Recently, I wanted to install a legacy OS in a virtual machine with QEMU.

However, for several reasons, I did not want it to be able to access the Internet but still be able to access some services on my host.

I had already done something similar in the past with a tap interface, but it was not very convenient, as you need to bring your own DHCP server or use manual configuration.

So, by reading the fine manual, I found an option I had not heard about before: restricted=yes on the user network mode.

It makes QEMU create a virtual network, with the usual DHCP server and connection to the host, but without Internet access.

In addition, it is possible to specify various guestfwd options.

Sadly, the forward mode opens only one connection when the machine boots. Therefore, if you want to forward every new connection, you will have to go through netcat or a similar program. For example, I used this option to redirect connections to 10.0.2.100 to an HTTP server I created with Python:

-nic 'user,model=virtio-net-pci,restrict=yes,guestfwd=tcp:10.0.2.100:80-cmd:netcat 127.0.0.1 8000'

And that was enough for me to pass a few files without using Samba or swapping isos.

Recently, I had to check a legacy email address we used at home until a few years ago.

We almost stopped using it, but some services are still tied to it. The result is that whenever I need to check it, I find tons of spam, and the web interface is kinda bad, so it takes ages to delete all of it.

Some months ago, I learned to interact with IMAP from Python when I wrote a script to download and back up email accounts.

So, I modified it to output a CSV with all the senders and subjects of the emails in the mailbox. The scripts left a column empty to mark the emails that should be deleted with an x.

Then, I wrote another script to read the modified changes and to move the marked emails to the trash for a final review before emptying it.

Recently, I found myself in the same situation again, but I did not keep these scripts, so I had to write a new one.

It did not take much, but since it might be helpful to someone (at least the future me), I decided to share it here.

It takes the parameters to connect to the IMAP server on the command line. Then, it takes the action (write-csv to create the CSV with the list of emails, or read-csv to read it to send the changes to the server), and finally the name of the CSV file.

The script is released in the public domain, and, as always, it comes without any warranty.

Occasionally, I still work with my Intel RealSense, on my RGBD toolbox, and affine topics.

Recently, I decided to allow multiple formats for the color images (initially, I had hardcoded them to JPEG only).

Therefore, I had to modify my data structures to work with pairs of paths instead of their common stems.

The UI to add new frames to the scene lists all the valid frames once and puts them into an ordered std::set, now keyed on the path pair.

With my previous assumption on fixed formats, I could do lookups on the set to quickly check if a provided stem was valid.

After the changes, this involved a heterogeneous comparison, i.e., a comparison of different types.

The trivial way to do this is a linear search, e.g., with std::find and a lambda or a range-based for.

However, this seemed a frequent case to me, and I was curious to see if there was a way to still take advantage of the optimized algorithms provided by the containers.

Indeed, there is! But it was added only since C++14.

After implementing bool operator<(const Other &, const Key &), you can pass std::less<> as a comparator to your container instead of the default std::less<Key>.

That is a particular template specialization that was developed for this purpose. It contains an is_transparent type that enables the templated version of some methods in STL containers.

This stack overflow answer contains many details. A TL; DR is that this implementation avoids unwanted conversions that could have undesired effects (e.g., the continuous creation of temporary objects from literals).

TL; DR

Connect your sound card to a USB hub with an external power supply.

The long story

A few months ago I changed my computer. The new one is high-end: it has a Ryzen 9 7950X processor and an Nvidia RTX 3080 GPU. Finding a motherboard was not easy: all the models compatible with that processor have a lot of compromises (or prohibitive costs). Eventually, I took an ASRock B650 PG Lightning with its pros and cons.

Everything is powered by a BitFenix Whisper 850W PSU, which has good reviews on many specialized sites.

The system is very stable with Linux: it can sustain several Firefox builds consecutively for hours without batting an eye.

Sadly, I cannot say the same for Windows, which I use almost exclusively for playing games. I often had blue screens of death with the DPC_WATCHDOG_VIOLATION error.

When I analyzed the dumps with WinDBG, I noticed the Komplete Audio 6 driver was always in the stack trace when this happened.

I tried to contact Native Instruments for help, but they were super unhelpful. I even asked them to make the driver open source since it is an old product they do not care about anymore. … [Leggi il resto]

The workflows we use for Tor Browser are kinda peculiar.

When you manage a fork, you need a strategy to stay updated with upstream. We create a new branch for every new Firefox release and cherry-pick our previous commits on top of it.

The advantage over merging is that our patches always stay in a single and compact block of commits. So, it is trivial to tell our commits from upstream, and users can easily verify we do not modify Firefox outside those commits (we keep the commit hashes of gecko-dev, the official GitHub mirror of Mozilla's mercurial repositories).

There are also disadvantages: keeping fewer commits helps with this workflow. Therefore, our commits have a meaning of “feature”, not of “change”. Thus, we constantly update them, and the history of a patch becomes hard to follow.

And most importantly, this workflow requires frequent rebases, with the risk of losing some changes. To mitigate it, every new branch goes through a review process before we switch to it.

The main tools we use are git range-diff to check single commits and “diff-of-diffs” to check the patch set as a whole. … [Leggi il resto]