What is up with the absolutely terrible and obtrusive ads on this page? They take up 80% of my phone screen space, then I tried to scroll down and they pop up again. Awful, I can’t even read this post (and it sounded interesting). Yuck.
I’ll read it when I get back to my home network with my pihole. Websites like this remind me why I block all ads.
This article is mostly about rediscovering the distinction between interruptible and non-interruptible waits.
At the end there is some sort of deadlock between namespace teardown, signal delivery, and FUSE, but... it isn't articulated in a way that is super comprehensible to me. The kernel flushes open files on exit and also kills things in the namespace on exit. But that means the race condition was always hitable if you killed the FUSE daemon at the wrong time relative to the FUSE client shutdown? It's not totally obvious to me why this would impact other non-FUSE filesystems.
Signal delivery and multithreaded process teardown in the kernel is certainly tricky, and it's really easy to get these weird edge cases wrong.
> Yes, the barcade business model works. Mostly as a bar. Most often the machines are owned and operated by an outside contractor or dedicated hobbyist (who knows how to fix them.)
To expand on this a bit, the actual maintainer of the machine is probably the most important factor of the quality of the barcade, at least if you're the type of person who cares about rulesets for games and will be irritated if something doesn't work because of a broken sensor. I like enthusiast owned/operated places because the owner who's actually playing the games will notice problems and fix them, as opposed to bars where any problems with the machine will either be broken until the maintainer gets around to it on their scheduled route, or possibly the problems never get reported at all. One possibly useful proxy for this is seeing where your local leagues play - in general they're more likely to be in places with well-maintained machines.
For San Francisco:
- Outer Orbit is my favorite place, even though they've recently removed a couple machines for more seating (more evidence that the bar/restaurant is the money maker). The owners met playing pinball, are heavily involved in the local scene, and do the maintenance themselves, so the machines tend to be in great shape. Decent Hawaiian food and a quite good beer list.
- Free Gold Watch is the place everyone always recommends because it has the most machines. My feeling is that they don't keep up on maintenance well enough because I always have trouble with tables always having enough small things broken about it that it's impossible to advance some modes. (On pretty much any modern machine every lane/ramp/hole is probably going to be required for some mode or another, so a single broken sensor breaks the entire game if you're trying for wizard mode.) It's definitely the place to go for the arcade experience with a lot of machines to choose from.
- the Alamo theater actually has a reasonably decent room upstairs from the bar, across the hall from the theaters. Doesn't seem to get rotated much and I'm not convinced it's maintained regularly, but it doesn't get much traffic so it doesn't seem like stuff breaks quickly there. A lot of people seem surprised when I mention it's there.
- Gestalt always has machines in decent shape, but the bar itself might close any month now.
- Emporium/Musee Mecanique - I don't go to them often, but they're both more generalist arcades, so they'll have a few machines at varying maintenance levels.
I'm not sure how often https://pinballmap.com/ gets updated or how its coverage is outside the SF Bay Area, but it looks pretty accurate for me.
Can somebody explain what is "linear" about linear types. There seems to be a common pattern in computer science of reusing well established mathematical terms (e.g. vectors, tensors) in confusing ways.
I can see how this is useful for laypeople. Those with a DIY attitude might resort to popular image editing tools. My choice would be trying to achieve this with Imagemagick. Fred Weinhaus' script http://www.fmwconcepts.com/imagemagick/skew/index.php and maybe adding a blur later.
Some programs, like sshd and chromium, make use of this fact to change the process name as shown in procfs and ps. On Linux, every string that argv[] and envp[] point to are stored in one contiguous block of memory. Programs can change the name of the process by writing a new string starting at *argv[0] and overflowing into the *envp[] memory as needed. (Though the program needs to strdup() the environ[] entries beforehand since they initially point to envp[] strings.)
The basic problem, as I've written before[1][2], is that, after I put in Nagle's algorithm, Berkeley put in delayed ACKs. Delayed ACKs delay sending an empty ACK packet for a short, fixed period based on human typing speed, maybe 100ms. This was a hack Berkeley put in to handle large numbers of dumb terminals going in to time-sharing computers using terminal to Ethernet concentrators. Without delayed ACKs, each keystroke sent a datagram with one payload byte, and got a datagram back with no payload, just an ACK, followed shortly thereafter by a datagram with one echoed character. So they got a 30% load reduction for their TELNET application.
Both of those algorithms should never be on at the same time. But they usually are.
Linux has a socket option, TCP_QUICKACK, to turn off delayed ACKs. But it's very strange. The documentation is kind of vague, but apparently you have to re-enable it regularly.[3]
The missile knows where it is at all times. It knows this because it knows where it isn't. By subtracting where it is from where it isn't, or where it isn't from where it is (whichever is greater), it obtains a difference, or deviation. The guidance subsystem uses deviations to generate corrective commands to drive the missile from a position where it is to a position where it isn't, and arriving at a position where it wasn't, it now is. Consequently, the position where it is, is now the position that it wasn't, and it follows that the position that it was, is now the position that it isn't.
In the event that the position that it is in is not the position that it wasn't, the system has acquired a variation, the variation being the difference between where the missile is, and where it wasn't. If variation is considered to be a significant factor, it too may be corrected by the GEA. However, the missile must also know where it was.
The missile guidance computer scenario works as follows. Because a variation has modified some of the information the missile has obtained, it is not sure just where it is. However, it is sure where it isn't, within reason, and it knows where it was. It now subtracts where it should be from where it wasn't, or vice-versa, and by differentiating this from the algebraic sum of where it shouldn't be, and where it was, it is able to obtain the deviation and its variation, which is called error.
I wrote an epoll echo server which multiplexes multiple clients over each thread. The idea is that each core can scale the number of clients it serves.
Its kind of similar to libuv. I use IO threads to handle IO. It's incomplete though but a proof of idea.
I also wrote a userspace 1:M:N lightweight thread scheduler which should be integrated with the epoll server. This is an alternative to coroutines. I multiplex multiple lightweight threads on a kernel thread and switch between them fast. The scheduler thread preempts hot for and while loops by setting the looping variable to the limit. This allows preemption to occur when the code finished the current iteration. This is why I call it userspace preemption.
One idea I have for even higher performance is to split sending and receiving to their own threads and multiplex sending and receiving across threads. This means you can scale sending and receiving.
I want to add io_uring maybe I can learn it from this repository
The writer of the piece, Nathan K., has been such a hero to me. He used to post scathing (or glowing!) reviews on Google Plus, on whether certain cables, chargers or other hardware stuck to the standards or not.
I believe it got him into hot water, because when he was looking for a job, one unnamed prospective employer thought him "too critical" (not "too knowledgeable" mind you).
I got obsessed with USB-C for a while, and he'd answer questions there, and point to the specs when appropriate.
An excellent book about the guidance computer on the Lunar Module, is Sunburst and Luminary.
https://www.sunburstandluminary.com/SLhome.html
It describes in a very entertaining style about building testing and editing the software and hardware of the Apollo program. It includes a lot of commentary and anecdotes about the era and life style of many of the program's engineers, designers, pilots, technicians, etc.
Very recommend.
I would love to see NixOS-style declarative management brought to one (or more) of the BSDs.
I'm currently building out a NixOS-based router to replace an old and dying Ubiquiti Edgerouter Lite. BSD would be perfect for the job but the ability of NixOS to have the entire system configured declaratively is enough of a killer feature to get me to use it over something BSD-based.
if anyone is interested in pursuing something similar, I'm using [0] as my hardware base and [1, 2] as example configurations.
It looks like the authentication rests upon looking up the owner of the incoming packet's (tailnet) IP address[0].
Does anyone know whether they have measures in place to protect against IP spoofing?
Background: The OP reminded me of innernet (a Tailscale alternative) which was presented here on HN last year[1] and which is – at least in principle – vulnerable to IP spoofing[2] because it assumes incoming IP packets (with a WireGuard IP address as "source") must originate from WireGuard's wg0 network interface and cannot e.g. originate from eth0 – which, unfortunately, is not the case on most systems.
As far as I can tell from briefly looking at tsnet[3] (which is what their authentication proxy[4] uses under the hood), tsnet runs WireGuard in user space(?), so this should prevent IP spoofing. Can anyone confirm this?
'systemd-analyze security' is a fine thing, just make sure to use the latest version of systemd because it was really buggy in the past. For example, the version that ships in RHEL 8 is so buggy it's practically useless.
I came up with this for most of my services that do require a JIT compiler (so Java, dotnet, etc):
You might want to throw away InaccessiblePaths if your application calls external binaries. The stuff I typically write shouldn't do it.
Some of these flags are not strictly necessary because they should be enabled by other switches, but I prefer to keep them to make configuration more obvious and to mitigate possible bugs (there were some in the past).
If your application needs to store anything locally, add some combination of these:
and you can read the resulting path in environment variables RUNTIME_DIRECTORY / STATE_DIRECTORY / CACHE_DIRECTORY / LOGS_DIRECTORY / CONFIGURATION_DIRECTORY if your systemd is new enough.
systemd will make sure that your limited user can read and write these paths, including their content.
Add this if your application does not use a JIT compiler:
MemoryDenyWriteExecute=yes
And this to prevent it from listening on wrong ports in an event of misconfiguration.
SocketBindDeny=any
SocketBindAllow=tcp:5000
These firewalling flags can be useful if your service does not do much networking to external APIs:
I’ll read it when I get back to my home network with my pihole. Websites like this remind me why I block all ads.