So after testing 1k chips from Intel, what do you know? If you have some knowledge of CPU internals and talk to Intel verification folks, your prior (IMO) should still be that they're the most likely to have this kind of issue.
-
-
After testing 1k chips, if all 1k failed under load, I would say we need to insist on a more specific cpuid whitelist, maybe consider design changes, and get feedback from the vendor? I really think this is pretty reasonable.
1 reply 0 retweets 0 likes -
If 1k out of 1k failed under load, the chip never would've shipped in the first place, you're never going to see that. The linked bug is contemporary with the NaCl thread. How come the CPU vendor *most likely to have issues like the one you describe* is one of two whitelisted?
1 reply 0 retweets 2 likes -
If by under load you mean not overclocked but under load. And as I'm sure you know, there was a fairly serious CPU correctness bug found by your employer during that timeframe, unsurprisingly against a whitelisted vendor.
1 reply 0 retweets 0 likes -
What percentage of chips couldn't handle lock cmpxchg8b eax? We're not talking about well formed code, we're talking about adversarial code from the web, designed to trigger edge cases or exercise obscure parts of the spec. Not sure spectre was relevant to NaCl, rowhammer was.
1 reply 0 retweets 0 likes -
what percentage of Intel chips or banned Centaur chips? I'm not saying that chips never fail, I'm just saying that your whitelisted vendors have the most complex and therefore the most likely to fail chips and this is what we've seen in practice.
1 reply 0 retweets 0 likes -
NaCl only depends on a small subset of the operation for security. Not sure why you keep talking about Spectre/Meltdown, it wasn't really relevant to NaCl (wasn't a free breakout, and you didn't need NaCl to exploit it, but rowhammer was).
1 reply 0 retweets 0 likes -
Then please enlighten me, what was the "fairly serious CPU correctness bug found by [my] employer"?
2 replies 0 retweets 0 likes -
As I'm sure you know, the details of these bugs are usually NDA'd when they're found outside of vendors. There's a public errata for it, but I'm not going to describe the finding of an NDA'd bug on public twitter.
1 reply 0 retweets 1 like
At my current (much smaller than Google) employer, we just found an issue that causes data corruption on a CPU from one of your whitelisted vendors. If you speak with people in the platforms group at any large company, you'll find people run into these with some regularity.
-
-
Do you honestly think I don't read errata? Unless it affects the subset of functionality that NaCl relies on, please explain the relevance. CPUs have bugs, CPUs interpret the specs differently, behave differently on edge cases, etc. That's the whole point of the whitelist.
1 reply 0 retweets 0 likes -
No, and I never said that. The bug we ran into causes effectively arbitrary data corruption. I admit I haven't read all of the NaCl code, but I would be pretty surprised if it's robust against arbitrary data corruption.
2 replies 0 retweets 0 likes - 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.