what percentage of Intel chips or banned Centaur chips? I'm not saying that chips never fail, I'm just saying that your whitelisted vendors have the most complex and therefore the most likely to fail chips and this is what we've seen in practice.
-
-
NaCl only depends on a small subset of the operation for security. Not sure why you keep talking about Spectre/Meltdown, it wasn't really relevant to NaCl (wasn't a free breakout, and you didn't need NaCl to exploit it, but rowhammer was).
1 reply 0 retweets 0 likes -
Then please enlighten me, what was the "fairly serious CPU correctness bug found by [my] employer"?
2 replies 0 retweets 0 likes -
As I'm sure you know, the details of these bugs are usually NDA'd when they're found outside of vendors. There's a public errata for it, but I'm not going to describe the finding of an NDA'd bug on public twitter.
1 reply 0 retweets 1 like -
At my current (much smaller than Google) employer, we just found an issue that causes data corruption on a CPU from one of your whitelisted vendors. If you speak with people in the platforms group at any large company, you'll find people run into these with some regularity.
1 reply 0 retweets 1 like -
Do you honestly think I don't read errata? Unless it affects the subset of functionality that NaCl relies on, please explain the relevance. CPUs have bugs, CPUs interpret the specs differently, behave differently on edge cases, etc. That's the whole point of the whitelist.
1 reply 0 retweets 0 likes -
No, and I never said that. The bug we ran into causes effectively arbitrary data corruption. I admit I haven't read all of the NaCl code, but I would be pretty surprised if it's robust against arbitrary data corruption.
2 replies 0 retweets 0 likes -
I'd be curious to know how reading CPU errata is helpful. A typical errata will say something like "under certain conditions, unexpected behavior may occur" and it will then describe corruption of {cache, registers, IP, flags, etc.} What can any software do to work around that?
2 replies 0 retweets 2 likes -
In the case of the bug you linked to earlier, the full phrase is "which may occur under complex microarchitectural conditions involving jump instructions that span 64-byte boundaries (cross cache lines)", which does tell you how to avoid it.
2 replies 0 retweets 1 like
Right, It's also entirely irrelevant to NaCl, which requires no instruction span a 32-byte boundary. This is part of the validation that indirect jumps have to mask out low order bits to prove they're branching to a validated address.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.