> The problem boils down to usage of stack memory after the memory is given to somebody else.
While this isn't incorrect in this case the problem seems to be caused by stack unwinding without the consent of lower frames rather than a willful bug where the callee forgets about the ownership.
Yes, it’s the consequence of throwing exceptions through exception-unaware code, which is a problem when said code needs to perform some cleanup logic before returning, like releasing resources.
WDYM? The root cause is "you passed ownership to stack-based memory to the kernel and didn't ensure it's valid when it called you back", why would "consent of lower frames" matter here? Exceptions (where lower frames matter) hid the control flow here, but that's one way to reach this situation (early return is another way, as shown by Raymond Chen's post).
> WDYM? The root cause is "you passed ownership to stack-based memory to the kernel and didn't ensure it's valid when it called you back", why would "consent of lower frames" matter here?
There is no "called back" in this case. The APC was executed by the sleep and corrupted the stack by unwinding across the C winsock code without any cleanup. It never returned.
The user-mode enters an "alertable" wait which allows an asynchronous procedure (APC) to interrupt it and execute code. Instead of returning the APC causes an exception, unwinds the stack across the APC delivery and ends up executing some random code instead of returning to the winapi code that called wait(alertable: true) in a loop. So the code that was supposed to be synchronous because of while(!completed) wait(); suddenly is broken out of the loop without actually being completed.
> Exceptions (where lower frames matter) hid the control flow here, but that's one way to reach this situation (early return is another way, as shown by Raymond Chen's post).
This isn't just hiding the control flow here. It's control flow that shouldn't have existed in the first place. It walks across the boundary of the windows APC dispatcher. Unity folks needed to go out of their way to make this "work" in the first place because using c++ exceptions and standard library threads this wouldn't work.
Well, veracrypt has a random seeding stage where you're required to shake the mouse around to create randomness. Problem is, that it only registers when the mouse is over the actual tiny veracrypt window. Problem with that is, it tells you that in some tiny bold text at the bottom. You can waste literally an hour wondering why the randomness meter goes up only sometimes. A better UI might fix that.
Afaik that kind of entropy generation is silly on modern machines. You should just call getrandom (or whatever the equivalent is for the modern OS it’s running on is) and be done with it. Hand rolled entropy like this isn’t necessary anymore - the OSes have very high quality CSPRNGs baked in natively and seeded directly from interrupts and other HW entropy sources.
It also doesn't hurt if you hash it into or xor with existing randomness, it will still be as strong as the best source of entropy you have even if it's all 0's being mixed in.
Good point. Is entropy built into the kernel, though? Last time I checked this I had to manually enable it as a system service, though this was a fair few years back.
You can even click on the window, hold the mouse button clicked and now all mouse movements, even outside the window, register and increase the randomness meter.
A small UI improvement is not worth switching from a far more tested and audited application. The UI might be worse, but I wouldn't play dice with applications with critical security requirements.
I think putting some efforts in the user experience is important. A better GUI may mean that more people will use encryption.
Bitlocker and FireVault are very easy to use compared to VeraCrypt or LUKS, and they are much more common. So many Linux installations don't have disk encryption…
Most definitely, especially in FOSS which has a dearth of good UX. But the point was more that this shouldn't be a form-over-function moment, do that with something else like a lounge purchase.
The big plus for VeraCrypt (and TrueCrypt before that), however, is that it works on Windows, macOS, and Linux. If you need an encrypted flash drive for sharing data between different systems, it's the only option that I know of. Which is unfortunate.
Each african here and in Swahili time, the day starts at 7:00 AM and ends at 6:59PM and night starts at 7:00 PM and ends at 6:59AM.
So, I would read "12:00 AM" as "six hours into the night" since its been 6 hours since the night has started.
I would also read "12:00 PM" as "six hours into the day" since its been six hours since the day has started. Speaking it, i would say "saa 6 mchana" and the literal translation is "time 6 noon".
I and most people here always set time in AM/PM format and i always have to first convert it to swahili time before making sense of it.
It's possible to write something like `std::unique_function` (which uniquely owns the stored callable and can be moved but not copied). That's often preferable for storing functors.
Eh. It's fine in my experience... of all the things I've gotten bitten by in C++, this has not been one of them. It's actually a bit more readable IMO... nullptr doesn't scream "null" like it should. And it's best not to overload int with pointers anyway, because other people using your code may still use NULL even if you personally don't. The one thing to watch out for is usage in template call sites, where you'd want to cast it to the correct type first, but at that point you'd want to cast the nullptr too.
If you loose your phone here in Tanzania, the phone company will require a police report and a copy of a photo ID(passport, drivers licence or national ID card) that matches the lost line and some will additionally ask you to remember the last few calls that was made by the lost line. All the above will have to be done person in one of many branches operated by the phone company.
Native Swahili speaker here and the language cares only if its a being or not a being and for beings, it simply doesn't care if its a man, a woman, a horse, a pig or an alien with ten sexes.
Its possible to speak naturally in Swahili without revealing the gender of the person being talked about and for this reason, i find the he/she/they in English to be very strange and limiting at times.
The problem boils down to usage of stack memory after the memory is given to somebody else.