSecurity MS-DOS TSRs typically hooked interrupts (e.g. keyboard int) to reactivate themselves, this should have been well known in the early 80s..? maybe https://groups.google.com/forum/#!topic/net.micro.pc/vDZFBq-WIgg (int 21h, 25h is "set interrupt vector")

2020-09-23 13:08 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe I've also noticed more people doing this (keeping hundreds of tabs) and heard people talk about it in the last couple of weeks. There's probably a more useful product/feature/UI model hiding here that hasn't been fully explored yet.

2020-09-24 12:27 🔗 — In reponse to: @tekknolagi

@tekknolagi The Linux kernel uses this to implement build-time assertions, BUILD_BUG_ON():

https://github.com/torvalds/linux/blob/c9c9e6a49f8998e9334507378c08cc16cb3ec0e5/include/linux/compiler_types.h#L296 + https://github.com/torvalds/linux/blob/c9c9e6a49f8998e9334507378c08cc16cb3ec0e5/include/linux/compiler-gcc.h#L71

2020-09-25 23:06 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu I believe this shows why pointer arithmetic was such a useful feature to start with, e.g.: https://godbolt.org/z/5oezYd It's nice to have it wrapped up in a safe (and less verbose!) interface, but I see too many criticisms of pointer arithmetic when it's still there in the background.

2020-09-27 22:32 🔗 — In reponse to: @troy_s

@troy_s Dunno if this is either lightning fast or not common knowledge, but have a look? https://github.com/pmttavara/pt_math/blob/4ab395de439906b109bd6b365c17c979e8e48ce8/pt_math.h#L243 (by @phillip_trudeau)

2020-09-29 10:24 🔗

TIL names constructed by ## can be expanded as macros by the C preprocessor 🤯 https://twitter.com/s0x/status/1310559863659995138

2020-09-30 10:29 🔗 — In reponse to: @rygorous

@rygorous Norwegian Excel has HVIS/OG/ELLER for IF/AND/OR, so definitely not just big languages if that's what you meant by "major translations".

2020-09-30 23:31 🔗 — In reponse to: @_zombiezen_

@_zombiezen_ I believe this is called "fault injection" in the Linux kernel

2020-10-01 11:19 🔗 — In reponse to: @mrkkrj

@mrkkrj gcc added the "cleanup" attribute in 2003: https://github.com/gcc-mirror/gcc/commit/7acb29a3d9e072c65c26e582d4f4204dcf232d4a

This attribute allows you to call a function when a variable goes out of scope. Documented here: https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html

2020-10-03 14:44 🔗

I just ran a kernel build on my laptop because I was freezing. It worked; I got warm.

2020-10-03 17:40 🔗 — In reponse to: @actualGraphite

@actualGraphite Nikola seems pretty nice.

2020-10-05 08:53 🔗 — In reponse to: @larkmjc

@contramork For ldd itself (or for build logs or whatever), you can use this is as a workaround:

setarch $(uname -m) -R ldd /bin/bash

Obviously doesn't work for load tracing without also disabling ASLR altogether (which may or may not be acceptable depending on your use case).

2020-10-05 09:12 🔗 — In reponse to: @larkmjc

@contramork For ldd, it looks like a side effect of using LD_TRACE_LOADED_OBJECTS behind the scenes; from the man page: "In the usual case, ldd invokes the standard dynamic linker (see http://ld.so (8)) with the LD_TRACE_LOADED_OBJECTS environment variable set to 1."

2020-10-05 09:13 🔗 — In reponse to: @vegard_no

@contramork Also really interesting: Be aware that in some circumstances [...], some versions of ldd may attempt to [...] directly execute the program, which may lead to the execution of whatever code is defined in the program's ELF interpreter, and perhaps to execution of the program itself

2020-10-05 15:52 🔗

Well, somebody's clearly on steroids.

2020-10-06 08:34 🔗 — In reponse to: @colinianking

@colinianking If you know the fix, you can cherry-pick --no-commit the patch that fixes it before building/running instead of skipping. Not totally convenient (especially if you need multiple fixes), but totally worth it in my experience.

2020-10-07 08:32 🔗 — In reponse to: @leonard_ritter

@paniq Not quite the same, but I remember reading this Scrooge McDuck story as a child: https://en.wikipedia.org/wiki/A_Financial_Fable

I think the moral of the story is that whoever continues working will eventually amass more wealth than those who don't (I obviously don't know if this is accurate IRL).

2020-10-07 09:33 🔗 — In reponse to: @vegard_no

@paniq Answering your deleted replies, I genuinely thought you would appreciate the link to the story (and perhaps even the story itself). I think it's great that there exist stories for children that teach economic thinking and that touch on the topic you are pondering (UBI).

2020-10-07 09:52 🔗 — In reponse to: @leonard_ritter

@paniq Alright, I'm sorry I offended you. Honestly, I meant no harm. I brought this up as something fun, light-hearted, that reaches the same conclusions you did. I'll just not reply in the future.

2020-10-07 09:54 🔗 — In reponse to: @leonard_ritter

@paniq Yeah, I'm fine.

2020-10-07 10:06 🔗 — In reponse to: @leonard_ritter

@paniq Alright, I guess my intentions were not clear. I was not arguing a political point, I don't think that everything has to be political or seen through a political lens.

I have not read the book, but I am somewhat familiar with debt, inflation, hard money, etc.

2020-10-08 17:42 🔗 — In reponse to: @embeddedgus

@embeddedgus Also check out Duff's delimiter: https://twitter.com/jckarter/status/1238669170767585280 (named by @johnregehr)

2020-10-09 20:03 🔗

I'm giving a talk on parallelism/concurrency in the Linux kernel at Handmade Seattle (Independent Low-Level Programming Conference) on Nov 15.

Check out the rest of the schedule and the talks from last year: https://www.handmade-seattle.com/

Hope to see you in the chat!

2020-10-10 21:44 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @jckarter What happens if you allocate the max number of bytes that can be safely allocated and then call a function? 🤔

2020-10-12 21:07 🔗 — In reponse to: @troy_s

@troy_s Got some examples/links to more in-depth info? (Especially for a beginner...)

2020-10-16 08:07 🔗 — In reponse to: @glaebhoerl

@glaebhoerl One likely suspect could be too much caffeine.

Drinking coffee after about 4 PM is really problematic for me if I want to sleep before midnight.

Seriously, it's a drug, treat it as such. No more than 2 cups/day. (And don't quit cold turkey.)

2020-10-16 17:01 🔗 — In reponse to: @DrSlem

@DrSlem @ferristweetsnow Going for a drive, then? Watch out for speed bumps...

2020-10-16 20:21 🔗

I'm often unhappy with the stuff I make, this #shadertoy is one I am pretty happy with:

https://www.shadertoy.com/view/3d3yDS

Not exactly #pixelart, but close.

2020-10-17 09:29 🔗 — In reponse to: @kees_cook

@kees_cook @dvyukov Even if it's not a buffer overflow today it's still UB so technically anything can happen when triggered. Newer compilers could produce vulnerable machine code that doesn't do what you would intuitively expect by looking at the source.

2020-10-17 14:03 🔗 — In reponse to: @tehjh

@tehjh @dvyukov @kees_cook I don't know if it's just UBSan that has 0 and 1 hard coded, but you can play with this example (Clang) and see that it only really complains for lengths >=2: https://godbolt.org/z/b9fhGY

GCC prefers no length (which is distinct from lengths 0 and 1): https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html

2020-10-19 07:46 🔗 — In reponse to: @johnregehr

@johnregehr @BruceDawson0xB This is probably obvious, but have you tried launching each Z3 process on its own core using taskset? The right pic is how it looks when I start a fuzzer without binding to a specific core because the scheduler is moving the processes around like crazy.

2020-10-21 12:08 🔗 — In reponse to: @damageboy

@damageboy strace -k, seems like you could post-process that with a Python script pretty easily to get the stats you want.

2020-10-25 14:55 🔗 — In reponse to: @is_eqv

@is_eqv @gamozolabs @tklengyel I used to think the value in finding bugs was being able to fix them (before a bad actor would find it and exploit it).

I'm not sure how true this is anymore, especially considering things like the tip of the iceberg paper: https://dl.acm.org/doi/10.1145/3406112

2020-10-26 11:11 🔗 — In reponse to: @martin_cohen

@martin_cohen Here are two discords that I know about:

https://discord.gg/Q3QCe2P

https://discord.gg/gS3gunB

Not sure it's what you want, but could be worth having a look?

2020-10-27 20:12 🔗 — In reponse to: @johnregehr

@johnregehr @dvyukov @sirzeitgeist Once a bug has been found it doesn't really make much sense to keep it secret either. Most bug systems fortunately have a way to set priorities (or categorise bugs as being less important, if synthetic fuzzer-found bugs are considered less important).

2020-10-28 09:20 🔗 — In reponse to: @pervognsen

@pervognsen Reminds me of the trick where you compare a function pointer to a known function and if equal you call that function directly instead of going through the pointer.

2020-10-28 09:43 🔗 — In reponse to: @dotstdy

@dotstdy @pervognsen Did not see, but that's 🔥 Now that in turn reminds me of the spinlock trick where you use a regular non-atomic load to check if the lock is free before you issue the atomic operation as a way to prevent unnecessary cacheline bouncing...

2020-10-29 21:01 🔗 — In reponse to: @colinianking

@colinianking @kees_cook Maybe you could add a tracepoint in the kernel and then have stress-ng enable it + set ftrace_dump_on_oops? trace_printk() has helped me SO MUCH in the past.

2020-10-29 22:18 🔗 — In reponse to: @conor64

@conor64 Doesn't it seem odd to resign rather than fight for his "contractual rights" in court?

2020-10-29 22:51 🔗 — In reponse to: @conor64

@conor64 I get that it's not as easy as "just sue". But if the reason he no longer wants to work there is that they are not upholding his contract, then I would say: yes, absolutely, that would seem worthwhile. To me it looks like a glaring omission to not even consider the possibility.

2020-11-01 17:41 🔗 — In reponse to: @is_eqv

@is_eqv @halvarflake @Steve_Casselman If you replace all of the internal state bits of a hash function by real-valued variables it is near trivial to solve it as a set of linear equations. Constraining to 0/1 makes a huge difference, just like how integer linear programming is NP-hard when plain old LP is polynomial.

2020-11-01 17:42 🔗 — In reponse to: @vegard_no

@is_eqv @halvarflake @Steve_Casselman (And the reason I say this is because you were talking about gradients -- maybe you had a different thing in mind, though.)

2020-11-08 01:20 🔗 — In reponse to: @mckaycoppins

@mckaycoppins So... this was an answer to you? https://twitter.com/ScottAdamsSays/status/1325158141986697217

2020-11-08 02:59 🔗 — In reponse to: @ID_AA_Carmack

@ID_AA_Carmack @tom_forsyth @paniq I can recommend "Creation: Life and how to make it" by Steve Grand ( @enchantedloom)

2020-11-11 14:33 🔗

I am usually not this pessimistic, but it could not be much clearer now: Trump has ZERO intention to step down from the presidency on Jan 20. This is extremely concerning. European leaders, I sure hope you have a contingency plan in place. @EmmanuelMacron @erna_solberg

2020-11-11 16:17 🔗 — In reponse to: @johnregehr

@johnregehr @creduce So it wasn't a response to this? https://twitter.com/pkhuong/status/1325826079483965440 The timing is suspicious...

2020-11-14 18:20 🔗

Handmade Seattle 2020 (low-level programming conference) is live! Stream + schedule at http://handmade-seattle.com

2020-11-17 11:44 🔗

@OskSta found a real life townscaper https://twitter.com/OSaumarezSmith/status/1328402936527990785

2020-11-19 10:01 🔗

@hamish_todd @enchantedloom https://twitter.com/karpathy/status/1329286184841793536

2020-11-19 13:41 🔗

Hi to my new followers :-) (Thanks, @domenuk!) If you came here for fuzzing stuff, here are some past writeups:

AFL+Linux filesystems: https://lwn.net/Articles/685182/

AFL+OpenSSH: http://www.vegardno.net/2017/03/fuzzing-openssh-daemon-using-afl.html

gcc/clang: http://www.vegardno.net/2018/06/compiler-fuzzing.html

Linux x86 entry code: https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code,-part-1-of-3

2020-11-23 18:31 🔗 — In reponse to: @johnregehr

@johnregehr @ciphernyx I was playing around with SAT solving for the kconfig language (Linux kernel configuration) some years ago and even with tens of thousands of variables solving was always very fast (basically instant, <1s).

2020-11-23 18:33 🔗 — In reponse to: @vegard_no

@johnregehr @ciphernyx The bigger problem was more that you'd get spurious stuff enabled because nothing prevented it from getting set (unless you specifically said no to it) and the solver was a bit of a black box...

2020-11-24 08:51 🔗 — In reponse to: @johnregehr

@johnregehr Since nobody seems to have mentioned this, you may be able to create a cgroup with a process limit on it. It's a bit weird since hitting the limit will make fork() return an error. Anyway, check the first example here: https://www.kernel.org/doc/Documentation/cgroup-v1/pids.txt

2020-11-25 07:35 🔗 — In reponse to: @NedWilliamson

@NedWilliamson @CodeColorist This is clearly against the TOS and EULA: https://support.activision.com/call-of-duty-warzone/articles/call-of-duty-warzone-security-and-enforcement-policy

2020-11-25 08:42 🔗 — In reponse to: @NedWilliamson

@NedWilliamson @CodeColorist Given the widespread cheating in this type of games they are pretty much forced to crack down on RE, security research or not (how could they tell the difference, anyway?). The only way I see it working is if you sign an NDA up front.

2020-11-25 10:12 🔗 — In reponse to: @damageboy

@damageboy swiss army knife..?

2020-11-25 15:58 🔗 — In reponse to: @Tom_Ruen

@Tom_Ruen This reminds me of clipo/stickle bricks.

2020-11-25 23:27 🔗 — In reponse to: @pati_gallardo

@pati_gallardo @kode24no Takk, bra opplegg👍 Artig å høre at du kommer fra Ifi👊

2020-11-26 11:43 🔗 — In reponse to: @trav_downs

@trav_downs @pervognsen Based on https://github.com/torvalds/linux/blob/master/mm/swap.c#L508 it looks to me like pages which are _not_ mapped are potentially reclaimed faster. But I'm not an expert and it's kinda hard to follow...

2020-11-27 16:08 🔗 — In reponse to: @SebAaltonen

@SebAaltonen Assume all cube coords are +/-1. For each transformed (unprojected) X,Y,Z, you calculate its max/min using sign() on the relevant matrix entries. Then you use (minX,minY)/maxZ and (maxX,maxY)/minZ as your corner coords? Maybe...

2020-11-30 22:54 🔗 — In reponse to: @mike_acton

@mike_acton This is why I hate it when people claim there's no room for anecdotes in science. Sure, anecdotes don't prove anything, but can be great as seeds for actual studies. We need these sparks to get the real science ball rolling.

2020-12-01 13:33 🔗 — In reponse to: @__phantomderp

@__phantomderp For preprocessor embed: "Part of this is endemic to the compiler: the preprocessor demands that tokens be" ...be what!? 😛 And this one appears several times: "an comma"

Also, the godbolt links don't really work (e.g. https://godbolt.org/z/yJPtKT ), maybe @CompileExplore knows?

2020-12-02 08:06 🔗 — In reponse to: @Digital_Cold

@Digital_Cold @NedWilliamson @CodeColorist All of these games are fundamentally "hackable", in the sense that if you understand the protocol then you are able to cheat in the game. I agree using the EULA isn't going to stop hackers. But it's also not an argument to say "the bad guys can do it, so we should be able to too"

2020-12-03 10:14 🔗 — In reponse to: @mgattozzi

@mgattozzi @thingskatedid You probably know this one already, but the RustBelt paper has an extremely lucid explanation how Rust achieves its safety guarantees (first ~1/3 of the paper): https://plv.mpi-sws.org/rustbelt/popl18/paper.pdf I won't pretend to understand anything beyond page 11 though 😅

2020-12-03 23:15 🔗 — In reponse to: @ciphernyx

@ciphernyx Kind of related, this article calls it "the most diabolical Python anti-pattern": https://realpython.com/the-most-diabolical-python-antipattern/ (linked from https://github.com/charlax/antipatterns/blob/master/error-handling-antipatterns.md )

2020-12-03 23:16 🔗 — In reponse to: @vegard_no

@ciphernyx Oh, apparently it's called "exception hiding" or "error hiding": https://en.wikipedia.org/wiki/Error_hiding#Languages_with_exception_handling

2020-12-04 07:13 🔗 — In reponse to: @troy_s

@troy_s These started out being all grey and weird for me and the longer I look the redder and more normal they become.

2020-12-06 13:38 🔗 — In reponse to: @halvarflake

@halvarflake You can open /proc/pid/mem and call splice() with that as the input fd (and a pipe as the output fd).

2020-12-06 14:18 🔗 — In reponse to: @wcrichton

@wcrichton @contextfreeinfo Timestamped link: https://youtu.be/fUNYvUMSmq4?t=4826 🙂

2020-12-07 14:16 🔗

This is why it's a *good* idea to not allow repurposing datasets unless explicit consent has been given for new purposes. I'm very happy about this part of GDPR/EU privacy laws https://twitter.com/Dinosn/status/1335932713803636739

2020-12-08 20:09 🔗

We're hiring people to work on #Linux #kernel + userspace hot patching of security vulnerabilities with #Ksplice. Remote ~anywhere. C/C++/#Python + x86/ARM/MIPS. We also have roles for backend/server/infra/#DevOps. DM if interested!

#techtwitter #BlackTechTwitter #WomenInTech

2020-12-16 22:42 🔗 — In reponse to: @pkhuong

@pkhuong @ocornut You can do valgrind --vgdb=yes --vgdb-stop-at=all and it will let you attach with gdb. Then you can use the Valgrind client request mechanism to mark memory ranges as accessible/inaccessible from the program itself: https://valgrind.org/docs/manual/manual-core-adv.html#manual-core-adv.clientreq

2020-12-16 22:45 🔗 — In reponse to: @vegard_no

@pkhuong @ocornut Better link for the more interesting client requests: https://www.valgrind.org/docs/manual/mc-manual.html#mc-manual.clientreqs

2020-12-19 22:09 🔗 — In reponse to: @ekuber

@ekuber @pati_gallardo @Cor3ntin @__phantomderp France from my POV: everybody wears masks in shops, uses hand sanitizers where available (which includes supermarkets, post office, doctor's cabinet, etc.). ~30% infection rate in our local home for the elderly.

2020-12-19 22:14 🔗 — In reponse to: @vegard_no

@ekuber @pati_gallardo @Cor3ntin @__phantomderp Most of the bad things I've observed are people insisting on jogging together and having lunch together. And schools still being open, it looks obvious to me that lots of transmission happens in schools (both between students and teachers).

2020-12-20 23:23 🔗

Apparently I just made my 100th edit on Wikipedia 🥳 My first was on Dec 3, 2005, so just about 15 years ago. Not bad!

2020-12-21 19:25 🔗

Here's the video from my talk "Parallelisation in the Linux Kernel": https://media.handmade-seattle.com/parallelization-in-the-linux-kernel/

Topics are scalability, cache coherence, spinlock optimisation, RCU, seqlocks. Target audience is anybody interested in low-level/kernel/parallel programming.

2020-12-21 19:34 🔗 — In reponse to: @vegard_no

Slides will come later, in the meantime here are the references I used: https://gist.github.com/vegard/20b638e047caf56406715a00ba067875

In particular, much of my own understanding of these topics comes from @lwnnet articles, which are excellent and always worth checking out if you want all the nitty-gritty details.

2020-12-23 16:43 🔗 — In reponse to: @schrepfler

@schrepfler Try this? https://youtu.be/r8SYpRY9viA (the HD version is still processing)

2020-12-29 12:54 🔗 — In reponse to: @fleming_matt

@fleming_matt I really like jsonschema (Python package) for this, it even caught a few real bugs.

2020-12-29 19:07 🔗

What would people recommend these days to get a 13yo interested in programming? For me it was QBasic, which was great because you could just start typing and run your program with F5. It had a built-in manual and my programs looked just like everything else on our PC.

2020-12-29 19:09 🔗 — In reponse to: @vegard_no

Modern IDEs for "real languages" are complicated to set up and most languages have too much boilerplate for getting stuff to show up on the screen anyway. Flash was kind of interesting, but is obsolete. QB64 could be good, but looks old/retro. Game maker studio...?

2020-12-29 19:46 🔗 — In reponse to: @Glider

@Glider You mean modding with Java? Or "programming" with redstone blocks inside the game? But yeah, for the former I'd be worried about the setup around IDE+installing/building/running being too involved for somebody who doesn't know what they are doing yet.

2020-12-29 21:15 🔗 — In reponse to: @andy_kelley

@andy_kelley Phone and Windows desktop. And yeah, I also loved playing around with VB6, not really making anything with purpose, but I was so fascinated by being able to create things that looked like "professional" programs.

2020-12-29 21:22 🔗 — In reponse to: @s_mavros

@s_mavros I don't have personal experience with arduino, but I've done some embedded programming before and there was a lot of rebuilding/replugging/reflashing/restarting, which I found a bit tedious and took away from the fun. Is arduino easier? I think it could be v good as a second step

2020-12-29 22:10 🔗 — In reponse to: @dvyukov

@dvyukov 😍 10-year-old me would have killed to have that.

2020-12-29 22:20 🔗 — In reponse to: @fragmede

@fragmede Yeah, F12 is not a bad idea. I thought about HTML/CSS/JS, but in a way it also suffers a little bit from the boilerplate issue and the fact that some things are pretty unintuitive. But browsers are ubiquitous and just being able to poke around could help stoke an interest 👍

2020-12-30 14:12 🔗 — In reponse to: @MarcoLizza

@MarcoLizza Computer games, for sure (Fortnite *cough*), Marvel movies. Football. More towards technical than arts.

2020-12-30 14:25 🔗 — In reponse to: @MarcoLizza

@MarcoLizza Yeah, somebody else suggested it too and I definitely need to give it a try :-) My only potential concern is that it has more of a "retro" look and appeals more to the older generation. But I could be wrong..!

2021-01-02 13:04 🔗 — In reponse to: @tblodt

@tblodt AFAICT: connect() only sets the "default send address", so does not affect incoming packets at all. Maybe 127.0.0.1 is considered more specific than 0.0.0.0 and therefore gets the incoming packets sent specifically to 127.0.0.1?

2021-01-02 18:48 🔗 — In reponse to: @tblodt

@tblodt I didn't test anything, but according to my local man page, "getsockname() returns the current address to which the socket sockfd is bound", which in your screenshot are exactly the addresses you bound them to, which looks correct..?

2021-01-03 13:03 🔗 — In reponse to: @ferristweetsnow

@ferristweetsnow straightforward mental model

2021-01-03 14:55 🔗 — In reponse to: @smdiehl

@smdiehl I feel like you and I could get along ;-) Cc @dotstdy

2021-01-03 15:26 🔗 — In reponse to: @onthebass

@onthebass @jax__c @jdan This was mine: https://twitter.com/vegard_no/status/1345730553530769409

2021-01-03 15:52 🔗 — In reponse to: @halvarflake

@halvarflake @aris_ada Gaston Lagaffe is also famously fond of animals and nature preservation (despite his car...), here is a gag that was used as promotional material for Greenpeace, according to Wikipedia: https://www.artprecium.com/images/photos/16/59f30a3801e8e.jpg

2021-01-03 19:12 🔗 — In reponse to: @is_eqv

@is_eqv @halvarflake @aris_ada Yeah, same -- I love all his crazy inventions and the naivety :-) I guess it's because it was never released in the UK/US (until 2017... TIL)? I read it in Danish and Norwegian...

2021-01-03 23:33 🔗 — In reponse to: @thesephist

@thesephist From "Creation: Life and how to make it" by @enchantedloom

2021-01-05 09:12 🔗 — In reponse to: @__phantomderp

@__phantomderp This may not be it for you, but could be an interesting data point: https://twitter.com/AbnerCoimbre/status/1339682564429074432 / https://element.io/case-studies/handmade-seattle

2021-01-05 22:54 🔗

Cool thread on the history of SAT solvers (linking the last tweet because the threading seems broken otherwise) https://twitter.com/bramcohen/status/1034568706444029953

2021-01-06 12:34 🔗 — In reponse to: @pervognsen

@pervognsen @shachaf If you try to attach too much information like this (reg. alloc., spill/reload points, w/e) the source will end up becoming unreadable. Which is why I'm unreasonably excited for something like @DionSystems where the editor could basically hide all that in your default view.

2021-01-06 12:36 🔗 — In reponse to: @vegard_no

@pervognsen @shachaf @DionSystems For a simpler example, the lack of explicit types everywhere (like in Python) can make a program more readable, as the logic is not cluttered by types. I could see the same kind of mechanism also being used for everything from optimization hints to proofs of correctness.

2021-01-06 12:41 🔗 — In reponse to: @pervognsen

@pervognsen @shachaf @DionSystems I imagine this could be solved with the right presentation/interface. Something like squiggly underlining or some kind of visual hint that there is more to look at. In the Dion demo I think they showed essentially using the scroll wheel to "zoom in/out" on the code

2021-01-06 12:46 🔗 — In reponse to: @pervognsen

@pervognsen @shachaf @DionSystems Yep: https://twitter.com/ryanjfleury/status/1333474555495669760

2021-01-08 21:04 🔗 — In reponse to: @drewgmackie

@drewgmackie

2021-01-09 09:57 🔗 — In reponse to: @smdiehl

@smdiehl Did you lift this from Ira Glass? https://www.youtube.com/watch?v=PbC4gqZGPSY

2021-01-09 12:17 🔗 — In reponse to: @vegard_no

@smdiehl Kinda disappointing that you deleted your tweets. I actually love the sentiment, that's why I have the video favourited. Trying to pass it off as your own is a bit disappointing, though. I looked up to you, but now I don't know if I can trust anything you've said in the past.

2021-01-10 10:42 🔗 — In reponse to: @CodeColorist

@CodeColorist This happens a lot to me too :-/ And there is no indication anywhere that there are messages there, you have to actively go in there and look. Maybe something to look into @twittersupport

2021-01-14 08:31 🔗 — In reponse to: @hawkinsw

@hawkinsw @johnregehr @eeide @__anp__ I've also missed "unless" occasionally. For me it's the fact that you can keep your program linear (straight sequence of steps) in the normal case, like you're not stepping into a new block/scope (so it highlights the common case). It can definitely be abused to obfuscate, though

2021-01-15 10:18 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void @creduce Another idea would be to add an option to creduce that creates an overlayfs+tmpfs mount that the script gets run inside (so i.e. essentially an in-memory COW copy of the cwd). It still wouldn't work with hardcoded absolute paths though, so maybe it wouldn't work in your case.

2021-01-16 12:43 🔗 — In reponse to: @mayakern

@mayakern https://twitter.com/TheKiffness/status/1350405245533380608

2021-01-16 14:55 🔗

My take on Ievan Polkka / Wellerman mashup: https://www.youtube.com/watch?v=DtVWpVlMRlI

@mayakern @TheKiffness @NathanEvanss

2021-01-16 15:20 🔗 — In reponse to: @vegard_no

2021-01-17 00:33 🔗 — In reponse to: @tom_forsyth

@tom_forsyth I guess they didn't learn about hard-coding constants..?

2021-01-17 00:36 🔗 — In reponse to: @vegard_no

@tom_forsyth Tax codes are also full of this. There is one tangible benefit, though, which is that it makes it easier to understand and apply.

2021-01-18 11:03 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Wait, how big is it? And how!? That sounds really wrong...

2021-01-18 11:14 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Whoa. Even the Linux kernel is only like 4-5G AFAIK. I wonder what they're doing with it now.

2021-01-18 12:58 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Reminds me of this (worth a watch if you have the time) https://www.youtube.com/watch?t=160&v=3mOVK0oSH2M

2021-01-18 22:15 🔗 — In reponse to: @ztellman

@ztellman Hey, I just wanted to point out that what you're doing here is bullying and not really cool.

2021-01-20 11:03 🔗 — In reponse to: @thingskatedid

@thingskatedid Is that QBasic .bas? If so, there was an option to save as plain text as well:

2021-01-20 12:12 🔗 — In reponse to: @thingskatedid

@thingskatedid @chrsnjk @QB64team Ah right, nevermind, sorry for the noise.

2021-01-22 14:58 🔗 — In reponse to: @alech

@alech @halvarflake https://www.googblogs.com/exploring-container-security-isolation-at-different-layers-of-the-kubernetes-stack/ maybe?

2021-01-23 08:53 🔗 — In reponse to: @penberg

@penberg cc @pervognsen

2021-01-24 09:22 🔗 — In reponse to: @kenpex

@kenpex @rygorous Amazon has 8 different books called "Emotional intelligence 2.0" by 8 different sets of authors... wut

2021-01-24 14:17 🔗 — In reponse to: @PetrBenes

@PetrBenes AFAIK a lot of Linux kernel development is done using kvm/qemu and its -S/-s options which let you connect to it with gdb and gives you full access to single-stepping, breakpoints, etc. At least that's what I do...

2021-01-26 09:21 🔗 — In reponse to: @mike_acton

@mike_acton Super cool story, bro

2021-01-26 14:01 🔗

Can you classify this? 😀 (Is it even a tiling?) @TilingBot Code: https://www.shadertoy.com/view/wlVyRd

2021-01-29 09:01 🔗 — In reponse to: @its_bvisness

@its_bvisness @ryanjfleury @dan_abramov https://accidentallyquadratic.tumblr.com/ by @nelhage

2021-01-30 20:53 🔗

@pdw_io I like your userpic 👍

2021-01-31 16:19 🔗 — In reponse to: @andersonc0d3

@andersonc0d3 I have a hard time understanding these restrictions. They claim "security", but surely a module can just JIT the forbidden instructions after it has been loaded..?

2021-02-02 16:31 🔗

TIL: gpg --verify returns 0 (success) as long as the key is known (exists on a keyring), even though you haven't explicitly marked the key as trusted. You're supposed to use gpgv instead, which implicitly trusts all keys on the keyring you give it: https://lists.gnupg.org/pipermail/gnupg-users/2004-August/023141.html

2021-02-06 21:58 🔗

I was using Windows and calc.exe unexpectedly popped up, my immediate reaction was thinking that I'd gotten pwned somehow... but it was just my 2.5yo playing with the secondary wireless keyboard behind my back 😂

2021-02-08 15:33 🔗 — In reponse to: @stephenrkell

@stephenrkell At the University of Oslo you don't get your degree until you bring proof that you've delivered a copy to the library!

2021-02-08 18:15 🔗 — In reponse to: @vegard_no

The full SAT instance has ~309k clauses and a completely random valuation has an average of ~8.5k unsatisfied clauses (i.e. basically the peak of the curve). There are 13408 variables in total.

2021-02-08 18:15 🔗

This graph shows the number of unsatisfied clauses (Y) in a SAT encoding of a cryptographic problem as a function of the number of variable flips (X) from a correct solution (0 flips) on the left to the fully opposite (all variables flipped).

2021-02-08 18:15 🔗 — In reponse to: @vegard_no

Flip the graph upside down and you have the perfect illustration of why hill climbing algorithms like WalkSAT have such a hard time with this kind of instance; the solver starts at the absolute bottom and has no real way to know whether it's climbing left or right.

2021-02-09 12:44 🔗 — In reponse to: @BrookeHodgman

@BrookeHodgman @dotstdy @SebAaltonen @matiasgoldberg Do you have any concrete examples or links explaining this? Is Proof of Stake one of them?

2021-02-09 13:41 🔗 — In reponse to: @blitzclone

@blitzclone it's called min() (and max()), defined in include/linux/kernel.h

2021-02-13 20:53 🔗

Hey, looks like this is for a bug I discovered and fixed! ☺️

Pretty cool to come across this stuff in the wild.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca https://twitter.com/smallkirby/status/1360590941392785414

2021-02-15 13:46 🔗

Spotted on reddit, this is so accurate. I once microwaved a quiche and have still not heard the end of it...

2021-02-16 23:55 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Had several days last month where the power went out at night during subzero temperatures due to a faulty appliance (that took 2 weeks to find). And *all* our heating is electric. That was a real lesson in humility for me...

2021-02-17 10:19 🔗 — In reponse to: @dotstdy

@dotstdy Oh, that? That's just the FoldingSetBase jellyfish...

2021-02-17 21:56 🔗 — In reponse to: @baileythegreen

@baileythegreen If you're still looking, there is also this one that I like: https://twitter.com/jeroaranda/status/1353906045588914177

2021-02-18 10:16 🔗 — In reponse to: @nothings

@nothings If you split it up into left hand + right hand you'll see it wasn't that far off.

2021-02-22 21:24 🔗 — In reponse to: @pati_gallardo

@pati_gallardo git grep -W is soooo good.

2021-02-23 00:41 🔗 — In reponse to: @hillelogram

@hillelogram Step 1: find a programmer who has only made one tweet

2021-02-23 16:28 🔗 — In reponse to: @jeremyjkun

@jeremyjkun @ArminBiere The first known collision attack for full SHA-1 used a SAT solver to enumerate pairs of potential inputs that satisfied some additional constraints: http://shattered.io/static/shattered.pdf

2021-02-24 08:01 🔗

This is honestly amazing. https://twitter.com/aadillpickle/status/1364360565423042564

2021-02-24 10:11 🔗 — In reponse to: @asz

@asz @thingskatedid There is a French brand of cream cheese called St Môret. Being Norwegian, I just read it as "Smöret", which is Swedish for "the butter". (I guess it also doesn't help that the box it comes in looks like a very typical box for butter/margarine.)

2021-02-24 10:51 🔗 — In reponse to: @aadillpickle

@aadillpickle Random thoughts: put the prompt and answer in a width-limited box so our screenshots can fit better in, say, a tweet (all the screenshots I've seen so far are very wide). A share button for the answers could also help make this go viral.

2021-02-24 12:44 🔗 — In reponse to: @aadillpickle

@aadillpickle Looks great ✨😊✨

2021-03-01 23:40 🔗 — In reponse to: @rygorous

@rygorous For suspected concurrency bugs: insert delays, sleeps, and reschedules to widen the gaps where they might otherwise only happen in really exceptionally unlucky circumstances.

2021-03-03 22:37 🔗 — In reponse to: @bgolus

@bgolus I've seen "texture magnification anti-aliasing" and "anti-aliased point sampled texture magnification" via @mmalex https://www.shadertoy.com/view/ldlSzS

2021-03-07 11:18 🔗

As of a few days ago, Firefox has been crashing randomly. Nothing in about:crashes. gdb tells me it's dying with SIGXCPU, "CPU time limit exceeded". I'm on 86.0 for Ubuntu. Ideas..?

2021-03-07 11:54 🔗

Explain this

2021-03-08 13:19 🔗

Lots of interesting thoughts about an open source gbdev project I was briefly involved with years ago. I love the fact that people are picking this up and that a niche project from '97 survives to this day (and evolves!) with new contributors coming in. https://twitter.com/issotm/status/1368885465923870721

2021-03-10 10:52 🔗 — In reponse to: @vegard_no

https://twitter.com/jamiediles/status/1336787214760546310

2021-03-10 10:52 🔗

I keep seeing posts from people who are hiring, so I'm going to collect them in a thread.

2021-03-10 10:52 🔗 — In reponse to: @vegard_no

https://twitter.com/kayseesee/status/1350233267539124227

2021-03-10 10:52 🔗 — In reponse to: @vegard_no

https://twitter.com/opensrcsec/status/1341837896857366529

2021-03-10 10:52 🔗 — In reponse to: @vegard_no

https://twitter.com/malltos92/status/1369524448391352321

2021-03-10 22:21 🔗 — In reponse to: @colinianking

@colinianking Ugh, that's rough. My condolences 🌹

2021-03-15 07:04 🔗 — In reponse to: @tblodt

@tblodt Maybe I misunderstand the issue here -- but "sti" enables interrupts, right? The need_resched/schedule() logic is just about whether the interrupt that came in during the hlt wants us to change tasks

2021-03-15 07:16 🔗 — In reponse to: @tblodt

@tblodt Right, I agree; it seems this would have to be structured differently to really work properly. What is the actual instance/location of this code?

2021-03-15 08:34 🔗 — In reponse to: @tblodt

@tblodt https://elixir.bootlin.com/linux/v5.11.6/source/Documentation/scheduler/sched-arch.rst seems to mention the case you're concerned about? (under "Common problem")

2021-03-16 01:43 🔗 — In reponse to: @issotm

@issotm If you have a really hairy makefile, $(info) can really help make sense of what's going on. printf debugging 🧠

2021-03-17 10:36 🔗 — In reponse to: @pati_gallardo

@pati_gallardo I think the difference is most people think of serialization as something that reconstructs structs/classes/objects as opposed to just being arrays+maps+strings+numbers (like JSON is). "Serialization" comes with the ugly security implications and corner cases.

2021-03-17 10:48 🔗 — In reponse to: @kernellogger

@kernellogger I wonder if this will help with the gmail spam folder problem; 99% of my gmail spam folder is more-or-less legitimate LKML email, I don't know if it's just me though.

2021-03-20 08:09 🔗 — In reponse to: @vegard_no

https://twitter.com/bmastenbrook/status/1373144720642174976

2021-03-21 17:15 🔗 — In reponse to: @vegard_no

And he also appears in dead serious articles from well known newspapers:

https://www.dn.no/spar-global-kollaps/1-1-997484

https://www.nrk.no/okonomi/--boligprisene-kan-halveres-1.6304992

https://www.dn.no/fra-wall-street-til-as/1-1-1597348

https://e24.no/boers-og-finans/i/XwmyQE/vil-ha-varselskilt-for-spekulasjonsfond

Wut?

2021-03-21 17:15 🔗

So I came across this physics paper that reads like pure unadulterated nonsense but is nevertheless authored by an actual professor who also churns out papers in other fields at an unbelievable rate? https://vixra.org/pdf/1607.0496v1.pdf (other publications: https://www.researchgate.net/profile/Espen-Haug-2 )

2021-03-22 17:35 🔗 — In reponse to: @zwegner

@zwegner @johnregehr @shafikyaghmour Ok, so this is moving away from the original aesthetic by quite a bit, but generates code on both gcc and clang trunk for me (and *should* be UB-free...):

x=&x+!x!=&x==x;

2021-03-22 18:53 🔗 — In reponse to: @johnregehr

@johnregehr @zwegner @shafikyaghmour Ooh, I had it like this: https://gcc.godbolt.org/z/Gz1cqKfdf Interesting.

2021-03-22 19:46 🔗 — In reponse to: @PeterSommerlad

@PeterSommerlad @zwegner @johnregehr @shafikyaghmour Not any more than the original post's (x ^= x)? This is not supposed to be an initializer, but an assignment.

2021-03-24 00:02 🔗 — In reponse to: @TheEpsylon

@TheEpsylon @SCombinator @shafikyaghmour How about this? https://gcc.godbolt.org/z/G956WzrrE

Not sure if I'm proud or ashamed...

2021-03-24 00:08 🔗 — In reponse to: @TheEpsylon

@TheEpsylon @SCombinator @shafikyaghmour Aww...

2021-03-28 10:30 🔗 — In reponse to: @tehjh

@tehjh Even adding asm volatile(""); after the first store doesn't seem to make a difference for me!

2021-03-30 21:59 🔗 — In reponse to: @pati_gallardo

@pati_gallardo I can't remember the details, but this was basically one of the tricks used by some kind of street magician or hypnotist to make random people do "weird" things like willingly give you their wallet. Some kind of psychological misdirection.

2021-03-30 22:02 🔗 — In reponse to: @vegard_no

@pati_gallardo Ah, I think it was this: https://en.wikipedia.org/wiki/Derren_Brown#Methods

2021-03-31 10:16 🔗 — In reponse to: @eigenbom

@eigenbom Lots of low-hanging fruit in this design space...

2021-03-31 12:25 🔗 — In reponse to: @P_Malin

@P_Malin @leonard_ritter That was an earlier iteration

2021-03-31 22:19 🔗 — In reponse to: @pwningsystems

@0xbadface A useful trick I learned from kvmtool: set CONFIG_9P_FS=y, -append "rootfstype=9p root=/dev/root rootflags=trans=virtio,version=9p2000.L" + -fsdev local,id=fsdev0,path=/,security_model=none -device virtio-9-pci,fsdev=fsdev0,mount_tag=/dev/root and you can boot off your host fs!

2021-03-31 22:38 🔗 — In reponse to: @pwningsystems

@0xbadface Yes, of course!

2021-04-01 10:16 🔗 — In reponse to: @vegard_no

https://twitter.com/JosephBialek/status/1377306706997170176

2021-04-02 14:37 🔗 — In reponse to: @stephenrkell

@stephenrkell They say he loved adding in little easter eggs...

2021-04-05 09:18 🔗 — In reponse to: @vegard_no

https://twitter.com/johnnyywang/status/1378525898371043329

2021-04-06 08:46 🔗 — In reponse to: @andy_kelley

@andy_kelley @__phantomderp If I understand your exchange correctly, you need to be able to pass a va_list around (think vsnprintf wrapper), which means varargs always need to be on the stack as opposed to in registers. So in general you can't just pass a varargs arg without knowing that it's varargs.

2021-04-06 13:08 🔗 — In reponse to: @meithecatte

@NieDzejkob @andy_kelley @__phantomderp Oh, you're right. Looks like va_start() pulls those register arguments into memory. TIL

2021-04-06 22:02 🔗

🤯 "I'm still using my Gentoo install from 2005" is the modern version of "I've had this hammer forty years. Of course, in its time it has had two new heads and three new handles..."

2021-04-08 08:21 🔗 — In reponse to: @blitzclone

@blitzclone Also no tests.

2021-04-12 11:35 🔗 — In reponse to: @__phantomderp

@__phantomderp https://twitter.com/noop_dev/status/1375018401366745093

2021-04-16 09:07 🔗 — In reponse to: @dotstdy

@dotstdy I've put coffee directly into my cup without brewing it before... more than once 😔

2021-04-16 09:10 🔗 — In reponse to: @vegard_no

@dotstdy Oh, struggle street is about hardship. Nevermind, that was purely out of sleepiness. Sorry

2021-04-19 07:46 🔗 — In reponse to: @Tom_Ruen

@Tom_Ruen I wonder, though; you can easily smell somebody smoking a cigarette 10m away from you if the wind is right. So why wouldn't the same be the case for viruses?

2021-04-19 11:46 🔗

. @geofflangdale @johnregehr I'm sure I saw on twitter a page from a superoptimizer paper with a caption "X finds all the classical bit-twiddling hacks" or similar and showing lots of small snippets of assembly code... but I cannot for the life of me find it again. Ideas?

2021-04-19 11:51 🔗 — In reponse to: @pervognsen

@pervognsen @geofflangdale @johnregehr Yessss, thank you. I liked the first tweet in the thread 😤 Thanks!

2021-04-19 20:56 🔗 — In reponse to: @PjdPeter

@PjdPeter @pervognsen @geofflangdale @johnregehr Yeah, I think it was @pervognsen's description of it from the preceding tweet that I actually remembered (partly, badly): https://twitter.com/pervognsen/status/1338816455500910592

2021-04-20 15:13 🔗

2021-04-21 12:26 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void Is this about movzxw?

2021-04-21 19:23 🔗 — In reponse to: @k8em0

@k8em0 I can understand the reaction; they were basically taken for fools, in public. It does highlight an issue with review bandwidth in the kernel, but I think that has been a known problem for years...

2021-04-24 17:30 🔗

Ugh. Rest in peace ☹️ https://twitter.com/marcwrogers/status/1385961838735597572

2021-04-25 19:39 🔗

Who wants to join a Linux kernel debugging discord? https://discord.gg/fZn5dYnAU2

Specifically, the idea is to have an informal place to collaborate on syzkaller reports. We're drowning in them and there isn't really a suitable place to debug together in real time.

2021-04-25 19:42 🔗 — In reponse to: @vegard_no

This is motivated especially by @dvyukov's and @gregkh's efforts to bring down the bug count: https://twitter.com/kernellogger/status/1384432131133296640

I enjoy trying to puzzle out bugs, and I think it's a great way to learn more about different parts of the kernel. Time is definitely a limiting factor, though.

2021-04-25 23:26 🔗 — In reponse to: @vegard_no

This was way more popular than I had anticipated. New invite link: https://discord.gg/wwGPaAUtkm

2021-04-28 10:46 🔗 — In reponse to: @bgianf

@bgianf @dvyukov There is a new invite link a bit down the thread: https://discord.com/invite/wwGPaAUtkm

2021-04-30 11:31 🔗 — In reponse to: @BCiechanowski

@BCiechanowski Amazing article, as usual👌

2021-05-05 07:59 🔗 — In reponse to: @Polytron

@Polytron There could be information hidden here. Change the palette and you'll see there are pixels with the same color in the original that actually use different palette indices.

2021-05-06 18:06 🔗

LKML tips from Stephen Brennan: https://brennan.io/2021/05/05/kernel-mailing-lists-thunderbird-nntp/

2021-05-07 21:49 🔗 — In reponse to: @vegard_no

https://twitter.com/zerointerupt/status/1390705001073319936

2021-05-15 11:28 🔗 — In reponse to: @dotstdy

@dotstdy Wasn't zeroing pages in the background/in advance patented by Microsoft or something?

2021-05-15 12:06 🔗 — In reponse to: @dotstdy

@dotstdy I can't find a source, so I guess it's hearsay. As far as I can remember, I got this from the OS course in university some 12 years or so ago.

2021-05-19 10:29 🔗 — In reponse to: @SebAaltonen

@SebAaltonen I've received email reminders not to click any links in emails before... with links to more information...

2021-05-19 12:03 🔗 — In reponse to: @Simon_Fe1

@Simon_Fe1 @SebAaltonen Nope! At least not that I know of... that would be pretty evil if it's not obviously fake.

2021-05-20 13:13 🔗

So true. By @andreyknvl

2021-05-20 13:44 🔗 — In reponse to: @ivansprundel

@ivansprundel @andreyknvl I think it's easy to think of fuzzing as "just" throwing random bytes at something. Or just writing a little harness to interface some library/program with an existing fuzzer. And sometimes that works, but you can get so much further with real understanding of your fuzzer+target.

2021-05-20 13:47 🔗 — In reponse to: @vegard_no

@ivansprundel @andreyknvl This slide also hits me personally because a successful sustained fuzzing campaign relies on having proper systems for reproducing bugs, deduplicating bugs, bisection, reporting, etc. Automating all of this is not easy and also requires a lot of engineering.

2021-05-31 11:46 🔗

First jab ✅

2021-05-31 13:49 🔗 — In reponse to: @vegard_no

https://twitter.com/turtlesec_no/status/1399087597608124420

2021-06-03 20:46 🔗 — In reponse to: @vegard_no

https://twitter.com/pello/status/1397106280599277570

2021-06-07 10:32 🔗 — In reponse to: @hillelogram

@hillelogram Linux kernel/git/etc. have a whole ecosystem of tools and developers that is separate from even things that are quite close, like GNU stuff (gcc, binutils, glibc, ...). Not sure I can put my finger on it, but there is definitely a bit of a culture divide there.

2021-06-07 14:50 🔗 — In reponse to: @dvyukov

@dvyukov I did a patch set once that injected failures at "new/rare callchains", i.e. if the callchain leading up to the potential injection point has never been seen before it injects a failure. Sadly, I didn't care enough back then to push for it to get merged... https://lore.kernel.org/lkml/20161016155612.4784-10-vegard.nossum@oracle.com/

2021-06-07 17:39 🔗 — In reponse to: @dvyukov

@dvyukov I've rebased my branch on top of a recent kernel, but it seems there's a bug that prevents writing -1 to debugfs files created with debugfs_create_atomic_t()..? 🧐

2021-06-07 19:10 🔗 — In reponse to: @vegard_no

@dvyukov This works (using the instructions in the changelog of the very last commit):

https://github.com/vegard/linux-2.6/commits/v5.13-rc2%2Bfaultinj

I used something like this a bit with trinity back in 2016 but has never been tried with syzkaller AFAIK.

2021-06-07 19:17 🔗

👇 https://twitter.com/spendergrsec/status/1401878413703630849

2021-06-09 10:24 🔗 — In reponse to: @andy_kelley

@andy_kelley

2021-06-10 10:27 🔗 — In reponse to: @SgAndreea

@SgAndreea There are (has been) a bunch of testing/CI efforts:

0day bot: https://01.org/lkp/documentation/0-day-test-service

kernelci: https://foundation.kernelci.org/

LTP: https://github.com/linux-test-project/ltp

syzkaller: https://syzkaller.appspot.com/upstream

There are surely more. Plus, companies probably run tests internally on things they care about.

2021-06-10 10:30 🔗 — In reponse to: @vegard_no

@SgAndreea To a large degree, the kernel relies on people testing their own patches. There are some tests in the kernel: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/testing

There are so many possible configurations (different architectures, drivers, etc.) and running tests may not even be possible without hardware

2021-06-10 10:37 🔗 — In reponse to: @vegard_no

@SgAndreea To answer your question, I think it's a well known issue, and (some) people are working to fix it. Linus has said that he does a local build+test on his desktop, and for the rest I think he relies on people finding/fixing bugs in the period between -rc1 and the final release.

2021-06-10 10:46 🔗 — In reponse to: @SgAndreea

@SgAndreea Part of it is the fact that you simply cannot test every patch with every configuration, even if you had an automated system. A single build can take anywhere from 5 minutes to multiple hours on a laptop (depending on your config), running all tests would also take a while.

2021-06-14 09:20 🔗 — In reponse to: @lrwrth

@lrwrth @weskerfoot @hillelogram Check out the Dion talk: https://vimeo.com/485177664

(skip to 40:30 for the the thing you're talking about, "code level of detail", but I really recommend watching the full thing)

(by @AllenWebster4th, @ryanjfleury)

2021-06-15 11:29 🔗 — In reponse to: @vegard_no

https://twitter.com/elttam/status/1404709826496581634?s=19

2021-06-16 22:50 🔗

Tupac would have turned 50 today. If you haven't yet, go watch some Tupac interviews:

https://www.youtube.com/watch?v=v_XT9-C5Qu8

https://www.youtube.com/watch?v=HWNwvBrUUGQ

It's time for us as a people to start making some changes.

2021-06-17 16:29 🔗

Nice one, Linux kernel...

atomic_add(int i, atomic_t *v);

atomic_add_unless(atomic_t *v, int i, int u);

🤡

2021-06-17 17:33 🔗 — In reponse to: @pervognsen

@pervognsen @dotstdy Yep, me too. Was it due to some old ABI where the last argument could be reused between calls or something?

I haven't seen it formalized, but it reminds me of how you typically order database columns with identifiers and determiners appearing first.

2021-06-17 18:01 🔗 — In reponse to: @srostedt

@srostedt You made me look... and it's implemented as a loop on x86?? 🤯

2021-06-20 12:35 🔗 — In reponse to: @vegard_no

https://twitter.com/bry6891/status/1406250514778574851

2021-06-21 14:48 🔗

My parents are cleaning out some junk I was storing in their basement. Does anybody know if this Canon film scanner (model F910200) from the mid-90s is worth anything to anybody (collectors, museums, whomever)? It might be the only one still in existence... in working condition

2021-06-22 08:26 🔗 — In reponse to: @vyodaiken

@vyodaiken I could be wrong, but I thought the kernel was avoiding these (along with floating point regs) to avoid having to save/restore them on every context switch. (Also, lazy context switching would mean possibly taking a fault in unfortunate places.)

2021-06-22 19:36 🔗 — In reponse to: @dotstdy

@dotstdy I'd be really interested in hearing your take on the linked post, because it sounds reasonable to me :-P

2021-06-22 20:12 🔗 — In reponse to: @dotstdy

@dotstdy So that's what gamers do when they disable vsync, right? They're killing that delay that comes from waiting for the next frame to be available (swapBuffers()) and therefore lowering the overall input-to-display latency

2021-06-22 22:35 🔗 — In reponse to: @dotstdy

@dotstdy Very nice diagrams. Do you know if modern displays actually have a fixed refresh rate like CRTs did, or could you technically push out a frame as soon as it's been rendered? That would seem like the best solution...

2021-06-22 23:12 🔗 — In reponse to: @vegard_no

https://twitter.com/VulkanAPI/status/1407345882438066176

2021-06-25 08:20 🔗 — In reponse to: @vegard_no

@TubeTimeUS @Foone would you have any pointers/info/contacts? Or is this just junk?

2021-06-26 09:53 🔗 — In reponse to: @johnregehr

@johnregehr You forgot to run bibtex

2021-06-29 09:34 🔗 — In reponse to: @__phantomderp

@__phantomderp Is git involved at any stage? If so there's a decent chance the data is still there somewhere.

2021-07-02 08:49 🔗 — In reponse to: @thingskatedid

@thingskatedid The alarm of realizing another month has passed and it's now July despite my brain saying we're still mid-March.

2021-07-02 08:56 🔗 — In reponse to: @h0mbre_

@h0mbre_ So given the other tweet about having -j now... fork bombed yourself? 😅

2021-07-04 13:51 🔗

Ugh, WTF? This is unfortunate. https://www.reddit.com/r/linux/comments/od3h8b/audacity_may_collect_data_necessary_for_law/

2021-07-05 10:31 🔗

So I know that C compilers are allowed to leave struct padding uninitialized, but are they allowed to deliberately write junk to padding? (Say, using a 16-bit store to write a 16-bit value to 8-bit member + 8-bit padding without shifting/masking)

2021-07-05 10:44 🔗 — In reponse to: @pervognsen

@pervognsen Do you know of a concrete example of this? A special case would be initializing a struct on the stack and then assigning it wholesale to a different variable (which would propagate the uninitialized/junk value), but I'm looking more specifically for examples with field assignment

2021-07-05 10:58 🔗 — In reponse to: @pervognsen

@pervognsen Yeah, it seems like it should be straightforward to implement in a compiler too. I guess ABI/compatibility is the big hurdle.

2021-07-05 11:40 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void Both gcc and clang seem to go out of their way to clear the padding, though: https://godbolt.org/z/G17E5Gone 🤔

2021-07-05 11:50 🔗 — In reponse to: @vegard_no

If this is the case, it seems there is de facto no way to guarantee that structs with padding copied verbatim across security boundaries (network, kernel/userspace) don't have junk in padding. Since the compiler might add the junk there even after you explicitly zero it...

2021-07-05 12:12 🔗 — In reponse to: @FilippoBiga

@FilippoBiga No, that's what I'm looking for :-) According to other replies it seems allowed by the specs, I just haven't found any concrete examples where it happens.

2021-07-05 12:16 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void https://godbolt.org/z/Too717cGP Wait, what???

2021-07-05 12:35 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void bug in -fipa-icf (Identical Code Folding)? https://godbolt.org/z/hW4GEK17T

2021-07-05 15:37 🔗 — In reponse to: @pervognsen

@pervognsen @glaebhoerl @andy_kelley Here's an alternative that also works for pointers to thread-local storage: https://clang.godbolt.org/z/8Kf7EYecT

2021-07-05 16:49 🔗 — In reponse to: @pervognsen

@pervognsen @glaebhoerl @andy_kelley If you just want to compare straight TLS access vs. my REG() variant, this is probably better (I guess that's what you were looking at for the 4+1 vs. 1 comparison): https://clang.godbolt.org/z/8W6Tb71z6

It's unfortunate about lea, I still think it may be a better option depending on context.

2021-07-05 16:52 🔗 — In reponse to: @pervognsen

@pervognsen @glaebhoerl @andy_kelley Ah, right.

2021-07-05 18:20 🔗 — In reponse to: @kenpex

@kenpex Info leaks, see e.g. https://lwn.net/Articles/417989/

2021-07-07 08:58 🔗 — In reponse to: @srostedt

@srostedt Is this the problem with missing include/linux/compiler-gcc*.h, fixed by cb984d101b30e? It should be possible to just copy the last one of those to create the missing file whenever you stumble upon it. In general, you can also cherry-pick --no-commit known fixes during the bisect

2021-07-07 14:28 🔗 — In reponse to: @vegard_no

https://twitter.com/Reg__/status/1412695492488728579

2021-07-07 14:28 🔗 — In reponse to: @vegard_no

https://twitter.com/ClausHoumann/status/1411582498581188609

2021-07-07 14:28 🔗 — In reponse to: @vegard_no

https://twitter.com/tehcaster/status/1412715024355835911

2021-07-09 09:57 🔗

Miguel Ojeda doing a stellar job of explaining Rust safety to Linux kernel developers: https://lore.kernel.org/ksummit/CANiq72kF7AbiJCTHca4A0CxDDJU90j89uh80S3pDqDt7-jthOg@mail.gmail.com/T/#u

2021-07-11 10:42 🔗 — In reponse to: @geofflangdale

@geofflangdale @damageboy Core counts can get pretty crazy, here's a slide from my talk last year: 6144 cores, runs Linux, from 2016. (Max supported on Linux was 8192 last I checked: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b53b5eda8194214928c8243d711a75dbf51809fc )

2021-07-11 11:53 🔗 — In reponse to: @damageboy

@damageboy @geofflangdale @ScaleMP AFAIK yes, that's correct

2021-07-11 12:03 🔗 — In reponse to: @pervognsen

@pervognsen @geofflangdale @damageboy I'm not sure for CFS specifically but there will be some custom kernel patches for sure. I heard/read that these machines take a really long time to boot because of everything that has to be initialized per CPU

2021-07-12 12:41 🔗 — In reponse to: @vegard_no

Second jab ✅ (actually more of a stab this time, I could swear she put it exactly like how they give adrenaline shots in movies)

2021-07-12 21:51 🔗 — In reponse to: @moyix

@moyix @akbirthko I suspect the answer is that your inverted NN will not give you boolean (or even integer) inputs. You can represent SHA1 as a linear programming problem and solve it in polynomial time, but once you add the constraint that inputs must be integers the problem becomes NP-complete.

2021-07-13 13:56 🔗

Been thinking about something like this to detect when gcc deletes if tests: https://godbolt.org/z/64jx1rnsY

(Obviously doesn't work for ?: or logical operators, and it also affects codegen.)

Thoughts?

2021-07-13 14:47 🔗 — In reponse to: @vegard_no

New version using local labels that correctly supports likely()/unlikely() AKA __builtin_expect(): https://godbolt.org/z/7fjnnnz4P

2021-07-15 10:45 🔗 — In reponse to: @vegard_no

LWN article and comments are also worth a read: https://lwn.net/Articles/862018/

2021-07-15 11:07 🔗 — In reponse to: @jamiediles

@jamiediles 😂I see the concerns about stable toolchains and upping developer requirements, but I don't get the intense hatred for just trying something out. The kernel undeniably has huge problems that Rust would solve.

The resistance seems to be a vocal minority, though.

2021-07-15 22:39 🔗 — In reponse to: @vegard_no

https://twitter.com/bootlincom/status/1409885627416522752

2021-07-16 08:31 🔗

@CompileExplore is there a way to download an exact gcc binary used on http://godbolt.org as opposed to building it from source myself? Thanks in advance!

2021-07-16 09:04 🔗 — In reponse to: @vegard_no

Never mind, I believe I found it here: https://s3.amazonaws.com/compiler-explorer/opt/gcc-trunk-20210708.tar.xz

😀

2021-07-16 18:35 🔗 — In reponse to: @vegard_no

@rep_stosq_void bug report, for the record: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101474

2021-07-17 07:12 🔗

Explain this https://godbolt.org/z/KG4dWevc8

2021-07-17 11:30 🔗 — In reponse to: @cyrillos

@cyrillos How about this? https://godbolt.org/z/1T7G8h36G

😛

2021-07-17 22:50 🔗 — In reponse to: @thingskatedid

@thingskatedid @cyrillos I'm fairly certain it has to do with some gnarly stuff deep in gcc internals where numeric declaration IDs end up affecting the codegen. There's an old thread with some info: https://www.mail-archive.com/gcc@gcc.gnu.org/msg85752.html

2021-07-17 22:53 🔗 — In reponse to: @steubens7

@steubens7 @thingskatedid @cyrillos This lists what each -O level enables: https://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html

2021-07-18 09:44 🔗 — In reponse to: @__phantomderp

@__phantomderp @vyodaiken @thradams If you used thread-local variables you could save them on entering and restore them on returning, something like this? https://godbolt.org/z/z8xPaf5W7

(For pointers to work correctly, the TLS var itself should just be a pointer to the on-stack captured variables, I guess.)

2021-07-18 10:04 🔗 — In reponse to: @vegard_no

@__phantomderp @vyodaiken @thradams Here generalized and hidden behind macros, but I see no reason why the compiler couldn't do the same thing transparently: https://godbolt.org/z/sbGehP8jr

2021-07-18 10:26 🔗 — In reponse to: @pinskia

@pinskia It reads like a fever dream, my guess would be on mental illness or influence of a drug. It's coherent enough that I believe it comes from somebody who does actually know what these things are when they're fully lucid.

2021-07-18 16:31 🔗

Just some Sunday afternoon Shadertoy fun, now with more Compiler Explorer: https://www.shadertoy.com/view/stsXWj

2021-07-18 16:49 🔗 — In reponse to: @perjonaslund

@perjonaslund @__phantomderp @vyodaiken @thradams I can see the problem with setjmp/longjmp, although I don't seem those used much anymore. For C++ exceptions I think it should work (even without breaking ABI) since the compiler is responsible for generating the unwinding code as well?

2021-07-19 11:01 🔗 — In reponse to: @majek04

@majek04 Where is ptrace() in your ranking?

2021-07-19 11:11 🔗 — In reponse to: @shachaf

@shachaf @majek04 Very nice! Bookmarked. Gotta love the "// XXX: Is this correct?" though 😂

2021-07-19 12:44 🔗

Argh, Thunderbird has this absolutely horrible failure mode on out-of-disk where it just deletes all your tags quietly.

2021-07-23 22:43 🔗 — In reponse to: @AlexKontorovich

@AlexKontorovich @veritasium Isn't option b, "Once they kill <35,999 people /yr (NOW!)" a bit disingenuous given how few self-driving cars there are compared to human-driven cars? It's not a straight comparison.

2021-07-24 22:26 🔗 — In reponse to: @daemontus

@daemontus @penberg @halvarflake cmov loads its memory operand unconditionally, even when the condition would otherwise throw away the loaded value. So it may be cheaper to branch to avoid the dereference.

2021-07-25 06:13 🔗 — In reponse to: @hogesonline

@hogesonline @nickzoic @taybenlor @pygame_org room2() needs to check that you have the correct key in your inventory (as you can pass the door without it), also trying to "use potion" when facing the monster results in "I don't understand that". Anyway, fun little thing, thanks for sharing :-)

2021-07-25 12:25 🔗 — In reponse to: @JustJakeSimpson

@JustJakeSimpson @tom_forsyth @leonard_ritter Reminds me of this https://clips.twitch.tv/SuperManlyDaikonHassaanChop

2021-07-25 14:56 🔗 — In reponse to: @Fuzzyness

@Fuzzyness That's bullshit, there's no reason for an ambulance not to come if somebody is passed out. Drugs or no drugs, this is still a helpless person.

2021-07-27 14:33 🔗 — In reponse to: @CodeColorist

@CodeColorist The jour in bonjour is the jour in journal, the diur in diurnal, the diar in diary. (and in Spanish, dias)

2021-07-28 20:26 🔗 — In reponse to: @MortenLinderud

@MortenLinderud Does it really make lives that much more difficult if distros are not collecting personal data in the first place?

2021-07-29 12:07 🔗 — In reponse to: @leonard_ritter

@leonard_ritter The gist you linked didn't crash for me (graphviz version 2.40.1), here's the result:

2021-07-30 10:26 🔗 — In reponse to: @vegard_no

https://twitter.com/tmandry/status/1420791631041552387

2021-08-03 11:12 🔗

A small propeller aircraft flew above me when it suddenly went quiet -- then it went into a dive. Lasted maybe 15 seconds before the engine came back on. Is that normal? Is it part of training, perhaps? There's an airport nearby...

2021-08-03 14:23 🔗

My son turned 3 last week. I let him play The Witness on the PC from time to time thinking he'd get quickly bored. I started him on a new game and so far he's made it to the keep and solved 54 puzzles on his own... 🤯

That's a huge lesson for me to not underestimate kids.

2021-08-03 14:44 🔗 — In reponse to: @johnregehr

@johnregehr Personally I think it's an amazing game, but don't let yourself get spoiled if you have ANY thoughts of playing it. It means: don't watch anything on youtube, don't read about it.

2021-08-03 14:50 🔗 — In reponse to: @chriseberly

@chriseberly @johnregehr Fez is great too, I'm sure we'll play it at some point. Some areas are a bit creepy, though -- is it a problem or how would you deal with that? The Witness is just really colorful throughout, which I'm sure is part of the attraction for my son :-)

2021-08-03 18:44 🔗 — In reponse to: @Srekel

@Srekel Mouse and keyboard, but on the keyboard he uses pretty much only the up arrow key (to move forwards). He does also play Townscaper, which is mouse only. He's definitely messed up the settings in both games a few times, but full screen helps contain the damage 😉

2021-08-05 12:32 🔗 — In reponse to: @stephenrkell

@stephenrkell Pretty sure zoom uses pulseaudio here (Ubuntu), aplay -L lists "default" as "Playback/recording through the PulseAudio sound server".

2021-08-06 08:39 🔗 — In reponse to: @hillelogram

@hillelogram This is a really good talk by Mike Acton:

https://www.youtube.com/watch?v=rX0ItVEVjHc

2021-08-06 09:05 🔗 — In reponse to: @vegard_no

@hillelogram For a bit of context, this might be exactly one of those "pop pro-perf" things you're talking about, but I feel the talk gives very practical, actionable advice in addition to that general way of thinking about performance on modern hardware.

2021-08-07 14:22 🔗 — In reponse to: @dotstdy

@dotstdy I appreciate what Fabian is saying here, but I'd like to take even further: a lot of what we think of as "CPU bound" is really "cache/memory bound", just because the CPU itself spends so much time waiting for memory, we just don't really see it that easily.

2021-08-08 14:30 🔗 — In reponse to: @cengiz_io

@cengiz_io @srostedt Not breaking 'git bisect' when it's avoidable is more important, but I guess it depends on the bug and the failure mode.

2021-08-09 16:29 🔗 — In reponse to: @stephenrkell

@stephenrkell bureaucracy?

2021-08-10 00:42 🔗 — In reponse to: @pdp7

@pdp7 Have you tried xkill? Or is the window opened by a common process that just displays notifications or something?

2021-08-12 16:56 🔗

"Getting started with Linux kernel development" https://gist.github.com/vegard/22200a9f91af138a99ae22a9b814a9a4

(reposting as it was buried a bit when I linked it last time)

2021-08-15 05:19 🔗 — In reponse to: @larkmjc

@contramork Have a look at this: https://www.shadertoy.com/view/3t23WG

2021-08-16 13:25 🔗 — In reponse to: @leonard_ritter

@leonard_ritter @dotstdy @MikkoMononen In French it's standard to say "Go", "To", etc. (for giga-octets, tera-octets), this is how you talk about network speeds, disk capacities, etc. Maybe the authors are French?

2021-08-17 12:56 🔗 — In reponse to: @__phantomderp

@__phantomderp I know this isn't "wording", but it says 2021-09-15, should it be 2021-08-15?

2021-08-18 13:47 🔗 — In reponse to: @pinskia

@pinskia @dotstdy Right, so .plt/.plt.got are read-only code and only .got is data that gets fixed up? Yeah, these sections look tiny compared to .text/.rodata (for a random shell program). There's still the extra indirection, though, which seems like it might have an impact on performance.

2021-08-19 11:37 🔗 — In reponse to: @phillip_trudeau

@phillip_trudeau I think it's just better tooling, honestly. The object/field/whatever you tried to access didn't exist? Oh here's a backtrace showing you exactly where your code went wrong. In C you get _nothing_ by default. Need ASAN + debugger (which don't play nice when used together!), etc.

2021-08-23 13:04 🔗

I somehow completely missed this until now. Looks very interesting. https://twitter.com/peleghd/status/1423323085676040201

2021-08-23 16:39 🔗 — In reponse to: @AlanZucconi

@AlanZucconi

2021-08-23 16:41 🔗 — In reponse to: @vegard_no

@AlanZucconi Actually meant to share this https://twitter.com/vegard_no/status/1377173053394673664

2021-08-24 14:39 🔗 — In reponse to: @tehcaster

@tehcaster Our GP told us yesterday that she has to deal with conspiracy theorists on a daily basis. Patients accuse her of being paid by "big pharma" for encouraging them to get vaccinated. SMH

2021-08-27 14:31 🔗

Recording, for those who missed it (including me 😅): https://youtu.be/C-I9qNsgPVQ?t=259 https://twitter.com/linuxplumbers/status/1430827140472348673

2021-09-01 09:42 🔗 — In reponse to: @m0radin

@m0radin @BartWronsk @MyNameIsMJP @YuriyODonnell It's probably not for everybody, but I recommend this video: https://www.youtube.com/watch?v=i7kh8pNRWOo

(for me the fact that it comes from a programmer also helps, as opposed to just random self-help articles/books/videos)

2021-09-02 10:46 🔗 — In reponse to: @SebAaltonen

@SebAaltonen @Ashkan_GC Lack of critical thinking skills coupled with heavy Facebook/youtube propaganda against vaccines specifically? Plus, vaccine skepticism was on the rise before the pandemic so it was a natural target.

2021-09-02 10:49 🔗 — In reponse to: @vegard_no

@SebAaltonen @Ashkan_GC Maybe the fact that the vaccines are using new technology (mRNA) and past vaccines like https://en.wikipedia.org/wiki/Pandemrix were shown to actually have serious adverse effects (increased risk of narcolepsy). Many factors stacking up against vaccines specifically.

2021-09-02 10:54 🔗 — In reponse to: @vegard_no

@SebAaltonen @Ashkan_GC I personally got my two shots because the potential effects of the virus look far worse than the potential effects of the vaccine. For both of them we don't really know the long-term effects yet (for the simple fact that neither have been around that long).

2021-09-02 14:01 🔗 — In reponse to: @pati_gallardo

@pati_gallardo Do we know what changed? Is it delta spreading more easily, did restrictions get lifted, are people tired of restrictions, ...?

2021-09-02 14:14 🔗 — In reponse to: @pati_gallardo

@pati_gallardo My kid starts school next week (in France) and naturally it's something we worry about. Here, if there's a case in a class, the whole class has to stay home for 7 days. I'm not really convinced the small kids will be tested in the first place, though, even if they have symptoms..

2021-09-03 09:37 🔗

I finally found a word that perfectly embodies how I feel about Agile: infantilizing

2021-09-03 21:53 🔗 — In reponse to: @johnregehr

@johnregehr Just generally anything containing .pushsection tends to be kinda juicy...

2021-09-03 21:59 🔗 — In reponse to: @vegard_no

@johnregehr Yo dawg, I heard you like macros, so I put an assembly macro in your C macro...

(okay, this is not in the kernel yet -- it's a patch I've been working on)

2021-09-06 16:29 🔗 — In reponse to: @dotstdy

@dotstdy I'm not convinced this is really true. As some of the comments also point out, data is mostly just written once (when you set up your "plot"), after that it may be read back periodically but that shouldn't be harmful for either SSDs nor magnetic disks?

2021-09-06 16:30 🔗 — In reponse to: @vegard_no

@dotstdy Clarification -- I don't doubt the disks are being sold, or even being sold as new. What I'm doubting is whether Chia wears down disks faster than anything else you might use them for.

2021-09-06 16:46 🔗 — In reponse to: @dotstdy

@dotstdy TIL. I should've read up before commenting. Thanks.

2021-09-07 18:31 🔗

So... starting pavucontrol (pulse audio volume control) causes Xorg to go to 50% CPU usage. Presumably because it's continuously updating the volume meter bars? 🤨 Even when it's not visible on the screen...

2021-09-10 09:28 🔗 — In reponse to: @thingskatedid

@thingskatedid See also: unexec() https://lwn.net/Articles/673724/

2021-09-11 21:50 🔗 — In reponse to: @theevilsine

@theevilsine http://shadertoy.com . Not only can you just browse and marvel at what other people made, you can also go look at exactly how they did it -- a surprising amount of shaders are well documented and sourced. It's also easy to create new shaders and you see the result immediately.

2021-09-11 21:59 🔗 — In reponse to: @vegard_no

@theevilsine Here are some of mine:

https://www.shadertoy.com/view/3d3yDS

https://www.shadertoy.com/view/wtXyDf

https://www.shadertoy.com/view/wtV3W1

https://www.shadertoy.com/view/WljfRc

https://www.shadertoy.com/view/stsXWj

https://www.shadertoy.com/view/wdVXWR

https://www.shadertoy.com/view/3dKSRK

2021-09-12 12:34 🔗 — In reponse to: @arntzenius

@arntzenius @wcrichton @rsnous You just reminded me that for years I used Conkeror, a keyboard-based browser (based on Mozilla xulrunner). You'd press "f" (for "follow") and it would number all the links on the page like this:

2021-09-13 10:00 🔗 — In reponse to: @lcamtuf

@lcamtuf @damienmiller @tqbf In Norway I think all high school students take a trip to visit former Polish and German concentration camps. It's admittedly some 20 years since I went, but it left a mark on all of us, seeing the gas chambers, the parchment made from human skin, the mass graves...

2021-09-13 13:26 🔗 — In reponse to: @_monoid

@_monoid Jokes aside, this seems to indicate you can also use a variable attribute to control it per-variable: https://gcc.gnu.org/pipermail/gcc-patches/2021-February/565514.html

Seems to work: https://godbolt.org/z/8ace3cevb

2021-09-13 13:34 🔗 — In reponse to: @_monoid

@_monoid Oooh, good point 🤦‍♂️

2021-09-13 20:07 🔗

If you're like me and can never remember what the return value of mutex_trylock() means (or any of a number of other things...), check out this Linux kernel concurrency cheat sheet (PDF linked from blog post): https://twitter.com/ksplice/status/1437468629805699073

2021-09-13 20:08 🔗 — In reponse to: @vegard_no

Unburied link 😅: https://blogs.oracle.com/linux/post/linux-kernel-concurrency-cheat-sheet

2021-09-15 08:56 🔗

Did my first CONFIG_RUST=y kernel build 👌

2021-09-15 12:36 🔗 — In reponse to: @SoosMate

@SoosMate Yeah, I've been following this Rust in the kernel workshop and there are some incredibly talented people working on this stuff. I had to try it out myself :-)

2021-09-15 15:25 🔗 — In reponse to: @philbertrupkins

@philbertrupkins @SoosMate No, but some of the presentations will probably be made available later. I think the idea was to have a kind of short warm-up to LPC'21 (which is where the main discussions will take place AFAIU). You can find pointers to mailing lists, chat, etc. here: https://github.com/Rust-for-Linux/linux

2021-09-17 10:15 🔗

https://twitter.com/majicDave/status/1438775056025329667

2021-09-17 13:21 🔗 — In reponse to: @leonard_ritter

@leonard_ritter You probably know this already, but the obelisks point to the puzzles (and the shapes obviously correspond). So that could be considered clues

2021-09-17 13:31 🔗 — In reponse to: @leonard_ritter

@leonard_ritter My opinion is that this part of the game is probably geared towards people who want take their time to look around at everything and not just tick boxes or getting to 100%.

2021-09-17 13:31 🔗 — In reponse to: @vegard_no

@leonard_ritter After all, there are plenty of things to look at in the game that are not puzzles but just there to make you think, go "a-ha", or consider some idea or another.

2021-09-17 13:33 🔗 — In reponse to: @vegard_no

@leonard_ritter Argh, this came across as condescending. Just to be clear, I think both styles of playing are fine and valid (and fun).

2021-09-20 16:00 🔗

"Rust in the Linux ecosystem" at LPC'21 starting right now! https://www.youtube.com/watch?v=ORwYx5_zmZo&list=PLVsQ_xZBEyN2c21jFUgqI2iMa094zXanH&index=1

2021-09-21 11:47 🔗 — In reponse to: @karimyaghmour

@karimyaghmour @johnstultz_work @olofj Yes, security is absolutely a benefit, if not THE benefit. I believe Miguel was quite explicit about this in his talk

2021-09-21 18:26 🔗 — In reponse to: @karimyaghmour

@karimyaghmour @johnstultz_work @olofj I think people are becoming increasingly aware of the security problems that the kernel is facing; syzkaller keeps finding more bugs than developers can close and the LTS/stable releases keep growing. Also, a ton of work has already happened with the self protection project.

2021-09-23 08:52 🔗 — In reponse to: @TubeTimeUS

@TubeTimeUS My friend had this exact model, it's now sitting in storage. Lots of good memories: Ski or Die, Street Rod, Monkey Island, Blues Brothers, ...

2021-09-24 11:38 🔗 — In reponse to: @halvarflake

@halvarflake Which way do you put your phone in your pocket? For me the charging port is always up and I've never seen as much as a speck of dust in it.

2021-09-25 09:38 🔗 — In reponse to: @larkmjc

@mork9869 I think the general answer to this type of question is usually that it takes more energy (= more money) to recover the individual elements from the waste than it does to mine/produce more where it came from.

2021-09-26 14:10 🔗 — In reponse to: @q2ven

@q2ven Probably; lots of other commits did that:

$ git rev-list --grep 'Fixes: 1da177e4c3f4' --count linus/master

231

2021-09-26 16:25 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @jim_mussared @hogesonline I think all of these items can be answered or explained rather easily. I think the box is a great aid to learning. What would you rather teach? No matter how you teach variables you are going to need explanations and some amount of scaffolding.

2021-09-26 16:27 🔗 — In reponse to: @vegard_no

@ShriramKMurthi @jim_mussared @hogesonline What it achieves is to separate the name of the variable from its value, the box vs. the thing inside. And underscores the fact that they can both exist independently.

2021-09-26 21:52 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @jim_mussared @hogesonline "store a value in a variable" is bog standard language in programming, so you saying that it's frustrating to see comes across as bewildering and combative (to me, at least). Your other replies reinforce that impression too.

2021-09-26 21:56 🔗 — In reponse to: @vegard_no

@ShriramKMurthi @jim_mussared @hogesonline It could just be one of those Twitter things where the lack of nonverbal cues makes it too easy to misunderstand and talk past each other though. Or maybe this just wasn't the right moment to start a discussion (that might otherwise be worth having). 🤷

2021-09-28 13:11 🔗

Witnessed an interesting phenomenon today that I can't say I remember ever seeing before in my life. I assume it's the contrail casting a shadow on a lower layer of clouds. I thought it was a phone line at first, but I've included phone lines for reference...

2021-09-29 09:04 🔗

Ahhh, here's what I should have done ages ago.

2021-10-01 09:42 🔗

My friend Phillip is making a really fun and challenging physics-based action/puzzle game for PC. It has online co-op and PvP multiplayer. Check out the demo: https://twitter.com/phillip_trudeau/status/1443778543499022338

2021-10-01 13:04 🔗 — In reponse to: @openlabbott

@openlabbott @srostedt @martinezjavier @kernellogger It was discussed on Zulip ( https://rust-for-linux.zulipchat.com ) and AFAIK invitations were sent to everybody who had participated in mailing list discussions. I think in many ways it was a warm-up for LPC and Miguel's LPC talks were very much based on the same material.

2021-10-02 16:26 🔗 — In reponse to: @gautshen

@gautshen I think two floppy drives was a common option to enable copying from one to the other without the use of a hard drive

2021-10-03 11:44 🔗 — In reponse to: @__phantomderp

@__phantomderp Are the function declarations (such as for stdc_popcountuc) meant to be actual functions or can they be implemented as macros/static inline functions? You probably don't want to have to do actual function calls for all of these. 3.7.1. looks relevant, but isn't totally clear.

2021-10-03 15:46 🔗 — In reponse to: @__phantomderp

@__phantomderp Isn't this problematic from a performance overhead/zero-cost abstractions point of view? Or would the compiler be allowed to somehow inline these calls anyway?

2021-10-03 18:20 🔗

Behold the dreaded quadruple sigil

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/scripts/kconfig/Makefile#n173

2021-10-05 09:15 🔗

Good tweet 👇 Made that much better by the fact that it's coming from the OpenSSH maintainer 🤭 https://twitter.com/damienmiller/status/1445158034662064135

2021-10-06 12:18 🔗

New blog post where I go into some detail on how we used Ksplice to patch code running on the GPU (!): https://twitter.com/ksplice/status/1445539300339326976

2021-10-07 11:30 🔗

@monsieuricon Huh, I just noticed that the clone links on http://git.kernel.org point to http://googlesource.com . Is that a recent change? Is there a story behind this?

2021-10-09 09:27 🔗 — In reponse to: @rcbregman

@rcbregman Really? A guy who argues (sincerely) that killing newborn babies is fine is "probably the most important philosopher alive today"? Surely we can do better than this...

2021-10-09 14:38 🔗

Dusted off my old satconfig/satrandconfig/satmenuconfig patches for the kernel and I think I actually managed to get it into a usable state. Will try to polish it a bit more and submit it to LKML.

2021-10-09 14:41 🔗 — In reponse to: @vegard_no

The sad part is that I last touched this 5 years ago (the patchset itself is very nearly 11 years old!) and the reason I stopped was that I had run into an issue I thought I couldn't solve -- but it only took like 20 lines of code to fix 😩

2021-10-09 14:45 🔗 — In reponse to: @acherm

@acherm Yes; you give it a set of config assignments that must be respected exactly and the rest is randomized (while obviously still satisfying dependencies, etc.).

It's great for randomized-build testing and actually already found a bug: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?h=x86/urgent&id=3958b9c34c2729597e182cc606cc43942fd19f7c

2021-10-09 14:48 🔗 — In reponse to: @vegard_no

@acherm Here's an example of what I've been using as my fixed options: https://gist.github.com/vegard/00af10c1f9e28268469e3aee7a7de91e

(Actually it found 3 other bugs as well, as you can see at the bottom, but I didn't look into those yet...)

2021-10-09 14:53 🔗 — In reponse to: @vegard_no

I think the lesson for me is not to give up, the solution could be a lot closer than it looks. Taking breaks is fine (and was probably necessary in this case), but remember to pick it back up before years have passed...

2021-10-09 15:05 🔗 — In reponse to: @acherm

@acherm I've pushed a snapshot of the current version here:

https://github.com/vegard/linux/tree/v5.14%2Bkconfig-sat-rc1

It's NOT production-ready (and the docs are way outdated), but I would say it's ~usable if you want to play with it.

2021-10-09 15:08 🔗 — In reponse to: @vegard_no

@acherm Even more interesting than predicting build sizes I think would be to measure performance for some benchmark. I've been running entry-fuzz, which just does random userspace<->kernel transitions, and I've seen wildly varying numbers (from <1/s to >10k/s) depending on the config.

2021-10-11 08:56 🔗 — In reponse to: @TychoTithonus

@TychoTithonus Like any documentation, really, a thoughtful summary/minutes takes time to write... but only for the person writing it! Everybody else benefits, as you said, from reading. That's much more scalable. Also, text gives you a searchable record.

2021-10-11 22:47 🔗 — In reponse to: @EZGames69

@EZGames69 @Jonathan_Blow According to the article, the same guy who submitted the proposal was on the WHO team (without disclosing the proposal). It smells like a conflict of interest at best. Also, the top Danish WHO scientist also stated in August that the pandemic could have started with a lab worker.

2021-10-11 22:52 🔗 — In reponse to: @vegard_no

@EZGames69 @Jonathan_Blow I'm not saying the lab theory has been proven, far from it -- just that at this point, the origin of the virus is still uncertain.

2021-10-12 09:36 🔗 — In reponse to: @awesomeintheory

@awesomeintheory @withoutboats How about using if/goto as an analogy? "goto" allows you to jump from anywhere to anywhere, so we consider it unsafe in general use; "if" is a safe abstraction over jumping and in fact is mostly implemented exactly in terms of goto/jumps.

2021-10-12 10:09 🔗 — In reponse to: @vegard_no

@awesomeintheory @withoutboats Or in more everyday terms, you could use something like an electrical outlet; it's a safe interface ("abstraction") over the unsafe naked wires. It still has the naked wires underneath, but there is a layer of protection making it safe.

2021-10-12 14:07 🔗 — In reponse to: @vegard_no

https://twitter.com/rep_stosq_void/status/1410242549319614465

2021-10-12 22:31 🔗 — In reponse to: @acherm

@acherm I talk a bit about randconfig vs. satrandconfig distributions here: https://lore.kernel.org/all/47e60186-2408-19cf-3231-92bd9c30483a@oracle.com/

In summary, the distribution is completely different, but probably mostly due to how 'select' works in randconfig.

2021-10-13 07:47 🔗 — In reponse to: @tom_forsyth

@tom_forsyth I played cornet from the age of ~7 until ~14 in the school orchestra, including 1 hour/week 1:1 instruction that was 50% technique and 50% reading sheet music. This was in Norway some 20 years ago. My neighbour was a jazz musician (sax) and showed me basic composition with pencil

2021-10-13 07:51 🔗 — In reponse to: @vegard_no

@tom_forsyth I wasn't hugely into it at the time, I think I was a bit too young. But the experience itself was super important, it's a very good memory, and as an adult I really appreciate the interest he showed in teaching me.

2021-10-13 07:54 🔗 — In reponse to: @vegard_no

@tom_forsyth I think what *I* really missed as a kid playing a monophonic instrument was instruction in how harmony and voices work. It really wasn't obvious to me at the time that we're not all playing the melody. It sounds stupid in retrospect, but that's how it was.

2021-10-15 00:09 🔗 — In reponse to: @thingskatedid

@thingskatedid this might also explain the number of eyes

2021-10-16 11:06 🔗 — In reponse to: @jntrnr

@jntrnr No mention of -1? 😅

https://github.com/search?q=%22exit%28-1%29%3B%22&type=code

2021-10-16 15:07 🔗 — In reponse to: @_monoid

@_monoid Found it :-) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/proc/generic.c#n46 used by pde_subdir_insert() -- uses the name length as the first part of the key of a red-black tree.

2021-10-19 20:01 🔗 — In reponse to: @efrmv

@efrmv Ha... I guess the race is on...

2021-10-20 09:00 🔗 — In reponse to: @moyix

@moyix You wanted it small? Say bye to all your variable names!

You wanted it small? This isn't exactly C99...

You wanted it small? I hope you like warnings!

You wanted it small? Here's some UB for you!

You wanted it small? Memory errors are fine, really.

2021-10-20 09:20 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void @moyix Yep, you just gotta think of all those weird corner cases. I've definitely counted warnings in the input and made sure the number of warnings doesn't increase. I've done `grep -A10 some_function | sha1sum` before to ensure C-reduce didn't change a particular function...

2021-10-21 23:33 🔗 — In reponse to: @realhashbreaker

@realhashbreaker I tried to reduce the code to isolate it (while making sure the two versions are semantically equivalent), this is how far I got: https://gist.github.com/vegard/d726043109f8a4d2477924ebd0474dab

Maybe somebody is able to spot it from that?

In any case, really fascinating...

2021-10-23 00:35 🔗

Trying something new: This is my progress so far on my entry for the #LudwigJam game jam (theme is "Foddian games"). It's actually pretty fun... #gamedev

2021-10-23 00:35 🔗 — In reponse to: @vegard_no

...also check out my friend's game that's coming out on steam later today: https://twitter.com/phillip_trudeau/status/1451607487531126794

2021-10-25 16:19 🔗 — In reponse to: @vegard_no

Submitted! #LudwigJam https://itch.io/jam/ludwig-2021/rate/1246410

2021-10-25 17:54 🔗 — In reponse to: @johnregehr

@johnregehr @moyix @rep_stosq_void I feel like this will just get you to the "next least interesting" file -- just an empty main() or something. Probably better to think twice about what actually makes your testcase interesting and test for it specifically.

2021-10-26 10:05 🔗 — In reponse to: @pervognsen

@pervognsen I have some hope for Really Fast git status on Linux if they start using io_uring. Think just a handful of syscalls for thousands of files instead of >=1 call per file.

2021-10-26 10:54 🔗 — In reponse to: @tom_forsyth

@tom_forsyth I bought a laminator machine on Amazon a few weeks ago, guess who now thinks I'm a laminator machine collector and keeps sending me ads for more of them??

2021-10-27 10:39 🔗 — In reponse to: @kees_cook

@kees_cook @colinianking I'm wondering if it wasn't this? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=669f6f96c680a741257ada44a28b580df2e1fc25 (Documentation/features)

2021-10-27 10:40 🔗 — In reponse to: @vegard_no

@kees_cook @colinianking $ git diff 8d13be53384866cc30cb09cb32afca04f902f523^- | grep -c TODO

946

😮

2021-10-30 17:50 🔗 — In reponse to: @vegard_no

duccW AKA @Robin_Devs

https://www.twitch.tv/videos/1188406127?t=2h19m40s

#LudwigJam

2021-10-30 17:50 🔗

Some very cool people played my #LudwigJam game, Able, on stream. In chronological order:

2021-10-30 17:50 🔗 — In reponse to: @vegard_no

snen AKA @snenmin

https://www.twitch.tv/videos/1190230774?t=5h1m39s

#LudwigJam

2021-10-30 17:50 🔗 — In reponse to: @vegard_no

Dan Corona AKA @coronadaniel004

https://www.twitch.tv/videos/1189784398?t=6h38m48s

#LudwigJam

2021-10-30 17:50 🔗 — In reponse to: @vegard_no

Thanks a bunch, it was really fun to watch!

2021-10-30 17:50 🔗 — In reponse to: @vegard_no

fatsheep AKA @KnutSteffenrem

https://www.twitch.tv/videos/1190336394?t=3h23m59s

#LudwigJam

2021-11-04 10:20 🔗 — In reponse to: @matthew_d_green

@matthew_d_green I feel like it was the same with Stack Clash (from Qualys) -- well known from 2005 and rediscovered multiple times since. Affected many different systems (and well researched by Qualys) and required compiler patches (+ kernel patches).

2021-11-07 20:03 🔗 — In reponse to: @stuntpants

@stuntpants @rksio I definitely have the same thing, when I move my eyes from an in-focus part to an out-of-focus part I feel like my brain is expecting it to get sharp and it doesn't. I don't recall seeing it with other photos before.

2021-11-09 11:03 🔗

@LudwigAhgren You and Nick at the rock climbing gym: https://www.youtube.com/watch?v=yOmf-bTbnmo #LudwigJam

2021-11-16 10:34 🔗 — In reponse to: @kernellogger

@kernellogger I think git notes is a great idea, especially for Reviewed-by: tags, as reviews can happen any time after merging a commit for a multitude of reasons and the record is simply never made. There should just be a separate git notes repo with a maintainer who can take pull requests.

2021-11-16 21:13 🔗 — In reponse to: @ciphernyx

@ciphernyx 1/2 + 2^-(i+1)

2021-11-17 08:15 🔗 — In reponse to: @ciphernyx

@ciphernyx I ran 100k trials with a Python script and fitted a curve by eye 😬🤫

2021-11-18 22:08 🔗

I want to thank the YouTube algorithm for finding me this very well-put-together video about evolution of simulated creatures (including very simple neural nets): https://www.youtube.com/watch?v=N3tRFayqVtk

2021-11-20 08:36 🔗 — In reponse to: @EricLengyel

@EricLengyel @mork9869 I raise you... the physical skybox cube!

2021-11-20 13:15 🔗

Am I the only one who finds this juxtaposition a little bit odd? @TheAtlantic

2021-11-30 10:53 🔗

Device ID 32-bit overflow? Or somebody used %d instead of %u/%lu/%llu https://twitter.com/josephfcox/status/1465391629020405765

2021-12-05 08:30 🔗 — In reponse to: @fayfiftynine

@fayfiftynine Did you try -fno-tree-tail-merge?

2021-12-05 15:51 🔗 — In reponse to: @damageboy

@damageboy Looks like it's part of the i915 driver under drivers/gpu/drm/i915? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?qt=grep&q=drm%2Fi915%2Fdg2

For yet-unmerged code their repo is at: https://cgit.freedesktop.org/drm-intel

2021-12-07 18:45 🔗 — In reponse to: @offlinemark

@offlinemark inline, but with enough context to cover the whole function (so git diff -W)!

2021-12-08 01:02 🔗

Got email from Nintendo to reset my Network ID password within 24 hours "due to security concerns with regard to your ID" 🤔

2021-12-08 11:40 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void Now do "if" and "while" 😛

2021-12-08 11:41 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void Thanks!

2021-12-09 10:23 🔗 — In reponse to: @migueldeicaza

@migueldeicaza I really recommend taking a look at Wedson's conversion of the PL061 GPIO driver from C to Rust, as it's quite easy to see how the syntax + concepts map over: https://vegard.github.io/linux-rust/2-pl061.html?v=1

2021-12-09 10:24 🔗 — In reponse to: @vegard_no

@migueldeicaza (Source: https://lore.kernel.org/ksummit/YPV7DTFBRN4UFMH1@google.com/ )

2021-12-09 22:50 🔗 — In reponse to: @vyodaiken

@vyodaiken Yes.

2021-12-09 22:51 🔗 — In reponse to: @vegard_no

@vyodaiken Still probably better than a JIT-compiled one, though.

2021-12-12 11:51 🔗

So there. I've officially used @creduce to debug an issue in the bibliography of a 250+ page LaTeX document. 10 minutes to write an interestingness test, 20 minutes to let C-Reduce do its magic, and 💥 there it was.

2021-12-12 11:51 🔗 — In reponse to: @vegard_no

The issues were: \addtext{} in a title; ~ in a journal name; and a stray # in a month. The reduced bib file had 3 entries with those 3 issues. Magic!

There's probably a better way to get LaTeX to tell you where errors ultimately come from, but I don't know it.

2021-12-12 11:51 🔗 — In reponse to: @vegard_no

Context: I was trying to switch the bibliography from bibtex to biber and the error messages were less than helpful in pointing out where the real problem was. The .bib file was 3k+ lines and biber itself was processing it just fine...

2021-12-12 11:52 🔗 — In reponse to: @vegard_no

C-Reduce actually has an option to reduce non-C/C++ files: --not-c. That's what I used, it worked.

2021-12-12 15:20 🔗

What has happened to gmail in Firefox in the last month or two? It used to be fine, chat is now completely unusable. It takes multiple seconds for keystrokes to show up, everything is incredibly laggy. Other sites are fine/as usual.

2021-12-12 19:41 🔗 — In reponse to: @wilbowma

@wilbowma @eeide @creduce Yup, apparently!

2021-12-12 20:13 🔗 — In reponse to: @penberg

@penberg Rust??

2021-12-12 23:11 🔗 — In reponse to: @sibinmohan

@sibinmohan @joepolitz @ShriramKMurthi @creduce I guess there will be a blog post, then!

2021-12-13 00:06 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @sibinmohan @joepolitz @creduce It's honestly pretty straightforward -- copy in other files that are needed to build (but which are not getting reduced), run pdflatex/biber/etc., then grep the log for the error messages you don't understand/can't find the source of. It's 8 lines of bash without blank lines 😀

2021-12-13 10:35 🔗 — In reponse to: @0xGlider

@0xGlider I have no idea, to be honest. I haven't used multidelta myself. C-reduce says "use this mode for reducing other languages", so I assume it maybe still includes potentially useful heuristics like balancing parens/brackets or splitting at word boundaries?

2021-12-13 13:21 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @sibinmohan @joepolitz @creduce Blog post: https://www.vegardno.net/2021/12/using-c-reduce-to-debug-latex-errors.html

This was put together a bit hastily, but I think you'll get the idea!

2021-12-14 09:36 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @sibinmohan @joepolitz @creduce Yup, looks like pretty much exactly the problem I was having! The fundamental issue is that errors can appear when the .bib entries are actually printed in the bibliography, so you can have latent issues that only show up much later (as you add new cites or change the ref style)

2021-12-14 09:55 🔗 — In reponse to: @lucadealfaro

@lucadealfaro @ShriramKMurthi @sibinmohan @joepolitz @creduce There wasn't really a missing brace -- the first error was "Extra }, or forgotten \endgroup", for some reason I don't understand. But in general, you are right -- depending on exactly how you write the interestingness test, C-reduce can shift certain things you're looking for

2021-12-14 09:58 🔗 — In reponse to: @vegard_no

@lucadealfaro @ShriramKMurthi @sibinmohan @joepolitz @creduce ...over into different parts of the file (or different functions, if you're reducing C/C++ code) -- or remove them entirely. That's part of the "literal genie" thing where you need to be very precise in what you ask for :-) https://twitter.com/moyix/status/1450620597315280896

2021-12-15 09:15 🔗

Pretty cool C++ compiler bug affecting GCC, MSVC, _and_ ICC: https://www.reddit.com/r/cpp/comments/rg882y/gcc_msvc_and_icc_bug_virtual_base_destroyed_twice/

2021-12-19 08:44 🔗

I have so many questions...

2021-12-23 17:07 🔗 — In reponse to: @rep_stosq_void

@rep_stosq_void @nokusu It's not always obvious, but a good rule of thumb if you're using a distro is to report it to the distro. They will usually take care of figuring out if it's their bug or an upstream bug and either fix it or take it upstream.

2021-12-24 00:02 🔗 — In reponse to: @hillelogram

@hillelogram Also related: familiarity. You might prefer one way to write a piece of code over another just because it's familiar to you in some way. This is not "just" about aesthetics, though, because having a bit of code written in a familiar way makes it easier to understand.

2021-12-26 10:44 🔗 — In reponse to: @meithecatte

@NieDzejkob + you'd be prepared in case you were to ever lose your eyesight in the future

2021-12-26 20:44 🔗

@JoeyDeVriez Hey Joey, I love Learn OpenGL. But what is going on with ads on the site? My browser is seeing 3 requests per second going out to 34 different ad serving hosts for as long as I'm on any http://learnopengl.com page. Is that really right?

2021-12-29 12:35 🔗

What is this ungodly journal volume that has 186,682 pages? https://dblp.org/db/journals/access/access7.html

2022-01-02 22:10 🔗 — In reponse to: @actualGraphite

@actualGraphite Personally I like what "unsigned" communicates to the reader of the code: this value cannot be negative!

2022-01-06 07:59 🔗

Third day of school after the break and they have already closed two classes 🙄 Happy new year...

2022-01-06 21:56 🔗 — In reponse to: @seanbax

@seanbax It's only about a third of that here:

$ echo '#include <string>' | gcc -xc++ -E - | wc --lines

19386

🤔

2022-01-06 22:11 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe @steubens7 @seanbax <memory> and <iostream> seem to be big ones for me at ~28k each

2022-01-06 23:17 🔗

#JustCPlusPlusThings https://twitter.com/steubens7/status/1479201056060059669

2022-01-07 22:36 🔗

My skybox generator is coming along and finally got some semblance of clouds to work. I think this is not terrible

#opengl #glsl #cpp #shader #creativecoding #procedural #screenshotsaturday

2022-01-10 14:10 🔗 — In reponse to: @trav_downs

@trav_downs @marc_b_reynolds How about something like this? https://godbolt.org/z/vYEWjajn1

2022-01-12 10:51 🔗 — In reponse to: @ciphernyx

@ciphernyx @johnregehr @is_eqv @jvanegue One thing I always wanted to do but haven't gotten around to was to attach a "high-level variable name" to each SAT variable and then when you do the conflict analysis you can try to generalize the inference based on those high-level names

2022-01-12 10:53 🔗 — In reponse to: @vegard_no

@ciphernyx @johnregehr @is_eqv @jvanegue For example if you're encoding a large circuit having multiple instances of the same sub-circuit (e.g. an adder circuit), then an inference on one such sub-circuit could apply to other instances in the same design as well.

2022-01-12 10:55 🔗 — In reponse to: @vegard_no

@ciphernyx @johnregehr @is_eqv @jvanegue One gotcha being the obvious one that learnt clauses in SAT solvers often slow you down, so you'd have to apply it carefully -- but if there is an inference that you can use to simplify the original problem (even adding it directly in the encoder) then you can never lose

2022-01-12 15:22 🔗

Tired: NULL-terminated C arrays

Wired: null-terminated JSON arrays

...so that git blame points to the correct commit for the last element when you append more 🤔

2022-01-13 09:56 🔗 — In reponse to: @bgolus

@bgolus @Shadertoy You can '#define iTime 123.f' at the top of the program (or at the top of the "Common" tab if more than one buffer is being used)

2022-01-13 10:20 🔗 — In reponse to: @vegard_no

(this bug got fixed in GCC 12 last week btw: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103711 )

2022-01-16 09:55 🔗

Out of curiosity... if you're a developer, which activity do you prefer the most?

2022-01-16 21:57 🔗 — In reponse to: @vegard_no

I guess somebody in government just said "fuck it" and tossed all the countermeasures out the window.

It's hard to believe we had police patrolling the streets two years ago to make sure people didn't go outside... when the numbers were just a tiny fraction of what they are now.

2022-01-16 21:57 🔗

This last week has been wild. 7% of the French population is infected RIGHT NOW, and those are just the cases that the government knows about. Been hearing a lot about acquaintances testing positive + obviously all the cases at my kid's school (which is somehow still open).

2022-01-16 21:57 🔗 — In reponse to: @vegard_no

Most of us are obviously better prepared because of the vaccine, but still. Right now it feels inevitable that we'll all catch it...

2022-01-18 11:01 🔗

Linux kernel development tip: For any source file kernel/foo.c you can run "make kernel/foo.i" to get the preprocessed source or "make kernel/foo.s" to get the compiler's assembly output. Very useful if you for example want to know what a complicated macro really expands to.

2022-01-18 11:22 🔗 — In reponse to: @dtometzki

@dtometzki @dvyukov The file needs to be compiled as part of your current .config, are you sure you have CONFIG_SLAB=y?

2022-01-19 12:50 🔗

Hi new followers :-) I thought I should mention that we have a discord for Linux kernel debugging over here: https://discord.com/invite/wwGPaAUtkm

It's not super active, but there is a somewhat steady trickle of questions and answers.

2022-01-19 13:47 🔗 — In reponse to: @ajdlinux

@ajdlinux As much as I also hate the vendor lock-in and centralization, I think it's important that we also try to meet younger developers where they are. I've had a couple of people message me privately saying they were looking for something like this as they were shy about mailing lists.

2022-01-19 13:51 🔗 — In reponse to: @vegard_no

@ajdlinux In any case I don't think it hurts to have another place that's less formal and with a lower barrier to asking quick questions about specific problems. There are some IRC channels around, but few people use it (and as I said, especially younger people don't at all)

2022-01-20 08:26 🔗 — In reponse to: @johnregehr

@johnregehr I kinda like this one (pick your own variable name):

int broke;

for (int i = 0; broke = i < n; ++i) {

if (...)

break;

}

if (!broke)

...;

https://gcc.godbolt.org/z/Gzrzz1ETx

2022-01-20 13:19 🔗 — In reponse to: @GavinHigham

@GavinHigham Just tested GNU make, it knows "make foo.o" out of the box but none of the others. So definitely a kernel thing.

2022-01-20 15:58 🔗 — In reponse to: @colinianking

@colinianking We once had a patch that applied successfully on top of itself as many times as you wanted, adding more and more code... That was fun to debug! Cc @jamiediles

2022-01-21 00:23 🔗 — In reponse to: @larkmjc

@mork9869 If you're talking about the lea/mov combinations, those are multiplications (the constant index, 10 or 11) split up into smaller operations. For example, when it does lea rax, [rdi+rdi*4] this is really just doing rax = 5 * rdi

2022-01-21 15:51 🔗

Git tip: You can use rev^- as a shorthand for rev^..rev to git diff/log. This is incredibly useful for merge commits in particular as 'git log rev^-' will give you all the commits that got merged in by rev and 'git diff rev^-' will show you the combined diff of all those patches.

2022-01-21 15:51 🔗 — In reponse to: @vegard_no

"rev" here can be anything that specifies a revision, it can be a sha1, it can be a branch name or a tag name, etc. The point is to avoid typing it twice.

It also works for non-merge commits. In that case it just shows you the log/diff of that one commit.

2022-01-23 22:53 🔗 — In reponse to: @moyix

@moyix It's up to you to keep the signing key secret.

2022-01-23 22:53 🔗 — In reponse to: @vegard_no

@moyix Seems like a good resource/explanation: https://wiki.gentoo.org/wiki/Signed_kernel_module_support#Protecting_the_private_key

2022-01-23 23:17 🔗 — In reponse to: @moyix

@moyix For distro kernels I think you would build out-of-tree modules with your own key and then add that key as a trusted source to the running kernel. This seems relevant: https://superuser.com/a/1467460

2022-01-24 07:42 🔗 — In reponse to: @iximeow

@iximeow @moyix @ladyaeva That's terrifying.

2022-01-26 10:19 🔗 — In reponse to: @kernellogger

@kernellogger Clicked on random subsystem... Wow...

2022-01-26 13:19 🔗 — In reponse to: @kernellogger

@kernellogger @kieranbingham @brau_ner To be fair, http://bugzilla.kernel.org has a warning saying "consult this document first", and that page also tells you not to use bugzilla: "most of the time this won’t be [bugzilla], as issues typically need to be sent by mail to a maintainer and a public mailing list".

2022-01-26 13:24 🔗 — In reponse to: @vegard_no

@kernellogger @kieranbingham @brau_ner I was looking at some syzkaller bugs earlier this week, around ~900 bugs in the "open" category, many with reproducers that worked out of the box for me, some of which are 2+ years old. And those reports are all sent to devs + lists by syzbot.

2022-01-26 22:41 🔗 — In reponse to: @ariadneconill

@ariadneconill If there are concerns about valid uses, why not just add a sysctl to control the behaviour, just like we have sysctls for ptrace, bpf, namespaces? (And hopefully have it default to the sane value of *disallowing* argc=0)

2022-01-27 12:54 🔗 — In reponse to: @moyix

@moyix @bencpye Tried journalctl --list-boots + journalctl --boot=-1 ?

2022-01-27 12:59 🔗

Guys, I found the problem. https://twitter.com/vegard_no/status/1482637565194813440

2022-01-29 08:47 🔗

This is the real value proposition of @Ksplice: Oracle Linux machines running with Ksplice autoinstall enabled were automatically protected against PwnKit/CVE-2021-4034. https://blogs.oracle.com/linux/post/transparently-patching-pwnkit-with-ksplice (I'm an Oracle employee; views my own.)

2022-01-30 08:33 🔗 — In reponse to: @marcsh

@marcsh @garrett_wollman @piers_hollott @heyjulesfern I don't inc/dec is what they were referring to. On z80 for example you have instructions that loads/stores an address given by a register, then increments or decrements that register. On x86 the closest thing is probably the REP instructions: https://c9x.me/x86/html/file_module_x86_id_279.html

2022-01-31 22:45 🔗 — In reponse to: @embeddedgus

@embeddedgus Doesn't quite beat yours, but I also like this one:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69349c2dc01c489eccaa4c472542c08e370c6d7e

https://lore.kernel.org/all/1334274394-13466-2-git-send-email-paul.gortmaker@windriver.com/

2022-02-03 10:52 🔗 — In reponse to: @meithecatte

@NieDzejkob Pretty sure it's both -- what stuff do you mean specifically, though? I found this to be really clear and meaningful: https://www.kernel.org/doc/Documentation/memory-barriers.txt

2022-02-05 00:18 🔗

Wow, came across my old kmemcheck presentation at DIKU in 2009: http://web.archive.org/web/20160616204253/http://www.diku.dk:80/hjemmesider/ansatte/julia/cocciwk/nossum.pdf

kmemcheck never found a lot of bugs, but it was still a fun project. The last few slides are about "changing gcc" (ie. basically ASAN). I should do a post-mortem on kmemcheck at some point...

2022-02-11 11:29 🔗 — In reponse to: @weeble

@weeble "Started a long-running process over ssh, but have to leave and don't want to interrupt it? Just start a screen, use reptyr to grab it, and then kill the ssh session and head on home."

https://github.com/nelhage/reptyr by @nelhage

2022-02-11 11:38 🔗

If you're a US college student interested in getting into Linux kernel development we have some internship openings at Oracle -- DM me and I can forward your info

2022-02-13 22:43 🔗

TIL 'make headers_install' has a dependency on rsync 🤯

2022-02-15 17:21 🔗 — In reponse to: @matthew_d_green

@matthew_d_green @KardOnIce Isn't decentralization the whole raison d'etre of cryptocurrencies? As in, if you don't have decentralization, you just have yet another centrally controlled currency? AKA decentralization = minimizing trust

2022-02-17 22:44 🔗 — In reponse to: @spendergrsec

@spendergrsec The "many eyes" theory is true, the problem is just that there are 5 times more fingers than eyes.

2022-02-20 10:08 🔗 — In reponse to: @RyanSalsamendi

@RyanSalsamendi @__phantomderp @vyodaiken @johnregehr @mcclure111 @jedisct1 Some versions of gcc pad with 0 bytes instead of NOPs.

2022-02-20 10:24 🔗 — In reponse to: @vegard_no

@RyanSalsamendi @__phantomderp @vyodaiken @johnregehr @mcclure111 @jedisct1 Oh, wait, it's not gcc but binutils/as: https://stackoverflow.com/a/4486485 + "You can omit the fill value [...]; this can be useful if you want the alignment to be filled with no-op instructions when appropriate" https://sourceware.org/binutils/docs/as/P2align.html

2022-02-23 09:13 🔗 — In reponse to: @hillelogram

@hillelogram I'd put it differently: developers and corporations choose Java and Python for the same reason, which is that these languages (for whatever reason) make it easier to read code written by others.

2022-02-27 21:27 🔗 — In reponse to: @bjorntopel

@bjorntopel Same happened to me (and a bunch of other people) on Oct 11 last year. Apparently gmail servers were (erroneously) returning "over quota" errors to vger, causing users to get auto-unsubscribed.

2022-02-27 21:29 🔗 — In reponse to: @vegard_no

@bjorntopel Also, the gmail web ui changed the default charset to UTF-8 which apparently majordomo doesn't know how to parse, so if you try to resubscribe nothing will happen.

I emailed postmaster@ and they were extremely helpful in explaining and sorting things out. 🥇🏆

2022-03-04 00:00 🔗 — In reponse to: @ChallahCam

@ChallahCam @DmitryOpines Appliances like fridges and washing machines, I'd assume.

2022-03-04 20:01 🔗 — In reponse to: @ferristweetsnow

@ferristweetsnow "there is lint in my bed!" was a fun one here...

2022-03-05 15:47 🔗

Linux kernel documentation: "The next function to implement is called, amazingly, next()" 🤪

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/filesystems/seq_file.rst#n136

2022-03-07 20:36 🔗

🤔

2022-03-09 13:14 🔗

. @Ubuntu there isn't a single sentence about how to report vulnerabilities on your security page? https://ubuntu.com/security

2022-03-09 13:15 🔗 — In reponse to: @vegard_no

Also, when I finally found it (through Google) I get this, through absolutely 100% normal browsing:

2022-03-09 14:09 🔗 — In reponse to: @Aissn

@Aissn Nope...

2022-03-11 08:07 🔗 — In reponse to: @AaronToponce

@AaronToponce @traylenator Also, GNU libc uses /dev/full as stdin for suid binaries if fd 0 isn't already open. https://sourceware.org/git/?p=glibc.git;a=blob;f=csu/check_fds.c;h=4016a4a1c3a0304845d808e166e7c674904c6d0d;hb=HEAD#l48

2022-03-12 00:07 🔗 — In reponse to: @mahdi_tcs

@mahdi_tcs @ShriramKMurthi https://en.wikipedia.org/wiki/Lists_of_unsolved_problems

2022-03-14 07:51 🔗 — In reponse to: @smattrr

@smattrr Fun fact, you can also write "man malloc.3"!

2022-03-14 16:17 🔗 — In reponse to: @johnregehr

@johnregehr Does this qualify? https://www.msoos.org/2013/04/gcc-4-5-2-at-sat-competition-201/ by @SoosMate

Basically, -ftree-pre caused a codegen bug and so -fno-tree-pre had to be passed to the compiler to work around it (it's in the blog post, check linked gcc bugzilla as well).

2022-03-16 09:17 🔗 — In reponse to: @_monoid

@_monoid @pinskia @rep_stosq_void Something something temporaries

2022-03-17 10:31 🔗

Is this UB? https://godbolt.org/z/jEKsdaEq8 Is there a compiler or option that will detect or warn about it?

2022-03-17 10:34 🔗 — In reponse to: @vegard_no

Well, I guess that's a bug: https://godbolt.org/z/9rGYqb6aa

2022-03-17 10:40 🔗

When in doubt, strace.

2022-03-17 11:00 🔗 — In reponse to: @advait_soman

@advait_soman http://port70.net/~nsz/c/c99/n1256.html#6.2.4 There is various language here that tells me it's UB, for example: "The value of a pointer becomes indeterminate when the object it points to reaches the end of its lifetime."

2022-03-17 11:14 🔗 — In reponse to: @MarcoLizza

@MarcoLizza I was under the impression that any use of a freed pointer was UB, see also this: https://twitter.com/vegard_no/status/1504397128197619719 and this: https://stackoverflow.com/questions/52628773/does-comparing-a-pointer-that-has-been-freed-invoke-ub

2022-03-17 11:17 🔗 — In reponse to: @vegard_no

@MarcoLizza I agree with you it's strange in a way for it to be UB. And if it really IS UB, it's still a weird case; the compiler doesn't flag it, and neither do ASAN and UBSAN.

But I'm not an expert, hence asking :-) I was looking for a confirmation from somebody who knows for sure.

2022-03-18 09:55 🔗 — In reponse to: @iximeow

@iximeow https://twitter.com/vegard_no/status/1504392206370623500

2022-03-21 22:13 🔗 — In reponse to: @iximeow

@iximeow @BlueSpaceCanary https://www.snellman.net/blog/archive/2014-11-11-tcp-is-harder-than-it-looks.html ?

2022-03-25 12:15 🔗 — In reponse to: @leonard_ritter

@leonard_ritter @Martoonster 5.5 giraffes is singular in Norwegian 🤪

2022-03-25 12:16 🔗 — In reponse to: @vegard_no

@leonard_ritter @Martoonster Wait, actually it depends on how you say it. If you say "point five" it's plural, but if you say "and a half" it's singular. Huh??

2022-03-28 23:47 🔗 — In reponse to: @tekknolagi

@tekknolagi http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0305r1.html from C++17: https://en.wikipedia.org/wiki/C%2B%2B17

2022-04-02 22:37 🔗 — In reponse to: @GuidoVranken

@GuidoVranken You probably know this already, but if your program is running with a limit on address space (RLIMIT_AS/ulimit -v) or data size (RLIMIT_DATA/ulimit -d) then malloc will easily return NULL.

Whether there are "production environments" using these I don't know...

2022-04-02 22:39 🔗 — In reponse to: @vegard_no

@GuidoVranken You can get some setuid binaries to crash in interesting ways by playing with limits:

$ (ulimit -v 30000; su)

su: Module is unknown

2022-04-02 22:40 🔗 — In reponse to: @vegard_no

@GuidoVranken $ (ulimit -v 35000; sudo echo hi)

sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"

sudo: unable to load /usr/lib/sudo/sudoers.so: http://libpam.so .0: failed to map segment from shared object

sudo: fatal error, unable to load plugins

2022-04-05 14:58 🔗 — In reponse to: @vegard_no

@roddux How about this? https://github.com/evdenis/cvehound by @efrmv

2022-04-06 11:44 🔗

The problem with factoring everything out into small helper functions is that you no longer have any sense of the overall flow through the code; any function could be called from anywhere. There's a much higher cognitive load for figuring out "where you are" at any specific point

2022-04-06 11:45 🔗 — In reponse to: @vegard_no

If you want to factor things out just in order to name things logically, it's probably much better to put a one-line comment above that chunk of code and keep it inside your bigger function.

2022-04-06 15:06 🔗 — In reponse to: @RVBaish

@RVBaish Scoping functions works to some degree, depending on the language.

It does depend a bit on what you are doing; in my case, there are a lot of filesystem operations which need to be carefully ordered and all the small functions are completely eradicating my sense of that order.

2022-04-06 15:16 🔗 — In reponse to: @vegard_no

@RVBaish I guess if all the small functions were pure functions or had effects encoded in the type system then it might be easy enough to understand where in the overall process you are.

2022-04-06 16:07 🔗 — In reponse to: @kernellogger

@kernellogger Would it be totally crazy to suggest @linuxfoundation hire somebody to manage/triage these reports and ensure they reached the right developers? Seems like the upside would be fairly big...

2022-04-07 09:27 🔗 — In reponse to: @bristot

@bristot @kernellogger @linuxfoundation Well, Thorsten did a great job this time, but he's not paid for it and doesn't have the bandwidth to take this much care all the time. So basically paying somebody to do what he's doing. Is that so laughable?

2022-04-07 20:41 🔗 — In reponse to: @brau_ner

@brau_ner @tehcaster @bristot @kernellogger @linuxfoundation True. I guess I was also responding to the larger problem of "bugzilla as a black hole" that Thorsten has reported on before, e.g. https://twitter.com/kernellogger/status/1486292040568786948 ... ah, you know about that 😅

2022-04-08 14:35 🔗 — In reponse to: @meithecatte

@NieDzejkob AFAICT, C99 says that _Bool is either 0 or 1 and it's a "standard integer type", so conversion to int has to preserve the value like other conversions that fit in the target type.

2022-04-09 08:39 🔗 — In reponse to: @AnubisOnSec

@AnubisOnSec @wdormann It might be reachable on a web server on uploaded files or something. GitHub code search is probably a good start for attackers who want to find something, so until somebody has done that job I wouldn't dismiss it so quickly https://github.com/search?q=subprocess+zgrep+language%3APython&type=Code

2022-04-12 23:50 🔗 — In reponse to: @SoosMate

@SoosMate @johnregehr @pinskia Looks like the mailing list thread itself disappeared off the net, but I found it in my mailbox. This bit is also relevant:

2022-04-13 08:05 🔗

TIL critical Linux security response is hosted and operated in Russia https://twitter.com/kurtseifried/status/1514091737743908867

2022-04-13 11:19 🔗 — In reponse to: @vegard_no

I'd missed this: https://twitter.com/solardiz/status/1500105331376107520

2022-04-14 15:05 🔗

🙉🙈🙊

2022-04-15 13:22 🔗

Carefully running "git add -i" to cleanly separate all my changes into multiple commits, then immediately running "git add -u" anyway out of habit... 🤦

2022-04-15 22:57 🔗 — In reponse to: @SoosMate

@SoosMate You ask a bunch of interesting questions towards the end. One that I would be very interested in would be: How do two proof traces from different runs (or even different solvers!) compare? How similar are they? Are there lemmas that appear in ALL proof traces of a given instance?

2022-04-16 20:02 🔗 — In reponse to: @drinkderiver

@drinkderiver Braid and knot theory. First time I heard about it I didn't believe it

2022-04-16 20:03 🔗 — In reponse to: @vegard_no

@drinkderiver The "unknot"! Who comes up with this stuff??

2022-04-16 21:06 🔗 — In reponse to: @RanjitJhala

@RanjitJhala @creduce Got you covered: http://www.vegardno.net/2021/12/using-c-reduce-to-debug-latex-errors.html

2022-04-16 21:43 🔗 — In reponse to: @moyix

@moyix Just wait for sites to cryptographically sign their URLs. Oh, wait, that exists already: https://jonlabelle.com/snippets/view/csharp/tamper-proof-query-strings ("Tamper-proof query strings")

2022-04-17 13:43 🔗 — In reponse to: @halvarflake

@halvarflake @geofflangdale @iximeow There's also the @tom7 classic paper https://www.cs.cmu.edu/~tom7/abc/paper.pdf which is actually an executable program.

2022-04-20 10:50 🔗

If you ever need to trace/instrument return statements in C... this should work everywhere:

#define return while(f(), 1) return

Bigger example: https://godbolt.org/z/cq3Y5jsbM

2022-04-20 10:56 🔗 — In reponse to: @vegard_no

The two main challenges are:

1) handling unbraced blocks (if (...) return;)

2) handling the presence/non-presence of the return value argument (the macro can't take arguments, the return argument may not even be parenthesized)

2022-04-21 10:47 🔗 — In reponse to: @haerwu

@haerwu @Aissn I feel like "hey" was a pretty good summary.

2022-04-22 08:30 🔗

Happy birthday, Game Boy!

https://www.shadertoy.com/view/3d3yDS

#GameBoy #shadertoy #glsl #shader #creative #coding #procedural

2022-04-23 17:59 🔗

Shoutouts to: Kewbie, LM, JP_Doom, Leej, doskey, Badjas, Laffin, jargon, JS, zer0python, Zip, ReMiX, ComputerGhost, A5c11Char5et, Kewbie, TJ, tman, Mephisto, Mac, Solitaire, skurk, SimpleFlips, impulse, Alipha, Leahcim, tuX, Mauro, Duo, Sp|rE, and JdR

2022-05-01 18:50 🔗

Not really using Mastodon actively (yet?), but will follow back whoever follows me there:

https://mastodon.social/@vegard

2022-05-03 14:10 🔗 — In reponse to: @kernellogger

@kernellogger These are the contribution guidelines in question, right? https://www.kernel.org/doc/html/latest/process/submitting-patches.html

What needs to be changed/implemented?

2022-05-03 14:19 🔗 — In reponse to: @vegard_no

@kernellogger I mean, I agree that's a long doc, but is that the issue you are talking about? The doc itself is easy to find (first hit on Google for "linux kernel submit patch" for me).

2022-05-08 10:08 🔗 — In reponse to: @PauloMigAlmeida

@PauloMigAlmeida It can optimize a bunch of other modulo operations too, here's % 3: https://godbolt.org/z/cxh5zYrE3

2022-05-08 11:57 🔗

This is sadly the only cogent explanation of the US women's rights scandal I've heard so far. https://twitter.com/ALT_uscis/status/1522657929991700480

2022-05-08 20:25 🔗 — In reponse to: @dotstdy

@dotstdy @pervognsen Is this adjusted for inflation?

2022-05-10 05:12 🔗 — In reponse to: @hillelogram

@hillelogram To me, this story just confirms that we need teachers and people to learn with/from. Why would you assume that something complicated is easy? It's not easy. We learn mostly by observing and copying what others do. This is what schools are for...

2022-05-10 11:34 🔗 — In reponse to: @SheriefFYI

@SheriefFYI @FlohOfWoe I believe handhold consoles like GameBoys had this because of saving to SRAM (on a single slot, like somebody mentioned) and turning off power while saving would corrupt it (as opposed to just giving you the previous save).

2022-05-10 11:35 🔗 — In reponse to: @vegard_no

@SheriefFYI @FlohOfWoe Also, before Windows 95 people were used to just turning off their computer with a physical power switch whenever and everything would keep working. But Windows 95 would complain on the next boot if you did that and had this screen when it was safe to flip the switch:

2022-05-11 08:52 🔗 — In reponse to: @matthew_d_green

@matthew_d_green This reminds me of an example my wife uses for why telecommunications should be end-to-end encrypted: Would you be fine if envelopes were banned and all your important (and unimportant) letters could be read by the postal workers and anybody who happens to come across them?

2022-05-11 08:54 🔗 — In reponse to: @vegard_no

@matthew_d_green A lot of people are (a priori) somehow fine with one but not the other and these questions are important as they erase that line and show people what the true implications of a decision are.

2022-05-11 23:45 🔗 — In reponse to: @slembcke

@slembcke Nice, got 259 here: https://godbolt.org/z/8EofhvqrY

2022-05-12 10:49 🔗 — In reponse to: @eigenbom

@eigenbom Just a very simple jam game, SDL + Chipmunk2D: https://vegard.itch.io/able

Runs on Windows, Linux (if you compile it yourself), browser. Cc @bfod

2022-05-12 11:16 🔗 — In reponse to: @slembcke

@slembcke https://godbolt.org/z/PYfzE9s6W

🤔

2022-05-12 12:22 🔗 — In reponse to: @pervognsen

@pervognsen Game of Life-style double buffering where "next frame" state is only calculated using "previous frame" state. Don't physics engines mostly do this too? (First calculate forces, then update all objects independently)

2022-05-12 21:54 🔗 — In reponse to: @laurencetratt

@laurencetratt @ShriramKMurthi @samth @AndrewCMyers @lindsey That's an emulator, right? I would have LOVED to build a NES "interpreter" in university...

2022-05-14 14:07 🔗

I'm having endless arguments with my almost-4-year-old about whether vans are cars, whether caps are hats, etc. Usually goes something like this:

Me: Can you please put on your pants?

Him: Not my pants, my jeans!

Me: Pants are a superclass of jeans

2022-05-15 23:30 🔗

https://seclists.org/oss-sec/2022/q2/99

2022-05-16 00:35 🔗

Fun fact: The Romanian word for child is "copi". Literally a reproduction, a copy.

2022-05-16 11:00 🔗 — In reponse to: @Adrian__T

@Adrian__T Oops, you're right. But children is "copii"

2022-05-16 15:43 🔗 — In reponse to: @pervognsen

@pervognsen @Donzanoid There was at some point a bug in a gcc beta release that assumed these section start/end symbols could not be part of the same array and therefore optimized out any pointer comparisons between them (because that's UB). So the for(x = start; x != end; ++x) idiom went out of bounds

2022-05-20 15:11 🔗 — In reponse to: @ShriramKMurthi

@ShriramKMurthi @pcwalton Syntax is the user interface of programming languages

2022-05-22 18:19 🔗 — In reponse to: @CompileExplore

@CompileExplore Happy birthday! https://www.shadertoy.com/view/stsXWj

2022-05-23 09:13 🔗 — In reponse to: @pickover

@pickover On hex grid https://www.shadertoy.com/view/wtXyDf

2022-05-23 11:57 🔗 — In reponse to: @halvarflake

@halvarflake @tgraf__ @paxteam @_minipli @yuvalavra @_fel1x @spendergrsec I don't agree with a broad dismissal just because something doesn't work in _every_ possible circumstance. Sure attackers can work around it, but will they? Does it slow attackers down? Is it really a binary outcome, or will it help against some percentage of attacks?

2022-05-23 13:02 🔗

Anybody else notice twitter eating the notifications for replies to your tweets recently? Everything else shows up, likes, retweets, just not replies.

2022-05-24 20:26 🔗 — In reponse to: @spendergrsec

@spendergrsec AFAICT no distro thinks this is good, but are complying with upstream demands because the alternative is shutting down the linux-distros list altogether, which is arguably even worse for users.

Researchers still get credited and can still disclose whatever they want elsewhere.

2022-05-24 21:06 🔗 — In reponse to: @spendergrsec

@spendergrsec This is simply not something that distros can decide or influence. s @k.o and linux-distros are two completely separate entities and individual distros (i.e. linux-distros members) can generally only influence linux-distros rules, not upstream/s @k.o rules.

2022-05-24 21:11 🔗 — In reponse to: @spendergrsec

@spendergrsec If you (as a researcher) are prepared to disclose 7 days after reporting the issue to linux-distros, potentially before a fix/patch is available, then reporting to linux-distros might be better for end users. And you are free to do this; nothing forces you to report to s @k first.

2022-05-28 21:07 🔗

Achievement unlocked!

https://www.youtube.com/watch?v=e3jGWXeBtPo

2022-05-30 21:59 🔗

Not sure if this is widely known, but you can go to https://storage.googleapis.com/syzkaller/cover/ci-qemu-upstream.html and click on any file and line in the kernel that syzkaller/syzbot knows how to reach and it will give you the smallest testcase that reaches it.

2022-05-30 21:59 🔗 — In reponse to: @vegard_no

The result is a "syz prog" that you can convert into a C program using syz-prog2c, described here: https://github.com/google/syzkaller/blob/master/docs/reproducing_crashes.md

2022-05-30 21:59 🔗 — In reponse to: @vegard_no

Pretty handy if you need to write a testcase for a patch in a random subsystem and there's a complicated setup that you don't necessarily want to spend hours puzzling out by hand.

2022-05-31 09:28 🔗 — In reponse to: @vegard_no

I should add that the first link with the coverage is reachable from the main syzbot page https://syzkaller.appspot.com here:

2022-06-02 14:21 🔗 — In reponse to: @matthen2

@matthen2 Was curious to see what would happen if you used spirals, you seem to get an elliptical spiral back..?

2022-06-03 10:45 🔗

How many times can a patch be reverted and re-reverted? 😂 https://lore.kernel.org/all/alpine.DEB.2.21.1909041253180.94813@chino.kir.corp.google.com/

2022-06-03 10:51 🔗

Awesome talk (as usual) about the security implications of missing the big picture when kernel APIs get designed. I think you can rewind this video to rewatch: https://www.youtube.com/watch?v=ELPENQrtUas https://twitter.com/KernelRecipes/status/1532639166957330432

2022-06-04 08:12 🔗

Transitioning to writing shell-script type batch processing code for 128 cores has been an interesting experience. Spending that 20 or 30 minutes extra to get it just right is so worth it, though. If my script takes 5 hours afterwards, that would have been 20+ _days_ otherwise!

2022-06-04 10:35 🔗 — In reponse to: @TychoTithonus

@TychoTithonus Maybe later :-P But pretty standard, I think -- running some programs, shuffling data between them, doing final analysis and collecting the results.

2022-06-04 21:46 🔗 — In reponse to: @lozyhacker

@lozyhacker Python3 + multiprocessing.Pool.imap_unordered + psutil.Process.cpu_affinity + subprocess, pretty much. Make sure you have options for testing small numbers before launching the big job + logging/handling errors and ensuring you can reprocess only the items that failed.

2022-06-04 21:48 🔗 — In reponse to: @vegard_no

@lozyhacker I'm sure this is all stuff that big data people have solved and deal with all the time, but it's new to me!

2022-06-04 21:50 🔗 — In reponse to: @unixbhaskar

@unixbhaskar Thanks! :-) Unfortunately I'm a bit of a chronic axe-sharpener myself and the real trick is recognizing when to stop sharpening and start chopping! 😛

2022-06-11 09:43 🔗 — In reponse to: @SebAaltonen

@SebAaltonen Don't you need to implement BindGroupDesc::Builder::texture() and ::buffer() so that the compiler can inline and optimize them?

2022-06-11 16:18 🔗

Given an ELF file with DWARF info in it, what's the easiest way to enumerate all the source files that went into it? readelf --debug-dump=decodedline (or rawline) kinda works, but still needs extra parsing to extract just the filenames...

2022-06-11 16:36 🔗 — In reponse to: @vegard_no

...best hit so far is using pyelftools and adapting this example they have: https://github.com/eliben/pyelftools/blob/master/examples/dwarf_lineprogram_filenames.py

2022-06-11 17:14 🔗 — In reponse to: @MortenLinderud

@MortenLinderud Yessss, that's awesome! And it works :-) Thanks!

2022-06-12 11:26 🔗

Whew, I managed to replace the battery and keyboard of my wife's Asus Zenbook. 3+ hours, 30+ screws, and 10+ cables/connectors later, that was significantly more difficult than the same replacements on my ThinkPad. Really makes me appreciate their serviceability considerations

2022-06-13 10:25 🔗 — In reponse to: @orionwl

@orionwl https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/powerpc/include/asm/page_64.h#n92

2022-06-14 07:50 🔗 — In reponse to: @andy_kelley

@andy_kelley Didn't read the whole issue (yet), but what about having the thread fork before opening/writing the file, that way the fd can't leak into any other threads?

2022-06-14 08:05 🔗 — In reponse to: @vegard_no

@andy_kelley Also, long thread here where somebody submitted the patches: https://lore.kernel.org/all/20200420071548.62112-1-nate.karstens@garmin.com/

2022-06-15 17:24 🔗 — In reponse to: @BartWronsk

@BartWronsk I know somebody who used gpt3 for an NPC in a mud, and it was preloaded with data about the fantasy world. The problem was that it also knew about the real world and would happily talk about London or Obama despite them not being in the game at all.

2022-06-16 10:37 🔗

It's pretty wild that pressing the Fn key to change LCD brightness on a Linux laptop invokes a shell script that itself spawns another 3-4 processes.

2022-06-16 15:11 🔗 — In reponse to: @spendergrsec

@spendergrsec Weird that there's no "failed to apply" email?

https://lore.kernel.org/stable/?q=s%3A%22Disable+TSX+development+mode+at+boot%22

2022-06-19 15:42 🔗

If you merge branches or backport patches, how do you usually prefer to resolve merge conflicts?

2022-06-19 15:42 🔗 — In reponse to: @vegard_no

If you use a visual merge tool, which tool do you prefer?

2022-06-19 15:42 🔗 — In reponse to: @vegard_no

I'm working on a blog post and answering the polls will really help me out 🙏

2022-06-20 11:20 🔗

So... it hailed last night here in France. These were by far the biggest pieces of hail I've seen in my life. It smashed one of the front lights of our car and made several dents in the roof, but we were lucky; many cars had smashed windshields.

2022-06-21 17:47 🔗 — In reponse to: @danvet

@danvet I assume you're talking about fbcon issues specifically and not embargoes in general? Because otherwise you're kinda saying "the kernel is insecure anyway so we might as well not make the effort".

2022-06-22 11:19 🔗 — In reponse to: @fulmicoton

@fulmicoton @pervognsen @zwegner @geofflangdale figured you might be interested ^

2022-06-23 12:52 🔗

Would be interesting to have a syzkaller delta-debugging mode where it would run the same test programs on two kernels in parallel; one compiled with -O2 and one with -O3. https://twitter.com/phoronix/status/1539916519370620929

2022-06-24 07:40 🔗 — In reponse to: @pdp7

@pdp7 How about this?

$ git name-rev bceaae3bac0ce27c549bb050336d8d08abc2ee54

bceaae3bac0ce27c549bb050336d8d08abc2ee54 tags/v5.18-rc1~210^2^2~11

2022-06-29 12:52 🔗 — In reponse to: @dotstdy

@dotstdy Just looking at http://ld.so (8)... Is this not the default unless you set LD_BIND_NOW? If I launch something like "eog" with LD_DEBUG=bindings then it seems clear that http://ld.so is working behind the scenes as new functions are getting called

2022-07-01 18:08 🔗 — In reponse to: @stuntpants

@stuntpants @olafurw Can confirm, we hit this with strcmp() in the Linux kernel.

2022-07-02 13:44 🔗 — In reponse to: @josh_triplett

@josh_triplett recv() and friends have MSG_DONTWAIT which "provides similar behaviour to setting the O_NONBLOCK flag"

2022-07-02 13:46 🔗 — In reponse to: @vegard_no

@josh_triplett And preadv2() has the RWF_NOWAIT flag which looks similar.

2022-07-03 14:14 🔗

What is an actually good API for dynamically growing _generic_ arrays/vectors in C?

2022-07-03 17:35 🔗 — In reponse to: @Simon_Fe1

@Simon_Fe1 Just plain old resizable std::vector-type vector. So fixed-size elements, no optimization for gaps. Efficient push/pop at the end, set size/capacity helpers, etc.

2022-07-03 17:39 🔗 — In reponse to: @vegard_no

@Simon_Fe1 There are different ways to do it, static inline functions taking void *, macros defining static inline functions, macros as the API, etc. Then how do you declare/pass one of these arrays? T *? Some struct? Etc.

2022-07-03 17:41 🔗 — In reponse to: @FlohOfWoe

@FlohOfWoe Yes, very nice trick with the base pointer, although it bypasses type-checking of plain C arrays vs. arrays of this type... Not sure if it's a problem in practice, but type safety would be nice.

2022-07-04 08:01 🔗 — In reponse to: @stephc_int13

@stephc_int13 You'll still need some sort of API to keep track of the size (not capacity), right? Or maybe you can just open-code everything if you assume the underlying storage is just there. I'm more interested in the interface than the implementation details.

2022-07-04 14:47 🔗

Fun times... https://seclists.org/oss-sec/2022/q3/11

2022-07-05 09:22 🔗

Some interesting thoughts here on the value of reinventing the wheel. "Don't leave it to the experts, become the expert" https://twitter.com/AllenWebster4th/status/1544155081255243776

2022-07-07 12:38 🔗

I recently read Linus's autobiography, Just for Fun (2001), and it's interesting to read this paragraph about how it was the simplicity of the Unix design that intrigued him -- seems like a stark contrast with today's namespaces, BPF, security modules, etc. (basically everything)

2022-07-07 14:18 🔗 — In reponse to: @azz_maher

@azz_maher It's called "Just for Fun", it seems you can buy/borrow it here: https://archive.org/details/justforfun00linu

2022-07-07 15:49 🔗

New blog post: Stigmergy in programming

https://www.vegardno.net/2022/07/stigmergy.html

2022-07-07 22:57 🔗 — In reponse to: @ljskernel

@ljskernel It's definitely somewhat out of the ordinary, but I found at least some parts of it very interesting and some parts very inspirational.

2022-07-08 13:49 🔗 — In reponse to: @vegard_no

In related news, there's a fantastic new LWN article (and comment thread) about the complexities of symlinks: https://lwn.net/Articles/899543/

2022-07-08 16:42 🔗

Is it possible to get gcc to emit line number information for macros in the same way that it does for inline functions/calls? Seems like it shouldn't be too hard but I haven't found anything about it...

2022-07-08 16:43 🔗 — In reponse to: @vegard_no

In debug info, I mean, so you get macro locations listed in stack traces and addr2line -i.

2022-07-10 12:27 🔗 — In reponse to: @iquilezles

@iquilezles Reminds me of this, "The more general uncertainty principle, regarding Fourier transforms" by @3blue1brown: https://www.youtube.com/watch?v=MBnnXbOM5S4

2022-07-10 12:33 🔗 — In reponse to: @vegard_no

I have now spent some 8 hours trying out variants of a patch for gcc and can't get it to work 😔 Will clear my head and maybe ask somewhere next week.

2022-07-12 10:35 🔗

Gravitational lensing??

2022-07-13 10:11 🔗

People have done this already, right? #dalleMini

Funny thing is, these pictures invariably have something underneath, usually a pen (of all things), but not writing, as well as that pale yellow background.

I'd be interested in seeing what full Dall-E 2 can do with this...

2022-07-15 13:42 🔗

Nice, Synaptics just started sending out CI emails about build failures to (AFAICT) everybody who has ever contributed to the Linux kernel in the To: field.

2022-07-18 13:10 🔗 — In reponse to: @ljskernel

@ljskernel There is also this cool tool by @colinianking:

https://github.com/ColinIanKing/pagemon

2022-07-19 11:07 🔗 — In reponse to: @RoninDey

@RoninDey If the temperatures continue to rise like this it's not going to last long though. We're already having droughts here every summer and plants and crops are not going to survive. Older neighbours said they had never experienced hail like this: https://twitter.com/vegard_no/status/1538813962065694720

2022-07-21 07:39 🔗 — In reponse to: @netspooky

@netspooky It's in a freakin' book??

2022-07-22 08:47 🔗 — In reponse to: @phillip_trudeau

@phillip_trudeau Eh, we use package managers. We're not savages

2022-07-22 10:25 🔗 — In reponse to: @cHHillee

@cHHillee @moyix I like bit strings as a stepping stone to getting a feel for higher dimensions. Each bit string of length N is a coordinate at the corner of a hypercube and is connected to N other coordinates (corners) by flipping a single bit. Flipping all bits gives you the "opposite" corner.

2022-07-26 22:19 🔗

Is this a legitimate technique in statistics? Removing data points until you cross the significance threshold? This smells like p-hacking. But I'm not making a point, legitimately interested if anybody can answer this or point to an authoritative description/discussion of this. https://twitter.com/angie_rasmussen/status/1551937826580824070

2022-07-27 08:42 🔗 — In reponse to: @geofflangdale

@geofflangdale @Enichan See this one yet? https://dion.systems/blog_0001_hms2020.html

2022-07-27 21:40 🔗 — In reponse to: @thingskatedid

@thingskatedid Use milk

2022-07-31 10:33 🔗 — In reponse to: @aras_p

@aras_p @rygorous @kenpex Not JIT, but I remember looking up the "tracing GC is faster than reference counting" claim and Wikipedia cites a paper from 1987 (with 112 citations!) that extrapolates its conclusion from these 3 data points on machines with 64 MiB RAM:

2022-08-02 22:43 🔗

Anybody want to jam some AI image generation? I got midjourney in a private discord: https://discord.gg/StVvV9kU

2022-08-03 17:25 🔗 — In reponse to: @YoSignals

@YoSignals @caseyjohnellis In all seriousness, though, I can't count how many times I've had to reinstall the audio drivers for my USB sound card on Windows. It seems to break just about every time there's a new Windows update... I have a shortcut to the driver installer on the desktop

2022-08-04 23:17 🔗 — In reponse to: @phillip_trudeau

@phillip_trudeau VirtualBox + Ubuntu Desktop image should be a completely straightforward setup https://ubuntu.com/tutorials/how-to-run-ubuntu-desktop-on-a-virtual-machine-using-virtualbox#1-overview

2022-08-06 10:30 🔗 — In reponse to: @troy_s

@troy_s What I get out of this is that you can't make a model that doesn't take time into account. I can go up or down one of these strips and say "oh, that looks inverted", but then if I look around and come back to it (the exact same cell) I could have a very different impression

2022-08-06 20:37 🔗 — In reponse to: @phillip_trudeau

@phillip_trudeau @matiasgoldberg You can manually poison/unpoison memory ranges: https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning

So I guess poison the underlying memory until it's allocated; unpoison when it's allocated; re-poison when it's freed.

2022-08-07 13:53 🔗

Real life speculative execution https://twitter.com/skdh/status/1555888238983872515

2022-08-08 09:21 🔗 — In reponse to: @slembcke

@slembcke @TimSweeneyEpic @actualGraphite @rianflo Can you share a snippet of code or pseudo-code for those of us who don't know signal processing lingo? Are you taking the deltas between frames and mixing them into a "long term" average, then doing that twice per frame with different coefs? How do you choose your constants?

2022-08-09 22:25 🔗

Another kernel bug made mass-exploitable by letting unprivileged users load kernel modules inside user/network namespaces... https://twitter.com/oss_security/status/1557090355148795904

2022-08-09 22:25 🔗 — In reponse to: @vegard_no

My contribution: https://lore.kernel.org/all/20220809185229.28417-1-vegard.nossum@oracle.com/

2022-08-09 23:13 🔗 — In reponse to: @brau_ner

@brau_ner Ah, thanks for the pointer, I was vaguely aware of the discussion but hadn't been following it closely. I *think* my patch should be less contentious as it won't kill namespaces outright (and defaults to the current behaviour in any case)...

2022-08-09 23:16 🔗 — In reponse to: @vegard_no

@brau_ner ...and it will be more as if a particular module simply wasn't compiled in. In any case, if I were a distro I would take a hard second look at user namespaces. A few minutes search gave me that list of 5 other (+ the one reported by Thadeau) privilege escalation bugs.

2022-08-10 09:34 🔗 — In reponse to: @Dwokfur

@Dwokfur @spendergrsec Alright, I'll bite. Can you share your patches so we can compare notes? It's not that I can't remember, I literally have not been part of any of the past discussions; I noticed a problem and provided a (tentative) solution.

2022-08-10 19:13 🔗 — In reponse to: @Dwokfur

@Dwokfur Thank you. I also see that I've missed a ton of context on this problem, both recent and old discussions. I hope we can revisit it now and make progress towards better security.

2022-08-10 19:16 🔗 — In reponse to: @spendergrsec

@spendergrsec @Dwokfur I see; thanks for clarifying. I was worried that request_module() could be called outside process context or from a worker thread or something. The logging doesn't seem like a huge issue but I guess it might be confusing for users.

2022-08-11 14:47 🔗

The new death & taxes 👇 https://twitter.com/malumicham/status/1557687541507276800

2022-08-12 10:23 🔗

Nous avons une grave sécheresse, nous n'avons pas le droit d'arroser nos potagers et nous déversons littéralement l'eau dans les rues. Nettoyage en préparation du tour de limousine. Idiotie absolue... #secheresse #TDL2022 @prefet87 @hautevienne_dep @tourdulimousin

2022-08-15 08:10 🔗 — In reponse to: @gamozolabs

@gamozolabs @h0mbre_ @pkhuong https://twitter.com/vegard_no/status/1494427588919537679

2022-08-16 12:16 🔗 — In reponse to: @sonnybondsmusic

@sonnybondsmusic @olafurw High-res captures, fresh off DOSBox. From "Interpose" (Twilight Zone Software, 1996). I wonder who the artist is...

2022-08-16 12:19 🔗 — In reponse to: @vegard_no

@sonnybondsmusic @olafurw BTW I got this by attaching to dosbox in gdb and doing:

(gdb) call CPU_Exception(13, 0)

(gdb) continue

2022-08-16 12:23 🔗 — In reponse to: @vegard_no

@sonnybondsmusic @olafurw I saw this picture once as a kid on my computer while playing Interpose, must be over 20 years ago. Only later did I learn what a General Protection Fault was... I've been searching for this picture for years, finally bit the bullet and decided to try to reproduce it.

2022-08-16 12:39 🔗 — In reponse to: @olafurw

@olafurw @sonnybondsmusic @frankcifaldi @retrohistories I found some references to Pinball Illusions inside INTERPOS.EXE! Apparently Pinball Illusions was made by Andreas Axelsson (programmer), Markus Nyström (artist), and Olof Gustafsson (composer), so this looks right. @JudgeAxl @Dancing_Swede @Zymcox Do any of you know?

2022-08-16 15:50 🔗

User namespaces exist so that you have privileges inside your namespace that don't extend to the whole system. This is violated by autoloading kernel modules as it grants you the ability to _actually_ load kernel modules outside your namespace.

2022-08-17 12:31 🔗

Lol, not concerning at all. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/proc/array.c#n261

2022-08-17 19:45 🔗 — In reponse to: @mango_lychee

@mango_lychee You could not lean blocks that have something behind them, maybe?

2022-08-20 07:52 🔗 — In reponse to: @nothings

@nothings I don't get it, what's the error?

2022-08-20 09:48 🔗

I'm sure I saw a semi-recent rant from Linus about trimming unnecessary stuff from commit messages. Lore, gmail, Google, have all failed to turn it up. Does anybody know which one I'm talking about?

2022-08-20 21:52 🔗 — In reponse to: @gloom303

@gloom303 @ferristweetsnow @gregersn It's a chick, not a chicken. "Kylling" can be used for both. Chicken is only for "hen chicks".

2022-08-21 21:07 🔗

I heard James Burke use the word "perspicacious", a word I can guarantee I've never heard in my life up until tonight. I asked my wife if she knew what it meant and she answered without even blinking... How!?

2022-08-22 04:58 🔗 — In reponse to: @vyodaiken

@vyodaiken The last statement cites a blog post ([31]) that was published on April 1 with the disclaimer: "I've seen several tweets thinking this post was serious. It's not."

2022-08-22 14:57 🔗 — In reponse to: @vyodaiken

@vyodaiken I'm not an expert, but it would seem that this is basically saying the two factors are both very close to the square root of the number being factorized?

2022-08-26 08:21 🔗 — In reponse to: @AllenWebster4th

@AllenWebster4th @won3d The Linux kernel has a strong preference for using volatile _only_ inside wrappers called READ_ONCE() and WRITE_ONCE(), and otherwise not attaching it to types (or data). See https://lwn.net/Articles/233479/ for the rationale

2022-08-31 20:38 🔗 — In reponse to: @sigfpe

@sigfpe This happened to me: https://bugzilla.redhat.com/show_bug.cgi?id=1471126

When sitting upstairs where the WiFi signal is weaker, whichever frequency my laptop was NOT on would appear to have a stronger signal and so it would switch APs every ~2 minutes and drop some packets/connections during the switch 😔

2022-09-02 20:01 🔗 — In reponse to: @SteveBellovin

@SteveBellovin @matthew_d_green Also a classic: https://web.cs.ucdavis.edu/~rogaway/papers/moral-fn.pdf

2022-09-05 16:32 🔗 — In reponse to: @marc_b_reynolds

@marc_b_reynolds Pretty sure that's just

asm volatile ("");

unless I'm misunderstanding.

2022-09-05 16:36 🔗 — In reponse to: @vegard_no

@marc_b_reynolds This is how the Linux kernel defines it (note the "memory" clobber, which I guess is important): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/linux/compiler.h?id=7e18e42e4b280c85b76967a9106a13ca61c16179#n83

2022-09-05 18:15 🔗

If you use the sysenter instruction on Intel x86_64, the Linux kernel will apparently unconditionally return to a 32-bit user CS and truncate RIP to 32 bits. Since it's sysenter, it tries to return to VDSO (which is mapped >4G; =>segfault), but you can map something there by hand

2022-09-05 19:05 🔗 — In reponse to: @vegard_no

godbolt example, although I'm not sure if it always runs on Intel: https://godbolt.org/z/evbh9ehjx

2022-09-06 12:25 🔗 — In reponse to: @marc_b_reynolds

@marc_b_reynolds @_monoid I wonder if you'd better use "X" instead of "r", as "r" would force the value of that expression into a general-purpose register (and thus generate nonoptimal code) even when it might be, say, a float or a memory reference.

2022-09-07 21:55 🔗 — In reponse to: @netspooky

@netspooky This would have made a great April 1 patch submission.

2022-09-08 10:00 🔗 — In reponse to: @calebccff

@calebccff What makes it dirty?

2022-09-08 14:11 🔗 — In reponse to: @calebccff

@calebccff I guess dirty is a spectrum, but if you have uncommitted changes in your working directory then it will add the "-dirty" suffix.

I tried putting the hash from your screenshot into github and it finds this tag: https://github.com/torvalds/linux/commit/5f4ec168b14c (5.13.0-valve8.3)

2022-09-08 14:12 🔗 — In reponse to: @vegard_no

@calebccff The setlocalversion script seems to use "git describe --abbrev=12" which outputs a tag if you're exactly on a tag, otherwise it finds the closest tag and adds the "-g" suffix.

I guess either the build was done in a repo that didn't have the tag, or the tag was created later?

2022-09-09 19:45 🔗 — In reponse to: @skdh

@skdh Since we're making corrections: a theorem does not by itself prove anything; a theorem is a statement, not a proof. However, the known existence of a (hopefully correct) proof is what makes the statement a theorem...

We discussed some of this here: https://en.wikipedia.org/wiki/Talk:Bell%27s_theorem/Archive_9#Statement_of_theorem

2022-09-12 07:44 🔗 — In reponse to: @wcrichton

@wcrichton Maybe this? https://whitebox.systems/ by @azmreece

2022-09-14 20:05 🔗 — In reponse to: @CinnabonGarf

@CinnabonGarf @pbdigital @psuedofolio Not really true; the existing models (Dall-E, MD, SD) already know a bunch of artists and can replicate their style and I'm sure they haven't had *that* many samples from each artist.

What you would do is to take a pre-trained model (SD) and then (re)train it on your own art.

2022-09-14 20:11 🔗 — In reponse to: @vegard_no

@CinnabonGarf @pbdigital @psuedofolio Example: The pretrained model will have a concept of what a book is, so that when you train it with drawings by a specific artist it will be able to draw a book in that artist's style, despite not having seen that particular combination of subject and style before.

2022-09-18 07:57 🔗 — In reponse to: @shachaf

@shachaf I really don't know, but I wonder if it could happen with MOVNT* on x86, since it skips all caches? https://www.felixcloutier.com/x86/movntq

2022-09-18 08:00 🔗 — In reponse to: @calebccff

@calebccff I kind of like the model where you have a thread-local "global" variable containing the library state and you have to call a "set_current_foo()" function in each thread before issuing any other library calls.

2022-09-18 08:02 🔗 — In reponse to: @vegard_no

@calebccff It gives you an implicit state, so no need to pass anything around as a parameter to everything. It looks almost exactly like a global variable, but allows multiple threads (by virtue of being thread-local) and multiple contexts (just call set_current_foo() to something else).

2022-09-18 08:04 🔗 — In reponse to: @vegard_no

@calebccff I guess most systems have a small overhead for doing the thread-local memory access, but in practice this ought to be negligible.

2022-09-21 10:35 🔗

I accidentally ran "less" on a PDF and it worked... whut?

2022-09-21 11:33 🔗 — In reponse to: @gautshen

@gautshen Yep.

2022-09-21 18:39 🔗

New blog post on backporting and conflict resolution with git (with focus on the Linux kernel): https://blogs.oracle.com/linux/post/backporting-patches-using-git

2022-09-22 08:10 🔗 — In reponse to: @unixbhaskar

@unixbhaskar Yeah, it's a bit long... you can always skim and skip, though.

I guess the "creative vision" was a comprehensive guide, something that one could refer back to. And maybe more of a training document than the blog format would suggest.

Oh well, it's out there now :-)

2022-09-22 10:08 🔗 — In reponse to: @rajeeshknambiar

@rajeeshknambiar Yep, it's TikZ, but it's fairly manual (all manual positioning). Here is this one: https://gist.github.com/vegard/a1b9bbc7ae6433fe7b053d4251ddbc07

2022-09-22 10:52 🔗 — In reponse to: @vegard_no

@unixbhaskar There is also the video at the end where I go through a couple of concrete patches (mainline to stable backporting) in detail: https://www.youtube.com/watch?v=sBR7R1V2FeA

2022-09-24 12:42 🔗

The 4yo sums it up: "I'm tired of that week"

2022-09-30 16:52 🔗 — In reponse to: @h0mbre_

@h0mbre_ Is it just a negative value? It's documented as a 32-bit relative (signed, I guess) offset here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/linux/export.h?id=987a926c1d8a40e4256953b04771fbdb63bc7938#n34

2022-10-02 08:30 🔗 — In reponse to: @h0mbre_

@h0mbre_ Getting something to work is exhilarating.

2022-10-02 10:14 🔗

TIL both gcc and clang accept "const void" and "volatile void" as return types. Only clang warns.

2022-10-02 12:36 🔗

Interesting difference between gcc and clang handling of "volatile": https://godbolt.org/z/sx4Eq3fro

Both of them prevent the surrounding non-volatile accesses from getting collapsed (so it's a kind of a barrier); gcc emits the load (as I would expect), but clang discards it 🤔

2022-10-02 13:01 🔗 — In reponse to: @shachaf

@shachaf Makes sense!

2022-10-02 21:35 🔗

This email somehow always manages to scare me before I open it. I should really just delete my account...

2022-10-04 15:13 🔗

French cryptographers be like: Vive la clé publique

2022-10-07 19:27 🔗

Hmph, looks like man pages from fsopen()/fsmount()/etc. never got merged, despite what looks like multiple rounds of submissions/feedback: https://lore.kernel.org/linux-man/?q=fsopen

The syscalls have been in the kernel for 3+ years already, so it's pretty weird :-/ Wonder what happened there.

2022-10-09 21:24 🔗 — In reponse to: @kernellogger

@kernellogger Not a single command, but this ought to work?

git clone [...] --depth 1 -b v5.18 foo

cd foo

git fetch --shallow-exclude=v5.18 origin linux-5.19.y

2022-10-09 21:41 🔗 — In reponse to: @vegard_no

@kernellogger if you want it to actually create the linux-5.19.y branch locally instead of putting it in FETCH_HEAD:

git fetch --shallow-exclude=v5.18 origin refs/heads/linux-5.19.y:refs/heads/linux-5.19.y

Apparently this also fetches tags in the range! Which could be useful.

2022-10-11 17:31 🔗 — In reponse to: @amoswap

@amoswap @chompie1337 There's a ton of Linux kernel bugs related to wrong-label jumps and error handling/cleanup. For example:

CVE-2014-8481

CVE-2021-4149

CVE-2021-3744

CVE-2022-33743

CVE-2021-39656

CVE-2017-17975

CVE-2013-4343

CVE-2020-12771

CVE-2009-0778

CVE-2021-3764

CVE-2008-4302

2022-10-12 14:42 🔗 — In reponse to: @skdh

@skdh I guess you haven't seen the Wiktionary entry for "spooky action at a distance" yet 😂 https://en.wiktionary.org/wiki/spooky_action_at_a_distance

2022-10-12 14:58 🔗 — In reponse to: @David3141593

@David3141593 @amoswap @chompie1337 Not really surprising, no. And I can't think of a C style that would be obviously less error prone.

The main problem (IMHO) is that most error styles are not robust against changes; most patches require you to re-review the whole function, not just the 3+3 lines of diff context

2022-10-12 15:04 🔗 — In reponse to: @vegard_no

@David3141593 @amoswap @chompie1337 It might be interesting to consider something like a "checked goto with RAII" where you have RAII as the cleanup mechanism but all the destructor calls have to be explicit in the code. (A complaint I have seen against RAII from kernel coders is the implicit destructor calls)

2022-10-13 09:30 🔗 — In reponse to: @OskSta

@OskSta Maybe @jobtalle can give some pointers? I remember seeing this: https://twitter.com/jobtalle/status/1347591580337762308

2022-10-14 09:32 🔗

So this is an established Linux kernel pattern for enforcing lock ordering. It's UB, right? Because you're generally comparing pointers to different objects not part of the same array. Does the kernel use any special compiler flag to make this fine? Would casting to uintptr work?

2022-10-14 09:35 🔗 — In reponse to: @vegard_no

Another one from kernel/events/core.c.

2022-10-14 10:20 🔗 — In reponse to: @hh_wandsbek

@hh_wandsbek Other responders seem to confirm this is UB -- this seems like a good reference: https://frama-c.com/2011/04/14/When-is-it-valid-to-compare-two-pointers-in-C.html

Basically, pointers cannot be compared with < unless they are part of the same array. Doing so is undefined, so anything can happen.

2022-10-14 10:50 🔗 — In reponse to: @hh_wandsbek

@hh_wandsbek Because the C standard says so. But apparently compilers today are doing the intuitive thing anyway: https://twitter.com/kkdwvd/status/1580838643195088897

2022-10-14 14:30 🔗 — In reponse to: @leo60228

@leo60228 @rep_stosq_void getauxval() can tell you a few things like the addresses and sizes of the binary's ELF mappings and the VDSO address. But not general mmap() info.

2022-10-15 15:14 🔗 — In reponse to: @kernellogger

@kernellogger Not necessarily declaring at the time of creation should not preclude declaring important fixes when they are KNOWN to have a security impact. This is so backwards. Other open source projects are able to deal with this, why not the kernel?

2022-10-16 12:21 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu git tag -l | sort -V

2022-10-16 12:58 🔗 — In reponse to: @horenmar_ctu

@horenmar_ctu Yeah, for the linux kernel v5.17-rc3 should be sorted before v5.17 and isn't, but overall it's a lot better than alphabetic.

2022-10-17 13:52 🔗

When you submit a patch series to a new mailing list and it rejects every single email because you're not subscribed :<

And then you resend and anybody else who was on Cc gets it twice :<

2022-10-17 14:00 🔗 — In reponse to: @tehjh

@tehjh Interesting -- I did get copies so I guess I could have done that! I'd have to get familiar with that procedure before trying it out on public lists, though.

2022-10-17 14:03 🔗 — In reponse to: @vegard_no

When you submit a patch series and the mailing list rejects it for containing html... in the code being patched🤦

2022-10-17 14:06 🔗

Just submitted my cgit patches to display git notes for the Linux kernel: https://lists.zx2c4.com/pipermail/cgit/2022-October/004764.html

Hoping we can get this on http://git.kernel.org at some point, as it's really useful for cross-referencing, finding backports, subsequent fixes, etc.

2022-10-17 14:20 🔗 — In reponse to: @estet

@estet Ooh, I had not seen that! Looks really useful too. Link for others: https://lists.zx2c4.com/pipermail/cgit/2021-October/004656.html

My patches here really mostly add support for using an external git repo for the notes -- maybe that would be useful for your use case too?

Anyway, notes don't get used enough!

2022-10-18 12:30 🔗

"AUTOSEL is drunk and should drop the random kmsan patches for random stable versions."😂

https://lore.kernel.org/stable/c8ebeaf0-2dbb-37d8-52c8-7880c516ce6a@suse.cz/

Thanks for the laugh @tehcaster

On a more serious note I don't think anybody was expecting autosel to be perfect but it does make me wonder about the overall quality

2022-10-18 13:46 🔗 — In reponse to: @kernellogger

@kernellogger @tehcaster My gut reaction is that adding more types of tags in commit changelogs is more opportunity for things to go wrong that you can't really correct after they've been merged.

I really think that this kind of thing should be obvious from the changelog.

2022-10-18 13:51 🔗 — In reponse to: @vegard_no

@kernellogger @tehcaster In this specific case, I would say KMSAN is clearly a new feature so it was obvious that it shouldn't be in stable.

I guess the patch volume is just too large for 2 people (who may or may not be overworked as it is) and that's why we have autosel + the mailing list as reviewer

2022-10-20 12:50 🔗

Since people are talking about git and conflict resolution... this blog post has all my best tips and comes with a video tutorial as well (see bottom): https://twitter.com/vegard_no/status/1572626511580041217

2022-10-22 09:04 🔗 — In reponse to: @olemoudi

@olemoudi @halvarflake This meme comes to mind -- I think all perspectives are important, but the foundation holds up the rest. Products don't matter if you can knock out that piece at the bottom.

2022-10-22 12:51 🔗 — In reponse to: @geofflangdale

@geofflangdale @rygorous @tom7 did something like that: http://tom7.org/abc/

Your specific thing starts at ~11:10 but the whole thing is a fun watch.

2022-10-25 22:42 🔗

I just beat this game. Took me almost 10 hours...

I loved it.

Sure, it's frustrating at times, but it really does teach you something in a very cool way. Feels like a life lesson. Thanks Bennett!!

2022-10-28 11:19 🔗

Regardless of who owns Twitter, the fact is that millions of people are at the mercy of a very few and they were NOT democratically elected. Not sure if that's their fault or our fault, however...