Arvīds Kokins
@archo5.bsky.social
Trying to make things that vaguely resemble games (and the tech to make them work). Recently released corpo/ghost as @interleavedsystems.com
https://store.steampowered.com/app/2844660/corpoghost/?utm_source=bskybio
https://store.steampowered.com/app/2844660/corpoghost/?utm_source=bskybio
this is the thing happening currently: edri.org/our-work/com...
I do wish people stopped using shitty opinion pieces as the sole excuse to do silly things 🙃
I do wish people stopped using shitty opinion pieces as the sole excuse to do silly things 🙃
Digital Omnibus is a major rollback of EU digital protections - European Digital Rights (EDRi)
The European Commission has published two Digital Omnibus proposals, reopening the EU’s core protections against harm in the digital age.
edri.org
November 25, 2025 at 12:02 PM
this is the thing happening currently: edri.org/our-work/com...
I do wish people stopped using shitty opinion pieces as the sole excuse to do silly things 🙃
I do wish people stopped using shitty opinion pieces as the sole excuse to do silly things 🙃
on a related note, EU privacy/AI law is being gutted currently because of a similar document (Draghi report) containing no references to any research or anything similar for many of its most frequently cited key claims
commission.europa.eu/document/dow...
commission.europa.eu/document/dow...
commission.europa.eu
November 25, 2025 at 11:59 AM
on a related note, EU privacy/AI law is being gutted currently because of a similar document (Draghi report) containing no references to any research or anything similar for many of its most frequently cited key claims
commission.europa.eu/document/dow...
commission.europa.eu/document/dow...
this seems like the most likely thing he would do
yet can't help but think that prediction seems like such a tiny aspect of human cognitive functioning though
one can't even represent "let's just try it and see what happens" in a predictive system at all
yet can't help but think that prediction seems like such a tiny aspect of human cognitive functioning though
one can't even represent "let's just try it and see what happens" in a predictive system at all
November 20, 2025 at 5:45 AM
this seems like the most likely thing he would do
yet can't help but think that prediction seems like such a tiny aspect of human cognitive functioning though
one can't even represent "let's just try it and see what happens" in a predictive system at all
yet can't help but think that prediction seems like such a tiny aspect of human cognitive functioning though
one can't even represent "let's just try it and see what happens" in a predictive system at all
"fragmentation" is another word for "more competition than we'd like to have"
the only way you can "address challenges" is by removing the competition
the only way you can "address challenges" is by removing the competition
November 19, 2025 at 9:04 PM
"fragmentation" is another word for "more competition than we'd like to have"
the only way you can "address challenges" is by removing the competition
the only way you can "address challenges" is by removing the competition
I was talking about the process of debugging and said that GC makes connecting observed effects to the root cause structurally and systemically easier.
I have *never* argued against what the cause is or that it should be hidden, this seems to be a neverending pancakes/waffles issue.
I have *never* argued against what the cause is or that it should be hidden, this seems to be a neverending pancakes/waffles issue.
November 15, 2025 at 7:08 PM
I was talking about the process of debugging and said that GC makes connecting observed effects to the root cause structurally and systemically easier.
I have *never* argued against what the cause is or that it should be hidden, this seems to be a neverending pancakes/waffles issue.
I have *never* argued against what the cause is or that it should be hidden, this seems to be a neverending pancakes/waffles issue.
it seems another option would be to fully interleave the points (so that 0-1-2 are the original triangle, 3-4-5 are the first points on the original edges etc.)
the main benefit would be: location = i/3 and edge = i%3
partial interleaving like the above seems to require finding the ring first
the main benefit would be: location = i/3 and edge = i%3
partial interleaving like the above seems to require finding the ring first
November 15, 2025 at 4:48 PM
it seems another option would be to fully interleave the points (so that 0-1-2 are the original triangle, 3-4-5 are the first points on the original edges etc.)
the main benefit would be: location = i/3 and edge = i%3
partial interleaving like the above seems to require finding the ring first
the main benefit would be: location = i/3 and edge = i%3
partial interleaving like the above seems to require finding the ring first
yeah with nearest rounding the sum can only be less than ~97.5
those numbers could only work if they rounded down, though even then the probability of this outcome seems low
those numbers could only work if they rounded down, though even then the probability of this outcome seems low
November 15, 2025 at 7:33 AM
yeah with nearest rounding the sum can only be less than ~97.5
those numbers could only work if they rounded down, though even then the probability of this outcome seems low
those numbers could only work if they rounded down, though even then the probability of this outcome seems low
you keep acting as if I said something that I never did
of course they don't eliminate "the bug"
but they do limit the scope and the ways in which it can manifest, turning it from "basically anything can happen as a direct outcome" to "the bug will have one of these few direct outcomes"
of course they don't eliminate "the bug"
but they do limit the scope and the ways in which it can manifest, turning it from "basically anything can happen as a direct outcome" to "the bug will have one of these few direct outcomes"
November 15, 2025 at 5:00 AM
you keep acting as if I said something that I never did
of course they don't eliminate "the bug"
but they do limit the scope and the ways in which it can manifest, turning it from "basically anything can happen as a direct outcome" to "the bug will have one of these few direct outcomes"
of course they don't eliminate "the bug"
but they do limit the scope and the ways in which it can manifest, turning it from "basically anything can happen as a direct outcome" to "the bug will have one of these few direct outcomes"
I don't think lifetime control is the GC's problem though (nor do I see UAFs "all over the place" but I guess that's the snarkiness)
nor do we even disagree on what/where the actual bug is
I was merely pointing out that GCs eliminate a category of issues that can massively complicate diagnostics
nor do we even disagree on what/where the actual bug is
I was merely pointing out that GCs eliminate a category of issues that can massively complicate diagnostics
November 15, 2025 at 4:30 AM
I don't think lifetime control is the GC's problem though (nor do I see UAFs "all over the place" but I guess that's the snarkiness)
nor do we even disagree on what/where the actual bug is
I was merely pointing out that GCs eliminate a category of issues that can massively complicate diagnostics
nor do we even disagree on what/where the actual bug is
I was merely pointing out that GCs eliminate a category of issues that can massively complicate diagnostics
also, it looks like many games using the original Lua library (e.g. not luajit) have shipped with this particular UAF lol (github.com/redis/redis/...)
it appears to be also present in versions 5.0 and 5.1 of the original Lua source code
it appears to be also present in versions 5.0 and 5.1 of the original Lua source code
Lua script may lead to remote code execution (CVE-2025-49844) · redis/redis@d5728cb
github.com
November 15, 2025 at 4:26 AM
also, it looks like many games using the original Lua library (e.g. not luajit) have shipped with this particular UAF lol (github.com/redis/redis/...)
it appears to be also present in versions 5.0 and 5.1 of the original Lua source code
it appears to be also present in versions 5.0 and 5.1 of the original Lua source code
btw even some of the most widely used projects have UAFs lasting more than a decade before anyone finds out about them
www.infoq.com/news/2025/11...
so it seems more than reasonable to be concerned about UAFs specifically, and to note that operating inside managed memory environments prevents them
www.infoq.com/news/2025/11...
so it seems more than reasonable to be concerned about UAFs specifically, and to note that operating inside managed memory environments prevents them
Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years
Redis recently released a security advisory regarding CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute remot...
www.infoq.com
November 15, 2025 at 4:18 AM
btw even some of the most widely used projects have UAFs lasting more than a decade before anyone finds out about them
www.infoq.com/news/2025/11...
so it seems more than reasonable to be concerned about UAFs specifically, and to note that operating inside managed memory environments prevents them
www.infoq.com/news/2025/11...
so it seems more than reasonable to be concerned about UAFs specifically, and to note that operating inside managed memory environments prevents them
overwriting of freed memory only detects immediate misuse of actionable memory (e.g. dereferenced pointers), not other reads/writes or abuse of subsequent overlapping allocations
UAF is not a "red herring", it's my entire point - it often requires aggressive instrumentation/segmentation to diagnose
UAF is not a "red herring", it's my entire point - it often requires aggressive instrumentation/segmentation to diagnose
November 15, 2025 at 3:45 AM
overwriting of freed memory only detects immediate misuse of actionable memory (e.g. dereferenced pointers), not other reads/writes or abuse of subsequent overlapping allocations
UAF is not a "red herring", it's my entire point - it often requires aggressive instrumentation/segmentation to diagnose
UAF is not a "red herring", it's my entire point - it often requires aggressive instrumentation/segmentation to diagnose
I'm not missing the bug (???), you're missing the fact that to get to the bug, you need to first observe the effects of the bug (which with UAF may be completely unrelated) and then backtrack to what caused those
I'm starting to wonder... have you never debugged any nasty UAF issues?
I'm starting to wonder... have you never debugged any nasty UAF issues?
November 15, 2025 at 2:17 AM
I'm not missing the bug (???), you're missing the fact that to get to the bug, you need to first observe the effects of the bug (which with UAF may be completely unrelated) and then backtrack to what caused those
I'm starting to wonder... have you never debugged any nasty UAF issues?
I'm starting to wonder... have you never debugged any nasty UAF issues?
that's not the difference between them
while a GC may indeed hide use of stale objects, use-after-free does not guarantee a crash, or that the issue will manifest itself near the systems involved
UAF writes may also result in random buffer/pointer/heap corruption anywhere in the process
while a GC may indeed hide use of stale objects, use-after-free does not guarantee a crash, or that the issue will manifest itself near the systems involved
UAF writes may also result in random buffer/pointer/heap corruption anywhere in the process
November 15, 2025 at 1:30 AM
that's not the difference between them
while a GC may indeed hide use of stale objects, use-after-free does not guarantee a crash, or that the issue will manifest itself near the systems involved
UAF writes may also result in random buffer/pointer/heap corruption anywhere in the process
while a GC may indeed hide use of stale objects, use-after-free does not guarantee a crash, or that the issue will manifest itself near the systems involved
UAF writes may also result in random buffer/pointer/heap corruption anywhere in the process
I am only sticking to the broadly accepted definition that I used which is crucial to my original point
it doesn't matter at what level the bug is, what matters is the path from observing effects to fixing the bug
a GC ensures that the effects don't go as far from the cause as they could otherwise
it doesn't matter at what level the bug is, what matters is the path from observing effects to fixing the bug
a GC ensures that the effects don't go as far from the cause as they could otherwise
November 14, 2025 at 11:42 PM
I am only sticking to the broadly accepted definition that I used which is crucial to my original point
it doesn't matter at what level the bug is, what matters is the path from observing effects to fixing the bug
a GC ensures that the effects don't go as far from the cause as they could otherwise
it doesn't matter at what level the bug is, what matters is the path from observing effects to fixing the bug
a GC ensures that the effects don't go as far from the cause as they could otherwise
what exactly isn't true or would be environment-specific?
that a problem with a larger surface area/scope and lower predictability (guessing the cause given observed effects) would be more difficult to solve?
didn't even think that was controversial lol
that a problem with a larger surface area/scope and lower predictability (guessing the cause given observed effects) would be more difficult to solve?
didn't even think that was controversial lol
November 14, 2025 at 11:26 PM
what exactly isn't true or would be environment-specific?
that a problem with a larger surface area/scope and lower predictability (guessing the cause given observed effects) would be more difficult to solve?
didn't even think that was controversial lol
that a problem with a larger surface area/scope and lower predictability (guessing the cause given observed effects) would be more difficult to solve?
didn't even think that was controversial lol
use-after-free (as defined at cwe.mitre.org/data/definit...) can be a complicated issue to resolve and GC removes the possibility of having it
accessing an object after its logical destruction doesn't even compare - any modern IDE will even enumerate the accesses, most cases are fixable in <1 hour
accessing an object after its logical destruction doesn't even compare - any modern IDE will even enumerate the accesses, most cases are fixable in <1 hour
November 14, 2025 at 3:10 PM
use-after-free (as defined at cwe.mitre.org/data/definit...) can be a complicated issue to resolve and GC removes the possibility of having it
accessing an object after its logical destruction doesn't even compare - any modern IDE will even enumerate the accesses, most cases are fixable in <1 hour
accessing an object after its logical destruction doesn't even compare - any modern IDE will even enumerate the accesses, most cases are fixable in <1 hour
what you were talking about seemingly grew out of a misinterpretation of the point I was making
but I can say that comparing use-after-free debugging (which has heap/process scope and low predictability) with failing to use a closed file (which is obvious and has object scope) is quite silly
but I can say that comparing use-after-free debugging (which has heap/process scope and low predictability) with failing to use a closed file (which is obvious and has object scope) is quite silly
November 14, 2025 at 3:05 PM
what you were talking about seemingly grew out of a misinterpretation of the point I was making
but I can say that comparing use-after-free debugging (which has heap/process scope and low predictability) with failing to use a closed file (which is obvious and has object scope) is quite silly
but I can say that comparing use-after-free debugging (which has heap/process scope and low predictability) with failing to use a closed file (which is obvious and has object scope) is quite silly
use-after-free is a specific term with a specific definition
what you're describing simply isn't that - and it's certainly not what I was talking about
what you're describing simply isn't that - and it's certainly not what I was talking about
November 14, 2025 at 3:16 AM
use-after-free is a specific term with a specific definition
what you're describing simply isn't that - and it's certainly not what I was talking about
what you're describing simply isn't that - and it's certainly not what I was talking about
the specific problem of use-after-free being not that there's a reference to a half-destroyed object somewhere, but that the contents of the memory are unpredictable, and that writing to it can break assumptions in a random piece of code among those using the same heap (directly or indirectly)
November 14, 2025 at 2:36 AM
the specific problem of use-after-free being not that there's a reference to a half-destroyed object somewhere, but that the contents of the memory are unpredictable, and that writing to it can break assumptions in a random piece of code among those using the same heap (directly or indirectly)
by dealing with it I meant fixing it of course, and by "free" I meant "memory is given back to the allocator", not object cleanup
with GC, use-after-free is simply not a thing at all - it's not just "it maybe doesn't crash", there is no "it" - as long as you can access the memory, it will be valid
with GC, use-after-free is simply not a thing at all - it's not just "it maybe doesn't crash", there is no "it" - as long as you can access the memory, it will be valid
November 14, 2025 at 2:32 AM
by dealing with it I meant fixing it of course, and by "free" I meant "memory is given back to the allocator", not object cleanup
with GC, use-after-free is simply not a thing at all - it's not just "it maybe doesn't crash", there is no "it" - as long as you can access the memory, it will be valid
with GC, use-after-free is simply not a thing at all - it's not just "it maybe doesn't crash", there is no "it" - as long as you can access the memory, it will be valid
funny enough, all of the top 3 game engines make extensive use of garbage collection
the only difference in that regard is that UE went out of its way to add full-fat GC to its C++ codebase but for the other two, it came with and is confined to the scripting VM
the only difference in that regard is that UE went out of its way to add full-fat GC to its C++ codebase but for the other two, it came with and is confined to the scripting VM
November 13, 2025 at 10:14 PM
funny enough, all of the top 3 game engines make extensive use of garbage collection
the only difference in that regard is that UE went out of its way to add full-fat GC to its C++ codebase but for the other two, it came with and is confined to the scripting VM
the only difference in that regard is that UE went out of its way to add full-fat GC to its C++ codebase but for the other two, it came with and is confined to the scripting VM
I'd been doing a similar thing for a while (removing runtime GC allocs) and I have to say that outside of specific instances of GC spam, dealing with GC-by-default is easier than fully manually managing memory for the simple reason that use-after-free is no longer an issue with GC memory.
November 13, 2025 at 10:03 PM
I'd been doing a similar thing for a while (removing runtime GC allocs) and I have to say that outside of specific instances of GC spam, dealing with GC-by-default is easier than fully manually managing memory for the simple reason that use-after-free is no longer an issue with GC memory.